Showing papers on "Trusted third party published in 2020"

Blockchain-Assisted Secure Device Authentication for Cross-Domain Industrial IoT

Abstract: Industrial Internet of Things (IIoT) is considered as one of the most promising revolutionary technologies to prompt smart manufacturing and increase productivity. With manufacturing being more complicated and sophisticated, an entire manufacturing process usually involves several different administrative IoT domains (e.g., factories). Devices from different domains collaborate on the same task, which raises great security and privacy concerns about device-to-device communications. Existing authentication approaches may result in heavy key management overhead or rely on a trusted third party. Thus, security and privacy issues during communication remain unsolved but imperative. In this paper, we present an efficient blockchain-assisted secure device authentication mechanism $\textsf{BASA}$ for cross-domain IIoT. Specifically, consortium blockchain is introduced to construct trust among different domains. Identity-based signature (IBS) is exploited during the authentication process. To preserve the privacy of devices, we design an identity management mechanism, which can realize that devices being authenticated remain anonymous. Besides, session keys between two parties are negotiated, which can secure the subsequent communications. Extensive experiments have been conducted to show the effectiveness and efficiency of the proposed mechanism.

PACT: Privacy Sensitive Protocols and Mechanisms for Mobile Contact Tracing

Abstract: The global health threat from COVID-19 has been controlled in a number of instances by large-scale testing and contact tracing efforts. We created this document to suggest three functionalities on how we might best harness computing technologies to supporting the goals of public health organizations in minimizing morbidity and mortality associated with the spread of COVID-19, while protecting the civil liberties of individuals. In particular, this work advocates for a third-party free approach to assisted mobile contact tracing, because such an approach mitigates the security and privacy risks of requiring a trusted third party. We also explicitly consider the inferential risks involved in any contract tracing system, where any alert to a user could itself give rise to de-anonymizing information. More generally, we hope to participate in bringing together colleagues in industry, academia, and civil society to discuss and converge on ideas around a critical issue rising with attempts to mitigate the COVID-19 pandemic.

Blockchain-based privacy-preserving remote data integrity checking scheme for IoT information systems

Abstract: Remote data integrity checking is of great importance to the security of cloud-based information systems. Previous works generally assume a trusted third party to oversee the integrity of the outsourced data, which may be invalid in practice. In this paper, we utilize the blockchain to construct a novel privacy-preserving remote data integrity checking scheme for Internet of Things (IoT) information management systems without involving trusted third parties. Our scheme leverages the Lifted EC-ElGamal cryptosystem, bilinear pairing, and blockchain to support efficient public batch signature verifications and protect the security and data privacy of the IoT systems. The results of the experiment demonstrate the efficiency of our scheme.

PACT: Privacy Sensitive Protocols and Mechanisms for Mobile Contact Tracing

Abstract: The global health threat from COVID-19 has been controlled in a number of instances by large-scale testing and contact tracing efforts. We created this document to suggest three functionalities on how we might best harness computing technologies to supporting the goals of public health organizations in minimizing morbidity and mortality associated with the spread of COVID-19, while protecting the civil liberties of individuals. In particular, this work advocates for a third-party–free approach to assisted mobile contact tracing, because such an approach mitigates the security and privacy risks of requiring a trusted third party. We also explicitly consider the inferential risks involved in any contract tracing system, where any alert to a user could itself give rise to de-anonymizing information. More generally, we hope to participate in bringing together colleagues in industry, academia, and civil society to discuss and converge on ideas around a critical issue rising with attempts to mitigate the COVID-19 pandemic.

