SECRYPT 2019 Abstracts

Full Papers

Paper Nr:	1
Title:	High-performance Pipelined FPGA Implementation of the Elliptic Curve Cryptography over GF (2n)
Authors:	Salah Harb, M. O. Ahmad and M. S. Swamy
Abstract:	In this paper, a high-performance area-efficient hardware design for the Elliptic Curve Cryptography (ECC) is presented, targeting the area-constrained high-bandwidth embedded applications. The high-speed design is implemented using pipelining architecture. The applied architecture is performed using n-bit data path of the finite field GF(2n). For the finite field operations, the implementation in the ECC uses the bit-parallel recursive Karatsuba-Ofman algorithm for multiplication and Itoh-Tsuji for inversion. A modified efficient montgomery ladder algorithm is utilized for the scalar multiplication of a point. The pipelined registers are inserted in ideal locations, where balanced-execution paths among computing components are guaranteed. A Memory-less finite state machine model is developed to control the instructions of computing the finite field operations efficiently. The high-performance design has been implemented using Xilinx Virtex, Kintex and Artix FPGA devices. It can perform a single scalar multiplication in 226 clock cycles within 0.63µs using 2780 slices and 360Mhz working frequency on Virtex-7 over GF (2163). In GF (2233) and GF (2571), a scalar multiplication can be computed in 327 and 674 clock cycles within 1.05µs and 2.32µs, respectively. Comparing with previous works, our design requires less number of clock cycles, and operates using less FPGA resources with competitive high working frequencies. Therefore, the proposed design is well suited in the resources-constrained real time cryptosystems like those in online banking services, wearable smart devices and network attached storages.
Download

Paper Nr:	4
Title:	I Want to Break Square-free: The 4p − 1 Factorization Method and Its RSA Backdoor Viability
Authors:	Vladimir Sedlacek, Dusan Klinec, Marek Sys, Petr Svenda and Vashek Matyas
Abstract:	We analyze Cheng’s 4p − 1 factorization method as the means of a potential backdoor for the RSA primes generated inside black-box devices like cryptographic smartcards. We devise three detection methods for such a backdoor and also audit 44 millions of RSA keypairs generated by 18 different types of cryptographic devices. Finally, we present an improved, simplified and asymptotically deterministic version of the method, together with a deeper analysis of its performance and we offer a public implementation written in Sage.
Download

Paper Nr:	16
Title:	Enriching Threat Intelligence Platforms Capabilities
Authors:	Mario Faiella, Gustavo Gonzalez-Granadillo, Ibéria Medeiros, Rui Azevedo and Susana Gonzalez-Zarzosa
Abstract:	One of the weakest points in actual security detection and monitoring systems is the data retrieval from Open Source Intelligence (OSINT), as well as how this kind of information should be processed and normalized, considering their unstructured nature. This cybersecurity related information (e.g., Indicator of Compromise - IoC) is obtained from diverse and different sources and collected by Threat Intelligence Platforms (TIPs). In order to improve its quality, such information should be correlated with real-time data coming from the monitored infrastructure, before being further analyzed and shared. In this way, it could be prioritized, allowing a faster incident detection and response. This paper presents an Enriched Threat Intelligence Platform as a way to extend import, quality assessment processes, and information sharing capabilities in current TIPs. The platform receives structured cyber threat information from multiple sources, and performs the correlation among them with both static and dynamic data coming from the monitored infrastructure. This allows the evaluation of a threat score through heuristic-based analysis, used for enriching the information received from OSINT and other sources. The final result, expressed in a well defined format, is sent to external entities, which is further used for monitoring and detecting incidents (e.g., SIEMs), or for more in-depth analysis, and shared with trusted organizations.
Download

Paper Nr:	20
Title:	Efficient Secure Floating-point Arithmetic using Shamir Secret Sharing
Authors:	Octavian Catrina
Abstract:	Successful deployment of privacy preserving collaborative applications, like statistical analysis, benchmarking, and optimizations, requires more efficient secure computation with real numbers. We present a complete family of protocols for secure floating-point arithmetic, constructed using a small set of building blocks that preserve data privacy using well known primitives based on Shamir secret sharing and related cryptographic techniques. Using new building blocks and optimizations and simpler secure fixed-point arithmetic, we obtain floating-point protocols with substantially improved efficiency.
Download

Paper Nr:	22
Title:	BEARZ Attack FALCON: Implementation Attacks with Countermeasures on the FALCON Signature Scheme
Authors:	Sarah McCarthy, James Howe, Neil Smyth, Séamus Brannigan and Máire O’Neill
Abstract:	Post-quantum cryptography is an important and growing area of research due to the threat of quantum computers, as recognised by the National Institute of Standards and Technology (NIST) recent call for standardisation. FALCON is a lattice-based signature candidate submitted to NIST, which has good performance but lacks in research with respect to implementation attacks and resistance. This research proposes the first fault attack analysis of FALCON and finds its lattice trapdoor sampler is as vulnerable to fault attacks as the GPV sampler used in alternative signature schemes. We simulate the post-processing component of this fault attack and achieve a 100% success rate at retrieving the private-key. This research then proposes an evaluation of countermeasures to prevent this fault attack and timing attacks of FALCON. We provide cost evaluations on the overheads of the proposed countermeasures which shows that FALCON has only up to 30% deterioration in performance of its key generation, and only 5% in signing, compared to runtimes without countermeasures.
Download

Paper Nr:	23
Title:	On the Energy Consumption of Quantum-resistant Cryptographic Software Implementations Suitable for Wireless Sensor Networks
Authors:	Michael Heigl, Laurin Doerr, Martin Schramm and Dalibor Fiala
Abstract:	For an effective protection of the communication in Wireless Sensor Networks (WSN) facing e.g. threats by quantum computers in the near future, it is necessary to examine the applicability of quantum-resistant mechanisms in this field. It is the aim of this article to survey possible candidate schemes utilizable on sensor nodes and to compare the energy consumption of a selection of freely-available software implementations using a WSN-ready Texas Instruments CC1350 LaunchPad ARM® Cortex®-M3 microcontroller board.
Download

Paper Nr:	31
Title:	A New Certificateless System Construction for Multiple Key Generator Centers to Secure Device-to-Device Communications
Authors:	Othmane N. Hamoud, Tayeb Kenaza and Yacine Challal
Abstract:	Device-to-Device (D2D) communication technology comes as one brick among many others in the construction of the evolving fifth generation system (5G) architecture. The Third Generation Partnership Project (3GPP) standardized D2D communication technology under the Proximity Services (ProSe) proposal. This technology allows enabling direct communication between proximate devices without passing through an infrastructure network. Security of D2D communications must be assured in all scenarios according to whether communication control is ensured by the Evolved Packet System (EPS) or the devices themselves. Certificateless public key cryptography (CL-PKC) is an interesting solution for securing D2D communications. In this paper, we propose a new CL-PKC construction to overcome security issues in all scenarios related to D2D communications and to deal with inherent conflicting security requirements between privacy, anonymity, and traceability by the use of multiple Key Generator Centers (KGCs). This was considered particularly as responsibility decentralization between stakeholders to respond the fully mistrust assumption regarding KGCs. Furthermore, the proposed CL-PKC system can give different networks the opportunity to be compatible and to work cooperatively.
Download

