Liu Duan-yang,Pan Xue-zeng,Ping Ling-di

DOI: https://doi.org/10.1631/jzus.2003.0555

2003-01-01

Abstract:Distributed certification via threshold cryptography is much more secure than other ways to protect certification authority (CA)'s private key, and can tolerate some intrusions. As the original system such as ITTC, etc., is unsafe, inefficient and impracitcal in actual network environment, this paper brings up a new distributed certification scheme, which although it generates key shares concentratively, it updates key shares distributedly, and so, avoids single-point failure like ITTC. It not only enhances robustness with Feldman verification and SSL protocol, but can also change the threshold (t, k) flexibly and robustly, and so, is much more practical. In this work, the authors implement the prototype system of the new scheme and test and analyze its performance.

Alkida Balliu,Gianlorenzo D'Angelo,Pierre Fraigniaud,Dennis Olivetti

DOI: https://doi.org/10.48550/arXiv.1605.03892

2016-05-13

Abstract:In the framework of distributed network computing, it is known that, for every network predicate, each network configuration that satisfies this predicate can be proved using distributed certificates which can be verified locally. However, this requires to leak information about the identities of the nodes in the certificates, which might not be applicable in a context in which privacy is desirable. Unfortunately, it is known that if one insists on certificates independent of the node identities, then not all network predicates can be proved using distributed certificates that can be verified locally. In this paper, we prove that, for every network predicate, there is a distributed protocol satisfying the following two properties: (1) for every network configuration that is legal w.r.t. the predicate, and for any attempt by an adversary to prove the illegality of that configuration using distributed certificates, there is a locally verifiable proof that the adversary is wrong, also using distributed certificates; (2) for every network configuration that is illegal w.r.t. the predicate, there is a proof of that illegality, using distributed certificates, such that no matter the way an adversary assigns its own set of distributed certificates in an attempt to prove the legality of the configuration, the actual illegality of the configuration will be locally detected. In both cases, the certificates are independent of the identities of the nodes. These results are achieved by investigating the so-called local hierarchy of complexity classes in which the certificates do not exploit the node identities. Indeed, we give a characterization of such a hierarchy, which is of its own interest

Distributed, Parallel, and Cluster Computing,Logic in Computer Science

Nicolas Bousquet,Laurent Feuilloley,Sébastien Zeitoun

2023-12-27

Abstract:Local certification is a distributed mechanism enabling the nodes of a network to check the correctness of the current configuration, thanks to small pieces of information called certificates. For many classic global properties, like checking the acyclicity of the network, the optimal size of the certificates depends on the size of the network, $n$. In this paper, we focus on properties for which the size of the certificates does not depend on $n$ but on other parameters. We focus on three such important properties and prove tight bounds for all of them. Namely, we prove that the optimal certification size is: $\Theta(\log k)$ for $k$-colorability (and even exactly $\lceil \log k \rceil$ bits in the anonymous model while previous works had only proved a $2$-bit lower bound); $(1/2)\log t+o(\log t)$ for dominating sets at distance $t$ (an unexpected and tighter-than-usual bound) ; and $\Theta(\log \Delta)$ for perfect matching in graphs of maximum degree $\Delta$ (the first non-trivial bound parameterized by $\Delta$). We also prove some surprising upper bounds, for example, certifying the existence of a perfect matching in a planar graph can be done with only two bits. In addition, we explore various specific cases for these properties, in particular improving our understanding of the trade-off between locality of the verification and certificate size.

Distributed, Parallel, and Cluster Computing,Discrete Mathematics

Laurent Feuilloley,Jan Janoušek,Jan Matyáš Křišťan,Josef Erik Sedláček

2024-08-20

Abstract:This paper deals with local certification, specifically locally checkable proofs: given a graph property, the task is to certify whether a graph satisfies the property. The verification of this certification needs to be done locally without the knowledge of the whole graph. More precisely, a distributed algorithm, called a verifier, is executed on each vertex. The verifier observes the local neighborhood up to a constant distance and either accepts or rejects. We examine the trade-off between the visibility radius and the size of certificates. We describe a procedure that decreases the radius by encoding the neighbourhood of each vertex into its certificate. We also provide a corresponding lower bound on the required certificate size increase, showing that such an approach is close to optimal.

