Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 12 of 12
Full-Text Articles in Physical Sciences and Mathematics
Blockchain Based Access Control For Enterprise Blockchain Applications, Lei Xu, Isaac Markus, Subhod I, Nikhil Nayab
Blockchain Based Access Control For Enterprise Blockchain Applications, Lei Xu, Isaac Markus, Subhod I, Nikhil Nayab
Computer Science Faculty Publications and Presentations
Access control is one of the fundamental security mechanisms of IT systems. Most existing access control schemes rely on a centralized party to manage and enforce access control policies. As blockchain technologies, especially permissioned networks, find more applicability beyond cryptocurrencies in enterprise solutions, it is expected that the security requirements will increase. Therefore, it is necessary to develop an access control system that works in a decentralized environment without compromising the unique features of a blockchain. A straightforward method to support access control is to deploy a firewall in front of the enterprise blockchain application. However, this approach does not …
Kcrs: A Blockchain-Based Key Compromise Resilient Signature System, Lei Xu, Lin Chen, Zhimin Gao, Xinxin Fan, Kimberly Doan, Shouhuai Xu, Weidong Shi
Kcrs: A Blockchain-Based Key Compromise Resilient Signature System, Lei Xu, Lin Chen, Zhimin Gao, Xinxin Fan, Kimberly Doan, Shouhuai Xu, Weidong Shi
Computer Science Faculty Publications and Presentations
Digital signatures are widely used to assure authenticity and integrity of messages (including blockchain transactions). This assurance is based on assumption that the private signing key is kept secret, which may be exposed or compromised without being detected in the real world. Many schemes have been proposed to mitigate this problem, but most schemes are not compatible with widely used digital signature standards and do not help detect private key exposures. In this paper, we propose a Key Compromise Resilient Signature (KCRS) system, which leverages blockchain to detect key compromises and mitigate the consequences. Our solution keeps a log of …
The Information Disclosure Trilemma: Privacy, Attribution And Dependency, Ping Fan Ke
The Information Disclosure Trilemma: Privacy, Attribution And Dependency, Ping Fan Ke
Research Collection School Of Computing and Information Systems
Information disclosure has been an important mechanism to increase transparency and welfare in various contexts, from rating a restaurant to whistleblowing the wrongdoing of government agencies. Yet, the author often needs to be sacrificed during information disclosure process – an anonymous disclosure will forgo the reputation and compensation whereas an identifiable disclosure will face the threat of retaliation. On the other hand, the adoption of privacy-enhancing technologies (PETs) lessens the tradeoff between privacy and attribution while introducing dependency and potential threats. This study will develop the desirable design principles and possible threats of an information disclosure system, and discuss how …
Using Vibrations From A Smartring As An Out-Of-Band Channel For Sharing Secret Keys, Sougata Sen, Varun Mishra, David Kotz
Using Vibrations From A Smartring As An Out-Of-Band Channel For Sharing Secret Keys, Sougata Sen, Varun Mishra, David Kotz
Dartmouth Scholarship
With the rapid growth in the number of Internet of Things (IoT) devices with wireless communication capabilities, and sensitive information collection capabilities, it is becoming increasingly necessary to ensure that these devices communicate securely with only authorized devices. A major requirement of this secure communication is to ensure that both the devices share a secret, which can be used for secure pairing and encrypted communication. Manually imparting this secret to these devices becomes an unnecessary overhead, especially when the device interaction is transient. In this work, we empirically investigate the possibility of using an out-of-band communication channel – vibration, generated …
A Lattice-Based Linkable Ring Signature Supporting Stealth Addresses, Zhen Liu, Khoa Nguyen, Guomin Yang, Huaxiong Wang, Duncan S. Wong
A Lattice-Based Linkable Ring Signature Supporting Stealth Addresses, Zhen Liu, Khoa Nguyen, Guomin Yang, Huaxiong Wang, Duncan S. Wong
Research Collection School Of Computing and Information Systems
First proposed in CryptoNote, a collection of popular privacy-centric cryptocurrencies have employed Linkable Ring Signature and a corresponding Key Derivation Mechanism (KeyDerM) for keeping the payer and payee of a transaction anonymous and unlinkable. The KeyDerM is used for generating a fresh signing key and the corresponding public key, referred to as a stealth address, for the transaction payee. The stealth address will then be used in the linkable ring signature next time when the payee spends the coin. However, in all existing works, including Monero, the privacy model only considers the two cryptographic primitives separately. In addition, to be …
Key-Insulated And Privacy-Preserving Signature Scheme With Publicly Derived Public Key, Zhen Liu, Guomin Yang, Duncan S. Wong, Khoa Nguyen, Huaxiong Wang
Key-Insulated And Privacy-Preserving Signature Scheme With Publicly Derived Public Key, Zhen Liu, Guomin Yang, Duncan S. Wong, Khoa Nguyen, Huaxiong Wang
Research Collection School Of Computing and Information Systems
Since the introduction of Bitcoin in 2008, cryptocurrency has been undergoing a quick and explosive development. At the same time, privacy protection, one of the key merits of cryptocurrency, has attracted much attention by the community. A deterministic wallet algorithm and a stealth address algorithm have been widely adopted in the community, due to their virtues on functionality and privacy protection, which come from a key derivation mechanism that an arbitrary number of derived keys can be generated from a master key. However, these algorithms suffer a vulnerability. In particular, when a minor fault happens (say, one derived key is …
