Open Access. Powered by Scholars. Published by Universities.®

Science and Technology Studies Commons

Open Access. Powered by Scholars. Published by Universities.®

Professor Willy Susilo

Secure

Articles 1 - 8 of 8

Full-Text Articles in Science and Technology Studies

Leakage Resilient Authenticated Key Exchange Secure In The Auxiliary Input Model, Guomin Yang, Yi Mu, Willy Susilo, Duncan S. Wong Mar 2014

Leakage Resilient Authenticated Key Exchange Secure In The Auxiliary Input Model, Guomin Yang, Yi Mu, Willy Susilo, Duncan S. Wong

Professor Willy Susilo

Authenticated key exchange (AKE) protocols allow two parties communicating over an insecure network to establish a common secret key. They are among the most widely used cryptographic protocols in practice. In order to resist key-leakage attacks, several leakage resilient AKE protocols have been proposed recently in the bounded leakage model. In this paper, we initiate the study on leakage resilient AKE in the auxiliary input model. A promising way to construct such a protocol is to use a digital signature scheme that is entropically-unforgeable under chosen message and auxiliary input attacks. However, to date we are not aware of any ...


On The Security Of Auditing Mechanisms For Secure Cloud Storage, Yong Yu, Lei Niu, Guomin Yang, Yi Mu, Willy Susilo Mar 2014

On The Security Of Auditing Mechanisms For Secure Cloud Storage, Yong Yu, Lei Niu, Guomin Yang, Yi Mu, Willy Susilo

Professor Willy Susilo

Cloud computing is a novel computing model that enables convenient and on-demand access to a shared pool of configurable computing resources. Auditing services are highly essential to make sure that the data is correctly hosted in the cloud. In this paper, we investigate the active adversary attacks in three auditing mechanisms for shared data in the cloud, including two identity privacy-preserving auditing mechanisms called Oruta and Knox, and a distributed storage integrity auditing mechanism. We show that these schemes become insecure when active adversaries are involved in the cloud storage. Specifically, an active adversary can arbitrarily alter the cloud data ...


Secure Single Sign-On Schemes Constructed From Nominative Signatures, Jingquan Wang, Guilin Wang, Willy Susilo Mar 2014

Secure Single Sign-On Schemes Constructed From Nominative Signatures, Jingquan Wang, Guilin Wang, Willy Susilo

Professor Willy Susilo

Single Sign-on (SSO) allows users to only log on once and then access different services via automatic authentication by using the same credential. However, most existing SSO schemes do not satisfy security notions or require a high trust level on a trusted third party (TTP), even though SSO has become popular in new distributed systems and computer networks. Motivated by this fact, we formalise a new security model of single sign-on, which not only satisfies strong security notions but also has a low trust level on TTP. We then propose a generic construction of SSO from nominative signatures, and present ...


Robust Distributed Privacy-Preserving Secure Aggregation In Vehicular Communication, Bo Qin, Qianhong Wu, Josep Domingo-Ferrer, Willy Susilo Mar 2014

Robust Distributed Privacy-Preserving Secure Aggregation In Vehicular Communication, Bo Qin, Qianhong Wu, Josep Domingo-Ferrer, Willy Susilo

Professor Willy Susilo

Vehicular ad hoc networks (VANETs), formed by computers embedded in vehicles and the traffic infrastructure, are expected to develop in the near future to improve traffic safety and efficiency. To this end, VANETs should be designed to be resistant against various abuses and attacks. In this paper, we first review the existing proposals to provide security, privacy, and data aggregation in vehicle-to-vehicle communication. We then address the fundamental issue of achieving these conflicting properties in a unified solution, having observed that separate efforts cannot fulfill the VANET design objectives. A set of new mechanisms are suggested for efficiently managing identities ...


A Secure And Effective Anonymous User Authentication Scheme For Roaming Service In Global Mobility Networks, Fentong Wen, Willy Susilo, Guomin Yang Mar 2014

A Secure And Effective Anonymous User Authentication Scheme For Roaming Service In Global Mobility Networks, Fentong Wen, Willy Susilo, Guomin Yang

Professor Willy Susilo

In global mobility networks, anonymous user authentication is an essential task for enabling roaming service. In a recent paper, Jiang et al. proposed a smart card based anonymous user authentication scheme for roaming service in global mobility networks. This scheme can protect user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Jiang et al.'s scheme, and show that the scheme is in fact insecure against the stolen-verifier attack and replay attack. Then ...


Secure Rfid Ownership Transfer Protocols, Nan Li, Yi Mu, Willy Susilo, Vijay Varadharajan Mar 2014

Secure Rfid Ownership Transfer Protocols, Nan Li, Yi Mu, Willy Susilo, Vijay Varadharajan

Professor Willy Susilo

An RFID tag could change hands many times during its lifetime. In a retail chain, the ownership of the tag is instituted by the supplier who initially owns the tag. In the view of a buyer, the validity of the current tag ownership and the originality of supplier are most important. In typical RFID ownership transfer protocols, the knowledge of the tag's authentication key proves the ownership. However, it is insufficient against an active attacker, since tags are usually lack of tamper-proof protections. Ownership transfer relies on a successful verification of tag's supplier and current ownership. In this ...


(Strong) Multi-Designated Verifiers Signatures Secure Against Rogue Key Attack, Yunmei Zhang, Man Ho Allen Au, Guomin Yang, Willy Susilo Mar 2014

(Strong) Multi-Designated Verifiers Signatures Secure Against Rogue Key Attack, Yunmei Zhang, Man Ho Allen Au, Guomin Yang, Willy Susilo

Professor Willy Susilo

Designated verifier signatures (DVS) allow a signer to create a signature whose validity can only be verified by a specific entity chosen by the signer. In addition, the chosen entity, known as the designated verifier, cannot convince any body that the signature is created by the signer. Multi-designated verifiers signatures (MDVS) are a natural extension of DVS in which the signer can choose multiple designated verifiers. DVS and MDVS are useful primitives in electronic voting and contract signing. In this paper, we investigate various aspects of MDVS and make two contributions. Firstly, we revisit the notion of unforgeability under rogue ...


Public Key Encryption With Keyword Search Secure Against Keyword Guessing Attacks Without Random Oracle, Liming Fang, Willy Susilo, Chunpeng Ge, Jiandong Wang Mar 2014

Public Key Encryption With Keyword Search Secure Against Keyword Guessing Attacks Without Random Oracle, Liming Fang, Willy Susilo, Chunpeng Ge, Jiandong Wang

Professor Willy Susilo

The notion of public key encryption with keyword search (PEKS) was put forth by Boneh et al. to enable a server to search from a collection of encrypted emails given a “trapdoor” (i.e., an encrypted keyword) provided by the receiver. The nice property in this scheme allows the server to search for a keyword, given the trapdoor. Hence, the verifier can merely use an untrusted server, which makes this notion very practical. Following Boneh et al.’s work, there have been subsequent works that have been proposed to enhance this notion. Two important notions include the so-called keyword guessing ...