Efficient signature verification and key revocation using identity based cryptography

Cryptography deals with the development and evaluation of procedures for securing digital information. It is essential whenever multiple entities want to communicate safely. One task of cryptography concerns digital signatures and the verification of a signer’s legitimacy requires trustworthy authentication and authorization. This is achieved by deploying cryptographic keys. When dynamic membership behavior and identity theft come into play, revocation of keys has to be addressed. Additionally, in use cases with limited networking, computational, or storage resources, efficiency is a key requirement for any solution. In this work we present a solution for signature verification and key revocation in constraned environments, e.g., in the Internet of Things (IoT). Where other mechanisms generate expensive overheads, we achieve revocation through a single multicast message without significant computational or storage overhead. Exploiting Identity Based Cryptography (IBC) complements the approach with efficient creation and verification of signatures. Our solution offers a framework for transforming a suitable signature scheme to a so-called Key Updatable Signature Scheme (KUSS) in three steps. Each step defines mathematical conditions for transformation and precise security notions. Thereby, the framework allows a novel combination of efficient Identity Based Signature (IBS) schemes with revocation mechanisms originally designed for confidentiality in group communications. Practical applicability of our framework is demonstrated by transforming four well-established IBS schemes based on Elliptic Curve Cryptography (ECC). The security of the resulting group Identity Based Signature (gIBS) schemes is carefully analyzed with techniques of Provable Security. We design and implement a testbed for evaluating these kind of cryptographic schemes on different computing- and networking hardware, typical for constrained environments. Measurements on this testbed provide evidence that the transformations are practicable and efficient. The revocation complexity in turn is significantly reduced compared to existing solutions. Some of our new schemes even outperform the signing process of the widely used Elliptic Curve Digital Signature Algorithm (ECDSA). The presented transformations allow future application on schemes beyond IBS or ECC. This includes use cases dealing with Post-Quantum Cryptography, where the revocation efficiency is similarly relevant. Our work provides the basis for such solutions currently under investigation.Die Kryptographie ist ein Instrument der Informationssicherheit und beschäftigt sich mit der Entwicklung und Evaluierung von Algorithmen zur Sicherung digitaler Werte. Sie ist für die sichere Kommunikation zwischen mehreren Entitäten unerlässlich. Ein Bestandteil sind digitale Signaturen, für deren Erstellung man kryptographische Schlüssel benötigt. Bei der Verifikation muss zusätzlich die Authentizität und die Autorisierung des Unterzeichners gewährleistet werden. Dafür müssen Schlüssel vertrauensvoll verteilt und verwaltet werden. Wenn sie in Kommunikationssystemen mit häufig wechselnden Teilnehmern zum Einsatz kommen, müssen die Schlüssel auch widerruflich sein. In Anwendungsfällen mit eingeschränkter Netz-, Rechen- und Speicherkapazität ist die Effizienz ein wichtiges Kriterium. Diese Arbeit liefert ein Rahmenwerk, mit dem Schlüssel effizient widerrufen und Signaturen effizient verifiziert werden können. Dabei fokussieren wir uns auf Szenarien aus dem Bereich des Internets der Dinge (IoT, Internet of Things). Im Gegensatz zu anderen Lösungen ermöglicht unser Ansatz den Widerruf von Schlüsseln mit einer einzelnen Nachricht innerhalb einer Kommunikationsgruppe. Dabei fällt nur geringer zusätzlicher Rechen- oder Speicheraufwand an. Ferner vervollständigt die Verwendung von Identitätsbasierter Kryptographie (IBC, Identity Based Cryptography) unsere Lösung mit effizienter Erstellung und Verifikation der Signaturen. Hierfür liefert die Arbeit eine dreistufige mathematische Transformation von geeigneten Signaturverfahren zu sogenannten Key Updatable Signature Schemes (KUSS). Neben einer präzisen Definition der Sicherheitsziele werden für jeden Schritt mathematische Vorbedingungen zur Transformation festgelegt. Dies ermöglicht die innovative Kombination von Identitätsbasierten Signaturen (IBS, Identity Based Signature) mit effizienten und sicheren Mechanismen zum Schlüsselaustausch, die ursprünglich für vertrauliche Gruppenkommunikation entwickelt wurden. Wir zeigen die erfolgreiche Anwendung der Transformationen auf vier etablierten IBSVerfahren. Die ausschließliche Verwendung von Verfahren auf Basis der Elliptic Curve Cryptography (ECC) erlaubt es, den geringen Kapazitäten der Zielgeräte gerecht zu werden. Eine Analyse aller vier sogenannten group Identity Based Signature (gIBS) Verfahren mit Techniken aus dem Forschungsgebiet der Beweisbaren Sicherheit zeigt, dass die zuvor definierten Sicherheitsziele erreicht werden. Zur praktischen Evaluierung unserer und ähnlicher kryptographischer Verfahren wird in dieser Arbeit eine Testumgebung entwickelt und mit IoT-typischen Rechen- und Netzmodulen bestückt. Hierdurch zeigt sich sowohl die praktische Anwendbarkeit der Transformationen als auch eine deutliche Reduktion der Komplexität gegenüber anderen Lösungsansätzen. Einige der von uns vorgeschlagenen Verfahren unterbieten gar die Laufzeiten des meistgenutzten Elliptic Curve Digital Signature Algorithm (ECDSA) bei der Erstellung der Signaturen. Die Systematik der Lösung erlaubt prinzipiell auch die Transformation von Verfahren jenseits von IBS und ECC. Dadurch können auch Anwendungsfälle aus dem Bereich der Post-Quanten-Kryptographie von unseren Ergebnissen profitieren. Die vorliegende Arbeit liefert die nötigen Grundlagen für solche Erweiterungen, die aktuell diskutiert und entwickelt werden

