Download or read book Hardware and Protocols for Authentication and Secure Computation written by Chiraag Shashikant Juvekar and published by . This book was released on 2018 with total page 162 pages. Available in PDF, EPUB and Kindle. Book excerpt: The Internet of Things has resulted in an exponential rise in the number of embedded electronic devices. This thesis deals with ensuring the security of these embedded devices. In particular we focus our attention on two problems: first we look at how these devices can convince another of their identity i.e. authentication and second we look at how these devices and cloud servers can compute joint functions of their private inputs while revealing nothing but the computation results to the other i.e. secure computation. We start with the problem of counterfeit detection through electronic tagging. Physical access to electronic tags can be leveraged to mount side-channel and fault injection attacks. We design a new tagging solution that leverages ferro-electric capacitor based non volatile memory to addresses these issues. Next we note that resource constraints imposed by embedded devices often preclude the use of public-key cryptography. We address this issue through the development of a lightweight (10k-Gate) Elliptic Curve accelerator for the K-163 curves, which allows us to build a secure wireless-charging system that can block power from counterfeit and potentially dangerous chargers. Next we build upon these insights to develop a new authentication protocol which combines the leakage resilience and public-key authentication properties of our previous tagging solutions. We implement this bilinear pairing based protocol on a RISCV processor and demonstrate its practicality in an embedded environment through reuse of existing hardware accelerated cryptography for the TLS protocol. The final part of this thesis develops a framework for secure two-party computation. Our primary contribution is a judicious combination of homomorphic encryption and garbled circuits to substantially improve the performance of secure two-party computation. This allows us to present a practical solution to the problem of secure neural network inference, i.e. classifying your private data against a server's private model without either party sharing their data with the other. Our hybrid approach improves upon the state-of-art by 20-30 x in classification latency. Our final contributions are two efficient 2PC protocols that implement secure matrix multiplication and vector-OLE primitives. For both these tasks we improve concrete computation and communication performance over the state-of-art by an order of magnitude.

Download or read book Research Anthology on Artificial Intelligence Applications in Security written by Management Association, Information Resources and published by IGI Global. This book was released on 2020-11-27 with total page 2253 pages. Available in PDF, EPUB and Kindle. Book excerpt: As industries are rapidly being digitalized and information is being more heavily stored and transmitted online, the security of information has become a top priority in securing the use of online networks as a safe and effective platform. With the vast and diverse potential of artificial intelligence (AI) applications, it has become easier than ever to identify cyber vulnerabilities, potential threats, and the identification of solutions to these unique problems. The latest tools and technologies for AI applications have untapped potential that conventional systems and human security systems cannot meet, leading AI to be a frontrunner in the fight against malware, cyber-attacks, and various security issues. However, even with the tremendous progress AI has made within the sphere of security, it’s important to understand the impacts, implications, and critical issues and challenges of AI applications along with the many benefits and emerging trends in this essential field of security-based research. Research Anthology on Artificial Intelligence Applications in Security seeks to address the fundamental advancements and technologies being used in AI applications for the security of digital data and information. The included chapters cover a wide range of topics related to AI in security stemming from the development and design of these applications, the latest tools and technologies, as well as the utilization of AI and what challenges and impacts have been discovered along the way. This resource work is a critical exploration of the latest research on security and an overview of how AI has impacted the field and will continue to advance as an essential tool for security, safety, and privacy online. This book is ideally intended for cyber security analysts, computer engineers, IT specialists, practitioners, stakeholders, researchers, academicians, and students interested in AI applications in the realm of security research.

Download or read book Protocols for Authentication and Key Establishment written by Colin Boyd and published by Springer Nature. This book was released on 2019-11-06 with total page 521 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book is the most comprehensive and integrated treatment of the protocols required for authentication and key establishment. In a clear, uniform presentation the authors classify most protocols in terms of their properties and resource requirements, and describe all the main attack types, so the reader can quickly evaluate protocols for particular applications. In this edition the authors introduced new chapters and updated the text throughout in response to new developments and updated standards. The first chapter, an introduction to authentication and key establishment, provides the necessary background on cryptography, attack scenarios, and protocol goals. A new chapter, computational security models, describes computational models for key exchange and authentication and will help readers understand what a computational proof provides and how to compare the different computational models in use. In the subsequent chapters the authors explain protocols that use shared key cryptography, authentication and key transport using public key cryptography, key agreement protocols, the Transport Layer Security protocol, identity-based key agreement, password-based protocols, and group key establishment. The book is a suitable graduate-level introduction, and a reference and overview for researchers and practitioners with 225 concrete protocols described. In the appendices the authors list and summarize the relevant standards, linking them to the main book text when appropriate, and they offer a short tutorial on how to build a key establishment protocol. The book also includes a list of protocols, a list of attacks, a summary of the notation used in the book, general and protocol indexes, and an extensive bibliography.

