Brandon Broadnax,Alexander Koch,Jeremias Mechler,Tobias Müller,Jörn Müller-Quade,Matthias Nagel

DOI: https://doi.org/10.2478/popets-2021-0072

2021-07-23

Proceedings on Privacy Enhancing Technologies

Abstract:Abstract In practice, there are numerous settings where mutually distrusting parties need to perform distributed computations on their private inputs. For instance, participants in a first-price sealed-bid online auction do not want their bids to be disclosed. This problem can be addressed using secure multi-party computation (MPC), where parties can evaluate a publicly known function on their private inputs by executing a specific protocol that only reveals the correct output, but nothing else about the private inputs. Such distributed computations performed over the Internet are susceptible to remote hacks that may take place during the computation. As a consequence, sensitive data such as private bids may leak. All existing MPC protocols do not provide any protection against the consequences of such remote hacks. We present the first MPC protocols that protect the remotely hacked parties’ inputs and outputs from leaking. More specifically, unless the remote hack takes place before the party received its input or all parties are corrupted, a hacker is unable to learn the parties’ inputs and outputs, and is also unable to modify them. We achieve these strong (privacy) guarantees by utilizing the fact that in practice parties may not be susceptible to remote attacks at every point in time, but only while they are online, i.e. able to receive messages. To this end, we model communication via explicit channels. In particular, we introduce channels with an airgap switch (disconnect-able by the party in control of the switch), and unidirectional data diodes . These channels and their isolation properties, together with very few, similarly simple and plausibly remotely unhackable hardware modules serve as the main ingredient for attaining such strong security guarantees. In order to formalize these strong guarantees, we propose the UC with Fortified Security (UC#) framework, a variant of the Universal Composability (UC) framework.

Yulin Wu,Xuan Wang,Willy Susilo,Guomin Yang,Zoe L. Jiang,Junyi Li,Xueqiao Liu

DOI: https://doi.org/10.1016/j.csi.2021.103570

2022-03-01

Abstract:With the rapid development of secure multi-party computation (MPC) over past decades, applications of MPC has been moving from completing simple computation tasks (e.g., private set intersection) to complex computation tasks (e.g., privacy-preserving machine learning). This is an inevitable trend when more strict privacy protection requirements face more complex and large-scale computation such as big data analytics being applied in many fields. Although the complex computation tasks are not easy to be evaluated with one type of MPC protocols from beginning to the end, it can be more efficiently evaluated by decomposing the complex task into many simple sub-tasks and evaluating each of them with the proper type of MPC protocol in sequence. Therefore, we propose a mixed-protocol MPC framework towards complex computation tasks with malicious security in this work. In particular, we utilize the homomorphic commitment technique to construct six types of share conversion protocols in the malicious model. Then, we construct the maliciously secure mixed-protocol MPC framework based on these share conversion protocols. This is the first maliciously secure mixed-protocol MPC framework relying on the standard model, providing a higher security guarantee than all the previous works in the literature. Also, this is the first general mixed-protocol MPC framework for n parties in the malicious model, in comparison to previous works that either only support fixed number of parties in the malicious model, or only handle limited types of share conversions. Furthermore, we provide the theoretical analysis of the computation and communication costs for the six types of share conversion protocols, as an important reference for future developers, who intend to implement some complex computation task by following this mixed-protocol MPC framework with malicious security.

computer science, software engineering, hardware & architecture

Zhou Ni,Rujia Wang

DOI: https://doi.org/10.48550/arXiv.2004.10926

2020-04-23

Cryptography and Security

Abstract:Secure multi-party computation (MPC) is a broad cryptographic concept that can be adopted for privacy-preserving computation. With MPC, a number of parties can collaboratively compute a function, without revealing the actual input or output of the plaintext to others. The applications of MPC range from privacy-preserving voting, arithmetic calculation, and large-scale data analysis. From the system perspective, each party in MPC can run on one compute node. The compute nodes of multiple parties could be either homogeneous or heterogeneous; however, the distributed workloads from the MPC protocols tend to be always homogeneous (symmetric). In this work, we study a representative MPC framework and a set of MPC applications from the system performance perspective. We show the detailed online computation workflow of a state-of-the-art MPC protocol and analyze the root cause of its stall time and performance bottleneck on homogeneous and heterogeneous compute nodes.

