Showing total 167 results

1. Dynamic Access Control Policies: Specification and Verification.

Author

Janicke, H., Cau, A., Siewe, F., and Zedan, H.

Subjects

ACCESS control, COMPUTER security, PROGRAMMING languages, COMPUTER logic, ELECTRONIC paper, SEMANTICS, CONFIRMATION (Logic)

Abstract

Security requirements deal with the protection of assets against unauthorized access (disclosure or modification) and their availability to authorized users. Temporal constraints of history-based access control policies are difficult to express naturally in traditional policy languages. We propose a compositional formal framework for the specification and verification of temporal access control policies for security critical systems in which history-based policies and other temporal constraints can be expressed. In particular, our framework allows for the specification of policies that can change dynamically in response to time or events enabling dynamic reconfiguration of the access control mechanisms. The framework utilizes a single well-defined formalism, interval temporal logic, for defining the semantics of these policies and to reason about them. We illustrate our approach with a detailed case study of an electronic paper submission system showing the compositional verification of their safety, liveness and information flow properties. [ABSTRACT FROM PUBLISHER]

Published

2013

2. Menger-Type Connectivity of Line Graphs of Generalized Hypercubes With Faulty Edges.

Author

Jia, Huanshen and Qian, Jianguo

Subjects

*GRAPH connectivity, *FAULT-tolerant computing, *HYPERCUBES, *COMPUTER security, *INTERNETWORKING devices

Abstract

A connected graph |$G$| is called strongly Menger edge connected if |$G$| has min{deg |$_{G}(x)$|⁠ , deg |$_{G}(y)$| } edge-disjoint paths between any two distinct vertices |$x$| and |$y$| in |$G$|⁠. In this paper, we consider two types of the strongly Menger edge connectivity of the line graphs of generalized |$n$| -dimensional hypercubes with faulty edges, namely the |$m$| -edge-fault-tolerant and |$m$| -conditional edge-fault-tolerant strongly Menger edge connectivity. We show that the line graphs of all generalized |$n$| -dimensional hypercubes are |$(2n-4)$| -edge-fault-tolerant strongly Menger edge connected for |$n\geq 3$| and |$(4n-10)$| -conditional edge-fault-tolerant strongly Menger edge connected for |$n\geq 4$|⁠. The two bounds for the maximum numbers of faulty edges are best possible. [ABSTRACT FROM AUTHOR]

Published

2024

3. Continuous Leakage-Amplified Public-Key Encryption With CCA Security.

Author

Zhang, Wenzheng, Qiao, Zirui, Yang, Bo, Zhou, Yanwei, and Zhang, Mingwu

Subjects

PUBLIC key cryptography, COMPUTER security, CRYPTOGRAPHY

Abstract

Secret key leakage has become a security threat in computer systems, and it is crucial that cryptographic schemes should resist various leakage attacks, including the continuous leakage attacks. In the literature, some research progresses have been made in designing leakage resistant cryptographic primitives, but there are still some remaining issues unsolved, e.g. the upper bound of the permitted leakage is fixed. In actual applications, the leakage requirements may vary; thus, the leakage parameter with fixed size is not sufficient against various leakage attacks. In this paper, we introduce some novel idea of designing a continuous leakage-amplified public-key encryption scheme with security against chosen-ciphertext attacks. In our construction, the leakage parameter can have an arbitrary length, i.e. the length of the permitted leakage can be flexibly adjusted according to the specific leakage requirements. The security of our proposed scheme is formally proved based on the classic decisional Diffie–Hellman assumption. [ABSTRACT FROM AUTHOR]

Published

2022

4. Toward Both Privacy and Efficiency of Homomorphic MACs for Polynomial Functions and Its Applications.

Author

Li, Shimin, Wang, Xin, and Xue, Rui

Subjects

MESSAGE authentication codes, COMPUTER security, PRIVACY, POLYNOMIALS, CLOUD computing

Abstract

Homomorphic message authentication codes (MACs) allow a user to outsource data to an untrusted server and verify the correctness of returned computation results over the outsourced data. Many cloud applications need delegation computations over outsourced data with dual capabilities. On one hand, they need to keep the outsourced data secret such that the server cannot trace and infer any sensitive information from the computation results. On the other hand, the user should be able to efficiently verify the computation results. Unfortunately, the state-of-the-art homomorphic MAC schemes are not so desirable due to either poor privacy or low verification efficiency. In this paper, we first put forward a new cryptographic primitive called privacy-preserving homomorphic MACs (PHMAC) that simultaneously provides data privacy and efficient verification. Then, we present a PHMAC construction capable for the evaluation of polynomials of fixed degree |$d\geq 1$|⁠ , in which the tag does not reveal any information of underlying authenticated data while being verifiable in constant time (in an amortized sense). As an application, we give a generic construction of homomorphic authenticated encryption (HAE) from proposed PHMAC and homomorphic encryption. Benefited from the functionalities of underlying PHMAC scheme, the derived HAE enjoys stronger authenticity and supports larger classes of functions than that of Lai et al. (Verifiable Computation on Outsourced Encrypted Data. In Computer Security—ESORICS 2014—19th European Symposium on Research in Computer Security , Wroclaw, Poland, September 7–11, Part I, pp. 273–291. Springer, Berlin). Such HAE enables verifiable delegation computations over growing outsourced encrypted data in an efficient way. [ABSTRACT FROM AUTHOR]

Published

2022

5. Authorized Function Homomorphic Signature.

Author

Guo, Qingwen, Huang, Qiong, and Yang, Guomin

Subjects

DIGITAL signatures, DATA encryption, ELECTRONIC authentication, COMPUTER security, CRYPTOGRAPHY

Abstract

Homomorphic signature (HS) is a novel primitive that allows an agency to carry out arbitrary (polynomial time) computation f on the signed data m → and accordingly gain a signature σ h for the computation result f (m →) with respect to f on behalf of the data owner (DO). However, since DO lacks control of the agency's behavior, receivers would believe that DO did authenticate the computation result even if the agency misbehaves and applies a function that the DO does not want. To address the problem above, in this paper we introduce a new primitive called authorized function homomorphic signature (AFHS). In AFHS, the agency has to obtain a confidence key sk f from DO in order to evaluate a function f on the data m → and to obtain a signature with which one can check whether the agency acts in accordance with DO's instructions. A black-box construction of AFHS based on HS is given in this paper, and we show that if the underlying primitives are secure, so is our construction under the given security model. Moreover, we provide a somewhat concrete construction that offers stronger security guarantee. [ABSTRACT FROM AUTHOR]

Published

2018

6. A Generic Approach to Improving Diffie–Hellman Key Agreement Efficiency for Thin Clients.

Author

HUNG-YU CHIEN

Subjects

KEY agreement protocols (Computer network protocols), COMPUTER security, NETWORK PC (Computer), COMPUTER passwords, COMPUTER access control, COMPUTER network security, PUBLIC key cryptography, SECURITY systems

Abstract

Authenticated Diffie–Hellman key (D-H key) agreement is the de facto standard for establishing secure session keys in many security systems. However, the modular exponentiation computation of D-H key puts a heavy load of those thin clients like Radio Frequency IDentification (RFID), NFC and Zigbee, where either the computational capacity or the battery is limited and precious. Therefore, many standards and implementations of these thin clients opt out key agreement schemes to meet computational efficiency requirements thereby accepting some security risks. As these devices are becoming more popular and security threats are increasing, it is desirable to reduce the computational load of key agreement while still providing sound security. In this paper, we propose a new problem—the modified Computational Diffie–Hellman Problem (MCDHP) and prove its security being equivalent to the Computational Diffie–Hellman Problem. Based on the MCDHP, we propose a general technique to enhance the computational load for thin clients when establishing secure D-H keys. The proposed approach achieves the same security of conventional authenticated D-H key agreement except the perfect forward secrecy. Examples of secure applications on existing D-H key agreement schemes are demonstrated in this paper. [ABSTRACT FROM AUTHOR]