Distributed, Parallel, and Cluster Computing

Wei Ren,Wei Dong

DOI: https://doi.org/10.1109/infocom.2016.7524375

2016-01-01

Abstract:Network tomography is an attractive approach for inferring internal network states at edge nodes. Recently, there is a growing interest in the basic understanding of the topological conditions that ensure identifiability in a general network. Un, existing works assume an ideal network model where all network elements are reliable. In this paper, we are aiming to propose topological conditions to ensure identifiability in the presence of any k link failures (k ≥ 0), using measurement paths and cycles. We propose a novel concept called k-identifiability. We propose sufficient and necessary topological conditions to ensure k-identifiability. Based on the established theoretical foundations, we propose two efficient polynomial-time algorithms for addressing two closely related questions. (1) Given a network with specified monitors, which links are k-identifiable? (2) Given a network and κ monitors, where should these monitors be placed such that the number of k-identifiable links is maximized? Simulation results on real ISP network topologies show the effectiveness of our algorithms.

Nicolas Bousquet,Linda Cook,Laurent Feuilloley,Théo Pierron,Sébastien Zeitoun

2024-10-04

Abstract:Detecting specific structures in a network has been a very active theme of research in distributed computing for at least a decade. In this paper, we start the study of subgraph detection from the perspective of local certification. Remember that a local certification is a distributed mechanism enabling the nodes of a network to check the correctness of the current configuration, thanks to small pieces of information called certificates. Our main question is: For a given graph $H$, what is the minimum certificate size that allows checking that the network does not contain $H$ as a (possibly induced) subgraph? We show a variety of lower and upper bounds, uncovering an interesting interplay between the optimal certificate size, the size of the forbidden subgraph, and the locality of the verification. Along the way we introduce several new technical tools, in particular what we call the \emph{layered map}, which is not specific to forbidden subgraphs and that we expect to be useful for certifying many other properties.

Distributed, Parallel, and Cluster Computing,Discrete Mathematics,Data Structures and Algorithms

Nicolas Bousquet,Laurent Feuilloley,Sébastien Zeitoun

2024-02-06

Abstract:In this work, we provide an upper bound for global certification of graph homomorphism, a generalization of graph coloring. In certification, the nodes of a network should decide if the network satisfies a given property, thanks to small pieces of information called certificates. Here, there is only one global certificate which is shared by all the nodes, and the property we want to certify is the existence of a graph homomorphism to a given graph.

Distributed, Parallel, and Cluster Computing,Data Structures and Algorithms

Oscar Defrain,Louis Esperet,Aurélie Lagoutte,Pat Morin,Jean-Florent Raymond

2024-07-02

Abstract:The goal of local certification is to locally convince the vertices of a graph $G$ that $G$ satisfies a given property. A prover assigns short certificates to the vertices of the graph, then the vertices are allowed to check their certificates and the certificates of their neighbors, and based only on this local view, they must decide whether $G$ satisfies the given property. If the graph indeed satisfies the property, all vertices must accept the instance, and otherwise at least one vertex must reject the instance (for any possible assignment of certificates). The goal is to minimize the size of the certificates. In this paper we study the local certification of geometric and topological graph classes. While it is known that in $n$-vertex graphs, planarity can be certified locally with certificates of size $O(\log n)$, we show that several closely related graph classes require certificates of size $\Omega(n)$. This includes penny graphs, unit-distance graphs, (induced) subgraphs of the square grid, 1-planar graphs, and unit-square graphs. These bounds are tight up to a constant factor and give the first known examples of hereditary (and even monotone) graph classes for which the certificates must have linear size. For unit-disk graphs we obtain a lower bound of $\Omega(n^{1-\delta})$ for any $\delta>0$ on the size of the certificates, and an upper bound of $O(n \log n)$. The lower bounds are obtained by proving rigidity properties of the considered graphs, which might be of independent interest.

