Showing papers on "Revocation published in 2019"

Efficient Conditional Anonymity With Message Integrity and Authentication in a Vehicular Ad-Hoc Network

Abstract: Vehicles in a vehicular ad-hoc network (VANET) broadcast beacons giving safety-related and traffic information. In an open-access environment, this means that the VANET is susceptible to security and privacy issues. In this paper, we propose a new pseudo-identity-based scheme for conditional anonymity with integrity and authentication in a VANET. The proposed scheme uses a pseudonym in the joining process with the road-side unit (RSU) to protect the real identity even from the RSU, in case it is compromised. All previous identity-based schemes have been prone to insider attackers, and have not met the revocation process. Our scheme resolves these drawbacks as the vehicle signs the beacon with a signature obtained from the RSU. Our scheme satisfies the requirements for security and privacy, and especially the requirements for message integrity and authentication, privacy preservation, non-repudiation, traceability, and revocation. In addition, it provides conditional anonymity to guarantee the protection of an honest vehicle's real identity, unless malicious activities are detected. It is also resistant to common attacks such as modification, replay, impersonation, and man-in-the-middle (MITM) attacks. Although the numerous existing schemes have used a bilinear pairing operation, our scheme does not depend on this due to the complex operations involved, which cause significant computation overhead. Furthermore, it does not have a certification revocation list, giving rise to significant costs due to storage and inefficient communication. Our analysis demonstrates that our scheme can satisfy the security and privacy requirements of a VANET more effectively than previous schemes. We also compare our scheme with the recently proposed schemes in terms of communication and computation and demonstrate its cost-efficiency and appropriateness in working with the VANET. Meanwhile, the computation costs of the beacon signing and verification in our scheme are reduced by 49.9% and 33.3%, respectively.

Survey on Revocation in Ciphertext-Policy Attribute-Based Encryption.

Abstract: Recently, using advanced cryptographic techniques to process, store, and share data securely in an untrusted cloud environment has drawn widespread attention from academic researchers. In particular, Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a promising, advanced type of encryption technique that resolves an open challenge to regulate fine-grained access control of sensitive data according to attributes, particularly for Internet of Things (IoT) applications. However, although this technique provides several critical functions such as data confidentiality and expressiveness, it faces some hurdles including revocation issues and lack of managing a wide range of attributes. These two issues have been highlighted by many existing studies due to their complexity which is hard to address without high computational cost affecting the resource-limited IoT devices. In this paper, unlike other survey papers, existing single and multiauthority CP-ABE schemes are reviewed with the main focus on their ability to address the revocation issues, the techniques used to manage the revocation, and comparisons among them according to a number of secure cloud storage criteria. Therefore, this is the first review paper analysing the major issues of CP-ABE in the IoT paradigm and explaining the existing approaches to addressing these issues.

CHERIvoke: Characterising Pointer Revocation using CHERI Capabilities for Temporal Memory Safety

Abstract: A lack of temporal safety in low-level languages has led to an epidemic of use-after-free exploits. These have surpassed in number and severity even the infamous buffer-overflow exploits violating spatial safety. Capability addressing can directly enforce spatial safety for the C language by enforcing bounds on pointers and by rendering pointers unforgeable. Nevertheless, an efficient solution for strong temporal memory safety remains elusive. CHERI is an architectural extension to provide hardware capability addressing that is seeing significant commercial and open-source interest. We show that CHERI capabilities can be used as a foundation to enable low-cost heap temporal safety by facilitating out-of-date pointer revocation, as capabilities enable precise and efficient identification and invalidation of pointers, even when using unsafe languages such as C. We develop CHERIvoke, a technique for deterministic and fast sweeping revocation to enforce temporal safety on CHERI systems. CHERIvoke quarantines freed data before periodically using a small shadow map to revoke all dangling pointers in a single sweep of memory, and provides a tunable trade-off between performance and heap growth. We evaluate the performance of such a system using high-performance x86 processors, and further analytically examine its primary overheads. When configured with a heap-size overhead of 25%, we find that CHERIvoke achieves an average execution-time overhead of under 5%, far below the overheads associated with traditional garbage collection, revocation, or page-table systems.