Published

2016

7. Impact FD: An Unreliable Failure Detector Based on Process Relevance and Confidence in the System.

Author

Rossetto, Anubis Graciela de Moraes, Geyer, Cláudio F R, Arantes, Luciana, and Sens, Pierre

Subjects

*COMPUTER security, *PERFORMANCE evaluation, *NETWORK performance, *RELIABILITY in engineering, *COMPUTER systems

Abstract

This paper presents a new unreliable failure detector, called the Impact failure detector (FD), that, contrarily to the majority of traditional FDs, outputs a trust level value which expresses the degree of confidence in the system. An impact factor is assigned to each process and the trust level is equal to the sum of the impact factors of the processes not suspected of failure. Moreover, a threshold parameter defines a lower bound value for the trust level, over which the confidence in the system is ensured. In particular, we defined a flexibility property that denotes the capacity of the Impact FD to tolerate a certain margin of failures or false suspicions, i.e. its capacity of considering different sets of responses that lead the system to trusted states. The Impact FD is suitable for systems that present node redundancy, heterogeneity of nodes, clustering feature and allow a margin of failures which does not degrade the confidence in the system. The paper also includes a timer-based distributed algorithm which implements an Impact FD, as well as its proof of correctness, for systems whose links are lossy asynchronous or for those whose all (or some) links are eventually timely. Performance evaluation results, based on PlanetLab (Planetlab. http://www.planet-lab.org. 'Online. Access date: 16 September 2016') traces, confirm the degree of flexible applicability of our FD and that, due to the accepted margin of failure, both failures and false suspicions are more tolerated when compared to traditional unreliable FDs. [ABSTRACT FROM AUTHOR]

Published

2018

8. A Practical Hybrid Group Key Establishment for Secure Group Communications.

Author

HARN, LEIN and CHING-FANG HSU

Subjects

ENCRYPTION protocols, DATA encryption, POLYNOMIALS, COMPUTER security, CRYPTOGRAPHY

Abstract

A group key establishment enables a group key shared among all group members. In this paper, we proposed a novel group key establishment, which is a hybrid of the Diffie-Hellman (DH) public-key scheme and the secret sharing scheme. Our protocol takes the advantages of the DH scheme, which does not need a mutually trusted key generation center (KGC) and the secret sharing scheme, which reduces the computational time. Employing the DH scheme allows any group member to act as a KGC to distribute a secret key to all group members. The secret sharing scheme is used as the encryption tool to transfer a group key to group members. Since public-key encryption involves modular exponentiations using a larger modulus (say at least 1024 bits) as compared with the secret sharing encryption involves polynomial operations using a smaller modulus (say only 160 bits), our proposed approach is faster than the broadcast encryption in public-key setting. We show that our protocol can provide key secrecy, key authentication and key independence. [ABSTRACT FROM AUTHOR]

Published

2017

9. Almost-Tight Identity Based Encryption Against Selective Opening Attack.

Author

JUNQING GONG, XIAOLEI DONG, ZHENFU CAO, and JIE CHEN

Subjects

FUNCTIONAL identities, IDENTITY management systems, INFORMATION technology security, DATA encryption, COMPUTER security

Abstract

The paper presents an identity based encryption (IBE) under selective opening attacks (SOA) whose security is almost-tightly related to a set of computational assumptions in composite-order bilinear groups. Our result is a combination of Bellare, Waters and Yilek's method [TCC, 2011] for constructing (not tightly) SOA secure IBE and Hofheinz, Koch and Striecks' technique [PKC, 2015] on building almost-tightly secure IBE in the multi-ciphertext setting. In the paper, we first tune Bellare et al.'s generic construction for SOA secure IBE to show that a one-bit IBE achieving ciphertext indistinguishability under chosen plaintext attack in the multi-ciphertext setting (with one-sided public openability) tightly implies a multi-bit IBE secure under the selective opening attack. Next, we almost tightly reduce such a one-bit IBE to static assumptions in the composite-order bilinear groups employing the technique of Hofheinz et al. This yields the first SOA secure IBE with almost-tight reduction. [ABSTRACT FROM AUTHOR]

Published

2016

10. Dynamic State-Based Security Architecture for Detecting Security Attacks in Virtual Machines.

Author

Tupakula, Udaya Kiran and Varadharajan, Vijay

Subjects

COMPUTER security, COMPUTER architecture, VIRTUAL machine systems, CYBERTERRORISM, DETECTORS, COMPUTER operating systems

Abstract

Current Internet environment is vulnerable to a range of different types of attacks, and furthermore, new types of attacks are being discovered on a daily basis. In this paper, we address the design of comprehensive intrusion detection for virtual-machine-based systems. We propose a novel security architecture using a virtual machine monitor-based intrusion detection system called Virtual machine Intrusion deteCTOR (VICTOR), which takes into account the specific characteristics of operating system and applications running in each virtual machine at a fine granular level to detect attacks. The components of our architecture are designed to deal with different types of malicious behaviour. The entity validation component is used for capturing information of the operating system and applications running in the virtual machines, secure logging and detection of attacks that are generated with spoofed source address. The intrusion detection engine component is used for the detection of known attacks and suspicious behaviour of the entities by monitoring the incoming and outgoing traffic of virtual machines. The dynamic analyser is used for detection and validation of hidden processes, detection of zero-day attacks and fine granular isolation of malicious process that is generating the attack traffic. After a zero-day attack is detected, interactive virtual machine technique is used to determine whether the zero-day attack exhibits polymorphic or metamorphic behaviour and develop attack signatures to deal with the attack. We have analysed our architecture with different types of attacks such as hidden processes and attacks such as Slammer. In this paper, we illustrate the operation of our system architecture by considering Slammer worm attack in detail. [ABSTRACT FROM PUBLISHER]

Published

2012

11. On the Use of Fake Sources for Source Location Privacy: Trade-Offs Between Energy and Privacy.

Author

Jhumka, Arshad, Leeke, Matthew, and Shrestha, Sambid

Subjects

WIRELESS sensor networks, COMPUTER security, AUTOMATION, ENERGY consumption, CONFIGURATION management, DATA privacy, ROUTING (Computer network management)

Abstract

Wireless sensor networks have enabled novel applications such as monitoring, where security is invariably a requirement. One aspect of security, namely source location privacy, is becoming an increasingly important property of some wireless sensor network applications. The fake source technique has been proposed as an efficient technique to handle the source location privacy problem. However, there are several factors that limit the usefulness of current results: (i) the selection of fake sources is dependent on sophisticated nodes, (ii) fake sources are known a priori and (iii) the selection of fake sources is based on a prohibitively expensive pre-configuration phase. In this paper, we investigate the privacy enhancement and energy efficiency of different implementations of the fake source technique that circumvents these limitations. Our results show that the fake source technique is indeed effective in enhancing privacy. Specifically, one implementation achieves near-perfect privacy when there is at least one fake source in the network, at the expense of increased energy consumption. In the presence of multiple attackers, the same implementation yields only a 30% decrease in capture ratio with respect to flooding. To address this problem, we propose a hybrid technique which achieves a corresponding 50% reduction in the capture ratio and a near-perfect privacy whenever at least one fake source exists in the network. [ABSTRACT FROM AUTHOR]

Published

2011

12. λ_SAOP: A Security AOP Calculus1.

