Results 11 - 20
of
49
Towards Provably-Secure Scalable Anonymous Broadcast
"... We devise a scalable and provably-secure protocol for fully-anonymous broadcast in large-scale networks. Similar to the dining cryptographers networks (DC-NETS), our algorithm uses secure multi-party computation (MPC) to ensure anonymity. However, we address the weaknesses of DC-NETS, which are poor ..."
Abstract
-
Cited by 3 (2 self)
- Add to MetaCart
(Show Context)
We devise a scalable and provably-secure protocol for fully-anonymous broadcast in large-scale networks. Similar to the dining cryptographers networks (DC-NETS), our algorithm uses secure multi-party computation (MPC) to ensure anonymity. However, we address the weaknesses of DC-NETS, which are poor scalability and vulnerability to jamming attacks. When compared to the state-of-the-art, our protocol reduces the total bit complexity from O(n 2) to Õ(n) per anonymous message sent in a network of size n; total latency increases from O(1) to polylog(n). We assume up to a one third fraction of the parties is controlled by a static Byzantine adversary. We further assume that this adversary is computationally unbounded, and thus make no cryptographic hardness assumptions. 1
The power of anonymous veto in public discussion
, 2006
"... The Dining Cryptographers problem studies how to securely compute the boolean-OR function while preserving the privacy of each input bit. Since its first introduction by Chaum in 1988, it has attracted a number of solutions over the past twenty years. In this paper, we propose a new solution: Anonym ..."
Abstract
-
Cited by 3 (0 self)
- Add to MetaCart
(Show Context)
The Dining Cryptographers problem studies how to securely compute the boolean-OR function while preserving the privacy of each input bit. Since its first introduction by Chaum in 1988, it has attracted a number of solutions over the past twenty years. In this paper, we propose a new solution: Anonymous Veto Network (or AV-net). Our protocol is provably secure, and is better than past work in the following ways. It provides the strongest protection of each input’s privacy against collusion; it requires only two rounds of broadcast, fewer than any other solution; the computational load and bandwidth usage are the least among the available techniques; and the efficiency of our protocol is achieved without relying on any private channels or third parties. Overall, it seems unlike, with the
Riposte: An Anonymous Messaging System Handling Millions of Users
"... Abstract—This paper presents Riposte, a new system for anonymous broadcast messaging. Riposte is the first such system, to our knowledge, that simultaneously protects against traffic-analysis attacks, prevents anonymous denial-of-service by mali-cious clients, and scales to million-user anonymity se ..."
Abstract
-
Cited by 3 (0 self)
- Add to MetaCart
(Show Context)
Abstract—This paper presents Riposte, a new system for anonymous broadcast messaging. Riposte is the first such system, to our knowledge, that simultaneously protects against traffic-analysis attacks, prevents anonymous denial-of-service by mali-cious clients, and scales to million-user anonymity sets. To achieve these properties, Riposte makes novel use of techniques used in systems for private information retrieval and secure multi-party computation. For latency-tolerant workloads with many more readers than writers (e.g. Twitter, Wikileaks), we demonstrate that a three-server Riposte cluster can build an anonymity set of 2,895,216 users in 32 hours. Index Terms—anonymity; messaging; privacy; private infor-mation retrieval; I.
Mix-In-Place” Anonymous Networking Using Secure Function Evaluation
- In Proceedings of ACSAC
, 2011
"... Anonymous communications systems generally trade off perfor-mance for strong cryptographic guarantees of privacy. However, a number of applications with moderate performance requirements (e.g., chat) may require both properties. In this paper, we develop a new architecture that provides provably unl ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
(Show Context)
Anonymous communications systems generally trade off perfor-mance for strong cryptographic guarantees of privacy. However, a number of applications with moderate performance requirements (e.g., chat) may require both properties. In this paper, we develop a new architecture that provides provably unlinkable and efficient communications using a single intermediary node. Nodes partici-pating in these Mix-In-Place Networks (MIPNets) exchange mes-sages through a mailbox in an Oblivious Proxy (OP). Clients lever-age Secure Function Evaluation (SFE) to send and receive their messages from the OP while blindly but reversibly modifying the appearance of all other messages (i.e., mixing in place) in the mail-box. While an Oblivious Proxy will know that a client participated in exchanges, it can not be certain which, if any, messages that client transmitted or received. We implement and measure our pro-posed design using a modified version of Fairplay and note reduc-tions in execution times of greater than 98 % over the naïve applica-tion of garbled circuits. We then develop a chat application on top of the MIPNet architecture and demonstrate its practical use for as many as 100 concurrent users. Our results demonstrate the poten-tial to use SFE-enabled “mixing ” in a single proxy as a means of providing provable deniability for applications with near real-time performance requirements. 1.
Spreading alerts quietly and the subgroup escape problem
- In Advances in Cryptology - Proceedings of ASIACRYPT 2005, volume 3788 of Lecture Notes in Computer Science
, 2005
"... We introduce a new cryptographic primitive called the blind coupon mechanism (BCM). In effect, the BCM is an authenticated bit commitment scheme, which is AND-homomorphic. It has not been known how to construct such commitments before. We show that the BCM has natural and important applications. In ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
We introduce a new cryptographic primitive called the blind coupon mechanism (BCM). In effect, the BCM is an authenticated bit commitment scheme, which is AND-homomorphic. It has not been known how to construct such commitments before. We show that the BCM has natural and important applications. In particular, we use it to construct a mechanism for transmitting alerts undetectably in a messagepassing system of n nodes. Our algorithms allow an alert to quickly propagate to all nodes without its source or existence being detected by an adversary, who controls all message traffic. Our proofs of security are based on a new subgroup escape problem, which seems hard on certain groups with bilinear pairings and on elliptic curves over the ring Zn.
