1,072 research outputs found
Introducing Accountability to Anonymity Networks
Many anonymous communication (AC) networks rely on routing traffic through
proxy nodes to obfuscate the originator of the traffic. Without an
accountability mechanism, exit proxy nodes risk sanctions by law enforcement if
users commit illegal actions through the AC network. We present BackRef, a
generic mechanism for AC networks that provides practical repudiation for the
proxy nodes by tracing back the selected outbound traffic to the predecessor
node (but not in the forward direction) through a cryptographically verifiable
chain. It also provides an option for full (or partial) traceability back to
the entry node or even to the corresponding user when all intermediate nodes
are cooperating. Moreover, to maintain a good balance between anonymity and
accountability, the protocol incorporates whitelist directories at exit proxy
nodes. BackRef offers improved deployability over the related work, and
introduces a novel concept of pseudonymous signatures that may be of
independent interest.
We exemplify the utility of BackRef by integrating it into the onion routing
(OR) protocol, and examine its deployability by considering several
system-level aspects. We also present the security definitions for the BackRef
system (namely, anonymity, backward traceability, no forward traceability, and
no false accusation) and conduct a formal security analysis of the OR protocol
with BackRef using ProVerif, an automated cryptographic protocol verifier,
establishing the aforementioned security properties against a strong
adversarial model
Authentication Protocols and Privacy Protection
Tato dizertaÄnĂ prĂĄce se zabĂœvĂĄ kryptografickĂœmi prostĆedky pro autentizaci. HlavnĂm tĂ©matem vĆĄak nejsou klasickĂ© autentizaÄnĂ protokoly, kterĂ© nabĂzejĂ pouze ovÄĆenĂ identity, ale tzv. atributovĂ© autentizaÄnĂ systĂ©my, pomocĂ kterĂœch mohou uĆŸivatelĂ© prokazovat svoje osobnĂ atributy. Tyto atributy pak mohou pĆedstavovat jakĂ©koliv osobnĂ informace, napĆ. vÄk, nĂĄrodnost Äi mĂsto narozenĂ. Atributy mohou bĂœt prokazovĂĄny anonymnÄ a s podporou mnoha funkcĂ na ochranu digitĂĄlnĂ identity. Mezi takovĂ© funkce patĆĂ napĆ. nespojitelnost autentizaÄnĂch relacĂ, nesledovatelnost, moĆŸnost vĂœbÄru prokazovanĂœch atributĆŻ Äi efektivnĂ revokace. AtributovĂ© autentizaÄnĂ systĂ©my jsou jiĆŸ nynĂ povaĆŸovĂĄny za nĂĄstupce souÄasnĂœch systĂ©mĆŻ v oficiĂĄlnĂch strategickĂœch plĂĄnech USA (NSTIC) Äi EU (ENISA). ÄĂĄst poĆŸadovanĂœch funkcĂ je jiĆŸ podporovĂĄna existujĂcĂmi kryptografickĂœmi koncepty jako jsou U-Prove Äi idemix. V souÄasnĂ© dobÄ vĆĄak nenĂ znĂĄmĂœ systĂ©m, kterĂœ by poskytoval vĆĄechny potĆebnĂ© funkce na ochranu digitĂĄlnĂ identity a zĂĄroveĆ byl prakticky implementovatelnĂœ na zaĆĂzenĂch, jako jsou ÄipovĂ© karty. Mezi klĂÄovĂ© slabiny souÄasnĂœch systĂ©mĆŻ patĆĂ pĆedevĆĄĂm chybÄjĂcĂ nespojitelnost relacĂ a absence revokace. NenĂ tak moĆŸnĂ© efektivnÄ zneplatnit zaniklĂ© uĆŸivatele, ztracenĂ© Äi ukradenĂ© autentizaÄnĂ karty Äi karty ĆĄkodlivĂœch uĆŸivatelĆŻ. Z tÄchto dĆŻvodĆŻ je v tĂ©to prĂĄci navrĆŸeno kryptografickĂ© schĂ©ma, kterĂ© ĆeĆĄĂ slabiny nalezenĂ© pĆi analĂœze existujĂcĂch ĆeĆĄenĂ. VĂœslednĂ© schĂ©ma, jehoĆŸ nĂĄvrh je zaloĆŸen na ovÄĆenĂœch primitivech, jako jsou -protokoly pro dĆŻkazy znalostĂ, kryptografickĂ© zĂĄvazky Äi ovÄĆitelnĂ© ĆĄifrovĂĄnĂ, pak podporuje vĆĄechny