Paper Nr:	36
Title:	A Comparative Study of Misapplied Crypto in Android and iOS Applications
Authors:	Johannes Feichtner
Abstract:	Many applications for Android and iOS process sensitive data and, therefore, rely on cryptographic APIs natively provided by the operating system. For this to be effective, essential rules need to be obeyed, as otherwise the attainable level of security would be weakened or entirely defeated. In this paper, we inspect the differences between Android and iOS concerning the proper usage of platform-specific APIs for cryptography. For both platforms, we present concrete strategies to detect critical mistakes and introduce a new framework for Android that excels in pinpointing the origin of problematic security attributes. Applied on real-world apps with cryptography, we find that out of 775 investigated apps that vendors distribute for both Android and iOS, 604 apps for iOS (78%) and 538 apps for Android (69%) suffer from at least one security misconception.
Download

Paper Nr:	44
Title:	BTG-RKASE: Privacy Preserving Revocable Key Aggregate Searchable Encryption with Fine-grained Multi-delegation & Break-The-Glass Access Control
Authors:	Mukti Padhya and Devesh C. Jinwala
Abstract:	Delegation is the technique of sharing the available rights from the delegator to the delegatee for the purpose data sharing. The Key Aggregate Searchable Encryption (KASE) scheme supports delegation of search rights for any set of ciphertexts using a key of constant-size. However, three critical issues still need to be considered. Firstly, the existing KASE schemes only discuss delegation of rights from the data owner to other user. However, if a subject receiving a delegation cannot perform time-critical task on the shared data, it becomes necessary for the delegatee to further delegate their received rights to another user. Secondly, the existing delegation mechanisms tend to rely on manual processes initiated by end-users. If no authorized user exists to perform (or to delegate) a time-critical task, in such exceptional case, we require mechanism that flexibly handles emergency situations by breaking or by controlled overriding of the standard access permissions. Thirdly, the access of user in the system changes dynamically and it requires KASE to support user revocation securely while not affecting the legitimate users’ access to the shared files. To address all of the above issues, we propose Revocable KASE with Break-The-Glass access control (BTG-RKASE) to provide (i)fine-grained multi-delegation of available rights from the delegatee to another user,(ii)break-the-glass access mechanism when no authorized user exists to perform (or to delegate) a time-critical task,(iii)revocation of delegated rights (even in case of multi-delegation). The security and empirical analysis shows that BTG-RKASE performs better than the existing KASE schemes.
Download

Paper Nr:	45
Title:	An Investigation into the “Beautification” of Security Ceremonies
Authors:	Giampaolo Bella, Karen Renaud, Diego Sempreboni and Luca Viganò
Abstract:	“Beautiful Security” is a paradigm that requires security ceremonies to contribute to the ‘beauty’ of a user experience. The underlying assumption is that people are likely to be willing to engage with more beautiful security ceremonies. It is hoped that such ceremonies will minimise human deviations from the prescribed interaction, and that security will be improved as a consequence. In this paper, we explain how we went about deriving beautification principles, and how we tested the efficacy of these by applying them to specific security ceremonies. As a first step, we deployed a crowd-sourced platform, using both explicit and metaphorical questions, to extract general aspects associated with the perception of the beauty of real-world security mechanisms. This resulted in the identification of four beautification design guidelines. We used these to beautify the following existing security ceremonies: Italian voting, user-to-laptop authentication, password setup and EU premises access. To test the efficacy of our guidelines, we again leveraged crowd-sourcing to determine whether our “beautified” ceremonies were indeed perceived to be more beautiful than the original ones. The results of this initial foray into the beautification of security ceremonies delivered promising results, but must be interpreted carefully.
Download

Paper Nr:	47
Title:	Universal Encoding for Provably Irreversible Data Erasing
Authors:	Marek Klonowski, Tomasz Strumiński and Małgorzata Sulkowska
Abstract:	One of the most important assumptions in computer security research is that one can permanently delete some data in such a way that no party can retrieve it. In real-life systems this postulate is realized dependently on the specific device used for storing data. In some cases (e.g., magnetic discs) the deletion/erasing is done by overwriting the data to be erased by new one. Many evidence suggest that such procedure may be not sufficient and the attacker armed with advanced microscopic technology is capable in many cases of retrieving data overwritten even many times. In this paper we present a method that provides provable, permanent and irreversible deletion of stored bits based solely on special encoding and processing of data. More precisely the adversary learns nothing about deleted data whp. The security guarantees hold even if the attacker is capable of getting bit-strings overwritten many times. Moreover, in contrast to some previous research, we do not restrict type of data to be deleted.
Download

Paper Nr:	53
Title:	OC-ORAM: Constant Bandwidth ORAM with Smaller Block Size using Oblivious Clear Algorithm
Authors:	Linru Zhang, Gongxian Zeng, Yuechen Chen, Nairen Cao, Siu-Ming Yiu and Zheli Liu
Abstract:	Oblivious RAM has been studied extensively. A recent direction is to allow the server to perform computations instead of being a storage device only. This model substantially reduces the communication between the server and the client, making constant bandwidth communication (the number of blocks transmitted) feasible. It is obvious that the larger the block size, the easier it is to construct a constant bandwidth ORAM scheme. Also, a lower bound of sub-logarithmic bandwidth was given if we do not use expensive homomorphic multiplications. The question of “whether constant bandwidth with smaller block size without homomorphic multiplications is achievable” remains open. In this paper, we show that the block can be further reduced to O(log3N) using only additive homomorphic operations. Technically, we design a non-trivial oblivious clear algorithm with very small bandwidth to improve the eviction algorithm in ORAM for which the lower bound proof does not apply. As an additional benefit, we are able to reduce the server storage due to the reduction in bucket size.
Download

Paper Nr:	54
Title:	What Are the Threats? (Charting the Threat Models of Security Ceremonies)
Authors:	Diego Sempreboni, Giampaolo Bella, Rosario Giustolisi and Luca Viganò
Abstract:	We address the fundamental question of what are, and how to define, the threat models for a security protocol and its expected human users, the latter pair forming a heterogeneous system that is typically called a security ceremony. Our contribution is the systematic definition of an encompassing method to build the full threat model chart for security ceremonies, from which one can conveniently reify the specific threat models of interest for the ceremony under consideration. For concreteness, we demonstrate the application of the method on three ceremonies that have already been considered in the literature: MP-Auth, Opera Mini and the Danish Mobilpendlerkort ceremony. We discuss how the full threat model chart suggests some interesting threats that haven’t been investigated although they are well worth of scrutiny. In particular, one of the threat models in our chart leads to a novel vulnerability of the Danish Mobilpendlerkort ceremony. We discovered the vulnerability by analysing this threat model using the formal and automated tool Tamarin, which we employed to demonstrate the relevance of our method, but it is important to highlight that our method is generic and can be used with any tool for the analysis of security protocols and ceremonies.
Download

Paper Nr:	61
Title:	PORTOS: Proof of Data Reliability for Real-World Distributed Outsourced Storage
Authors:	Dimitrios Vasilopoulos, Melek Önen and Refik Molva
Abstract:	Proofs of data reliability are cryptographic protocols that provide assurance to a user that a cloud storage system correctly stores her data and has provisioned sufficient redundancy to be able to guarantee reliable storage service. In this paper, we consider distributed cloud storage systems that make use of erasure codes to guarantee data reliability. We propose a novel proof of data reliability scheme, named PORTOS, that on the one hand guarantees the retrieval of the outsourced data in their entirety through the use of proofs of data possession and on the other hand ensures the actual storage of redundancy. PORTOS makes sure that redundancy is stored at rest and not computed on-the-fly (whenever requested) thanks to the use of time-lock puzzles. Furthermore, PORTOS delegates the burden of generating the redundancy to the cloud. The repair operations are also taken care of by the cloud. Hence, PORTOS is compatible with the current cloud computing model where the cloud autonomously performs all maintenance operations without any interaction with the user. The security of the solution is proved in the face of a rational adversary whereby the cheating cloud provider tries to gain storage savings without increasing its total operational cost.
Download

