Showing papers on "Verifiable secret sharing published in 2013"

Attribute-Based Encryption With Verifiable Outsourced Decryption

Abstract: Attribute-based encryption (ABE) is a public-key-based one-to-many encryption that allows users to encrypt and decrypt data based on user attributes. A promising application of ABE is flexible access control of encrypted data stored in the cloud, using access polices and ascribed attributes associated with private keys and ciphertexts. One of the main efficiency drawbacks of the existing ABE schemes is that decryption involves expensive pairing operations and the number of such operations grows with the complexity of the access policy. Recently, Green et al. proposed an ABE system with outsourced decryption that largely eliminates the decryption overhead for users. In such a system, a user provides an untrusted server, say a cloud service provider, with a transformation key that allows the cloud to translate any ABE ciphertext satisfied by that user's attributes or access policy into a simple ciphertext, and it only incurs a small computational overhead for the user to recover the plaintext from the transformed ciphertext. Security of an ABE system with outsourced decryption ensures that an adversary (including a malicious cloud) will not be able to learn anything about the encrypted message; however, it does not guarantee the correctness of the transformation done by the cloud. In this paper, we consider a new requirement of ABE with outsourced decryption: verifiability. Informally, verifiability guarantees that a user can efficiently check if the transformation is done correctly. We give the formal model of ABE with verifiable outsourced decryption and propose a concrete scheme. We prove that our new scheme is both secure and verifiable, without relying on random oracles. Finally, we show an implementation of our scheme and result of performance measurements, which indicates a significant reduction on computing resources imposed on users.

Verifiable delegation of computation on outsourced data

Abstract: We address the problem in which a client stores a large amount of data with an untrusted server in such a way that, at any moment, the client can ask the server to compute a function on some portion of its outsourced data. In this scenario, the client must be able to efficiently verify the correctness of the result despite no longer knowing the inputs of the delegated computation, it must be able to keep adding elements to its remote storage, and it does not have to fix in advance (i.e., at data outsourcing time) the functions that it will delegate. Even more ambitiously, clients should be able to verify in time independent of the input-size -- a very appealing property for computations over huge amounts of data.In this work we propose novel cryptographic techniques that solve the above problem for the class of computations of quadratic polynomials over a large number of variables. This class covers a wide range of significant arithmetic computations -- notably, many important statistics. To confirm the efficiency of our solution, we show encouraging performance results, e.g., correctness proofs have size below 1 kB and are verifiable by clients in less than 10 milliseconds.

Quantum secret sharing with classical Bobs

Abstract: Boyer et al (2007 Phys. Rev. Lett. 99 140501) proposed a novel idea of semi-quantum key distribution, where a key can be securely distributed between Alice, who can perform any quantum operation, and Bob, who is classical. Extending the ?semi-quantum? idea to other tasks of quantum information processing is of interest and worth considering. In this paper, we consider the issue of semi-quantum secret sharing, where a quantum participant Alice can share a secret key with two classical participants, Bobs. After analyzing the existing protocol, we propose a new protocol of semi-quantum secret sharing. Our protocol is more realistic, since it utilizes product states instead of entangled states. We prove that any attempt of an adversary to obtain information necessarily induces some errors that the legitimate users could notice.

Efficient verifiable fuzzy keyword search over encrypted data in cloud computing

Abstract: As cloud computing becomes prevalent, more and more sensitive data is being centralized into the cloud by users. To maintain the confidentiality of sensitive user data against untrusted servers, the data should be encrypted before they are uploaded. However, this raises a new challenge for performing search over the encrypted data efficiently. Although the existing searchable encryption schemes allow a user to search the encrypted data with confidentiality, these solutions cannot support the verifiability of searching result. We argue that a cloud server may be selfish in order to save its computation ability or bandwidth. For example, it may execute only a fraction of the search and returns part of the searching result. In this paper, we propose a new verifiable fuzzy keyword search scheme based on the symbol-tree which not only supports the fuzzy keyword search, but also enjoys the verifiability of the searching result. Through rigorous security and efficiency analysis, we show that our proposed scheme is secure under the proposed model, while correctly and efficiently realizing the verifiable fuzzy keyword search. The extensive experimental results demonstrate the efficiency of the proposed scheme.