Author

ALHADIDI, D., BELBLIDIA, N., DEBBABI, M., and BHATTACHARYA, P.

Subjects

COMPUTER security, SEMANTIC networks (Information theory), INFERENCE (Logic), ASPECT-oriented programming, CALCULUS, ALGORITHMS

Abstract

This paper presents an aspect-oriented calculus for security called λ_SAOP. It is based on the λ_calculus and contains pointcuts that are relevant to security hardening of applications. The main contribution of the paper is a semantics for λ_SAOP advice weaving in the presence of these pointcuts. We instrument the effect-based type inference system to inject advices into expressions during static typing. The proposed semantics for advice weaving is in the spirit of AspectJ, a prominent aspect-oriented programming language, where advices are injected before, after or around the join points that match their respective pointcuts. For this purpose, we accommodate the effect-based inference algorithm to take matching and weaving processes into consideration. In addition, we establish the required soundness and preservation proofs. [ABSTRACT FROM PUBLISHER]

Published

2009

13. Improved Integral Distinguishers on Compression Function of GOST R Hash Function.

Author

Li, Rongjia, Jin, Chenhui, and Fan, Ruya

Subjects

HASHING, DATA compression, CRYPTOGRAPHY, COMPUTER security, CIPHERS

Abstract

Streebog is a new Russian hash function standard (GOST R 34.11–2012). The compression function of Streebog employs an AES-like block cipher which is used in Miyaguchi–Preneel mode. In this paper, we investigate the integral distinguisher on reduced-round Streebog compression function. First, we find 6/7/8/9/10-round integral distinguishers using word-based division property. Then, we further reduce the complexity of the integral distinguishers utilizing subspace trails. As far as we know, we improve the previous best integral distinguisher by three rounds. [ABSTRACT FROM AUTHOR]

Published

2019

14. Leakage Resilient CCA Security in Stronger Model: Branch Hidden ABO-LTFs and Their Applications.

Author

Zhao, Yi, Yu, Yong, and Yang, Bo

Subjects

CIPHERS, PUBLIC key cryptography, DATA security failures, DATA encryption, COMPUTER security

Abstract

Lossy trapdoor functions (LTFs) have already found various applications in cryptography with many priorities. But constructing leakage resilient (LR) CCA secure PKE schemes through this way received less attention. Existing works could only be proven secure in a weakened model due to the power of leakage attack. To address this problem, we introduce a new variant of ABO-LTF which is called branch hidden ABO-LTF (BHABO-LTF) in this paper. This primitive provides protection for the information of evaluated branches rather than lossy branches, which means even an adversary knows the information of the set of lossy branches, it can still not determine whether the output is evaluated on an injective or a lossy branch as long as the inversion key is kept secret. We observe that if this primitive has Chameleon property, we could present a generic construction of CCA secure PKE schemes. Due to the transparency of lossy branches of the primitive, we find that our construction can naturally be extended to accommodate leakage resilience. We give a generic construction with a realization of LR-BHABO-LTFs under the decisional composite residuosity assumption. This construction can be proved secure in a well-accepted security model rather than existing LTF-based ones in weak key-leakage model. Besides, without the need to hide the information of lossy branches, a Chameleon BHABO-LTF can be constructed by additively homomorphic CPA secure PKE alone. So our work can also be viewed as an interesting progress to give a construction of CCA secure PKE from additively homomorphic CPA secure PKE with certain properties as well as their LR counterparts, which has been a longstanding problem. [ABSTRACT FROM AUTHOR]

Published

2019

15. From Keys to Databases—Real-World Applications of Secure Multi-Party Computation.

Author

Archer, David W, Bogdanov, Dan, Lindell, Yehuda, Kamm, Liina, Nielsen, Kurt, Pagter, Jakob Illeborg, Smart, Nigel P, and Wright, Rebecca N

Subjects

ARTIFICIAL intelligence, COMPUTER software, BIONICS, ELECTRONIC data processing, COMPUTER security, ACCESS control

Abstract

We discuss the widely increasing range of applications of a cryptographic technique called multi-party computation. For many decades, this was perceived to be of purely theoretical interest, but now it has started to find application in a number of use cases. We highlight in this paper a number of these, ranging from securing small high-value items such as cryptographic keys, through to securing an entire database. [ABSTRACT FROM AUTHOR]

Published

2018

16. Structural Key Recovery of Simple Matrix Encryption Scheme Family.

Author

Liu, Jinhui, Yu, Yong, Yang, Bo, Jia, Jianwei, Wang, Shijia, and Wang, Houzhen

Subjects

COMPUTER security, DATA encryption, COMPUTER network security, COMPUTATIONAL complexity, ELECTRONIC data processing, MACHINE theory, CRYPTOGRAPHY

Abstract

Advances in quantum computers threaten the security of public-key cryptosystems whose security is based on the hardness of factoring or on the discrete logarithm problem. Multivariate encryption schemes are promising alternatives to traditional cryptosystems. Tao et al. proposed a new Multivariate Public-Key Cryptosystem for encryption called simple matrix encryption scheme (ABC for short). Further, they proposed an improved simple matrix encryption schemes and a cubic simple matrix encryption scheme. In this paper, we show that the three schemes are vulnerable to a structural key recovery attack by tensor and vectorization notation and associated algebraic re-writing rules. We derive a set of linear equations from the public key whose solution yields an equivalent key pair that hide the central map. The proposed cryptanalysis approaches require polynomial computational complexity to achieve some equivalent keys from associated public keys. In addition, we provide an example to illustrate feasibility of proposed analysis method. [ABSTRACT FROM AUTHOR]

Published

2018

17. Order-Hiding Range Query over Encrypted Data without Search Pattern Leakage.

Author

Dou, Yi, Chan, Henry C B, and Au, Man Ho

Subjects

COMPUTER security, DATA encryption, COMPUTER network security, ACCESS control, DATABASE management

Abstract

For cloud data storage, data privacy and security are two key concerns. Although sensitive data can be encrypted before they are stored in the cloud, the encrypted data can hardly be processed efficiently. Hence, a lightweight solution is required to satisfy both high security and high efficiency requirements. In this paper, we study the problem of range query over encrypted data. The main idea is to transform the range comparison to a privacy-preserving set intersection operation. To protect record privacy, our scheme builds searchable encrypted indexes for records that are secure against inference attack. To ensure the privacy of range queries, non-deterministic encryption, which has not been achieved in range query before, is proposed to hide the search pattern of queries. During range comparison, our scheme neither leaks the order relationship between the upper/lower bound of a range query and the encrypted index, nor produces false positives in the query results. We have implemented our scheme and evaluated its performance in comparison with other schemes. The comparison results indicate that our scheme has a shorter index size and search time than the order-revealing encryption (ORE) scheme when the processing unit is large. Meanwhile, our scheme only leaks the access pattern, and is proved to be more secure than existing schemes. [ABSTRACT FROM AUTHOR]

Published

2018

18. Tightly Secure Encryption Schemes against Related-Key Attacks.

Author

Han, Shuai, Liu, Shengli, Lyu, Lin, and Gu, Dawu

Subjects

COMPUTER security, DATA encryption, CRYPTOGRAPHY, SECURITY management, ACCESS to information

Abstract

ℱ -Related-Key Attacks (RKAs) allow an adversary to tamper the key k stored in a cryptographic device by specifying related-key deriving (RKD) functions f in ℱ and subsequently learn the outcome of the device under related keys f (k) ⁠. In this paper, we present RKA secure public-key encryption (PKE) and symmetric encryption (SE) schemes admitting a tight security reduction to the standard s -Linear assumption. The security loss depends only on the security parameter and is independent of the number of tampering queries made by the adversary. Our encryption schemes are resilient to RKAs w.r.t. the set of restricted affine functions ℱ raff ⁠, of which the set of linear functions ℱ lin is a subset. In particular, • Our encryption schemes serve as the first ones possessing tight RKA security for a non-trivial RKD function class ℱ under standard assumptions. • Moreover, our encryption schemes enjoy tight super-strong RKA securities, which are the strongest ones among the existing RKA security notions. [ABSTRACT FROM AUTHOR]