Discrete Mathematics,Computational Geometry,Distributed, Parallel, and Cluster Computing,Combinatorics

Anthony Peruma,Christian D. Newman

DOI: https://doi.org/10.48550/arXiv.2302.11632

2023-02-24

Abstract:Identifier names play a significant role in program comprehension activities, with high-quality names improving developer productivity and system quality. To correct poor-quality names, developers rename identifiers to reflect their intended purpose better. However, renames do not always result in high-quality, long-lasting names; in many cases, developers perform multiple rename operations on the same identifier throughout the system's lifetime. In this paper, we report on a large-scale empirical study that examines the occurrence of identifiers undergoing multiple renames (i.e., rename chains). Our findings show the presence of rename chains in almost every project, with methods typically having more rename chains than other identifier types. Furthermore, it is usually the same developer responsible for creating all renames within a chain, with most names maintaining the same grammatical structure. Understanding rename chains can help us provide stronger advice, and targeted research, on how to craft high-quality, long-lasting identifiers.

Software Engineering

Xinyi Luo,Zhuo Xu,Kaiping Xue,Qiantong Jiang,Ruidong Li,David Wei

DOI: https://doi.org/10.1109/icdcs54860.2022.00121

2022-01-01

Abstract:As the voucher for identity, digital certificates and the public key infrastructure (PKI) system have always played a vital role to provide the authentication services. In recent years, with the increase in attacks on traditional centralized PKIs and the extensive deployment of blockchains, researchers have tried to establish blockchain-based secure decentralized PKIs and have made significant progress. Although blockchain enhances security, it brings new problems in scalability due to the inherent limitations of blockchain’s data structure and consensus mechanism, which become much severe for the massive access in the era of 5G and B5G. In this paper, we propose ScalaCert to mitigate the scalability problems of blockchain-based PKIs by utilizing redactable blockchain for "on-cert" revocation. Specifically, we utilize the redactable blockchain to record revocation information directly on the original certificate ("on-cert") and remove additional data structures such as CRL, significantly reducing storage overhead. Moreover, the combination of redactable and consortium blockchains brings a new kind of attack called deception of versions (DoV) attack. To defend against it, we design a random-block-node-check (RBNC) based freshness check mechanism. Security and performance analyses show that ScalaCert has sufficient security and effectively solves the scalability problem of the blockchain-based PKI system.

Hongwei Meng,Zhong Chen,Jian-bin Hu,Zhi Guan

DOI: https://doi.org/10.1145/2935663.2935676

2016-01-01

Abstract:In order to enable intrinsic security without the Public Key Infrastructure (PKI) deployment, flat self-certifying addresses have been involved into the future Internet architecture (FIA) designs. In contrast to deriving a self-certifying address from hashing of a correspondent prepared public key, we build up this self-certifying relationship along the reverse path using Combined Public Key (CPK). Our design develop the chain of trust embedded in the Internet name/address registration and allocation process for domains, hosts, services and content, to establish intrinsic bindings between three different identities: user-level human-readable names, network-level routable flat identifiers and the correspondent public keys. This binding connects the accountability between real-world space and network space. The use cases of our design are also given in named data networking (NDN) and identity/locator splitting network architecture, i.e. XIA and MobilityFirst. The analysis also shows that identity authentication based on CPK is capable of resource-constrained nodes in large-scale networks without scalability tradeoffs.