Automated Demand Response Framework in ELNs: Decentralized Scheduling and Smart Contract

Abstract: Blockchain technique, with the novelties of decentralization, smart contract, security and cooperative autonomy, is expected to play great effects on promoting the development of energy local networks (ELNs) This paper presents an automated demand response (ADR) framework for decentralized scheduling and secure peer-to-peer (P2P) trading among energy storage systems in ELNs Different from most existing works that trade electricity over long distances and through complex meshes, this proposed work performs decentralized and automated demand response through energy sharing of P2P executors We explore for the first time the benefits of a promising blockchain to conduct the overall ADR framework and increase the P2P trading security To achieve decentralized scheduling without relying on a central entity, a price-incentive noncooperative game theoretic model is introduced to produce equilibrium solutions for energy storage systems Moreover, we develop a schedulable ability evaluation system to match trading pairs involving buying and selling nodes On this basis, a state-machine-driven smart contract mechanism is built to realize P2P trading without reliance on a trusted third party To illustrate the implementation details of the ADR method, a distributed algorithm is designed Case studies are provided to verify the effectiveness of the proposed method

Design of a Secure Medical Data Sharing Scheme Based on Blockchain.

Abstract: With the rapid development of technologies such as artificial intelligence, blockchain, cloud computing, and big data, Medical Cyber Physical Systems (MCPS) are increasingly demanding data security, while cloud storage solves the storage problem of complex medical data. However, it is difficult to realize data security sharing. The decentralization feature of blockchain is helpful to solve the problem that the secure authentication process is highly dependent on the trusted third party and implement data security transmission. In this paper, the blockchain technology is used to describe the security requirements in authentication process, and a network model of MCPS based on blockchain is proposed. Through analysis of medical data storage architecture, it can ensure that data can't be tampered and untrackable. In the security authentication phase, bilinear mapping and intractable problems can be used to solve the security threat in the authentication process of medical data providers and users. It can avoid the credibility problem of the trusted third party, and also can realize the ?thyc=10?>two-way authentication between the hospital and blockchain node. Then, BAN logic is used to analyze security protocols, and formal analysis and comparison of security protocols are also made. The results show that the MCPS based on blockchain not only realizes medical treatment data sharing, but also meet the various security requirements in the security authentication phase. In addition, the storage and computing overhead costs is ideal. Therefore, the proposed scheme is more suitable for secure sharing of medical big data.

Local Differential Privacy and Its Applications: A Comprehensive Survey.

Abstract: With the fast development of Information Technology, a tremendous amount of data have been generated and collected for research and analysis purposes. As an increasing number of users are growing concerned about their personal information, privacy preservation has become an urgent problem to be solved and has attracted significant attention. Local differential privacy (LDP), as a strong privacy tool, has been widely deployed in the real world in recent years. It breaks the shackles of the trusted third party, and allows users to perturb their data locally, thus providing much stronger privacy protection. This survey provides a comprehensive and structured overview of the local differential privacy technology. We summarise and analyze state-of-the-art research in LDP and compare a range of methods in the context of answering a variety of queries and training different machine learning models. We discuss the practical deployment of local differential privacy and explore its application in various domains. Furthermore, we point out several research gaps, and discuss promising future research directions.

A Comprehensive Survey on Smart Contract Construction and Execution: Paradigms, Tools and Systems

Abstract: Smart contracts are regarded as one of the most promising and appealing notions in blockchain technology. Their self-enforcing and event-driven features make some online activities possible without a trusted third party. Nevertheless, problems such as miscellaneous attacks, privacy leakage, and low processing rates pre-vent them from being widely applied. Various schemes and tools have been proposed to facilitate the construction and execution of secure smart contracts. However, a comprehensive survey for these proposals is absent, hindering new researchers and developers from a quick start. This paper surveys the literature and online resources on smart contract construction and execution over the period 2008-2020. We divide the studies into three categories: (1) design paradigms that give examples and patterns on contract construction, (2) design tools that facilitate the development of secure smart contracts, and (3) extensions and alternatives that improve the privacy or efficiency of the system. We start by grouping the relevant construction schemes into the first two categories. We then review the execution mechanisms in the last category and further divide the state-of-the-art solutions into three classes: private contracts with extra tools, off-chain channels, and extensions on core functionalities. Finally, we summarize several challenges and identify future research directions toward developing secure, privacy-preserving, and efficient smart contracts.