Paper Nr:	67
Title:	Prying CoW: Inferring Secrets across Virtual Machine Boundaries
Authors:	Gerald Palfinger, Bernd Prünster and Dominik Ziegler
Abstract:	By exploiting a side channel created by Copy-on-Write (CoW) operations of modern file systems, we present a novel attack which allows for detecting files in a shared cloud environment across virtual machine boundaries. In particular, we measure deduplication operation timings in order to probe for existing files of neighbouring virtual machines in a shared file system pool. As a result, no assumptions about the underlying hardware and no network access are necessary. To evaluate the real-world implications, we successfully demonstrate the feasibility of our attack on the ZFS file system. Our results clearly show that the presented attack enables the detection of vulnerable software or operating systems in a victim’s virtual machine on the same file system pool with high accuracy. Furthermore, we discuss several potential countermeasures and their implications.
Download

Short Papers

Paper Nr:	19
Title:	A Taxonomy of Metrics and Tests to Evaluate and Validate Properties of Industrial Intrusion Detection Systems
Authors:	Cyntia V. Martinez and Birgit Vogel-Heuser
Abstract:	The integration of Intrusion Detection Systems (IDS) in Industrial Automation Systems (IAS) has gained popularity over the past years. This has occurred due to their ability to detect intrusions at a device and network level. In order for these systems to provide effective and reliable protection, they must possess a set of specific properties. These properties are inherent characteristics that depend on the IDS application field, as different fields provide different deployment conditions. Unfortunately, the evaluation and validation of such properties for IAS has proven challenging, as current contributions often follow evaluation and validation approaches from the IT domain that focus solely on the effectiveness of intrusion detection approaches; hence, neglecting other aspects relevant to the industrial domain. This paper addresses this issue by presenting IDS properties derived from trends and characteristics of IAS; as well as a taxonomy of metrics and tests to evaluate and validate these properties. This taxonomy provides a foundation from which future IDS contributions for IAS can be improved and reinforced by providing an overview of pertinent metrics and tests.
Download

Paper Nr:	21
Title:	DaDiDroid: An Obfuscation Resilient Tool for Detecting Android Malware via Weighted Directed Call Graph Modelling
Authors:	Muhammad Ikram, Pierrick Beaume and Mohamed A. Kaafar
Abstract:	With the number of new mobile malware instances increasing by over 50% annually since 2012 (McAfee, 2017), malware embedding in mobile apps is arguably one of the most serious security issues mobile platforms are exposed to. While obfuscation techniques are successfully used to protect the intellectual property of apps’ developers, they are unfortunately also often used by cybercriminals to hide malicious content inside mobile apps and to deceive malware detection tools. As a consequence, most of mobile malware detection approaches fail in differentiating between benign and obfuscated malicious apps. We examine the graph features of mobile apps code by building weighted directed graphs of the API calls, and verify that malicious apps often share structural similarities that can be used to differentiate them from benign apps, even under a heavily “polluted” training set where a large majority of the apps are obfuscated. We present DaDiDroid an Android malware app detection tool that leverages features of the weighted directed graphs of API calls to detect the presence of malware code in (obfuscated) Android apps. We show that DaDiDroid significantly outperforms MaMaDroid (Mariconti et al., 2017), a recently proposed malware detection tool that has been proven very efficient in detecting malware in a clean non-obfuscated environment. We evaluate DaDiDroid’s accuracy and robustness against several evasion techniques using various datasets for a total of 43,262 benign and 20,431 malware apps. We show that DaDiDroid correctly labels up to 96% of Android malware samples, while achieving an 91% accuracy with an exclusive use of a training set of obfuscated apps.
Download

Paper Nr:	37
Title:	Secure Strassen-Winograd Matrix Multiplication with MapReduce
Authors:	Radu Ciucanu, Matthieu Giraud, Pascal Lafourcade and Lihua Ye
Abstract:	Matrix multiplication is a mathematical brick for solving many real life problems. We consider the Strassen-Winograd algorithm (SW), one of the most efficient matrix multiplication algorithm. Our first contribution is to redesign SW algorithm MapReduce programming model that allows to process big data sets in parallel on a cluster. Moreover, our main contribution is to address the inherent security and privacy concerns that occur when outsourcing data to a public cloud. We propose a secure approach of SW with MapReduce called S2M3, for Secure Strassen-Winograd Matrix Multiplication with Mapreduce. We prove the security of our protocol in a standard security model and provide a proof-of-concept empirical evaluation suggesting its efficiency.
Download

Paper Nr:	39
Title:	DABSTERS: Distributed Authorities using Blind Signature to Effect Robust Security in e-Voting
Authors:	Marwa Chaieb, Mirko Koscina, Souheib Yousfi, Pascal Lafourcade and Riadh Robbana
Abstract:	Creating an online electronic voting system that meets all legal requirements of election organizers and voters has constituted a real challenge for a long period of time. Permissioned Blockchains (also called Private Blockchains) are a cutting-edge invention, introduced as a security breakthrough for many existing and emerging technologies. One potential application of private Blockchain concerns e-voting systems. We propose a fully-decentralized e-voting system based on permissioned Blockchain, called DABSTERS in e-voting. Our system uses a blinded signature consensus algorithm, which is a modified version of Practical Byzantine Fault Tolerance (PBFT), to preserve voter’s privacy. Our protocol ensures several security properties: voter’s eligibility, vote integrity, vote secrecy, fairness, receipt freeness, individual and universal verifiability.
Download

Paper Nr:	40
Title:	Secure Intersection with MapReduce
Authors:	Radu Ciucanu, Matthieu Giraud, Pascal Lafourcarde and Lihua Ye
Abstract:	Relation intersection is a fundamental problem, which becomes non-trivial when the relations to be intersected are too large to fit on a single machine. Hence, a natural approach is to design parallel algorithms that are executed on a cluster of machines rented from a public cloud provider. Intersection of relations becomes even more difficult when each relation belongs to a different data owner that wants to protect her data privacy. We consider the popular MapReduce paradigm for outsourcing data and computations to a semi-honest public cloud. Our main contribution is the SI protocol (for Secure Intersection) that allows to securely compute the intersection of an arbitrary number of relations, each of them being encrypted by its owner. The user allowed to query the intersection result has only to decrypt the result sent by the public cloud. SI does not leak (to the public cloud or to the user) any information on tuples that are not in the final relation intersection result, even if the public cloud and the user collude i.e., they share all their private information. We prove the security of SI and provide an empirical evaluation showing its efficiency.
Download

Paper Nr:	56
Title:	A Software-defined Networking-based Detection and Mitigation Approach against KRACK
Authors:	Yi Li, Marcos Serrano, Tommy Chin, Kaiqi Xiong and Jing Lin
Abstract:	Most modern Wi-Fi networks are secured by the Wi-Fi Protected Access II (WPA2) protocol that uses a 4-way handshake. Serious weaknesses have been discovered in this 4-way handshake that allows attackers to perform key reinstallation attacks (KRACKs) within the range of an Access Point (AP) to intercept personal information. In this paper, we study KRACK and present a software-defined networking (SDN)-based detection and mitigation framework to defend against KRACK. The proposed framework leverages the characteristic of an SDN controller, a global view of a network, to monitor and manage a Wi-Fi network traffic. It consists of two main components: detection and mitigation modules. Both of them are deployed on the SDN controller. The detection module will monitor network traffic and detect the duplicated message 3 of the 4-way handshake. Once KRACK has been detected, the mitigation module will update the flow table to redirect the attack traffic to a splash portal, which is a place to store attack traffic. Extensive experimental results demonstrate that the proposed framework can efficiently detect and mitigate KRACK. We achieve an average of 170.926 ms to detect KRACK and an average of 10.041 ms to mitigate KRACK in our experiments.
Download

