Highly Efficient and Re-executable Private Function Evaluation with Linear Complexity

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Private function evaluation aims to securely compute a function f(x1, ... ; xn) without leaking any information other than what is revealed by the output, where f is a private input of one of the parties (say Party1) and xi is a private input of the i-th party Partyi. In this work, we propose a novel and secure two-party private function evaluation (2PFE) scheme based on the DDH assumption. Our scheme introduces a reusability feature that signi cantly improves the state-of-the-art. Accordingly, our scheme has two variants, one is utilized in the initial execution of the function f, and the other is utilized in its subsequent evaluations. To the best of our knowledge, this is the first and most efficient 2PFE scheme that enjoys a reusablity feature. Our protocols achieve linear communication and computation complexities and a constant number of rounds which is at most three

Anonymous RFID authentication for cloud services

Cloud computing is one of the fastest growing segments of IT industry since the users’ commitments for investment and operations are minimized, and costs are in direct relation to usage and demand. In general, cloud services are required to authenticate the user and most of the practical cloud services do not provide anonymity of the users. Namely, cloud provider can track the users easily, so privacy and authenticity are two critical aspects of security. Anonymous authentication is a technique enabling users to prove that they have privilege without disclosing real identities. This type of authentication can be useful especially in scenarios where it is sufficient to ensure the server that the claiming parties are indeed registered. Some motivating applications in the cloud for an anonymous authentication protocol are E-commerce, E-voting, E-library, Ecashand mobile agent applications. Many existing anonymous authentication protocols assume absolute trust to the cloud provider in which all private keys are stored. This trust may result in serious security and privacy issues in case of private key leakage from the cloud provider. In this paper, we propose forward secure anonymous and mutual authentication protocols using RFID technology for cloud services. These protocols avoid the trustworthiness to the cloud provider. Meaning that, even if the private keys are obtained from the corrupted tags or from the server owners of these tags cannot be traced from the past authentication actions. In fact, anonymity of the users will still be ensured even the private keys of tags are compromised

A Novel RFID Distance Bounding Protocol Based on Physically Unclonable Functions

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Radio Frequency Identification (RFID) systems are vulnerable to relay attacks (i.e., mafia, terrorist and distance frauds) when they are used for authentication purposes. Distance bounding protocols are particularly designed as a countermeasure against these attacks. These protocols aim to ensure that the tags are in a distant area by measuring the round-trip delays during a rapid challenge-response exchange of short authenticated messages. Terrorist fraud is the most challenging attack to avoid, because a legitimate user (a tag owner) collaborates with an attacker to defeat the authentication system. Many RFID distance bounding protocols have been proposed recently, with encouraging results. However, none of them provides the ideal security against the terrorist fraud. Motivated by this need, we first introduce a strong adversary model for Physically Unclonable Functions (PUFs) based authentication protocol in which the adversary has access to volatile memory of the tag. We show that the security of Sadeghi et al.’s PUF based authentication protocol is not secure in this model. We provide a new technique to improve the security of their protocol. Namely, in our scheme, even if an adversary has access to volatile memory she cannot obtain all long term keys to clone the tag. Next, we propose a novel RFID distance bounding protocol based on PUFs which satisfies the expected security requirements. Comparing to the previous protocols, the use of PUFs in our protocol enhances the system in terms of security, privacy and tag computational overhead. We also prove that our extended protocol with a final signature provides the ideal security against all those frauds, remarkably the terrorist fraud. Besides that, our protocols enjoy the attractive properties of PUFs, which provide the most cost efficient and reliable means to fingerprint chips based on their physical properties

Norwegian internet voting protocol revisited: ballot box and receipt generator are allowed to collude