Download or read book Design and Analysis of Security Protocol for Communication written by Dinesh Goyal and published by John Wiley & Sons. This book was released on 2020-02-11 with total page 368 pages. Available in PDF, EPUB and Kindle. Book excerpt: The purpose of designing this book is to discuss and analyze security protocols available for communication. Objective is to discuss protocols across all layers of TCP/IP stack and also to discuss protocols independent to the stack. Authors will be aiming to identify the best set of security protocols for the similar applications and will also be identifying the drawbacks of existing protocols. The authors will be also suggesting new protocols if any.

Download or read book A Pragmatic Introduction to Secure Multi Party Computation written by David Evans and published by Foundations and Trends (R) in Privacy and Security. This book was released on 2018-12-19 with total page 190 pages. Available in PDF, EPUB and Kindle. Book excerpt: Practitioners and researchers seeking a concise, accessible introduction to secure multi-party computation which quickly enables them to build practical systems or conduct further research will find this essential reading.

Download or read book Secure Computation from Hardware Assumptions written by Akshay Wadia and published by . This book was released on 2014 with total page 95 pages. Available in PDF, EPUB and Kindle. Book excerpt: Highly concurrent environments, like the Internet, present new challenges towards design of secure cryptographic protocols. Indeed, it is known that protocols proved secure in the so called `stand-alone' model, where a protocol is assumed to execute in isolation, are no longer secure in a concurrent environment. In fact, the case of arbitrary composition is so severe that no security can be achieved without an external secure set-up. Numerous such set-ups have been proposed in the literature, each with its own advantages and disadvantages. In this thesis, we study two new set-ups motivated by recent advances in secure hardware design: tamper-proof tokens, and physically uncloneable functions. For both set-ups, we provide universally composable protocols for general cryptographic tasks. Additionally, our protocols using tamper-proof tokens are information-theoretically secure, and non-interactive.

Download or read book Protocols for Authentication and Key Establishment written by Colin Boyd and published by Springer Science & Business Media. This book was released on 2013-03-09 with total page 343 pages. Available in PDF, EPUB and Kindle. Book excerpt: Protocols for authentication and key establishment are the foundation for security of communications. The range and diversity of these protocols is immense, while the properties and vulnerabilities of different protocols can vary greatly. This is the first comprehensive and integrated treatment of these protocols. It allows researchers and practitioners to quickly access a protocol for their needs and become aware of existing protocols which have been broken in the literature. As well as a clear and uniform presentation of the protocols this book includes a description of all the main attack types and classifies most protocols in terms of their properties and resource requirements. It also includes tutorial material suitable for graduate students.

Download or read book Authentication of Embedded Devices written by Basel Halak and published by Springer Nature. This book was released on 2021-01-22 with total page 192 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book provides comprehensive coverage of state-of-the-art integrated circuit authentication techniques, including technologies, protocols and emerging applications. The authors first discuss emerging solutions for embedding unforgeable identifies into electronics devices, using techniques such as IC fingerprinting, physically unclonable functions and voltage-over-scaling. Coverage then turns to authentications protocols, with a special focus on resource-constrained devices, first giving an overview of the limitation of existing solutions and then presenting a number of new protocols, which provide better physical security and lower energy dissipation. The third part of the book focuses on emerging security applications for authentication schemes, including securing hardware supply chains, hardware-based device attestation and GPS spoofing attack detection and survival. Provides deep insight into the security threats undermining existing integrated circuit authentication techniques; Includes an in-depth discussion of the emerging technologies used to embed unforgeable identifies into electronics systems; Offers a comprehensive summary of existing authentication protocols and their limitations; Describes state-of-the-art authentication protocols that provide better physical security and more efficient energy consumption; Includes detailed case studies on the emerging applications of IC authentication schemes.