A Light Blockchain-Powered Privacy-Preserving Organization Scheme for Ride Sharing Services

Abstract: Ride-sharing is a service that enables drivers to share their trips with other riders, contributing to improving traffic congestion as well as assist in reducing Carbon Dioxide (CO2) emission and fuel consumption. It has come to the forefront in recent years as a Green service in large cities. However, the majority of existing ride-sharing services rely on a central third party, which makes them subject to a single point of failure and privacy disclosure concerns by both internal and external attackers. Moreover, they are vulnerable to distributed denial of service (DDoS) and Sybil attacks due to malicious users. There is also high service fees paid to the ride-sharing service provider. In this paper, we propose to decentralize ride-sharing services based on a public Blockchain. Our scheme enables drivers to propose ride-sharing services without relying on a trusted third party. To preserve location privacy, riders send cloaked ride requests to hide their exact pick-up/drop-off locations, and departure/arrival dates. Then, by using an off-line matching technique, drivers sends their offers encrypted to ensure data confidentiality. Upon receiving the ride-offers, the rider can find a ride match using some heuristics as well as the bid price included in the offer. To preserve anonymity, riders/drivers use pseudonyms that change per trip to ensure unlinkabilty. We envision the application of this technology in Green Internet of Things connected smart cities, where ride sharing services are common. Finally, we implement our scheme and deploy it in a test net of Ethereum. The experimental results show the applicability of our protocol.

xDBAuth: Blockchain Based Cross Domain Authentication and Authorization Framework for Internet of Things

Abstract: The innovation of ubiquitous and pervasive computing helps service-oriented organizations in the realization of a virtual coalition. The virtual coalition is a set of IoT domains i.e., smart homes and smart hospitals that are linked together through communication lines to share resources. Such virtual coalitions need secure cross-domain permission delegation and access control mechanisms. In existing approaches, permission delegation and access control are performed at the resource owner domain or by a single trusted third party. This single trusted third party may fail to work or compromise. Therefore, it will collapse either the whole system or the security of the system. We propose xDBAuth, a decentralized Blockchain (BC) based permission delegation and access control framework for the Internet of Things (IoT). Also, we proposed a hierarchy of local and global smart contracts that perform permission delegation and access control for both internal and external user/IoT devices. Additionally, the proposed framework preserves an external user's privacy by allowing them to get authentication in their parent IoT domains. During authentication, Proof-of-Authenticity/Integrity (PoAI) mechanism is used to find and retrieve user/IoT device platform hashes stored on local BC. After successful authentication, BC authorizes the user/IoT device based on the validation of delegation policies stored on BC. We implemented the proposed framework using Node.js. The results show that the proposed xDBAuth is a lightweight framework with less computational overhead. xDBAuth produces high throughput in an environment having a large number of concurrent requests.

A Survey on Blockchain Technology Concepts, Applications, and Issues

Abstract: The blockchain technology first emerged with the Bitcoin whitepaper, which was the first successful proposal to implement a decentralized digital currency with ability to execute completely non-reversible transactions without a trusted and centralized third party. Blockchain concept provided an inherent part of this decentralization together with hash-based proof-of-work, public key cryptography, and peer-to-peer network. Even though blockchain technology was introduced to solve the double-spending problem of electronic money without relying on a trusted third party, this particular concept is being researched and already used to solve problems in many other areas. This paper captures concepts of blockchain, its applications, issues, and suggested improvements referring to blockchain-related subsequent publications.

Privacy preserving vertical federated learning for tree-based models

Abstract: Federated learning (FL) is an emerging paradigm that enables multiple organizations to jointly train a model without revealing their private data to each other. This paper studies vertical federated learning, which tackles the scenarios where (i) collaborating organizations own data of the same set of users but with disjoint features, and (ii) only one organization holds the labels. We propose Pivot, a novel solution for privacy preserving vertical decision tree training and prediction, ensuring that no intermediate information is disclosed other than those the clients have agreed to release (i.e., the final tree model and the prediction output). Pivot does not rely on any trusted third party and provides protection against a semi-honest adversary that may compromise m - 1 out of m clients. We further identify two privacy leakages when the trained decision tree model is released in plain-text and propose an enhanced protocol to mitigate them. The proposed solution can also be extended to tree ensemble models, e.g., random forest (RF) and gradient boosting decision tree (GBDT) by treating single decision trees as building blocks. Theoretical and experimental analysis suggest that Pivot is efficient for the privacy achieved.