The lord of the shares: combining attribute-based encryption and searchable encryption for flexible data sharing

Abstract: Secure cloud storage is considered one of the most important issues that both businesses and end-users are considering before moving their private data to the cloud. Lately, we have seen some interesting approaches that are based either on the promising concept of Symmetric Searchable Encryption (SSE) or on the well-studied field of Attribute-Based Encryption (ABE). In the first case, researchers are trying to design protocols where users' data will be protected from both internal and external attacks without paying the necessary attention to the problem of user revocation. On the other hand, in the second case existing approaches address the problem of revocation. However, the overall efficiency of these systems is compromised since the proposed protocols are solely based on ABE schemes and the size of the produced ciphertexts and the time required to decrypt grows with the complexity of the access formula. In this paper, we propose a protocol that combines both SSE and ABE in a way that the main advantages of each scheme are used. The proposed protocol allows users to directly search over encrypted data by using an SSE scheme while the corresponding symmetric key that is needed for the decryption is protected via a Ciphertext-Policy Attribute-Based Encryption scheme.

An Attribute-Based Framework for Secure Communications in Vehicular Ad Hoc Networks

Abstract: In this paper, we introduce an attribute-based framework to achieve secure communications in vehicular ad hoc networks (VANETs), which enjoys several advantageous features. The proposed framework employs attribute-based signature (ABS) to achieve message authentication and integrity and protect vehicle privacy, which greatly mitigates the overhead caused by pseudonym/private key change or update in the existing solutions for VANETs based on symmetric key, asymmetric key, and identity-based cryptography and group signature. In addition, we extend a standard ABS scheme with traceability and revocation mechanisms and seamlessly integrate them into the proposed framework to support vehicle traceability and revocation by a trusted authority, and thus, the resulting scheme for vehicular communications does not suffer from the anonymity misuse issue, which has been a challenge for anonymous credential-based vehicular protocols. Finally, we implement the proposed ABS scheme using a rapid prototyping tool called Charm to evaluate its performance.

A Blockchain-Based Privacy-Awareness Authentication Scheme With Efficient Revocation for Multi-Server Architectures

Abstract: Multi-server authentication technology has become more and more popular with the extensive applications of networks. Although it has brought great convenience to people’s life, security becomes a critical issue and attracts lots of attentions in both academia and industry. Over the past two decades, a series of multi-server authentication schemes without communication with the online registration center in each authentication phase using the self-certified public key cryptography have been proposed to enhance security. However, it may cause the single-point failure problem due to the centralized architecture. Besides, user revocation facility is not well resolved in these schemes. To the best of our knowledge, blockchain technology has lots of advantages, bringing a promising solution to the problems of single-point failure and user revocation compared with the traditional cryptography technologies. In this work, we apply the idea of blockchain technology to construct a privacy-awareness authentication scheme for the multi-server environment, which can achieve distributed registry and efficient revocation. Moreover, the proposed scheme not only provides multiple security requirements like mutual authentication, user anonymity and perfect forward secrecy, but also resists various kinds of malicious attacks. The security of the proposed scheme is proved by rigorous formal proof using the random oracle model. Compared with recently related schemes, the proposed scheme has better communication performance, which make it be very suitable for real-life applications.

Updatable Ciphertext-Policy Attribute-Based Encryption Scheme With Traceability and Revocability