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link. open access articleNorway experienced internet voting in 2011 and 2013 for municipal and parliamentary elections, respectively. Its security depends on the assumptions that the involving organizations are completely independent, reliable, and the receipt codes are securely sent to the voters. In this paper, we point out the following aspects: - The vote privacy of the Norwegian scheme is violated if Ballot Box and Receipt Generator cooperate because the private key of Decryption Service can be obtained by the two former players. We propose a solution to avoid this issue without adding new players. - To assure the correctness, the receipt codes are sent to the voters over a pre‐channel (postal service) and a post‐channel (Short Message Service [SMS]). However, by holding both SMS and the postal receipt code, a voter can reveal his vote even after the elections. Albeit revoting is a fairly well solution for coercion or concealment, intentional vote revealing is still a problem. We suggest SMS only for notification of vote submission. - In case the codes are falsely generated or the pre‐channel is not secure, a vote can be counted for a different candidate without detection. We propose a solution in which voters verify the integrity of the postal receipt codes

An efficient 2-party private function evaluation protocol based on half gates

Private function evaluation (PFE) is a special case of secure multi-party computation (MPC), where the function to be computed is known by only one party. PFE is useful in several real-life applications where an algorithm or a function itself needs to remain secret for reasons such as protecting intellectual property or security classification level. In this paper, we focus on improving 2-party PFE based on symmetric cryptographic primitives. In this respect, we look back at the seminal PFE framework presented by Mohassel and Sadeghian at Eurocrypt’13. We show how to adapt and utilize the well-known half gates garbling technique (Zahur et al., Eurocrypt’15) to their constant-round 2-party PFE scheme. Compared to their scheme, our resulting optimization significantly improves the efficiency of both the underlying Oblivious Evaluation of Extended Permutation (OEP) and secure 2-party computation (2PC) protocols, and yields a more than 40% reduction in overall communication cost (the computation time is also slightly decreased and the number of rounds remains unchanged)

Highly efficient and re-executable private function evaluation with linear complexity

Private function evaluation aims to securely compute a function f(x_1, x_n)f(x1,...,xn) without leaking any information other than what is revealed by the output, where ff is a private input of one of the parties (say Party_1Party1) and x_ixi is a private input of the iith party Party_iPartyi. In this article, we propose a novel and secure two-party private function evaluation (2PFE) scheme based on the DDH assumption. Our scheme introduces a reusability feature that significantly improves the state-of-the-art. Accordingly, our scheme has two variants, one is utilized in the initial execution of the function ff, and the other is utilized in its subsequent evaluations. To the best of our knowledge, this is the first and most efficient 2PFE scheme that enjoys a reusablity feature. Our protocols achieve linear communication and computation complexities and a constant number of rounds which is at most three

Towards Practical PFE: An Efficient 2-Party Private Function Evaluation Protocol Based on Half Gates

Private function evaluation (PFE) is a special case of secure multi-party computation (MPC), where the function to be computed is known by only one party. PFE is useful in several real-life settings where an algorithm or a function itself needs to remain secret due to its confidential classification or intellectual property. In this work, we look back at the seminal PFE framework presented by Mohassel and Sadeghian at Eurocrypt’13. We show how to adapt and utilize the well-known half gates garbling technique (Zahur et al., Eurocrypt’15) to their constant round 2-party PFE scheme. Compared to their scheme, our resulting optimization considerably improves the efficiency of both the underlying Oblivious Evaluation of Extended Permutation (OEP) and secure 2-party computation (2PC) protocol, and yields a more than 40% reduction in overall communication cost (the computation time is also slightly decreased, and the number of rounds remains unchanged)

k-strong privacy for radio frequency identification authentication protocols based on physically unclonable functions

This paper examines Vaudenay's privacy model, which is one of the first and most complete privacy models that featured the notion of different privacy classes. We enhance this model by introducing two new generic adversary classes, k-strong and k-forward adversaries where the adversary is allowed to corrupt a tag at most k times. Moreover, we introduce an extended privacy definition that also covers all privacy classes of Vaudenay's model. In order to achieve highest privacy level, we study low cost primitives such as physically unclonable functions (PUFs). The common assumption of PUFs is that their physical structure is destroyed once tampered. This is an ideal assumption because the tamper resistance depends on the ability of the attacker and the quality of the PUF circuits. In this paper, we have weakened this assumption by introducing a new definition k-resistant PUFs. k-PUFs are tamper resistant against at most k attacks; that is, their physical structure remains still functional and correct until at most kth physical attack. Furthermore, we prove that strong privacy can be achieved without public-key cryptography using k PUF-based authentication. We finally prove that our extended proposal achieves both reader authentication and k-strong privacy