Paper Nr:	58
Title:	Master of Puppets: Trusting Silicon in the Fight for Practical Security in Fully Decentralised Peer-to-Peer Networks
Authors:	Bernd Prünster, Edona Fasllija and Dominik Mocher
Abstract:	This paper presents a practical solution to Sybil and eclipse attacks in a fully decentralised peer-to-peer context by utilising trusted computing features of modern Android devices. We achieve this by employing hardware-based attestation mechanisms introduced in recent Android versions and bind each P2P network node identifier to a distinct physical device. In contrast to resource-testing approaches, this binding makes it impossible for attackers to rely on cheap cloud computing resources to outperform legitimate users. We address well-known P2P challenges by applying trusted computing approaches, which were previously only theorised in this context. This results in a system that can now actually be implemented on a global scale. We thoroughly mind bandwidth, power and performance constraints to achieve a ready-to-use solution whose only requirement is the possession of a recent Android phone.
Download

Paper Nr:	64
Title:	A Robust Anaglyph 3D Video Watermarking based on Multi-sprite Generation
Authors:	Dorra Dhaou, Saoussen Ben Jabra and Ezzeddine Zagrouba
Abstract:	Collusion presents a malicious attack for video watermarking techniques. In the case of anaglyph 3D video, this attack is not yet considered. In fact, only several watermarking techniques were proposed for this type of media and they are not robust against dangerous attacks such as MPEG compression and collusion. In this paper, a robust anaglyph 3D video watermarking technique is proposed. It is based on multi-sprites as a target of insertion. This allows obtaining a robustness against collusion attacks. First, several sprites are generated from original video. Then, a hybrid embedding scheme based on the least significant bit and the discrete wavelet transformation based method is applied on every sprite to insert signature. This improves invisibility and robustness against usual attacks. Experimental results show a high level of invisibility and a good robustness against collusion, compression and against additional attacks such as geometric and temporal attacks.
Download

Paper Nr:	65
Title:	A Wizard-based Approach for Secure Code Generation of Single Sign-On and Access Delegation Solutions for Mobile Native Apps
Authors:	Amir Sharif, Roberto Carbone, Silvio Ranise and Giada Sciarretta
Abstract:	Many available mobile applications (apps) have poorly implemented Single Sign-On and Access Delegation solutions leading to serious security issues. This could be caused by inexperienced developers who prioritize the implementation of core functionalities and/or misunderstand security critical parts. The situation is even worse in complex API scenarios where the app interacts with several providers. To address these problems, we propose a novel wizard-based approach that guides developers to integrate multiple third-party Identity Management (IdM) providers in their apps, by (i) “enforcing” the usage of best practices for native apps, (ii) avoiding the need to download several SDKs and understanding their online documentations (a list of known IdM providers with their configuration information is embedded within our approach), and (iii) automatically generating the code to enable the communication with the different IdM providers. The effectiveness of the proposed approach has been assessed by implementing an Android Studio plugin and using it to integrate several IdM providers, such as OKTA, Auth0, Microsoft, and Google.
Download

Paper Nr:	66
Title:	A Tool-assisted Methodology for the Data Protection Impact Assessment
Authors:	Salimeh Dashti and Silvio Ranise
Abstract:	We propose a pragmatic methodology to the Data Protection Impact Assessment (DPIA) based on a tool capable of assisting users during crucial activities such as data processing specification and risk analysis. Previous work on compliance checking and our experience in developing a DPIA methodology for the Public Administration of the province of Trento in Italy are the basis of this work.
Download

Paper Nr:	68
Title:	Method for Vector Map Protection based on using of a Watermark Image as a Secondary Carrier
Authors:	Yuliya Vybornova and Vladislav Sergeev
Abstract:	In this paper, we present a study of the watermarking method for vector cartographic data based on a cyclic shift of a polygon vertex list. We propose a method modification to provide an accurate authentication procedure, as well as to increase the method robustness against map contents modification. The main idea of the improved method is to use a noise-like image as a secondary carrier for a watermark, represented in the form of a bit vector. An algorithm for construction of a noise-like image carrying a watermark sequence, as well as an algorithm for extraction of such a sequence, are given. An experimental study explores the information capacity of the carrier image and its robustness against quantization and noise adding, i.e. distortions simulating the embedding into map objects. The efficiency of the method is also demonstrated on real cartographic data. Conclusions comprise optimal parameters for reliable extraction depending on the number of polygons on the vector map.
Download

Paper Nr:	92
Title:	Dynamic Taint-tracking: Directions for Future Research
Authors:	Fabian Berner and Johannes Sametinger
Abstract:	Detection of unauthorized disclosure of sensitive data is a dynamic research field. We can protect sensitive data on mobile devices through various commercial, open source and academic approaches. Taint-tracking systems represent one of the approaches to detect information disclosure attacks. In this paper, we give an overview of taint-tracking systems for Android. We discuss the systems and their shortcomings. The contribution of this paper is to provide an overview of Android taint-tracking systems, and to reveal directions for future research.The overview can serve as a basis for the selection of a taint-tracking system in specific situations.
Download

Paper Nr:	94
Title:	Mind the Gap: Finding What Updates Have (Really) Changed in Android Applications
Authors:	Johannes Feichtner, Lukas Neugebauer and Dominik Ziegler
Abstract:	Android apps often receive updates that introduce new functionality or tackle problems, ranging from critical security issues to usability-related bugs. Although developers tend to briefly denote changes when releasing new versions, it remains unclear what has actually been modified in the program code. Verifying even subtle changes between two Android apps is challenging due to the widespread use of code transformations and obfuscation techniques. In this paper, we present a new framework to precisely pinpoint differences between Android apps. By pursuing a multi-level comparison strategy that targets resources and obfuscation-invariant code elements, we succeed in highlighting similarities and changes among apps. In case studies, we demonstrate the need and practical benefits of our solution and show how well it is suited to verify changelogs.
Download

Paper Nr:	97
Title:	Fides: Unleashing the Full Potential of Remote Attestation
Authors:	Bernd Prünster, Gerald Palfinger and Christian Kollmann
Abstract:	In connected mobile app settings, back-ends have no means to reliably verify the integrity of clients. For this reason, services aimed at mobile users employ (unreliable) heuristics to establish trust. We tackle the issue of mobile client trust on the Android platform by harnessing features of current Android devices and show how it is now possible to remotely verify the integrity of mobile client applications at runtime. This makes it possible to perform sensitive operations on devices outside a service operator’s control. We present Fides, which improves the security properties of typical connected applications and foregoes heuristics for determining a device’s state such as SafetyNet or root checks. At its core, our work is based on the advancements of Android’s key attestation capabilities, which means that it does not impose a performance penalty. Our concept is widely applicable in the real world and does not remain a purely academic thought experiment. We demonstrate this by providing a light-weight, easy-to use library that is freely available as open source software. We have verified that Fides even outperforms the security measures integrated into critical applications like Google Pay.
Download