Download or read book Synchronizing Internet Protocol Security SIPSec written by Charles A. Shoniregun and published by Springer Science & Business Media. This book was released on 2007-06-10 with total page 237 pages. Available in PDF, EPUB and Kindle. Book excerpt: Synchronizing Internet Protocol Security (SIPSec) focuses on the combination of theoretical investigation and practical implementation, which provides an in-depth understanding of the Internet Protocol Security (IPSec) framework. The standard internet protocol is completely unprotected, allowing hosts to inspect or modify data in transit. This volume identifies the security problems facing internet communication protocols along with the risks associated with internet connections. It also includes an investigative case study regarding the vulnerabilities that impair IPSec and proposes a SIPSec Model.

Download or read book Security Privacy and Anonymity in Computation Communication and Storage written by Guojun Wang and published by Springer. This book was released on 2019-07-10 with total page 332 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the refereed proceedings of six symposiums and two workshops co-located with SpaCCS 2019, the 12th International Conference on Security, Privacy, and Anonymity in Computation, Communication, and Storage. The 26 full papers were carefully reviewed and selected from 75 submissions. This year's symposiums and workshops are: SPIoT 2019 – Security and Privacy of Internet of Things; TSP 2019 – Trust, Security and Privacy for Emerging Applications; SCS 2019 – Sensor-Cloud Systems; UbiSafe 2019 – UbiSafe Computing; ISSR 2019 – Security in e-Science and e-Research; CMRM 2019 – Cybersecurity Metrics and Risk Modeling.

Download or read book Security of Ubiquitous Computing Systems written by Gildas Avoine and published by Springer Nature. This book was released on 2021-01-14 with total page 268 pages. Available in PDF, EPUB and Kindle. Book excerpt: The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license.

Download or read book Security Protocols written by Bruce Christianson and published by Springer. This book was released on 2003-06-30 with total page 266 pages. Available in PDF, EPUB and Kindle. Book excerpt: The Cambridge International Workshop on Security Protocols has now run for eight years. Each year we set a theme, focusing upon a speci?c aspect of security protocols, and invite position papers. Anybody is welcome to send us a position paper (yes, you are invited) and we don’t insist they relate to the current theme in an obvious way. In our experience, the emergence of the theme as a unifying threadtakesplaceduringthediscussionsattheworkshopitself.Theonlyground rule is that position papers should formulate an approach to some unresolved issues, rather than being a description of a ?nished piece of work. Whentheparticipantsmeet,wetrytofocusthediscussionsupontheconc- tual issues which emerge. Security protocols link naturally to many other areas of Computer Science, and deep water can be reached very quickly. Afterwards, we invite participants to re-draft their position papers in a way which exposes the emergent issues but leaves open the way to their further development. We also prepare written transcripts of the recorded discussions. These are edited (in some cases very heavily) to illustrate the way in which the di?erent arguments and perspectives have interacted. We publish these proceedings as an invitation to the research community. Although many interesting results ?rst see the light of day in a volume of our proceedings, laying claim to these is not our primary purpose of publication. Rather, we bring our discussions and insights to a wider audience in order to suggest new lines of investigation which the community may fruitfully pursue.

Download or read book Security Privacy and Anonymity in Computation Communication and Storage written by Guojun Wang and published by Springer. This book was released on 2019-07-10 with total page 506 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the refereed proceedings of the 12th International Conference on Security, Privacy, and Anonymity in Computation, Communication, and Storage, SpaCCS 2019, held in Atlanta, GA, USA in July 2019. The 37 full papers were carefully reviewed and selected from 109 submissions. The papers cover many dimensions including security algorithms and architectures, privacy-aware policies, regulations and techniques, anonymous computation and communication, encompassing fundamental theoretical approaches, practical experimental projects, and commercial application systems for computation, communication and storage.

Download or read book Theory and Practice of Cryptography and Network Security Protocols and Technologies written by Jaydip Sen and published by BoD – Books on Demand. This book was released on 2013-07-17 with total page 160 pages. Available in PDF, EPUB and Kindle. Book excerpt: In an age of explosive worldwide growth of electronic data storage and communications, effective protection of information has become a critical requirement. When used in coordination with other tools for ensuring information security, cryptography in all of its applications, including data confidentiality, data integrity, and user authentication, is a most powerful tool for protecting information. This book presents a collection of research work in the field of cryptography. It discusses some of the critical challenges that are being faced by the current computing world and also describes some mechanisms to defend against these challenges. It is a valuable source of knowledge for researchers, engineers, graduate and doctoral students working in the field of cryptography. It will also be useful for faculty members of graduate schools and universities.

