Controlled Data Sharing for Collaborative Predictive Blacklisting

Although sharing data across organizations is often advocated as a promising way to enhance cybersecurity, collaborative initiatives are rarely put into practice owing to confidentiality, trust, and liability challenges. In this paper, we investigate whether collaborative threat mitigation can be realized via a controlled data sharing approach, whereby organizations make informed decisions as to whether or not, and how much, to share. Using appropriate cryptographic tools, entities can estimate the benefits of collaboration and agree on what to share in a privacy-preserving way, without having to disclose their datasets. We focus on collaborative predictive blacklisting, i.e., forecasting attack sources based on one's logs and those contributed by other organizations. We study the impact of different sharing strategies by experimenting on a real-world dataset of two billion suspicious IP addresses collected from Dshield over two months. We find that controlled data sharing yields up to 105% accuracy improvement on average, while also reducing the false positive rate.Comment: A preliminary version of this paper appears in DIMVA 2015. This is the full version. arXiv admin note: substantial text overlap with arXiv:1403.212

Privacy-Preserving Trust Management Mechanisms from Private Matching Schemes

Cryptographic primitives are essential for constructing privacy-preserving communication mechanisms. There are situations in which two parties that do not know each other need to exchange sensitive information on the Internet. Trust management mechanisms make use of digital credentials and certificates in order to establish trust among these strangers. We address the problem of choosing which credentials are exchanged. During this process, each party should learn no information about the preferences of the other party other than strictly required for trust establishment. We present a method to reach an agreement on the credentials to be exchanged that preserves the privacy of the parties. Our method is based on secure two-party computation protocols for set intersection. Namely, it is constructed from private matching schemes.Comment: The material in this paper will be presented in part at the 8th DPM International Workshop on Data Privacy Management (DPM 2013

Secure set-based policy checking and its application to password registration

Policies are the corner stones of today's computer systems. They define secure states and safe operations. A common problem with policies is that their enforcement is often in con ict with user privacy. In order to check the satisfiability of a policy, a server usually needs to collect from a client some information which may be private. In this work we introduce the notion of secure set-based policy checking (SPC) that allows the server to verify policies while preserving the client's privacy. SPC is a generic protocol that can be applied in many policy-based systems. As an example, we show how to use SPC to build a password registration protocol so that a server can check whether a client's password is compliant with its password policy without seeing the password. We also analyse SPC and the password registration protocol and provide security proofs. To demonstrate the practicality of the proposed primitives, we report performance evaluation results based on a prototype implementation of the password registration protoco

Flexible and Robust Privacy-Preserving Implicit Authentication

Implicit authentication consists of a server authenticating a user based on the user's usage profile, instead of/in addition to relying on something the user explicitly knows (passwords, private keys, etc.). While implicit authentication makes identity theft by third parties more difficult, it requires the server to learn and store the user's usage profile. Recently, the first privacy-preserving implicit authentication system was presented, in which the server does not learn the user's profile. It uses an ad hoc two-party computation protocol to compare the user's fresh sampled features against an encrypted stored user's profile. The protocol requires storing the usage profile and comparing against it using two different cryptosystems, one of them order-preserving; furthermore, features must be numerical. We present here a simpler protocol based on set intersection that has the advantages of: i) requiring only one cryptosystem; ii) not leaking the relative order of fresh feature samples; iii) being able to deal with any type of features (numerical or non-numerical). Keywords: Privacy-preserving implicit authentication, privacy-preserving set intersection, implicit authentication, active authentication, transparent authentication, risk mitigation, data brokers.Comment: IFIP SEC 2015-Intl. Information Security and Privacy Conference, May 26-28, 2015, IFIP AICT, Springer, to appea

Non-supersymmetric Extremal RN-AdS Black Holes in N=2 Gauged Supergravity

We investigate extremal Reissner-Nordstrom-AdS black holes in four-dimensional N=2 abelian gauged supergravity. We find a new attractor equation which is not reduced to the one in the asymptotically flat spacetime. Focusing on so-called the T^3-model with a single neutral vector multiplet, we obtain non-supersymmetric extremal Reissner-Nordstrom-AdS black hole solutions with regular event horizon in the D0-D4 and the D2-D6 charge configurations. The negative cosmological constant emerges even without the Fayet-Iliopoulos parameters. Furthermore, we also argue the formal description of the non-supersymmetric black hole solutions of the T^3-model and the STU-model in generic configurations.Comment: 23 pages, accepted version in JHE