Jing Wu,Yuhan Yang,Lijun Wei,C. Long

DOI: https://doi.org/10.1145/3390566.3391664

2020-03-12

Abstract:With the rapid development of Internet of Things, the demand of data sharing is not only to ensure the data integrity, but also to protect user's individual privacy. Secure multi-party computation, as a technology paradigm based on cryptography technology, enables privacy protection in data sharing among multiple parties, while the implement of secure multi-party computation is limited due to the inefficient, complex computation protocol and frequent interaction. Fortunately, the emergence of blockchain technology provides excellent properties of decentralization, verifiability and high reliability for secure multi-party computation. In this paper, we propose a blockchain-based secure multi-party computation architecture for data sharing, where we design an aggregator consortium for data storage, verification and joint computation. Moreover, we introduce a straightforward secure multi-party computation scheme based on homomorphic encryption. In addition, we analyze and discuss this scheme in terms of data security, access flexibility, attack resistance and potential applications.

Computer Science,Engineering

Marcel von Maltitz,Stefan Smarzly,Holger Kinkelin,Georg Carle

DOI: https://doi.org/10.48550/arXiv.1804.03918

2018-04-11

Cryptography and Security

Abstract:Secure multiparty computation (SMC) is a promising technology for privacy-preserving collaborative computation. In the last years several feasibility studies have shown its practical applicability in different fields. However, it is recognized that administration and management overhead of SMC solutions are still a problem. A vital next step is the incorporation of SMC in the emerging fields of the Internet of Things and (smart) dynamic environments. In these settings, the properties of these contexts make utilization of SMC even more challenging since some of its vital premises regarding environmental stability and preliminary configuration are not initially fulfilled. We bridge this gap by providing FlexSMC, a management and orchestration framework for SMC which supports the discovery of nodes, supports a trust establishment between them and realizes robustness of SMC session by handling nodes failures and communication interruptions. The practical evaluation of FlexSMC shows that it enables the application of SMC in dynamic environments with reasonable performance penalties and computation durations allowing soft real-time and interactive use cases.

Chuan Zhao,Shengnan Zhao,Minghao Zhao,Zhenxiang Chen,Chong-Zhi Gao,Hongwei Li,Yu-an Tan

DOI: https://doi.org/10.1016/j.ins.2018.10.024

IF: 8.1

2019-01-01

Information Sciences

Abstract:Secure Multi-Party Computation (SMPC) is a generic cryptographic primitive that enables distributed parties to jointly compute an arbitrary functionality without revealing their own private inputs and outputs. Since Yao’s seminal work in 1982, 30 years of research on SMPC has been conducted, proceeding from pure theoretical research into real-world applications. Recently, the increasing prevalence of the newly emerging technologies such as cloud computing, mobile computing and the Internet of Thing has resulted in a re-birth of SMPC’s popularity. This has occurred mainly because, as a generic tool for computing on private data, SMPC has a natural advantage in solving security and privacy issues in these areas. Accordingly, many application-oriented SMPC protocols have been constructed. This paper presents a comprehensive survey on the theoretical and practical aspects of SMPC protocols. Specifically, we start by demonstrating the underlying concepts of SMPC, including its security requirements and basic construction techniques. Then, we present the research advances regarding construction techniques for generic SMPC protocols, and also the cutting-edge approaches to cloud-assisted SMPC protocols. Then, we summarize the concrete application-oriented protocols that are currently available, and finally, we present a discussion of the current literature and conclude this survey.

Yulin Wu,Xuan Wang,Willy Susilo,Guomin Yang,Zoe L. Jiang,Hao Wang,Tong Wu

DOI: https://doi.org/10.1016/j.csi.2021.103571

2022-03-01

Abstract:In the artificial intelligence era, data-driven computation tasks, such as machine learning, have been playing an essential role as the decision-maker to unlock the value of big data in many fields. Moreover, the ultimate goal of pursuing accuracy and efficiency improvement to better promote the application of data-driven computation has never changed. Since the main method to improve the accuracy of these tasks (e.g., the model training of machine learning) is to increase the diversity of datasets, this requires multiple data providers to share their data. However, data providers, e.g., private companies, are reluctant to share their datasets directly, considering the privacy protection of user information and the leakage prevention of their business secrets. Therefore, how to securely and efficiently perform joint datasets based data-driven computation tasks has become the main problem. In this work, without getting the aid of any trusted-third party (e.g., the cloud server), we construct an efficient maliciously secure two-party mixed-protocol framework for data-driven computation tasks. In particular, we construct a new cryptography gadget called committed oblivious linear evaluation (C-OLE) based on the homomorphic commitments in the malicious model. Then we construct two types of share conversion protocols in the malicious model with the above C-OLE gadget to construct the two-party mixed-protocol framework for data-driven computation tasks. Without utilizing the random oracle, our framework can provide a stronger security guarantee than the other two-party mixed-protocol frameworks in the literature. Furthermore, we conscientiously evaluate the theoretical efficiency of the two shares conversion protocols and provide the result as an important reference for future developers who intend to securely and efficiently instantiate the data-driven computation tasks (e.g., privacy-preserving machine learning applications) in the malicious model.