poĆŸadovanĂ© vlastnosti pro ochranu soukromĂ a digitĂĄlnĂ identity. ZĂĄroveĆ je vĆĄak nĂĄvrh snadno implementovatelnĂœ v prostĆedĂ smart-karet. Tato prĂĄce obsahuje plnĂœ kryptografickĂœ nĂĄvrh systĂ©mu, formĂĄlnĂ ovÄĆenĂ klĂÄovĂœch vlastnostĂ, matematickĂœ model schĂ©matu v programu Mathematica pro ovÄĆenĂ funkÄnosti a vĂœsledky experimentĂĄlnĂ implementace v prostĆedĂ .NET smart-karet. I pĆesto, ĆŸe navrhovanĂœ systĂ©m obsahuje podporu vĆĄech funkcĂ na ochranu soukromĂ, vÄetnÄ tÄch, kterĂ© chybĂ u existujĂcĂch systĂ©mĆŻ, jeho vĂœpoÄetnĂ sloĆŸitost zĆŻstĂĄvĂĄ stejnĂĄ Äi niĆŸĆĄĂ, doba ovÄĆenĂ uĆŸivatele je tedy kratĆĄĂ neĆŸ u existujĂcĂch systĂ©mĆŻ. VĂœsledkem je schĂ©ma, kterĂ© mĆŻĆŸe velmi znatelnÄ zvĂœĆĄit ochranu soukromĂ uĆŸivatelĆŻ pĆi jejich ovÄĆovĂĄnĂ, pĆedevĆĄĂm pĆi vyuĆŸitĂ v elektronickĂœch dokladech, pĆĂstupovĂœch systĂ©mech Äi InternetovĂœch sluĆŸbĂĄch.This dissertation thesis deals with the cryptographic constructions for user authentication. Rather than classical authentication protocols which allow only the identity verification, the attribute authentication systems are the main topic of this thesis. The attribute authentication systems allow users to give proofs about the possession of personal attributes. These attributes can represent any personal information, for example age, nationality or birthplace. The attribute ownership can be proven anonymously and with the support of many features for digital identity protection. These features include, e.g., the unlinkability of verification sessions, untraceability, selective disclosure of attributes or efficient revocation. Currently, the attribute authentication systems are considered to be the successors of existing authentication systems by the official strategies of USA (NSTIC) and EU (ENISA). The necessary features are partially provided by existing cryptographic concepts like U-Prove and idemix. But at this moment, there is no system providing all privacy-enhancing features which is implementable on computationally restricted devices like smart-cards. Among all weaknesses of existing systems, the missing unlinkability of verification sessions and the absence of practical revocation are the most critical ones. Without these features, it is currently impossible to invalidate expired users, lost or stolen authentication cards and cards of malicious users. Therefore, a new cryptographic scheme is proposed in this thesis to fix the weaknesses of existing schemes. The resulting scheme, which is based on established primitives like -protocols for proofs of knowledge, cryptographic commitments and verifiable encryption, supports all privacy-enhancing features. At the same time, the scheme is easily implementable on smart-cards. This thesis includes the full cryptographic specification, the formal verification of key properties, the mathematical model for functional verification in Mathematica software and the experimental implementation on .NET smart-cards. Although the scheme supports all privacy-enhancing features which are missing in related work, the computational complexity is the same or lower, thus the time of verification is shorter than in existing systems. With all these features and properties, the resulting scheme can significantly improve the privacy of users during their verification, especially when used in electronic ID systems, access systems or Internet services.
