Showing papers on "Trusted third party published in 2018"
20 Jun 2018
TL;DR: This paper critically analyze whether a blockchain is indeed the appropriate technical solution for a particular application scenario, and distinguishes between permissionless and permissioned blockchains and contrast their properties to those of a centrally managed database.
Abstract: Blockchain is being praised as a technological innovation which allows to revolutionize how society trades and interacts This reputation is in particular attributable to its properties of allowing mutually mistrusting entities to exchange financial value and interact without relying on a trusted third party A blockchain moreover provides an integrity protected data storage and allows to provide process transparency In this paper we critically analyze whether a blockchain is indeed the appropriate technical solution for a particular application scenario We differentiate between permissionless (eg, Bitcoin/Ethereum) and permissioned (eg Hyperledger/Corda) blockchains and contrast their properties to those of a centrally managed database We provide a structured methodology to determine the appropriate technical solution to solve a particular application problem Given our methodology, we analyze in depth three use cases - Supply Chain Management, Interbank and International Payments, and Decentralized Autonomous Organizations and conclude the article with an outlook for further opportunities
794 citations
20 Mar 2018
TL;DR: Several common security patterns are elaborated, which can be applied by Solidity developers to mitigate typical attack scenarios and describe solutions to typical security issues.
Abstract: Smart contracts that build up on blockchain technologies are receiving great attention in new business applications and the scientific community, because they allow untrusted parties to manifest contract terms in program code and thus eliminate the need for a trusted third party. The creation process of writing well performing and secure contracts in Ethereum, which is today’s most prominent smart contract platform, is a difficult task. Research on this topic has only recently started in industry and science. Based on an analysis of collected data with Grounded Theory techniques, we have elaborated several common security patterns, which we describe in detail on the basis of Solidity, the dominating programming language for Ethereum. The presented patterns describe solutions to typical security issues and can be applied by Solidity developers to mitigate typical attack scenarios.
244 citations
16 Apr 2018
TL;DR: The first complete small-step semantics of EVM bytecode is presented, which is formalized in the F* proof assistant, obtaining executable code that is successfully validate against the official Ethereum test suite.
Abstract: Smart contracts are programs running on cryptocurrency (e.g., Ethereum) blockchains, whose popularity stem from the possibility to perform financial transactions, such as payments and auctions, in a distributed environment without need for any trusted third party. Given their financial nature, bugs or vulnerabilities in these programs may lead to catastrophic consequences, as witnessed by recent attacks. Unfortunately, programming smart contracts is a delicate task that requires strong expertise: Ethereum smart contracts are written in Solidity, a dedicated language resembling JavaScript, and shipped over the blockchain in the EVM bytecode format. In order to rigorously verify the security of smart contracts, it is of paramount importance to formalize their semantics as well as the security properties of interest, in particular at the level of the bytecode being executed.
236 citations
TL;DR: A lightweight ECC based authentication scheme for smart grid communication that not only provides mutual authentication with low computation and communication cost but also withstand against all known security attacks.
210 citations
TL;DR: This work proposes an efficient and privacy-preserving aggregation system with the aid of Fog computing architecture, named PPFA, which enables the intermediate Fog nodes to periodically collect data from nearby SMs and accurately derive aggregate statistics as the fine-grained Fog level aggregation.
Abstract: For constrained end devices in Internet of Things, such as smart meters (SMs), data transmission is an energy-consuming operation. To address this problem, we propose an efficient and privacy-preserving aggregation system with the aid of Fog computing architecture, named PPFA , which enables the intermediate Fog nodes to periodically collect data from nearby SMs and accurately derive aggregate statistics as the fine-grained Fog level aggregation. The Cloud/utility supplier computes overall aggregate statistics by aggregating Fog level aggregation. To minimize the privacy leakage and mitigate the utility loss, we use more efficient and concentrated Gaussian mechanism to distribute noise generation among parties, thus offering provable differential privacy guarantees of the aggregate statistic on both Fog level and Cloud level. In addition, to ensure aggregator obliviousness and system robustness, we put forward a two-layer encryption scheme: the first layer applies OTP to encrypt individual noisy measurement to achieve aggregator obliviousness, while the second layer uses public-key cryptography for authentication purpose. Our scheme is simple, efficient, and practical, it requires only one round of data exchange among a SM, its connected Fog node and the Cloud if there are no node failures, otherwise, one extra round is needed between a meter, its connected Fog node, and the trusted third party.
