Lin Yao,Lei Wang,Xiangwei Kong,Guowei Wu,Feng Xia

DOI: https://doi.org/10.1016/j.camwa.2010.01.010

IF: 3.218

2010-01-01

Computers & Mathematics with Applications

Abstract:In a pervasive computing environment, mobile users often roam into foreign domains. Consequently, mutual authentication between the user and the service provider in different domains becomes a critical issue. In this paper, a fast and secure inter-domain authentication and key establishment scheme, namely IDAS, is proposed. IDAS adopts Biometrics to guarantee the uniqueness and privacy of users and adopts signcryption to generate a secure session key. IDAS can not only reduce the burden of certificates management, but also protect the users and authentication servers against fraud. Compared with some other authentication methods, our approach is superior with faster key exchange and authentication, as well as more privacy. The correctness is verified with the Syverson and Van Oorschot (SVO) logic. Crown Copyright (C) 2010 Published by Elsevier Ltd. All rights reserved.

YAO Lin,FAN Qingna,KONG Xiangwei

DOI: https://doi.org/10.3778/j.issn.1002-8331.2011.06.023

2011-01-01

Abstract:As a result of the high mobility of the pervasive computing,the principles communicating with each other usually locate at different domains.To secure the service access and communications,the principles should authenticate each other and establish a fresh session key.A novel inter-domain authentication and key establishment protocol is proposed.The proposed protocol reduces the burden of certificates management by adopting the biometric encryption.After inter-domain mutual authentication,the two principles build a new session key using the signcryption technique.The protocol can defend lots of attacks and its correctness is proven by the SVO logic.

Jaber Daneshamooz,Melody Yu,Sucheer Maddury

2024-02-14

Abstract:The current routing protocol used in the internet backbone is based on manual configuration, making it susceptible to errors. To mitigate these configuration-related issues, it becomes imperative to validate the accuracy and convergence of the algorithm, ensuring a seamless operation devoid of problems. However, the process of network verification faces challenges related to privacy and scalability. This paper addresses these challenges by introducing a novel approach: leveraging privacy-preserving computation, specifically multiparty computation (MPC), to verify the correctness of configurations in the internet backbone, governed by the BGP protocol. Not only does our proposed solution effectively address scalability concerns, but it also establishes a robust privacy framework. Through rigorous analysis, we demonstrate that our approach maintains privacy by not disclosing any information beyond the query result, thus providing a comprehensive and secure solution to the intricacies associated with routing protocol verification in large-scale networks.

Cryptography and Security,Networking and Internet Architecture

Binanda Sengupta,Yingjiu Li,Kai Bu,Robert H. Deng

DOI: https://doi.org/10.1145/3372046

IF: 5.3

2020-01-01

ACM Transactions on Internet Technology

Abstract:The end-users communicating over a network path currently have no control over the path. For a better quality of service, the source node often opts for a superior (or premium) network path to send packets to the destination node. However, the current Internet architecture provides no assurance that the packets indeed follow the designated path. Network path validation schemes address this issue and enable each node present on a network path to validate whether each packet has followed the specific path so far. In this work, we introduce two notions of privacy-path privacy and Index privacy-in the context of network path validation. We show that, in case a network path validation scheme does not satisfy these two properties, the scheme is vulnerable to certain practical attacks (that affect the privacy, reliability, neutrality and quality of service offered by the underlying network). To the best of our knowledge, ours is the first work that addresses privacy issues related to network path validation. We design PrivNPV, a privacy-preserving network path validation protocol, that satisfies both path privacy and index privacy. We discuss several attacks related to network path validation and how PrivNPV defends against these attacks. Finally, we discuss the practicality of PrivNPV based on relevant parameters.

