Steganography from weak cryptography

We introduce a problem setting which we call ``the freedom fighters' problem''. It subtly differs from the prisoners' problem. We propose a steganographic method that allows Alice and Bob to fool Wendy the warden in this setting. Their messages are hidden in encryption keys. The recipient has no prior knowledge of these keys, and has to cryptanalyze ciphertexts in order to recover them. We show an example of the protocol and give a partial security analysis

Flow-based reputation: more than just ranking

The last years have seen a growing interest in collaborative systems like electronic marketplaces and P2P file sharing systems where people are intended to interact with other people. Those systems, however, are subject to security and operational risks because of their open and distributed nature. Reputation systems provide a mechanism to reduce such risks by building trust relationships among entities and identifying malicious entities. A popular reputation model is the so called flow-based model. Most existing reputation systems based on such a model provide only a ranking, without absolute reputation values; this makes it difficult to determine whether entities are actually trustworthy or untrustworthy. In addition, those systems ignore a significant part of the available information; as a consequence, reputation values may not be accurate. In this paper, we present a flow-based reputation metric that gives absolute values instead of merely a ranking. Our metric makes use of all the available information. We study, both analytically and numerically, the properties of the proposed metric and the effect of attacks on reputation values

An efficient fuzzy extractor for limited noise

A fuzzy extractor is a security primitive that allows for reproducible extraction of an almost uniform key from a non-uniform noisy source. We analyze a fuzzy extractor scheme that uses universal hash functions for both information reconciliation and privacy amplification. This is a useful scheme when the number of error patterns likely to occur is limited, regardless of the error probabilities. We derive a sharp bound on the uniformity of the extracted key, making use of the concatenation property of universal hash functions and a recent tight formulation of the leftover hash lemma

A simpler security proof for 6-state quantum key distribution

Six-state Quantum Key Distribution (QKD) achieves the highest key rate in the class of qubit-based QKD schemes. The standard security proof, which has been developed since 2005, invokes complicated theorems involving smooth Renyi entropies. In this paper we present a simpler security proof for 6-state QKD that entirely avoids Renyi entropies. This is achieved by applying state smoothing directly in the Bell basis. We furthermore show that the same proof technique can be used for 6-state quantum key recycling

Flow-based reputation with uncertainty: Evidence-Based Subjective Logic

The concept of reputation is widely used as a measure of trustworthiness based on ratings from members in a community. The adoption of reputation systems, however, relies on their ability to capture the actual trustworthiness of a target. Several reputation models for aggregating trust information have been proposed in the literature. The choice of model has an impact on the reliability of the aggregated trust information as well as on the procedure used to compute reputations. Two prominent models are flow-based reputation (e.g., EigenTrust, PageRank) and Subjective Logic based reputation. Flow-based models provide an automated method to aggregate trust information, but they are not able to express the level of uncertainty in the information. In contrast, Subjective Logic extends probabilistic models with an explicit notion of uncertainty, but the calculation of reputation depends on the structure of the trust network and often requires information to be discarded. These are severe drawbacks. In this work, we observe that the `opinion discounting' operation in Subjective Logic has a number of basic problems. We resolve these problems by providing a new discounting operator that describes the flow of evidence from one party to another. The adoption of our discounting rule results in a consistent Subjective Logic algebra that is entirely based on the handling of evidence. We show that the new algebra enables the construction of an automated reputation assessment procedure for arbitrary trust networks, where the calculation no longer depends on the structure of the network, and does not need to throw away any information. Thus, we obtain the best of both worlds: flow-based reputation and consistent handling of uncertainties

Quantum Alice and Silent Bob: Qubit-based Quantum Key Recycling with almost no classical communication

We answer an open question about Quantum Key Recycling (QKR): Is it possible to put the message entirely in the qubits without increasing the number of qubits? We show that this is indeed possible. We introduce a prepare-and-measure QKR protocol where the communication from Alice to Bob consists entirely of qubits. As usual, Bob responds with an authenticated one-bit accept/reject classical message. Compared to Quantum Key Distribution (QKD), QKR has reduced round complexity. Compared to previous qubit-wise QKR protocols, our scheme has far less classical communication. We provide a security proof in the universal composability framework and find that the communication rate is asymptotically the same as for QKD with one-way postprocessing

Measuring privacy leakage in term of Shannon entropy

Differential privacy is a privacy scheme in which a database is modified such that each users personal data are protected without affecting significantly the characteristics of the whole data. Example of such mechanism is Randomized Aggregatable Privacy-Preserving Ordinal Response (RAPPOR). Later it is found that the interpretations of privacy, accuracy and utility parameters in differential privacy are not totally clear. Therefore in this article an alternative definition of privacy aspect are proposed, where they are measured in term of Shannon entropy. Here Shannon entropy can be interpreted as number of binary questions an aggregator needs to ask in order to learn information from a modified database. Then privacy leakage of a differentially private mechanism is defined as mutual information between original distribution of an attribute in a database and its modified version. Furthermore, some simulations using the MATLAB software for special cases in RAPPOR are also presented to show that this alternative definition does make sense