How to Update Documents Verifiably in Searchable Symmetric Encryption

Abstract: In a searchable symmetric encryption (SSE) scheme, a client can store encrypted documents to a server in such way that he can later retrieve the encrypted documents which contain a specific keyword, keeping the keyword and the documents secret. In this paper, we show how to update (modify, delete and add) documents in a verifiable way. Namely the client can detect any cheating behavior of malicious servers. We then prove that our scheme is UC-secure in the standard model.

Proactively accountable anonymous messaging in verdict

Abstract: Among anonymity systems, DC-nets have long held attraction for their resistance to traffic analysis attacks, but practical implementations remain vulnerable to internal disruption or "jamming" attacks, which require time-consuming detection procedures to resolve. We present Verdict, the first practical anonymous group communication system built using proactively verifiable DC-nets: participants use public-key cryptography to construct DC-net ciphertexts, and use zero-knowledge proofs of knowledge to detect and exclude misbehavior before disruption. We compare three alternative constructions for verifiable DC-nets: one using bilinear maps and two based on simpler ElGamal encryption. While verifiable DC-nets incur higher computational overheads due to the public-key cryptography involved, our experiments suggest that Verdict is practical for anonymous group messaging or microblogging applications, supporting groups of 100 clients at 1 second per round or 1000 clients at 10 seconds per round. Furthermore, we show how existing symmetric-key DC-nets can "fall back" to a verifiable DC-net to quickly identify misbehavior, speeding up previous detections schemes by two orders of magnitude.

OASIS: on achieving a sanctuary for integrity and secrecy on untrusted platforms

Abstract: We present OASIS, a CPU instruction set extension for externally verifiable initiation, execution, and termination of an isolated execution environment with a trusted computing base consisting solely of the CPU. OASIS leverages the hardware components available on commodity CPUs to achieve a low-cost, low-overhead design.

Publicly verifiable proofs of sequential work

Abstract: We construct a publicly verifiable protocol for proving computational work based on collision-resistant hash functions and a new plausible complexity assumption regarding the existence of "inherently sequential" hash functions Our protocol is based on a novel construction of time-lock puzzles Given a sampled "puzzle" P getsr Dn, where $n$ is the security parameter and Dn is the distribution of the puzzles, a corresponding "solution" can be generated using N evaluations of the sequential hash function, where N>n is another parameter, while any feasible adversarial strategy for generating valid solutions must take at least as much time as Ω(N) serial evaluations of the hash function after receiving $P$ Thus, valid solutions constitute a "proof" that Ω(N) parallel time elapsed since p was received Solutions can be publicly and efficiently verified in time poly(n) ⋅ polylog(N) Applications of these "time-lock puzzles" include noninteractive timestamping of documents (where the distribution over the possible documents corresponds to the puzzle distribution Dn) and universally verifiable CPU benchmarks Our construction is secure in the standard model under complexity assumptions (collision-resistant hash functions and inherently sequential hash functions), and makes black-box use of the underlying primitives Consequently, the corresponding construction in the random oracle model is secure unconditionally Moreover, as it is a public-coin protocol, it can be made non-interactive in the random oracle model using the Fiat-Shamir HeuristicOur construction makes a novel use of "depth-robust" directed acyclic graphs---ones whose depth remains large even after removing a constant fraction of vertices---which were previously studied for the purpose of complexity lower-bounds The construction bypasses a recent lower-bound of Mahmoody, Moran, and Vadhan (CRYPTO '11) for time-lock puzzles in the random oracle model, which showed that it is impossible to have time-lock puzzles like ours in the random oracle model if the puzzle generator also computes a solution together with the puzzle

Remotegrity: design and use of an end-to-end verifiable remote voting system

Abstract: We propose and implement a cryptographically end-to-end verifiable (E2E) remote voting system for absentee voters and report on its deployment in a binding municipal election in Takoma Park, Maryland. Remotegrity is a hybrid mail/internet extension to the Scantegrity in-person voting system, enabling secure, electronic return of vote-by-mail ballots. It provides voters with the ability to detect unauthorized modifications to their cast ballots made by either malicious client software, or a corrupt election authority--two threats not previously studied in combination. Not only can the voter detect such changes, they can prove it to a third party without giving up ballot secrecy.