Published

2018

19. Performability-Based Workflow Scheduling in Grids.

Author

Entezari-Maleki, Reza, Trivedi, Kishor S, Sousa, Leonel, and Movaghar, Ali

Subjects

GRID computing, ELECTRIC power distribution grids, COMPUTER security, CLOUD computing, COMPUTER programming

Abstract

In this paper, the performance of a grid resource is modeled and evaluated using stochastic reward nets (SRNs), wherein the failure–repair behavior of its processors is taken into account. The proposed SRN is used to compute the blocking probability and service time of a resource for two different types of tasks: grid and local tasks. After modeling a grid resource and evaluating the performability measures, an algorithm is presented to find the probability mass function (pmf) of the service time of the grid resource for a program which is composed of grid tasks. The proposed algorithm exploits the universal generating function to find the pmf of service time of a single grid resource for a given program. Therefore, it can be used to compute the pmf of the service time of entire grid environment for a workflow with several dependent programs. Each possible scheduling of programs on grid resources may result in different service times and successful execution probabilities. Due to this fact, a genetic-based scheduling algorithm is proposed to appropriately dispatch programs of a workflow application to the resources distributed within a grid computing environment. Numerical results obtained by applying the proposed SRN model, the algorithm to find the pmf of grid service time, and the genetic-based scheduling algorithm to a comprehensive case study demonstrate the applicability of the proposed approach to real systems. [ABSTRACT FROM AUTHOR]

Published

2018

20. A Framework for Testing and Monitoring Security Policies: Application to an Electronic Voting System.

Author

Toumi, Khalifa, Aouadi, Mohamed, Cavalli, Ana R, Mallouli, Wissam, Allepuz, Jordi Puiggal, and Montfort, Pol Valletb

Subjects

ELECTRONIC voting software, VOTING, ELECTRONIC security systems, COMPUTER security, SOFTWARE requirements specifications, SECURITY systems

Abstract

Testing and monitoring the effectiveness of security policies under pervasive system architectures is still a major challenging problem for the research community as well as industrials. The inherent characteristics of these systems such as the heterogeneous communicating devices and the multiple used technologies make the burden more overwhelming when dealing with security measures and policies. This paper aims to bridge this gap through the introduction of a formal design of security policies to make security monitoring operation more efficient. Hence, a formal framework is proposed to actively test web-based systems, as an example of these pervasive architectures. The goal of our technique is to check the compliance of the targeted web application to a set of generic security requirements such as confidentiality, integrity and availability as well as to a set of user-related security constraints. Our approach has been applied to a real industrial electronic voting application provided by the Scytl company. Several experiments show the merit of our technique in verifying the correctness of security measures of the targeted application. This framework is part of the INTER-TRUST solution intended to ensure secure inter-operation between communicating systems and provide solutions to test and monitor them. [ABSTRACT FROM AUTHOR]

Published

2018

21. Continuous Leakage-Resilient Identity-Based Encryption without Random Oracles.

Author

Zhou, Yanwei, Yang, Bo, and Mu, Yi

Subjects

DATA encryption, COMPUTER network security, DATA security, INTERNET security, COMPUTER security

Abstract

Provably secure identity-based encryption (IBE) schemes in the presence of key-leakage have attracted a lot of attention recently. However, most of them were designed in the bounded-leakage model, and might not be able to meet the claimed security under the continuous-leakage attacks. The main issue is that the most of previous leakage-resilient IBE schemes could not ensure the randomness of all elements in the ciphertext, because some elements can be written as a function on the private key of user; therefore, the adversary can obtain the leakage on the private key of user from the corresponding given ciphertext. In this paper, a new construction of CCA-secure IBE scheme tolerating continuous-leakage attacks in the standard model is proposed, and its security is proved in the selective-ID security model based on the hardness of decisional bilinear Diffie-Hellman assumption, which is a classical static assumption. In our construction, the adversary cannot obtain any leakage on the private key from the corresponding ciphertext, since all elements in the ciphertext are random in the adversary's view. The striking advantage of our constructions is the key leakage ratio, which is the best one among the previous leakage-resilient IBE constructions. [ABSTRACT FROM AUTHOR]

Published

2018

22. Efficient Homomorphic Integer Polynomial Evaluation Based on GSW FHE.

Author

Wang, Husen and Tang, Qiang

Subjects

DATA encryption, COMPUTER security, ENCRYPTION protocols, COMPUTER network security, DATA security

Abstract

In this paper, we introduce new methods to evaluate integer polynomials with the Gentry-Sahai-Waters fully homomorphic encryption (GSW FHE) scheme. Our solution has much slower noise growth and per homomorphic integer multiplication cost, with a ratio O((logk)w+1 / kw⋅n) in comparison to the original GSW scheme where k is the input plaintext width, n is the LWE dimension and ω=2.373. Technically, we reduce the integer multiplication noise by restricting the evaluation to be between two kinds of ciphertexts: one is for the message space ℤq and the other is for message space 픽2 [log q]. To achieve generality, we propose an integer bootstrapping scheme which converts these two kinds of ciphertexts into each other. To solve the ciphertext expansion problem due to ciphertexts in 픽2 [log q], we propose a solution based on symmetric-key encryption with stream ciphers. [ABSTRACT FROM AUTHOR]

Published

2018

23. Privacy Preserving, Verifiable and Resilient Data Aggregation in Grid-Based Networks.

Author

Shah, Kaushal A and Jinwala, Devesh C

Subjects

WIRELESS sensor networks, WIRELESS communications, COMPUTER security, INTERNET of things, WIRELESS sensor nodes, CLOUD computing

Abstract

The grid-based networks are formed by applications where objects being monitored form a square grid. These applications often demand critical security concerns as the compromise to the data yields adverse effects. There are indeed, several lightweight data aggregation schemes proposed in the literature that aims to minimize the resource overhead, albeit providing the required security attributes. However, as per our observations, the information about the actual deployment of the nodes is not exploited in any of these attempts. In this paper, we exploit the linearity in the deployment of grid-based networks to design an aggregation scheme that eventually entails lesser overhead as compared to the other existing schemes while offering the same level of resilience. As homomorphic encryption is considered to be more secure than obfuscation, we also propose a variant to the proposed scheme using homomorphic encryption. In the scenario with lesser restriction on computation, one can opt for the variant to the proposed scheme. The security analysis using mathematical induction and formal security proofs proves the security of the proposed scheme. To the best of our knowledge, the proposed scheme is the first that achieves privacy preservation, data verification, resilience against node capture and avoidance against collusion attacks in grid-based networks with lesser requirement of key storage and communication cost. [ABSTRACT FROM AUTHOR]

Published

2018

24. An Ensemble Method based on Selection Using Bat Algorithm for Intrusion Detection.

Author

Shen, Yanping, Zheng, Kangfeng, Wu, Chunhua, Zhang, Mingwu, Niu, Xinxin, and Yang, Yixian

Subjects

MACHINE learning, COMPUTER security, INTRUSION detection systems (Computer security), ARTIFICIAL intelligence, COMPUTER network security

