Attribute-Based Signatures

We introduce Attribute-Based Signatures (ABS), a versatile primitive that allows a party to sign a message with fine-grained control over identifying information. In ABS, a signer, who possesses a set of attributes from the authority, can sign a message with a predicate that is satisfied by his attributes. The signature reveals no more than the fact that a single user with some set of attributes satisfying the predicate has attested to the message. In particular, the signature hides the attributes used to satisfy the predicate and any identifying information about the signer (that could link multiple signatures as being from the same signer). Furthermore, users cannot collude to pool their attributes together. We give a general framework for constructing ABS schemes, then show several practical instantia-tions based on groups with bilinear pairing operations, under standard assumptions. We describe several practical problems that motivated this work, and how ABS can be used to solve them

Practical secure evaluation of semiprivate functions

Two-party Secure Function Evaluation (SFE) is a very useful cryptographic tool which allows two parties to evaluate a function known to both parties on their private (secret) inputs. Some applications with sophisticated privacy needs require the function to be known only to one party and kept private (hidden) from the other one. However, existing solutions for SFE of private functions (PF-SFE) deploy Universal Circuits (UC) and are still very ine cient in practice. In this paper we bridge the gap between SFE and PF-SFE with SFE of what we call semi-private functions (SPF-SFE), i.e., one function out of a given class of functions is evaluated without revealing which one. We present a general framework for SPF-SFE allowing a ne-grained trade-o and tuning between SFE and PF-SFE covering both extremes. In our framework, semiprivate functions can be composed from several privately programmable blocks (PPB) which can be programmed with one function out of a class of functions. The framework allows e cient and secure embedding of constants into the resulting circuit to improve performance. To demonstrate practicability of the framework we have implemented a compiler for SPF-SFE based on the Fairplay SFE framework. SPF-SFE is su cient for many practically relevant privacy-preserving applications, such as privacy-preserving credit checking which can be implemented using our framework and compiler as described in the paper

Advanced Social Features in a Recommendation System for Process Modeling

Social software is known to stimulate the exchange and sharing of information among peers. This paper describes how all existing system that supports process builders in completing a business process call be enhanced with various social Features. In that way, it is easier for process modeler to become aware of new related content. They call use that content to create, update or extend process models that, they are building themselves. The proposed way of achieving this is to allow users to generate and modify personalized views oil the social networks they are part, of. Furthermore, this paper describes mechanisms for propagating relevant changes between peers in such social networks. The presented work is particularly relevant in the context of enterprises that have already built large repositories of process models

Secure and efficient protocols for iris and fingerprint identification

Recent advances in biometric recognition and the increasing use of biometric data prompt significant privacy challenges associated with the possible misuse, loss or theft, of biometric data. Biometric matching isoftenperformedbytwomutuallysuspiciousparties, one ofwhichholdsone biometric image while the other owns a possibly large biometric collection. Due to privacy and liability considerations, neither party is willing to share its data. This gives rise to the need to develop secure computation techniques over biometric data where no information is revealed to the parties except theoutcomeofthecomparisonorsearch. To address the problem, in this work we develop and implement the first privacy-preserving identification protocol for iris codes. We also design and implement a secure protocol for fingerprint identification based on FingerCodes with a substantial improvement in the performance compared to existing solutions. We show that new techniques and optimizations employed in this work allow us to achieve particularly efficient protocols suitable for large data sets and obtain notable performance gain compared to the state-of-the-art prior work

Efficient and Optimally Secure In-Network Aggregation in Wireless Sensor Networks

In many wireless sensor network applications, the data collectionsink (base station) needs to find the aggregated statistics of thenetwork. Readings from sensor nodes are aggregated at intermediate nodes to reduce the communication cost. However, the previous optimally secure in-network aggregation protocols against multiple corrupted nodes require two round-trip communications between each node andthe base station, including the result-checking phase whose congestion is O(log n) where n is the total number of sensor nodes. In this paper, we propose an efficient and optimally secure sensor network aggregation protocol against multiple corrupted nodes by a weak adversary. Our protocol achieves one round-trip communication to satisfy optimal security without the result-checking phase, by conducting aggregation along with the verification, based on the idea of TESLA technique. Furthermore, we show that the congestion is constant. This means that our protocol suits large-scale wireless sensor networks.The 11th International Workshop on Information Security Applications. WISA 2010, Jeju Island, Korea, August 24-26, 2010