VABKS: Verifiable Attribute-based Keyword Search over Outsourced Encrypted Data.

Abstract: It is common nowadays for data owners to outsource their data to the cloud. Since the cloud cannot be fully trusted, the outsourced data should be encrypted. This however brings a range of problems, such as: How should a data owner grant search capabilities to the data users? How can the authorized data users search over a data owner's outsourced encrypted data? How can the data users be assured that the cloud faithfully executed the search operations on their behalf? Motivated by these questions, we propose a novel cryptographic solution, called verifiable attribute-based keyword search (VABKS). The solution allows a data user, whose credentials satisfy a data owner's access control policy, to (i) search over the data owner's outsourced encrypted data, (ii) outsource the tedious search operations to the cloud, and (iii) verify whether the cloud has faithfully executed the search operations. We formally define the security requirements of VA B K S and describe a construction that satisfies them. Performance evaluation shows that the proposed schemes are practical and deployable.

Multi-party quantum secret sharing with the single-particle quantum state to encode the information

Abstract: We present a three-party quantum secret sharing (QSS) scheme via the entangled Greenberger---Horne---Zeilinger state. In this scheme, the sender Alice encodes her arbitrary secret information by means of preparing a single-particle quantum state. The agent Bob obtains his shared information according to his hobby, while Charlie can easily calculate his shared information. The proposed scheme is secure. It is shown that even a dishonest agent, who may avoid the security checking, cannot obtain any useful information. Moreover, we further investigate the multi-party QSS scheme which allows most agents to predetermine their information.

Detecting Outlier Measurements Based on Graph Rigidity for Wireless Sensor Network Localization

Abstract: A majority of localization approaches for wireless sensor networks rely on the measurements of internode distance. Errors are inevitable in distance measurements, and we observe that a small number of outliers can drastically degrade localization accuracy. To deal with noisy and outlier ranging results, a straightforward method, known as triangle inequality, has often been employed in previous studies. However, triangle inequality has its own limitations that make it far from accurate and reliable. In this paper, we first analyze how much information is needed to identify outlier measurements. Applying the rigidity theory, we propose the concept of verifiable edges and derive the conditions for an edge to be verifiable. On this basis, we design a localization approach with outlier detection, which explicitly eliminates ranges with large errors before location computation. Considering the entire network, we define verifiable graphs in which all edges are verifiable. If a wireless network meets the requirements of graph verifiability, it is not only localizable but outlier resistant as well. Extensive simulations are conducted to examine the effectiveness of the proposed approach. The results show remarkable improvement in location accuracy by sifting outliers.

Towards verifiable resource accounting for outsourced computation

Abstract: Outsourced computation services should ideally only charge customers for the resources used by their applications. Unfortunately, no verifiable basis for service providers and customers to reconcile resource accounting exists today. This leads to undesirable outcomes for both providers and consumers-providers cannot prove to customers that they really devoted the resources charged, and customers cannot verify that their invoice maps to their actual usage. As a result, many practical and theoretical attacks exist, aimed at charging customers for resources that their applications did not consume. Moreover, providers cannot charge consumers precisely, which causes them to bear the cost of unaccounted resources or pass these costs inefficiently to their customers.We introduce ALIBI, a first step toward a vision for verifiable resource accounting. ALIBI places a minimal, trusted reference monitor underneath the service provider's software platform. This monitor observes resource allocation to customers' guest virtual machines and reports those observations to customers, for verifiable reconciliation. In this paper, we show that ALIBI efficiently and verifiably tracks guests' memory use and CPU-cycle consumption.