180 citations
02 Feb 2018
TL;DR: In this paper, a flexible representation of the above procedure using the framework of marked temporal point processes is introduced, and a scalable online algorithm, CURB, is developed to select which stories to send for fact checking and when to do so to efficiently reduce the spread of misinformation with provable guarantees.
Abstract: Online social networking sites are experimenting with the following crowd-powered procedure to reduce the spread of fake news and misinformation: whenever a user is exposed to a story through her feed, she can flag the story as misinformation and, if the story receives enough flags, it is sent to a trusted third party for fact checking. If this party identifies the story as misinformation, it is marked as disputed. However, given the uncertain number of exposures, the high cost of fact checking, and the trade-off between flags and exposures, the above mentioned procedure requires careful reasoning and smart algorithms which, to the best of our knowledge, do not exist to date. In this paper, we first introduce a flexible representation of the above procedure using the framework of marked temporal point processes. Then, we develop a scalable online algorithm, CURB, to select which stories to send for fact checking and when to do so to efficiently reduce the spread of misinformation with provable guarantees. In doing so, we need to solve a novel stochastic optimal control problem for stochastic differential equations with jumps, which is of independent interest. Experiments on two real-world datasets gathered from Twitter and Weibo show that our algorithm may be able to effectively reduce the spread of fake news and misinformation.
162 citations
TL;DR: This paper proposes a decentralized PoD solution for PoD of digital assets that leverages key features of blockchain and Ethereum smart contracts to provide immutable and tamper-proof logs, accountability, and traceability and leverages the benefits of interplanetary file system.
Abstract: There is an immense need of a proof of delivery (PoD) of today’s digital media and content, especially those that are subject to payment. Current PoD systems are mostly centralized and heavily dependent on a trusted third party (TTP) especially for payment. Such existing PoD systems often lack security, transparency, and visibility, and are not highly credible, as the TTP can be subject to failure, manipulation, corruption, compromise, and hacking. In this paper, we propose a decentralized PoD solution for PoD of digital assets. Our solution leverages key features of blockchain and Ethereum smart contracts to provide immutable and tamper-proof logs, accountability, and traceability. Ethereum smart contracts are used to orchestrate and govern all interactions and transactions including automatic payments in Ether cryptocurrency between customers, digital-content provider, and the file server hosting the digital content. All entities are incentivized to act honestly, and our solution has a mechanism to handle dispute if arisen among participants. The solution has an off-chain secure download phase involving the file server and customers. Moreover, our solution leverages the benefits of interplanetary file system to store the agreed upon terms and conditions between the smart contract actors. A security analysis of our proposed system has been provided. The full code of the smart contract has been publicly made available on Github.
157 citations
TL;DR: This paper proposes a novel blockchain-based data deletion scheme, which can make the deletion operation more transparent and can achieve public verification without any trusted third party.
122 citations
TL;DR: In this paper, the authors demonstrate the applicability of blockchain in IoT devices and their data management with an aim of providing end-to-end trust for trading, and give a brief introduction to the topics and challenges for future research towards addressing a grand challenge, i.e. developing a trustworthy trading platform for IoT ecosystems.
