Now showing 1 - 10 of 31
  • Publication
    Statically Aggregate Verifiable Random Functions and Application to E-Lottery
    (MDPI, 2020-12-13)
    Liang, Bei
    ;
    Banegas, Gustavo
    ;
    Cohen, Goldwasser, and Vaikuntanathan (TCC’15) introduced the concept of aggregate pseudo-random functions (PRFs), which allow efficiently computing the aggregate of PRF values over exponential-sized sets. In this paper, we explore the aggregation augmentation on verifiable random function (VRFs), introduced by Micali, Rabin and Vadhan (FOCS’99), as well as its application to e-lottery schemes. We introduce the notion of static aggregate verifiable random functions (Agg-VRFs), which perform aggregation for VRFs in a static setting. Our contributions can be summarized as follows: (1) we define static aggregate VRFs, which allow the efficient aggregation of VRF values and the corresponding proofs over super-polynomially large sets; (2) we present a static Agg-VRF construction over bit-fixing sets with respect to product aggregation based on the q-decisional Diffie–Hellman exponent assumption; (3) we test the performance of our static Agg-VRFs instantiation in comparison to a standard (non-aggregate) VRF in terms of costing time for the aggregation and verification processes, which shows that Agg-VRFs lower considerably the timing of verification of big sets; and (4) by employing Agg-VRFs, we propose an improved e-lottery scheme based on the framework of Chow et al.’s VRF-based e-lottery proposal (ICCSA’05). We evaluate the performance of Chow et al.’s e-lottery scheme and our improved scheme, and the latter shows a significant improvement in the efficiency of generating the winning number and the player verification.
    Type:
    Journal:
    Volume:
    Issue:
    Scopus© Citations 3
  • Publication
    Practical and Provably Secure Distributed Aggregation: Verifiable Additive Homomorphic Secret Sharing
    (MDPI, 2020-09-21)
    Tsaloli, Georgia
    ;
    Banegas, Gustavo
    ;
    Often clients (e.g., sensors, organizations) need to outsource joint computations that are based on some joint inputs to external untrusted servers. These computations often rely on the aggregation of data collected from multiple clients, while the clients want to guarantee that the results are correct and, thus, an output that can be publicly verified is required. However, important security and privacy challenges are raised, since clients may hold sensitive information. In this paper, we propose an approach, called verifiable additive homomorphic secret sharing (VAHSS), to achieve practical and provably secure aggregation of data, while allowing for the clients to protect their secret data and providing public verifiability i.e., everyone should be able to verify the correctness of the computed result. We propose three VAHSS constructions by combining an additive homomorphic secret sharing (HSS) scheme, for computing the sum of the clients’ secret inputs, and three different methods for achieving public verifiability, namely: (i) homomorphic collision-resistant hash functions; (ii) linear homomorphic signatures; as well as (iii) a threshold RSA signature scheme. In all three constructions, we provide a detailed correctness, security, and verifiability analysis and detailed experimental evaluations. Our results demonstrate the efficiency of our proposed constructions, especially from the client side.
    Type:
    Journal:
    Volume:
    Issue:
    Scopus© Citations 7
  • Publication
    Multi-key homomorphic authenticators
    (IET The Institution of Engineering and Technology, 2019-11-01)
    Fiore, Dario
    ;
    ;
    Nizzardo, Luca
    ;
    Pagnin, Elena
    Scopus© Citations 7
  • Publication
    Decentralised Functional Signatures.
    (Springer, 2019-10-18)
    Liang, Bei
    ;
    With the rapid development of the Internet of Things (IoT) a lot of critical information is shared however without having guarantees about the origin and integrity of the information. Digital signatures can provide important integrity guarantees to prevent illegal users from getting access to private and sensitive data in various IoT applications. Functional signatures, introduced by Boyle, Goldwasser and Ivan (PKC 2014) as signatures with a finegrained access control, allow an authority to generate signing keys corresponding to various functions such that a user with a signing key for a function f, can sign the image of the function f on a message mi.e., can sign f(m). Okamoto and Takashima (PKC 2013) firstly proposed the notion of a decentralized multi-authority functional signature (DMA-FS) scheme, which supports non-monotone access structures combined with inner-product relations. In this paper, we generalise the definition of DMA-FS proposed by Okamoto et al. (PKC13) for even more general policy functions, which support any polynomial-size boolean predicates other than the inner product relation and allow modifications of the original message. In our multi-authority functional signature (MAFS), there are multiple authorities and each one is able to certify a specific function and issue a corresponding functional signing key for each individual with some property, rendering them very useful in application settings such smart homes, smart cities, smart health care etc. We also provide a general transformation from a standard signature scheme to a MAFS scheme. Moreover, we present a way to build a function private MAFS from a FS without function privacy together with SNARKs.
