Universally composable zero-knowledge protocol using trusted platform modules

Cryptographic protocols that are established as secure in the Universally Composable (UC) model of security provide strong security assurances even when run in complex environments. Unfortunately, in order to achieve such strong security properties, UC protocols are often impractical, and most non-trivial two-party protocols cannot be secure in the UC model without some sort of external capability (or "setup assumption") being introduced. Recent work by Hofheinz et al provided an important breakthrough in designing realistic universally composable two party protocols, in which they use trusted, tamper proof hardware as a special type of helping functionality which they call a catalyst. Hofheinz et al. use government issued signature cards as a catalyst to design universally composable protocols for zero-knowledge proofs and commitments, but did not give a complete security proof for either protocol. In this thesis, we consider another form of security hardware, Trusted Platform Modules (TPMs), which are more widespread than signature cards and are currently shipped as a part of almost every business laptop or desktop. Trusted Module Platforms are tamper evident devices which support cryptographic functionalities including digital signatures, but have a different key management model from signature cards. In this thesis we consider TPMs as catalysts and describe a universally composable zero knowledge protocol using Trusted Platform Modules. We also present a complete security proof for both the Hofheinz's universally composable zero knowledge protocol from signature cards and our universally composable zero knowledge protocol using TPMs as a catalyst

Universally composable end-to-end secure messaging

CNS-1718135 - National Science Foundation; CNS-1801564 - National Science Foundation; CNS-1931714 - National Science Foundation; CNS-1915763 - National Science Foundation; HR00112020021 - Department of Defense/DARPA; 000000000000000000000000000000000000000000000000000000037211 - SRI Internationalhttps://eprint.iacr.org/2022/376.pdfAccepted manuscrip

Authentication and authorisation in entrusted unions

This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two pilot studies in two different domains, viz, Bio-security incident management and Ambient Assisted Living (eHealth). Interim results in terms of security requirements, privacy preserving authentication, and authorisation are reported

Universally composable and customizable post-processing for practical quantum key distribution

In quantum key distribution (QKD), a secret key is generated between two distant parties by transmitting quantum states. Experimental measurements on the quantum states are then transformed to a secret key by classical post-processing. Here, we propose a construction framework in which QKD classical post-processing can be custom made. Though seemingly obvious, the concept of concatenating classical blocks to form a whole procedure does not automatically apply to the formation of a quantum cryptographic procedure since the security of the entire QKD procedure rests on the laws of quantum mechanics and classical blocks are originally designed and characterized without regard to any properties of these laws. Nevertheless, we justify such concept of concatenating classical blocks in constructing QKD classical post-processing procedures, along with a relation to the universal-composability-security parameter. Consequently, effects arising from an actual QKD experiment, such as those due to the finiteness of the number of signals used, can be dealt with by employing suitable post-processing blocks. Lastly, we use our proposed customizable framework to build a comprehensive generic recipe for classical post-processing that one can follow to derive a secret key from the measurement outcomes in an actual experiment. © 2010 Elsevier Ltd. All rights reserved.postprin

A high-speed multi-protocol quantum key distribution transmitter based on a dual-drive modulator

We propose a novel source based on a dual-drive modulator that is adaptable and allows Alice to choose between various practical quantum key distribution (QKD) protocols depending on what receiver she is communicating with. Experimental results show that the proposed transmitter is suitable for implementation of the Bennett and Brassard 1984 (BB84), coherent one-way (COW) and differential phase shift (DPS) protocols with stable and low quantum bit error rate. This could become a useful component in network QKD, where multi-protocol capability is highly desirable.Comment: 15 pages, 7 figure