Abstract: The Internet of Things (IoT) has already reshaped and transformed our lives in many ways ranging from how we communicate with people or manage our health to how we drive our cars and manage our homes. With the rapid development of the IoT ecosystem in a wide range of applications, IoT devices and data are going to be traded as commodities in the marketplace in near future, similar to cloud services or physical objects. Developing such a trading platform has previously been identified as one of the key grand challenges in integration of IoT and data science in this column. Deployment of such a platform obviously raises public concerns on the security and privacy of both data and devices since their ownerships are hard to trace and manage without a central trusted authority. The central trusted authority is not a viable solution for a fully decentralised and distributed IoT ecosystem with a large number of distributed device vendors and consumers who do not trust each other. Blockchain, as a decentralised system, removes the requirement for a trusted third party by allowing all participants to verify the correctness of the data and ensure their immutability. IoT devices can use blockchain to register themselves and organize, store and share streams of data from them effectively and reliably. In this article, through a case study, we demonstrate the applicability of blockchain in IoT devices and their data management with an aim of providing end-to-end trust for trading. We also give a brief introduction to the topics and challenges for future research towards addressing a grand challenge, i.e. developing a trustworthy trading platform for IoT ecosystems.
112 citations
23 Jul 2018
TL;DR: A new design scheme of copyright management system based on digital water marking and its information, such as blockchain, is proposed, which combines digital watermarking, blockchain, perceptual hash function, Quick Response(QR) code, and InterPlanetary File System (IPFS).
Abstract: In the past, the improvement of digital copyright protection system based on digital watermarking mainly focused on algorithms, while generation and storage of the watermark information was ignored. In this paper, a new design scheme of copyright management system based on digital watermarking and its information, such as blockchain, is proposed, which combines digital watermarking, blockchain, perceptual hash function, Quick Response(QR) code, and InterPlanetary File System(IPFS). Among them, blockchain is used to securely store watermark information and provide timestamp authentication for multiple watermarks (multiple copyrights) to confirm the creation order. Perceptual hash function is used to generate hash value based on the structure information of images, that watermark information can be confirmed without the original image. QR code is used to generate QR code images containing image hash and copyright information as watermark images to improve robustness and capacity of digital watermarking; IPFS is used to store and distribute watermarked images without a centralized server. This scheme can enhance the effectiveness of digital watermarking technology in the field of copyright protection. In this way, use P2P network to integrate and complete copyright management and distribution of copyrighted works without requiring a trusted third party. Nodes rely on cryptography to confirm the identity of each other and ensure the security of information. It can reduce information leakage, data destruction and other risks caused by collapse of the centralized system in the past. This improves the security and transparency of information, and speeds up the distribution of copyrighted works to facilitate circulation in the network. This scheme can also improve copyright protection of multiple creations. Combine blockchain and multiple digital watermarks to record copyright information of every copyright owner in the authoring process and fully prove this information. In order to protect the legitimate rights and interests of each copyright owner.
105 citations
15 Oct 2018
TL;DR: This paper considers the problem of constructing marginal tables given a set of user's multi-dimensional data while satisfying Local Differential Privacy (LDP), a privacy notion that protects individual user's privacy without relying on a trusted third party.
Abstract: Marginal tables are the workhorse of capturing the correlations among a set of attributes. We consider the problem of constructing marginal tables given a set of user's multi-dimensional data while satisfying Local Differential Privacy (LDP), a privacy notion that protects individual user's privacy without relying on a trusted third party. Existing works on this problem perform poorly in the high-dimensional setting; even worse, some incur very expensive computational overhead. In this paper, we propose CALM, Consistent Adaptive Local Marginal, that takes advantage of the careful challenge analysis and performs consistently better than existing methods. More importantly, CALM can scale well with large data dimensions and marginal sizes. We conduct extensive experiments on several real world datasets. Experimental results demonstrate the effectiveness and efficiency of CALM over existing methods.
TL;DR: A new service provision scheme to provide continuous availability of diversified cloud services targeting vehicular cloud users through a cluster-based trusted third party (TTP) framework that can adequately discover and deliver cloud services with increased QoE results, minimal overhead burden and reduced end-to-end latency is introduced.