Efficient, Effective, And Realistic Website Fingerprinting Mitigation, Weiqi Cui, Jiangmin Yu, Yanmin Gong, David Chan-Tin
Efficient, Effective, And Realistic Website Fingerprinting Mitigation, Weiqi Cui, Jiangmin Yu, Yanmin Gong, David Chan-Tin
Computer Science: Faculty Publications and Other Works
Website fingerprinting attacks have been shown to be able to predict the website visited even if the network connection is encrypted and anonymized. These attacks have achieved accuracies as high as 92%. Mitigations to these attacks are using cover/decoy network traffic to add noise, padding to ensure all the network packets are the same size, and introducing network delays to confuse an adversary. Although these mitigations have been shown to be effective, reducing the accuracy to 10%, the overhead is high. The latency overhead is above 100% and the bandwidth overhead is at least 30%. We introduce a new realistic …
A New Network Model For Cyber Threat Intelligence Sharing Using Blockchain Technology, Daire Homan, Ian Shiel, Christina Thorpe
A New Network Model For Cyber Threat Intelligence Sharing Using Blockchain Technology, Daire Homan, Ian Shiel, Christina Thorpe
Conference Papers
The aim of this research is to propose a new blockchain network model that facilitates the secure dissemination of Cyber Threat Intelligence (CTI) data. The primary motivations for this study are based around the recent changes to information security legislation in the European Union and the challenges that Computer Security and Incident Response Teams (CSIRT) face when trying to share actionable and highly sensitive data within systems where participants do not always share the same interests or motivations. We discuss the common problems within the domain of CTI sharing and we propose a new model, that leverages the security properties …
Cyber Security Awareness Among College Students, Abbas Moallem
Cyber Security Awareness Among College Students, Abbas Moallem
Faculty Publications
This study reports the early results of a study aimed to investigate student awareness and attitudes toward cyber security and the resulting risks in the most advanced technology environment: the Silicon Valley in California, USA. The composition of students in Silicon Valley is very ethnically diverse. The objective was to see how much the students in such a tech-savvy environment are aware of cyber-attacks and how they protect themselves against them. The early statistical analysis suggested that college students, despite their belief that they are observed when using the Internet and that their data is not secure even on university …
Privacy-Preserving Attribute-Based Keyword Search In Shared Multi-Owner Setting, Yibin Miao, Ximeng Liu, Robert H. Deng, Robert H. Deng, Jjguo Li, Hongwei Li, Jianfeng Ma
Privacy-Preserving Attribute-Based Keyword Search In Shared Multi-Owner Setting, Yibin Miao, Ximeng Liu, Robert H. Deng, Robert H. Deng, Jjguo Li, Hongwei Li, Jianfeng Ma
Research Collection Yong Pung How School Of Law
Ciphertext-Policy Attribute-Based Keyword Search (CP-ABKS) facilitates search queries and supports fine-grained access control over encrypted data in the cloud. However, prior CP-ABKS schemes were designed to support unshared multi-owner setting, and cannot be directly applied in the shared multi-owner setting (where each record is accredited by a fixed number of data owners), without incurring high computational and storage costs. In addition, due to privacy concerns on access policies, most existing schemes are vulnerable to off-line keyword-guessing attacks if the keyword space is of polynomial size. Furthermore, it is difficult to identify malicious users who leak the secret keys when more …
"Anon What What?": Children's Understanding Of The Language Of Privacy, Stacy Black, Rezvan Joshaghani, Dhanush Kumar Ratakonda, Hoda Mehrpouyan, Jerry Alan Fails
"Anon What What?": Children's Understanding Of The Language Of Privacy, Stacy Black, Rezvan Joshaghani, Dhanush Kumar Ratakonda, Hoda Mehrpouyan, Jerry Alan Fails
Computer Science Faculty Publications and Presentations
Internet usage continues to increase among children ages 12 and younger. Because their digital interactions can be persistently stored, there is a need for building an understanding and foundational knowledge of privacy. We describe initial investigations into children’s understanding of privacy from a Contextual Integrity (CI) perspective by conducting semi-structured interviews. We share results – that echo what others have shown – that indicate children have limited knowledge and understanding of CI principles. We also share an initial exploration of utilizing participatory design theater as a possible educational mechanism to help children develop a stronger understanding of important privacy principles.
Integration Of Biometrics And Steganography: A Comprehensive Review, Ian Mcateer, Ahmed Ibrahim, Guanglou Zhang, Wencheng Yang, Craig Valli
Integration Of Biometrics And Steganography: A Comprehensive Review, Ian Mcateer, Ahmed Ibrahim, Guanglou Zhang, Wencheng Yang, Craig Valli
Research outputs 2014 to 2021
The use of an individual’s biometric characteristics to advance authentication and verification technology beyond the current dependence on passwords has been the subject of extensive research for some time. Since such physical characteristics cannot be hidden from the public eye, the security of digitised biometric data becomes paramount to avoid the risk of substitution or replay attacks. Biometric systems have readily embraced cryptography to encrypt the data extracted from the scanning of anatomical features. Significant amounts of research have also gone into the integration of biometrics with steganography to add a layer to the defence-in-depth security model, and this has …