SECRYPT 2018 Abstracts

Full Papers

Paper Nr:	8
Title:	Secure Benchmarking using Electronic Voting
Authors:	Vivek Agrawal and Einar Arthur Snekkenes
Abstract:	It is a common practice in the industry to organize benchmark processes to establish information security performance evaluation standards. A benchmarking system collects information security-related data from the organization to establish a standard. The information shared by the organization often contains sensitive data (details of the vulnerability, Cyber attacks). The present benchmarking systems do not provide a secure way of exchanging sensitive information between the submitter and the benchmark authority. Furthermore, there is a lack of any mechanism for the submitters to verify that the final benchmark result contains the response submitted by them. Hence, people are reluctant to take active participation in sharing their sensitive information in the benchmarking process. We propose a novel approach to solve the security limitations of present benchmarking systems by applying the concepts of electronic voting to benchmark. Our solution provides secrecy to submitters’ identity and to the benchmark responses. Our approach also ensures that all the submitted responses have been correctly counted and considered in the final benchmark result.
Download

Paper Nr:	14
Title:	Fully Homomorphic Distributed Identity-based Encryption Resilient to Continual Auxiliary Input Leakage
Authors:	François Gérard, Veronika Kuchta, Rajeev Anand Sahu, Gaurav Sharma and Olivier Markowitch
Abstract:	History tells us that is not enough to base security solely on the unfeasability of solving the underlying hard problem of a cryptosystem. In the real world, it is not uncommon for an adversary to get access to some key dependent information potentially helping to perform cryptanalysis. Recently a lot of effort has been put into designing cryptosystems such that the impact of leaking key related information is minimized, this area is mostly known as leakage-resilient cryptography. In this work, we show how to construct a distributed fully homomorphic identity-based encryption secure in the continual auxiliary input model. Our construction is based on the fully homomorphic scheme of Gentry, Sahai and Waters and relies merely on the learning with errors assumption, which is conjectured being resistant against quantum attacks.
Download

Paper Nr:	15
Title:	Side Channel Attacks over Encrypted TCP/IP Modbus Reveal Functionality Leaks
Authors:	Nikolaos Tsalis, George Stergiopoulos, Evangelos Bitsikas, Dimitris Gritzalis and Theodore Apostolopoulos
Abstract:	With HMI systems becoming increasingly connected with the internet, more and more critical infrastructures are starting to query PLC/RTU units through the Web through MODBUS ports. Commands sent from such interfaces are inevitably exposed to potential attacks even if encryption measures are in place. During the last decade, side channels have been widely exploited, focusing mostly on information disclosure. In this paper, we show that despite encryption, targeted side channel attacks on encrypted packets may lead to information disclosure of functionality over encrypted TCP/IP running MODBUS RTU protocol. Specifically, we found that any web interface that implements unpadded encryption with specific block cipher modes (e.g. CFB, GCM, OFB and CTR modes) or most stream ciphers (e.g. RC4) to send MODBUS functions over TCP/IP is subject to differential packet size attacks. A major cause for this attack is the very small number of potential MODBUS commands and differences in packet sizes, which leads to distinctions in traffic. To support the importance of these findings, we conducted research on Shodan looking for relevant devices with open MODBUS ports over TCP/IP that utilize encrypted web traffic. The result was that a significant amount of web interfaces communicate with MODBUS ports and many use unpadded ciphers and SSL with AES-GCM or RC4. We also implemented a PoC on a simulated architecture to validate our attack models.
Download

Paper Nr:	22
Title:	DRANKULA: A McEliece-like Rank Metric based Cryptosystem Implementation
Authors:	Ameera Salem Al Abdouli, Mohamed Al Ali, Emanuele Bellini, Florian Caullery, Alexandros Hasikos, Marc Manzano and Victor Mateu
Abstract:	We present and analyze the performance of DRANKULA, a McEliece-like cryptosystem implementation using rank metric instead of Hamming distance. Namely, we use the scheme proposed by Loidreau in PQCrypto 2017 using Gabidulin codes. We propose a set of carefully selected parameters and we address several nontrivial issues when porting this scheme into real-world systems as, for example, the generation of errors of a given rank. We provide the pseudo-code of the core algorithms of the cryptosystem. In addition, we also show code optimization when special instructions like Carry-less multiplications are available. Moreover, we argue how to have a practical and side-channel resistant version of the cryptosystem. We integrated the scheme in Open Quantum Safe and benchmarked it against the other schemes implemented there. Our results show that DRANKULA can be a practical alternative to other well-known quantum-safe schemes.
Download

Paper Nr:	33
Title:	On the Security of Linear Sketch Schemes against Recovering Attacks
Authors:	Takahiro Matsuda, Kenta Takahashi and Goichiro Hanaoka
Abstract:	Recently, the notion of fuzzy signature was introduced by Takahashi et al. (ACNS 2015, ACNS 2016, ePrint 2017). It is a signature scheme in which signatures can be generated using “fuzzy data” (i.e. noisy data such as biometric features) as a signing key, without using any additional user-specific data (such as a helper string in the context of fuzzy extractors). One of the main building blocks in the existing fuzzy signature schemes, is a primitive called linear sketch, which can be interpreted as a certain form of (one-way) encoding with which fuzzy data is encoded, and is used in combination with an ordinary signature scheme with certain functional and security properties, to construct a fuzzy signature scheme. Although the security of the underlying linear sketch scheme is very important for the security of the constructed fuzzy signature schemes, a linear sketch scheme is a relatively new primitive, and what security properties its definition and the existing constructions satisfy, has not been understood well. In order to deepen our understanding of this primitive, in this paper we clarify the security properties achieved by the existing linear sketch schemes. More specifically, we formalize security of a linear sketch scheme against “recovering” attacks, and then clarify that the existing linear sketch schemes achieve sufficiently strong security against them.
Download

Paper Nr:	41
Title:	A Steganogaphic Scheme for MAC-Independent Opportunistic Routing and Encoding (MORE) Protocol
Authors:	Mohamed Amine Belhamra and El Mamoun Souidi
Abstract:	In this paper we describe a distortion-less network steganographic scheme for wireless multicast communications using MORE (MAC-independent Opportunistic Routing & Encoding) Protocol. An efficient implementation protocol that can run directly on top of 802.11 for wireless Random Linear Network Coding (RLNC) settings. To do so, we take advantage on a first hand, of the transfer matrix of the protocol (i.e. the random process managing the coefficients of the linear combinations), and on a second hand, of the ability of a sender node to change its transmission range at ease, and broadcast packets to all neighbouring nodes. Specifically, we use MORE’s transfer matrix as our covert channel, where we hide secret messages in each transmission phase.
Download

Paper Nr:	43
Title:	BDABE - Blockchain-based Distributed Attribute based Encryption
Authors:	Georg Bramm, Mark Gall and Julian Schütte
Abstract:	Attribute Based Encryption (ABE) denotes asymmetric cryptographic schemes where key pairs are created for attribute owners and often applied to realize a fine-grained, cryptographic access control mechanism for outsourced data. Despite the benefits of ABE systems, there are still drawbacks when ABE systems are transformed into real world applications. Mainly, ABE systems suffer from non-efficiency or non-existence of revocation mechanisms and user key coordination problems. By introducing a consensus driven approach, we try to mitigate these issues in distributed systems. In this paper, we propose a collaborative attribute management protocol for Ciphertext-policy attribute-based encryption (CP-ABE) schemes based on our own scheme called a Blockchain-based Distributed Attribute Based Encryption (BDABE) scheme. Our construction realizes distributed issue, storage and revocation of private attribute keys by adding a consensus driven infrastructure, a blockchain. We enhance both security and efficiency of key management in distributed CP-ABE systems for the application of cloud data sharing.
Download