Download or read book Towards Optimality in Secure Computation written by Saikrishna Badrinarayanan and published by . This book was released on 2019 with total page 202 pages. Available in PDF, EPUB and Kindle. Book excerpt: The need for Cryptography arises out of the following fundamental question: can we perform useful computation while ensuring that an adversary does not learn anything about our private sensitive data? The notion of secure multiparty computation (MPC) \cite{Yao82,GMW87} is a unifying framework for general secure protocols. MPC allows mutually distrusting parties to jointly evaluate any efficiently computable function on their private inputs in such a manner that each party does not learn anything beyond the output of the function. In this thesis, we study the question of building MPC protocols in various security models from standard cryptographic assumptions while minimizing the number of rounds of interaction amongst parties. In the first part of this thesis, (in a joint work with Vipul Goyal, Abhishek Jain, Yael Kalai, Dakshita Khurana and Amit Sahai, CRYPTO 2018) we construct the first round-optimal (i.e., four round) MPC protocol for general functions based on polynomially hard DDH (or QR or N$^{th}$-Residuosity) in the plain model where parties have access to no trusted setup. We further show how to overcome the four-round barrier for MPC by constructing a three-round protocol for ``list coin-tossing'' -- a slight relaxation of coin-tossing that suffices for most conceivable applications -- based on polynomially hard DDH (or QR or N$^{th}$-Residuosity). This result generalizes to randomized input-less functionalities. Previously, four round MPC protocols required sub-exponential-time hardness assumptions and no multi-party three-round protocols were known for any relaxed security notions with polynomial-time simulation against malicious adversaries. In order to build these protocols, we devise a new {\em partitioned simulation} technique for MPC where the simulator uses different strategies for simulating the view of aborting adversaries and non-aborting adversaries. The protagonist of this technique is a new notion of {\em promise zero knowledge} (ZK) where the ZK property only holds against non-aborting verifiers. We show how to realize promise ZK in three rounds in the simultaneous-message model assuming polynomially hard DDH (or QR or N$^{th}$-Residuosity). We also rely upon a new {\em leveled rewinding security} technique that can be viewed as a polynomial-time alternative to leveled complexity leveraging for achieving ``non-malleability'' across different primitives. Then, we also we study the round complexity of concurrently secure multi-party computation (MPC) with super-polynomial simulation (SPS) in the plain model (in a joint work with Vipul Goyal, Abhishek Jain, Dakshita Khurana and Amit Sahai, TCC 2017). In the plain model, there are known explicit attacks that show that concurrently secure MPC with polynomial simulation is impossible to achieve; SPS security is the most widely studied model for concurrently secure MPC in the plain model. We construct a three-round concurrent MPC with SPS security against Byzantine adversaries, assuming sub-exponentially secure DDH and LWE. Prior to our work, the best known round complexity for SPS concurrent MPC was around twenty, although to the best of our knowledge, no previous work even gave an approximation of the constant round complexity that is sufficient for concurrent MPC. In the second part of the thesis, (in a joint work with Abhishek Jain, Rafail Ostrovsky and Ivan Visconti, ASIACRYPT 2018), we study the problem of non-interactive secure computation in the stateless hardware token model where parties have access to physical hardware as part of a trusted setup phase. The notion of non-interactive secure computation (NISC) first introduced in the work of Ishai et al. [EUROCRYPT 2011] studies the following problem: Suppose a receiver $R$ wishes to publish an encryption of her secret input $y$ so that any sender $S$ with input $x$ can then send a message $m$ that reveals $f(x,y)$ to $R$ (for some function $f$). Here, $m$ can be viewed as an encryption of $f(x,y)$ that can be decrypted by $R$. NISC requires security against both malicious senders and receivers, and also requires the receiver's message to be reusable across multiple computations (w.r.t. a fixed input of the receiver). All previous solutions to this problem necessarily rely upon OT (or specific number-theoretic assumptions) even in the common reference string model or the random oracle model or to achieve weaker notions of security such as super-polynomial-time simulation. In this work, we construct a NISC protocol based on the minimal assumption of one way functions, in the stateless hardware token model. Our construction achieves UC security and requires a single token sent by the receiver to the sender.