TL;DR: This paper proposes a new architecture called secure pub-sub (SPS) without middle ware, i.e., blockchain-based fair payment with reputation, which provides confidentiality and reliability of data, anonymity of subscribers and payment fairness between the publishers and subscribers.
Abstract: The cyber physical system (CPS) has gained considerable success in large-scale distributed integration environment. In such systems, the sensor devices collect data which would be disseminated via reliable manner to all interested co-operant entities from the physical world. However, highly unreliable environment of CPS, for example, a number of limitations of existing network middle wares, makes secure and reliable data distribution services a challenge issue. In this paper, we propose a new architecture called secure pub-sub (SPS) without middle ware, i.e., blockchain-based fair payment with reputation. In SPS, publishers publish a topic on the blockchain and subscribers specify an interest message by making a deposit to subscribing the topic. Then, if the interest message matches the topic, the publisher transmits the encrypted content of the topic to the blockchain such that the subscribers can decrypt the ciphertext to obtain the content, and mark the publisher as its reputation. Finally, the publisher receives the payment from the subscriber. The new proposal provides confidentiality and reliability of data, anonymity of subscribers and payment fairness between the publishers and subscribers. Different from the traditional pub-sub services, no trusted third party is involved in our system due to employing blockchain technique. The security of the proposed SPS is analyzed as well. The implementation of the protocol on Ethereum of smart contract demonstrates the validity of SPS.
Posted Content•
TL;DR: In this article, a blockchain-based digital identity solution is proposed to achieve passport-level legally valid identity without depending upon a single trusted third party, which builds on a generic provable claim model for which attestations of truth from third parties need to be collected.
Abstract: Digital identity is unsolved: after many years of research there is still no trusted communication over the Internet. To provide identity within the context of mutual distrust, this paper presents a blockchain-based digital identity solution. Without depending upon a single trusted third party, the proposed solution achieves passport-level legally valid identity. This solution for making identities Self-Sovereign, builds on a generic provable claim model for which attestations of truth from third parties need to be collected. The claim model is then shown to be both blockchain structure and proof method agnostic. Four different implementations in support of these two claim model properties are shown to offer sub-second performance for claim creation and claim verification. Through the properties of Self-Sovereign Identity, legally valid status and acceptable performance, our solution is considered to be fit for adoption by the general public.
TL;DR: This paper proposes a novel framework to protect user privacy while ensuring efficiency, which uses redundant POI records to protect privacy against LBS provider but employs a semi-trusted third party, called proxy, to filter out redundantPOI records.
Abstract: Location-based service (LBS) has gained increasing popularity recently, but protecting users’ privacy in LBS remains challenging. Depending on whether a trusted third party (TTP) is used, existing solutions can be classified into: TTP-based and TTP-free. The former relies on a TTP for user privacy protection, which creates a single-point-failure and is thus impractical in reality. The latter does not require any TTP, but usually introduces redundant point-of-interest (POI) records in query result and thus incurs significant computation and communication costs on the user side, making them unsuitable for resource-constrained mobile devices. In this paper, we propose a novel framework to protect user privacy while ensuring efficiency. Our framework also uses redundant POI records to protect privacy against LBS provider but employs a semi-trusted third party, called proxy, to filter out redundant POI records. To protect privacy against proxy, we design a novel filtering protocol, Blind filter, to allow the proxy to filter out redundant encrypted POI records in a blind way. In comparison with existing solutions, our framework is not only resilient to dual identity attack, but also incurs lower communication and computation overhead. Comprehensive analysis and experiments show that our framework is secure and highly efficient in mobile environments.
Posted Content•
TL;DR: The notion of ULDP (Utility-optimized LDP), which provides a privacy guarantee equivalent to LDP only for sensitive data, is introduced and it is shown that when most of the data are non-sensitive, the mechanisms provide almost the same utility as non-private mechanisms in the low privacy regime.