Paper Nr:	44
Title:	An Optimistic Fair Exchange E-commerce Protocol for Complex Transactions
Authors:	Cătălin V. Bîrjoveanu and Mirela Bîrjoveanu
Abstract:	In this paper, we define the concept of complex transaction as a combination in any form of aggregate and optional transactions. Even if there are many multi-party fair exchange protocols with applications in buying digital goods, digital signature of contracts and certified e-mail, no one can be used to solve our problem: complex transactions where a customer wants to buy several physical products from different merchants, providing fair exchange while preserving atomicity. In this paper, we propose the first fair exchange e-commerce protocol for complex transactions in that the customer wants to buy several different physical products from different merchants. Our protocol uses as building block the fair exchange internet payment protocol (FEIPS) for physical products that considers only one customer and one merchant. Also, our protocol provides effectiveness, timeliness, non-repudiation, integrity and confidentiality of data exchanged between the parties.
Download

Paper Nr:	45
Title:	An Extended Case Study about Securing Smart Home Hubs through N-version Programming
Authors:	Igor Zavalyshyn, Nuno O. Duarte and Nuno Santos
Abstract:	Given the proliferation of smart home devices and their intrinsic tendency to offload data storage and processing to cloud services, users’ privacy has never been more at stake than today. An obvious approach to mitigate this issue would be to contain that data within users’ control, leveraging already existing smart hub frameworks. However, moving the storage and computation indoors does not necessarily solve the problem completely, as the pieces of software handling that data should also be trusted. In this paper, we present a thorough study to assess whether N-version programming (NVP) is a valid approach in bootstrapping trust in these data handling modules. Because there are considerable complexity differences among the modules that process home environment data, our study addresses less complex modules that strictly follow exact specifications, as well as complex and looser modules which although not following an exact specification, compute the same high level function. Our results shed light on this complexity and show that NVP can be a viable option to securing these modules.
Download

Paper Nr:	46
Title:	Lightweight Attribute-based Encryption Supporting Access Policy Update for Cloud Assisted IoT
Authors:	Sana Belguith, Nesrine Kaaniche and Giovanni Russello
Abstract:	Cloud-assisted IoT applications are gaining an expanding interest, such that IoT devices are deployed in different distributed environments to collect and outsource sensed data to remote servers for further processing and sharing among users. On the one hand, in several applications, collected data are extremely sensitive and need to be protected before outsourcing. Generally, encryption techniques are applied at the data producer side to protect data from adversaries as well as curious cloud provider. On the other hand, sharing data among users requires fine grained access control mechanisms. To ensure both requirements, Attribute Based Encryption (ABE) has been widely applied to ensure encrypted access control to outsourced data. Although, ABE ensures fine grained access control and data confidentiality, updates of used access policies after encryption and outsourcing of data remains an open challenge. In this paper, we design PU-ABE, a new variant of key policy attribute based encryption supporting efficient access policy update that captures attributes addition and revocation to access policies. PU-ABE contributions are multifold. First, access policies involved in the encryption can be updated without requiring sharing secret keys between the cloud server and the data owners neither re-encrypting data. Second, PU-ABE ensures privacy preserving and fine grained access control to outsourced data. Third, ciphertexts received by the end-user are constant sized and independent from the number of attributes used in the access policy which affords low communication and storage costs.
Download

Paper Nr:	47
Title:	Intellectual Property Protection for Distributed Neural Networks - Towards Confidentiality of Data, Model, and Inference
Authors:	Laurent Gomez, Alberto Ibarrondo, José Márquez and Patrick Duverger
Abstract:	Capitalizing on recent advances on HPC, GPUs, GPGPUs along with the rising amounts of publicly available labeled data; (Deep) Neural Networks (NN) have and will revolutionize virtually every current application domain as well as enable novel ones such as those on recognition, autonomous, predictive, resilient, self-managed, adaptive, and evolving applications. Nevertheless, it is to point out that NN training is rather resource intensive in data, time and energy; turning the resulting trained models into valuable assets representing an Intellectual Property (IP) imperatively worth of being protected. Furthermore, in the wake of Edge computing, NNs are being progressively deployed across decentralized landscapes; as a consequence, IP owners take very seriously the protection of their NN based software products. In this paper we propose to leverage Fully Homomorphic Encryption (FHE) to protect simultaneously the IP of trained NN based software, as well as the input data and inferences. Within the context of a smart city scenario, we outline our NN model-agnostic approach, approximating and decomposing the NN operations into linearized transformations while employing a Single Instruction Multiple Data (SIMD) for vectorizing operations.
Download

Paper Nr:	49
Title:	SABE: A Selective Attribute-based Encryption for an Efficient Threshold Multi-level Access Control
Authors:	Nesrine Kaaniche and Maryline Laurent
Abstract:	With the emergence of decentralized systems and distributed infrastructures, access control to outsourced data becomes more complex, as it should be flexible and distinguishable among users with different access rights. In this paper, we present SABE, a Selective Attribute-based Encryption scheme, as a new threshold multi-level access control mechanism based on an original use of attribute based encryption schemes. Our proposal is multi-fold. First, it ensures fine-grained access control, supporting multi-security levels with respect to different granted access privileges for each outsourced data file. Second, SABE is proven secure against selective non-adaptive chosen ciphertext attacks in the generic group model. Third, our construction is proven to provide efficient processing and communication complexities, compared to most closely related schemes.
Download

Paper Nr:	50
Title:	A Blockchain based Access Control Scheme
Authors:	Maryline Laurent, Nesrine Kaaniche, Christian Le and Mathieu Vander Plaetse
Abstract:	Recent years have witnessed the trend of increasingly relying on remote and distributed infrastructures. This increased the number of reported incidents of security and privacy breaches, mainly due to the loss of data control. Towards these challenges, we propose a new access control scheme based on emerging blockchain infrastructures. Our approach relies on the use of smart auditable contracts deployed in blockchain infrastructures. Thus, it offers transparent and controlled access to outsourced data, such that malicious entities cannot process data without data owners’ authorization. In fact, the effectiveness of the authentication relies on the blockchain intrinsic properties. Moreover, an implementation of the proposed solution based on Ethereum Blockchain is presented to show the applicability of our scheme in real-world scenarios.
Download

Paper Nr:	51
Title:	Distortion-free Watermarking Scheme for Compressed Data in Columnar Database
Authors:	Waheeb Yaqub, Ibrahim Kamel and Zeyar Aung
Abstract:	Digital watermarking is an effective technique for protecting various databases against data copyright infringement, piracy, and data tampering in the columnar database. Increasing deployments of various database systems and their versatile applications have raised the need for better watermarking schemes that are tailored to the target database systems’ specific architecture. Most of the existing digital watermarking schemes do not take into consideration the side effects that watermarking might have on the database’s important characteristics such as data compression and overall performance. In this research, we propose a distortion-free fragile watermarking scheme for columnar database architecture without interfering its underlying data compression scheme and its overall performance. The proposed scheme is flexible and can be adapted to various distributions of data. We tested our proposed scheme on both synthetic and real-world data, and proved its effectiveness.
Download

Paper Nr:	54
Title:	An Efficient Privacy-preserving Recommender System for e-Healthcare Systems
Authors:	Danilo Verhaert, Majid Nateghizad and Zekeriya Erkin
Abstract:	The significant growth of medical data has necessitated the development of secure health-care recommender systems to assist people with their health-being effectively. Unfortunately, there is still a considerable gap between the performance of secure recommender systems and normal versions. In this work, we develop a privacy-preserving health-care recommendation algorithm to reduce that gap. The main strength of our contribution lies in providing a highly efficient solution, while the sensitive medical data are kept confidential. Our studies show that the runtime of our protocol is 81,5% faster than the existing implementation for small bit-lengths, and even more so for large bit-lengths.
Download