Paper Nr:	2
Title:	ZKlaims: Privacy-preserving Attribute-based Credentials using Non-interactive Zero-knowledge Techniques
Authors:	Martin Schanzenbach, Thomas Kilian, Julian Schütte and Christian Banse
Abstract:	In this paper we present ZKlaims: a system that allows users to present attribute-based credentials in a privacy-preserving way. We achieve a zero-knowledge property on the basis of Succinct Non-interactive Arguments of Knowledge (SNARKs). ZKlaims allow users to prove statements on credentials issued by trusted third parties. The credential contents are never revealed to the verifier as part of the proving process. Further, ZKlaims can be presented non-interactively, mitigating the need for interactive proofs between the user and the verifier. This allows ZKlaims to be exchanged via fully decentralized services and storages such as traditional peer-to-peer networks based on distributed hash tables (DHTs) or even blockchains. To show this, we include a performance evaluation of ZKlaims and show how it can be integrated in decentralized identity provider services.
Download

Paper Nr:	5
Title:	Indirect Data Representation Via Offset Vectoring: A Code-integrity-driven In-memory Data Regeneration Scheme
Authors:	Erik Sonnleitner, Marc Kurz and Alexander Palmanshofer
Abstract:	A common problem in software development is how to handle sensitive information required for appropriate process execution, especially when requesting user input like passwords or -phrases for proper encryption is not applicable due to I/O, UI or UX limitations. This often leads to such information being either stored directly in the source code of the application, or as plaintext in a separate file. We therefore propose an experimental scheme for dynamically recovering arbitrary chunks of information based on the integrity of the text-segment of a running process, without the information being easily extractible from either an on-disk binary, memory dump or the memory map of a running process. Implementing an algorithm we call offset vectoring, this method can help dealing with sensitive information and enhancing the resistance against attacks which aim at extracting such data as well as attempts towards modifying an application, e.g. for the purposes of cracking software.
Download

Paper Nr:	6
Title:	An Efficient FHE Scheme to Secure Cloud Computing
Authors:	Khalil Hariss, Abed E. Samhat and Maroun Chamoun
Abstract:	In this paper, we consider the privacy issue in cloud systems by using Homomorphic Encryption (HE) to provide secure computing at the cloud side. We use Domingo Ferrer (DF) homomorphic scheme to accomplish this task. Before implementing DF in a cloud scenario, we resolve its main problems. The two concerned problems are sensitivity to known plain-text attack and cipher-text dimension growth after homomorphic multiplication causing high storage overhead and reducing the scheme efficiency. DF is first made secure for cloud systems by making the scheme much more resistant to the concerned attack due to the change of the encryption procedure. Second, DF is made efficient for cloud computing by introducing a new technique, called Key Switching (KS). This technique reduces the high overhead by decreasing the extended cipher-text dimension obtained after a homomorphic multiplication and preserving the homomorphic behavior. While users’ privacy at the Cloud side is preserved with HE, KS technique relies on publishing a matrix M. Different secret keys are encrypted within M based on the hardness of Learning With Error (LWE). A deep crypt-analysis and implementations under Python using SageMath Library are done in order to validate the efficiency of our proposal.
Download

Paper Nr:	7
Title:	Potential Impacts in Citizens’ Privacy of using Federated Identity Management to Offer e-Government Services
Authors:	Jorge Navas and Marta Beltrán
Abstract:	The ability to verify citizens’ identity and to authenticate and to authorize them when accessing to e-Government services (such as on-line voting, licence renewal or tax payment) is crucial for the digital transformation of public administrations. Governments need identity management mechanisms valid across different services, platforms, devices, technologies and even physical borders. Federated Identity Management (FIM) can help in ensuring secure identity management, in improving citizens’ experience and in increasing services’ accessibility. But this comes with a price since relying on Identity Providers, whether public or private, poses new privacy threats that has to be faced. This paper presents a threat model of the most promising and extended FIM specifications, OpenID Connect and Mobile Connect, when used as federated identity management solutions for e-Government services. A set of three improvements is proposed to avoid these threats or to mitigate their impacts, taking into account both, specification and implementation aspects. Furthermore, guidelines and recommendations in order to improve future versions of the specifications and/or their implementations are provided for developers, providers and policy makers.
Download

Paper Nr:	13
Title:	Attack on a Scheme for Obfuscating and Outsourcing SAT Computations to the Cloud
Authors:	Khazam Alhamdan, Tassos Dimitriou and Imtiaz Ahmad
Abstract:	The emergence of cloud computing gave users the capability to offload computations that cannot be executed locally to cloud servers with large computational power. One such computationally demanding problem is solving large satisfiability (SAT) instances. Although many problems from AI, circuit verification, etc. can be converted to SAT, outsourcing SAT instances may leak considerable information that can put a user’s security at risk. Hence the privacy of outsourcing computations to the cloud is a major issue. In this work we look at the techniques of Qin et al. (Qin and Jia., 2014; Qin and Du., 2018) which have been used to obfuscate SAT formulas before they are released to the cloud. We came up with a realistic attack against their technique that demonstrates how a malicious cloud provider can obtain significant information about the underlying SAT instance. Our work shows that ad hoc schemes cannot offer the required security guarantees for outsourcing SAT computations, hence more formal frameworks should be used instead.
Download

Paper Nr:	14
Title:	PrivySharing: A Blockchain-based Framework for Integrity and Privacy-preserving Data Sharing in Smart Cities
Authors:	Imran Makhdoom, Ian Zhou, Mehran Abolhasan, Justin Lipman and Wei Ni
Abstract:	The ubiquitous use of Internet of Things (IoT) ranges from industrial control systems to e-Health, e-commerce, smart cities, supply chain management, smart cars, cyber-physical systems and a lot more. However, the data collected and processed by IoT systems especially the ones with centralized control are vulnerable to availability, integrity, and privacy threats. Hence, we present “PrivySharing,” a blockchain-based innovative framework for integrity and privacy-preserving IoT data sharing in a smart city environment. The proposed scheme is distinct from existing technologies on many aspects. The data privacy is preserved by dividing the blockchain network into various channels, where every channel processes a specific type of data such as health, smart car, smart energy or financial data. Moreover, access to user data within a channel is controlled by embedding access control rules in the smart contracts. In addition, users' data within a channel is further isolated and secured by using private data collection. Likewise, the REST API that enables clients to interact with the blockchain network has dual security in the form of an API Key and OAuth 2.0. The proposed solution also conforms to some of the significant requirements outlined in the European Union General Data Protection Regulation. Lastly, we present a system of reward in the form of a digital token “PrivyCoin” for the users for sharing their data with the stakeholders/third parties.
Download

Paper Nr:	15
Title:	LASER: Lightweight and Secure Remote Keyless Entry Protocol
Authors:	Vanesa Daza and Xavier Salleras
Abstract:	Since Remote Keyless Entry (RKE) systems started to be widely used, several vulnerabilities in their protocols have been found. Attacks such as jamming-and-replay attacks and relay attacks are still effective against most recent RKE systems (Ibrahim et al., 2018), even when many secure schemes have been designed. Although they are interesting from a theoretical point of view, the complexity of these solutions is excessive to implement them into a fob (Karani et al., 2016). This paper presents a lightweight and general solution based on a one message protocol, which guarantees the integrity and validity of the authentication in RKE systems, protecting the communication against the well-known jamming-and-replay and relay attacks, without using complex cryptographic schemes. Moreover, we also adapt our protocol for passive RKE (PRKE) systems. Our solution also includes a novel frequency-hopping-based approach which mitigates deny-of-service attacks. Finally, a prototype has been implemented using non-expensive hardware. Obtained results assure scalability, effectiveness and robustness.
Download

