Privacy Preserving Cryptographic Protocols for Secure Heterogeneous Networks

Disertační práce se zabývá kryptografickými protokoly poskytující ochranu soukromí, které jsou určeny pro zabezpečení komunikačních a informačních systémů tvořících heterogenní sítě. Práce se zaměřuje především na možnosti využití nekonvenčních kryptografických prostředků, které poskytují rozšířené bezpečnostní požadavky, jako je například ochrana soukromí uživatelů komunikačního systému. V práci je stanovena výpočetní náročnost kryptografických a matematických primitiv na různých zařízeních, které se podílí na zabezpečení heterogenní sítě. Hlavní cíle práce se zaměřují na návrh pokročilých kryptografických protokolů poskytujících ochranu soukromí. V práci jsou navrženy celkově tři protokoly, které využívají skupinových podpisů založených na bilineárním párování pro zajištění ochrany soukromí uživatelů. Tyto navržené protokoly zajišťují ochranu soukromí a nepopiratelnost po celou dobu datové komunikace spolu s autentizací a integritou přenášených zpráv. Pro navýšení výkonnosti navržených protokolů je využito optimalizačních technik, např. dávkového ověřování, tak aby protokoly byly praktické i pro heterogenní sítě.The dissertation thesis deals with privacy-preserving cryptographic protocols for secure communication and information systems forming heterogeneous networks. The thesis focuses on the possibilities of using non-conventional cryptographic primitives that provide enhanced security features, such as the protection of user privacy in communication systems. In the dissertation, the performance of cryptographic and mathematic primitives on various devices that participate in the security of heterogeneous networks is evaluated. The main objectives of the thesis focus on the design of advanced privacy-preserving cryptographic protocols. There are three designed protocols which use pairing-based group signatures to ensure user privacy. These proposals ensure the protection of user privacy together with the authentication, integrity and non-repudiation of transmitted messages during communication. The protocols employ the optimization techniques such as batch verification to increase their performance and become more practical in heterogeneous networks.

Internet privacy protection

Anonymní autentizace slouží k autentizaci uživatelů bez odhalení jejich vlastních identifikačních údajů či osobních dat. Technologie Anonymních Autentizačních Systémů (AAS) poskytuje ochranu soukromí uživatelů a zároveň zajišťuje bezpečnost systému. Tato práce představuje základní kryptografická primitiva, kterými se anonymní autentizace může zajišťovat. Mezi tato primitiva patří některé asymetrické kryptosystémy, avšak nezbytnou součástí tvoří například protokoly na bázi nulové znalosti, slepá podpisová schémata, prahová skupinová schémata, atd., která jsou představena v kapitole 1. Obecně mají autentizační anonymní systémy uplatnění v aplikacích, jako jsou elektronické mince, elektronické hotovosti, skupinové elektronické podpisy, anonymní přístupové systémy, elektronické volby, atd., které jsou postupně analyzovány a představeny v kapitolách 2 a 3. V praktické části práce, která je popsána v kapitole 4, je představena implementace (v prostředí .NET v jazyce C#) systému AAS, který je vyvíjen na FEKT VUTBR.Anonymous authentication is a mean of authorizing a user without leakage of user personal information. The technology of Anonymous Authentication Systems (AAS) provides privacy of the user and yet preserves the security of the system. This thesis presents the basic cryptographic primitives, which can provide anonymous authentication. Among these primitives there are usually some asymmetric cryptosystems, but an essential part of anonymous authentication is based on zero knowledge protocols, blind signature schemes, threshold group schemes, etc., that are presented in Chapter 1. Generally, Anonymous Authentication Systems have application as electronic coin, electronic cash, group signatures, anonymous access systems, electronic vote, etc., which are analyzed and presented in Chapters 2 and 3. In the practical section, the implementation (in the environment .NET in C#) of the AAS system is presented and described in Chapter 4, which is being developed at the FEEC BUT.