Abstract: LDP (Local Differential Privacy) has been widely studied to estimate statistics of personal data (e.g., distribution underlying the data) while protecting users' privacy. Although LDP does not require a trusted third party, it regards all personal data equally sensitive, which causes excessive obfuscation hence the loss of utility. In this paper, we introduce the notion of ULDP (Utility-optimized LDP), which provides a privacy guarantee equivalent to LDP only for sensitive data. We first consider the setting where all users use the same obfuscation mechanism, and propose two mechanisms providing ULDP: utility-optimized randomized response and utility-optimized RAPPOR. We then consider the setting where the distinction between sensitive and non-sensitive data can be different from user to user. For this setting, we propose a personalized ULDP mechanism with semantic tags to estimate the distribution of personal data with high utility while keeping secret what is sensitive for each user. We show theoretically and experimentally that our mechanisms provide much higher utility than the existing LDP mechanisms when there are a lot of non-sensitive data. We also show that when most of the data are non-sensitive, our mechanisms even provide almost the same utility as non-private mechanisms in the low privacy regime.
TL;DR: This work proposes a new scheme called FREDP (File Remotely keyed Encryption and Data Protection), which involves three-party interaction among a mobile terminal, private clouds and public clouds and satisfies the security standard.
01 Sep 2018
TL;DR: A novel distributed double auction mechanism which allows any peer to act as an auctioneer and the blockchain mechanism ensures that a peer behaves lawfully while acting as a auctioneer is developed.
Abstract: In this paper we use the blockchain technology to develop a peer to peer energy trade platform without a trusted third party. Our main contribution is a novel distributed double auction mechanism which allows any peer to act as an auctioneer and the blockchain mechanism ensures that a peer behaves lawfully while acting as an auctioneer. Using experimental evaluation we show that (1) the distributed auction converges quickly, (2) it minimizes energy loss due to long transmission, (3) computational overhead due to employing a blockchain is negligible, (4) it is efficient and (5) it can implement trade restrictions imposed by the energy distribution network.
TL;DR: In this paper, the authors proposed a time-lock encryption scheme based on Subset-Sum, which is independent of the implementations of multilinear maps and achieves extractable security without relying on obfuscation.
Abstract: Time-lock encryption is a method to encrypt a message such that it can only be decrypted after a certain deadline has passed. We propose a novel time-lock encryption scheme, whose main advantage over prior constructions is that even receivers with relatively weak computational resources should immediately be able to decrypt after the deadline, without any interaction with the sender, other receivers, or a trusted third party. We build our time-lock encryption on top of the new concept of computational reference clocks and an extractable witness encryption scheme. We explain how to construct a computational reference clock based on Bitcoin. We show how to achieve constant level of multilinearity for witness encryption by using SNARKs. We propose a new construction of a witness encryption scheme which is of independent interest: our scheme, based on Subset-Sum, achieves extractable security without relying on obfuscation. The scheme employs multilinear maps of arbitrary order and is independent of the implementations of multilinear maps.
TL;DR: In this article, the authors present the first complete small-step semantics of EVM bytecode, which they formalize in the F* proof assistant, obtaining executable code that they successfully validate against the official Ethereum test suite.
Abstract: Smart contracts are programs running on cryptocurrency (e.g., Ethereum) blockchains, whose popularity stem from the possibility to perform financial transactions, such as payments and auctions, in a distributed environment without need for any trusted third party. Given their financial nature, bugs or vulnerabilities in these programs may lead to catastrophic consequences, as witnessed by recent attacks. Unfortunately, programming smart contracts is a delicate task that requires strong expertise: Ethereum smart contracts are written in Solidity, a dedicated language resembling JavaScript, and shipped over the blockchain in the EVM bytecode format. In order to rigorously verify the security of smart contracts, it is of paramount importance to formalize their semantics as well as the security properties of interest, in particular at the level of the bytecode being executed.
