Principles of Security and Trust - Proceedings of the 3rd International Conference, POST 2014
In this paper we consider a problem of secured data transmission for low-power devices such as RFID (Radio Frequency IDentification) tags or some other devices for Internet of Things (IoT) for which low power consumption plays significant role. In fact, the privacy aspect involved with technology of RFID and IoT could become a major issue in the perspective of a global adoption. We considered well-known McEliece cryptosystems both in classical case (based on Goppa Codes) and based on Quasi-Cyclic Moderate-Density Parity-Check Codes (QC-MDPC) as a major security element of small and low-power devices. We also estimate a trade-off between complexity and security level of suggested system.
The volume contains proceedings of the XIII International symposium on problems of redundancy in information and control systems.
The volume is to contain the proceedings of the 13th conference AGCT as well as the proceedings of the conference Geocrypt. The conferences focus on various aspects of arithmetic and algebraic geometry, number theory, coding theory and cryptography. The main topics discussed at conferences include the theory of curves over finite fields, theory of abelian varieties both over global and finite fields, theory of zeta-functions and L-functions, asymptotic problems in number theory and algebraic geometry, algorithmic aspects of the theory of curves and abelian varieties, the theory of error-correcting coding and particularly that of algebro-geometric codes, cryptographic issues related to algebraic curves and abelian varieties.
Mobile social networks (MSNs) are the networks of individuals with similar interests connected to each other through their mobile devices. Recently, MSNs are proliferating fast supported by emerging wireless technologies that allow to achieve more efficient communication and better networking performance across the key parameters, such as lower delay, higher data rate, and better coverage. At the same time, most of the MSN users do not fully recognize the importance of security on their handheld mobile devices. Due to this fact, multiple attacks aimed at capturing personal information and sensitive user data become a growing concern, fueled by the avalanche of new MSN applications and services. Therefore, the goal of this work is to understand whether the contemporary user equipment is susceptible to compromising its sensitive information to the attackers. As an example, various information security algorithms implemented in modern smartphones are thus tested to attempt the extraction of the said private data based on the traces registered with inexpensive contemporary audio cards. Our obtained results indicate that the sampling frequency, which constitutes the strongest limitation of the off-the-shelf side-channel attack equipment, only delivers low-informative traces. However, the success chances to recover sensitive data stored within a mobile device may increase significantly when utilizing more efficient analytical techniques as well as employing more complex attack equipment. Finally, we elaborate on the possible utilization of neural networks to improve the corresponding encrypted data extraction process, while the latter part of this paper outlines solutions and practical recommendations to protect from malicious side-channel attacks and keep the personal user information protected.
In 1992, A. Hiltgen provided first constructions of provably (slightly) secure cryptographic primitives, namely feebly one-way functions. These functions are provably harder to invert than to compute, but the complexity (viewed as the circuit complexity over circuits with arbitrary binary gates) is amplified only by a constant factor (in Hiltgen’s works, the factor approaches 2). In traditional cryptography, one-way functions are the basic primitive of private-key schemes, while public-key schemes are constructed using trapdoor functions. We continue Hiltgen’s work by providing examples of feebly secure trapdoor functions where the adversary is guaranteed to spend more time than honest participants (also by a constant factor). We give both a (simpler) linear and a (better) non-linear construction.
Recent work on structure-preserving signatures studies optimality of these schemes in terms of the number of group elements needed in the verification key and the signature, and the number of pairing-product equations in the verification algorithm. While the size of keys and signatures is crucial for many applications, another important aspect to consider for performance is the time it takes to verify a given signature. By far, the most expensive operation during verification is the computation of pairings. However, the concrete number of pairings that one needs to compute is not captured by the number of pairing-product equations considered in earlier work. To fill this gap, we consider the question of what is the minimal number of pairings that one needs to compute in the verification of structure-preserving signatures. First, we prove lower bounds for schemes in the Type II setting that are secure under chosen message attacks in the generic group model, and we show that three pairings are necessary and that at most one of these pairings can be precomputed. We also extend our lower bound proof to schemes secure under random message attacks and show that in this case two pairings are still necessary. Second, we build an automated tool to search for schemes matching our lower bounds. The tool can generate automatically and exhaustively all valid structure-preserving signatures within a user-specified search space, and analyze their (bounded) security in the generic group model. Interestingly, using this tool, we find a new randomizable structure-preserving signature scheme in the Type II setting that is optimal with respect to the lower bound on the number of pairings, and also minimal with respect to the number of group operations that have to be computed during verification.
Today, direct contacts between users are being facilitated by the network-assisted device-to-device (D2D) technology, which employs the omnipresent cellular infrastructure for the purposes of control to facilitate advanced mobile social applications. Together with its undisputed benefits, this novel type of connectivity creates new challenges in constructing meaningful proximity-based services with high levels of user adoption. They call for a comprehensive investigation of user sociality and trust factors jointly with the appropriate technology enablers for secure and trusted D2D communications, especially in the situations where cellular control is not available or reliable at all times. In this paper, we study the crucial aspects of social trust associations over proximity-based direct communications technology, with a primary focus on developing a comprehensive proof-of-concept implementation. Our recently developed prototype delivers rich functionality for dynamic management of security functions in proximate devices, whenever a new device joins a secure group of users or an existing one leaves it. To characterize the behavior of our implemented demonstrator, we evaluate its practical performance in terms of computation and transmission delays from the user perspective. In addition, we outline a research roadmap leveraging our technology-related findings to construct a holistic user perspective behind dynamic, social-aware, and trusted D2D applications and services.