Pierre Fraigniaud,Pedro Montealegre,Ivan Rapaport,Ioan Todinca

DOI: https://doi.org/10.48550/arXiv.2112.03195

2021-12-07

Abstract:Distributed certification, whether it be proof-labeling schemes, locally checkable proofs, etc., deals with the issue of certifying the legality of a distributed system with respect to a given boolean predicate. A certificate is assigned to each process in the system by a non-trustable oracle, and the processes are in charge of verifying these certificates, so that two properties are satisfied: completeness, i.e., for every legal instance, there is a certificate assignment leading all processes to accept, and soundness, i.e., for every illegal instance, and for every certificate assignment, at least one process rejects. The verification of the certificates must be fast, and the certificates themselves must be small. A large quantity of results have been produced in this framework, each aiming at designing a distributed certification mechanism for specific boolean predicates. This paper presents a "meta-theorem", applying to many boolean predicates at once. Specifically, we prove that, for every boolean predicate on graphs definable in the monadic second-order (MSO) logic of graphs, there exists a distributed certification mechanism using certificates on $O(\log^2n)$ bits in $n$-node graphs of bounded treewidth, with a verification protocol involving a single round of communication between neighbors.

Distributed, Parallel, and Cluster Computing

Zhiyi Zhang,Su Yong Wong,Junxiao Shi,Davide Pesavento,Alexander Afanasyev,Lixia Zhang

DOI: https://doi.org/10.48550/arXiv.2009.09339

2020-09-20

Cryptography and Security

Abstract:Named Data Networking (NDN) secures network communications by requiring all data packets to be signed when produced. This requirement necessitates efficient and usable mechanisms to handle NDN certificate issuance and revocation, making these supporting mechanisms essential for NDN operations. In this paper, we first investigate and clarify core concepts related to NDN certificates and security design in general, and then present the model of NDN certificate management and its desired properties. We proceed with the design of a specific realization of NDN's certificate management, NDNCERT, evaluate it using a formal security analysis, and discuss the challenges in designing, implementing, and deploying the system, to share our experiences with other NDN security protocol development efforts.

Qianmu Li,Qiugan Shi,Jun Hou,Yong Qi,Hong Zhang

DOI: https://doi.org/10.1007/978-3-642-34062-8_12

2012-01-01

Abstract:With high-speed move and frequent cross-domain, the problem of certificate authority (CA) is a security bottleneck in the Satellite-Earth (S&E) Integration Network. A mobile-certificate authority Method based on PKI (Public Key Infrastructure) is proposed in this paper. Based on the RSA algorithm, the method realizes the anonymous authentication between neighboring nodes. It distributes the private key component to n nodes according to the threshold theory, and then realizes multi-node collaboration certification and dynamic permission-recovery. In addition, combining with distributed authentication and chain certification, this paper achieves distributed PKI and provides certification basis for high-speed nodes. This method frame, which is no-central, self-adaptive and traceable, could fulfill the quality of the S&E Integration Network. The experiments showed that the success rate and safety of it is much better than traditional distributed certification method. The method has far-reaching military value

M. Anisetti,Filippo Berto,C. Ardagna,E. Damiani

DOI: https://doi.org/10.1109/TNSM.2022.3165144

2022-09-01

IEEE Transactions on Network and Service Management

Abstract:Information-Centric Networking is an emerging alternative to host-centric networking designed for large-scale content distribution and stricter privacy requirements. Recent research on Information-Centric Networking focused on the protection of the network from attacks targeting the content delivery protocols, while assuming genuine content can always be retrieved from trustworthy nodes. In this paper, we depart from the assumption of the trustworthiness of network nodes and propose a novel certification methodology for information-centric networks that supports continuous security verification of non-functional properties. Our methodology provides a complete and detailed view of the network security status, increasing the trustworthiness of the network and its services. The proposed approach builds on an enhanced certification model capturing the evolution of the system over time. It also defines certification services that fully integrate with existing networks to collect evidence on the target of certification and carry out the certification process. It finally proposes two certification processes, centralized and decentralized, balancing the impact on the network and the system performance. Efficiency, performance, and soundness of our approach are experimentally evaluated in a simulated Named Data Networking (NDN) network targeting property availability.