Paper Nr:	24
Title:	Distributed Anomaly Detection of Single Mote Attacks in RPL Networks
Authors:	Nicolas M. Müller, Pascal Debus, Daniel Kowatsch and Konstantin Böttinger
Abstract:	RPL, a protocol for IP packet routing in wireless sensor networks, is known to be susceptible to a wide range of attacks. Especially effective are ’single mote attacks’, where the attacker only needs to control a single sensor node. These attacks work by initiating a ’delayed denial of service’, which depletes the motes’ batteries while maintaining otherwise normal network operation. While active, this is not detectable on the application layer, and thus requires detection on the network layer. Further requirements for detection algorithms are extreme computational and resource efficiency (e.g. avoiding communication overhead) and the use of machine learning (if the drawbacks of signature based detection are not acceptable). In this paper, we present a system for anomaly detection of these kinds of attacks and constraints, implement a prototype in C, and evaluate it on different network topologies against three ’single mote attacks’. We make our system highly resource and energy efficient by deploying pre-trained models to the motes and approximating our choice of ML algorithm (KDE) via parameterized cubic splines. We achieve on average 84.91 percent true-positives and less than 0.5 percent false-positives. We publish all data sets and source code for full reproducibility.
Download

Paper Nr:	26
Title:	Hunting Traits for Cryptojackers
Authors:	Gabriel J. Berecz and Istvan-Gergely Czibula
Abstract:	Cryptocurrencies are renowned world wide nowadays and they have been adopted in various industries. This great success comes from both the technology innovation they brought to the world, the blockchain, and the financial opportunities they opened up for investors. One of the unpleasant aspects are the cybercriminals who took advantage of this technology and have developed malicious software (i.e. cryptojacker) in order to gain profit by mining cryptocurrencies on their victims’ personal computer without any consent. This paper proposes to analyze standalone cryptojackers, both statically and dynamically, with the aim of identifying specific traits. The approach draws out features specific to cryptojackers that are selected using statistical methods and explains why a cryptocurrency mining malware has such traits. Based on 20 selected specific features, three different supervised learning classification models have been trained, which are able to differentiate between clean applications and cryptojackers reliably. In experiments, an average accuracy of 92.46% has been achieved.
Download

Paper Nr:	28
Title:	PRE as a Service within Smart Grid City
Authors:	Sbai Anass, Drocourt Cyril and Dequen Gilles
Abstract:	In the context of Smart Grid Cities, legal obligations require that certain personal data must be stored in the long term and protected. To deal with confidentiality issues, we use the concept of Proxy Re-Encryption (PRE) which allows sharing encrypted data. We present the first implementation of the Chow’s algorithm, and propose an optimized instantiation thanks to elliptic curves. This is the first unidirectional algorithm with CCA security that does not rely on pairing, which guarantees its high performance. This allows its use in real conditions. We have implemented it in JavaScript for direct use in a web browser by the user. In order to be able to process the data asynchronously, we then define the notion of PREaaS (Proxy Re-Encryption as a Service) that also allows use in a service-oriented context.
Download

Paper Nr:	29
Title:	Entropy and Security of Pseudorandom Number Generators based on Chaotic Iterations
Authors:	Luigi Marangio and Christophe Guyeux
Abstract:	In the domain of cryptography, an important role is played by PseudoRandom Number Generators (PRNGs). Designing such generators might be complicated for different reasons: an appropriate formal abstract notion of randomness should be formulated, and after that, it may be hard to design an algorithm that produces such random numbers on a finite state machine. A possible approach to tackle this problem has been proposed and studied in recent works (for instance (Guyeux and Bahi, 2012)), where the authors considered to post-operate on existing PRNGs, using the so-called chaotic iterations, i.e., specific iterations of a boolean function and a shift operator that use the inputted generator. This process has at least two positive aspects : boolean functions avoid the problem of numbers representation (e.g. floating point arithmetic), and it is possible to describe the PRNGs based on chaotic iterations as dynamical systems, with a formal mathematical description. This class of PRNGs has been proven to be useful also for cryptographical applications, after a suitable redefinition of the generators in the cryptographical domain. In this article we propose a Markov chain model of the PRNGs based on chaotic iterations and we will use it to compute the entropy of the proposed generators. Moreover we will prove that the security property is preserved when a cryptographic PRNG is post processed with iterations of a suitable boolean functions.
Download

Paper Nr:	30
Title:	Evaluation of Intrusion Detection Systems in IPv6 Networks
Authors:	Max Schrötter, Thomas Scheffler and Bettina Schnor
Abstract:	This paper introduces a benchmark suite for the evaluation of intrusion detection systems in IPv6 environments. We use this benchmark to evaluate the prominent intrusion detection systems Snort, Zeek and Suricata. Further, an IPv6 Plugin Suite is presented and evaluated which enhances Snort by stateful attack detection. The results of our evaluation demonstrate the current abilities to detect IPv6 link-local attacks.
Download

Paper Nr:	41
Title:	“Open Weakness and Vulnerability Modeler” (OVVL): An Updated Approach to Threat Modeling
Authors:	Andreas Schaad and Tobias Reski
Abstract:	The development of secure software systems is of ever-increasing importance. While software companies often invest large amounts of resources into the upkeeping and general security properties of large-scale applications when in production, they appear to neglect utilizing threat modeling in the earlier stages of the software development lifecycle. When applied during the design phase of development, and continuously throughout development iterations, threat modeling can help to establish a “Secure by Design” approach. This approach allows issues relating to IT security to be found early during development, reducing the need for later improvement – and thus saving resources in the long term. In this paper the current state of threat modeling is investigated. This investigation drove the derivation of requirements for the development of a new threat modelling framework and tool, called OVVL. OVVL utilizes concepts of established threat modeling methodologies, as well as functionality not available in existing solutions.
Download

Paper Nr:	42
Title:	Differential Privacy meets Verifiable Computation: Achieving Strong Privacy and Integrity Guarantees
Authors:	Georgia Tsaloli and Aikaterini Mitrokotsa
Abstract:	Often service providers need to outsource computations on sensitive datasets and subsequently publish statistical results over a population of users. In this setting, service providers want guarantees about the correctness of the computations, while individuals want guarantees that their sensitive information will remain private. Encryption mechanisms are not sufficient to avoid any leakage of information, since querying a database about individuals or requesting summary statistics can lead to leakage of information. Differential privacy addresses the paradox of learning nothing about an individual, while learning useful information about a population. Verifiable computation addresses the challenge of proving the correctness of computations. Although verifiable computation and differential privacy are important tools in this context, their interconnection has received limited attention. In this paper, we address the following question: How can we design a protocol that provides both differential privacy and verifiable computation guarantees for outsourced computations? We formally define the notion of verifiable differentially private computation (VDPC) and what are the minimal requirements needed to achieve VDPC. Furthermore, we propose a protocol that provides verifiable differentially private computation guarantees and discuss its security and privacy properties.
Download