Leakage-Resilient Symmetric Cryptography under Empirically Verifiable Assumptions

Abstract: Leakage-resilient cryptography aims at formally proving the security of cryptographic implementations against large classes of side-channel adversaries. One important challenge for such an approach to be relevant is to adequately connect the formal models used in the proofs with the practice of side-channel attacks. It raises the fundamental problem of finding reasonable restrictions of the leakage functions that can be empirically verified by evaluation laboratories. In this paper, we first argue that the previous “bounded leakage” requirements used in leakage-resilient cryptography are hard to fulfill by hardware engineers. We then introduce a new, more realistic and empirically verifiable assumption of simulatable leakage, under which security proofs in the standard model can be obtained. We finally illustrate our claims by analyzing the physical security of an efficient pseudorandom generator (for which security could only be proven under a random oracle based assumption so far). These positive results come at the cost of (algorithm-level) specialization, as our new assumption is specifically defined for block ciphers. Nevertheless, since block ciphers are the main building block of many leakage-resilient cryptographic primitives, our results also open the way towards more realistic constructions and proofs for other pseudorandom objects.

Network-Centric Quantum Communications with Application to Critical Infrastructure Protection

Abstract: Network-centric quantum communications (NQC) - a new, scalable instantiation of quantum cryptography providing key management with forward security for lightweight encryption, authentication and digital signatures in optical networks - is briefly described Results from a multi-node experimental test-bed utilizing integrated photonics quantum communications components, known as QKarDs, include: quantum identification; verifiable quantum secret sharing; multi-party authenticated key establishment, including group keying; and single-fiber quantum-secured communications that can be applied as a security retrofit/upgrade to existing optical fiber installations A demonstration that NQC meets the challenging simultaneous latency and security requirements of electric grid control communications, which cannot be met without compromises using conventional cryptography, is described

Non-Malleability from Malleability: Simulation-Sound Quasi-Adaptive NIZK Proofs and CCA2-Secure Encryption from Homomorphic Signatures.

Abstract: Verifiability is central to building protocols and systems with integrity. Initially, efficient methods employed the Fiat-Shamir heuristics. Since 2008, the Groth-Sahai techniques have been the most efficient in constructing non-interactive witness indistinguishable and zero-knowledge proofs for algebraic relations. For the important task of proving membership in linear subspaces, Jutla and Roy (Asiacrypt 2013) gave significantly more efficient proofs in the quasi-adaptive setting (QA-NIZK). For membership of the row space of a t× n matrix, their QA-NIZK proofs save O(2t) group elements compared to GrothSahai. Here, we give QA-NIZK proofs made of a constant number group elements – regardless of the number of equations or the number of variables – and additionally prove them unbounded simulationsound. Unlike previous unbounded simulation-sound Groth-Sahai-based proofs, our construction does not involve quadratic pairing product equations and does not rely on a chosen-ciphertext-secure encryption scheme. Instead, we build on structure-preserving signatures with homomorphic properties. We apply our methods to design new and improved CCA2-secure encryption schemes. In particular, we build the first efficient threshold CCA-secure keyed-homomorphic encryption scheme (i.e., where homomorphic operations can only be carried out using a dedicated evaluation key) with publicly verifiable ciphertexts.

Verifiable private multi-party computation: Ranging and ranking

Abstract: The existing work on distributed secure multi-party computation, e.g., set operations, dot product, ranking, focus on the privacy protection aspects, while the verifiability of user inputs and outcomes are neglected. Most of the existing works assume that the involved parties will follow the protocol honestly. In practice, a malicious adversary can easily forge his/her input values to achieve incorrect outcomes or simply lie about the computation results to cheat other parities. In this work, we focus on the problem of verifiable privacy preserving multiparty computation. We thoroughly analyze the attacks on existing privacy preserving multi-party computation approaches and design a series of protocols for dot product, ranging and ranking, which are proved to be privacy preserving and verifiable. We implement our protocols on laptops and mobile phones. The results show that our verifiable private computation protocols are efficient both in computation and communication.