Paper Nr:	55
Title:	Anonymous Data Collection Scheme from Short Group Signatures
Authors:	Jan Hajny, Petr Dzurenda, Lukas Malina and Sara Ricci
Abstract:	Data collection schemes are used for secure and reliable data transfer from multiple remote nodes to a central unit. With the increasing importance of smart meters in energy distribution, smart house installations and various sensor networks, the need for secure data collection schemes becomes very urgent. Such schemes must provide standard security features, such as confidentiality and authenticity of transferred data, as well as novel features, such as the strong protection of user’s privacy and identification of malicious users. In this paper, we provide the full cryptographic specification of a novel scheme for secure privacy-friendly data collection that is designed for computationally restricted user devices and supports all the security, privacy-protection and inspection features. Using the scheme, data can be anonymously collected from almost all types of devices, including simple sensors and smart meters. On the other side, malicious users can be efficiently identified and revoked. Furthermore, we provide the practical results of our implementation of the scheme on embedded devices, smart phones, smart cards, smart watches, computers and servers so that the efficiency can be thoroughly evaluated on various platforms.
Download

Paper Nr:	56
Title:	Unobtrusive Psychological Profiling for Risk Analysis
Authors:	Adam Szekeres and Einar Arthur Snekkenes
Abstract:	The main objective of this exploratory study is to present how publicly observable variables reflecting individual choice can be used to construct psychological profiles suitable for predicting behavior in the context of risk analysis. For the purpose of demonstration, this study aimed at testing the hypothesis that there is a selection bias among chief executive officers (CEOs), which is manifested in their personal value structures. Values capture motivational forces that serve as guiding principles in people’s life when making decisions. From a risk management perspective, it is crucial to understand key decision maker’s motivation in order to be able to prepare against potentially undesirable behavior. Therefore the second objective of this study relates to a detailed characterization of the observed value structures among a group of CEOs. To accomplish these goals a non-obtrusive data collection method is utilized that requires no direct access to individuals - the Watson Personality Insights service provided by IBM - which infers value profiles based on written or spoken text by the subjects. Results show that CEO value profiles differ from the general population in several ways. Furthermore, slight differences were identified between the profiles of CEOs associated with moral hazard and CEOs not associated with it. These findings indicate that there is a meaningful selection bias and these results contribute to the real-world applicability of the CIRA method of risk analysis.
Download

Paper Nr:	63
Title:	Fuzzy Logic based Model for Energy Consumption Trust Estimation in Electric Vehicular Networks
Authors:	Ilhem Souissi, Nadia Ben Azzouna, Tahar Berradia and Lamjed Ben Said
Abstract:	Electric vehicles emerged new applications that are strongly related to the energy constraints such as the identification of the optimal path toward the vehicle’s destination or toward the nearest recharging station, selection of the path where vehicle recovers extra energy, estimation of the need to recharge according to the actual battery state and the traffic state, etc. However, in electric vehicular networks, vehicles may provide wrong energy information due to sensors’ failure, selfish or malicious reasons. Therefore, energy-related information trustworthiness needs to be evaluated in order to preserve the quality of the presented applications. In this paper, we address the energy-related information trustworthiness to discriminate between credible and erroneous values. Therefore, we propose a new fuzzy-based trust model that deals with the information uncertainties. This model aims at detecting the wrong energy information that mismatches with the vehicle’s behavior and ensure that only trustworthy and plausible energy-information are handled. Results prove the performance of the proposed model and its capabilities to deal with several kinds of threats in different traffic densities with high precision.
Download

Paper Nr:	69
Title:	Static Security Certification of Programs via Dynamic Labelling
Authors:	Sandip Ghosal, R. K. Shyamasundar and N. V. Narendra Kumar
Abstract:	Programming languages are pivotal for building robust secure systems, and language-based security platforms are very much in demand for building secure systems. In this paper, we explore an approach for static security certification of a class of imperative programs using a hybrid of static and dynamic labelling via information flow control (IFC) models. First, we illustrate an analysis of some benchmark programs using static (or immutable) labelling approaches, and discuss possible labelling of the principals/subjects and objects using a combination of mutable and immutable labelling, and discuss their impact on the precision of the underlying certification. Then, we describe our approach of static certification of programs based on a combination of mutable and immutable (i.e., hybrid) labelling; our labelling generates labels from the given set of initial labels (some of which could be immutable) and the constraints require to be satisfied for a program to be information-flow secure as defined by Denning et. al.(Denning and Denning, 1977). Our labelling algorithm is shown to be sound with respect to non-interference, and we further establish the termination of the algorithm. Our proposed labelling approach is more security precise than the other labelling approaches in the literature. It may be pointed out that the labels are generated succinctly without unnecessarily blowing up the label space. As the method is not tied to any particular security model, it provides a sound basis for the security certification of programs for information-flow security. We compare the precision realizable by our approach with those in the literature. The comparison of our approach also brings to light an intrinsic property of our labelling algorithm that could be effectively used for non-deterministic or concurrent programs.
Download

Paper Nr:	70
Title:	Verifying the Enforcement and Effectiveness of Network Lateral Movement Resistance Techniques
Authors:	Mohammed Noraden Alsaleh, Ehab Al-Shaer and Qi Duan
Abstract:	As the sophistication of cyber-attacks is ever increasing, cyber breaches become inevitable and their consequences are often highly damaging. Isolation and diversity are key techniques of cyber resilience for creating built-in resistance in cyber networks against the lateral movement of multi-step Advanced Persistent Threats (APTs) and epidemic attacks. However, the key unaddressed challenges are (1) how to ensure that specific isolation and diversity configurations are sufficient to prevent the lateral movement of attacks and (2) how to verify that such configurations are enforced safely despite the complex inter-dependency between cyber components. In this paper, we address these challenges by developing formal models and properties to verify the effectiveness and enforceability of proactive cyber resistance techniques. We present a bounded model checking approach based on satisfiability Modulo theories (SMT) for OpenFlow software defined networks (SDNs). We verify that given resistance techniques are enforced in a way that does not violate the cyber mission requirements and we evaluate the configuration resistance based on user-defined resistance properties.
Download

Paper Nr:	73
Title:	Algebraic Side-Channel Attacks on Masked Implementations of AES
Authors:	Luk Bettale, Emmanuelle Dottax and Mailody Ramphort
Abstract:	Algebraic Side-Channel Attacks allow an attacker to exploit single trace leakages in an automated way. The literature mentions the fact that these attacks have the potential to defeat the masking countermeasure. Though, this context has not been explored a lot and the lack of experiments makes it difficult to evaluate the feasibility of these attacks in practice. We set-up a framework to perform such attacks and made new experiments on state-of-the-art masking schemes. We focused on the number of leakages required for an attack, and considered realistic leakage points. Our experiments and analyses allow to precisely estimate the minimal number of leakages required for a successful key recovery.
Download

Paper Nr:	74
Title:	Efficient Index-based Search Protocols for Encrypted Databases
Authors:	Majid Nateghizad, Zekeriya Erkin and Reginald L. Lagendijk
Abstract:	It is astonishing to see more and more services built on user-oriented data, providing numerous tools to improve ones daily life. Nowadays, data collected from numerous sources is being used to monitor daily activities, i.e., monitoring patients. These innovations allow for more cost-efficient and scalable solutions. Nevertheless, these types of services can pose a threat to the privacy of individuals due to the possibility of leaking highly privacy-sensitive data. Therefore, it is essential to design such systems in a privacy-preserving manner. Inspired by a real-life project in the health-care domain, we propose to secure the data using encryption, while enabling the involved parties to run queries directly on this encrypted data. A vital component of such a system is searching for specific data entries within a large dataset. In this work, we present two cryptographic protocols that complete such a query by creating an encrypted vector in a simulation secure way. These vectors consist of a 1 for intended database entry, whereas other items would be represented as a 0. By creating index tables before the execution of the queries, it has become possible to execute a search query with high performance. As we show in our analyses, it takes less than one second to find the matching encrypted data-entry within a database with 100K records. Our proposal is generic, can be applied to several application domains, and practically compared to similar works.
Download