Computer Science

Yue Fu,Rong Du,Dagang Li

DOI: https://doi.org/10.1007/978-3-030-00018-9_25

2018-01-01

Abstract:Under some applications, identity-authentication must be involved into block-chain systems. However, the introduction of traditional PKI mechanism in block-chain systems is not proper for 3 reasons: (1) a centralized certification authority (CA) represents a single point of failure in the network; (2) the numbers and locations of nodes vary in time; (3) it introduces additional centralized factors in the block-chain system that is already decentralized. For the sake of decentralization multi-CA scenario is considered to distribute CA-functionality to nodes. Further, armed with secret sharing scheme, a practical distributed CA-based PKI scheme is proposed that is well-associated with existed mechanisms (such as POW) in the original system. Finally, solutions of verification and multi-level assigning issues are constructed via verifiable secret sharing and multilevel secret sharing tools.

Chenxi Wang,William A. Wulf

DOI: https://doi.org/10.1023/A:1019199132298

2000-01-01

Abstract:Public Key Infrastructures (PKI) are important for the security of many networked systems. The current designs of PKIs often rely on a centralized key Certification Authority (CA) for the certification and distribution of keys. This centralized entity poses a performance and scalability bottleneck. In addition, it creates a serious security risk — if the CA is penetrated, the security of the entire system is irretrievably compromised. In this paper, we present an innovative method to generate globally unique keys in a completely distributed fashion. The ability to perform distributed key generation facilitates decentralized PKIs. We present security analysis of the method as well as a set of experimental performance results. Our method scales well, and is cryptographically strong.

Gregory Linklater,Christian Smith,Alan Herbert,Barry Irwin

DOI: https://doi.org/10.1145/3278681.3278683

2018-09-26

Abstract:Self-sovereign identity promises prospective users greater control, security, privacy, portability and overall greater convenience; however the immaturity of current distributed key management solutions results in general disregard of security advisories in favour of convenience and accessibility. This research proposes the use of intermediate certificates as a distributed key management solution. Intermediate certificates will be shown to allow multiple keys to authenticate to a single self-sovereign identity. Keys may be freely added to an identity without requiring a distributed ledger, any other third-party service or sharing private keys between devices. This research will also show that key rotation is a superior alternative to existing key recovery and escrow systems in helping users recover when their keys are lost or compromised. These features will allow remote credentials to be used to issuer, present and appraise remote attestations, without relying on a constant Internet connection.

ZHONG Huan,XU Chun-xiang,QIN Zhi-guang

DOI: https://doi.org/10.3969/j.issn.1001-0548.2007.03.004

2007-01-01

Abstract:By analyzing the problem of certificate revocation scheme existing in Ad Hoc network, this paper presents a new distributed certificate revocation scheme. The algorithm and the whole process of revocation are included in this scheme. By introducing four factors, the algorithm of certificate revocation becomes more perfect. The monitoring ability and enthusiasm of each node are enhanced as well. Besides, the traffic load in the process of certificate revocation is effectively reduced after requiring that each node maintain and refresh its two tables.

Baohong Li,Y. I B Hou,Yinliang Zhao

DOI: https://doi.org/10.1109/ICMLC.2005.1527611

2005-01-01

Abstract:This paper proposes a scalable scheme for certificate revocation in public key infrastructure. In this scheme, the set of revoked certificates is divided into groups. In each group, proofs for certificate status are computed using one-way accumulators, while all groups are still organized in a hash tree. The main advantage of the proposed scheme is that it can adjust traffic between CA-to-directory and directory-to-user according to certificate update rate and query rate in applications, thus overall traffic for certificate revocation can be remarkably reduced and a wider range of scenarios can be accommodated. Compared with Naor's dynamic hash tree scheme, results show it can reduce traffic by about 50% in typical environments.