Reducing 2-qubit gate count for ZX-calculus based quantum circuit optimization

In the near term, programming quantum computers will remain severely limited by low quantum volumes. Therefore, it is desirable to implement quantum circuits with the fewest resources possible. For the common Clifford+T circuits, most research is focused on reducing the number of T gates, since they are an order of magnitude more expensive than Clifford gates in quantum error corrected encoding schemes. However, this optimization sometimes leads to more 2-qubit gates, which, even though they are less expensive in terms of fault-tolerance, contribute significantly to the overall circuit cost. Approaches based on the ZX-calculus have recently gained some popularity in the field, but reduction of 2-qubit gates is not their focus. In this work, we present an alternative for improving 2-qubit gate count of a quantum circuit with the ZX-calculus by using heuristics in ZX-diagram simplification. Our approach maintains the good reduction of the T gate count provided by other strategies based on ZX-calculus, thus serving as an extension for other optimization algorithms. Our results show that combining the available ZX-calculus-based optimizations with our algorithms can reduce the number of 2-qubit gates by as much as 40 % compared to current approaches using ZX-calculus. Additionally, we improve the results of the best currently available optimization technique of Nam et. al [22] for some circuits by up to 15 %

A Secure Cell-Attachment Procedure of LDACS

In Europe the SESAR air traffic management master plan foresees the introduction of several modern digital data links for aeronautical communications. The candidate for long-range continental communication is LDACS. LDACS is a cellular, ground-based digital communications system for flight guidance and communications related to the safety and regularity of flight. Hence, the aeronautical standards for cybersecurity of the link layer and the network layer apply. In previous works, threat- and risk analyses of LDACS were conducted, a draft for an LDACS cybersecurity architecture was introduced, algorithms proposed, and the security of the STS-based MAKE procedure of LDACS formally verified. However, options for cipher-suites and certificate management for LDACS are still missing. This paper proposes a cell-attachment procedure which establishes a secure LDACS communication channel between an aircraft and corresponding ground-station upon cell-entry of the aircraft that addresses these shortcomings. It introduces a full cell-attachment protocol including cipher-suites and certificate revocation for LDACS

Security in Digital Aeronautical Communications A Comprehensive Gap Analysis

Aeronautical communications still heavily depend on analog radio systems, despite the fact that digital communication has been introduced to aviation in the 1990's. Since then, the digitization of civil aviation has been continued, as considerable pressure to rationalize the aeronautical spectrum has built up. In any modern digital communications system, the threat of digital attacks needs to be considered carefully. This is especially true for safety-critical infrastructure, which aviation's operational communication services clearly are. In this article, we reverse the traditional approach in the aeronautical industry of looking at a system from the safety perspective and assume a security-oriented point of view. We use the lens of security properties to review the requirements and specifications of aeronautical communications infrastructure as of 2021 and observe that most standards lack cybersecurity as a key requirement. Furthermore, we review the academic literature to identify possible solutions for the lack of cybersecurity measures in aeronautical communications system. We observe that most systems have been thoroughly analyzed within the academic security community, some for decades even, with many papers proposing concrete solutions to missing cybersecurity features. We conclude that there is a systematic problem in the design process of aeronautical communication systems. We provide a list of eight key findings and recommendations to improve the process of specifying such systems in a secure manner