Paper Nr:	76
Title:	A Quantitative Framework to Model Advanced Persistent Threats
Authors:	Luan Huy Pham, Massimiliano Albanese and Benjamin W. Priest
Abstract:	In recent years, Advanced Persistent Threats (APTs) have emerged as increasingly sophisticated cyber attacks, often waged by state actors or other hostile organizations against high-profile targets. APT actors employ a diversified set of sophisticated tools and advanced capabilities to penetrate target systems, evade detection, and maintain a foothold within compromised systems for extended periods of time. Stealth and persistence enable APT actors to conduct long-term espionage and sabotage operations. Despite significant efforts to develop APT detection and mitigation capabilities, the stealthy nature of APTs poses significant challenges, and defending from such threats is still an open research problem. In particular, quantitative models to capture how APTs may create and maintain a foothold within a target system are lacking. To address this gap, we propose a quantitative framework to (i) assess the cost incurred by APT actors to compromise and persist within a target system; (ii) estimate the value they gain over time by persisting in the system; (iii) simulate how the footprint of an APT evolves over time when, to maintain stealth, attackers have constraints on the volume of potentially detectable activity they can engage in. We also propose a preliminary defender model, and results from the evaluation show that our approach is promising, thus encouraging further research in this direction.
Download

Short Papers

Paper Nr:	9
Title:	Hash-Based Signature with Constant-Sum Fingerprinting and Partial Construction of Hash Chains
Authors:	Yuichi Kaji, Jason Paul Cruz and Yoshio Yatani
Abstract:	A hash-based one-time signature (OTS) is a light-weight and quantum-immune alternative to conventional digital signature schemes. This study focuses on the possible use of hash-based OTS in a wireless sensor network and investigates techniques that improve the efficiency of Winternitz OTS. The improvement is made by two means; introduction of a novel fingerprinting function and partial construction of hash chains. The techniques contribute to a better trade-off between signature size and computational complexity, and they can be used together with other improvement techniques on Winternitz OTS. This study also shows that the proposed OTS is strongly existentially unforgeable if fingerprinting and hash functions are chosen appropriately.
Download

Paper Nr:	11
Title:	Big Data Anonymization Requirements vs Privacy Models
Authors:	Josep Domingo-Ferrer
Abstract:	The big data explosion opens unprecedented analysis and inference possibilities that may even enable modeling the world and forecasting its evolution with great accuracy. The dark side of such a data bounty is that it complicates the preservation of individual privacy: a substantial part of big data is obtained from the digital track of our activity. We focus here on the privacy of subjects on whom big data are collected. Unless anonymization approaches are found that are suitable for big data, the following extreme positions will become more and more common: nihilists, who claim that privacy is dead in the big data world, and fundamentalists, who want privacy even at the cost of sacrificing big data analysis. In this article we identify requirements that should be satisfied by privacy models to be applicable to big data. We then examine how well the two main privacy models (k-anonymity and ε-differential privacy) satisfy those requirements. Neither model is entirely satisfactory, although k-anonymity seems more amenable to big data protection. Finally, we highlight connections between the previous two privacy models and other privacy models that might result in synergies between them in order to tackle big data: the principles underlying all those models are deniability and permutation. Future research attempting to adapt the current privacy models for big data and/or design new models will have to adhere to those two underlying principles. As a side result, the above inter-model connections allow gauging what is the actual protection afforded by differential privacy when ε is not sufficiently small.
Download

Paper Nr:	19
Title:	Applying Deep Learning Techniques to CAN Bus Attacks for Supporting Identification and Analysis Tasks
Authors:	Alfredo Cuzzocrea, Fabio Martinelli and Francesco Mercaldo
Abstract:	Cars are no longer only mechanical vehicles. As a matter of fact, they contain an ecosystem of several electronic units able to exchange data using the serial communication provided by the CAN bus. CAN packets are broadcasted to all components and it is in charge of the single component to decide whether it is the receiver of the packets, in addition the protocol does not provide source identification of authentication: these are the reasons why the CAN bus is exposed to attacks. In this paper we design a method to identify CAN bus targeting attacks. The proposed method takes into account deep learning algorithms i.e., the Neural Network and the MultiLayer Perception. We evaluated our method using CAN messages gathered from a real vehicle injecting four different attacks (i.e. dos, fuzzy, gear and rpm), obtaining encouraging results in attacks identification.
Download

Paper Nr:	24
Title:	Privacy-preserving Distributed Access Control for Medical Data
Authors:	Christian Maulany, Majid Nateghizad, Bart Mennink and Zekeriya Erkin
Abstract:	The availability of wearable devices such as smartwatches and fitness trackers are a recent development. Among other things, these devices can measure the activity and vital signs of their wearers. As the types of data these devices are able to gather increases the potential for them to be used as a source of data grows. This calls for a secure method of controlling the digital exchange of medical data between wearables and healthcare providers, and healthcare providers in general. By enforcing the exchange of data to go through a central authority, a patient can be given more control over who is able to access his medical data. This central authority is then given the task of monitoring access and ensuring that all access requirements are met. Though effective, this solution relies on a highly trusted central authority. In this work, we propose a scheme using Polymorphic Encryption and Pseudonomysation and Secret Sharing to provide anonymous data storage and data exchange. Our proposal removes the need for a central authority, and instead uses a group of authorities, of which a quorum is needed to facilitate the exchange of data.
Download

Paper Nr:	25
Title:	Theoretical Security Evaluation of the Human Semantic Authentication Protocol
Authors:	Hélène Le Bouder, Gaël Thomas, Edwin Bourget, Mariem Graa, Nora Cuppens and Jean-Louis Lanet
Abstract:	Using a secret password or a PIN (Personal Identification Number) code is a common way to authenticate a user. Unfortunately this protection does not resist an attacker that can eavesdrop on the user (shoulder surfing attack). The Human Semantic Authentication (HSA) protocol proposes a solution against this attack. The main idea is to have concept passwords and to propose images that the user must correctly select in order to authenticate. A concept can be represented by different pictures, so one observation is not enough to retrieve the secret. In this paper, the security/efficiency trade-off in the HSA protocol is evaluated. A probabilistic approach is used. Under the assumption that the picture/concept database is known to the attacker, we show that HSA is barely more resistant to shoulder surfing attacks than a PIN code. More precisely we show that the probability to retrieve the secret concept password increases rapidly with the number of observations. Moreover the constraints on the size of the picture/concept database are very difficult to satisfy in practice.
Download

Paper Nr:	26
Title:	A Quantum-Secure Niederreiter Cryptosystem using Quasi-Cyclic Codes
Authors:	Upendra Kapshikar and Ayan Mahalanobis
Abstract:	In this paper, we describe a new variant of Niederreiter cryptosystem over quasi-cyclic codes of rate m−1 m . We show that the proposed cryptosystem is quantum secure, in particular, it resists quantum Fourier sampling and has better transmission rate with smaller keys compared to the one using binary Goppa codes.
Download

Paper Nr:	27
Title:	Secure Grouping and Aggregation with MapReduce
Authors:	Radu Ciucanu, Matthieu Giraud, Pascal Lafourcade and Lihua Ye
Abstract:	MapReduce programming paradigm allows to process big data sets in parallel on a large cluster. We focus on a scenario where the data owner outsources her data on an honest-but-curious server. Our aim is to evaluate grouping and aggregation with SUM, COUNT, AVG, MIN, and MAX operations for an authorized user. For each of these five operations, we assume that the public cloud provider and the user do not collude i.e., the public cloud does not know the secret key of the user. We prove the security of our approach for each operation.
Download