LiKe: Lightweight Certificateless Key Agreement for Secure IoT Communications

Abstract: Certificateless public-key cryptography (CL-PKC) schemes are particularly robust against the leakage of secret information stored on a trusted third party (TTP). These security features are particularly relevant for Internet of Things (IoT) domains, where the devices are typically preconfigured with secret keys, usually stored locally on the TTP for following maintenance tasks. Despite some contributions already proposed for the adoption of CL-PKC schemes in constrained IoT devices, current solutions generally require high message overhead, are computationally demanding, and place a high toll on the energy budget. To close this gap, we propose LiKe, a lightweight pairing-free certificateless key agreement protocol suitable for integration in the latest ZigBee 3.0 protocol stack and constrained IoT devices. LiKe is an authenticated key agreement protocol characterized by: 1) ephemeral cryptographic materials; 2) support for intermittent connectivity with the TTP; 3) lightweight rekeying operations; and 4) robustness against impersonation attacks, even when information stored on the TTP is leaked. LiKe has been thoroughly described, and its security properties have been proved via formal tools. Moreover, we have implemented and tested it on real IoT devices, in networks with up to 11 nodes—the source code has been released as an open source. Results are striking: on the OpenMote-b hardware platform, LiKe requires a total time of 3.259 s to establish session keys on each participating device, and at most 0.258% of the overall battery capacity, emerging as a lightweight and energy-friendly solution. Finally, comparisons with competing solutions do show the superior quality and viability of our proposal.

Decentralized Self-Enforcing Trust Management System for Social Internet of Things

Abstract: The Internet of Things (IoT) is the network of connected computing devices that have the ability to transfer valued data between each other via the Internet without requiring human intervention. In such a connected environment, the social IoT (SIoT) has become an emerging trend where multiple IoT devices owned by users support communication within a social circle. Trust management in the SIoT network is imperative as trusting the information from compromised devices could lead to serious compromises within the network. It is important to have a mechanism where the devices and their users evaluate the trustworthiness of other devices and users before trusting the information sent by them. The privacy preservation, decentralization, and self-enforcing management without involving trusted third parties are the fundamental challenges in designing a trust management system for SIoT. To fulfill these challenges, this article presents a novel framework for computing and updating the trustworthiness of participants in the SIoT network in a self-enforcing manner without relying on any trusted third party. The privacy of the participants in the SIoT is protected by using homomorphic encryption in the decentralized setting. To achieve the properties of self-enforcement, the trust score of each device is automatically updated based on its previous trust score and the up-to-date tally of the votes by its peers in the network with zero-knowledge proofs (ZKPs) to enforce that every participant follows the protocol honestly. We evaluate the performance of the proposed scheme and present evaluation benchmarks by prototyping the main functionality of the system. The performance results show that the system has a linear increase in computation and communication overheads with more participants in the network. Furthermore, we prove the correctness, privacy, and security of the proposed system under a malicious adversarial model.

IRBA: An Identity-Based Cross-Domain Authentication Scheme for the Internet of Things

Abstract: The incredible development of Internet of things technology promotes the integration of application systems, which enable people to enjoy the convenience of multiple application services through a single intelligent device or terminal. In order to implement value exchange and information sharing between different applications, cross-domain access is inevitable. In order to prevent illegal access, identity authentication is necessary before the terminal accesses the service. Because of the need to introduce a trusted third party, the traditional centralized authentication model not only destroys the autonomy and flexibility of the application system, but also causes issues such as single point of failure and hidden dangers of unilateral control. This paper proposes an identity-based cross-domain authentication scheme for the Internet of Things. This scheme uses the Blockchain as a decentralized trust anchor instead of the traditional certificate of authority, and uses the identity-based self-authentication algorithm to replace the traditional PKI authentication algorithm. The scheme proposed in this paper implements a decentralized authentication model, which can guarantee the autonomy and initiative of the security domain.