Abstract

Machine learning plays an important role in constructing intrusion detection models. However, the information era is an era of data. With the continuous increase in data size and the growth of data dimensions, the ability of a single classifier is becoming limited in predicting samples. In this paper, we present an ensemble method using random subspace in which an extreme learning machine (ELM) is chosen as the base classifier. To optimize the ensemble model, an ensemble pruning method based on the bat algorithm (BA) is proposed. Meanwhile, a fitness function based on the accuracy and diversity of an ensemble is defined in the BA to obtain an improved classifier subset. Three public datasets, the KDD99, NSL and Kyoto datasets, are adopted to assess the robustness of the method. The empirical results indicate that the ensemble method based on random subspace can improve the accuracy and robustness over the use of an individual ELM. The results also show that compared with when all the sub-classifiers are used in the ensemble, the pruning framework can not only achieve comparable or better performance but also save substantial computing resources in an intrusion detection system (IDS). [ABSTRACT FROM AUTHOR]

Published

2018

25. Risk and the Small-Scale Cyber Security Decision Making Dialogue--a UK Case Study.

Author

Osborn, Emma and Simpson, Andrew

Subjects

INTERNET security, COMPUTER security, INFORMATION technology, CYBERTERRORISM, CLOUD computing, DATA protection

Abstract

Despite a long-standing understanding that developments in personal and cloud computing practices would change the way we approach security, small-scale IT users (SSITUs) remain ill-served by existing cyber security practices. This paper discusses results from a survey that considered (in part) cyber security decisions made by SSITUs. We determine that SSITUs are focusing on easy-to-implement technical measures, leading to a disconnect between the security implemented and any risks identified; available resources, knowledge, prioritization of business processes, reduced system control and a lack of threat intelligence all combine to limit the ability to make cyber security decisions; and assessing risk in SSITUs will not lead to sufficient investment to mitigate risks for risk-holding stakeholders in the supply chain. We conclude that the constraints faced by SSITUs have far greater impact on the decisions they make than either our risk-holding, or security-providing, participants may have anticipated. Any limitations faced by SSITUs as they make their security decisions will have a significant impact on both the measures they are able to apply and the security of the supply chain as a whole. [ABSTRACT FROM AUTHOR]

Published

2018

26. A Vulnerability Life Cycle-Based Security Modeling and Evaluation Approach.

Author

Marconato, G. Vache, Kaâniche, M., and Nicomette, V.

Subjects

COMPUTER security, PROBABILITY theory, INFORMATION storage & retrieval systems, STOCHASTIC processes, COMPUTER networks

Abstract

This paper presents a probabilistic model-based approach aimed at evaluating quantitative measures to assess the security risks faced by an information system in operation. The proposed approach takes into account the impact of three environmental factors and their interdependencies: the vulnerability life cycle, the behavior of the attackers and the behavior of the system administrator. Several quantitative security measures are defined and evaluated. Two different scenarios are distinguished corresponding to the case where the system vulnerabilities are discovered by a malicious user or by a non malicious user. The proposed models are based on stochastic activity networks and describe the system states resulting from the combined modeling of the three external factors. Five states are distinguished (vulnerable, exposed, compromised, patched and secure) and probability measures are associated to these states to assess the level of risk faced by the system as a result of the vulnerability exploitation process. The parameters of the models, e.g. those characterizing the occurrence of vulnerability life cycle events, are derived from the analysis of public information recorded in vulnerability databases. Several sensitivity analyses are carried out for the two scenarios, in order to quantify and illustrate the impact of various parameters, including the probability of security patch application, the attack rate, etc. [ABSTRACT FROM PUBLISHER]

Published

2013

27. Interpreting Deep Structures of Information Systems Security.

Author

Thomas, Manoj and Dhillon, Gurpreet

Subjects

INFORMATION technology security, COMPUTER security, COMPUTERS in business, COMPUTER science, ELECTRONIC data processing, DATA integrity

Abstract

Confidentiality, integrity and availability, while being key requirements for ensuring security, have had limitations in providing an integral security model that incorporates the benefits of all predominant designs. Heeding to the call that security models cater to unique operational characteristics of individual firms, this paper presents a deep structure framework of information systems (ISs) security. The framework incorporates three models—representational model, which identifies subsystems within an organization; state-tracking model, which ensures that different states trace IS security in the real world;nd the decomposition model, which defines specific external events that are a stimuli to changes in internal events. In a final synthesis, the paper presents a deep structure-based conceptual clarity that manifests the meaning of dynamic, custom-fit and flexible IS security solutions. [ABSTRACT FROM AUTHOR]

Published

2012

28. Secure Image Retrieval Based on Visual Content and Watermarking Protocol.

Author

Zhang, Jun, Xiang, Yang, Zhou, Wanlei, Ye, Lei, and Mu, Yi

Subjects

CONTENT-based image retrieval, IMAGE retrieval, DIGITAL image watermarking, CLOUD computing, COPYRIGHT of electronic data, COMPUTER security

Abstract

As an interesting application on cloud computing, content-based image retrieval (CBIR) has attracted a lot of attention, but the focus of previous research work was mainly on improving the retrieval performance rather than addressing security issues such as copyrights and user privacy. With an increase of security attacks in the computer networks, these security issues become critical for CBIR systems. In this paper, we propose a novel two-party watermarking protocol that can resolve the issues regarding user rights and privacy. Unlike the previously published protocols, our protocol does not require the existence of a trusted party. It exhibits three useful features: security against partial watermark removal, security in watermark verification and non-repudiation. In addition, we report an empirical research of CBIR with the security mechanism. The experimental results show that the proposed protocol is practicable and the retrieval performance will not be affected by watermarking query images. [ABSTRACT FROM AUTHOR]

Published

2011

29. The Microcosmic Model of Worm Propagation.

Author

Wang, Yini, Wen, Sheng, Cesare, Silvio, Zhou, Wanlei, and Xiang, Yang

Subjects

COMPUTER operating systems, COMPUTER software, MATHEMATICAL models, COMPUTER network security, ERROR analysis in mathematics, COMPUTER worms, COMPUTER security

Abstract

Each year, large amounts of money and labor are spent on patching the vulnerabilities in operating systems and various popular software to prevent exploitation by worms. Modeling the propagation process can help us to devise effective strategies against those worms’ spreading. This paper presents a microcosmic analysis of worm propagation procedures. Our proposed model is different from traditional methods and examines deep inside the propagation procedure among nodes in the network by concentrating on the propagation probability and time delay described by a complex matrix. Moreover, since the analysis gives a microcosmic insight into a worm's propagation, the proposed model can avoid errors that are usually concealed in the traditional macroscopic analytical models. The objectives of this paper are to address three practical aspects of preventing worm propagation: (i) where do we patch? (ii) how many nodes do we need to patch? (iii) when do we patch? We implement a series of experiments to evaluate the effects of each major component in our microcosmic model. Based on the results drawn from the experiments, for high-risk vulnerabilities, it is critical that networks reduce the number of vulnerable nodes to below 80%. We believe our microcosmic model can benefit the security industry by allowing them to save significant money in the deployment of their security patching schemes. [ABSTRACT FROM AUTHOR]

Published

2011

30. Cheating Immune Threshold Visual Secret Sharing1.

Author

De Prisco, Roberto and De Santis, Alfredo

Subjects

DATA encryption, COMPUTER security, COMPUTER network security, INFORMATION sharing, CRYPTOGRAPHY

Abstract

In this paper, we consider the problem of cheating for visual cryptography schemes. Although the problem of cheating has been extensively studied for secret sharing schemes, little work has been done for visual secret sharing. We provide a formal definition of cheating for visual cryptography and new (2, n)-threshold and (n, n)-threshold schemes that are immune to deterministic cheating. [ABSTRACT FROM PUBLISHER]

