Matrix powers algorithms for trust evaluation in PKI architectures

This paper deals with the evaluation of trust in public-key infrastructures. Different trust models have been proposed to interconnect the various PKI components in order to propagate the trust between them. In this paper we provide a new polynomial algorithm using linear algebra to assess trust relationships in a network using different trust evaluation schemes. The advantages are twofold: first the use of matrix computations instead of graph algorithms provides an optimized computational solution; second, our algorithm can be used for generic graphs, even in the presence of cycles. Our algorithm is designed to evaluate the trust using all existing (finite) trust paths between entities as a preliminary to any exchanges between PKIs. This can give a precise evaluation of trust, and accelerate for instance cross-certificate validation

A Generic Construction for Verifiable Attribute-based Keyword Search Schemes

Cloud data owners encrypt their documents before outsourcing to provide their privacy. They could determine a search control policy and delegate the ability of search token generation to the users whose attributes satisfy the search control policy. Verifiable attribute-based keyword search (VABKS) where the users can also verify the accuracy of cloud functionality is one of such schemes. In this paper, the first generic construction for VABKS is proposed. To this end, the notion of hierarchical identity-based multi-designated verifier signature (HIB-MDVS) has been introduced and existential forgery under chosen message attack (EF-CMA) is formally defined for its unforgeability. Furthermore, anonymity against chosen identity vector set and chosen plaintext attack (Anon-CIVS-CPA) has been defined as the security definition of hierarchical identity-based broadcast encryption (HIBBE) in a formal way. The proposed construction is built in a modular structure by using HIBBE, HIB-MDVS, and Bloom filter as the building blocks. We prove that the security of proposed construction is based on the unforgeability of HIB-MDVS and the anonymity of HIBBE. Finally, the concept of verifiable ranked keyword search will be introduced and a construction of this primitive will be presented which is based on proposed VABKS

Architecture of Certificates: form a hierarchical architecture and centralized to a distributed and decentralized

Los principales esfuerzos de los últimos años se han concentrado en el problema de asignar de forma segura nombres a claves públicas, de hecho, la comunidad científica adoptó progresivamente el uso de sistemas basados en Public Key Infrastructure (PKI) con el fin de proporcionar servicios de seguridad a los sistemas, los cuales dependen de la existencia de una arquitectura centralizada y jerárquica. Esta misma problemática se traspola a la gestión del comercio electrónico, donde en el modelo inicial se requería de una entidad central que debía emitir divisa electrónica a los diferentes usuarios, no obstante, en 2009, Satoshi Nakamoto crea Bitcoin: una criptomoneda con tecnología peer-to-peer para operar sin una autoridad central o bancos. En esta investigación se aplica en PKI lo mismo que logró Nakamoto en el comercio electrónico, una reingeniería, migrando una arquitectura centralizada y jerárquica a una completamente descentralizada por medio de su innovación tecnológica llamada Blockchain.The main efforts of recent years have focused on the problem of set a name securely to public keys, in fact, the scientific community has been gradually adopting the use of systems based in Public Key Infrastructure (PKI) in order to provide security services. However, that systems depend on the existence of a centralized and hierarchical method. This same problem is translated into the management of electronic commerce, which presents a central entity that must issue electronic currency to different users. In 2009, Satoshi Nakamoto creates Bitcoin: a peer-to-peer technology to operate without a central authority or banks. This investigation applies in PKI the same concepts that Nakamoto applied in the electronic commerce, a reengineering and a paradigm shift, a migration from a centralized and hierarchical architecture to a decentralized and not hierarchical through the innovative technology called Blockchain.Laboratorio de Investigación en Nuevas Tecnologías Informática

Fully Invisible Protean Signatures Schemes

Protean Signatures (PS), recently introduced by Krenn et al. (CANS \u2718), allow a semi-trusted third party, named the sanitizer, to modify a signed message in a controlled way. The sanitizer can edit signer-chosen parts to arbitrary bitstrings, while the sanitizer can also redact admissible parts, which are also chosen by the signer. Thus, PSs generalize both redactable signature (RSS) and sanitizable signature (SSS) into a single notion. However, the current definition of invisibility does not prohibit that an outsider can decide which parts of a message are redactable - only which parts can be edited are hidden. This negatively impacts on the privacy guarantees provided by the state-of-the-art definition. We extend PSs to be fully invisible. This strengthened notion guarantees that an outsider can neither decide which parts of a message can be edited nor which parts can be redacted. To achieve our goal, we introduce the new notions of Invisible RSSs and Invisible Non-Accountable SSSs (SSS\u27), along with a consolidated framework for aggregate signatures. Using those building blocks, our resulting construction is significantly more efficient than the original scheme by Krenn et al., which we demonstrate in a prototypical implementation