In this paper, we present the first complete small-step semantics of EVM bytecode, which we formalize in the F* proof assistant, obtaining executable code that we successfully validate against the official Ethereum test suite. Furthermore, we formally define for the first time a number of central security properties for smart contracts, such as call integrity, atomicity, and independence from miner controlled parameters. This formalization relies on a combination of hyper- and safety properties. Along this work, we identified various mistakes and imprecisions in existing semantics and verification tools for Ethereum smart contracts, thereby demonstrating once more the importance of rigorous semantic foundations for the design of security verification techniques.
TL;DR: This work presents a new provably secure key agreement model for smart metering communications that preserves the security features and provides more resistance against a denial of service attack, and is pairing-free, resulting in highly efficient computational and communication efforts.
Abstract: Security in modern smart metering communications and in smart grid networks has been an area of interest recently. In this field, identity-based mutual authentication including credential privacy without active involvement of a trusted third party is an important building block for smart grid technology. Recently, several schemes have been proposed for the smart grid with various security features (e.g., mutual authentication and key agreement). Moreover, these schemes are said to offer session key security under the widely accepted Canetti-Krawczyk (CK) security model. Instead, we argue that all of them are still vulnerable under the CK model. To remedy the problem, we present a new provably secure key agreement model for smart metering communications. The proposed model preserves the security features and provides more resistance against a denial of service attack. Moreover, our scheme is pairing-free, resulting in highly efficient computational and communication efforts.
30 Aug 2018
TL;DR: This paper presents a blockchain-based digital identity solution without depending upon a single trusted third party, the proposed solution achieves passport-level legally valid identity and is considered to be fit for adoption by the general public.
Abstract: Digital identity is unsolved: after many years of research there is still no trusted communication over the Internet. To provide identity within the context of mutual distrust, this paper presents a blockchain-based digital identity solution. Without depending upon a single trusted third party, the proposed solution achieves passport-level legally valid identity. This solution for making identities Self-Sovereign, builds on a generic provable claim model for which attestations of truth from third parties need to be collected. The claim model is then shown to be both blockchain structure and proof method agnostic. Four different implementations in support of these two claim model properties are shown to offer sub-second performance for claim creation and claim verification. Through the properties of Self-Sovereign Identity, legally valid status and acceptable performance, our solution is considered to be fit for adoption by the general public.
TL;DR: A secure multi-keyword ranked search scheme for multiple data owners for which a trusted third party is imported to solve the problem of key management and the new-designed KDO algorithm is utilized for providing keyword weight.
TL;DR: This paper proposes a secure and scalable data deduplication scheme with dynamic user management, which updates dynamic group users in a secure way and restricts the unauthorized cloud users from the sensitive data owned by valid users and reduces the communication overhead.
09 Sep 2018
TL;DR: This work proposes a novel lean architecture of a Blockchain based process execution system with Smart Contracts to dispense with a trusted third party in the context of interorganizational collaborations.
Abstract: Interorganizational process management bears an enormous potential for improving the collaboration among associated business partners. A major restriction is the need for a trusted third party implementing the process across the participating actors. Blockchain technology can dissolve this lack of trust due to consensus mechanisms. After the rise of cryptocurrencies, the launch of Smart Contracts enables the Ethereum Blockchain to act beyond monetary transactions due to the execution of these small programs. We propose a novel lean architecture of a Blockchain based process execution system with Smart Contracts to dispense with a trusted third party in the context of interorganizational collaborations.
09 Jul 2018
TL;DR: A variant of LDP suitable for metric spaces, such as location data or energy consumption data, is proposed and it is shown that it provides a much higher utility for the same level of privacy.