Statistical Analysis of Privacy and Anonymity Guarantees in Randomized Security Protocol Implementations
, 906
"... Abstract. Security protocols often use randomization to achieve probabilistic non-determinism. This non-determinism, in turn, is used in obfuscating the dependence of observable values on secret data. Since the correctness of security protocols is very important, formal analysis of security protocol ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Abstract. Security protocols often use randomization to achieve probabilistic non-determinism. This non-determinism, in turn, is used in obfuscating the dependence of observable values on secret data. Since the correctness of security protocols is very important, formal analysis of security protocols has been widely studied in literature. Randomized security protocols have also been analyzed using formal techniques such as process-calculi and probabilistic model checking. In this paper, we consider the problem of validating implementations of randomized protocols. Unlike previous approaches which treat the protocol as a white-box, our approach tries to verify an implementation provided as a black box. Our goal is to infer the secrecy guarantees provided by a security protocol through statistical techniques. We learn the probabilistic dependency of the observable outputs on secret inputs using Bayesian network. This is then used to approximate the leakage of secret. In order to evaluate the accuracy of our statistical approach, we compare our technique with the probabilistic model checking technique on two examples: crowds protocol and dining crypotgrapher’s protocol. 1
Efficient Anonymous Message Submission
"... Abstract—In online surveys, many people are not willing to provide true answers due to privacy concerns. Thus, anonymity is important for online message collection. Existing solutions let each member blindly shuffle the submitted messages by using the IND-CCA2 secure cryptosystem. In the end, all me ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Abstract—In online surveys, many people are not willing to provide true answers due to privacy concerns. Thus, anonymity is important for online message collection. Existing solutions let each member blindly shuffle the submitted messages by using the IND-CCA2 secure cryptosystem. In the end, all messages are ran-domly shuffled and no one knows the message order. However, the heavy computational overhead and linear communication rounds make it only useful for small groups. In this paper, we propose an efficient anonymous message submission protocol aimed at a practical group size. Our protocol is based on a simplified secret sharing scheme and a symmetric key cryptosystem. We propose a novel method to let all members secretly aggregate their messages into a message vector such that a member knows nothing about other members ’ message positions. We provide a theoretical proof showing that our protocol is anonymous under malicious attacks. We then conduct a thorough analysis of our protocol, showing that our protocol is computationally more efficient than existing solutions and results in a constant communication rounds with a high probability. I.
Security Analysis of Accountable Anonymity in Dissent
, 2013
"... Users often wish to communicate anonymously on the Internet, for example in group dis-cussion or instant messaging forums. Existing solutions are vulnerable to misbehaving users, however, who may abuse their anonymity to disrupt communication. Dining Cryptographers Networks (DC-nets) leave groups vu ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Users often wish to communicate anonymously on the Internet, for example in group dis-cussion or instant messaging forums. Existing solutions are vulnerable to misbehaving users, however, who may abuse their anonymity to disrupt communication. Dining Cryptographers Networks (DC-nets) leave groups vulnerable to denial-of-service and Sybil attacks, mix net-works are difficult to protect against traffic analysis, and accountable voting schemes are un-suited to general anonymous messaging. DISSENT is the first general protocol offering provable anonymity and accountability for moderate-size groups, while efficiently handling unbalanced communication demands among users. We present an improved and hardened DISSENT protocol, define its precise security properties, and offer rigorous proofs of these properties. The improved protocol systematically addresses the delicate balance between provably hiding the identities of well-behaved users, while provably revealing the identities of disruptive users, a challenging task because many forms of misbehavior are inherently undetectable. The new protocol also addresses several non-trivial attacks on the original DISSENT protocol stemming from subtle design flaws. 1
Anonymous sealed bid auction protocol based on a variant of the dining cryptographers’ protocol
- Periodica Mathematica Hungarica
"... Abstract Sealed bid auctions are a popular means of high-stakes bidding, as they eliminate the temporal element from the auction process, allowing participants to take less emotional, more thoughtful decisions. In this paper, we propose a digital communication protocol for conducting sealed bid auc ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Abstract Sealed bid auctions are a popular means of high-stakes bidding, as they eliminate the temporal element from the auction process, allowing participants to take less emotional, more thoughtful decisions. In this paper, we propose a digital communication protocol for conducting sealed bid auctions with high stakes, where the anonymity of bids as well as other aspects of fairness must be protected. The Dining Cryptographers' Protocol (denoted by DC) was presented by David Chaum in 1988. The protocol allows the participants to broadcast a message anonymously. In a recent paper (Another Twist in the Dining Cryptographers' Protocol, submitted to Journal of Cryptology) the authors propose a variant of the original DC eliminating its main disadvantages. In this paper we present a cryptographic protocol realizing anonymous sealed bid auctions, such as first price or Vickrey auction, based on this variant. The proposed scheme allows to identify at least one dishonest participants violating the protocol without the using of Trusted Third Parties. Additionally, we require that bids are binding. It is achieved by enabling all participants acting in concert (the so-called "angry mob") to find out the identity of the winner, in case the winner fails to make the purchase.