Genqing Bian,Rui Zhang,Bilin Shao

DOI: https://doi.org/10.1109/access.2022.3166920

IF: 3.9

2022-01-01

IEEE Access

Abstract:The remote data possession checking mechanism can effectively verify the integrity of outsourced data, which can usually be divided into public verification and private verification. The verifier of public verification can be any cloud user, while private verification can only be the data owner. However, in most practical situations, the data owner expects that only a specific verifier can perform integrity checking tasks and that verifier cannot gain any knowledge about the data. Yan et al. proposed a remote data possession checking scheme with the designated verifier, which can guarantee that only the designated verifier can check data integrity, whereas others cannot do it. However, this scheme relies on public key infrastructure technology and does not consider data privacy protection issues. To overcome these shortcomings, we propose an identity-based remote data possession checking scheme that satisfies the data owner's requirement to specify a unique verifier. Moreover, in this scheme, we use a random integer to blind data integrity proof to protect data privacy and use Merkle hash tree structure to achieve dynamic update of data. At the same time, our scheme can avoid the complex certificate management in public key infrastructure. We proved the safety of our scheme based on the discrete logarithm assumption and the computational Diffie-Hellman assumption. Theoretical analysis and experimental results show that our scheme is feasible and effective in practical applications.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yang Liu,Bingsheng Zhang,Yuxiang Ma,Zhuo Ma,Zecheng Wu

DOI: https://doi.org/10.1109/tifs.2023.3288455

IF: 7.231

2023-01-01

IEEE Transactions on Information Forensics and Security

Abstract:The world has observed an increasing trend in the development of Privacy-Preserving Machine Learning (PPML) for cross-silo collaborative model training over sensitive data. As the first essential step of cross-silo PPML, it is critical that the parties can align their dataset with privacy assurance, i.e., private data join. However, the existing private data join methods typically leak the ID information in the dataset intersection, which often raises privacy concerns. In this work, we propose iPrivJoin: a novel framework of ID-private data join for PPML. Compared with naively using circuit-based Private Set Intersection (circuit-PSI) for data join, the proposed framework has two advantages: 1) data volume reduction. iPrivJoin utilizes oblivious shuffle to securely trim off the redundant data that is outside the intersection, while the entire dataset needs to be carried to further process in the circuit-PSI based approach. 2) efficiency improvement. iPrivJoin introduces a new private encoding technique to avoid the expensive circuit evaluation that is needed in circuit-PSI. As a result, compared with directly using circuit-PSI, PPML with iPrivJoin enjoys approximately 3x of speedup. Moreover, we propose a new oblivious shuffle protocol, which may be of independent interest. It achieves 1.44x of speedup to the state-of-the-art in the real-world WAN network setting.

Shang, Shuai,Wang, Haolin,Cai, Ziwen,Zhao, Yun,Li, Xiong

DOI: https://doi.org/10.1007/s11235-024-01162-1

2024-05-29

Telecommunication Systems

Abstract:Private information retrieval, which allows users to securely retrieve information stored in a single server or multiple servers without disclosing any query content to the server, has attracted much attention in recent years. However, most of the existing private information retrieval schemes cannot achieve data retrieval and data integrity authentication simultaneously. To address the above challenges, this paper proposes a verifiable private information retrieval scheme based on parity in a single-server architecture. Specifically, the data owner generates parity information for each data and extends the original database. Then the data owner generates hint information for the query client, and according to the inverse of the hint information, the matrix confusion and permutation of the extensible database are carried out on the database and the hint information is sent to the client. The client selects the corresponding element in the hint to generate the query vector and executes the reconstruction and verification phase after receiving the answer to accomplish the retrieval process. A series of security games prove that this scheme meets the privacy requirements defined by the PIR scheme, and experimental analysis shows that compared with related schemes, our scheme has certain advantages in time cost. The time of verification information generation is 0.3% of APIR and FMAPIR, the reconstruction time is 1.6% of APIR and 1.1% of FMAPIR and the query time is much less than them.

telecommunications

Yangfan Huang,Yuling Lin,Haizhou Du,Yijian Chen,Haohao Song,Linghe Kong,Qiao Xiang,Qiang Li,Franck Le,Jiwu Shu

