239 research outputs found
A new construction for linkable secret handshake
National Research Foundation (NRF) Singapore; AXA Research Fun
Private Handshakes
Private handshaking allows pairs of users to determine which (secret) groups
they are both a member of. Group membership is kept secret to everybody else.
Private handshaking is a more private form of secret handshaking, because it
does not allow the group administrator to trace users. We extend the original
definition of a handshaking protocol to allow and test for membership of
multiple groups simultaneously. We present simple and efficient protocols for
both the single group and multiple group membership case.
Private handshaking is a useful tool for mutual authentication, demanded by
many pervasive applications (including RFID) for privacy. Our implementations
are efficient enough to support such usually resource constrained scenarios
Flexible Framework for Secret Handshakes (Multi-Party Anonymous and Un-observable Authentication)
In the society increasingly concerned with the erosion of privacy,
privacy-preserving techniques are becoming very important.
This motivates research in cryptographic techniques offering
built-in privacy.
A secret handshake is a protocol whereby participants establish
a secure, anonymous and unobservable communication channel only
if they are members of the same group. This type of ``private
authentication is a valuable tool in the arsenal of privacy-preserving
cryptographic techniques. Prior research focused on 2-party secret
handshakes with one-time credentials.
This paper breaks new ground on two accounts: (1) it shows how
to obtain secure and efficient secret handshakes with reusable
credentials, and (2) it represents the first treatment of group
(or {\em multi-party}) secret handshakes, thus providing a
natural extension to the secret handshake technology. An
interesting new issue encountered in multi-party secret handshakes
is the need to ensure that all parties are indeed distinct.
(This is a real challenge since the parties cannot expose their
identities.) We tackle this and other challenging issues in
constructing GCD -- a flexible framework for secret handshakes.
The proposed framework lends itself to many practical
instantiations and offers several novel and appealing features
such as self-distinction and strong anonymity with reusable
credentials. In addition to describing the motivation and
step-by-step construction of the framework, this paper provides
a thorough security analysis and illustrates two concrete
framework instantiations
PPAA: Peer-to-Peer Anonymous Authentication (Extended Version)
In the pursuit of authentication schemes that balance user privacy and accountability, numerous anonymous credential systems have been constructed. However, existing systems assume a client-server architecture in which only the clients, but not the servers, care about their privacy. In peer-to-peer (P2P) systems where both clients and servers are peer users with privacy concerns, no existing system correctly strikes that balance between privacy and accountability. In this paper, we provide this missing piece: a credential system in which peers are {\em pseudonymous} to one another (that is, two who interact more than once can recognize each other via pseudonyms) but are otherwise anonymous and unlinkable across different peers. Such a credential system finds applications in, e.g., Vehicular Ad-hoc Networks (VANets) and P2P networks. We formalize the security requirements of our proposed credential system, provide a construction for it, and prove the security of our construction. Our solution is efficient: its complexities are independent of the number of users in the system
Affiliation-Hiding Authentication with Minimal Bandwidth Consumption
Part 3: Lightweight AuthenticationInternational audienceAffiliation-Hiding Authentication (AHA) protocols have the seemingly contradictory property of enabling users to authenticate each other as members of certain groups, without revealing their affiliation to group outsiders. Of particular interest in practice is the group-discovering variant, which handles multiple group memberships per user. Corresponding solutions were only recently introduced, and have two major drawbacks: high bandwidth consumption (typically several kilobits per user and affiliation), and only moderate performance in scenarios of practical application.While prior protocols have O(n2) time complexity, where n denotes the number of affiliations per user, we introduce a new AHA protocol running in O(nlogn) time. In addition, the bandwidth consumed is considerably reduced. We consider these advances a major step towards deployment of privacy-preserving methods in constraint devices, like mobile phones, to which the economization of these resources is priceless
DSH: Deniable secret handshake framework
National Research Foundation (NRF) Singapor
A Multi-User, Single-Authentication Protocol for Smart Grid Architectures
open access articleIn a smart grid system, the utility server collects data from various smart grid devices. These data play an important role in the energy distribution and balancing between the energy providers and energy consumers. However, these data are prone to tampering attacks by an attacker, while traversing from the smart grid devices to the utility servers, which may result in energy disruption or imbalance. Thus, an authentication is mandatory to efficiently authenticate the devices and the utility servers and avoid tampering attacks. To this end, a group authentication algorithm is proposed for preserving demand–response security in a smart grid. The proposed mechanism also provides a fine-grained access control feature where the utility server can only
access a limited number of smart grid devices. The initial authentication between the utility server and smart grid device in a group involves a single public key operation, while the subsequent authentications with the same device or other devices in the same group do not need a public key operation. This reduces the overall computation and communication overheads and takes less time to successfully establish a secret session key, which is used to exchange sensitive information over an unsecured wireless channel. The resilience of the proposed algorithm is tested against various attacks using formal and informal security analysis
- …