Combining Private Set-Intersection with Secure Two-Party Computation

Private Set-Intersection (PSI) is one of the most popular and practically relevant secure two-party computation (2PC) tasks. Therefore, designing special-purpose PSI protocols (which are more efficient than generic 2PC solutions) is a very active line of research. In particular, a recent line of work has proposed PSI protocols based on oblivious transfer (OT) which, thanks to recent advances in OT-extension techniques, is nowadays a very cheap cryptographic building block. Unfortunately, these protocols cannot be plugged into larger 2PC applications since in these protocols one party (by design) learns the output of the intersection. Therefore, it is not possible to perform secure post-processing of the output of the PSI protocol. In this paper we propose a novel and efficient OT-based PSI protocol that produces an encrypted output that can therefore be later used as an input to other 2PC protocols. In particular, the protocol can be used in combination with all common approaches to 2PC including garbled circuits, secret sharing and homomorphic encryption. Thus, our protocol can be combined with the right 2PC techniques to achieve more efficient protocols for computations of the form $z=f(X\cap Y)$ for arbitrary functions $f$

Paying the Guard: An Entry-Guard-Based Payment System for Tor

When choosing the three relays that compose a circuit, Tor selects the first hop among a restricted number of relays called entry guards, pre-selected by the user himself. The reduced number of entry guards, that until recently was fixed to three, helps in mitigating the effects of several traffic analysis attacks. However, recent literature indicates that the number should be further reduced, and the time during which the user keeps the relays as guards increased. Therefore, developers of Tor recently proposed selecting only one entry guard, which is to be used by the user for all circuits and for a prolonged period of time (nine months). While this design choice was made to increase the security of the protocol, it also opens an unprecedented opportunity for a market mechanism where relays get paid for traffic by the users. In this paper, we propose to use the entry guard as the point-of-sale: users subscribe to their entry guard of choice, and deposit an amount that will be used for paying for the circuits. From the entry guard, income is then distributed to the other relays included in circuits through an inter-relay accounting system. While the user may pay the entry guard using BitCoins, or any other anonymous payment system, the relays exchange I Owe You (IOU) certificates during communication, and settle their balances only at synchronized, later points in time. This novel deferred payment approach overcomes the weaknesses of the previously proposed Tor payment mechanisms: we separate the user’s payment from the inter-relay payments, and we effectively unlink both from the chosen path, thus preserving the secrecy of the circuit

On renormalization group flows and the a-theorem in 6d

We study the extension of the approach to the a-theorem of Komargodski and Schwimmer to quantum field theories in d=6 spacetime dimensions. The dilaton effective action is obtained up to 6th order in derivatives. The anomaly flow a_UV - a_IR is the coefficient of the 6-derivative Euler anomaly term in this action. It then appears at order p^6 in the low energy limit of n-point scattering amplitudes of the dilaton for n > 3. The detailed structure with the correct anomaly coefficient is confirmed by direct calculation in two examples: (i) the case of explicitly broken conformal symmetry is illustrated by the free massive scalar field, and (ii) the case of spontaneously broken conformal symmetry is demonstrated by the (2,0) theory on the Coulomb branch. In the latter example, the dilaton is a dynamical field so 4-derivative terms in the action also affect n-point amplitudes at order p^6. The calculation in the (2,0) theory is done by analyzing an M5-brane probe in AdS_7 x S^4. Given the confirmation in two distinct models, we attempt to use dispersion relations to prove that the anomaly flow is positive in general. Unfortunately the 4-point matrix element of the Euler anomaly is proportional to stu and vanishes for forward scattering. Thus the optical theorem cannot be applied to show positivity. Instead the anomaly flow is given by a dispersion sum rule in which the integrand does not have definite sign. It may be possible to base a proof of the a-theorem on the analyticity and unitarity properties of the 6-point function, but our preliminary study reveals some difficulties.Comment: 41 pages, 5 figure

The Tensor Hierarchies of Pure N=2,d=4,5,6 Supergravities

We study the supersymmetric tensor hierarchy of pure (gauged) N=2,d=4,5,6 supergravity and compare them with those of the pure, ungauged, theories (worked out by Gomis and Roest for d=5) and the predictions of the Kac-Moody approach made by Kleinschmidt and Roest. We find complete agreement in the ungauged case but we also find that, after gauging, new Stueckelberg symmetries reduce the number of independent "physical" top-forms. The analysis has to be performed to all orders in fermion fields. We discuss the construction of the worldvolume effective actions for the p-branes which are charged with respect to the (p+1)-form potentials and the relations between the tensor hierarchies and p-branes upon dimensional reduction.Comment: LaTeX2e file, 20 pages, 1 figure Results refined by extension of the analysis to all orders in fermion