DOI: https://doi.org/10.1109/iwqos57198.2023.10188716

2023-01-01

Abstract:There has been a growing interest in applying machine learning to real-world tasks. However, due to the blackbox nature of machine learning models, it is crucial to (1) verify important properties of a model and (2) understand the reasons behind a model's prediction before deploying them in a production environment. Existing approaches typically handle them as two separate and sometimes orthogonal topics. In this paper, we show that the verification and interpretability of machine learning models are tightly related and can be unified by satisfiability modulo theories (SMT). Our key insight is: not only a wide range of properties of machine learning models can be formulated as SMT problems and verified accordingly, but many commonly studied interpretability questions can also be answered by iteratively checking the satisfiability and related properties of multiple SMT problems. Leveraging this insight, we design UINT, a general verification and interpretability framework for learning-based networking systems. UINT (1) allows operators to specify verification and interpretability problems as SMT formulas, (2) encodes the target machine learning models into SMT constraints, and (3) automatically solves the corresponding verification and interpretability problems using commodity SMT solvers. We implement a prototype of UINT and evaluate it on real-world learning-based networking systems. Results demonstrate the efficiency and efficacy of UINT in verifying and interpreting key questions for these systems.

Zhuoruo Zhang,Jilin Hu,Chenyang Yu,Rui Chang,Yongwang Zhao

DOI: https://doi.org/10.1109/icws60048.2023.00022

2023-01-01

Abstract:Virtual Private Cloud (VPC) has become a widely used cloud computing service, serving as a foundational web infrastructure for many organizations. Nevertheless, the growing problem of reachability issues poses significant threats to the security and reliability of VPC networks, potentially resulting in critical security concerns such as data breaches and service outages. Although there has been substantial progress in recent reachability analysis, existing methods lack validation of correctness. Moreover, current analyses are tailored for One-to-One reachability where both the source and the destination are fixed, and fail to efficiently answer One-to-Multi reachability queries, which involve computing all reachable destinations for a given source node. To address the above challenges, we propose VeriReach, the first formally verified algorithm that provides comprehensive and efficient reachability analysis in large-scale VPC networks. The reachability analysis result of VeriReach is proved to be equivalent to the original reachability semantics of the VPC networks, ensuring its correctness (i.e., soundness and completeness). The fine-grained formalization of VeriReach and its fully mechanized correctness proofs are carried out in Isabelle/HOL theorem prover with 282 lemmas/theorems and $\sim 4,900{\mathrm{LoC}}$. We further implement VeriReach in C++ and the evaluations indicate that VeriReach is more efficient and scalable than MonoSAT, the state-of-the-art SMT solver, when applied to large-scale VPC networks for reachability analysis.

Huang Lu,Jie Li,Guizani, M.

DOI: https://doi.org/10.1109/comcomap.2012.6154869

2012-01-01

Abstract:In Vehicular Ad hoc Networks (VANETs), authentication is a crucial security requirement to avoid attacks to both inter-vehicle and vehicle-roadside communication. Vehicles have to be prevented from the misuse of their private data and the attacks on their privacy. In this paper, we investigate the authentication and privacy issues in VANETs. We propose a novel ID-based authentication framework with adaptive privacy preservation for VANETs. In this framework, adaptive self-generated pseudonyms are used as identifiers instead of real-world IDs. The update of the pseudonyms depends on vehicular demands. The ID-Based Signature (IBS) scheme and the ID-Based Online/Offline Signature (IBOOS) scheme are used, for authentication between the Road Side Units (RSUs) and vehicles, as well as authentication among vehicles, respectively. System evaluation has been executed using efficient IBS and IBOOS schemes. It shows that, the proposed authentication framework with privacy preservation is suitable to the VANET environment.