Verifiable Privacy-Preserving Aggregation in People-Centric Urban Sensing Systems

Abstract: People-centric urban sensing systems (PC-USSs) refer to using human-carried mobile devices such as smartphones and tablets for urban-scale distributed data collection, analysis, and sharing to facilitate interaction between humans and their surrounding environments. A main obstacle to the widespread deployment and adoption of PC-USSs are the privacy concerns of participating individuals as well as the concerns about data integrity. To tackle this open challenge, this paper presents the design and evaluation of VPA, a novel peer-to-peer based solution to verifiable privacy-preserving data aggregation in PC-USSs. VPA achieves strong user privacy by letting each user exchange random shares of its datum with other peers, while at the same time ensures data integrity through a combination of Trusted Platform Module and homomorphic message authentication code. VPA can support a wide range of statistical additive and non-additive aggregation functions such as Sum, Average, Variance, Count, Max/Min, Median, Histogram, and Percentile with accurate aggregation results. The efficacy and efficiency of VPA are confirmed by thorough analytical and simulation results.

An Improved Authenticated Group Key Transfer Protocol Based on Secret Sharing

Abstract: To achieve secure group communication, one-time session keys need to be shared among group members in a secure and authenticated manner. In this paper, we propose an improved authenticated key transfer protocol based on Shamir's secret sharing. The proposed protocol achieves key confidentiality due to security of Shamir's secret sharing and provides key authentication by broadcasting a single authentication message to all members. Furthermore, the proposed scheme resists against both insider and outsider attacks.

Efficient key construction on semi-quantum secret sharing protocols

Abstract: Semi-quantum secret sharings (SQSSs), as they are of now, require all the agents choose to measure the received qubits to produce the shared secret key. As a result, to share an n-bit secret key in an (m + 1)-party SQSS, the number of quanta required to transmit is n × 2m, which increases exponentially with the number of agents (i.e. m). This study proposes a new idea on the construction of the secret key for the existing SQSS such that only 2nm qubits are required to produce an n-bit secret key in the (m + 1)-party SQSS.

Election Verifiability or Ballot Privacy: Do We Need to Choose?

Abstract: We propose a new encryption primitive, commitment consistent encryption (CCE), and instances of this primitive that enable building the first universally verifiable voting schemes with a perfectly private audit trail (PPAT) and practical complexity. That is:

A Scalable Transitive Human-Verifiable Authentication Protocol for Mobile Devices

Abstract: The man-in-the-middle (MITM) attack is the major threat for handheld devices to agree on a session key in which they do not share any prior secret in advance, even if these devices are physically located in the same place. Apart from insecurely typing passwords into handheld devices or comparing long hexadecimal keys displayed on the devices' screens, many other human-verifiable protocols have been proposed in the literature to solve the problem. Unfortunately, most of these schemes are unscalable to more users. Even when there are only three entities attempting to agree on a session key, these protocols need to be rerun three times. In this paper, we present a bipartite and a tripartite authentication protocol using a temporary confidential channel. Besides, we further extend the system into a transitive authentication protocol that allows multiple handheld devices to establish a conference key securely and efficiently. In addition, we provide a formal proof to our protocol to demonstrate our scheme is indeed secure. We also implement the prototype of the system on a mobile phone with satisfying performance.

Intercept-Resend Attacks on Semi-quantum Secret Sharing and the Improvements

Abstract: Recently, Li et al. [Phys. Rev. A 82(2):022303, 2010] presented two semi-quantum secret sharing (SQSS) protocols using Greenberger-Horne-Zeilinger-like states. The proposed schemes are quite practical because only the secret dealer needs to be equipped with advanced quantum devices such as quantum memory, whereas the other agents can merely perform classical operations to complete the secret sharing. However, the present study demonstrates the existence of a security pitfall in the eavesdropping check phase of both the schemes, which can lead to an intercept-resend attack and a Trojan horse attack on the two schemes by a dishonest agent, to determine the other agent’s shadow and consequently derive the master key of the SQSS. This contradicts the security requirement of QSS. Fortunately, two possible solutions are proposed herein to eliminate this security pitfall.