    Scopus© Citations 3
  • Publication
    Lattice-Based Simulatable VRFs: Challenges and Future Directions
    (Innovative Information Science & Technology Research Group (ISYOU), 2018-11-30)
    Brunetta, Carlo
    ;
    Liang, Bei
    ;
    Lattice-based cryptography is evolving rapidly and is often employed to design cryptographic primitives that hold a great promise to be post-quantum resistant and can be employed in multiple application settings such as: e-cash, unique digital signatures, non-interactive lottery and others. In such application scenarios, a user is often required to prove non-interactively the correct computation of a pseudo-random function Fk(x) without revealing the secret key k used. Commitment schemes are also useful in application settings requiring to commit to a chosen but secret value that could be revealed later. In this short paper, we provide our insights on constructing a lattice-based simulatable verifiable random function (sVRF) using non interactive zero knowledge arguments and dual-mode commitment schemes and we point out the main challenges that need to be addressed in order to achieve it.
    Type:
    Journal:
    Volume:
    Issue:
  • Publication
    Tangible security: Survey of methods supporting secure ad-hoc connects of edge devices with physical context.
    (Elsevier, 2018-07-30)
    Hu, Qiao
    ;
    Zhang, Jingyi
    ;
    ;
    Hancke, Gerhard
    Edge computing is the concept of moving computation back to the endpoints of a network, as an alternative to, or in combination with, centralized, cloud-based architectures. It is especially of interest for Internet-of-Things and Cyber-Physical Systems where embedded endpoints make up the edge of the network, and where these devices need to make localised, time-critical decisions. In these environment secure, ad-hoc device-to-device interaction is important, but offers a challenge because devices might belong to different systems, or security domains, which complicates trusted communication and key establishment. There has been a growing interest in complementing conventional cryptography with physical context. This allows for services that are difficult to achieve with existing cryptographic mechanisms: devices pairing (initial key establishment) and proof-of-proximity (ensuring devices are physically present). Numerous methods, the majority of which are based on the physical context of device characteristics, behavior or environment, have been proposed to supplement cryptography in achieving these services. This paper provides an overview of this area of research, first discussing the nature and importance of the two specified security services in ad-hoc communication settings and then providing an introduction to prominent physical context security approaches in literature.
    Scopus© Citations 16
  • Publication
    VIVO: A secure, privacy-preserving, and real-time crowd-sensing framework for the Internet of Things.
    (Elsevier, 2018-07-21)
    Luceri, Luca
    ;
    Cardoso, Felipe
    ;
    Papandrea, Michaela
    ;
    Giordano, Silvia
    ;
    Buwaya, Julia
    ;
    Kundig, Stéphane
    ;
    Angelopoulos, Constantinos Marios
    ;
    Rolim, José
    ;
    Zhao, Zhongliang
    ;
    Carrera, Jose Luis
    ;
    Braun, Torsten
    ;
    Tossou, Aristide C.Y.
    ;
    Dimitrakakis, Christos
    ;
    Scopus© Citations 9
  • Publication
    HB+DB: Distance bounding meets human based authentication.
    (Elsevier, 2018-03)
    Pagnin, Elena
    ;
    Yang, Anjia
    ;
    Hu, Qiao
    ;
    Hancke, Gerhard
    ;
    Authentication for resource-constrained devices is seen as one of the major challenges in current wireless communication networks. The protocol by Juels and Weis provides device authentication based on the learning parity with noise (LPN) problem and is appropriate for resource-constrained devices, but it has been shown to be vulnerable to a simple man-in-the-middle attack. Subsequent work has focused on modifying the cryptographic properties of the original protocol to mitigate this problem. We propose that this attack could be mitigated using physical layer measures from distance-bounding protocols and simple modifications to devices’ radio receivers. We take the as a reference protocol and combine it with distance-bounding techniques. This hybrid solution, the protocol is shown to provide resistance against the man-in-the-middle attacks on as a result of the additional physical-layer mechanisms. We analyze the security of the proposed protocol against active man-in-the-middle attacks and present experiments showing how it is practically possible to limit the success of a practical man-in-the-middle attack. We also briefly discuss the possibility that could provide some resistance to basic threats scenarios meant to be mitigated by distance-bounding protocols. We make a practical implementation to verify that our proposed method is feasible. Finally, we discuss a proof-of-concept channel for our scheme implemented on a platform equivalent in resources to a contactless smart card/NFC device.
    Scopus© Citations 11
  • Publication
    Two-hop Distance-Bounding Protocols: Keep your Friends Close.
    (IEEE, 2018-07-01)
    Yang, Anjia
    ;
    Pagnin, Elena
    ;
    ;
    Hancke, Gerhard P.
    ;
    Wong, Duncan S.
    Type:
    Journal:
    Volume:
    Issue:
    Scopus© Citations 19