Xia Feng,Kaiping Cui,Liangmin Wang

DOI: https://doi.org/10.48550/arXiv.2208.14616

2022-08-31

Abstract:Internet of Vehicles(IoV) is increasingly used as a medium to propagate critical information via establishing connections between entities such as vehicles and infrastructures. During message transmission, privacy-preserving authentication is considered as the first line of defence against attackers and malicious information. To achieve a more secure and stable communication environment, ever-increasing numbers of blockchain-based authentication schemes are proposed. At first glance, existing approaches provide robust architectures and achieve transparent authentication. However, in these schemes, verifiers must connect to the blockchain network in advance and accomplish the authentication with smart contracts, which prolongs the latency. To remedy this limit, we propose a privacy-preserving blockchain-based authentication protocol(PBAG), where Root Authority(RA) generates a unique evaluation proof corresponding to the issued certificate for each authorized vehicle. Meanwhile, RA broadcasts a public global commitment based on all valid certificates. Instead of querying certificates stored in the blockchain, the vehicle will be efficiently proved to be an authorized user by utilizing the global commitment through bilinear pairing. Moreover, our scheme can prevent vehicles equipped with invalid certificates from accomplishing the authentication, thus avoiding the time-consuming for checking Certificate Revocation List (CRL). Finally, our scheme provides privacy properties such as anonymity and unlinkability. It allows anonymous authentication based on evaluation proofs and achieves traceability of identity in the event of a dispute. The simulation demonstrates that the average time of verification is 0.36ms under the batch-enabled mechanism, outperforming existing schemes by at least 63.7%.

Cryptography and Security

Liu Zhifeng,Zhou Conghua,Ge Yun,Zhang Dong

DOI: https://doi.org/10.12785/amis/070521

2013-01-01

Applied Mathematics & Information Sciences

Abstract:In this paper we propose an automated verification approach to checking intransitive noninterference for deterministic finite state systems. Our approach is based on the counterexamples search verification strategy, and is conducted in gradual manner. It produces counterexamples of minimal length. Further, we reduce the counterexamples search to propositional satisfiability. For the case that there are no counterexamples, we also introduce the window induction proof method in order to avoid considering unnecessary iterations, and show that the induction proof can be performed by the boolean decision procedure. In addition, based on graph-theoretic properties of systems we propose an over-approximation to the length of the smallest counterexample, and the over-approximation can also be checked by the boolean decision procedure.

Z ZANG,G LUO,C YIN,臧志远,罗贵明,殷翀元

DOI: https://doi.org/10.1016/S1007-0214(09)70011-2

2009-01-01

Abstract:In networks, the stable path problem (SPP) usually results in oscillations in interdomain systems and may cause systems to become unstable. With the rapid development of internet technology, the occurrence of SPPs in interdomain systems has quite recently become a significant focus of research. A framework for checking SPPs is presented in this paper with verification of an interdomain routing system using formal methods and the NuSMV software. Sufficient conditions and necessary conditions for determining SPP occurrence are presented with proof of the method's effectiveness. Linear temporal logic was used to model an interdomain routing system and its properties were analyzed. An example is included to demonstrate the method's reliability.

Yicun Duan,Junyu Liu,Wangkai Jin,Xiangjun Peng

DOI: https://doi.org/10.48550/arXiv.2202.06477

2022-02-14

Cryptography and Security

Abstract:Recent developments of advanced Human-Vehicle Interactions rely on the concept Internet-of-Vehicles (IoV), to achieve large-scale communications and synchronizations of data in practice. The concept of IoV is highly similar to a distributed system, where each vehicle is considered as a node and all nodes are grouped with a centralized server. In this manner, the concerns of data privacy are significant since all vehicles collect, process and share personal statistics (e.g. multi-modal, driving statuses and etc.). Therefore, it's important to understand how modern privacy-preserving techniques suit for IoV. We present the most comprehensive study to characterize modern privacy-preserving techniques for IoV to date. We focus on Differential Privacy (DP), a representative set of mathematically-guaranteed mechanisms for both privacy-preserving processing and sharing on sensitive data. The purpose of our study is to demystify the tradeoffs of deploying DP techniques, in terms of service quality. We first characterize representative privacy-preserving processing mechanisms, enabled by advanced DP approaches. Then we perform a detailed study of an emerging in-vehicle, Deep-Neural-Network-driven application, and study the upsides and downsides of DP for diverse types of data streams. Our study obtains 11 key findings and we highlight FIVE most significant observations from our detailed characterizations. We conclude that there are a large volume of challenges and opportunities for future studies, by enabling privacy-preserving IoV with low overheads for service quality.