Efficient and expressive keyword search over encrypted data in the cloud

National Research Foundation (NRF) Singapor

A Survey on Security for Mobile Devices

Nowadays, mobile devices are an important part of our everyday lives since they enable us to access a large variety of ubiquitous services. In recent years, the availability of these ubiquitous and mobile services has signicantly increased due to the dierent form of connectivity provided by mobile devices, such as GSM, GPRS, Bluetooth and Wi-Fi. In the same trend, the number and typologies of vulnerabilities exploiting these services and communication channels have increased as well. Therefore, smartphones may now represent an ideal target for malware writers. As the number of vulnerabilities and, hence, of attacks increase, there has been a corresponding rise of security solutions proposed by researchers. Due to the fact that this research eld is immature and still unexplored in depth, with this paper we aim to provide a structured and comprehensive overview of the research on security solutions for mobile devices. This paper surveys the state of the art on threats, vulnerabilities and security solutions over the period 2004-2011. We focus on high-level attacks, such those to user applications, through SMS/MMS, denial-of-service, overcharging and privacy. We group existing approaches aimed at protecting mobile devices against these classes of attacks into dierent categories, based upon the detection principles, architectures, collected data and operating systems, especially focusing on IDS-based models and tools. With this categorization we aim to provide an easy and concise view of the underlying model adopted by each approach

Trustworthy and Efficient Protection Schemes for Digital Archiving

The amount of information produced in the last decades has grown notably. Much of this information only exists in the form of electronic documents and it has often to be stored for long periods. Therefore, digital archives are increasingly needed. However, for the documents to remain trustworthy while they are archived, they need to be protected by the archivists. Important protection goals that must be guaranteed are integrity, authenticity, non-repudiation, and proof of existence. To address these goals, several protection schemes for digital archives have been designed. These schemes are usually based on cryptographic primitives, namely digital signatures and hash functions. However, since documents can be archived for decades or even indefinitely, the used cryptographic primitives can become insecure during the archival time. This is a serious issue because it can be exploited by attackers to compromise the protection goals of the archived documents. Therefore, a requirement for long-term protection schemes is to address the aging of cryptography, i.e. replacing the used primitives properly before they become insecure. In this work we analyze and improve long-term protection schemes for digital archives. More precisely, we aim at answering three questions. (1) How do long-term protection schemes compare with respect to trustworthiness? (2) How do they differ in performance? (3) Can new schemes be designed, which generate more efficient and trustworthy evidence needed to establish the protection goals? Although several protection schemes can be found in the literature, many of them fail in addressing the aging of cryptography. Therefore, our first step is to identify which existing schemes provide long-term protection with respect to integrity, authenticity, non-repudiation, and proof of existence. Afterwards, to answer question (1) we analyze the trustworthiness of the long-term protection schemes using two approaches. In the first approach, we initially identify the required trust assumptions. Then, based on these assumptions, we compare the protection schemes. In the second approach, we turn to quantifying the trustworthiness of the evidence generated by time-stamping and notarial schemes. To this end, we use a belief trust model and design a reputation system. This leads to two further, more detailed answers to question (1). First, that trustworthiness depends on the reputation of the involved parties rather than the protection schemes themselves. Second, the trustworthiness of evidence tends to degrade in the long term. Therefore, we propose to use the reputation system to create incentives for the involved parties to build good reputation. This raises the trustworthiness of generated evidence, hence addressing question (3). Next, we address question (2) by analyzing how schemes differ in performance using an analytical evaluation and experiments. More precisely, we measure the times needed to create and verify evidence, the space required to store evidence, and the communication necessary to generate evidence. Moreover, this analysis shows that while verifying evidence most of the time is spent on checking certificate chains. The findings in the performance analysis provide us with directions for addressing question (3). We propose three new solutions that provide more efficient evidence. The first solution is a new notarial scheme that generates smaller evidence and that communicates less data than the existing notarial scheme. Novelties in our scheme include balancing the numbers of signatures that users and notaries verify, and using notaries as time-stamp authorities to provide proof of existence. The second solution is based on the time-stamping scheme Content Integrity Service (CIS) and allows for faster evidence verification. To the best of our knowledge, CIS is the only scheme designed for an archive where documents are submitted and time-stamped sequentially but share the same sequence of time-stamps. However, in this case the validities of several time-stamps in this sequence may overlap. Consequently, many of these time-stamps need not be checked when verifying the time-stamp sequence for one document. We address this issue in our new scheme by using a data structure called skip list. The result is a time-stamp sequence where users can skip the time-stamps that are not necessary to guarantee the protection goals of one document. Using an analytical evaluation and experiments, we show that our scheme is notably faster than CIS. The third solution is intended to reduce time spent on checking certificate chains when verifying evidence generated by time-stamping schemes. More precisely, we improve an existing public key infrastructure-based solution where the root certification authority generates smaller verification information for time-stamps. This verification information can be used to replace the certificate chains needed to verify time-stamps. However, this solution requires extra work from time-stamp authorities and the root certification authority, especially when the number of time-stamps grows significantly. In our solution, this issue is addressed such that this extra work is independent of the number of time-stamps. Using an analytical evaluation we demonstrate the advantage of our solution. Finally, we provide our conclusions and future work. In this thesis we design new solutions that allow for more efficient and trustworthy evidence of protection for archived documents. As future work, we suggest conducting more research in the direction of developing methods that address the decay of the trustworthiness of evidence over time

