Digital certificates and threshold cryptography

This dissertation discusses the use of secret sharing cryptographic protocols for distributing and sharing of secret documents, in our case PDF documents. We discuss the advantages and uses of such a system in the context of collaborative environments. Description of the cryptographic protocol involved and the necessary Public Key Infrastructure (PKI) shall be presented. We also provide an implementation of this framework as a “proof of concept” and fundament the use of a certificate extension as the basis for threshold cryptography. Details of the shared secret distribution protocol and shared secret recovery protocol shall be given as well as the associated technical implementation details. The actual secret sharing algorithm implemented at this stage is based on an existing well known secret sharing scheme that uses polynomial interpolation over a finite field. Finally we conclude with a practical assessment of our prototype

From Blockchain to Internet-based Voting

Blockchain has been one of the hottest topics among the state-of-the-art technologies. As the enabling technology for Bitcoin, the pioneering cryptocurrency, blockchain is an append-only distributed ledger that is virtually impossible to attack. Hence, blockchain holds great promises as the fundamental technology to enable Internet-based electronic voting. However, Internet-based voting has additional requirements than what monetary transactions such as Bitcoin have to offer. In this thesis, we discuss the key differences of a blockchain-based voting system with digital currencies. In this context we also highlight the requirements, review existing proposed solutions, and outline possible improvements. Specifically, we propose several schemes on how to tackle various issues such as authentication, privacy, transparency, scalability, safety, as well as several other practical aspects of the platform. Most importantly, a blockchain-based voting system needs to ensure that the prospect of tampering with the election result is to a large extent eliminated. At the same time, the voting platform should have proper performance characteristics, i.e. sufficient throughput, for a voting of large magnitude such as a presidential election. Being heavily linked together, security and performance should be investigated in a unified framework to capture the interaction effects between the two. To address this concern, for the first time, we will study the performance and security implications of the blockchain voting system in a quantitative manner, using a blockchain simulator developed by researchers at Swiss Federal Institute of Technology, ETH Zurich. In our analysis, we will specifically investigate the stale block rate and relative mining share of the dishonest network, as the central security measures, as a function of important network parameters that determine the throughput of the network, i.e. block size and block interval. Ultimately, we focus on selfish mining and eclipse attacks as the most critical threats to the integrity of the blockchain voting in order to find the optimal network parameters

From Blockchain to Internet-based Voting

Blockchain has been one of the hottest topics among the state-of-the-art technologies. As the enabling technology for Bitcoin, the pioneering cryptocurrency, blockchain is an append-only distributed ledger that is virtually impossible to attack. Hence, blockchain holds great promises as the fundamental technology to enable Internet-based electronic voting. However, Internet-based voting has additional requirements than what monetary transactions such as Bitcoin have to offer. In this thesis, we discuss the key differences of a blockchain-based voting system with digital currencies. In this context we also highlight the requirements, review existing proposed solutions, and outline possible improvements. Specifically, we propose several schemes on how to tackle various issues such as authentication, privacy, transparency, scalability, safety, as well as several other practical aspects of the platform. Most importantly, a blockchain-based voting system needs to ensure that the prospect of tampering with the election result is to a large extent eliminated. At the same time, the voting platform should have proper performance characteristics, i.e. sufficient throughput, for a voting of large magnitude such as a presidential election. Being heavily linked together, security and performance should be investigated in a unified framework to capture the interaction effects between the two. To address this concern, for the first time, we will study the performance and security implications of the blockchain voting system in a quantitative manner, using a blockchain simulator developed by researchers at Swiss Federal Institute of Technology, ETH Zurich. In our analysis, we will specifically investigate the stale block rate and relative mining share of the dishonest network, as the central security measures, as a function of important network parameters that determine the throughput of the network, i.e. block size and block interval. Ultimately, we focus on selfish mining and eclipse attacks as the most critical threats to the integrity of the blockchain voting in order to find the optimal network parameters