Abstract: Ciphertext-policy attribute-based encryption (CP-ABE) can offer fine-grained access control over encrypted data, which is suitable for complex commercial applications. However, since the same decryption privileges could be shared by multiple users in the one-to-many encryption mechanism, it is dangerous that a malicious user misuses his secret key but cannot be traced. In addition to further security, when the malicious user has been caught, it is required to revoke him from the system. To address these problems, we propose a novel updatable CP-ABE scheme supporting white-box traceability and traitor revocation. In the proposed scheme, a “fixed point” is embedded into the user's secret key to achieving the traceability and each user is assigned with a unique identifier for revocation. Moreover, the secret exponent used to encrypt a message is divided into two parts: one is assigned to access policy and the other to the revocation list. Therefore, only a part of the ciphertext components needs to be updated when the revocation list is changed, which greatly simplifies the process of ciphertext update. Compared to the previous works, our scheme is more efficient, and can achieve valid revocation and ciphertext update. In addition, the traceability of the proposed scheme is depended on the l-Strong Difffie-Hellman assumption, and the indistinguishability security under selective access policy and chosen-plaintext attacks in the standard model is reduced to the Decisional q-Bilinear Diffie-Hellman assumption. Furthermore, the experimental results show that the proposed scheme is efficient.

ACPC: Efficient revocation of pseudonym certificates using activation codes

Abstract: Vehicular communication (V2X) technologies allow vehicles to exchange information about the road conditions and their own status, and thereby enhance transportation safety and efficiency. For broader deployment, however, such technologies are expected to address security and privacy concerns, preventing abuse by users and by the system’s entities. In particular, the system is expected to enable the revocation of malicious vehicles, e.g., in case they send invalid information to their peers or to the roadside infrastructure; it should also prevent the system from being misused for tracking honest vehicles. Both features are enabled by Vehicular Public Key Infrastructure (VPKI) solutions such as Security Credential Management Systems (SCMS), one of the leading candidates for protecting V2X communication in the United States. Unfortunately, though, SCMS’s original revocation mechanism can lead to large Certification Revocation Lists (CRLs), which in turn impacts the bandwidth usage and processing overhead of the system. In this article, we propose a novel design called Activation Codes for Pseudonym Certificates (ACPC), which can be integrated into SCMS to address this issue. Our proposal is based on activation codes, short bit-strings without which certificates previously issued to a vehicle cannot be used by the latter, which are periodically distributed to non-revoked vehicles using an efficient broadcast mechanism. As a result, the identifiers of the corresponding certificates do no need to remain on the CRL for a long time, reducing the CRLs’ size and streamlining their distribution and verification of any vehicle’s revocation status. Besides describing ACPC in detail, we also compare it to similar-purpose solutions such as Issue First Activate Later (IFAL) and Binary Hash Tree based Certificate Access Management (BCAM). This analysis shows that our proposal not only improves privacy (e.g., in terms of resilience against colluding system authorities), but also leads to processing and bandwidth overheads that are orders of magnitude smaller than those observed in the state of the art.

Misbehavior detection and efficient revocation within VANET

Abstract: Trustworthy communication in VANET Network is essential to provide functional, efficient and reliable traffic safety applications. The main concern arises on how to maintain only the trustworthy participants and revoke the misbehaving ones. In this paper, we propose a new framework for the certificate revocation process within VANET. This process can be activated by the Misbehavior Detection Systems (MDSs) running within vehicles and the Misbehavior Authority (MA) within the infrastructure, which identifies and excludes misbehaving vehicles to guarantee the long-term functionality of the network. These MDSs rely on the trust evaluation for participating vehicles which is updated continuously based on their behaviors. Therefore, the revocation is done periodically through geographical Certificate Revocation List (CRL) which specifies the certificates of all revoked vehicles within a specific area. This results in a lightweight solution for CRL management and distribution within a modular and secure infrastructure based on Public Key Infrastructure (PKI), group formation and trust evaluation. Simulation scenarios and risk analysis were carried out showing the advantages of the proposed revocation framework.

A Lightweight Auditing Service for Shared Data With Secure User Revocation in Cloud Storage

Abstract: As data sharing has become one of the most popular services offered by cloud storage, designing public auditing mechanisms for integrity of shared data becomes more important. Two problems which arise in shared data auditing include preserving users identity and collusion resistant revocation of users. When data stored at the cloud is shared among a group of users, different users may modify and sign different data blocks which leaks signer identities to the public verifier. Also, when a user is revoked from the group, signatures generated by this user should be re-signed by the cloud server using re-signature keys. In addition, collusion of cloud server and the revoked user should leak no information about the private key of other users. In this paper, by employing a new proxy re-signature scheme, we propose a public shared data auditing mechanism that provides identity privacy and collusion resistant user revocation, simultaneously. The proposed protocol requires only lightweight computations at the user side for signing data blocks in real-time online phase. Moreover, our protocol supports large dynamic group of users, batch auditing and dynamic data operations. Experimental results demonstrate excellent efficiency of our scheme in comparison to the state of the art.

