594 research outputs found
Mental Card Gaming Protocols Supportive Of Gameplay Versatility, Robustness And Efficiency
Pennainan kad mental merupakan protokol kriptografi yang membolehkan pennainan yang
~
disahkan adil di kalangan parti-parti jauh yang penyangsi dan berpotensi menipu. Pennainan
kad ini setidak-tidaknya patut menyokong-tanpa memperkenal~an parti ketiga yang dipercayai
(TTP)--rahsia kad, pengesanan penipuan dan keselamatan bersyarat ke atas pakatan pemain.
Tambahan kepada keperJuan asas ini, kami meninjau isu-isu pennainan kad mental yang
berkaitan dengan fungsian permainan, keteguhan operasional dan kecekapan implementasi.
Pengkajian kami diberangsang oleh potensi pennainan berasaskan komputer dan rangkaian yang
melewati batas kemampuan kad fizikal, terutamanya pembongkaran maklumat terperinci kad
(seperti warna, darjat, simbol atau kebangsawanan) sambil merahsiakan nilai keseluruhan kad
tersebut.
~.
Mental card games are cryptographic protocols which permit verifiably fair gameplay among a
l<
~.
priori distrustful and potentially untrustworthy remote parties and should minimally providewithout
the introduction of a trusted third party (TTP)---for card confidentiality, fraud detection
and conditional security against collusion. In addition to these basic requirements, we explore
into gameplay functionality, operational robustness and implementation efficiency issues of
mental card gaming. Our research is incited by the potential of computer-based and networkmediated
gameplay beyond the capability of physical cards, particularly fine-grained
information disclosure (such as colour, rank, symbol or courtliness) with preservation of card
secrecy. On the other hand, being network connected renders the protocol susceptible to
(accidental or intentional) disconnection attack, as well as other malicious behaviours
End-to-end verifiable voting for developing countries - what’s hard in Lausanne is harder still in Lahore
In recent years end-to-end verifiable voting (E2EVV) has emerged as a
promising new paradigm to conduct evidence-based elections. However, E2EVV
systems thus far have primarily been designed for the developed world and the
fundamental assumptions underlying the design of these systems do not readily
translate to the developing world, and may even act as potential barriers to
adoption of these systems. This is unfortunate because developing countries
account for 80\% of the global population, and given their economic and
socio-political dilemmas and their track record of contentious elections, these
countries arguably stand to benefit most from this exciting new paradigm. In
this paper, we highlight various limitations and challenges in adapting E2EVV
systems to these environments, broadly classed across social, political,
technical, operational, and human dimensions. We articulate corresponding
research questions and identify significant literature gaps in these
categories. We also suggest relevant strategies to aid researchers,
practitioners, and policymakers in visualizing and exploring solutions that
align with the context and unique ground realities in these environments. Our
goal is to outline a broader research agenda for the community to successfully
adapt E2EVV voting systems to developing countries
Cryptographic Protocols for Privacy Enhancing Technologies: From Privacy Preserving Human Attestation to Internet Voting
Desire of privacy is oftentimes associated with the intention to hide certain
aspects of our thoughts or actions due to some illicit activity. This is a
narrow understanding of privacy, and a marginal fragment of the motivations
for undertaking an action with a desired level of privacy. The right for not
being subject to arbitrary interference of our privacy is part of the universal
declaration of human rights (Article 12) and, above that, a requisite for
our freedom. Developing as a person freely, which results in the development
of society, requires actions to be done without a watchful eye. While
the awareness of privacy in the context of modern technologies is not widely
spread, it is clearly understood, as can be seen in the context of elections,
that in order to make a free choice one needs to maintain its privacy. So
why demand privacy when electing our government, but not when selecting
our daily interests, books we read, sites we browse, or persons we encounter?
It is popular belief that the data that we expose of ourselves would not be
exploited if one is a law-abiding citizen. No further from the truth, as this
data is used daily for commercial purposes: users’ data has value. To make
matters worse, data has also been used for political purposes without the
user’s consent or knowledge. However, the benefits that data can bring to
individuals seem endless and a solution of not using this data at all seems
extremist. Legislative efforts have tried, in the past years, to provide mechanisms
for users to decide what is done with their data and define a framework
where companies can use user data, but always under the consent of the latter.
However, these attempts take time to take track, and have unfortunately
not been very successful since their introduction.
In this thesis we explore the possibility of constructing cryptographic protocols
to provide a technical, rather than legislative, solution to the privacy
problem. In particular we focus on two aspects of society: browsing and
internet voting. These two events shape our lives in one way or another, and
require high levels of privacy to provide a safe environment for humans to
act upon them freely. However, these two problems have opposite solutions.
On the one hand, elections are a well established event in society that has
been around for millennia, and privacy and accountability are well rooted
requirements for such events. This might be the reason why its digitalisation
is something which is falling behind with respect to other acts of our society
(banking, shopping, reading, etc). On the other hand, browsing is a recently
introduced action, but that has quickly taken track given the amount of possibilities
that it opens with such ease. We now have access to whatever we
can imagine (except for voting) at the distance of a click. However, the data
that we generate while browsing is extremely sensitive, and most of it is disclosed to third parties under the claims of making the user experience better
(targeted recommendations, ads or bot-detection).