Covid-19 triage in the emergency department 2.0: how analytics and AI transform a human-made algorithm for the prediction of clinical pathways

The Covid-19 pandemic has pushed many hospitals to their capacity limits. Therefore, a triage of patients has been discussed controversially primarily through an ethical perspective. The term triage contains many aspects such as urgency of treatment, severity of the disease and pre-existing conditions, access to critical care, or the classification of patients regarding subsequent clinical pathways starting from the emergency department. The determination of the pathways is important not only for patient care, but also for capacity planning in hospitals. We examine the performance of a human-made triage algorithm for clinical pathways which is considered a guideline for emergency departments in Germany based on a large multicenter dataset with over 4,000 European Covid-19 patients from the LEOSS registry. We find an accuracy of 28 percent and approximately 15 percent sensitivity for the ward class. The results serve as a benchmark for our extensions including an additional category of palliative care as a new label, analytics, AI, XAI, and interactive techniques. We find significant potential of analytics and AI in Covid-19 triage regarding accuracy, sensitivity, and other performance metrics whilst our interactive human-AI algorithm shows superior performance with approximately 73 percent accuracy and up to 76 percent sensitivity. The results are independent of the data preparation process regarding the imputation of missing values or grouping of comorbidities. In addition, we find that the consideration of an additional label palliative care does not improve the results

Quantum Shift Scheduling - A Comparison to Classical Approaches

Solving discrete optimization problems with constraints is a very common task in industry and research as it is fundamental in solving many planning tasks. In this paper we will look at an instance of a time table problem for generating shift schedules at the German Space Operation Center (GSOC). We describe the implementation of a quantum approach and compare the differences to classical optimization strategies, knowing that the problem sizes given to the quantum systems are not competitive yet. By doing so we are establishing a software chain that is able to map our problem to different physical systems which paves the way to problem solving as a hybrid solution where sub-problems are distributed among classical and quantum hardware. In this study we included three approaches to tackle the described problem. For the quantum part, we included a programmatically generated quantum circuit that yields a solution to a (sub) problem using Grovers algorithm, able to be run on any general quantum computer with sufficiently many qubits of sufficiently high quality. On the classical side, as a validation and benchmark reference, we use a heuristic search method, implemented by GSOCs own planning tool set Plato and PINTA (Lenzen et al. 2012; Nibler et al. 2021) as well as a constraint integer programming formulation solved by an external software framework, such as e. g. GLPK or SCIP (Gamrath et al. 2020). This paper builds on and extends results from (Scherer et al. 2021)

OnCall Operator Scheduling for Satellites with Grover's Algorithm

The application of quantum algorithms on some problems in NP promises a significant reduction of time complexity. This work uses Grover's Algorithm, designed to search an unstructured database with quadratic speedup, to find valid a solution for an instance of the on-call operator scheduling problem at the German Space Operation Center. We explore new approaches in encoding the problem and construct the Grover oracle automatically from the given constraints and independent of the problem size. Our solution is not designed for currently available quantum chips but aims to scale with their growth in the next years

Diet-ESP: IP layer security for IoT

International audienceThe number of devices connected through the Internet of Things (IoT) will significantly grow in the next few years while security of their interconnections is going to be a major challenge. For many devices in IoT scenarios, the necessary resources to send and receive bytes are extremely high and when such devices are powered with battery the amount of exchanged bytes directly impacts their life time. As a result, compression of existing protocols is a widely accepted technique to make IoT benefit from the protocols developed over the last decades. This paper presents ESP Header Compression (EHC), a framework that enables compression of packets protected with Encapsulating Security Payload (ESP). EHC is composed of EHC Rules, targeting the compression of a specific field and organized according to EHC Strategies. Further, the paper presents Diet-ESP, an EHC Strategy that highly reduces the networking overhead of ESP packets to address the IoT security and bandwidth requirements. Diet-ESP results in sending fewer bytes over the network which in turn reduces the number of required radio frames and thus battery consumption. For example, 10 byte application data on IEEE 802.15.4 radio networks secured with the standard ESP requires sending an additional frame, resulting into a 95% energy overhead compared to the unprotected data. In contrast, Diet-ESP results only in a 3% overhead compared to unprotected data. Diet-ESP remains fully security compliant to ESP and performs better than any other compression framework as far as ESP is considered. However, as some compression needs to be performed inside the ESP stack the implementation of EHC requires modifying the ESP protoco