177 research outputs found
Certificate Transparency with Enhancements and Short Proofs
Browsers can detect malicious websites that are provisioned with forged or
fake TLS/SSL certificates. However, they are not so good at detecting malicious
websites if they are provisioned with mistakenly issued certificates or
certificates that have been issued by a compromised certificate authority.
Google proposed certificate transparency which is an open framework to monitor
and audit certificates in real time. Thereafter, a few other certificate
transparency schemes have been proposed which can even handle revocation. All
currently known constructions use Merkle hash trees and have proof size
logarithmic in the number of certificates/domain owners.
We present a new certificate transparency scheme with short (constant size)
proofs. Our construction makes use of dynamic bilinear-map accumulators. The
scheme has many desirable properties like efficient revocation, low
verification cost and update costs comparable to the existing schemes. We
provide proofs of security and evaluate the performance of our scheme.Comment: A preliminary version of the paper was published in ACISP 201
Combatting electoral traces: the Dutch tempest discussion and beyond
In the Dutch e-voting debate, the crucial issue leading to the abandonment of all electronic voting machines was compromising radiation, or tempest. Other countries, however, do not seem to be bothered by this risk. In this paper, we use actor-network theory to analyse the socio-technical origins of the Dutch tempest issue in e-voting, and its consequences for e-voting beyond the Netherlands. We introduce the term electoral traces to denote any physical, digital or social evidence of a voter's choices in an election. From this perspective, we provide guidelines for risk analysis as well as an overview of countermeasures
Quantum protocols for anonymous voting and surveying
We describe quantum protocols for voting and surveying. A key feature of our
schemes is the use of entangled states to ensure that the votes are anonymous
and to allow the votes to be tallied. The entanglement is distributed over
separated sites; the physical inaccessibility of any one site is sufficient to
guarantee the anonymity of the votes. The security of these protocols with
respect to various kinds of attack is discussed. We also discuss classical
schemes and show that our quantum voting protocol represents a N-fold reduction
in computational complexity, where N is the number of voters.Comment: 8 pages. V2 includes the modifications made for the published versio
Matroids and Quantum Secret Sharing Schemes
A secret sharing scheme is a cryptographic protocol to distribute a secret
state in an encoded form among a group of players such that only authorized
subsets of the players can reconstruct the secret. Classically, efficient
secret sharing schemes have been shown to be induced by matroids. Furthermore,
access structures of such schemes can be characterized by an excluded minor
relation. No such relations are known for quantum secret sharing schemes. In
this paper we take the first steps toward a matroidal characterization of
quantum secret sharing schemes. In addition to providing a new perspective on
quantum secret sharing schemes, this characterization has important benefits.
While previous work has shown how to construct quantum secret sharing schemes
for general access structures, these schemes are not claimed to be efficient.
In this context the present results prove to be useful; they enable us to
construct efficient quantum secret sharing schemes for many general access
structures. More precisely, we show that an identically self-dual matroid that
is representable over a finite field induces a pure state quantum secret
sharing scheme with information rate one
Quantum secret sharing with qudit graph states
We present a unified formalism for threshold quantum secret sharing using
graph states of systems with prime dimension. We construct protocols for three
varieties of secret sharing: with classical and quantum secrets shared between
parties over both classical and quantum channels.Comment: 13 pages, 12 figures. v2: Corrected to reflect imperfections of (n,n)
QQ protocol. Also changed notation from to , corrected typos,
updated references, shortened introduction. v3: Updated acknowledgement
From Secure Messaging to Secure Collaboration
© 2018, Springer Nature Switzerland AG. We examine the security of collaboration systems, where several users access and contribute to some shared resource, document, or database. To protect such systems against malicious servers, we can build upon existing secure messaging protocols that provide end-to-end security. However, if we want to ensure the consistency of the shared data in the presence of malicious users, we require features that are not available in existing messaging protocols. We investigate the protocol failures that may arise when a new collaborator is added to a group, and discuss approaches for enforcing the integrity of the shared data
Boomerang: Redundancy Improves Latency and Throughput in Payment-Channel Networks
In multi-path routing schemes for payment-channel networks, Alice transfers
funds to Bob by splitting them into partial payments and routing them along
multiple paths. Undisclosed channel balances and mismatched transaction fees
cause delays and failures on some payment paths. For atomic transfer schemes,
these straggling paths stall the whole transfer. We show that the latency of
transfers reduces when redundant payment paths are added. This frees up
liquidity in payment channels and hence increases the throughput of the
network. We devise Boomerang, a generic technique to be used on top of
multi-path routing schemes to construct redundant payment paths free of
counterparty risk. In our experiments, applying Boomerang to a baseline routing
scheme leads to 40% latency reduction and 2x throughput increase. We build on
ideas from publicly verifiable secret sharing, such that Alice learns a secret
of Bob iff Bob overdraws funds from the redundant paths. Funds are forwarded
using Boomerang contracts, which allow Alice to revert the transfer iff she has
learned Bob's secret. We implement the Boomerang contract in Bitcoin Script
Secret-Sharing for NP
A computational secret-sharing scheme is a method that enables a dealer, that
has a secret, to distribute this secret among a set of parties such that a
"qualified" subset of parties can efficiently reconstruct the secret while any
"unqualified" subset of parties cannot efficiently learn anything about the
secret. The collection of "qualified" subsets is defined by a Boolean function.