Federated Identity Management Systems: A Privacy-based Characterization
Identity management systems store attributes associated with users and facilitate authorization on the basis of these attributes. A privacy-driven characterization of the principal design choices for identity management systems is given, and existing systems are fit into this framework. The taxonomy of design choices also can guide public policy relating to identity management, which is illustrated using the United States NSTIC initiative
Privacy Preserving Cryptographic Protocols for Secure Heterogeneous Networks
DisertaÄnĂ prĂĄce se zabĂœvĂĄ kryptografickĂœmi protokoly poskytujĂcĂ ochranu soukromĂ, kterĂ© jsou urÄeny pro zabezpeÄenĂ komunikaÄnĂch a informaÄnĂch systĂ©mĆŻ tvoĆĂcĂch heterogennĂ sĂtÄ. PrĂĄce se zamÄĆuje pĆedevĆĄĂm na moĆŸnosti vyuĆŸitĂ nekonvenÄnĂch kryptografickĂœch prostĆedkĆŻ, kterĂ© poskytujĂ rozĆĄĂĆenĂ© bezpeÄnostnĂ poĆŸadavky, jako je napĆĂklad ochrana soukromĂ uĆŸivatelĆŻ komunikaÄnĂho systĂ©mu. V prĂĄci je stanovena vĂœpoÄetnĂ nĂĄroÄnost kryptografickĂœch a matematickĂœch primitiv na rĆŻznĂœch zaĆĂzenĂch, kterĂ© se podĂlĂ na zabezpeÄenĂ heterogennĂ sĂtÄ. HlavnĂ cĂle prĂĄce se zamÄĆujĂ na nĂĄvrh pokroÄilĂœch kryptografickĂœch protokolĆŻ poskytujĂcĂch ochranu soukromĂ. V prĂĄci jsou navrĆŸeny celkovÄ tĆi protokoly, kterĂ© vyuĆŸĂvajĂ skupinovĂœch podpisĆŻ zaloĆŸenĂœch na bilineĂĄrnĂm pĂĄrovĂĄnĂ pro zajiĆĄtÄnĂ ochrany soukromĂ uĆŸivatelĆŻ. Tyto navrĆŸenĂ© protokoly zajiĆĄĆ„ujĂ ochranu soukromĂ a nepopiratelnost po celou dobu datovĂ© komunikace spolu s autentizacĂ a integritou pĆenĂĄĆĄenĂœch zprĂĄv. Pro navĂœĆĄenĂ vĂœkonnosti navrĆŸenĂœch protokolĆŻ je vyuĆŸito optimalizaÄnĂch technik, napĆ. dĂĄvkovĂ©ho ovÄĆovĂĄnĂ, tak aby protokoly byly praktickĂ© i pro heterogennĂ sĂtÄ.The dissertation thesis deals with privacy-preserving cryptographic protocols for secure communication and information systems forming heterogeneous networks. The thesis focuses on the possibilities of using non-conventional cryptographic primitives that provide enhanced security features, such as the protection of user privacy in communication systems. In the dissertation, the performance of cryptographic and mathematic primitives on various devices that participate in the security of heterogeneous networks is evaluated. The main objectives of the thesis focus on the design of advanced privacy-preserving cryptographic protocols. There are three designed protocols which use pairing-based group signatures to ensure user privacy. These proposals ensure the protection of user privacy together with the authentication, integrity and non-repudiation of transmitted messages during communication. The protocols employ the optimization techniques such as batch verification to increase their performance and become more practical in heterogeneous networks.