Paper Nr:	31
Title:	Cost-effective Private Linear Key Agreement with Adaptive CCA Security from Prime Order Multilinear Maps and Tracing Traitors
Authors:	Mriganka Mandal and Ratna Dutta
Abstract:	Private linear key agreement (PLKA) enables a group of users to agree upon a common session key in a broadcast encryption (BE) scenario, while traitor tracing (TT) system allows a tracer to identify conspiracy of a troop of colluding pirate users. This paper introduces a key encapsulation mechanism in BE that provides the functionalities of both PLKA and TT in a unified cost-effective primitive. Our PLKA based traitor tracing offers a solution to the problem of achieving full collusion resistance property and public traceability simultaneously with significant efficiency and storage compared to a sequential improvement of the PLKA based traitor tracing systems. Our PLKA builds on a prime order multilinear group setting employing indistinguishability obfuscation (iO) and pseudorandom function (PRF). The resulting scheme has a fair communication, storage and computational efficiency compared to that of composite order groups. Our PLKA is adaptively chosen ciphertext attack (CCA)-secure and based on the hardness of the multilinear assumption, namely, the Decisional Hybrid Diffie-Hellman Exponent (DHDHE) assumption in standard model and so far a plausible improvement in the literature. More precisely, our PLKA design significantly reduces the ciphertext size, public parameter size and user secret key size. We frame a traitor tracing algorithm with shorter running time which can be executed publicly.
Download

Paper Nr:	36
Title:	Combining Design by Contract and Inference Rules of Programming Logic towards Software Reliability
Authors:	Nuha Aldausari, Cui Zhang and Jun Dai
Abstract:	Detecting errors in software products is very important to software reliability because many security vulnerabilities are caused by the defects in software. Design by contract (DBC) is an effective methodology that dynamically checks whether a program meets its specifications, which are also called design contracts, and whether there are errors in the program. The contracts for object-oriented programs are defined in terms of preconditions and postconditions for methods as well as invariants for classes. However, if there is an error in a large piece of code that has a design contract, it is still difficult to identify the exact location of that error. To address this issue, a tool named Subcontractor has been developed. Subcontractor is implemented in Eclipse environment using libraries such as Java Development Tools (JDT), Plugin Development Environment (PDE), and JFace. The tool Subcontractor is built upon an open source DBC tool, OpenJML Runtime Assertion Checking (RAC), which is a tool that verifies specifications at runtime. Subcontractor combines this DBC tool with inference rules of program logic for if-statements and loop-statements to automatically generate subcontracts for programs. When the programs, with subcontracts automatically generated and inserted by Subcontractor, are verified using OpenJML Runtime Assertion Checking (RAC), identification of errors in the code can be facilitated.
Download

Paper Nr:	38
Title:	The AVARE PATRON - A Holistic Privacy Approach for the Internet of Things
Authors:	Christoph Stach, Sascha Alpers, Stefanie Betz, Frank Dürr, Andreas Fritsch, Kai Mindermann, Saravana Murthy Palanisamy, Gunther Schiefer, Manuela Wagner, Bernhard Mitschang, Andreas Oberweis and Stefan Wagner
Abstract:	Applications for the Internet of Things are becoming increasingly popular. Due to the large amount of available context data, such applications can be used effectively in many domains. By interlinking these data and analyzing them, it is possible to gather a lot of knowledge about a user. Therefore, these applications pose a threat to privacy. In this paper, we illustrate this threat by looking at a real-world application scenario. Current state of the art focuses on privacy mechanisms either for Smart Things or for big data processing systems. However, our studies show that for a comprehensive privacy protection a holistic view on these applications is required. Therefore, we describe how to combine two promising privacy approaches from both categories, namely AVARE and PATRON. Evaluation results confirm the thereby achieved synergy effects.
Download

Paper Nr:	57
Title:	Spoof-of-Work - Evaluating Device Authorisation in Mobile Mining Processes
Authors:	Dominik Ziegler, Bernd Prünster, Marsalek Alexander and Christian Kollmann
Abstract:	Mobile mining of cryptocurrencies, without relying on CPU-heavy computations, is a novel attempt to foster adoption of a token. However, this approach leaves room for attacks. In this paper, we perform a thorough analysis of Electroneum, one of the first cryptocurrencies to introduce a mobile mining process. We show that mobile mining, without relying on a consensus algorithm (e.g. Proof-Of-Work), is not feasible on current generation Android smartphones. We further demonstrate that the security mechanisms employed by Electroneum can be circumvented and that mobile mining can be exploited successfully. Based on this analysis, we discuss several practical countermeasures, which can be applied on smartphones to enforce device authorisation and prevent abuse.
Download

Paper Nr:	64
Title:	Analysis of Man-In-The-Middle of Attack on Bitcoin Address
Authors:	Abba Garba, Zhi Guan, Anran Li and Zhong Chen
Abstract:	In cryptocurrency systems such as Bitcoin, user use string-hashes from public keys, that look like random strings, to receive payments. Unfortunately, there is no authority to verify user identity. Normally a user cannot prove the address binds with her real identity. Technically, a victim could get a tampered address and pay coins to this tampered address. In this paper, we report on the large-scale of Bitcoin addresses, including secured and unsecured merchants websites, exchange platforms, online chat forums, social channels and blogs. We illustrate our data through a range of graphs based on transaction distribution. Our analysis consists of crawling many web pages related to cryptocurrency transactions. We scrap the web pages by persing 10,0045 bitcoin addresses related to merchants or individuals that receive bitcoin in their websites directly. We determine how many addresses are subject to Man-in-the-middle of attack in our analysis. We review some countermeasures from best practices of Bitcoin transactions.
Download

Paper Nr:	79
Title:	DBStore: A TrustZone-backed Database Management System for Mobile Applications
Authors:	Pedro S. Ribeiro, Nuno Santos and Nuno O. Duarte
Abstract:	ARM TrustZone technology has been widely use to enhance the security of mobile devices by allowing for the creation of Trusted Execution Environments (TEE). However, existing TEE solutions tend to struggle with a trade-off between security and functionality: they either expose a larger attack surface to favor dynamic code loading inside the TEE, or depend on the static deployment of trusted services inside the TEE which is more cumbersome and error-prone to maintain. This paper proposes the deployment of a trusted service which aims to serve a broad range of applications by offering secure database storage capability inside the TEE. We present DBStore, a TrustZone-backed database management system for mobile applications. Applications can create and operate DBStore databases inside a TEE that provides confidentiality and integrity protection of databases and respective SQL queries without depending on the integrity of the mobile OS. We present a case study where DBStore is used in order to thwart existing attacks in HCE-based mobile ticketing applications.
Download

Paper Nr:	82
Title:	Microcontroller Implementation of Simultaneous Protections Against Observation and Perturbation Attacks for ECC
Authors:	Audrey Lucas and Arnaud Tisserand
Abstract:	Scalar multiplication is the main operation in elliptic curve cryptography. In embedded systems, it is vulnerable to both observation and perturbation attacks. Most of protections only target one of these two types of attacks. Unfortunately, many protections against one type of attack may reduce the protection against the other one. In this paper, we simultaneously deal with protections against both types of attacks. Two countermeasures are presented for scalar multiplication and implemented on a Cortex-M0 microcontroller. The first one protects finite field operations over point coordinates. The second one protects the scalar (or key) bits.
Download