It has been a major open problem to understand which (monotone) functions can
be realized by a computational secret-sharing schemes. Yao suggested a method
for secret-sharing for any function that has a polynomial-size monotone circuit
(a class which is strictly smaller than the class of monotone functions in P).
Around 1990 Rudich raised the possibility of obtaining secret-sharing for all
monotone functions in NP: In order to reconstruct the secret a set of parties
must be "qualified" and provide a witness attesting to this fact.
Recently, Garg et al. (STOC 2013) put forward the concept of witness
encryption, where the goal is to encrypt a message relative to a statement "x
in L" for a language L in NP such that anyone holding a witness to the
statement can decrypt the message, however, if x is not in L, then it is
computationally hard to decrypt. Garg et al. showed how to construct several
cryptographic primitives from witness encryption and gave a candidate
construction.
One can show that computational secret-sharing implies witness encryption for
the same language. Our main result is the converse: we give a construction of a
computational secret-sharing scheme for any monotone function in NP assuming
witness encryption for NP and one-way functions. As a consequence we get a
completeness theorem for secret-sharing: computational secret-sharing scheme
for any single monotone NP-complete function implies a computational
secret-sharing scheme for every monotone function in NP
IoT Expunge: Implementing Verifiable Retention of IoT Data
The growing deployment of Internet of Things (IoT) systems aims to ease the
daily life of end-users by providing several value-added services. However, IoT
systems may capture and store sensitive, personal data about individuals in the
cloud, thereby jeopardizing user-privacy. Emerging legislation, such as
California's CalOPPA and GDPR in Europe, support strong privacy laws to protect
an individual's data in the cloud. One such law relates to strict enforcement
of data retention policies. This paper proposes a framework, entitled IoT
Expunge that allows sensor data providers to store the data in cloud platforms
that will ensure enforcement of retention policies. Additionally, the cloud
provider produces verifiable proofs of its adherence to the retention policies.
Experimental results on a real-world smart building testbed show that IoT
Expunge imposes minimal overheads to the user to verify the data against data
retention policies.Comment: This paper has been accepted in 10th ACM Conference on Data and
Application Security and Privacy (CODASPY), 202
Public Evidence from Secret Ballots
Elections seem simple---aren't they just counting? But they have a unique,
challenging combination of security and privacy requirements. The stakes are
high; the context is adversarial; the electorate needs to be convinced that the
results are correct; and the secrecy of the ballot must be ensured. And they
have practical constraints: time is of the essence, and voting systems need to
be affordable and maintainable, and usable by voters, election officials, and
pollworkers. It is thus not surprising that voting is a rich research area
spanning theory, applied cryptography, practical systems analysis, usable
security, and statistics. Election integrity involves two key concepts:
convincing evidence that outcomes are correct and privacy, which amounts to
convincing assurance that there is no evidence about how any given person
voted. These are obviously in tension. We examine how current systems walk this
tightrope.Comment: To appear in E-Vote-Id '1
- …