Secret texts and cipherballots: secret suffrage and remote electronic voting

Una de les principals preocupacions sobre el vot telemàtic és com preservar el sufragi secret. La llista d’estudis que afirmen que el vot per Internet és incompatible amb el secret del vot és força extensa. Si bé estudis posteriors sobre experiències reals han tingut resultats més matisats, les preocupacions sobre el sufragi secret i el vot telemàtic es mantenen. Abordar aquestes preocupacions esdevé una obligació ineludible. En aquest context, la nostra recerca és novadora. En primer lloc, el nostre punt de partida no es basa en definicions legals preexistents que s'accepten com a donades. Partint de l'enfocament universalista del dret constitucional comparat, hem entès que el principi del sufragi secret transcendeix les opinions i convencions lligades a comunitats polítiques concretes. Aquesta concepció comú i bàsica s'ha traduït en tres estàndards: individualitat, confidencialitat i anonimat. Aquests estàndards s’han de satisfer en qualsevol canal de votació. En segon lloc, hem adoptat un enfocament més ampli en l’aplicació d’aquest principi al vot telemàtic. Hem demostrat que el sufragi secret es pot garantir mitjançant la llei, el codi informàtic, les normes i fins i tot el mercat. La normativa actual tendeix a ser limitada perquè recorre a analogies amb els canals de votació en paper i no reconeix les especificitats del vot telemàtic. Per contra, aquí hem examinat el paper que exerceixen (i les limitacions pròpies) del xifrat asimètric, l'anonimització basada en mix-nets o el recompte homomòrfic, i el vot múltiple.Una de las principales preocupaciones sobre el voto telemático es cómo garantizar el secreto del voto. La lista de autores que afirman que el voto por Internet es incompatible con el sufragio secreto es considerable. Aunque las conclusiones de estudios posteriores sobre experiencias reales hayan sido más matizadas, las preocupaciones sobre el sufragio secreto y el voto telemático se mantienen. Abordar estas preocupaciones constituye en una obligación ineludible. En este contexto, nuestra investigación es novedosa. En primer lugar, nuestro punto de partida no se basa en definiciones legales preexistentes que se aceptan como dadas. Partiendo del enfoque universalista del derecho constitucional comparado, hemos entendido que el principio del sufragio secreto trasciende las opiniones y convenciones ligadas a la cultura de comunidades políticas concretas. Esta concepción se ha traducido en tres normas: individualidad, confidencialidad y anonimato. Estas normas deberían aplicarse a cualquier canal de votación. En segundo lugar, hemos adoptado un enfoque más amplio sobre la aplicación de este principio. Hemos demostrado que el sufragio secreto puede garantizarse mediante la ley, el código, las normas e incluso el mercado. La normativa actual tiende a ser limitada porque recurre a analogías con los canales de votación en papel y no reconoce las especificidades del voto telemático.One of the key concerns about remote electronic voting is how to preserve secret suffrage. The list of authors who claim that Internet voting is incompatible with the secrecy of the vote is actually quite long. Even if later studies that analysed the actual implementation of remote electronic voting in public political elections had more nuanced findings, concerns about secret suffrage and remote electronic voting remain. Addressing these concerns becomes an inescapable obligation. In this context, our research is quite novel. First and foremost, our starting point is not based on pre-existing legal definitions that are accepted as given. Drawing from the universalist approach to comparative constitutional law, we have understood that the principle of secret suffrage exists in such a way that it transcends the culture bound opinions and conventions of particular political communities. This core understanding has been translated into three standards: individuality, confidentiality, and anonymity. These standards should apply to any voting channel. Second, we have taken a wider approach at the enforcement of this principle. We have showed that secret suffrage may be enforced through law, code, norms, and even the market. Current regulations tend to be constrained because they resort to analogies with paper-based voting channels and fail to acknowledge the specificities of remote electronic voting. In contrast, we have examined the role played by (and the limitations of) asymmetric encryption, anonymization based on mix-nets or homomorphic tallying, and of multiple voting to enforce secret suffrage

