10 research outputs found
Anonymity in Shared Symmetric Key Primitives
We provide a stronger definition of anonymity in the context of shared symmetric key primitives, and show that existing schemes do not provide this level of anonymity. A new scheme is presented to share symmetric key operations amongst a set of participants according to a (t, n)-threshold access structure. We quantify the amount of information the output of the shared operation provides about the group of participants which collaborated to produce it.
Learning Computer Networks Using Intelligent Tutoring System
Intelligent Tutoring Systems (ITS) has a wide influence on the exchange rate, education, health, training, and educational programs. In this paper we describe an intelligent tutoring system that helps student study computer networks. The current ITS provides intelligent presentation of educational content appropriate for students, such as the degree of knowledge, the desired level of detail, assessment, student level, and familiarity with the subject. Our Intelligent tutoring system was developed using ITSB authoring tool for building ITS. A preliminary evaluation of the ITS was done by a group of students and teachers. The results were acceptable
ITS for Learning computer networks
Intelligent Tutoring Systems (ITS) has a wide influence on the exchange rate, education, health, training, and educational programs. In this paper we describe an intelligent tutoring system that helps student study computer networks. The current ITS provides intelligent presentation of educational content appropriate for students, such as the degree of knowledge, the desired level of detail, assessment, student level, and familiarity with the subject. Our Intelligent tutoring system was developed using ITSB authoring tool for building ITS. A preliminary evaluation of the ITS was done by a group of students and teachers. The results were acceptable
The combinatorics of generalised cumulative arrays.
In this paper we present a combinatorial analysis of generalised cumulative arrays.
These are structures that are associated with a monotone collections of subsets of a base set and
have properties that find application in areas of information security. We propose a number of basic
measures of efficiency of a generalised cumulative array and then study fundamental bounds on
their parameters. We then look at a number of construction techniques and show that the problem
of finding good generalised cumulative arrays is closely related to the problem of finding boolean
expressions with special properties
Robust distributed symmetric-key encryption
In distributed symmetric-key encryption (DiSE), a set of n
distributed servers share a key (or key set) and any t, t <=
n, servers can collectively use the shared key (or key set) in a
DiSE transaction to encrypt a message or decrypt a ciphertext
without reconstructing the shared key (or key set). Each
participating server contributes one or more partial results and
one participating server called the initiator combines all partial
results into a final result. An adversary who has compromised up
to (t-1) servers will not be able to access the shared
key (or key set).
Due to the distributed nature of DiSE, a DiSE server that has been
compromised by an adversary may return wrong partial results to
the initiator. Worse, multiple DiSE servers compromised by the
same adversary may collude to send back wrong partial results.
In this article we developed a robust DiSE that allows an honest
initiator to detect wrong partial results by an adversary. The
robustness of our DiSE is built through redundant computation.
Our robust DiSE can detect wrong partial results by an adversary
who has compromised up to min(t-1, n-t) servers. Next, the
honest-initiator assumption is removed by rotating the
initiator role among active servers across multiple DiSE
transactions. A scalable, industry-level implementation for the
robust DiSE has been developed and two cases, (t=3, n=5) and
(t=16, n=24), have been tested to show the feasibility of robust DiSE.
Our robust DiSE can be used to build intrusion-tolerant
applications, such as intrusion-tolerant database encryption
Threshold and Proactive Pseudo-Random Permutations
We construct a reasonably efficient threshold and proactive pseudo-random permutation (PRP). Our protocol needs only O(1) communication rounds. It tolerates up to (n-1)/2 of n dishonest servers in the semi-honest environment. Many protocols that use PRPs (e.g., a CBC block cipher mode) can now be translated into the distributed setting. Our main technique for constructing invertible threshold PRPs is a distributed Luby-Rackoff construction where both the secret keys *and* the input are shared among the servers. We also present protocols for obliviously computing pseudo-random functions by Naor-Reingold and Dodis-Yampolskiy with shared input and keys
Intrusion-tolerant Order-preserving Encryption
Traditional encryption schemes such as AES and RSA aim to achieve the highest level of security, often indistinguishable security under the adaptive chosen-ciphertext attack. Ciphertexts generated by such encryption schemes do not leak useful information. As a result, such ciphertexts do not support efficient searchability nor range queries.
Order-preserving encryption is a relatively new encryption paradigm that allows for efficient queries on ciphertexts. In order-preserving encryption, the data-encrypting key is a long-term symmetric key that needs to stay online for insertion, query and deletion operations, making it an attractive target for attacks.
In this thesis, an intrusion-tolerant order-preserving encryption system was developed to support range queries on encrypted data. Within this system, the long-term symmetric key is shared among multiple (say n) servers and is never reconstructed in full, at any single point. An adversary who has compromised less than a threshold number (say t :
Key Homomorphic PRFs and Their Applications
A pseudorandom function F : K x X -> Y is said to be key homomorphic if given F(k1, x) and F(k2, x) there is an efficient algorithm to compute F(k1 xor k2, x), where xor denotes a group
operation on k1 and k2 such as xor. Key homomorphic PRFs are natural objects to study and have a number of interesting applications: they can simplify the process of rotating encryption keys for encrypted data stored in the cloud, they give one round distributed PRFs, and they can be the basis of a symmetric-key proxy re-encryption scheme. Until now all known constructions
for key homomorphic PRFs were only proven secure in the random oracle model. We construct the first provably secure key homomorphic PRFs in the standard model. Our main construction
is based on the learning with errors (LWE) problem. In the proof of security we need a variant of LWE where query points are non-uniform and we show that this variant is as hard as the standard LWE. We also construct key homomorphic PRFs based on the decision linear assumption in groups with an l-linear map. We leave as an open problem the question of constructing standard model key homomorphic PRFs from more general assumptions
Hash Families and Cover-Free Families with Cryptographic Applications
This thesis is focused on hash families and cover-free families and their application to
problems in cryptography. We present new necessary conditions for generalized separating
hash families, and provide new explicit constructions. We then consider three cryptographic
applications of hash families and cover-free families. We provide a stronger de nition of
anonymity in the context of shared symmetric key primitives and give a new scheme with
improved anonymity properties. Second, we observe that nding the invalid signatures
in a set of digital signatures that fails batch veri cation is a group testing problem, then
apply and compare many group testing algorithms to solve this problem e ciently. In
particular, we apply group testing algorithms based on cover-free families. Finally, we
construct a one-time signature scheme based on cover-free families with short signatures