A Review on Scalability of Blockchain

Abstract: As one of the key technologies of distributed ledgers, blockchain solves the trust problem in open network without relying on any trusted third party. Its decentralized feature has a broad application prospect, but still faces scalability problem. Currently, blockchain scalability bottleneck is mainly in three aspects: performance inefficiency, high confirmation delay, and function extension. For example, Bitcoin can only deal with 7 transactions per second averagely. Obviously, it cannot meet the requirement of current digital payment scenarios, nor can it be carried in other applications such as distributed storage and credit service. What's more, different blockchain systems carry different business and requirements, so scalability is the core issue of the current development of blockchain. This paper introduces the blockchain scalability related technologies from the aspects of improving efficiency and extending functionality of blockchain system, respectively. We summarize four mainstream solutions to improve the performance of blockchain system, including Sharding mechanism, directed acyclic graph based (DAG-based), off-chain payment network and cross-chain technology. In the end, we give some suggestions for further research in blockchain scalability.

A Decentralized Peer-to-Peer Remote Health Monitoring System.

Abstract: Within the Internet of Things (IoT) and blockchain research, there is a growing interest in decentralizing health monitoring systems, to provide improved privacy to patients, without relying on trusted third parties for handling patients' sensitive health data. With public blockchain deployments being severely limited in their scalability, and inherently having latency in transaction processing, there is room for researching and developing new techniques to leverage the security features of blockchains within healthcare applications. This paper presents a solution for patients to share their biomedical data with their doctors without their data being handled by trusted third party entities. The solution is built on the Ethereum blockchain as a medium for negotiating and record-keeping, along with Tor for delivering data from patients to doctors. To highlight the applicability of the solution in various health monitoring scenarios, we have considered three use-cases, namely cardiac monitoring, sleep apnoea testing, and EEG following epileptic seizures. Following the discussion about the use cases, the paper outlines a security analysis performed on the proposed solution, based on multiple attack scenarios. Finally, the paper presents and discusses a performance evaluation in terms of data delivery time in comparison to existing centralized and decentralized solutions.

A Double Obfuscation Approach for Protecting the Privacy of IoT Location Based Applications

Abstract: Connected vehicles and smart cars have become highly reliant on location-based services (i.e. LBS) to provide accurate, personalized and intelligent services. However, location-based services have endangered its users to considerable risks concerning the privacy and security of users’ personal data. Although existing research provides a myriad of methods to improve and protect user privacy in LBS applications, most of these methods are concerned with handling static queries and non-mobile objects only. Moreover, various issues and challenges still persist with regards to the need to trust third parties, overloading of the user, and low accuracy of the returned results. This paper contributes a Double Obfuscation Approach (referred to as DOA) that applies two phases of obfuscation consecutively whilst integrating two differing privacy protection approaches, namely Obfuscation and Trusted Third Party, and two techniques, namely fog caching technology and mix zone. In essence, the DOA obfuscates and hides the identity and location of its users using the fog nodes, which operate as a trusted third party (TTP), and without the need to reveal the identity of the users or trust the cooperating nodes. Moreover, this paper presents a DOA algorithm that improves the overall user privacy and system performance using the fog nodes, which split the responses of each query into five parts, thus reducing the processing time of the results by the user and enhancing the overall accuracy where the user directly selects the most suitable parts based on his current location. Overall, the hybrid DOA approach empowers the users of connected vehicle applications to protect their privacy through an algorithm that caters for the dynamic nature of user queries and mobility of objects. The results of our comparative simulations against well-known hybrid privacy protection methods demonstrate the superiority of the proposed Double Obfuscation Approach especially with respect to user privacy whilst maintaining a nominal overhead on the user, reduced response time and high accuracy of the obtained results.