computer science, software engineering, hardware & architecture

Helene Haagh,Aleksandr Karbyshev,Sabine Oechsner,Bas Spitters,Pierre-Yves Strub

DOI: https://doi.org/10.1109/csf.2018.00016

2018-07-01

Abstract:Secure multi-party computation (MPC) is a general cryptographic technique that allows distrusting parties to compute a function of their individual inputs, while only revealing the output of the function. It has found applications in areas such as auctioning, email filtering. and secure teleconference. Given their importance, it is crucial that the protocols are specified and implemented correctly. In the programming language community, it has become good practice to use computer proof assistants to verify correctness proofs. In the field of cryptography, EasyCrypt is the state of the art proof assistant. It provides an embedded language for probabilistic programming, together with a specialized logic, embedded into an ambient general purpose higher-order logic. It allows us to conveniently express cryptographic properties. EasyCrypt has been used successfully on many applications, including public-key encryption, signatures, garbled circuits and differential privacy. Here we show for the first time that it can also be used to prove security of MPC against a malicious adversary. We formalize additive and replicated secret sharing schemes and apply them to Maurer's MPC protocol for secure addition and multiplication. Our method extends to general polynomial functions. We follow the insights from EasyCrypt that security proofs can often be reduced to proofs about program equivalence, a topic that is well understood in the verification of programming languages. In particular, we show that for a class of MPC protocols in the passive case the non-interference-based (NI) definition is equivalent to a standard simulation-based security definition. For the active case, we provide a new non-interference based alternative to the usual simulation-based cryptographic definition that is tailored specifically to our protocol.

Shijin Duan,Chenghong Wang,Hongwu Peng,Yukui Luo,Wujie Wen,Caiwen Ding,Xiaolin Xu

2024-06-04

Abstract:As privacy-preserving becomes a pivotal aspect of deep learning (DL) development, multi-party computation (MPC) has gained prominence for its efficiency and strong security. However, the practice of current MPC frameworks is limited, especially when dealing with large neural networks, exemplified by the prolonged execution time of 25.8 seconds for secure inference on ResNet-152. The primary challenge lies in the reliance of current MPC approaches on additive secret sharing, which incurs significant communication overhead with non-linear operations such as comparisons. Furthermore, additive sharing suffers from poor scalability on party size. In contrast, the evolving landscape of MPC necessitates accommodating a larger number of compute parties and ensuring robust performance against malicious activities or computational failures. In light of these challenges, we propose SSNet, which for the first time, employs Shamir's secret sharing (SSS) as the backbone of MPC-based ML framework. We meticulously develop all framework primitives and operations for secure DL models tailored to seamlessly integrate with the SSS scheme. SSNet demonstrates the ability to scale up party numbers straightforwardly and embeds strategies to authenticate the computation correctness without incurring significant performance overhead. Additionally, SSNet introduces masking strategies designed to reduce communication overhead associated with non-linear operations. We conduct comprehensive experimental evaluations on commercial cloud computing infrastructure from Amazon AWS, as well as across diverse prevalent DNN models and datasets. SSNet demonstrates a substantial performance boost, achieving speed-ups ranging from 3x to 14x compared to SOTA MPC frameworks. Moreover, SSNet also represents the first framework that is evaluated on a five-party computation setup, in the context of secure DL inference.

Cryptography and Security,Machine Learning

Samia Belattaf,Mohamed Mohammedi,Mawloud Omar,Rachida Aoudjit

DOI: https://doi.org/10.1007/s11277-021-08437-9

IF: 2.017

2021-04-03

Wireless Personal Communications

Abstract:The Internet of Things (IoT) is an emerging paradigm in the world of computer networks, where physical objects are connected over the Internet. Given the huge number of connected devices that are potentially vulnerable, highly significant risks emerge around the issues of communication security. Unfortunately, the conventional security methods are hard to adapt due to the heterogeneity and resource-constrained objects. In this paper, we propose a reliable and adaptive distributed public-key management infrastructure for the IoT. The main purpose of our proposal is to mitigate the resource issue for public-key certificate management to design an effective security mechanism, which offers reliable end-to-end security services. In order to evaluate the performances of our proposal, we have conducted intensive simulations with comparison to the literature, in which we have obtained promising results in terms of storage, communication, response time and resilience against malicious nodes.