Paper Nr:	43
Title:	On the Efficacy of New Privacy Attacks against 5G AKA
Authors:	Haibat Khan and Keith M. Martin
Abstract:	The AKA protocol is the primary mechanism in mobile telephony for establishment of a secure channel between mobile subscribers and their service providers. In addition to the requisite security guarantees, provisioning subscription privacy is an essential requirement for AKA. A recent paper by Borgaonkar et al. has uncovered a new vulnerability in one of the associated mechanisms of the AKA protocol. Based upon this vulnerability, Borgaonkar et al. have presented two privacy attacks; namely, activity monitoring attack and location confidentiality attack. In this paper, we analyze these attacks for their effectiveness, practicability and potency against 5G. Our analysis reveal that the activity monitoring attack is not as effective against 5G as it is against the previous generations (3G/4G). The analysis also bring to light the fact that the location confidentiality attack is a direct extension of an existing privacy vulnerability that affects all generations (including 5G) of mobile telephony in a much severe manner. In this paper we also establish that any countermeasure introduced to fix this existing vulnerability will also render these two new attacks ineffective.
Download

Paper Nr:	48
Title:	Security for Distributed Deep Neural Networks: Towards Data Confidentiality & Intellectual Property Protection
Authors:	Laurent Gomez, Marcus Wilhelm, José Márquez and Patrick Duverger
Abstract:	Current developments in Enterprise Systems observe a paradigm shift, moving the needle from the backend to the edge sectors of those; by distributing data, decentralizing applications and integrating novel components seamlessly to the central systems. Distributively deployed AI capabilities will thrust this transition. Several non-functional requirements arise along with these developments, security being at the center of the discussions. Bearing those requirements in mind, hereby we propose an approach to holistically protect distributed Deep Neural Network (DNN) based/enhanced software assets, i.e. confidentiality of their input & output data streams as well as safeguarding their Intellectual Property. Making use of Fully Homomorphic Encryption (FHE), our approach enables the protection of Distributed Neural Networks, while processing encrypted data. On that respect we evaluate the feasibility of this solution on a Convolutional Neuronal Network (CNN) for image classification deployed on distributed infrastructures.
Download

Paper Nr:	50
Title:	Keystroke Dynamics Anonymization System
Authors:	Denis Migdal and Christophe Rosenberger
Abstract:	Keystroke Dynamics enables the authentication or identification of users by analyzing their way of typing, e.g. when browsing the Internet. Most studies in the state of the art focus on increasing Keystroke Dynamics Systems performances. In this paper, we address the issue of avoiding the biometric capture of keystroke dynamics in order to protect users’ privacy. Authentication/identification, profiling can be considered as attacks we limit in this contribution. Experimental results obtained on significant datasets show the benefits of the proposed approaches.
Download

Paper Nr:	73
Title:	Web Application for Privacy-preserving Scheduling using Secure Computation
Authors:	Ágnes Kiss, Oliver Schick and Thomas Schneider
Abstract:	Event scheduling applications such as Doodle allow for very limited privacy protection. Even if the participants are anonymous, their inputs are revealed to the poll administrator and the application server. There exist privacy-enhanced scheduling services (e.g., Kellermann and Böhme, CSE’09), but they require heavy computation and communication on the client’s side, leak information to the participants or poll administrator, and allow only for a restricted scheduling functionality. In this work, we present a privacy-preserving scheduling system based on secure two-party computation, that allows to schedule meetings between a large number of participants efficiently, without requiring any participant to reveal its availability pattern or other sensitive information to any other participant, server, or even the poll administrator. The protocol allows for various functional extensions and requires the client to perform very little work when securely submitting its inputs. Our protocol is secure against semi-honest non-colluding servers and malicious participants.
Download

Paper Nr:	74
Title:	LADS: A Live Anomaly Detection System based on Machine Learning Methods
Authors:	Gustavo Gonzalez-Granadillo, Rodrigo Diaz, Ibéria Medeiros, Susana Gonzalez-Zarzosa and Dawid Machnicki
Abstract:	Network anomaly detection using NetFlow has been widely studied during the last decade. NetFlow provides the ability to collect network traffic attributes (e.g., IP source, IP destination, source port, destination port, protocol) and allows the use of association rule mining to extract the flows that have caused a malicious event. Despite of all the developments in network anomaly detection, the most popular procedure to detect non-conformity patterns in network traffic is still manual inspection during the period under analysis (e.g., visual analysis of plots, identification of variations in the number of bytes, packets, flows). This paper presents a Live Anomaly Detection System (LADS) based on One class Support Vector Machine (One-class SVM) to detect traffic anomalies. Experiments have been conducted using a valid data-set containing over 1.4 million packets (captured using NetFlow v5 and v9) that build models with one and several features in order to identify the approach that most accurately detects traffic anomalies in our system. A multi-featured approach that restricts the analysis to one IP address and extends it in terms of samples (valid and invalid ones) is considered as a promising approach in terms of accuracy of the detected malicious instances.
Download

Paper Nr:	75
Title:	ECDSA-compatible Delegable Undeniable Signature
Authors:	Sam Ng and Tomas Tauber
Abstract:	We present the first ECDSA-compatible delegable undeniable signature. Undeniable signature was first introduced by Chaum and Antwerpen. Such signatures cannot be verified without running a zero-knowledge protocol with the signer. Delegable undeniable signature extends this by allowing the signer to delegate the verification ability to a third party. An example use case for delegable undeniable signature is that a trusted party verifies a user’s personal information, signs a message and then passes the signature back to the user. If a verifier needs to know that personal information (e.g. an online merchant selling alcohol needs to verify the user’s age), the user can run the verification protocol as a delegate to prove the trusted party (e.g. the government) signed that personal information. The verifier will be convinced the signature is genuine, but will not be able to convince others. Our signature scheme is based on standard ECDSA, which is the most common signature scheme in blockchain technology. It is easy to construct (it involves two standard ECDSA signatures) and easy to verify (a simple two-round zero-knowledge protocol). We believe our signature scheme is useful especially in Self-Sovereign Digital Identity.
Download

Paper Nr:	78
Title:	Here and There at Once, with my Mobile Phone!
Authors:	Ioana Boureanu, David Gerault and James Lewis
Abstract:	Whilst proximity-checking mechanisms are on the rise, proximity-based attacks other than relaying have not been studied from a practical viewpoint, not even in academia. Are the simplest proximity-based attacks, namely distance frauds, a practical danger? Can an attacker make it look like they are here and there at the same time? In this paper, we first distinguish “credible” vs. impractical distance frauds, in a quantifiable, formal manner. Second, we implement two “credible” distance frauds on off-the-shelf NFC-enabled Android phones. We present an initial evaluation focused on their feasibility.
Download

Paper Nr:	79
Title:	Decentralized Privacy-preserving Access for Low Emission Zones
Authors:	Carles Anglès-Tafalla, Sara Ricci, Petr Dzurenda, Jan Hajny, Jordi Castellà-Roca and Alexandre Viejo
Abstract:	Low Emission Zones (LEZ) are a common mechanism to regulate traffic jams and environmental pollution. Nevertheless, the problems of this solution are lack of privacy its reliance on centralized entities. The presented scheme continues the emerging trend of using cameras to only identify dishonest users, and proposes a decentralized access control system for LEZs, which, through a tailored group signature model, addresses the user’s privacy requirements that a public ledger like blockchain demands.
Download