Dynamic Decentralized Functional Encryption

Abstract: We introduce Dynamic Decentralized Functional Encryption (\(\textsf {DDFE}\)), a generalization of Functional Encryption which allows multiple users to join the system dynamically, without relying on a trusted third party or on expensive and interactive Multi-Party Computation protocols.

privy: Privacy Preserving Collaboration Across Multiple Service Providers to Combat Telecom Spams

Abstract: Nuisance or unsolicited calls and instant messages come at any time in a variety of different ways. These calls would not only exasperate recipients with the unwanted ringing, impacting their productivity, but also lead to a direct financial loss to users and service providers. Telecommunication Service Providers (TSPs) often employ standalone detection systems to classify call originators as spammers or non-spammers using their behavioral patterns. These approaches perform well when spammers target a large number of recipients of one service provider. However, professional spammers try to evade the standalone systems by intelligently reducing the number of spam calls sent to one service provider, and instead distribute calls to the recipients of many service providers. Naturally, collaboration among service providers could provide an effective defense, but it brings the challenge of privacy protection and system resources required for the collaboration process. In this paper, we propose a novel decentralized collaborative system named privy for the effective blocking of spammers who target multiple TSPs. More specifically, we develop a system that aggregates the feedback scores reported by the collaborating TSPs without employing any trusted third party system, while preserving the privacy of users and collaborators. We evaluate the system performance of privy using both the synthetic and real call detail records. We find that privy can correctly block spammers in a quicker time, as compared to standalone systems. Further, we also analyze the security and privacy properties of the privy system under different adversarial models.

Wireless Communications and Mobile Computing Blockchain-Based Trust Management in Distributed Internet of Things

Abstract: The development of Internet of Things (IoT) and Mobile Edge Computing (MEC) has led to close cooperation between electronic devices. It requires strong reliability and trustworthiness of the devices involved in the communication. However, current trust mechanisms have the following issues: (1) heavily relying on a trusted third party, which may incur severe security issues if it is corrupted, and (2) malicious evaluations on the involved devices which may bias the trustrank of the devices. By introducing the concepts of risk management and blockchain into the trust mechanism, we here propose a blockchain-based trust mechanism for distributed IoT devices in this paper. In the proposed trust mechanism, trustrank is quantified by normative trust and risk measures, and a new storage structure is designed for the domain administration manager to identify and delete the malicious evaluations of the devices. Evidence shows that the proposed trust mechanism can ensure data sharing and integrity, in addition to its resistance against malicious attacks to the IoT devices.

Decentralized Privacy-Preserving Data Aggregation Scheme for Smart Grid Based on Blockchain.

Abstract: As a next-generation power system, the smart grid can implement fine-grained smart metering data collection to optimize energy utilization. Smart meters face serious security challenges, such as a trusted third party or a trusted authority being attacked, which leads to the disclosure of user privacy. Blockchain provides a viable solution that can use its key technologies to solve this problem. Blockchain is a new type of decentralized protocol that does not require a trusted third party or a central authority. Therefore, this paper proposes a decentralized privacy-preserving data aggregation (DPPDA) scheme for smart grid based on blockchain. In this scheme, the leader election algorithm is used to select a smart meter in the residential area as a mining node to build a block. The node adopts Paillier cryptosystem algorithm to aggregate the user's power consumption data. Boneh-Lynn-Shacham short signature and SHA-256 function are applied to ensure the confidentiality and integrity of user data, which is convenient for billing and power regulation. The scheme protects user privacy data while achieving decentralization, without relying on TTP or CA. Security analysis shows that our scheme meets the security and privacy requirements of smart grid data aggregation. The experimental results show that this scheme is more efficient than existing competing schemes in terms of computation and communication overhead.

A Security-Enhanced Certificateless Aggregate Signature Authentication Protocol for InVANETs

Abstract: The pervasive communications between vehicles and dynamic mobility may significantly increase data exchange and therefore bring a huge amount of traffic data in InVANETs. Due to some environmental factors, like the vulnerability of wireless connection, limitation of in-car computing ability, and speed of vehicles, it is extremely challenging to design identity authentication protocols satisfying the requirements of both high security and efficiency simultaneously. To this end, the aggregate signature technology has been employed in InVANETs. However, the technology still suffers from high computational overhead due to the management of certificates, as well as the key escrow problem (i.e., the dependence on a fully trusted third party). In this article, we propose the SE-CLASA protocol for InVANETs in order to tackle the aforementioned problems. In addition, a novel factor-contained aggregation mechanism is proposed to resist an information injection attack investigated in our analysis. Moreover, we prove the security of the proposed SE-CLASA and conclude that it meets most known security requirements in a general InVANET scenario. Simulation results show the superiority of the proposed SE-CLASA, in terms of security and efficiency, compared to the most recent authentications in InVANETs.

