Attacks on quantum key distribution protocols that employ non-ITS authentication

We demonstrate how adversaries with unbounded computing resources can break Quantum Key Distribution (QKD) protocols which employ a particular message authentication code suggested previously. This authentication code, featuring low key consumption, is not Information-Theoretically Secure (ITS) since for each message the eavesdropper has intercepted she is able to send a different message from a set of messages that she can calculate by finding collisions of a cryptographic hash function. However, when this authentication code was introduced it was shown to prevent straightforward Man-In-The-Middle (MITM) attacks against QKD protocols. In this paper, we prove that the set of messages that collide with any given message under this authentication code contains with high probability a message that has small Hamming distance to any other given message. Based on this fact we present extended MITM attacks against different versions of BB84 QKD protocols using the addressed authentication code; for three protocols we describe every single action taken by the adversary. For all protocols the adversary can obtain complete knowledge of the key, and for most protocols her success probability in doing so approaches unity. Since the attacks work against all authentication methods which allow to calculate colliding messages, the underlying building blocks of the presented attacks expose the potential pitfalls arising as a consequence of non-ITS authentication in QKD-postprocessing. We propose countermeasures, increasing the eavesdroppers demand for computational power, and also prove necessary and sufficient conditions for upgrading the discussed authentication code to the ITS level.Comment: 34 page

Handling Confidential Data on the Untrusted Cloud: An Agent-based Approach

Cloud computing allows shared computer and storage facilities to be used by a multitude of clients. While cloud management is centralized, the information resides in the cloud and information sharing can be implemented via off-the-shelf techniques for multiuser databases. Users, however, are very diffident for not having full control over their sensitive data. Untrusted database-as-a-server techniques are neither readily extendable to the cloud environment nor easily understandable by non-technical users. To solve this problem, we present an approach where agents share reserved data in a secure manner by the use of simple grant-and-revoke permissions on shared data.Comment: 7 pages, 9 figures, Cloud Computing 201

Practical Hash-based Anonymity for MAC Addresses

Given that a MAC address can uniquely identify a person or a vehicle, continuous tracking over a large geographical scale has raised serious privacy concerns amongst governments and the general public. Prior work has demonstrated that simple hash-based approaches to anonymization can be easily inverted due to the small search space of MAC addresses. In particular, it is possible to represent the entire allocated MAC address space in 39 bits and that frequency-based attacks allow for 50% of MAC addresses to be enumerated in 31 bits. We present a practical approach to MAC address anonymization using both computationally expensive hash functions and truncating the resulting hashes to allow for k-anonymity. We provide an expression for computing the percentage of expected collisions, demonstrating that for digests of 24 bits it is possible to store up to 168,617 MAC addresses with the rate of collisions less than 1%. We experimentally demonstrate that a rate of collision of 1% or less can be achieved by storing data sets of 100 MAC addresses in 13 bits, 1,000 MAC addresses in 17 bits and 10,000 MAC addresses in 20 bits.Comment: Accepted at the 17th International Conference on Security and Cryptography (SECRYPT 2020). To be presented between 8-10 July 202

Icts, Social Media, & the Future of Human Rights

As communication increasingly shifts to digital platforms, information derived from online open sources is starting to become critical in creating an evidentiary basis for international crimes. While journalists have led the development of many newly emerging open source investigation methodologies, courts have heightened the requirements for verifying and preserving a chain of custody—information linking all of the individuals who possessed the content and indicating the duration of their custody—creating a need for standards that are just now beginning to be identified, articulated, and accepted by the international legal community. In this article, we discuss the impact of internet-based open source investigations on international criminal legal processes, as well as challenges related to their use. We also offer best practices for lawyers, activists, and other individuals seeking to admit open source information—including content derived from social media—into courts

Hashing it Out: Blockchain as a Solution for Medicare Improper Payments

Part I highlights the inadequacies and inefficiencies of our Medicare payment system, focusing on the initiatives currently in place and the susceptibilities that persist. Part II offers a broad overview of the development, importance, features, and collateral technologies surrounding blockchain. Part III posits that Congress and HHS, through its various subsidiary agencies, should work in tandem with private stakeholders to create and/or implement a blockchain-based infrastructure to facilitate federal healthcare payments and support future growth of quality-based initiatives. This Note concludes with a recommendation for future agency research focusing on the viability and cost efficiency of a blockchain solution