MPSS

Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007.MIT Barker Engineering Library copy: issued in leaves.Includes bibliographical references (p. 153-157).This thesis describes mobile proactive secret sharing (MPSS), an extension of proactive secret sharing. Mobile proactive secret sharing is much more flexible than proactive secret sharing in terms of group membership: instead of the group of shareholders being exactly the same from one epoch to the next, we allow the group to change arbitrarily. In addition, we allow for an increase or decrease of the threshold at each epoch. We give the first known efficient protocol for MPSS in the asynchronous network model. We present this protocol as a practical solution to the problem of long-term protection of a secret in a realistic network.by David Andrew Schultz.S.M

A New Strong Proactive Verifiable Secret Sharing Scheme with Unconditional Security

Title from PDF of title page, viewed on January 20, 2011.Thesis advisor: Lein Harn.Vita.Thesis (M.S.)--School of Computing and Engineering. University of Missouri--Kansas City, 2010.Includes bibliographic references (pages 55-58).In secret sharing scheme, the master secret and all the private shares (which are distributed by the dealer to the shareholders) are the two secrets which are to be maintained confidentially. In all the secret sharing schemes proposed till date, private shares are reused to reconstruct the master secret. But we proposed a new way of Proactive Secret Sharing Scheme in which, instead of renewing the private shares frequently at the beginning of each timeslot during the share renewal process, each time master secret is renewed. In this way private shares can be reused for a longer period of time and to construct different master secrets. In addition, after each renewing process, shareholders can work together to verify that their private shares are consistent without revealing private shares. We also proposed protocols to generate and renew master secret, authenticate public shares of the master secret, add or revoke shares and change threshold of the master secret. Thus an enhancement to Proactive Secret Sharing is proposed in this thesis and this unique feature simples the implementation of PSS as the change is to be made only to the master secret (central server) without effecting all private shares.Introduction -- Related Work -- Our Scheme -- Conclusion

Proactive secret sharing and public key cryptosystems

Thesis (S.B. and S.M.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1996.Includes bibliographical references (p. 79-80).by Stanislaw Jarecki.S.B.and S.M

Protected Secret Sharing and its Application to Threshold Cryptography

Title from PDF of title page, viewed April 19, 2017Thesis advisor: Lein HarnVitaIncludes bibliographical references (pages 36-40)Thesis (M.S.)--School of Computing and Engineering. University of Missouri--Kansas City, 2016In the secret reconstruction of Shamir’s (t,n) secret sharing scheme (SS), shares released by shareholders need to be protected otherwise, non-shareholders can also obtain the secret. Key establishment protocol can establish pairwise keys for any pair of shareholders. Then, shareholders can use these pairwise keys to protect shares in the secret reconstruction process. However, adding a key establishment in the secret reconstruction slows down the process significantly. Shamir’s SS is based on a univariate polynomial. Shares generated by a bivariate polynomial enable pairwise keys to be shared between any pair of shareholders. But we proposed a new type of SS, called protected secret sharing scheme (PSS), in which shares of shareholders can not only be used to reconstruct the secret but also be used to protect the secrecy of shares in the secret reconstruction process. Thus, the recovered secret is only available to shareholders but not to non-shareholders. A basic (t,n) PSS based on a bivariate polynomial is proposed. Furthermore, we introduce to use this basic PSS in the applications of threshold cryptography. The PSS is unique since it protects the secrecy of the recovered secret in a very efficient way.Introduction -- Related work -- Our scheme -- Security analysis and performance -- Application to algorithms of threshold cryptography -- Conclusio

Identifiable Cheating Entity Flexible Round-Optimized Schnorr Threshold (ICE FROST) Signature Protocol