Anonymous Transactions with Revocation and Auditing in Hyperledger Fabric.

Abstract: In permissioned blockchain systems, participants are admitted to the network by receiving a credential from a certification authority. Each transaction processed by the network is required to be authorized by a valid participant who authenticates via her credential. Use case settings where privacy is a concern thus require proper privacy-preserving authentication and authorization mechanisms. Anonymous credential schemes allow a user to authenticate while showing only those attributes necessary in a given setting. This makes them a great tool for authorizing transactions in permissioned blockchain systems based on the user’s attributes. As in most setups of such systems where there is one distinct certification authority for each organization in the network, the use of plain anonymous credential schemes still leaks the association of a user to her issuing organization. Camenisch, Drijvers and Dubovitskaya (CCS 2017) therefore suggest the use of a delegatable anonymous credential scheme to also hide that remaining piece of information. In this paper we improve the Camenisch et al. scheme and extend it with revocation and auditability; two functionalities that are necessary for real-world adoption. We present a complete protocol and provide its production-grade open-source implementation including the scheme and the proposed extensions, ready to be integrated with Hyperledger Fabric. Our distributed-setting performance measurements show that the integration of the scheme with Hyperledger Fabric, while incurring an overhead in comparison to the less privacy-preserving solutions, is practical for settings with stringent privacy requirements. PVLDB Reference Format: Dmytro Bogatov, Angelo De Caro, Kaoutar Elkhiyaoui, and Björn Tackmann. Anonymous Transactions with Revocation and Auditing in Hyperledger Fabric. PVLDB, 14(1): XXX-XXX, 2020. doi:10.14778/3324301.3324309 This work is licensed under the Creative Commons BY-NC-ND 4.0 International License. Visit https://creativecommons.org/licenses/by-nc-nd/4.0/ to view a copy of this license. For any use beyond those covered by this license, obtain permission by emailing info@vldb.org. Copyright is held by the owner/author(s). Publication rights licensed to the VLDB Endowment. Proceedings of the VLDB Endowment, Vol. 14, No. 1 ISSN 2150-8097. doi:10.14778/3324301.3324309

Server-Aided Fine-Grained Access Control Mechanism with Robust Revocation in Cloud Computing

Abstract: As an innovative technique for cloud storage services, attribute based encryption (ABE) enables fine-grained access control over encrypted data in many cloud computing applications. However, there exist two main drawbacks that restrict the development of ABE. One is that most of the existing user revocation mechanisms cannot achieve high efficiency, immediacy and robustness simultaneously. Another is that the decryption of ABE contains expensive pairing operations which often grow with the complexity of access policy. In this work, we propose a practical server-aided revocable fine-grained access control mechanism with the help of cloud's storage, computing and management capabilities, which not only achieves efficient fine-grained attribute based access control, but also actualizes immediate and robust user revocation. Moreover, most of the complicated operations in decryption are outsourced to the public cloud server, leaving one exponentiation for the users. At last, we implement our proposed mechanism with Charm framework. The benchmark results demonstrate the high efficiency and practicality of our proposed mechanism.

The politics of un-belonging: lessons from Canada’s experiment with citizenship revocation

Abstract: Citizenship revocation has returned to the political agenda. In recent years, many Western democracies have either legislated or considered legislating citizenship revocation for terrorism offences...