Zhiming Song,Guiwen Wang,Yimin Yu,Taowei Chen

DOI: https://doi.org/10.1155/2022/6800938

IF: 1.968

2022-12-02

Security and Communication Networks

Abstract:Due to the advantages in self-sovereignty identity management and scalability of blockchain, digital identity verification and management systems (DIVMS) of blockchain-based verifiable certificates (VC) are getting more and more attention. However, user privacy in the systems' traditional architectures cannot be guaranteed. In this paper, the zero-knowledge succinct noninteractive arguments of knowledge (zkSNARKs) referred to as Groth16 are introduced in order to implement privacy protection of the user's identity and behavior of DIVMS of blockchain-based VC. In the proposed architecture, the malleability attack of Groth16 is considered, and verifications of zero-knowledge proof (ZKP) and the digital signature of an identity provider (IDP) attached to VC and the status management of VC are implemented on the smart contracts of the blockchain to overcome single point failure. Furthermore, a prototype system is designed to verify the proposed architecture's capability in privacy protection and to evaluate its performances in cost and throughput. Finally, the security of the proposed architecture is discussed, and its comparisons are conducted with those existing blockchain-based DIVMSs, especially those systems using Groth16 of zkSNARKs to improve the privacy of user. All results mentioned above have shown that the proposed system is efficient and safe, and it can improve the privacy of DIVMS of the blockchain based VC while avoiding single point failure.

computer science, information systems,telecommunications

Shengli Liu,Henk C. A. Van Tilborg,Marten Van Dijk

DOI: https://doi.org/10.1023/a:1024755209150

2003-01-01

Abstract:Information-theoretic secret key agreement generally consists of three phases, namely, advantage distillation information reconciliation and privacy amplification. Advantage distillation is needed in the case when two legitimate users, Alice and Bob, start in a situation which is inferior to that of the adversary Eve. The aim for them is to gain advantage over Eve in terms of mutual information between each other. Information reconciliation enables Alice and Bob to arrive at a common string by error correction techniques. Finally they distill a highly secret string from the common string in the privacy amplification phase. For the scenario where Alice and Bob as well as Eve have access to the output of a binary symmetric source by means of (three) binary symmetric channels, there are several advantage distillation and information reconciliation protocols proposed. In this paper, we present a general protocol to implement both advantage distillation and information reconciliation. Simulation results are compared with known protocols. A connection between our protocol and the known protocols is given.

Jie Li,Yuanyuan Lin,Yibing Li,Yan Zhuang,Yangjie Cao

DOI: https://doi.org/10.3390/electronics13101901

IF: 2.9

2024-05-14

Electronics

Abstract:The Internet of Vehicles (IoV) connects an isolated individual on the road to share information, which can improve traffic efficiency. However, the promotion of information sharing brings the critical security issues of identity authentication, followed by privacy protection issues in the authentication process in the IoV. In this study, we designed a blockchain-based conditional privacy-preserving authentication scheme for the IoV (BPA). Our scheme implements zero-knowledge proof (ZKP) to verify the identities of vehicles, which moves the authentication process down to the Roadside Units (RSUs) and achieves decentralized authentication at the edge nodes. Moreover, blockchain technology is utilized to synchronize a consistent ledger across all RSUs for recording and disseminating vehicle authentication states, which enhances the overall authentication process efficiency. We provide a theoretical analysis asserting that the BPA ensures enhanced security and effectively protects the privacy of all participating vehicles. Experimental evaluations confirm that our scheme outperforms existing solutions in terms of the computational and communication overhead.