telecommunications

Oscar G. Bautista,Mohammad Hossein Manshaei,Richard Hernandez,Kemal Akkaya,Soamar Homsi,Selcuk Uluagac,Bautista, Oscar G.,Manshaei, Mohammad Hossein,Hernandez, Richard,Akkaya, Kemal,Uluagac, Selcuk

DOI: https://doi.org/10.1007/s10922-023-09739-y

2023-07-22

Journal of Network and Systems Management

Abstract:Secure Multiparty Computation (MPC) offers privacy-preserving computation that could be critical in many health and finance applications. Specifically, two or more parties jointly compute a function on private inputs by following a protocol executed in rounds. The MPC network typically consists of direct peer-to-peer (P2P) connections among parties. However, this significantly increases the computation time as parties need to wait for messages from each other, thus making network communication a bottleneck. Most recent works tried to address the communication efficiency by focusing on optimizing the MPC protocol rather than the underlying network topologies and protocols. In this paper, we propose the MPC over Algorand Blockchain (MPC-ABC) protocol that packs messages into Algorand transactions and utilizes its fast gossip protocol to transmit them efficiently among MPC parties. Our approach, therefore, reduces the delay and complexity associated with the fully connected P2P network while assuring the integrity of broadcasted data. We implemented MPC-ABC and utilized it to outsource the SPDZ (SPDZ—pronounced "Speedz"—is the nickname of the MPC protocol of Damgård et al. in (European Symposium on Research in Computer Security, pp 1–18, 2013)) protocol across multiple Cloud Service Providers (CSP). Experimental results show that our approach outperforms the commonly adopted approaches over the P2P TCP/IP network in terms of the average delay and network complexity.

computer science, information systems,telecommunications

Weihao Zeng,Xinyu Xu,Qianyun Zhang,Jiting Shi,Zhijin Qin,Zhenyu Guan

2024-07-19

Abstract:Semantic communications have emerged as a promising solution to address the challenge of efficient communication in rapidly evolving and increasingly complex Internet of Things (IoT) networks. However, protecting the security of semantic communication systems within the distributed and heterogeneous IoT networks is critical issues that need to be addressed. We develop a secure and efficient distributed semantic communication system in IoT scenarios, focusing on three aspects: secure system maintenance, efficient system update, and privacy-preserving system usage. Firstly, we propose a blockchain-based interaction framework that ensures the integrity, authentication, and availability of interactions among IoT devices to securely maintain system. This framework includes a novel digital signature verification mechanism designed for semantic communications, enabling secure and efficient interactions with semantic communications. Secondly, to improve the efficiency of interactions, we develop a flexible semantic communication scheme that leverages compressed semantic knowledge bases. This scheme reduces the data exchange required for system update and is adapt to dynamic task requirements and the diversity of device capabilities. Thirdly, we exploit the integration of differential privacy into semantic communications. We analyze the implementation of differential privacy taking into account the lossy nature of semantic communications and wireless channel distortions. An joint model-channel noise mechanism is introduced to achieve differential privacy preservation in semantic communications without compromising the system's functionality. Experiments show that the system is able to achieve integrity, availability, efficiency and the preservation of privacy.

Signal Processing

Nishat Koti,Shravani Patil,Arpita Patra,Ajith Suresh

DOI: https://doi.org/10.48550/arXiv.2206.12224

2022-06-24

Abstract:The growing volumes of data being collected and its analysis to provide better services are creating worries about digital privacy. To address privacy concerns and give practical solutions, the literature has relied on secure multiparty computation. However, recent research has mostly focused on the small-party honest-majority setting of up to four parties, noting efficiency concerns. In this work, we extend the strategies to support a larger number of participants in an honest-majority setting with efficiency at the center stage. Cast in the preprocessing paradigm, our semi-honest protocol improves the online complexity of the decade-old state-of-the-art protocol of Damgård and Nielson (CRYPTO'07). In addition to having an improved online communication cost, we can shut down almost half of the parties in the online phase, thereby saving up to 50% in the system's operational costs. Our maliciously secure protocol also enjoys similar benefits and requires only half of the parties, except for one-time verification, towards the end. To showcase the practicality of the designed protocols, we benchmark popular applications such as deep neural networks, graph neural networks, genome sequence matching, and biometric matching using prototype implementations. Our improved protocols aid in bringing up to 60-80% savings in monetary cost over prior work.