Paper Nr:	83
Title:	Malware Detection in PDF Files using Machine Learning
Authors:	Bonan Cuan, Aliénor Damien, Claire Delaplace and Mathieu Valois
Abstract:	We present how we used machine learning techniques to detect malicious behaviours in PDF files. At this aim, we first set up a SVM (Support Machine Vector) classifier that was able to detect 99.7% of malware. However, this classifier was easy to lure with malicious PDF files, which we forged to make them look like clean ones. For instance, we implemented a gradient-descent attack to evade this SVM. This attack was almost 100% successful. Next, we provided counter-measures to this attack: a more elaborated features selection and the use of a threshold allowed us to stop up to 99.99% of this attack. Finally, using adversarial learning techniques, we were able to prevent gradient-descent attacks by iteratively feeding the SVM with malicious forged PDF files. We found that after 3 iterations, every gradient-descent forged PDF file were detected, completely preventing the attack.
Download

Paper Nr:	92
Title:	Blind PDF Document Watermarking Robust Against PCA and ICA Attacks
Authors:	Makram W. Hatoum, Rony Darazi and Jean-François Couchot
Abstract:	Spread Transform Dither Modulation (STDM) is a blind watermarking scheme used for its high robustness against re-quantization and random noise attacks. It has been applied mainly on images, speech, and PDF documents. The key of this scheme is the projection vector aiming at spreading the embedded message over a set of cover elements. However, it has been recently shown that such a key vector can be estimated thanks to Blind Source Separation (BSS) techniques, e.g. Principal Component Analysis (PCA) and Independent Component Analysis (ICA). This security breach can be harnessed by an opponent to copy, remove, or modify the embedded watermark. In this position paper, a CAR-STDM (Component Analysis Resistant-STDM) is designed and its application on PDF documents is presented. The security is guaranteed by the use of a cryptographically secure number generator, preventing algebraic approaches (as BSS ones) from finding the key. First experimental results show that the Secure-STDM achieves the security against the aforementioned BSS techniques. It is further shown that CAR-STDM preserves its robustness against AWGN and Salt&Peper attacks, and keeps furthermore its transparency.
Download

Paper Nr:	95
Title:	Blockchain for IoT: The Challenges and a Way Forward
Authors:	Imran Makhdoom, Mehran Abolhasan and Wei Ni
Abstract:	Bitcoin has revolutionized the decentralized payment system by excluding the need for a trusted third party, reducing the transaction (TX) fee and time involved in TX confirmation as compared to a conventional banking system. The underlying technology of Bitcoin is Blockchain, which was initially designed for financial TXs only. However, due to its decentralized architecture, fault tolerance and cryptographic security benefits such as user anonymity, data integrity and authentication, researchers and security analysts around the world are focusing on the Blockchain to resolve security and privacy issues of IoT. But at the same time, default limitations of Blockchain, such as latency in transaction confirmation, scalability concerning Blockchain size and network expansion, lack of IoT-centric transaction validation rules, the absence of IoT-focused consensus protocols and insecure device integration are required to be addressed before it can be used securely and efficiently in an IoT environment. Therefore, in this paper we analyze some of the existing consensus protocols used in various Blockchain-based applications, with a focus on investigating significant limitations in TX (Transaction) validation and consensus mechanism that make them inappropriate to be implemented in Blockchain-based IoT systems. We also propose a way forward to address these issues.
Download

Paper Nr:	4
Title:	A Machine Learning Approach for Privacy-preservation in E-business Applications
Authors:	Fatemeh Amiri, Gerald Quirchmayr and Peter Kieseberg
Abstract:	This paper aims at identifying and presenting useful solutions to close the privacy gaps in some definite data mining tasks with three primary goals. The overarching aim is to keep efficiency and accuracy of data mining tasks that handle the operations while trying to improve privacy. Specifically, we demonstrate that a machine learning methodology is an appropriate choice to preserve privacy in big data. As core contribution we propose a model consisting of several representative efficient methods for privacy-preserving computations that can be used to support data mining. The planned outcomes and contributions of this paper will be a set of improved methods for privacy-preserving soft-computing based clustering in distributed environments for e-business applications. The proposed model demonstrates that soft computing methods can lead to novel results not only to promote the privacy protection, but also for retaining performance and accuracy of regular operations, especially in online business applications.
Download

Paper Nr:	12
Title:	Towards an Enhanced Security Data Analytic Platform
Authors:	Gustavo Gonzalez-Granadillo, Susana Gonzalez-Zarzosa and Mario Faiella
Abstract:	We present in this paper a Cross-Layer Security Information and Event Management tool (herein after denoted as XL-SIEM) as an enhanced security data analytics platform with added high-performance correlation engine able to raise alarms from a business perspective considering different events collected at different layers. The platform is composed of a set of distributed agents, responsible for the event collection, normalization and transfer of data; an engine, responsible for the filtering, aggregation, and correlation of the events collected by the agents, as well as the generation of alarms; a database, responsible of the data storage; and a dashboard, responsible for the data visualization in the web graphical interface. The proposed platform has been deployed on top of the open-source SIEM OSSIM (AlienVault) providing enhanced features compared to current open-source solutions, in particular associated to data sources, correlation engine, visualization, and reaction capabilities. A testbed implementation is described to show the integration and applicability of the tool over a security infrastructure.
Download

Paper Nr:	13
Title:	Binary Edwards Curves for Intrinsically Secure ECC Implementations for the IoT
Authors:	Antoine Loiseau and Jacques J. A. Fournier
Abstract:	Even if recent advances in public key cryptography tend to focus on algorithms able to survive the post quantum era, at present, there is an urgent need to propose fast, low power and securely implemented cryptography to address the immediate security challenges of the IoT. In this document, we present a new set of Binary Edwards Curves which have been defined to achieve the highest security levels (up to 284-bit security level) and whose parameters have been defined to fit IoT devices embedding 32-bit general purpose processors. We optimized the choice of the point generator with the w-coordinate to save a multiplication in the addition and doubling formulae. We manage to compute one step of the Montgomery Ladder in 4 multiplications and 4 squares. On top of the performance benefits, cryptography over such curves have some intrinsic security properties against physical attacks.
Download

Paper Nr:	16
Title:	A Flexible Framework for Rogue Access Point Detection
Authors:	Ricardo Gonçalves, Manuel Eduardo Correia and Pedro Brandão
Abstract:	The society’s requirement for constant connectivity, leads to the need for an increasing number of available Wi-Fi Access Points (APs). These can be located almost everywhere: schools, coffee shops, shopping malls, airports, trains, buses. This proliferation raises problems of trustworthiness and cost-effective difficulties for verifying such security. In order to address these issues, it is necessary to detect effectively Rogue Access Points (RAPs). There are open source solutions and others developed within enterprises for commercial purposes. Relative to the latter, it has become obvious that they are not accessible to everyone due to their high costs, and the former do not address all the types of RAPs. In this paper, we research these solutions and do a thorough survey study of the most commonly used and recent Wi-Fi type of attacks. Based on this knowledge we developed a solution to detect RAPs, which covers the most commonly known attacks. This proposed solution, is a modular framework composed of Scanners, Detectors and Actuators, which are responsible for scanning for available APs, apply a set of heuristics to detect them and apply a countermeasure mechanism.
Download

Paper Nr:	18
Title:	Holistic Database Encryption
Authors:	Walid Rjaibi
Abstract:	Encryption is a key technical control for safeguarding sensitive data against internal and external threats. It is also a requirement for complying with several industry standards and government regulations. While Transport Layer Security (TLS) is widely accepted as the standard solution for encrypting data in transit, no single solution has achieved similar status for encrypting data at rest. This is particularly true for database encryption where current approaches are forcing organizations to compromise either on the security side or on the database side. In this paper, we discuss the design and implementation of a holistic database encryption approach which allows organizations to meet their security and compliance requirements without having to sacrifice any critical database or security properties.
Download