Influence of aroma active compounds on flavour of fruit yogurts

Tato diplomová práce se zabývá určením aromaticky aktivních látek v ovocných jogurtech. Tyto látky jsou klíčové pro chutnost těchto mlékárenských výrobků. Byly analyzovány dva typy jogurtů, smetanové (8 % tuku) a nízkotučné (obsah tuku menší než 0,1%), s různými příchutěmi, vyrobené v Mlékárně Valašské Meziříčí, spol. s r.o.. Analýza byla provedena s použitím plynové chromatografie s extrakcí analytů pomocí SPME - mikroextrakce na tuhé fázi. V rozdílných množstvích bylo zjištěno šest skupin různých aromatických látek: ketony, aldehydy, organické kyseliny a jejich soli, alkoholy a sulfidy. Tyto sloučeniny mají většinou mikrobiální původ (Streptococcus salivarius subsp. thermophilus, Lactobacillus delbrueckii subsp. bulgaricus jsou mlékařské jogurtové kultury běžně používané pro výrobu jogurtů), menší množství jsou obsažena v kravském mléce nebo v mlékařských aditivech. Pro zjištění přijatelnosti a chutnosti byly jogurty zároveň senzoricky hodnoceny pomocí pořadové zkoušky, stupnicové metody a párového preferenčního testu. Hodnotitelé byli vybráni z řad studentů a zaměstnanců fakulty.This diploma thesis deals with the determination of aroma compounds in fruit yoghurts. These compounds are crucial for flavour of these dairy products. Two types of fruit yoghurts were analyzed, creamy (8 % of fat) and light (less than 0,1 % of fat), with various fruit ingredients, produced in dairy Mlékárna Valašské Meziříčí, spol. s r.o. Analysis was carried out by gas chromatography with extraction of analytes by SPME - solid phase microextraction. Six groups of different aromatic compounds such as ketones, aldehydes, organic acids and their salts, alcohols and sulfides in different amounts were determined. These compounds have mostly microbiological origin (Streptococcus salivarius subsp. thermophilus, Lactobacillus delbrueckii subsp. bulgaricus are dairy yoghurt cultures usually used for yoghurt production), less amounts are present in cow's milk or in dairy additives. Yoghurts were simultaneously sensory evaluated using ranking test, scale test and pair test for determination of acceptability and flavour. The assessors were students and staffs faculty of chemistry VUT.

Multidevice Authentication with Strong Privacy Protection

We propose a novel cryptographic scheme based on efficient zero-knowledge proofs and Boneh-Boyen signatures. The proposed scheme is provably secure and provides the full set of privacy-enhancing features, that is, the anonymity, untraceability, and unlinkability of user

Privacy-Enhancing Group Signcryption Scheme

In the last decades, several signcryption schemes have been developed for different privacy-enhancing purposes. In this paper, we propose a new privacy-enhancing group signcryption schemethat provides: unforgeability, confidentiality, ciphertext and sender anonymity, traceability, unlinkability,exculpability, coalition-resistance, and unforgeable tracing verification. It is important to notice that theproposed scheme allows a signer to anonymously signcrypt a message on the group’s behalf (i.e., sender’sanonymity). The security analysis of the scheme is also provided. Our proposal is proven to be stronglyexistentially unforgeable under an adaptive chosen message attack, indistinguishable under an adaptivechosen ciphertext attack, and to provide ciphertext anonymity under an adaptive chosen ciphertext attack.Furthermore, the scheme is extended to work in a multi-receiver scenario, where an authorized group ofreceivers is able to unsigncrypt the ciphertext. The experimental results show that our scheme is efficienteven on computationally restricted devices and can be therefore used in many IoT applications. TheSigncryptprotocol on smart cards takes less than 1 s (including communication overhead). The timeof theUnsigncryptprotocol on current ARM devices is negligible (less than 40 ms)