Cryptography and Security,Distributed, Parallel, and Cluster Computing,Information Theory,Machine Learning

Ajith Suresh

DOI: https://doi.org/10.48550/arXiv.2112.13338

2021-12-26

Cryptography and Security

Abstract:In the modern era of computing, machine learning tools have demonstrated their potential in vital sectors, such as healthcare and finance, to derive proper inferences. The sensitive and confidential nature of the data in such sectors raises genuine concerns for data privacy. This motivated the area of Privacy-preserving Machine Learning (PPML), where privacy of data is guaranteed. In this thesis, we design an efficient platform, MPCLeague, for PPML in the Secure Outsourced Computation (SOC) setting using Secure Multi-party Computation (MPC) techniques. MPC, the holy-grail problem of secure distributed computing, enables a set of n mutually distrusting parties to perform joint computation on their private inputs in a way that no coalition of t parties can learn more information than the output (privacy) or affect the true output of the computation (correctness). While MPC, in general, has been a subject of extensive research, the area of MPC with a small number of parties has drawn popularity of late mainly due to its application to real-time scenarios, efficiency and simplicity. This thesis focuses on designing efficient MPC frameworks for 2, 3 and 4 parties, with at most one corruption and supports ring structures. At the heart of this thesis are four frameworks - ASTRA, SWIFT, Tetrad, ABY2.0 - catered to different settings. The practicality of our framework is argued through improvements in the benchmarking of widely used ML algorithms -- Linear Regression, Logistic Regression, Neural Networks, and Support Vector Machines. We propose two variants for each of our frameworks, with one variant aiming to minimise the execution time while the other focuses on the monetary cost. The concrete efficiency gains of our frameworks coupled with the stronger security guarantee of robustness make our platform an ideal choice for a real-time deployment of PPML techniques.

Kemal Akkaya,Soamar Homsi,Oscar G. Bautista

DOI: https://doi.org/10.1109/LCN52139.2021.9524971

2021-10-04

Abstract:With the increasing interest in Secure Multi-Party Computation protocols (MPC), there have been several works such as the SPDZ1 protocol that tackled this problem under a malicious security with dishonest majority attack model. However, most of these MPC efforts assume that the nodes running the computations are also supplying the inputs, which is not a realistic assumption for many real-life applications. In this paper, we extend the SPDZ protocol to enable clients outsource data and computation to the clouds while ensuring the correctness of the results, in addition to integrity and confidentiality of the input and output. We guarantee that the computation among nodes is done correctly by verifying their output’s Message Authentication Codes (MACs) at the end. Specifically, we delegate this task to an honest server. Our approach strives to minimize the burden on clients while enabling cheating detection even when assuming a malicious attack model with dishonest majority.

Engineering,Computer Science

Yibiao Lu,Zhibo Wu,Bingsheng Zhang,Kui Ren

DOI: https://doi.org/10.1155/2023/6039034

2023-01-01

Wireless Communications and Mobile Computing

Abstract:The wireless network suffers from many security problems, and computation in a wireless network environment may fail to preserve privacy as well as correctness when the adversaries conduct attacks through backdoors, steganography, kleptography, etc. Secure computation ensures the execution security in such an environment, and compared with computation on the plaintext, the performance of secure computation is bounded by the underlying cryptographic algorithms and the network environment between the involved parties. Besides, the Chinese cryptography laws require the cryptographic algorithms that appeared in the commercial market to be authorized. In this work, we show how to implement oblivious transfer (OT), an important primitive in secure multiparty computation (MPC), using the Chinese government-approved SM2 and SM3 algorithms. The SM2 algorithm is based on the elliptic curve cryptography and is much faster than the discrete logarithm-based solutions. Moreover, by adopting the standard OT extension technique, we can extend the number of OTs efficiently with one more round of communication and invocations to the SM3 and SM4 algorithms. The OT primitive can be used in the Beaver multiplication triple generation and other MPC protocols, e.g., private set intersection. Therefore, we can utilize the SM series cryptography, specifically, the SM2, SM3, and SM4 algorithms, to build highly efficient secure computation frameworks which are suitable for the wireless network environment and for commercial applications in China. The experimental evaluation results show that our protocols have comparable performance to existing protocols; specifically, our protocols are quite suitable for bad network environments.