Paper Nr:	39
Title:	KAuth: A Strong Single Sign-On Service based on PKI
Authors:	Panayiotis Charalambous, Marios Karapetris and Elias Athanasopoulos
Abstract:	We deploy PKI for human authentication. We use a publicly available infrastructure, namely Keybase, for managing public-key pairs across devices. In addition, Keybase offers us several features for identifying users in social networks and a login-to-Keybase process which is password-less, meaning that authentication takes place using digital signatures produced by an Elliptic Curve (EC) cryptosystem. By using Keybase, we minimize the required cryptographic keys to the absolute minimum: one. We transform Keybase to a Single Sign-On (SSO) service which can vet users for using other services, exactly as it happens now with very popular, but entirely password-based, services. We implement two authentication schemes based on Keybase, KAuth and KAuth+, and we evaluate them using a state-of-the-art methodology.
Download

Paper Nr:	58
Title:	PAPEETE: Private, Authorized, and Fast Personal Genomic Testing
Authors:	Angelo Massimo Perillo and Emiliano De Cristofaro
Abstract:	Over the past few years, the increased affordability of genome sequencing and the ensuing availability of genetic data have propelled important progress in precision medicine and enabled a market for personal genomic testing. This yields exciting new opportunities for faster and more accurate diagnosis, personalized treatments, and genetically tailored wellness plans. At the same time, however, it also creates important security and privacy threats. In this paper, we present a new cryptographic protocol, PAPEETE (Private, Authorized, fast PErsonal gEnomic TEsting) suitable for running different types of tests on users’ genetic data—specifically, SNPs. The protocol, which builds on additively homomorphic encryption, provides privacy for both users and test facilities, and it guarantees that the test is authorized by an appropriate authority like the FDA. Finally, we present a prototype implementation of PAPEETE, and an experimental evaluation that attests to the real-world practicality of our techniques.
Download

Paper Nr:	60
Title:	Compact Lattice Signatures
Authors:	Dipayan Das and Vishal Saraswat
Abstract:	Lattice-based signature schemes have seen many improvements in the past few years with recent attempts (Güneysu et al., 2012; Ducas et al., 2013; Ducas et al., 2014; Lyubashevsky, 2016; Ducas et al., 2017) to bring lattice-based signature schemes at par with the traditional number-theoretic signature schemes. However, the trade-off between the signature size and the key size, time for a signature generation, and the practical and provable security is not necessarily the optimal. We propose a compact lattice-based signature scheme with key-size and signatures of order n, where n is the dimension of the lattice. The proposed signature scheme has faster algorithms for key generation, signing, and verification than the existing schemes. The proposed scheme is simple and is competitive with the other post-quantum signature schemes.
Download

Paper Nr:	61
Title:	A Novel Lattice Reduction Algorithm
Authors:	Dipayan Das and Vishal Saraswat
Abstract:	The quantum threats have made the traditional number theoretic cryptography weak. Lattice based cryptographic constructions are now considered as an alternative of the number theoretic cryptography which resists the quantum threats. The cryptographic hardness of the lattice based constructions mainly lies on the difficulty of solving two problems, namely, shortest vector problem (SVP) and closest vector problem (CVP). Solving these problems become “somewhat” easier if the lattice basis is almost orthogonal. Given any basis, finding an almost orthogonal basis is termed as lattice basis reduction (or simply lattice reduction). The SVP has been shown to be reducible to the CVP but the other way is still an open problem. In this paper, we work towards proving the equivalence of the CVP and SVP and provide a history of the progress made in this direction. We do a brief review of the existing lattice reduction algorithms and present a new lattice basis reduction algorithm similar to the well-studied Korkine-Zolotareff (KZ) reduction which is used frequently for decoding lattices. The proposed algorithm is very simple — it calls the shortest vector oracle for n − 1 times and outputs an almost orthogonal lattice basis with running time O(n3), n being the rank of the lattice.
Download

Paper Nr:	67
Title:	Secure Authentication Solution for Cloud-based Smart City Surveillance System
Authors:	Yosra Ben Dhief, Yacine Djemaiel, Slim Rekhis and Noureddine Boudriga
Abstract:	Within the emergence of physical monitoring systems and their use for smart cities, new security concerns arise due to the sensitive nature of the data produced by the sensor devices of these systems, which makes the smart city applications a prime target for cyber attacks. However, securing these devices is very challenging given the fact that they are resource-constrained, and deployed in physically unsecured environments. In this paper, we propose a secure scheme for cloud-based smart city surveillance system providing a lightweight sensor authentication protocol based on Physical Unclonable Functions and securing the exchanged data through the different components of this infrastructure.
Download

Paper Nr:	77
Title:	Crypto-democracy: A Decentralized Voting Scheme using Blockchain Technology
Authors:	Gautam Srivastava, Ashutosh Dhar Dwivedi and Rajani Singh
Abstract:	A fraudulent election is one of the biggest problems of the contemporaneity in most countries. Even the world’s largest democracies like India, United States, and Japan still suffer from a flawed electoral system. Vote rigging, hacking of the EVM (Electronic voting machine), election manipulation, and polling booth capturing are the major issues in the current voting system. This fallacious election process calls voting systems into question. With the current Cambridge Analytica scandal a hot topic around the world, it brings the validity of current voting systems into question. In this paper, we investigate the problems in the election voting systems and propose a novel voting model which can resolve these issues. We use a recently introduced blockchain based protocol called PHANTOM, which uses a directed acyclic graph of blocks, also known as blockDAG, to generalize the initial blockchain technology.
Download

Paper Nr:	81
Title:	Evaluating the Provision of Botnet Defences using Translational Research Concepts
Authors:	Dilara Acarali, Muttukrishnan Rajarajan and Nikos Komninos
Abstract:	Botnet research frequently draws on concepts from other fields. An example is the use of epidemiological models when studying botnet propagation, which facilitate an understanding of bot spread dynamics and the exploration of behavioural theory. Whilst the literature is rich with these models, it is lacking in work aimed at connecting the insights of theoretical research with day-to-day practice. To address this, we look at botnets through the lens of implementation science, a discipline from the field of translational research in health care, which is designed to evaluate the implementation process. In this paper, we explore key concepts of implementation science, and propose a framework-based approach to improve the provision of security measures to network entities. We demonstrate the approach using existing propagation models, and discuss the role of implementation science in malware defence.
Download

Paper Nr:	85
Title:	AVISPA versus AVANTSSAR in the Model Checking of Secure Communication Protocols
Authors:	Iulian Aciobanitei, Roxana-Ioana Guinea and Mihai-Lica Pura
Abstract:	The rapid development of Internet technologies has triggered a tremendous growth in the number of new communication protocols. The scientific community has started to involve formal techniques in their design, like formal verification. To this purpose a series of model checking tools has been developed, some mature enough to be used with confidence in industry. Such tools are AVISPA and AVANTSSAR, the latter one being an upgraded version of AVISPA and targeting the automated validation of distributed services. This paper presents a quantitative comparison between these two tools, from the point of view of secure communication protocols. As expected, the back-ends of the new AVANTSSAR are faster than the ones from AVISPA, but several exceptions have been identified, thus suggesting that there are situations in which AVISPA should be preferred.
Download

Paper Nr:	86
Title:	Lightweight Ring Signatures for Decentralized Privacy-preserving Transactions
Authors:	Lukas Malina, Jan Hajny, Petr Dzurenda and Sara Ricci
Abstract:	Current digital transactions such as e-payments and e-voting services, should be secure and also offer privacy protection to their users in order to be widely used. This work focuses on advanced cryptographic solutions based on ring signatures that provide anonymity to payment senders or to voters during e-voting. Since more and more constrained mobile devices are used in current networks, the proposed technologies and solutions should be also efficient and provide reasonable computational complexity. In this paper, we present a lightweight privacy-preserving ring signature scheme that is suitable for anonymous transactions and e-voting services run in an environment with constrained devices such as handheld devices and IoT nodes. Our solution provides the fast verification of signatures without using heavy operations such as pairings and exponentiation. Further, we add signature linkability and uniqueness in order to provide double-spending protection.
Download