Accountable infrastructure and its impact on internet security and privacy
The Internet infrastructure relies on the correct functioning of the basic underlying protocols, which were designed for functionality. Security and privacy have been added post hoc, mostly by applying cryptographic means to different layers of communication. In the absence of accountability, as a fundamental property, the Internet infrastructure does not have a built-in ability to associate an action with the responsible entity, neither to detect or prevent misbehavior. In this thesis, we study accountability from a few different perspectives. First, we study the need of having accountability in anonymous communication networks as a mechanism that provides repudiation for the proxy nodes by tracing back selected outbound traffic in a provable manner. Second, we design a framework that provides a foundation to support the enforcement of the right to be forgotten law in a scalable and automated manner. The framework provides a technical mean for the users to prove their eligibility for content removal from the search results. Third, we analyze the Internet infrastructure determining potential security risks and threats imposed by dependencies among the entities on the Internet. Finally, we evaluate the feasibility of using hop count filtering as a mechanism for mitigating Distributed Reflective Denial-of-Service attacks, and conceptually show that it cannot work to prevent these attacks.Die Internet-Infrastrutur stĂŒtzt sich auf die korrekte AusfĂŒhrung zugrundeliegender Protokolle, welche mit Fokus auf FunktionalitĂ€t entwickelt wurden. Sicherheit und Datenschutz wurden nachtrĂ€glich hinzugefĂŒgt, hauptsĂ€chlich durch die Anwendung kryptografischer Methoden in verschiedenen Schichten des Protokollstacks. Fehlende Zurechenbarkeit, eine fundamentale Eigenschaft Handlungen mit deren Verantwortlichen in Verbindung zu bringen, verhindert jedoch, Fehlverhalten zu erkennen und zu unterbinden.
Diese Dissertation betrachtet die Zurechenbarkeit im Internet aus verschiedenen Blickwinkeln. Zuerst untersuchen wir die Notwendigkeit fĂŒr Zurechenbarkeit in anonymisierten Kommunikationsnetzen um es Proxyknoten zu erlauben Fehlverhalten beweisbar auf den eigentlichen Verursacher zurĂŒckzuverfolgen. Zweitens entwerfen wir ein Framework, das die skalierbare und automatisierte Umsetzung des Rechts auf Vergessenwerden unterstĂŒtzt. Unser Framework bietet Benutzern die technische Möglichkeit, ihre Berechtigung fĂŒr die Entfernung von Suchergebnissen nachzuweisen. Drittens analysieren wir die Internet-Infrastruktur, um mögliche Sicherheitsrisiken und Bedrohungen aufgrund von AbhĂ€ngigkeiten zwischen den verschiedenen beteiligten EntitĂ€ten zu bestimmen. Letztlich evaluieren wir die Umsetzbarkeit von Hop Count Filtering als ein Instrument DRDoS Angriffe abzuschwĂ€chen und wir zeigen, dass dieses Instrument diese Art der Angriffe konzeptionell nicht verhindern kann
Privacy-Preserving Electronic Ticket Scheme with Attribute-based Credentials
Electronic tickets (e-tickets) are electronic versions of paper tickets,
which enable users to access intended services and improve services'
efficiency. However, privacy may be a concern of e-ticket users. In this paper,
a privacy-preserving electronic ticket scheme with attribute-based credentials
is proposed to protect users' privacy and facilitate ticketing based on a
user's attributes. Our proposed scheme makes the following contributions: (1)
users can buy different tickets from ticket sellers without releasing their
exact attributes; (2) two tickets of the same user cannot be linked; (3) a
ticket cannot be transferred to another user; (4) a ticket cannot be double
spent; (5) the security of the proposed scheme is formally proven and reduced
to well known (q-strong Diffie-Hellman) complexity assumption; (6) the scheme
has been implemented and its performance empirically evaluated. To the best of
our knowledge, our privacy-preserving attribute-based e-ticket scheme is the
first one providing these five features. Application areas of our scheme
include event or transport tickets where users must convince ticket sellers
that their attributes (e.g. age, profession, location) satisfy the ticket price
policies to buy discounted tickets. More generally, our scheme can be used in
any system where access to services is only dependent on a user's attributes
(or entitlements) but not their identities.Comment: 18pages, 6 figures, 2 table
- âŠ