Published

2010

31. Side-Channel Attack Using Meet-in-the-Middle Technique.

Author

JONGSUNG KIM and SEOKHIE HONG

Subjects

CRYPTOGRAPHY, CIPHERS, DATA encryption, COMPUTER security, COMPUTER science

Abstract

In this paper, we introduce a new side-channel attack using block cipher cryptanalysis named a meet-in-the-middle attack. Using our new side-channel technique we show that advanced encryption standard (AES) with reduced 10 masked rounds is broken, which is faster than the exhaustive key search attack. This implies that one has to mask the entire rounds of the 12-round 192-bit key AES to prevent our attacks. Our result is the first one to analyse AES with reduced 10 masked rounds, while the previous best known side-channel attack is on AES with reduced eight masked rounds. [ABSTRACT FROM PUBLISHER]

Published

2010

32. Security Metrics Foundations for Computer Security.

Author

TRČEK, DENIS

Subjects

COMPUTER security, RISK management in business, SECURITY systems, DATA protection, DATA security

Abstract

Security has been among top priority in computer information systems for more than a decade. Despite the importance of this area, it is interesting to note that the area still lacks (completeness of) one of its basic elements of scientific arsenal, which is metric. This paper therefore presents the situation in this field by giving an analysis of existing metrics that could serve the above-mentioned purpose. Further, it presents a generic risk management model, and gives an analysis of possibilities for application of these existing metrics to the model. It also introduces new metric elements, where these are lacking. As a result, means are provided that enable evaluation of security in information technology systems in a tangible way. Such an approach is essential for every organization in business areas ranging from economical justifications for new security implementations to customized security services with appropriate service costs calculations, and even development of new business models. [ABSTRACT FROM PUBLISHER]

Published

2010

33. Some Further Theoretical Results about Computer Viruses.

Author

ZHIHONG ZUO and MINGTIAN ZHOU

Subjects

COMPUTER viruses, DATA protection, COMPUTER security, COMPUTER software, FIREWALLS (Computer security), COMPUTERS

Abstract

In this paper we give some general definitions of computer viruses which comply with our common understanding of computer viruses. Based on these definitions, we prove theoretically that there may exist some special kinds of computer viruses that have not been found in the real world yet. Furthermore, we prove that the set of computer viruses with the same kernel is ?2-complete. In general the set of computer viruses is ?3-complete. [ABSTRACT FROM AUTHOR]

Published

2004

34. Simpler Generic Constructions for Strongly Secure One-round Key Exchange from Weaker Assumptions.

Author

ZHENG YANG, JUNYU LAI, CHAO LIU, WANPING LIU, and SHUANGQING LI

Subjects

DIGITAL signatures, STANDARD model (Nuclear physics), DATA encryption, ELECTRONIC authentication, COMPUTER security

Abstract

In PKC 2015, Bergsma et al. introduced a generic one-round key exchange (ORKE) protocol (which is referred to as BJS) from digital signature (SIG) and simplified non-interactive key exchange (NIKE) without involving any identity. The BJS scheme is shown to satisfy extended Canetti and Krawczyk-PFS security if the NIKE is adaptive-CKS-light secure and the SIG is strongly secure against existential unforgeability under chosen message attacks. However, the BJS scheme cannot be instantiated with NIKE scheme with identity (e.g. the one proposed by Boneh and Zhandry in Crypto 2014). In this paper, we propose a much simpler generic construction for ORKE from NIKE and SIG. In particular, our scheme only makes weaker security assumptions on the underlying building blocks. Namely, we first show that the static-CKS-light security of NIKE, where the target identities are chosen by the adversary before seeing the system parameters, is sufficient for our construction. On the second, we observe that the SIG only needs to provide strong existential unforgeability under weak chosen message attacks for our construction. These results enable our proposal to have more concrete instantiations which might be easier to build and realize. At the same time, our new protocol is much more computationally efficient than the BJS protocol. [ABSTRACT FROM AUTHOR]

Published

2017

35. Securing Outsourced Data in the Multi-Authority Cloud with Fine-Grained Access Control and Efficient Attribute Revocation.

Author

JUNWEI ZHOU, HUI DUAN, LIANG, KAITAI, QIAO YAN, FEI CHEN, YU, F. RICHARD, JIEMING WU, and JIANYONG CHEN

Subjects

CLOUD storage, ACCESS control, DATA encryption, COMPUTER security, SECURITY systems

Abstract

Data outsourcing is a promising service for data owners, where their data are stored on a cloud storage provider. Since the cloud is not fully trusted, data access control has become a challenging issue in the Cloud Storage System (CSS). Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a feasible technique for ensuring access control in the CSS, where an attribute authority is responsible to manage attributes and distribute keys. In this paper, we propose a novel revocable Multi-Authority CP-ABE scheme, in which the access policy can be constructed as an arbitrary tree rather than a matrix used by existing schemes. The tree-like policy makes our scheme more flexible. Consequently, the encryption, decryption and attribute revocation operations are also more efficient. Our scheme is also proved to be secure under the standard assumption. It can resist user collusion attack, while the attribute revocation operation also achieves both forward security and backward security. Simulation results show that our scheme is highly efficient. [ABSTRACT FROM AUTHOR]

Published

2017

36. Pairing-Free and Secure Certificateless Signcryption Scheme.

Author

HUIFANG YU and BO YANG

Subjects

DATA encryption, CRYPTOGRAPHY, INTERNET auctions, EMAIL systems, COMPUTER security

Abstract

Certificateless signcryption (CLSC) can simultaneously fulfill certificateless encryption and certificateless signature; however, most CLSC schemes need costly computational overhead due to the usage of pairing operations. How to improve its computational efficiency is a very significant research problem. In this paper, we propose a pairing-free and secure CLSC scheme. In the random oracle model, the proposed scheme is indistinguishability against adaptive chosen-ciphertext attacks secure in confidentiality and unforgeability against adaptive chosen-message attacks secure in unforgeability. In the new scheme, only a designated receiver can recover the message, and a third party can verify the validity of a signcrypted text without knowing the receiver's secret value. In addition, this cryptographic algorithm is very appropriate to applications in online auction, email system and private contractual signature. [ABSTRACT FROM AUTHOR]

Published

2017

37. DTKI: A New Formalized PKI with Verifiable Trusted Parties.

Author

JIANGSHAN YU, CHEVAL, VINCENT, and RYAN, MARK

Subjects

APPLICATION software, COMPUTER software, APPLICATION program interfaces, WEB services, WEB-based user interfaces, COMPUTER security

Abstract

The security of public key validation protocols for web-based applications has recently attracted attention because of weaknesses in the certificate authority model, and consequent attacks. Recent proposals using public logs have succeeded in making certificate management more transparent and verifiable. However, those proposals involve a fixed set of authorities. This means an oligopoly is created. Another problem with current log-based system is their heavy reliance on trusted parties that monitor the logs. We propose a distributed transparent key infrastructure (DTKI), which greatly reduces the oligopoly of service providers and allows verification of the behaviour of trusted parties. In addition, this paper formalises the public log data structure and provides a formal analysis of the security that DTKI guarantees. [ABSTRACT FROM AUTHOR]

Published

2016

38. Special Issue on Security and Performance of Networks and Clouds: Guest Editor's Introduction.

Author

Jayaraman, Bharat

Subjects

COMPUTER security, COMPUTER network resources, CLOUD computing, WIRELESS sensor networks, NETWORK PC (Computer), PERFORMANCE evaluation