Abstract: Local differential privacy (LPD) is a distributed variant of differential privacy (DP) in which the obfuscation of the sensitive information is done at the level of the individual records, and in general it is used to sanitize data that are collected for statistical purposes. LPD has the advantage it does not need to assume a trusted third party. On the other hand LDP in general requires more noise than DP to achieve the same level of protection, with negative consequences on the utility. In practice, utility becomes acceptable only on very large collections of data, and this is the reason why LDP is especially successful among big companies such as Apple and Google, which can count on a huge number of users. In this talk, we propose a variant of LDP suitable for metric spaces, such as location data or energy consumption data, and we show that it provides a much higher utility for the same level of privacy. Furthermore, we discuss algorithms to extract the best possible statistical information from the data obfuscated with this metric variant of LDP.
TL;DR: A realistic distributed conditional privacy-preserving authentication scheme for VANETs using identity-based cryptography and short lifetime region-based certificate and the security analysis shows that the scheme is provably secure in the random oracle model.
Abstract: Nowadays, the research of tradeoff between reliance on the tamper-proof device (TPD) and storage space in authentication scheme has become an interesting topic for vehicular ad hoc networks (VANETs). Most recently, to minimize the dependencies of TPDs and reduce the storage space, Zhang et al. proposed a conditional privacy-preserving authentication scheme based on a multiple trusted authority one-time identity-based aggregate signature technique. It is more practical than other related schemes due to not depending on ideal TPDs. However, Zhang et al. ’s scheme requires a fully trusted third party to participate in the authentication and member secrets generate phase, which may suffer from security bottleneck. To overcome this weakness, in this paper, we construct a realistic distributed conditional privacy-preserving authentication scheme for VANETs using identity-based cryptography and short lifetime region-based certificate. Comparing with Zhang et al. ’s scheme, the proposed scheme has more security features but does not reduce computation and communication efficiency. The security analysis shows that our scheme is provably secure in the random oracle model.
TL;DR: PrivBox is presented, a privacy-preserving decentralized reputation system that computes reputation of retailers or service providers by leveraging feedback from users in a secure and private way and enables consumers and service providers to verify the computed statistics without relying on a trusted third party.
25 Sep 2018
TL;DR: BlockPKI is described, a blockchain-based public-key infrastructure that enables an automated, resilient, and transparent issuance of digital certificates that aims at reducing the power of individual certification authorities and make their actions publicly visible and accountable, without introducing yet another trusted third party.
Abstract: This paper describes BlockPKI, a blockchain-based public-key infrastructure that enables an automated, resilient, and transparent issuance of digital certificates. Our goal is to address several shortcomings of the current TLS infrastructure and its proposed extensions. In particular, we aim at reducing the power of individual certification authorities and make their actions publicly visible and accountable, without introducing yet another trusted third party. To demonstrate the benefits and practicality of our system, we present evaluation results and describe our prototype implementation.
01 Aug 2018
TL;DR: The proposed scheme deals with the overall network architecture, including intra- and inter-WBAN tiers, and proposes two mutual authentication and key exchange protocols for diverse WBAN environments, which meets security requirements along with energy-constraint considerations.
Abstract: Wireless body area networks (WBANs) are receiving significant interest as the next generation of wireless networks and emerging technology in the field of health monitoring. One of the most important factors for the acceptance of WBANs is the provision of appropriate security and access control mechanisms. Due to its nature in transferring the patients' sensitive data, WBAN has both classical and specific security requirements. In this paper, we survey such requirements and propose a new security scheme for satisfying them in WBANs. The proposed scheme deals with the overall network architecture, including intra- and inter-WBAN tiers, and proposes two mutual authentication and key exchange protocols for diverse WBAN environments. In our scheme, we use biometrics as one part of the solution for authentication and key exchange, and the simple password three-party key exchange protocol as the other part of the WBAN security. Our scheme meets security requirements along with energy-constraint considerations. We verify our scheme through BAN Logic. Unlike the majority of the existing security protocols, our scheme proposes a solution for entire WBANs communications, from biosensors to the medical server as a trusted third party.