XANTHENE DYES-MEDIATED IN VITRO PHOTODYNAMIC TREATMENT OF CANCER AND NON-CANCER CELL LINES

Rose bengal and erythrosin B are xanthene dyes mainly known and used as antimicrobial agents, but due to their photodynamic activity they are also potential photosensitizers for cancer photodynamic therapy. The aim of this work is to study a photodynamic efficacy of rose bengal and erythrosin B against human skin melanoma and mouse fibroblast cell lines, compare them with each other and find out their photodynamic properties induced by light emitting diodes with total light dose of 5 J/cm2. To fully identify and understand photodynamic properties of both potentially effective photosensitizers, a set of complex in vitro tests such as cell cytotoxic assay, measurement of reactive oxygen species production, mitochondrial membrane potential change assay, mode of cell death determination or comet assay were made. Although both photosensitizers proved to have similar properties such as increasing production of reactive oxygen species with the higher concentration, predominance of necrotic mode of death or genotoxicity, the more effective photosensitizer was rose bengal because its EC50 was over 20 times lower for both cell lines than in case of erythrosin B. &nbsp

EFFECT OF THE ZINC PHTHALOCYANINE MEDIATED PHOTODYNAMIC THERAPY ON CYTOSKELETAL APPARATUS OF HELA CELLS

This study deals with the utilization of photosensitizer (λmax ~ 660 nm) from the group of the phthalocyanines, in photodynamic therapy. Effect of the zinc phthalocyanine photosensitizer mediated photodynamic therapy was evaluated in vitro on the tumor cell line – HeLa (cervical cancer cells) using mass spectrometry and atomic force and fluorescent microscopy techniques

HArMoNICS: High-Assurance Microgrid Network Infrastructure Case Study

Modern Intelligent Infrastructures (II) are highly complex, interconnected systems that are now emerging. For instance, II can integrate technologies and processes to provide citizens with faster services and better goods. An average II can include many technologies, e.g., Cloud applications and IoT devices, under different environments, e.g., industry 4.0 production plants and smart buildings. Although II bring concrete benefits to all of these contexts, they also carry security concerns. Reasoning about threats and security exposures that might affect II is non trivial. This is only partially due to their inherent complexity. As a matter of fact, real II are typically in charge of some critical operations that cannot be interrupted or compromised for experimental purposes. An alternative solution is to rely on digital replicas which can provide a good trade off between realism and usability. These assets represent a strategic and highly demanded resource for the security community. In this paper we present HArMoNICS, a case study infrastructure meant to provide a playground for security experts interested in II security. HArMoNICS revolves around a digital replica of a real Smart Polygeneration Microgrid (SPM) located in Italy. Although most of the components are based on or inspired to the real system, HArMoNICS has been enriched with further security-relevant features. As a result, the case study includes vertical uses cases focusing on specific security topics. Security researchers can use it to assess the effectiveness of new methodologies, to carry out security training activities, or even to extend it with new elements

Post-Quantum Era Privacy Protection for Intelligent Infrastructures

As we move into a new decade, the global world of Intelligent Infrastructure (II) services integrated into the Internet of Things (IoT) are at the forefront of technological advancements. With billions of connected devices spanning continents through interconnected networks, security and privacy protection techniques for the emerging II services become a paramount concern. In this paper, an up-to-date privacy method mapping and relevant use cases are surveyed for II services. Particularly, we emphasize on post-quantum cryptography techniques that may (or must when quantum computers become a reality) be used in the future through concrete products, pilots, and projects. The topics presented in this paper are of utmost importance as (1) several recent regulations such as Europe's General Data Protection Regulation (GDPR) have given privacy a significant place in digital society, and (2) the increase of IoT/II applications and digital services with growing data collection capabilities are introducing new threats and risks on citizens' privacy. This in-depth survey begins with an overview of security and privacy threats in IoT/IIs. Next, we summarize some selected Privacy-Enhancing Technologies (PETs) suitable for privacy-concerned II services, and then map recent PET schemes based on post-quantum cryptographic primitives which are capable of withstanding quantum computing attacks. This paper also overviews how PETs can be deployed in practical use cases in the scope of IoT/IIs, and maps some current projects, pilots, and products that deal with PETs. A practical case study on the Internet of Vehicles (IoV) is presented to demonstrate how PETs can be applied in reality. Finally, we discuss the main challenges with respect to current PETs and highlight some future directions for developing their post-quantum counterparts