138 research outputs found
Vulnerabilities in first-generation RFID-enabled credit cards
Credit cards ; Radio frequency identification systems
On the Impossibility of Cryptography Alone for Privacy-Preserving Cloud Computing
Cloud computing denotes an architectural shift toward thin clients
and conveniently centralized provision of computing resources.
Clients’ lack of direct resource control in the cloud prompts concern
about the potential for data privacy violations, particularly
abuse or leakage of sensitive information by service providers. Cryptography is an oft-touted remedy. Among its most powerful primitives is fully homomorphic encryption (FHE), dubbed by some the
field’s “Holy Grail,” and recently realized as a fully functional construct with seeming promise for cloud privacy.
We argue that cryptography alone can’t enforce the privacy demanded
by common cloud computing services, even with such powerful
tools as FHE.We formally define a hierarchy of natural classes
of private cloud applications, and show that no cryptographic protocol
can implement those classes where data is shared among clients.
We posit that users of cloud services will also need to rely on other
forms of privacy enforcement, such as tamperproof hardware, distributed computing, and complex trust ecosystems
The Ring of Gyges: Investigating the Future of Criminal Smart Contracts
Thanks to their anonymity (pseudonymity) and elimination of trusted intermediaries, cryptocurrencies such as Bitcoin have created or stimulated growth in many businesses and communities. Unfortunately, some of these are criminal, e.g., money laundering, illicit marketplaces, and ransomware.
Next-generation cryptocurrencies such as Ethereum will include rich scripting languages in support of {\em smart contracts}, programs that autonomously intermediate transactions. In this paper, we explore the risk of smart contracts fueling new criminal ecosystems. Specifically, we show how what we call {\em criminal smart contracts} (CSCs) can facilitate leakage of confidential information, theft of cryptographic keys, and various real-world crimes (murder, arson, terrorism).
We show that CSCs for leakage of secrets (Ă la Wikileaks) are efficiently realizable in existing scripting languages such as that in Ethereum. We show that CSCs for theft of cryptographic keys can be achieved using primitives, such as Succinct Non-interactive ARguments of Knowledge (SNARKs), that are already expressible in these languages and for which efficient supporting language extensions are anticipated. We show similarly that authenticated data feeds, an emerging feature of smart contract systems, can facilitate CSCs for real-world crimes (e.g., property crimes).
Our results highlight the urgency of creating policy and technical safeguards against CSCs in order to realize the promise of smart contracts for beneficial goals
DECO: Liberating Web Data Using Decentralized Oracles for TLS
Thanks to the widespread deployment of TLS, users can access private data
over channels with end-to-end confidentiality and integrity. What they cannot
do, however, is prove to third parties the {\em provenance} of such data, i.e.,
that it genuinely came from a particular website. Existing approaches either
introduce undesirable trust assumptions or require server-side modifications.
As a result, the value of users' private data is locked up in its point of
origin. Users cannot export their data with preserved integrity to other
applications without help and permission from the current data holder.
We propose DECO (short for \underline{dec}entralized \underline{o}racle) to
address the above problems. DECO allows users to prove that a piece of data
accessed via TLS came from a particular website and optionally prove statements
about such data in zero-knowledge, keeping the data itself secret. DECO is the
first such system that works without trusted hardware or server-side
modifications.