Fine-grained access control of EHRs in cloud using CP-ABE with user revocation

Abstract: Cloud computing is a novel model for computing and storing. It enables elasticity, on-demand and low-cost usage of computing resources. Electronic health record (EHR) is an emerging patient-oriented paradigm for sharing of medical data. With the arrival of cloud computing, health care industries outsource their EHR to the cloud servers but, at the same time there is increased demand and concern for outsourced EHR’s security also. The major concerns in data outsourcing are the implementation of access policies and policies modification. To address these issues, the optimal solution is Ciphertext Policy Attribute Based Encryption (CP-ABE). CP-ABE allows the patients to describe their own access policies and implement those policies on their data before outsourcing into the cloud servers. But there are major limitations like key escrow and user revocation problems. In this paper, we proposed a modified CP-ABE scheme with user revocation to strengthen data outsourcing system in cloud architecture. The proposed system addresses the key-escrow and revocation problems. 1) The key-escrow problem is solved by using two-authority computation between the key generator authority and cloud server and 2) An immediate attribute modification method is used to achieve fine-grained user revocation. Security analysis and performance evaluation demonstrates that the proposed system is efficient to achieve security in outsourced EHRs in cloud servers.

Citizenship revocation: a stress test for liberal democracy

Abstract: On the basis of the case studies collected in this special issue, the paper analyses what is philosophically at stake in public discourses and policies about citizenship revocation, and why the lat...

Revocable Attribute-Based Encryption Scheme With Efficient Deduplication for Ehealth Systems

Abstract: The deduplication based on attribute-based encryption can be well used in eHealth systems to save storage space and share medical records. However, the excessive computation costs of existing schemes lead to inefficient deduplication. In addition, the frequent changes of clients' attribute weaken the forward secrecy of data, and thus, how to achieve the attribute revocation in deduplication is a problem that remains to be solved. In this paper, we propose a variant of the attribute-based encryption scheme that supports efficient deduplication and attributes revocation for eHealth systems. Specifically, an efficient deduplication protocol based on the nature of prime number is used to alleviate the computation burden on the private cloud, and attribute revocation is realized by updating the attribute agent key and the ciphertext. Moreover, outsourcing decryption is introduced to reduce the computation overhead of clients. The security analysis argues that the proposed scheme can reach the desired security requirements, and the visual experiment result indicates the excellent performance of the proposed scheme while realizing deduplication and attribute revocation.

Toward an Operational Navigation Message Authentication Service: Proposal and Justification of Additional OSNMA Protocol Features

Abstract: Galileo, the European GNSS, has confirmed its intention to provide Navigation Message Authentication for its Open Service already during this decade. A testing specification was made available in November 2016. Being OSNMA a novel service with several potential different users, some details of the protocol are under finalization. In particular, the paper focuses on the authentication of the public keys, renewal and revocation of all keys, and the authentication of the MAC sequence. The authentication of the public keys is proposed through a Merkle tree. The renewal and revocation of keys are handled with the existing flags, in particular NMA status, public key and chain status, and the authentication of the MAC sequence is shared between a MAC lookup table, and a new MAC that replaces previously redundant bits in the protocol. These new features complement the definition of the protocol while they do not affect OSNMA performance or appreciably increase user implementation requirements.

Security and Efficiency Enhanced Revocable Access Control for Fog-Based Smart Grid System

Abstract: With the popularity of smart grids, plentiful of smart devices have been put into use, such as smart meters and power assets. Due to limited computation capabilities and storage spaces of these devices, the collected data need to be “outsourced” towards the data server for processing and storage. The data owners, therefore, lose direct control over these “outsourced” data, leading to significant security issues of the users’ data. In this paper, aiming at solving this problem, we propose a multi-authority Ciphertext Policy Attribute-based Encryption (CP-ABE) scheme with revocation for the fog-based smart grid system. Specifically, in order to achieve attribute revocation without requiring users to be always online, we use the DH (Diffie-Hellman) tree to distribute the group key statelessly, which also solves the problem of collusion attack initiated by revoked user and valid user. To improve security of our proposed scheme, we remove the trusted key authority (KA) by using a secure two-party computation (2PC) protocol between the KA and the cloud service provider to generate user private key. To improve efficiency of our proposed scheme, we combine user and attribute revocation, and outsource complex calculations to fog nodes. Furthermore, our proposed scheme uses attribute group key and leaf private key together to protect user proxy key, which reduces the storage overhead of the system and improves the security. Both security analysis and experimental results demonstrate that our proposed scheme can balance the security objectives with the efficiency.