Xiaotong Li,Hao Wang,Zhi Li,Lei Wu,Xiaochao Wei,Ye Su,Rongxing Lu

DOI: https://doi.org/10.1109/tsc.2024.3380258

IF: 11.019

2024-01-01

IEEE Transactions on Services Computing

Abstract:Although secure multi-party computation breaks down data barriers, its utility is reduced when participants have limited computation and communication resources. To make secure multi-party computation more practical, there exists an approach to distribute users' private inputs to multiple servers in a secret sharing manner, and the servers accomplish secure computation tasks through interaction. We propose a new secure computation framework that enables the detection of malicious cloud servers by introducing homomorphic MACs. We utilize pairing-based homomorphic commitments to record MACs on a bulletin board, providing public verifiability while reducing the computation burden on the cloud servers. Additionally, our framework not only supports the underlying general computation, but also prepares for various types of nontrivial high-level operations, such as comparison and bit decomposition. We design a smart payment platform enabling fair payment with the help of smart contracts to protect the rights of both data owners and cloud service providers. Compared to previous works, our framework breaks the limitations of servers being restricted to semi-honest or even honest and provides public verifiability. Performance evaluations demonstrate satisfactory computation and communication efficiency during the online phase of our system.

computer science, information systems, software engineering

Jun Liu,Yuan Tian,Yu Zhou,Yang Xiao,Nirwan Ansari

DOI: https://doi.org/10.1016/j.comcom.2020.02.014

IF: 5.047

2020-03-01

Computer Communications

Abstract:<p>Data mining is an important task to understand the valuable information for making correct decisions. Technologies for mining self-owned data of a party are rather mature. However, how to perform distributed data mining to obtain information from data owned by multiple parties without privacy leakage remains a big challenge. While secure multi-party computation (MPC) may potentially address this challenge, several issues have to be overcome for practical realizations. In this paper, we point out two unsupported tasks of MPC that are common in the real-world. Towards this end, we design algorithms based on optimized matrix computation with one-hot encoding and LU decomposition to support these requirements in the MPC context. In addition, we implement them based on a SPDZ protocol, a computation framework of MPC. The experimental evaluation results show that our design and implementation are feasible and effective for privacy preserving distributed data mining.</p>

computer science, information systems,telecommunications,engineering, electrical & electronic

Mahdi R Alagheband,Atefeh Mashatan

DOI: https://doi.org/10.1007/s11227-022-04586-1

Abstract:The Internet of Things (IoT) is increasingly becoming widespread in different areas such as healthcare, transportation, and manufacturing. IoT networks comprise many diverse entities, including smart small devices for capturing sensitive information, which may be attainable targets for malicious parties. Thus security and privacy are of utmost importance. To protect the confidentiality of data handled by IoT devices, conventional cryptographic primitives have generally been used in various IoT security solutions. While these primitives provide just an acceptable level of security, they typically neither preserve privacy nor support advanced functionalities. Also, they overly count on trusted third parties because of some limitations by design. This multidisciplinary survey paper connects the dots and explains how some advanced cryptosystems can achieve ambitious goals. We begin by describing a multi-tiered heterogeneous IoT architecture that supports the cloud, edge, fog, and blockchain technologies and assumptions and capabilities for each layer. We then elucidate advanced encryption primitives, namely wildcarded, break-glass, proxy re-encryption, and registration-based encryption schemes, as well as IoT-friendly cryptographic accumulators. Our paper illustrates how they can augment the features mentioned above while simultaneously satisfying the architectural IoT requirements. We provide comparison tables and diverse IoT-based use cases for each advanced cryptosystem as well as a guideline for selecting the best one in different scenarios and depict how they can be integrated.

Mohammad Sayad Haghighi,Orwa Nader,Alireza Jolfaei

DOI: https://doi.org/10.48550/arXiv.2008.08672

2020-08-20

Abstract:Our high expectations from Internet of Things (IoT) and how it will positively influence our lifestyles depend on a secure and trusted implementation of it, especially in the sensitive sectors such as health or financial. IoT platforms and solutions must provide Confidentiality, Integrity and Availability (CIA) in a secure and transparent way. Due to the extremely large scales of IoT, traditional centralized solutions for security provisioning cannot be employed in their original form. This article discusses the authentication problem in IoT, which is fundamental to providing CIA. We propose a hierarchical security architecture for this problem and focus on computationally lightweight authentication protocols which can intelligently distribute the computational load across multiple levels and effectively push the load towards upper layers.

Cryptography and Security