Download or read book Applications of Secure Multiparty Computation written by P. Laud and published by IOS Press. This book was released on 2015-07-30 with total page 264 pages. Available in PDF, EPUB and Kindle. Book excerpt: We generate and gather a lot of data about ourselves and others, some of it highly confidential. The collection, storage and use of this data is strictly regulated by laws, but restricting the use of data often limits the benefits which could be obtained from its analysis. Secure multi-party computation (SMC), a cryptographic technology, makes it possible to execute specific programs on confidential data while ensuring that no other sensitive information from the data is leaked. SMC has been the subject of academic study for more than 30 years, but first attempts to use it for actual computations in the early 2000s – although theoretically efficient – were initially not practicable. However, improvements in the situation have made possible the secure solving of even relatively large computational tasks. This book describes how many different computational tasks can be solved securely, yet efficiently. It describes how protocols can be combined to larger applications, and how the security-efficiency trade-offs of different components of an SMC application should be chosen. Many of the results described in this book were achieved as part of the project Usable and Efficient Secure Multi-party Computation (UaESMC), which was funded by the European Commission. The book will be of interest to all those whose work involves the secure analysis of confidential data.

Download or read book Secure Computation in the Real World written by Antonio Marcedone and published by . This book was released on 2019 with total page 232 pages. Available in PDF, EPUB and Kindle. Book excerpt: Secure multiparty computation protocols allow multiple distrustful parties to jointly compute a function of their private data while both ensuring correctness of the results and maintaining maximum privacy. Recent progress in concretely efficient implementations has shown that these once theoretical tools are becoming mature enough to secure a variety of applications from cryptocurrencies and auctions to machine learning and medical diagnosis. However, there is still a gap between the requirements of many real world scenarios and the guarantees and performance offered by generic protocols. In this dissertation, I demonstrate how tailoring secure computation protocols to the requirements of specific applications can allow for efficient solutions that can be deployed today. In particular, I focus and improve upon the scalability and practicality of the following concrete applications: 1. Hardware wallets are small special purpose devices that are used to store the secret keys that allow users to control their cryptocurrency funds. Surprisingly, hardware wallets currently on the market provide little guarantees against an adversarial (malicious) manufacturer (or equivalently a compromised supply chain). This puts user funds at risk. Current solutions either provide vague and ad hoc security guarantees or rely on generic secure computation protocols that are not practical to use. We introduce a formal security model for hardware wallets that adequately captures the capability of an arbitrary adversary and design a concretely efficient solution by constructing a special purpose threshold signature scheme that meets this definition. 2. I investigate how to perform large-scale machine learning training on data held by thousands of mobile phones in a privacy-preserving way. Referred to as federated learning, this scenario presents unique challenges where mobile phones coordinate through a central server and have limited bandwidth and computational resources. Crucially, the situation demands that the computation proceeds to completion even if users drop out anytime due to network or other issues. To allow training models in this distributed scenario without leaking sensitive user data, we design and implement a new efficient Secure Aggregation protocol that provides strong privacy guarantees while less than doubling the communication necessary for training. Google is currently evaluating this scheme in the context of next-word prediction in their Android keyboard app. 3. I look at the more general problem of how to securely compute arithmetic functionalities. These include many tasks such as statistics, machine learning computations, and cryptographic primitives (e.g., threshold ECDSA operations which are useful for cryptocurrencies). While a lot of progress has been made in the context of securely evaluating boolean functions, significant bottlenecks remain for arithmetic functions. We design and implement a new protocol which can evaluate any arithmetic circuit with active security (i.e. secure against parties who can deviate from the protocol arbitrarily). The protocol can be built generically (black-box) using any passive (i.e. secure against an adversary who follows the protocol but tries to extract information from it) instantiation of a simpler building block referred to as the OLE functionality. Furthermore, it requires as little as two times more OLE invocations over what is currently needed by protocols that only achieve passive security. In contrast, previous works have either focused only on passive security or relied on concrete implementations of OLE functionality (often using not-well-know assumptions). Our experiments demonstrate that for a wide range of applications, our protocol outperforms the state of the art (TinyOLE and Overdrive) while relying on standard assumptions.