The concept of allegiance in citizenship law and revocation: an Australian study

Abstract: The idea that the citizen owes allegiance to his or her state has long historical roots, and has been repeatedly affirmed in theory and in law. Revocation of citizenship has a long history, too. Th...

Wightman et al. v. Secretary of State for Exiting the European Union

Abstract: The CJEU held that the United Kingdom of Great Britain and Northern Ireland (UK) is allowed to unilaterally revoke the notification of its intention to withdraw from the European Union (EU) as long as the revocation is submitted in writing to the European Council before the UK's withdrawal takes effect, and as long as the revocation is “unequivocal and unconditional, that is to say that the purpose of that revocation is to confirm the EU membership of the member state concerned under terms that are unchanged as regards its status as a member state, and that revocation brings the withdrawal procedure to an end” (para. 74).

Secure Cloud-Based Federation for EHR Using Multi-authority ABE

Abstract: Cloud computing is developed as the most influential perfect models in the IT businesses starting late. Because of the progress implied in cloud computing, it will help data innovation in the healthcare industry. In existing healthcare model, outsourcing storage or accessing record from untrusted cloud servers become a challenging issue for security and privacy of data. An access control model is a productive approach that guarantees the information security in the cloud-based framework. In this work, we present a framework to provide expressive, proficient and revocable healthcare access control for a federation-based model using multi-Authority Ciphertext-Policy based Encryption (CP-ABE) scheme. The existing CP-ABE scheme is not able to fulfil all security need to protect healthcare records and control of privilege revocation problem. This research paper proposes the federation-based multi-Authority CP-ABE (F-CPABE) scheme for healthcare system with its subordinate strategies to outline design to healthcare records in federation-based access control scheme. The attribute revocation technique in this scheme helps to resolve both forward and backward security challenges. It has reduced attribute management overhead from a centralized system and also reduces time complexity.

Conditional membership: what revocation does to citizenship

Abstract: The variety of the contexts in which citizenship revocation is being discussed and applied confronts us with a complex map. Drawing on contributions at the crossroads between history, law, political science, and sociology, this special issue offers an interdisciplinary and comparative examination of this political instrument, revealing hidden rationales and consequences at the material and symbolic levels. In the editorial introduction, we argue that the contributions to the special issue expand the scope of the existing literature on in terms of the social actors that are investigated, as well as the rationales for citizenship revocation that are investigated. We also introduce three levels of analysis according to which authors have explored revocation: conditionality, consequentiality, and bordering processes. We then outline the contributions of the articles reassembled here at these three levels.

Zone Keys Trust Management in Vehicular Networks based on Blockchain

Abstract: The future deployment of vehicular networks for road transportation (the so called Cooperative Intelligent Transport System (C-ITS) in Europe or Connected Vehicles program in USA) should be based on the secure exchange of messages among the vehicles and the infrastructure communication nodes. Deployment projects in various parts of the world are setting up Public Key Infrastructures (PKI) to support the security and privacy aspects on vehicular communications. While the use of PKI is a known technology to build a security framework for C-ITS and Connected Vehicles deployments and it will provide the basic needed services for integrity and authentication, research communities around the world are exploring extensions of these frameworks to implement specific functions like misbehavior detection and revocation. In addition, new techniques to mitigate privacy risks in vehicular networks are explored. In this paper, we address these aspects by proposing the use of blockchain in combination with a zone keys concept where the authorization certificates produced by the PKI are provided to the vehicles only if specific conditions stored in the blockchain are valid. We show how the concepts described in this paper can enhance the PKI-based frameworks through an efficient revocation mechanism, and mitigating privacy risks as well.