Abstract

This special issue focuses on the security and performance of computer networks and cloud computing. It was inspired by papers presented at a special symposium held on 22 September 2011 in honor of Professor Satish K. Tripathi on the occasion of his 60th birthday and on the eve of his formal investiture as President of the University at Buffalo, the State University of New York. The symposium brought together some 100 participants, including several of Professor Tripathi's current and former collaborators, colleagues and students. [ABSTRACT FROM AUTHOR]

Published

2012

39. A Novel Permission Hierarchy for RBAC for Dealing with SoD in MAC Models.

Author

VELOUDIS, SIMEON and NISSANKE, NIMAL

Subjects

COMPUTER access control, COMPUTER security, COMPUTER passwords, COMPUTER network security, ACCESS control of computer networks, SECURITY systems

Abstract

Separation of duty (SoD) is a fundamental principle of computer security that has not been addressed sufficiently in multi-level security (MLS) mandatory access control (MAC) models, as realized through the adoption of the Bell-LaPadula (BLP) model. This is due to the lack of means at present to express SoD constraints in MAC. The primary objective of this paper is to overcome this but within a framework that allows for rigour and linguistic features to express SoD constraints, while retaining the core security properties of BLP, namely the Simple Security Property and ⋆-Property. To this end, we propose a formal framework which bridges the BLP model with the more general hierarchical role-based access control (RBAC) model. Our framework is based on a hierarchy of permissions that is founded on a novel concept of permission capacity, determined on the basis of the security levels that characterize objects in MLS models. Such a hierarchy naturally provides a solid basis for defining role seniority and deriving a hierarchical ordering on roles within MLS models. SoD constraints are expressed by means of conflicting permissions that give rise to mutually exclusive roles. [ABSTRACT FROM AUTHOR]

Published

2016

40. Reply to ‘Comment on “A Framework for Modelling Trojans and Computer Virus Infection”’ by E. Mäkinen.

Author

Thimbleby, H., Anderson, S. O., and Cairns, P. A.

Subjects

COMPUTER crimes, COMPUTER viruses, CYBERTERRORISM, COMPUTER security, COMPUTER software, DATA protection

Abstract

Computer viruses are a worrying real-world problem, and a challenge to theoretical modelling. In this issue of the Computer Journal, Erkki Mäkinen proposes universal Turing machines in a critique of an earlier paper, ‘A framework for modelling Trojans and computer virus infection’ (Thimbleby, H., Anderson, S. O. and Cairns, P. (1998) Comp. J., 41, 444–458). This short paper is a reply by those authors. [ABSTRACT FROM PUBLISHER]

Published

2001

41. Modelling Security of Critical Infrastructures: A Survivability Assessment.

Author

Rodríguez, Ricardo J., Merseguer, José, and Bernardi, Simona

Subjects

SYSTEMS engineering, HUMAN error, MALWARE, COMPUTER security, INFORMATION technology security, UNIFIED modeling language, TERRORISM

Abstract

Critical infrastructures, usually designed to handle disruptions caused by human errors or random acts of nature, define assets whose normal operation must be guaranteed to maintain its essential services for human daily living. Malicious intended attacks to these targets need to be considered during system design. To face these situations, defence plans must be developed in advance. In this paper, we present a Unified Modelling Language profile, named SecAM, that enables the modelling and security specification for critical infrastructures during the early phases (requirements, design) of system development life cycle. SecAM enables security assessment, through survivability analysis, of different security solutions before system deployment. As a case study, we evaluate the survivability of the Saudi Arabia crude-oil network under two different attack scenarios. The stochastic analysis, carried out with Generalized Stochastic Petri nets, quantitatively estimates the minimization of attack damages on the crude-oil network. [ABSTRACT FROM AUTHOR]

Published

2015

42. Non-Functional Requirements Framework: A Mathematical Programming Approach.

Author

AFFLECK, AMY, KRISHNA, ANEESH, and ACHUTHAN, NARASIMAHA R.

Subjects

MATHEMATICAL programming, REQUIREMENTS engineering, COMPUTER security, MATHEMATICAL optimization, DECISION support systems

Abstract

Non-functional or quality requirements such as, performance, timeliness and security are often crucial for the success of a software system. Several well-known techniques and frameworks have been developed to deal with the functional aspect of requirements engineering. Recent years have seen the emergence of frameworks that incorporate non-functional requirements (NFRs). The NFR Framework is a qualitative method that bridges the gap between the idea of NFRs, and a software design that encompasses these ideas. The framework functions by modelling NFRs and the associated implementation methods, eventually resulting in a fully documented decision regarding the implementation of said methods. This paper presents a formal linear programming optimization model for the NFR Framework with regard to operationalization selection. The optimization model has the capability of handling large, complicated graphs that were unwieldy in the original framework. The inclusion of a sensitivity analysis expands the functionality of the optimization model to provide useful data on even the smallest of problems. These additional data allow the optimization model to assist in conflict resolution with regard to the initial quantitative values. The approach is illustrated using two case studies from the literature and verified through a simulation-based analysis. [ABSTRACT FROM AUTHOR]

Published

2015

43. Signcryption Secure Against Linear Related-Key Attacks.

Author

Cui, Hui, Mu, Yi, and Au, Man Ho

Subjects

CRYPTOGRAPHY research, DATA encryption, DATA security, COMPUTER security, COMPUTER network security

Abstract

A related-key attack (RKA) occurs when an adversary tampers the private key stored in a cryptographic hardware device, and observes the result of the cryptographic primitive under this modified private key. In this paper, we consider the security of signcryption schemes under linear RKAs, where an adversary is allowed to tamper the private keys of the receiver and the sender, and subsequently observe the outcome of a signcryption system under these modified private keys of both parties. We define two security notions for RKA-secure signcryption schemes: chosen ciphertext RKA and chosen message RKA. We require that a signcryption scheme remains secure even when an adversary is allowed to access the designcryption oracle and the signcryption oracle on linear shifts of the private keys of the receiver and the sender, respectively. After reviewing some basic definitions related to our construction, we give a specific signcryption scheme from bilinear Diffie–Hellman which is secure against RKAs. Furthermore, we extend the security model of signcryption with anonymity, where the ciphertext is anonymous to others except the real receiver given the honest sender and the honest receiver. Fortunately, with a trivial modification to the original signcryption scheme, our proposed signcryption scheme can protect the privacy of both the sender and the receiver. [ABSTRACT FROM PUBLISHER]

Published

2014

44. Key-Evolving Hierarchical ID-Based Signcryption.

Author

Zhang, Yinghui, Chen, Xiaofeng, and Li, Hui

Subjects

DATA encryption, DATA protection, DATA corruption, DATA integrity, COMPUTER security

Abstract

Key-evolving cryptography is intended to mitigate the damage in case of a secret key compromise, one of the severest security threats to actual cryptographic schemes. In the public-key setting, the essential idea of key-evolving lies in updating the private key with time, while maintaining the same public key. Key evolution in encryption and signing has been well studied, especially in the identity-based (ID-based) setting where an entity's public key can be derived from that entity's identity information. From a more practical standpoint, however, one would like to use the primitive signcryption in the hierarchical ID-based setting. In this paper, we propose the first key-evolving hierarchical ID-based signcryption scheme that is scalable and joining-time-oblivious and allows secret keys to be updated autonomously. The security proofs of our construction depend on the bilinear Diffie–Hellman assumption and the computational Diffie–Hellman assumption in the random oracle model. To be specific, our proposal not only achieves the fundamental goals of confidentiality and authenticity, but also enjoys desirable properties of non-repudiation, ciphertext anonymity and strong forward security. Compared with the conventional sign-then-encrypt approach, our construction provides better efficiency in terms of the computation cost and the communication overhead. [ABSTRACT FROM AUTHOR]