DECO can liberate data from centralized web-service silos, making it
accessible to a rich spectrum of applications. To demonstrate the power of
DECO, we implement three applications that are hard to achieve without it: a
private financial instrument using smart contracts, converting legacy
credentials to anonymous credentials, and verifiable claims against price
discrimination.Comment: This is the extended version of the CCS'20 pape
HAIL: A High-Availability and Integrity Layer for Cloud Storage
We introduce HAIL (High-Availability and Integrity Layer), a distributed cryptographic system that permits a set of servers to prove to a client that a stored file is intact and retrievable. HAIL strengthens, formally unifies, and streamlines distinct approaches from the cryptographic and distributed-systems communities. Proofs in HAIL are efficiently computable by servers and highly compact---typically tens or hundreds of bytes, irrespective of file size. HAIL cryptographically verifies and reactively reallocates file shares. It is robust against an active, mobile adversary, i.e., one that may progressively corrupt the full set of servers. We propose a strong, formal adversarial model for HAIL, and rigorous analysis and parameter choices. We show how HAIL improves on the security and efficiency of existing tools, like Proofs of Retrievability (PORs) deployed on individual servers. We also report on a prototype implementation
PROPYLA: Privacy Preserving Long-Term Secure Storage
An increasing amount of sensitive information today is stored electronically
and a substantial part of this information (e.g., health records, tax data,
legal documents) must be retained over long time periods (e.g., several decades
or even centuries). When sensitive data is stored, then integrity and
confidentiality must be protected to ensure reliability and privacy. Commonly
used cryptographic schemes, however, are not designed for protecting data over
such long time periods. Recently, the first storage architecture combining
long-term integrity with long-term confidentiality protection was proposed
(AsiaCCS'17). However, the architecture only deals with a simplified storage
scenario where parts of the stored data cannot be accessed and verified
individually. If this is allowed, however, not only the data content itself,
but also the access pattern to the data (i.e., the information which data items
are accessed at which times) may be sensitive information. Here we present the
first long-term secure storage architecture that provides long-term access
pattern hiding security in addition to long-term integrity and long-term
confidentiality protection. To achieve this, we combine information-theoretic
secret sharing, renewable timestamps, and renewable commitments with an
information-theoretic oblivious random access machine. Our performance analysis
of the proposed architecture shows that achieving long-term integrity,
confidentiality, and access pattern hiding security is feasible.Comment: Few changes have been made compared to proceedings versio
Proofs of retrievability: theory and implementation,”
Abstract A proof of retrievability (POR) is a compact proof by a file system (prover) to a client (verifier) that a target file F is intact, in the sense that the client can fully recover it. As PORs incur lower communication complexity than transmission of F itself, they are an attractive building block for high-assurance remote storage systems. In this paper, we propose a theoretical framework for the design of PORs. Our framework improves the previously proposed POR constructions of Juels-Kaliski and Shacham-Waters, and also sheds light on the conceptual limitations of previous theoretical models for PORs. It supports a fully Byzantine adversarial model, carrying only the restriction-fundamental to all PORs-that the adversary's error rate be bounded when the client seeks to extract F . Our techniques support efficient protocols across the full possible range of , up to non-negligibly close to 1. We propose a new variant on the Juels-Kaliski protocol and describe a prototype implementation. We demonstrate practical encoding even for files F whose size exceeds that of client main memory
PIEs: Public Incompressible Encodings for Decentralized Storage
We present a new primitive supporting file replication in distributed storage networks (DSNs) called a Public Incompressible Encoding (PIE). PIEs operate in the challenging public DSN setting where files must be encoded and decoded with public randomness—i.e., without encryption—and retention of redundant data must be publicly verifiable. They prevent undetectable data compression, allowing DSNs to use monetary rewards or penalties in incentivizing economically rational servers to properly replicate data. Their definition also precludes critical, demonstrated attacks involving parallelism via ASICs and other custom hardware.
Our PIE construction is the first to achieve experimentally validated near-optimal performance—within a factor of 4 of optimal by one metric. It also allows decoding orders of magnitude faster than encoding, unlike other comparable constructions. We achieve this high security and performance using a graph construction called a Dagwood Sandwich Graph (DSaG), built from a novel interleaving of depth-robust graphs and superconcentrators.
PIEs\u27 performance makes them appealing for DSNs, such as the proposed Filecoin system and Ethereum data sharding. Conversely, their near-optimality establishes concerning bounds on the practical financial and energy costs of DSNs allowing arbitrary data
- …