This paper presents an Identifiable Cheating Entity (ICE) FROST signature protocol that is an improvement over the FROST signature scheme (Komlo and Goldberg, SAC 2020) since it can identify cheating participants in its Key Generation protocol. The proposed threshold signature protocol achieves robustness in the Key Generation phase of the threshold signature protocol by introducing a cheating identification mechanism and then excluding cheating participants from the protocol. By enabling the cheating identification mechanism, we remove the need to abort the Key Generation protocol every time cheating activity is suspected. Our cheating identification mechanism allows every participant to individually check the validity of complaints issued against possibly cheating participants. Then, after all of the cheating participants are eliminated, the Key Generation protocol is guaranteed to finish successfully. On the other hand, the signing process only achieves a weak form of robustness, as in the original FROST. We then introduce static public key variant of ICE FROST. Our work is the first to consider static private/public keys for a round-optimized Schnorr-based signature scheme. With static public keys, the group’s established public and private keys remain constant for the lifetime of signers, while the signing shares of each participant are updated overtime, as well as the set of group members, which ensures the long-term security of the static keys and facilitates the verification process of the generated threshold signature because a group of signers communicates their public key to the verifier only once during the group’s lifetime. Our implementation benchmarks demonstrate that the runtime of the protocol is feasible for real-world applications

A privacy preserving framework for cyber-physical systems and its integration in real world applications

A cyber-physical system (CPS) comprises of a network of processing and communication capable sensors and actuators that are pervasively embedded in the physical world. These intelligent computing elements achieve the tight combination and coordination between the logic processing and physical resources. It is envisioned that CPS will have great economic and societal impact, and alter the qualify of life like what Internet has done. This dissertation focuses on the privacy issues in current and future CPS applications. as thousands of the intelligent devices are deeply embedded in human societies, the system operations may potentially disclose the sensitive information if no privacy preserving mechanism is designed. This dissertation identifies data privacy and location privacy as the representatives to investigate the privacy problems in CPS. The data content privacy infringement occurs if the adversary can determine or partially determine the meaning of the transmitted data or the data stored in the storage. The location privacy, on the other hand, is the secrecy that a certain sensed object is associated to a specific location, the disclosure of which may endanger the sensed object. The location privacy may be compromised by the adversary through hop-by-hop traceback along the reverse direction of the message routing path. This dissertation proposes a public key based access control scheme to protect the data content privacy. Recent advances in efficient public key schemes, such as ECC, have already shown the feasibility to use public key schemes on low power devices including sensor motes. In this dissertation, an efficient public key security primitives, WM-ECC, has been implemented for TelosB and MICAz, the two major hardware platform in current sensor networks. WM-ECC achieves the best performance among the academic implementations. Based on WM-ECC, this dissertation has designed various security schemes, including pairwise key establishment, user access control and false data filtering mechanism, to protect the data content privacy. The experiments presented in this dissertation have shown that the proposed schemes are practical for real world applications. to protect the location privacy, this dissertation has considered two adversary models. For the first model in which an adversary has limited radio detection capability, the privacy-aware routing schemes are designed to slow down the adversary\u27s traceback progress. Through theoretical analysis, this dissertation shows how to maximize the adversary\u27s traceback time given a power consumption budget for message routing. Based on the theoretical results, this dissertation also proposes a simple and practical weighted random stride (WRS) routing scheme. The second model assumes a more powerful adversary that is able to monitor all radio communications in the network. This dissertation proposes a random schedule scheme in which each node transmits at a certain time slot in a period so that the adversary would not be able to profile the difference in communication patterns among all the nodes. Finally, this dissertation integrates the proposed privacy preserving framework into Snoogle, a sensor nodes based search engine for the physical world. Snoogle allows people to search for the physical objects in their vicinity. The previously proposed privacy preserving schemes are applied in the application to achieve the flexible and resilient privacy preserving capabilities. In addition to security and privacy, Snoogle also incorporates a number of energy saving and communication compression techniques that are carefully designed for systems composed of low-cost, low-power embedded devices. The evaluation study comprises of the real world experiments on a prototype Snoogle system and the scalability simulations