Policy-Based Sanitizable Signatures

Sanitizable signatures are a variant of signatures which allow a single, and signer-defined, sanitizer to modify signed messages in a controlled way without invalidating the respective signature. They turned out to be a versatile primitive, proven by different variants and extensions, e.g., allowing multiple sanitizers or adding new sanitizers one-by-one. However, existing constructions are very restricted regarding their flexibility in specifying potential sanitizers. We propose a different and more powerful approach: Instead of using sanitizers\u27 public keys directly, we assign attributes to them. Sanitizing is then based on policies, i.e., access structures defined over attributes. A sanitizer can sanitize, if, and only if, it holds a secret key to attributes satisfying the policy associated to a signature, while offering full-scale accountability

Managing Identity Management Systems

Although many identity management systems have been proposed, in- tended to improve the security and usability of user authentication, major adoption problems remain. In this thesis we propose a range of novel schemes to address issues acting as barriers to adoption, namely the lack of interoper- ation between systems, simple adoption strategies, and user security within such systems. To enable interoperation, a client-based model is proposed supporting in- terworking between identity management systems. Information Card systems (e.g. CardSpace) are enhanced to enable a user to obtain a security token from an identity provider not supporting Information Cards; such a token, after en- capsulation at the client, can be processed by an Information Card-enabled relying party. The approach involves supporting interoperation at the client, while maximising transparency to identity providers, relying parties and iden- tity selectors. Four specific schemes conforming to the model are described, each of which has been prototyped. These schemes enable interoperation be- tween an Information Card-enabled relying party and an identity provider supporting one of Liberty, Shibboleth, OpenID, or OAuth. To facilitate adoption, novel schemes are proposed that enable Informa- tion Card systems to support password management and single sign on. The schemes do not require any changes to websites, and provide a simple, intu- itive user experience through use of the identity selector interface. They fa- miliarise users with Information Card systems, thereby potentially facilitating their future adoption. To improve user security, an enhancement to Information Card system user authentication is proposed. During user authentication, a one-time pass- word is sent to the user's mobile device which is then entered into the com- puter by the user. Finally, a universal identity management tool is proposed, designed to support a wide range of systems using a single user interface. It provides a consistent user experience, addresses a range of security issues (e.g. phishing), and provides greater user control during authentication.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Enhancing Privacy Protection:Set Membership, Range Proofs, and the Extended Access Control

Privacy has recently gained an importance beyond the field of cryptography. In that regard, the main goal behind this thesis is to enhance privacy protection. All of the necessary mathematical and cryptographic preliminaries are introduced at the start of this thesis. We then show in Part I how to improve set membership and range proofs, which are cryptographic primitives enabling better privacy protection. Part II shows how to improve the standards for Machine Readable Travel Documents (MRTDs), such as biometric passports. Regarding set membership proofs, we provide an efficient protocol based on the Boneh-Boyen signature scheme. We show that alternative signature schemes can be used and we provide a general protocol description that can be applied for any secure signature scheme. We also show that signature schemes in our design can be replaced by cryptographic accumulators. For range proofs, we provide interactive solutions where the range is divided in a base u and the u-ary digits are handled by one of our set membership proofs. A general construction is also provided for any set membership proof. We additionally explain how to handle arbitrary ranges with either two range proofs or with an improved solution based on sumset representation. These efficient solutions achieve, to date, the lowest asymptotical communication load. Furthermore, this thesis shows that the first efficient non-interactive range proof is insecure. This thesis thus provides the first efficient and secure non-interactive range proof. In the case of MRTDs, two standards exist: one produced by the International Civil Aviation Organization (ICAO) and the other by the European Union, which is called the Extended Access Control (EAC). Although this thesis focuses on the EAC, which is supposed to solve all privacy concerns, it shows that both standards fail to provide complete privacy protection. Lastly, we provide several solutions to improve them