Paper Nr:	91
Title:	Towards a Cloud-based System for Software Protection and Licensing
Authors:	Andreas Schaad, Bjoern Grohmann, Oliver Winzenried, Ferdinand Brasser and Ahmad-Reza Sadeghi
Abstract:	In this paper we report on the commercial background as well as resulting high-level architecture and design of a cloud-based system for cryptographic software protection and licensing. This is based on the experiences and insights gained in the context of a real-world commercial R&D project at Wibu-Systems AG, a company that specialises in software encryption and licensing solutions.
Download

Paper Nr:	93
Title:	Attribute Based Signatures: The Case for Automation
Authors:	Lalitha Muthu Subramanian and Roopa Vishwanathan
Abstract:	Attribute-based signatures (ABS) allow a signer to sign boolean predicates using certain attributes that are accepted by signing policies and are associated with signing keys. Ideally, the verifier of the signature must not obtain any other information except that a signer possessing the right attributes produced the signature. The goal of an attribute-based signature is to preserve the anonymity of the signer and the signers’ attributes, while ensuring that a signature will only pass verification if the signer possesses enough valid attributes to satisfy the given predicate. In this paper, we explore the question of what would it take to automate the construction and proofs of complex cryptographic protocols such as attribute-based signatures. We posit that, at the minimum, it would require: (1) creating new data types to support attribute-based cryptography, and more generally, pairing-based cryptography (2) creating new function templates to operate on the data types (3) creating libraries for credential bundles, which are commonly used to tie in a set of attributes to a single user (4) automating Groth-Sahai witness-indistinguishable proofs, and (5) automated functional support for constructing a general framework for attribute-based signatures.
Download

Paper Nr:	94
Title:	Implicit Data Integrity: Protecting User Data without MACs
Authors:	Michael Kounavis, David Durham, Sergej Deutsch and Saeedeh Komijani
Abstract:	We address the problem of detecting data corruption, without producing, storing or verifying mathematical summaries of the content, as it is typically done today. Data corruption may be either due to natural means or due to the malicious modification of content by some attacker or malware. Today, data corruption detection is supported by producing and using security metadata such as Message Authentication Codes (MACs), Integrity Check Values (ICVs), checksums etc. The methodology we study, called ‘implicit data integrity’ avoids the use of such metadata. It supports the detection of corruption in a novel way based on the observation that regular unencrypted user data typically exhibit patterns. When some encrypted content becomes corrupted and is decrypted, it may no longer exhibit patterns. It is the absence or presence of patterns in decrypted content which denotes whether some content is modified or not. We present a number of pattern detectors and algorithms which can successfully support implicit data integrity at quantifiable security levels. We also demonstrate that our patterns and algorithms can characterize the overwhelming majority of client and server workload data. We present security analysis and performance results coming from over 111 million representative client workload cache lines and 1.47 billion representative server workload cache lines. We also present synthesis results showing the efficiency of the hardware implementations of some of our algorithms.
Download

Paper Nr:	97
Title:	Towards Efficient Software Protection Obeying Kerckhoffs’s Principle using Tamper-proof Hardware
Authors:	Brandon Broadnax, Matthias Huber, Bernhard Löwe, Jörn Müller-Quade and Patrik Scheidecker
Abstract:	We propose the first software protection scheme obeying Kerckhoffs’s principle that is suited for practical implementation. Previous schemes have either been closed source or too inefficient to be considered practically viable. A key technique of our scheme is to partition the software in such a way that a hacker who knows a set of parts cannot learn additional ones. To achieve a partition with this property, our scheme exploits the domain knowledge that is necessary to create the software as well as the inherent complexity of the software’s code. If a software is sufficiently complex to admit such a partition then we can prove that there are no successful attack strategies on our scheme other than storing every line of code that has been executed.
Download

Paper Nr:	100
Title:	Learning Plaintext in Galbraith’s LWE Cryptosystem
Authors:	Tikaram Sanyashi, Sreyans Nahata, Rushang Dhanesha and Bernard Menezes
Abstract:	Unlike many widely used cryptosytems, Learning with Errors (LWE) - based cryptosystems are known to be invulnerable to quantum computers. Galbraith’s Binary LWE (GB-LWE) was proposed to reduce the large key size of the original LWE scheme by over two orders of magnitude. In GB-LWE, recovering the plaintext from the ciphertext involves solving for the binary vector x in the equation xA = b (A, a 640×256 binary matrix and b, a 256 element integer vector are knowns). Previously, lattice-based attacks on binary matrices larger than 400 × 256 were found to be infeasible. Linear programming was proposed and shown to handle significantly larger matrices but its success rate for 640 × 256 matrices was found to be negligible. Our strategy involves identification of regimes L, M and H within the output (based on LP relaxation) where the mis-prediction rates are low, medium or high respectively. Bits in the output vector are guessed and removed to create and solve a reduced instance. We report extensive experimental results on prediction accuracy and success probability as a function of number of bits removed in L, M and H. We identify trade-offs between lower execution time and greater probability of success. Our success probability is much higher than previous efforts and its execution time of 1 day with 150 cores is a partial response to the challenge posed in (Galbraith, 2013) to solve a random 640 × 256 instance using “current computing facilities in less than a year”.
Download

Paper Nr:	101
Title:	Phylogenetic Analysis for Ransomware Detection and Classification into Families
Authors:	Fabio Martinelli, Francesco Mercaldo, Christina Michailidou and Andrea Saracino
Abstract:	The widespread of ransomware experienced in the last years has been caused also by the ability of attackers to introduce changes and mutations that make the malware hard to identify from antimalware software. In this paper we propose a two-phase method based on machine learning on API-level analysis aimed (i) to effectively detect ransomware despite the applied techniques for obfuscation and introduced variations, (ii) to provide a tool for security analysts to track phylogenetic relationships exploiting the binary tree obtained by the classification analysis. We preliminary experimented the proposed method on real-world ransomware applications belonging to three widespread families (i.e., petya, badrabbit and wannacry), obtaining encouraging results in ransomware detection and family identification. A discussion about the ransomware-related phylogenetic relationships is also provided.

Paper Nr:	102
Title:	Blockchain-based Consents Management for Personal Data Processing in the IoT Ecosystem
Authors:	Konstantinos Rantos, George Drosatos, Konstantinos Demertzis, Christos Ilioudis and Alexandros Papanikolaou
Abstract:	In the Internet of Things (IoT) ecosystem the volume of data generated by devices in the user’s environment is constantly increasing and becoming of particular value. In such an environment the average user is bound to face considerable difficulties in understanding the size and scope of his/her collected data. However, the provisions of the European General Data Protection Regulation (GDPR) require data subjects to be able to control their personal data, be informed and consent to its processing in an intelligible manner. This paper proposes ADVOCATE, a framework that facilitates GDPR-compliant processing of personal data in IoT environments. The present work aims to assist stakeholders, i.e. Data Controllers and Processors, satisfy GDPR requirements, such as informing data subjects in a transparent and unambiguous manner about the data they will manage, the processing purposes and periods. Respectively, data subjects will be promptly and comprehensively informed about any processing requests addressed to them, create and edit processing policies, exercise their rights in access, correction, deletion, restriction and opposition to data processing. Simultaneously, a notary service using blockchain infrastructures will ensure consents’ security and an intelligent service will inform data subjects about the quality of their consents.
Download