MULTI-PHOTON TOLERANT QUANTUM KEY DISTRIBUTION PROTOCOLS FOR SECURED GLOBAL COMMUNICATION

This dissertation investigates the potential of multi-photon tolerant protocols for satellite-aided global quantum key distribution (QKD). Recent investigations like braided single-stage protocol and the implementation of the three-stage protocol in fiber have indicated that multi-photon tolerant protocols have wide-ranging capabilities for increasing the distance and speed of quantum-secure communication. This dissertation proposes satellite-based network multicasting and its operation that can profitably use multi-photon tolerant protocols for quantum-secure global communication. With a growingly interconnected world and an increasing need for security in communication, communication satellites at Lower Earth Orbits (LEO), Medium Earth Orbit (MEO) and Geostationary Earth Orbit (GEO) have a potential role in serving as a means to distribute secure keys for encryption among distant endpoints. This dissertation systematically evaluates such a role. The dissertation proposes a layered framework using satellites and fiber optic links that can form a composite system for carrying the information payload and distributing quantum-secure keys for encrypting information in transit. Quantum communications links are currently point-to-point. Considering the concept of global QKD network, there is need for multicast quantum links. Multi casting can be achieved in quantum networks by (a) using multiple wavelengths, or (b) using use specific set of bases. In efforts to develop a composite quantum secure global communication system; this dissertation also introduces the concept of multi-photon tolerant quantum threshold cryptography. The motivation for development of threshold cryptography is that a secret can be encrypted with multiple users and requires multiple users to decrypt. The quantum threshold cryptography is proposed by using idea of multiple bases. This can be considered as step forward towards multiparty quantum communication. This dissertation also proposed layered architecture for key distribution. Concisely, this dissertation proposes the techniques like multicasting in quantum scenario, quantum threshold cryptography to achieve the goal of secured global communication

Efficient threshold cryptosystems

Thesis (Ph.D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2001.Includes bibliographical references (p. 181-189).A threshold signature or decryption scheme is a distributed implementation of a cryptosystem, in which the secret key is secret-shared among a group of servers. These servers can then sign or decrypt messages by following a distributed protocol. The goal of a threshold scheme is to protect the secret key in a highly fault-tolerant way. Namely, the key remains secret, and correct signatures or decryptions are always computed, even if the adversary corrupts less than a fixed threshold of the participating servers. We show that threshold schemes can be constructed by putting together several simple distributed protocols that implement arithmetic operations, like multiplication or exponentiation, in a threshold setting. We exemplify this approach with two discrete-log based threshold schemes, a threshold DSS signature scheme and a threshold Cramer-Shoup cryptosystem. Our methodology leads to threshold schemes which are more efficient than those implied by general secure multi-party computation protocols. Our schemes take a constant number of communication rounds, and the computation cost per server grows by a factor linear in the number of the participating servers compared to the cost of the underlying secret-key operation. We consider three adversarial models of increasing strength. We first present distributed protocols for constructing threshold cryptosystems secure in the static adversarial model, where the players are corrupted before the protocol starts. Then, under the assumption that the servers can reliably erase their local data, we show how to modify these protocols to extend the security of threshold schemes to an adaptive adversarial model,(cont.) where the adversary is allowed to choose which servers to corrupt during the protocol execution. Finally we show how to remove the reliable erasure assumption. All our schemes withstand optimal thresholds of a minority of malicious faults in a realistic partially-synchronous insecure-channels communication model with broadcast. Our work introduces several techniques that can be of interest to other research on secure multi-party protocols, e.g. the inconsistent player simulation technique which we use to construct efficient schemes secure in the adaptive model, and the novel primitive of a simultaneously secure encryption which provides an efficient implementation of private channels in an adaptive and erasure-free model for a wide class of multi-party protocols. We include extensions of the above results to: (1) RSA-based threshold cryptosystems; and (2) stronger adversarial models than a threshold adversary, namely to proactive and creeping adversaries, who, under certain assumptions regarding the speed and detectability of corruptions, are allowed to compromise all or almost all of the participating servers.by StanisÅaw Jarecki.Ph.D