Paper Nr:	81
Title:	Identity-based Conditional Privacy-Preserving Authentication Scheme Resistant to Malicious Subliminal Setting of Ephemeral Secret
Authors:	Patryk Kozieł, Łukasz Krzywiecki and Damian Stygar
Abstract:	In this paper we propose a modification of the Identity Based Conditional Privacy-Preserving Authentication Scheme (CPPA), which is based on Schnorr Signature Scheme (SS). The applicability and the security of the scheme is mainly considered in Intelligent Transportation Systems. We discuss scenarios with subliminal malicious setting of a ephemeral secret. We present a new, stronger security model for the scheme in which we allow the adversary to choose random values used during signing process. We define the SS to be secure if the advantage of the adversary in this model is negligible. Finally we prove the security of the modified Identity Based CPPA in our stronger model.
Download

Paper Nr:	82
Title:	Integration of a Secure Physical Element as a Trusted Oracle in a Hyperledger Blockchain
Authors:	Andreas Schaad, Tobias Reski and Oliver Winzenried
Abstract:	Blockchain frameworks enable the immutable storage of data. A still open practical question is the so called “oracle” problem, i.e. the way how real world data is actually transferred into and out of a blockchain while preserving its integrity. We present a case study that demonstrates how to use an existing industrial strength secure element for cryptographic software protection (Wibu CmDongle / the “dongle”) to function as such a hardware-based oracle for the Hyperledger blockchain framework. Our scenario is that of a dentist having leased a 3D printer. This printer is initially supplied with an amount of x printing units. With each print action the local unit counter on the attached dongle is decreased and in parallel a unit counter is maintained in the Hyperledger-based blockchain. Once a threshold is met, the printer will stop working (by means of the cryptographically protected invocation of the local print method). The blockchain is configured in such a way that chaincode is executed to increase the units again automatically (and essentially trigger any payment processes). Once this has happened, the new unit counter value will be passed from the blockchain to the local dongle and thus allow for further execution of print jobs.
Download

Paper Nr:	84
Title:	RACE: Randomized Counter Mode of Authenticated Encryption using Cellular Automata
Authors:	Tapadyoti Banerjee, Bijoy Das, Deval Mehta and Dipanwita R. Chowdhury
Abstract:	In this paper, we propose a new Randomized Counter mode of Authenticated Encryption using Cellular Automata, named as RACE. AES-GCM, the NIST standard Authenticated Encryption scheme is efficient but it is vulnerable against some of the known attacks. In our design, we try to overcome the limitations of AES-GCM by exploiting the random evolution of Cellular Automata (CA). Here, the CA is used to make counter values randomized instead of sequential values used in AES-GCM. In addition, to produce the Message Authentication Code (MAC), a non-linear CA-based hash-primitive (NASH) is introduced which avoids the complex Galois field multiplication operations of GHASH of AES-GCM. We show that NASH provides more security over GHASH against Cycling Attack. Thus, NASH together with AES makes RACE more secure than AES-GCM with respect to this attack.
Download

Paper Nr:	86
Title:	Is Privacy a Myth for Facebook Users?
Authors:	Vishwas T. Patil and R. K. Shyamasundar
Abstract:	The management of personal information has become an insurmountable problem. The reasons are multi-fold and intertwined: technological, legal, regulatory, commercial, and behavioural. The proliferation of online social networks like Facebook has made the problem even more acute because of its business model where users’ personally identifiable information is monetised via advertisements. One of the distinctive features of privacy policies is that users’ data can be shared with their consent for specified purposes; but users do not have effective control over that data once it is shared with third-parties. There is a race to collect user data as it helps in building unique insights about the users. These insights help in matching the users to advertisements with high success. As advertisers seek a maximum return on investments and the data platforms thrive to achieve this expectation. With the current sophistication levels of data platforms in collecting and processing user data, we highlight why it appears futile to achieve privacy despite correct privacy settings enabled. The business model of monetizing of user data and a slow evolution (or absence in some jurisdictions) of legal frameworks to control proliferation of user data has lead to a power asymmetry in the data ecosystem between the motivated data processors and hapless end-users; thus making the users anxious about their participation in the ecosystem. Erosion of user trust has economic consequences. And a lack of continuous flow of data (volume, variety, velocity, and veracity) into the ecosystem will starve the emergence of data-driven innovations with profound societal impact. We elaborate approaches that could help restore the sense of privacy.
Download

Paper Nr:	87
Title:	Cryptanalysis of Homomorphic Encryption Schemes based on the Aproximate GCD Problem
Authors:	Tikaram Sanyashi, Darshil Desai and Bernard Menezes
Abstract:	Economies of scale make cloud computing an attractive option for small and medium enterprises. However, loss of data integrity or data theft remain serious concerns. Homomorphic encryption which performs computations in the encrypted domain is a possible solution to address these concerns. Many partially homomorphic encryption schemes that trade off functionality for lower storage and computation cost have been proposed. However, not all these schemes have been adequately investigated from the security perspective. This paper analyses a suite of such proposed schemes based on the hardness of the Approximate GCD problem. We show that two of these schemes are vulnerable to the Orthogonal Lattice attack. The execution time of the attack is a function of various parameters including message entropy. For the recommended set of parameters, the execution time of the attack is no greater than 1 day on a regular laptop.
Download

Paper Nr:	93
Title:	Reducing Computational Cost in IoT Cyber Security: Case Study of Artificial Immune System Algorithm
Authors:	Idris Zakariyya, M. O. Al-Kadri, Harsha Kalutarage and Andrei Petrovski
Abstract:	Using Machine Learning (ML) for Internet of Things (IoT) security monitoring is a challenge. This is due to their resource constraint nature that limits the deployment of resource-hungry monitoring algorithms. Therefore, the aim of this paper is to investigate resource consumption reduction of ML algorithms in IoT security monitoring. This paper starts with an empirical analysis of resource consumption of Artificial Immune System (AIS) algorithm, and then employs carefully selected feature reduction techniques to reduce the computational cost of running the algorithm. The proposed approach significantly reduces computational cost as illustrated in the paper. We validate our results using two benchmarks and one purposefully simulated data set.
Download

Paper Nr:	95
Title:	An Analysis of User Behaviors in Phishing eMail using Machine Learning Techniques
Authors:	Yi Li, Kaiqi Xiong and Xiangyang Li
Abstract:	Understanding user behaviors plays an important role in security situation assessments and computer system operations. There are very challenging and limited studies on email user behaviors. To study user behaviors related with phishing emails, we design and investigate an email test platform to understand how users behave differently when they read emails, some of which are phishing. We used a set of emails including phishing emails from the real world. We collect experimental data including participants’ basic background information, time measurement, and their answers to survey questions. We first check whether or not factors such as intervention, phishing types, and incentive mechanisms play a major role in user behaviors when phishing attacks occur. We then evaluate the significance of each attribute with a performance score. The performance score is a metric demonstrating how a user makes a correct judgment on phishing while phishing attacks occur. We propose a machine learning framework, which contains attribute reduction and 10-fold cross-validation, to predict the performance of a user based on our collected data.
Download

Paper Nr:	96
Title:	Semantic-based Obligation for Context-Based Access Control
Authors:	Mouiad Al-Wahah, Ahmed Saaudi and Csilla Farkas
Abstract:	In this paper, we present a dynamic and extensible semantic-based obligation framework. Our framework is meant to be used in conjunction with context-based authorization. Our approach is suitable to incorporate dynamically changing obligation requirements. We express obligation requirements and contextual information as ontologies. We employ Description logic and Logic Programming technologies for modeling contexts, privileges and obligations. We show how semantic-based techniques can be used to support adaptive and dynamic obligation for Context-Based Access Control (CBAC) policies. We also show that our framework is expressive enough to incorporate obligation’s needs in dynamic environments. Furthermore, we have developed a proof of concept implementation to demonstrate our work.
Download