Safe is the new Smart: PUF-based Authentication for Load Modification-Resistant Smart Meters

Abstract: In the energy sector, IoT manifests in the form of next-generation power grids that provide enhanced electrical stability, efficient power distribution and utilization. The primary feature of a Smart Grid is the presence of an advanced bi-directional communication network between the Smart meters at the consumer end and the servers at the Utility Operators. The Smart meters are broadly vulnerable to attacks on communication and physical systems. We propose a secure and operationally asymmetric mutual authentication and key-exchange protocol for secure communication. Our protocol balances security and efficiency, delegates complex cryptographic operations to the resource-equipped servers, and carefully manages the workload on the resource-constrained Smart meter nodes using unconventional lightweight primitives such as Physically Unclonable Functions. We prove the security of the protocol using well-established cryptographic assumptions. We implement the proposed scheme end-to-end in a Smart meter prototype using commercial-off-the-shelf products, a Utility server and a credential generator as the trusted third party. Additionally, we demonstrate a physics-based attack named load modification attack on the Smart meter to demonstrate that merely securing the communication channel using authentication does not secure the meter, but requires further protections to ensure the correctness of the reported consumption. Hence, we propose a countermeasure to such attack that goes side-by-side with our protocol implementation.

Efficient and Secure Location-Based Services Scheme in VANET

Abstract: In VANET, the privacy of the query becomes a serious concern for location-based services (LBS). An LBS scheme must, also, not breach the location privacy of the user vehicle. In order to protect query privacy of the vehicle user, the existing state-of-the-art schemes either reduce the accuracy of LBS or insert a trusted third party (TTP) between the vehicle user and the location server hosting the LBS scheme. Cryptographic constructs such as public-key encryption, Oblivious Transfer (OT), Private Information Retrieval (PIR), and homomorphic encryption are used to remove the TTP or increase the accuracy of the previous schemes. The problem with these existing schemes is that some of them are either inefficient or insecure. In order to address the security and privacy issues, we propose an efficient privacy-preserving mechanism for protecting the query privacy of the user, information content of the location server, and location privacy-preserving of the vehicle in the LBS scheme for VANET. In this scheme, the vehicle requests for services from the location server without revealing the query content to the location server. The location server sends all Point of Interests (POIs) to the vehicle, but the vehicle can only obtain the requested query content. The query privacy of the user and content privacy of the location server is preserved in the exchange. The proposed variant of the OT extension protocol is computationally and communicationally efficient and uses a lattice-based ring-Learning With Errors (ring-LWE) scheme as a Base-OT.

A Novel Privacy-Preserving Authentication Scheme for V2G Networks

Abstract: As we acknowledge that vehicle-to-grid (V2G) network holds obvious predominance in economic benefits, it attracts wide attentions of power system and electric vehicle (EV) users. However, lots of security issues hinder its further development. For example, many existing V2G schemes use the bilinear pairing to implement authentication protocol, resulting in high computational costs. In addition, the system master key in the existing V2G scheme is generated independently by a trusted third party, so the system master key is vulnerable to leakage if the third party is compromised by the adversary. In this article, we propose a novel privacy-preserving authentication scheme for V2G networks. Specifically, this scheme employs the nonsupersingular elliptic curve to construct a lightweight authentication protocol for EV and smart grid. Meanwhile, system master key in the proposed scheme is generated by the key agreement protocol, i.e., a protocol that is constructed using a secure two-party computation between the third party authority and the dispatching center. Security analysis shows that the proposed scheme is provably secure under the random oracle model. Compared with related schemes, the proposed scheme can not only improve the authentication efficiency of V2G networks, but also prevent internal attacker. Experimental results indicate that our scheme is of practical significance for V2G networks.