1,283 research outputs found
Attacks on quantum key distribution protocols that employ non-ITS authentication
We demonstrate how adversaries with unbounded computing resources can break
Quantum Key Distribution (QKD) protocols which employ a particular message
authentication code suggested previously. This authentication code, featuring
low key consumption, is not Information-Theoretically Secure (ITS) since for
each message the eavesdropper has intercepted she is able to send a different
message from a set of messages that she can calculate by finding collisions of
a cryptographic hash function. However, when this authentication code was
introduced it was shown to prevent straightforward Man-In-The-Middle (MITM)
attacks against QKD protocols.
In this paper, we prove that the set of messages that collide with any given
message under this authentication code contains with high probability a message
that has small Hamming distance to any other given message. Based on this fact
we present extended MITM attacks against different versions of BB84 QKD
protocols using the addressed authentication code; for three protocols we
describe every single action taken by the adversary. For all protocols the
adversary can obtain complete knowledge of the key, and for most protocols her
success probability in doing so approaches unity.
Since the attacks work against all authentication methods which allow to
calculate colliding messages, the underlying building blocks of the presented
attacks expose the potential pitfalls arising as a consequence of non-ITS
authentication in QKD-postprocessing. We propose countermeasures, increasing
the eavesdroppers demand for computational power, and also prove necessary and
sufficient conditions for upgrading the discussed authentication code to the
ITS level.Comment: 34 page
Handling Confidential Data on the Untrusted Cloud: An Agent-based Approach
Cloud computing allows shared computer and storage facilities to be used by a
multitude of clients. While cloud management is centralized, the information
resides in the cloud and information sharing can be implemented via
off-the-shelf techniques for multiuser databases. Users, however, are very
diffident for not having full control over their sensitive data. Untrusted
database-as-a-server techniques are neither readily extendable to the cloud
environment nor easily understandable by non-technical users. To solve this
problem, we present an approach where agents share reserved data in a secure
manner by the use of simple grant-and-revoke permissions on shared data.Comment: 7 pages, 9 figures, Cloud Computing 201
Practical Hash-based Anonymity for MAC Addresses
Given that a MAC address can uniquely identify a person or a vehicle,
continuous tracking over a large geographical scale has raised serious privacy
concerns amongst governments and the general public. Prior work has
demonstrated that simple hash-based approaches to anonymization can be easily
inverted due to the small search space of MAC addresses. In particular, it is
possible to represent the entire allocated MAC address space in 39 bits and
that frequency-based attacks allow for 50% of MAC addresses to be enumerated in
31 bits. We present a practical approach to MAC address anonymization using
both computationally expensive hash functions and truncating the resulting
hashes to allow for k-anonymity. We provide an expression for computing the
percentage of expected collisions, demonstrating that for digests of 24 bits it
is possible to store up to 168,617 MAC addresses with the rate of collisions
less than 1%. We experimentally demonstrate that a rate of collision of 1% or
less can be achieved by storing data sets of 100 MAC addresses in 13 bits,
1,000 MAC addresses in 17 bits and 10,000 MAC addresses in 20 bits.Comment: Accepted at the 17th International Conference on Security and
Cryptography (SECRYPT 2020). To be presented between 8-10 July 202
Icts, Social Media, & the Future of Human Rights
As communication increasingly shifts to digital platforms, information derived from online open sources is starting to become critical in creating an evidentiary basis for international crimes. While journalists have led the development of many newly emerging open source investigation methodologies, courts have heightened the requirements for verifying and preserving a chain of custody—information linking all of the individuals who possessed the content and indicating the duration of their custody—creating a need for standards that are just now beginning to be identified, articulated, and accepted by the international legal community. In this article, we discuss the impact of internet-based open source investigations on international criminal legal processes, as well as challenges related to their use. We also offer best practices for lawyers, activists, and other individuals seeking to admit open source information—including content derived from social media—into courts
Hashing it Out: Blockchain as a Solution for Medicare Improper Payments
Part I highlights the inadequacies and inefficiencies of our Medicare payment system, focusing on the initiatives currently in place and the susceptibilities that persist. Part II offers a broad overview of the development, importance, features, and collateral technologies surrounding blockchain. Part III posits that Congress and HHS, through its various subsidiary agencies, should work in tandem with private stakeholders to create and/or implement a blockchain-based infrastructure to facilitate federal healthcare payments and support future growth of quality-based initiatives. This Note concludes with a recommendation for future agency research focusing on the viability and cost efficiency of a blockchain solution
- …