Efficient Ciphertext-Policy Attribute-Based Online/Offline Encryption with User Revocation

Abstract: Attribute-Based Encryption (ABE) must provide an efficient revocation mechanism since a user’s private key can be compromised or expired over time. The existing revocable ABE schemes have the drawbacks of heavy computational costs on key updates and encryption operations, which make the entities for performing these operations a possible bottleneck in practice applications. In this paper, we propose an efficient Ciphertext-Policy Attribute-Based Online/Offline Encryption with user Revocation (R-CP-ABOOE). We integrate the subset difference method with ciphertext-policy ABE to significantly improve key-update efficiency on the side of the trusted party from to , where is the number of users and is the number of revoked users. To reduce the encryption burden for mobile devices, we use the online/offline technology to shift the majority of encryption work to the offline phase, and then mobile devices only need to execute a few simple computations to create a ciphertext. In addition, we exploit a novel trick to prove its selective security under the - type assumption. Performance analysis shows that our scheme greatly improves the key-update efficiency for the trusted party and the encryption efficiency for mobile devices.

Access Control for Binary Integrity Protection using Ethereum

Abstract: The integrity of executable binaries is essential to the security of any device that runs them. At best, a manipulated binary can leave the system in question open to attack, and at worst, it can compromise the entire system by itself. In recent years, supply-chain attacks have demonstrated that binaries can even be compromised unbeknownst to their creators. This, in turn, leads to the dissemination of supposedly valid binaries that need to be revoked later. In this paper, we present and evaluate a concept for publishing and revoking integrity protecting information for binaries, based on the Ethereum Blockchain and its underlying peer-to-peer network. Smart Contracts are used to enforce access control over the publication and revocation of integrity preserving information, whereas the peer-to-peer network serves as a fast, global communication service to keep user clients informed. The Ethereum Blockchain serves as a tamper-evident, publicly-verifiable log of published and revoked binaries. Our implementation incurs costs comparable to registration fees for centralised software distribution platforms but allows publication and revocation of individual binaries within minutes. The proposed concept can be integrated incrementally into existing software distribution platforms, such as package repositories or various app stores.

Anonymous roaming authentication protocol for wireless network with backward unlinkability, exculpability and efficient revocation check

Abstract: Secure seamless roaming in a wireless network is desirable in today’s highly dynamic world. Providing revocation and non-traceability in an efficient two-party roaming authentication protocol is a challenging task. Conventional two-party protocols utilize pseudo-identities or group signature with revocation tokens to support non-traceability and strong user anonymity. Among the group signature based authentication schemes, only Priauth scheme has non-traceability or backward/forward unlinkability and the mobile user does not have to do any computation after each revocation. Despite all the advantages, Priauth scheme does not support exculpability or in other words the home server knows the group signing key of the mobile user. In case of dispute, the mobile user can deny that it generated signature because the mobile user and the home server both know the signing key of the mobile user. Thus, the mobile user cannot be held accountable. Moreover, Priauth has high revocation cost due to pairing operation performed for each revoked token in the revocation list during revocation checking at the foreign server. In addition, the existing group signature based authentication schemes are not provably secure in the random oracle model. We propose a provably secure two-party authentication protocol using group signature scheme which overcomes the weaknesses of Priauth scheme by supporting exculpability, backward unlinkability and using exponential operation instead of costlier pairing operation during revocation checking.

SoK: Delegation and Revocation, the Missing Links in the Web's Chain of Trust

Abstract: The ability to quickly revoke a compromised key is critical to the security of any public-key infrastructure. Regrettably, most traditional certificate revocation schemes suffer from latency, availability, or privacy problems. These problems are exacerbated by the lack of a native delegation mechanism in TLS, which increasingly leads domain owners to engage in dangerous practices such as sharing their private keys with third parties. We analyze solutions that address the long-standing delegation and revocation shortcomings of the web PKI, with a focus on approaches that directly affect the chain of trust (i.e., the X.509 certification path). For this purpose, we propose a 19-criteria framework for characterizing revocation and delegation schemes. We also show that combining short-lived delegated credentials or proxy certificates with an appropriate revocation system would solve several pressing problems.