Improving the Efficiency of Homomorphic Encryption Schemes

In this dissertation, we explore different approaches to practical homomorphic encryption schemes. For partial homomorphic encryption schemes, we observe that the versatility is the main bottleneck. To solve this problem, we propose general approaches to improve versatility of them by either extending the range of supported circuits or extending the message space. These general approaches can be applied to a wide range of partial HE schemes and greatly increase the number of applications that they support. For fully homomorphic encryption schemes, the slow running speed and the large ciphertext are the main challenges. Therefore, we propose efficient implementations as well as methods to compress the ciphertext. In detail, the Gentry Halevi FHE scheme and the LTV FHE scheme are implemented and the resulting performance shows significant improvement over previous works. For ciphertext compression, the concept of scheme conversion is proposed. Given a scheme converter, we can convert between schemes with compact ciphertext for communication and homomorphic schemes for computation

Secure Protocols for Privacy-preserving Data Outsourcing, Integration, and Auditing

As the amount of data available from a wide range of domains has increased tremendously in recent years, the demand for data sharing and integration has also risen. The cloud computing paradigm provides great flexibility to data owners with respect to computation and storage capabilities, which makes it a suitable platform for them to share their data. Outsourcing person-specific data to the cloud, however, imposes serious concerns about the confidentiality of the outsourced data, the privacy of the individuals referenced in the data, as well as the confidentiality of the queries processed over the data. Data integration is another form of data sharing, where data owners jointly perform the integration process, and the resulting dataset is shared between them. Integrating related data from different sources enables individuals, businesses, organizations and government agencies to perform better data analysis, make better informed decisions, and provide better services. Designing distributed, secure, and privacy-preserving protocols for integrating person-specific data, however, poses several challenges, including how to prevent each party from inferring sensitive information about individuals during the execution of the protocol, how to guarantee an effective level of privacy on the released data while maintaining utility for data mining, and how to support public auditing such that anyone at any time can verify that the integration was executed correctly and no participants deviated from the protocol. In this thesis, we address the aforementioned concerns by presenting secure protocols for privacy-preserving data outsourcing, integration and auditing. First, we propose a secure cloud-based data outsourcing and query processing framework that simultaneously preserves the confidentiality of the data and the query requests, while providing differential privacy guarantees on the query results. Second, we propose a publicly verifiable protocol for integrating person-specific data from multiple data owners, while providing differential privacy guarantees and maintaining an effective level of utility on the released data for the purpose of data mining. Next, we propose a privacy-preserving multi-party protocol for high-dimensional data mashup with guaranteed LKC-privacy on the output data. Finally, we apply the theory to the real world problem of solvency in Bitcoin. More specifically, we propose a privacy-preserving and publicly verifiable cryptographic proof of solvency scheme for Bitcoin exchanges such that no information is revealed about the exchange's customer holdings, the value of the exchange's total holdings is kept secret, and multiple exchanges performing the same proof of solvency can contemporaneously prove they are not colluding

Protocols for Secure Computation on Privately Encrypted Data in the Cloud

Cloud services provide clients with highly scalable network, storage, and computational resources. However, these service come with the challenge of guaranteeing the confidentiality of the data stored on the cloud. Rather than attempting to prevent adversaries from compromising the cloud server, we aim in this thesis to provide data confidentiality and secure computations in the cloud, while preserving the privacy of the participants and assuming the existence of a passive adversary able to access all data stored in the cloud. To achieve this, we propose several protocols for secure and privacy-preserving data storage in the cloud. We further show their applicability and scalability through their implementations. we first propose a protocol that would allow emergency providers access to privately encrypted data in the cloud, in the case of an emergency, such as medical records. Second, we propose various protocols to allow a querying entity to securely query privately encrypted data in the cloud while preserving the privacy of the data owners and the querying entity. We also present cryptographic and non-cryptographic protocols for secure private function evaluation in order to extend the functions applicable in the protocols