1,432 research outputs found
Dispute Resolution in Voting
In voting, disputes arise when a voter claims that the voting authority is
dishonest and did not correctly process his ballot while the authority claims
to have followed the protocol. A dispute can be resolved if any third party can
unambiguously determine who is right. We systematically characterize all
relevant disputes for a generic, practically relevant, class of voting
protocols. Based on our characterization, we propose a new definition of
dispute resolution for voting that accounts for the possibility that both
voters and the voting authority can make false claims and that voters may
abstain from voting.
A central aspect of our work is timeliness: a voter should possess the
evidence required to resolve disputes no later than the election's end. We
characterize what assumptions are necessary and sufficient for timeliness in
terms of a communication topology for our voting protocol class. We formalize
the dispute resolution properties and communication topologies symbolically.
This provides the basis for verification of dispute resolution for a broad
class of protocols. To demonstrate the utility of our model, we analyze a
mixnet-based voting protocol and prove that it satisfies dispute resolution as
well as verifiability and receipt-freeness. To prove our claims, we combine
machine-checked proofs with traditional pen-and-paper proofs
Enhancing the Privacy of Decentralized Identifiers with Ring Signatures
Most identifiers used today, such as OpenID Connect, are controlled by third parties, which can track how the identifier is used. To overcome this, self-sovereign identifiers, such as Decentralized Identifiers (DIDs), which are entirely owned and managed by the user, have been developed. However, in some cases even DIDs alone do not sufficiently protect the user's privacy. For example, if a service can be accessed at multiple fixed locations, using the same identifier repeatedly for each location may over time also reveal the user's location. One of the techniques to hide the exact service identifiers are ring signatures, which enable the generation of anonymous signatures where the real signer's identity is hidden in a set of possible signers.
This thesis takes the use case of electric vehicle charging, where the electric vehicle location may be revealed if static identifiers are used by the electric vehicles and charging stations. A previous solution uses a new ephemeral DID for every interaction, but this requires the creation of a large number of DIDs. This thesis examines an alternative approach of using ring signatures to achieve better privacy with a lower number of DIDs.
The major outcomes of this thesis include how to implement ring signatures for anonymous authentication, comparison of resource consumption with respect to the previous solution, and the applicability of ring signature technology on a broader scale such as in constrained devices. The performance of the new solution was compared with the existing solution by implementing prototypes on Android phones, which communicate over Bluetooth. An assumption on the number of charging events was made based on real data for the country of Norway. The results show that ring signatures are easy to implement and provide slightly better privacy but they are significantly more resource-intensive in terms of storage (about 2 times more) and processing (about 9 times slower). Therefore, large scale implementation of ring signatures on the constrained devices is challenging
CONSTRUCTION OF EFFICIENT AUTHENTICATION SCHEMES USING TRAPDOOR HASH FUNCTIONS
In large-scale distributed systems, where adversarial attacks can have widespread impact, authentication provides protection from threats involving impersonation of entities and tampering of data. Practical solutions to authentication problems in distributed systems must meet specific constraints of the target system, and provide a reasonable balance between security and cost. The goal of this dissertation is to address the problem of building practical and efficient authentication mechanisms to secure distributed applications. This dissertation presents techniques to construct efficient digital signature schemes using trapdoor hash functions for various distributed applications. Trapdoor hash functions are collision-resistant hash functions associated with a secret trapdoor key that allows the key-holder to find collisions between hashes of different messages. The main contributions of this dissertation are as follows:
1. A common problem with conventional trapdoor hash functions is that revealing a collision producing message pair allows an entity to compute additional collisions without knowledge of the trapdoor key. To overcome this problem, we design an efficient trapdoor hash function that prevents all entities except the trapdoor key-holder from computing collisions regardless of whether collision producing message pairs are revealed by the key-holder.
2. We design a technique to construct efficient proxy signatures using trapdoor hash functions to authenticate and authorize agents acting on behalf of users in agent-based computing systems. Our technique provides agent authentication, assurance of agreement between delegator and agent, security without relying on secure communication channels and control over an agent’s capabilities.
3. We develop a trapdoor hash-based signature amortization technique for authenticating real-time, delay-sensitive streams. Our technique provides independent verifiability of blocks comprising a stream, minimizes sender-side and receiver-side delays, minimizes communication overhead, and avoids transmission of redundant information.
4. We demonstrate the practical efficacy of our trapdoor hash-based techniques for signature amortization and proxy signature construction by presenting discrete log-based instantiations of the generic techniques that are efficient to compute, and produce short signatures.
Our detailed performance analyses demonstrate that the proposed schemes outperform existing schemes in computation cost and signature size. We also present proofs for security of the proposed discrete-log based instantiations against forgery attacks under the discrete-log assumption
- …