Streptozosinle Diyabet Oluşturulmuş Sıçanlarda Düşük ve Yüksek Doz Sugammadeksin Eritrosit Deformabilitesi Üzerine Etkisi

Amaç: Eritrosit deformabilitesi eritrosit membranının özel yapısı ile ilgili bir fonksiyon olup, hücrenin dağılmadan oksijen taşımasına olanak sağlar. Diyabette görülen bozulmuş eritrosit deformabilitesi eritrosit agregasyonu ve mikrovasküler düzeydeki dolaşım bozukluğunun etkenlerinden biridir. Bu çalışmada sıçanlarda streptozosinle indüklenen diyabette yüksek ve düşük doz sugammadeksin eritrosit deformabilitesi üzerindeki etkisini araştırmayı amaçladık. Yöntemler: Ağırlıkları 225-300 gram arasında değişen 24 erkek Wistar albino sıçan rasgele 4 gruba ayrıldı. Grup K (kontrol; n=6), Grup DK (diyabet kontrol; n=6), Grup DR-16S (diyabet-rokuronyum-16mg sugamadeks; n=6) ve Grup DR96S (diyabet- rokuronyum-96mg sugammadeks; n=6). Kontrol ve diyabet gruplarındaki sıçanlara aynı hacimde %0.9 NaCl verildi. Diyabet oluşturmak için tek intraperitoneal enjeksiyonla 55 mg.kg-1 streptozosin (Sigma Chemical, St. Louis, MO, USA) uygulandı. Hayvanlar 30 gün süre ile izlendi ve takip süresinin sonunda kan örneklerinden eritrosit deformabilitesi ölçümü yapıldı. Bulgular: Kontrol grubundaki serum glukoz düzeyi DK, DR-16S ve DR-96S gruplarındakilerden anlamlı olarak düşük bulundu (p<0.0001). Diyabet oluşturulan sıçanlarda deformabilite indeksi anlamlı düzeyde yüksek bulundu (p<0.0001). Eritrosit deformabilitesi DR-96S grubunda Kontrol ve DK gruplarındakinden anlamlı olarak yüksek bulundu (p<0.0001 ve p=0.028). Sonuç: Bu çalışmada diyabetik sıçanlarda düşük doz sugammadeksin güvenli olduğunu gösterdik. Çalışmamazın sonuçları sugammadeksin eritrosit deformabilitesi ve mikro/makrosirkülasyon üzerindeki etkilerini araştıracak insan ve hayvan çalışmaları için yol gösterici olabilirObjective: Erythrocyte deformability is a function of specially designed erythrocyte membrane properties and allows for the oxygen delivery without cell fragmentation. Impaired erythrocyte deformability in diabetes is one of the suspected factors that result in erythrocyte aggregation and the microvascular circulatory arrest. In this study, we aimed to investigate low versus high doses of sugammadex on erythrocyte deformability in streptozototocin-induced diabetic rats. Methods: Twenty-four male Wistar albino rats weighing between 225 and 300 gr were randomly divided into 4 groups. Group C (control; n=6), Group DC (diabetes sugammadex; n=6) and Group DR-96S (diabetes- rocuronium-96mg sugammadex; n=6). Rats in control and diabetes groups received a 0.9% NaCl solution at the same volume. Diabetes was induced by a single IP injection of streptozotocin (Sigma Chemical, St. Louis, MO, USA) at a dose of 55 mg.kg-1 body weight, and animals were kept alive for 30 days. At the end of the follow-up period animals' erythrocyte deformability was measured from blood samples. Results: Serum glucose was significantly lower in Group C as compared to Groups DC, DR-16S and DR-96S (p&lt;0.0001). The deformability index was significantly increased in the diabetic rats (p&lt;0.0001). It was significantly increased in Group DR-96S as compared to Group C and DC (p&lt;0.0001, p=0.028, respectively). Conclusion: In this study, we showed the safety profile of low dose sugammadex in diabetic rats in terms of the erythrocyte deformability. Our findings may lead to future animal and human studies investigating sugammadex effects on erythrocyte deformability and micro/macrovascular circulatio