Chapter 1 motivates why resolving such a problem is necessary for the
progress of digital society. It then introduces the problem that this thesis
aims to resolve, together with the methodology. In Chapter 2 we introduce
some technical concepts used throughout the thesis. Similarly, we expose the
state-of-the-art and its limitations.
In Chapter 3 we focus on a mechanism to provide private browsing. In
particular, we focus on how we can provide a safer, and more private way, for
human attestation. Determining whether a user is a human or a bot is important
for the survival of an online world. However, the existing mechanisms
are either invasive or pose a burden to the user. We present a solution that
is based on a machine learning model to distinguish between humans and
bots that uses natural events of normal browsing (such as touch the screen
of a phone) to make its prediction. To ensure that no private data leaves
the user’s device, we evaluate such a model in the device rather than sending
the data over the wire. To provide insurance that the expected model has
been evaluated, the user’s device generates a cryptographic proof. However
this opens an important question. Can we achieve a high level of accuracy
without resulting in a noneffective battery consumption? We provide a positive
answer to this question in this work, and show that a privacy-preserving
solution can be achieved while maintaining the accuracy high and the user’s
performance overhead low.
In Chapter 4 we focus on the problem of internet voting. Internet voting
means voting remotely, and therefore in an uncontrolled environment.
This means that anyone can be voting under the supervision of a coercer,
which makes the main goal of the protocols presented to be that of coercionresistance.
We need to build a protocol that allows a voter to escape the
act of coercion. We present two proposals with the main goal of providing
a usable, and scalable coercion resistant protocol. They both have different
trade-offs. On the one hand we provide a coercion resistance mechanism
that results in linear filtering, but that provides a slightly weaker notion of
coercion-resistance. Secondly, we present a mechanism with a slightly higher
complexity (poly-logarithmic) but that instead provides a stronger notion of
coercion resistance. Both solutions are based on a same idea: allowing the
voter to cast several votes (such that only the last one is counted) in a way
that cannot be determined by a coercer.
Finally, in Chapter 5, we conclude the thesis, and expose how our results
push one step further the state-of-the-art. We concisely expose our contributions,
and describe clearly what are the next steps to follow. The results
presented in this work argue against the two main claims against privacy preserving solutions: either that privacy is not practical or that higher levels
of privacy result in lower levels of security.Programa de Doctorado en Ciencia y Tecnología Informática por la Universidad Carlos III de MadridPresidente: Agustín Martín Muñoz.- Secretario: José María de Fuentes García-Romero de Tejada.- Vocal: Alberto Peinado Domíngue
End-to-end verifiable voting for developing countries -- what's hard in Lausanne is harder still in Lahore
In recent years end-to-end verifiable voting (E2EVV) has emerged as a
promising new paradigm to conduct evidence-based elections. However, E2EVV
systems thus far have primarily been designed for the developed world and the
fundamental assumptions underlying the design of these systems do not readily
translate to the developing world, and may even act as potential barriers to
adoption of these systems. This is unfortunate because developing countries
account for 80\% of the global population, and given their economic and
socio-political dilemmas and their track record of contentious elections, these
countries arguably stand to benefit most from this exciting new paradigm. In
this paper, we highlight various limitations and challenges in adapting E2EVV
systems to these environments, broadly classed across social, political,
technical, operational, and human dimensions. We articulate corresponding
research questions and identify significant literature gaps in these
categories. We also suggest relevant strategies to aid researchers,
practitioners, and policymakers in visualizing and exploring solutions that
align with the context and unique ground realities in these environments. Our
goal is to outline a broader research agenda for the community to successfully
adapt E2EVV voting systems to developing countries
A Comprehensive Survey on Signcryption Security Mechanisms in Wireless Body Area Networks
WBANs (Wireless Body Area Networks) are frequently depicted as a paradigm shift in healthcare from traditional to modern E-Healthcare. The vitals of the patient signs by the sensors are highly sensitive, secret, and vulnerable to numerous adversarial attacks. Since WBANs is a real-world application of the healthcare system, it’s vital to ensure that the data acquired by the WBANs sensors is secure and not accessible to unauthorized parties or security hazards. As a result, effective signcryption security solutions are required for the WBANs’ success and widespread use. Over the last two decades, researchers have proposed a slew of signcryption security solutions to achieve this goal. The lack of a clear and unified study in terms of signcryption solutions can offer a bird’s eye view of WBANs. Based on the most recent signcryption papers, we analyzed WBAN’s communication architecture, security requirements, and the primary problems in WBANs to meet the aforementioned objectives. This survey also includes the most up to date signcryption security techniques in WBANs environments. By identifying and comparing all available signcryption techniques in the WBANs sector, the study will aid the academic community in understanding security problems and causes. The goal of this survey is to provide a comparative review of the existing signcryption security solutions and to analyze the previously indicated solution given for WBANs. A multi-criteria decision-making approach is used for a comparative examination of the existing signcryption solutions. Furthermore, the survey also highlights some of the public research issues that researchers must face to develop the security features of WBANs.publishedVersio
- …