Published

2013

45. HISS: A HIghly Scalable Scheme for Group Rekeying.

Author

Dini, Gianluca and Tiloca, Marco

Subjects

TELECOMMUNICATION, COMPUTER security, COMPUTATIONAL complexity, CYBERTERRORISM, DATA recovery, MESSAGE passing (Computer science)

Abstract

Group communication is a suitable and effective communication model for large-scale distributed systems. To be fully exploitable, group communication must be protected. This is normally achieved by providing members with a group key which is revoked and redistributed upon every member's joining (backward security) or leaving (forward security). Such a rekeying process must be efficient and highly scalable. In this paper, we present HISS, a highly scalable group rekeying scheme that efficiently rekeys the group into two broadcast rekeying messages. HISS features two novel contributions. First, it exhibits a rekeying cost which is constant and independent of the group size, thus being highly scalable with the number of users. At the same time, memory occupancy and computational overhead are affordable on customary platforms. Second, HISS considers collusion as a first-class attack and recovers the group in such a way that it does not require a total group recovery. Efficiency of collusion recovery gracefully decreases with the attack severity. We prove the correctness of HISS, analytically evaluate its performance and argue that it is deployable on customary platforms. Finally, we show that it is possible to practically contrast or even prevent collusion attacks by properly allocating users to subgroups. [ABSTRACT FROM PUBLISHER]

Published

2013

46. Efficient Linkable and/or Threshold Ring Signature Without Random Oracles.

Author

Yuen, Tsz Hon, Liu, Joseph K., Au, Man Ho, Susilo, Willy, and Zhou, Jianying

Subjects

DIGITAL signatures, COMPUTER security, INTERNET in public administration, ELECTRONIC commerce, PUBLIC key cryptography, COMPUTER science

Abstract

Linkable ring signatures have found many attractive applications. One of the recent important extensions is a linkable threshold ring signature (LTRS) scheme. Unfortunately, the existing LTRS schemes are only secure in the random oracle model (ROM). In this paper, we make the following contributions. First, we construct the first LTRS scheme that is secure without requiring the ROM. Further, we enhance the security of a threshold ring signature (for both linkable or non-linkable) by providing a stronger definition of anonymity. This strengthened notion makes threshold ring signature schemes more suitable in real life. Finally, we provide efficient schemes that outperform the existing schemes in the literature. Our scheme is particularly suitable for electronic commerce or electronic government where anonymity and accountability are the most concerned factors. [ABSTRACT FROM PUBLISHER]

Published

2013

47. A Provably Secure Construction of Certificate-Based Encryption from Certificateless Encryption.

Author

Wu, Wei, Mu, Yi, Susilo, Willy, Huang, Xinyi, and Xu, Li

Subjects

COMPUTER security, PUBLIC key cryptography, COMPUTER access control, DATA transmission systems, DATA protection, COMPUTER architecture, COMPUTER networks, SCALABILITY, DATA encryption

Abstract

Certificate-based encryption (CBE) and certificateless encryption (CLE) are proposed to lessen the certificate management problem in a traditional public-key encryption setting. Although they are two different notions, CBE and CLE are closely related and possess several common features. The encryption in CBE and CLE does not require authenticity verification of the recipient's public key. The decryption in both notions requires two secrets that are generated by the third party and the public key owner, respectively. Recently a generic conversion from CLE to CBE was given, but unfortunately its security proof is flawed. This paper provides an elaborate security model of CBE, based on which a provably secure generic construction of CBE from CLE is proposed. A concrete instantiation is also presented to demonstrate the application of our generic construction. [ABSTRACT FROM AUTHOR]

Published

2012

48. A Performance-Oriented Monitoring System for Security Properties in Cloud Computing Applications.

Author

Muñoz, Antonio, Gonzalez, Javier, and Maña, Antonio

Subjects

CLOUD computing, COMPUTER software, COMPUTER security, APPLICATION software, COMPUTATIONAL complexity, PERFORMANCE evaluation, FINITE state machines

Abstract

Security is considered one of the crucial issues for the widespread adoption of cloud computing. Despite all research done in preventive security for cloud computing, the high complexity and the interdependence of many software layers and infrastructures mean that in practice there are always chances for something going wrong. For this reason, there is a need to complement preventive security measures with reactive measures. Among these, monitoring is the most relevant approach. In this paper, we introduce a new and robust architecture for dynamic security monitoring and enforcement specially designed for cloud computing scenarios. Our solution is therefore a complete one including a three-layered architecture, a new language for expressing monitoring rules and a strategy based on the generation of a finite-state machine to improve the performance of the monitoring engine. [ABSTRACT FROM AUTHOR]

Published

2012

49. An Optimal Inherently Stabilizing 2-Neighborhood Crash Resilient Protocol for Secure and Reliable Routing in Hypercube Networks.

Author

Karaata, Mehmet Hakan, Sinanoglu, Ozgur, and AlBdaiwi, Bader

Subjects

HYPERCUBE networks (Computer networks), TOPOLOGY, COMPUTER networks, BANDWIDTHS, NETWORK routing protocols, PATHS & cycles in graph theory, COMPUTER algorithms, COMPUTER security

Abstract

Many fundamental problems in the area of distributed systems such as security, reliable routing, network survivability and broadening available bandwidth can be addressed through the use of disjoint paths between communication endpoints. Therefore, distributed solutions to the disjoint paths problem are of crucial importance to these fundamental problems. Disjoint paths naturally exist in traditional networks; however, these networks provide no guarantees regarding the presence and the number of available disjoint paths. On the other hand, network topologies structured based on Caley graphs such as hypercube, star networks and their variations possess many desirable properties related to disjoint paths. Therefore, it is anticipated that backbones of future networks will be structured following some Caley graph topologies. In this paper, we present a simple novel stabilizing and inherently stabilizing algorithm to route messages over all node-disjoint paths of optimal length from one non-faulty process to another in at most n+1 rounds in an n-dimensional hypercube network in the presence of crash failures. The proposed algorithm can tolerate up to 2n−⌈log (n+1)⌉ process/link failures in the network and a maximum of ⌊(L−2)/3⌋ process/link failures on each disjoint path, where L is the number of processes on a disjoint path and the distance between any two failed processes/links is at least three. The proposed algorithm tolerates a large number of process and link failures, while delivering all n messages over optimal-length disjoint paths in the presence of maximum permissible process/link failures on each path. This is achieved by a simple uniform distributed algorithm using only local knowledge of failure locations. [ABSTRACT FROM AUTHOR]

Published

2012

50. Satisfying Privacy Requirements Before Data Anonymization.

Author

Sun, Xiaoxun, Wang, Hua, Li, Jiuyong, and Zhang, Yanchun

Subjects

COMPUTER security, COMPUTATIONAL complexity, DATA analysis, COMPUTER surveys, STANDARD deviations, PROBLEM solving

Abstract

In this paper, we study a problem of protecting privacy of individuals in large public survey rating data. We propose a novel (k,ε, l)-anonymity model to protect privacy in large survey rating data, in which each survey record is required to be similar to at least k−1 other records based on the non-sensitive ratings, where the similarity is controlled by ε, and the standard deviation of sensitive ratings is at least l. We study an interesting yet non-trivial satisfaction problem of the proposed model, which is to decide whether a survey rating data set satisfies the privacy requirements given by the user. For this problem, we investigate its inherent properties theoretically, and devise a novel slicing technique to solve it. We analyze the computation complexity of the proposed slicing technique and conduct extensive experiments on two real-life data sets, and the results show that the slicing technique is fast and scalable with data size and much more efficient in terms of execution time and space overhead than the heuristic pairwise method. [ABSTRACT FROM PUBLISHER]

Published

2012