engineering, electrical & electronic,physics, applied,computer science, information systems

Tianze Wu,Shaoshan Liu,Bo Yu,Sa Wang,Yungang Bao,Weisong Shi

DOI: https://doi.org/10.48550/arXiv.2210.15939

2022-10-28

Abstract:Infrastructure-Vehicle Cooperative Autonomous Driving (IVCAD) is a new paradigm of autonomous driving, which relies on the cooperation between intelligent roads and autonomous vehicles. This paradigm has been shown to be safer and more efficient compared to the on-vehicle-only autonomous driving paradigm. Our real-world deployment data indicates that the effectiveness of IVCAD is constrained by reliability and performance of commercial communication networks. This paper targets this exact problem, and proposes INTERNEURON, a middleware to achieve high communication reliability between intelligent roads and autonomous vehicles, in the context of IVCAD. Specifically, INTERNEURON dynamically matches IVCAD applications and the underlying communication technologies based on varying communication performance and quality needs. Evaluation results confirm that INTERNEURON reduces deadline violations by more than 95\%, significantly improving the reliability of IVCAD systems.

Robotics,Programming Languages

Sagar Chaki,Christian Schallhart,Helmut Veith

DOI: https://doi.org/10.1145/2430545.2430550

IF: 3.685

2013-03-01

ACM Transactions on Software Engineering and Methodology

Abstract:In many industries, the importance of software components provided by third-party suppliers is steadily increasing. As the suppliers seek to secure their intellectual property (IP) rights, the customer usually has no direct access to the suppliers’ source code, and is able to enforce the use of verification tools only by legal requirements. In turn, the supplier has no means to convince the customer about successful verification without revealing the source code. This article presents an approach to resolve the conflict between the IP interests of the supplier and the quality interests of the customer. We introduce a protocol in which a dedicated server (called the “amanat”) is controlled by both parties: the customer controls the verification task performed by the amanat, while the supplier controls the communication channels of the amanat to ensure that the amanat does not leak information about the source code. We argue that the protocol is both practically useful and mathematically sound. As the protocol is based on well-known (and relatively lightweight) cryptographic primitives, it allows a straightforward implementation on top of existing verification tool chains. To substantiate our security claims, we establish the correctness of the protocol by cryptographic reduction proofs.

computer science, software engineering

Xiaoli Zhang,Wei Geng,Yiqiao Song,Hongbing Cheng,Ke Xu,Qi Li

DOI: https://doi.org/10.1109/tnet.2023.3282100

2024-01-01

Abstract:In the trend of network middleboxes as a service, enterprise customers adopt in-the-cloud deep packet inspection (DPI) services to protect networks. As network misconfigurations and hardware failures notoriously exist, recent efforts envision to ensure the execution integrity of DPI services in untrusted clouds. However, they either require enterprise customers to know proprietary DPI rulesets of cloud providers or introduce forbidden overhead in the network context. In the paper, we propose a privacy-preserving and lightweight verification scheme that efficiently checks whether in-the-cloud DPI services run correctly without leaking private DPI rulesets. Particularly, our design introduces one trusted third party to perform privacy-preserving and trustworthy ruleset evaluation and DPI execution verification. Meanwhile, it devises a novel DPI ruleset authentication method that enables tamper-proof DPI operations and facilitates fast proof generation. The proofs can be verified without requiring the verifier to always maintain all rulesets. To further reduce the verification costs while resisting cloud cheating behaviors like bias treatments of packets, it employs a commitment-based delayed sampling mechanism which requires the DPI services to first demonstrate that all packets have been processed before receiving sampling decisions. Moreover, extensive experiments are conducted based on Click modules. The results show that the proposed scheme is practical and only incurs the real-time overhead of 10-20 microseconds.