Privacy-Preserving Decentralized Ciphertext-Policy Attribute-Based Encryption with Fully Hidden Access Structure

Abstract: To make multi-authority ABE schemes collusion-resistant, a user in the system must be tied with a globally verifiable identifier GID. The drawback of this approach is that it compromises the user's privacy. Malicious authorities can collect user's attributes by tracing the user GID, thus compromises the privacy of the user. The other privacy concern is access structures that sent along with ciphertext in traditional CP-ABE schemes may have sensitive information. In this paper, we propose a multi-authority ABE scheme with fully hidden access structure that authorities can get nothing about user GID when generating and issuing user private keys and access structures are hidden to receivers. We prove the security of our scheme under a standard complexity assumption of decisional bilinear Diffie-Hellman (DBDH) assumption. The access structure we used in our scheme is AND, OR gates on multi-valued attributes.

Secure multiparty quantum secret sharing with the collective eavesdropping-check character

Abstract: Combining the block transmission in Long and Liu (Phys Rev A 65:032302, 2002) and the double operations in Lin et al. (Opt Commun 282:4455, 2009), we propose a secure multiparty quantum secret sharing protocol with the collective eavesdropping-check character. In this protocol, only the boss needs to prepare Bell states and perform Bell state measurements, and all agents only perform local operations, which makes this protocol more feasible with the current technique. Incidentally, we show that the other half of secret messages in Lin et al. protocol (Opt Commun 282:4455, 2009) may also be eavesdropped.

Equivalence between sharing quantum and classical secrets and error correction

Abstract: We present a general scheme for sharing quantum secrets, and an extension to sharing classical secrets, which contain all known quantum secret sharing schemes. In this framework we show the equivalence of existence of both schemes, that is, the existence of a scheme sharing a quantum secret implies the extended classical secret sharing scheme works, and vice versa. As a consequence of this we find new schemes sharing classical secrets for arbitrary access structures. We then clarify the relationship to quantum error correction and observe several restrictions thereby imposed, which for example indicates that for pure state threshold schemes the share size $q$ must scale with the number of players $n$ as $q\geq \sqrt{n}$. These results also provide a new way of searching for quantum error correcting codes.

Cryptanalysis of dynamic quantum secret sharing

Abstract: We analyze the security of a dynamic quantum secret sharing scheme. The analysis shows that the first agent and the last one can gain access to the dealer's master key without the others' cooperation by a special participant attack in this scheme.

Secret sharing based on quantum Fourier transform

Abstract: Secret sharing plays a fundamental role in both secure multi-party computation and modern cryptography. We present a new quantum secret sharing scheme based on quantum Fourier transform. This scheme enjoys the property that each share of a secret is disguised with true randomness, rather than classical pseudorandomness. Moreover, under the only assumption that a top priority for all participants (secret sharers and recovers) is to obtain the right result, our scheme is able to achieve provable security against a computationally unbounded attacker.

On dealer-free dynamic threshold schemes

Abstract: In a threshold scheme, the sensitivity of the secret as well as the number of players may fluctuate due to various reasons, e.g., mutual trust may vary or the structure of the players' organization might be changed. A possible solution to this problem is to modify the threshold and/or change the secret. Moreover, a common problem with almost all secret sharing schemes is that they are "one-time", meaning that the secret and shares are known to everyone after a public secret recovery process. This problem could be resolved if the dealer shares various secrets at the beginning, but a better solution is to dynamically generate new secrets in the absence of the dealer. These issues are our main motivation to revisit dynamic threshold schemes. Therefore, we first provide the first comprehensive study of threshold modification techniques in both the passive and active adversary models. We first review an existing method for threshold modification based on resharing shares of a secret; this method is secure in the setting of a passive adversarial coalition. We then discuss two methods, termed public evaluation (for threshold reduction) and zero addition (for threshold increase) that can be used in both the passive and active adversarial setting. In the case of an active adversary, the techniques make use of verifiable secret sharing schemes, whereas the schemes considered in the passive adversary model are all based on the Shamir scheme. As an application, we discuss how the threshold and the secret can be changed multiple times to arbitrary values after the scheme's initialization.

System and method for secure transactions

Abstract: The present disclosure describes systems and methods directed towards a highly secure and intelligent, end to end provisioning, authentication, and transaction system which creates and/or consolidates user data for a unified profile for the user (e.g., a person, place, organization, object, etc.) to allow for the safe, secure, and verifiable exchange of information.