当前期刊: arXiv - CS - Cryptography and Security Go to current issue    加入关注   
显示样式:        排序: IF: - GO 导出
我的关注
我的收藏
您暂时未登录!
登录
  • Puncturable Encryption: A Generic Construction from Delegatable Fully Key-Homomorphic Encryption
    arXiv.cs.CR Pub Date : 2020-07-13
    Willy Susilo; Dung Hoang Duong; Huy Quoc Le; Josef Pieprzyk

    Puncturable encryption (PE), proposed by Green and Miers at IEEE S&P 2015, is a kind of public key encryption that allows recipients to revoke individual messages by repeatedly updating decryption keys without communicating with senders. PE is an essential tool for constructing many interesting applications, such as asynchronous messaging systems, forward-secret zero round-trip time protocols, public-key

    更新日期:2020-07-14
  • In-place implementation of Quantum-Gimli
    arXiv.cs.CR Pub Date : 2020-07-13
    Lars Schlieper

    We present an in-place implementation of the $\textbf{Gimli}$ permutation, a NIST round 2 candidate for lightweight cryptography and provide an upper bound for the required quantum resource in depth and gate-counts. In particular, we do not use any ancilla bits and the state that our circuit produces is not entangled with any input, which offers further freedom in the usability and allows for a widespread

    更新日期:2020-07-14
  • Asymptotic Privacy Loss due to Time Series Matching of Dependent Users
    arXiv.cs.CR Pub Date : 2020-07-12
    Nazanin Takbiri; Minting Chen; Dennis L. Goeckel; Amir Houmansadr; Hossein Pishro-Nik

    The Internet of Things (IoT) promises to improve user utility by tuning applications to user behavior, but revealing the characteristics of a user's behavior presents a significant privacy risk. Our previous work has established the challenging requirements for anonymization to protect users' privacy in a Bayesian setting in which we assume a powerful adversary who has perfect knowledge of the prior

    更新日期:2020-07-14
  • Blockchain for the Internet of Vehicles towards Intelligent Transportation Systems: A Survey
    arXiv.cs.CR Pub Date : 2020-07-12
    Muhammad Baqer Mollah; Jun Zhao; Dusit Niyato; Yong Liang Guan; Chau Yuen; Sumei Sun; Kwok-Yan Lam; Leong Hai Koh

    Internet of Vehicles (IoV) is an emerging concept that is believed to help realise the vision of intelligent transportation systems (ITS). IoV has become an important research area of impactful applications in recent years due to the rapid advancements in vehicular technologies, high throughput satellite communication, Internet of Things and cyber-physical systems. IoV enables the integration of smart

    更新日期:2020-07-14
  • Radium: Improving Dynamic PoW Targeting
    arXiv.cs.CR Pub Date : 2020-07-12
    George Bissias

    Most PoW blockchain protocols operate with a simple mechanism whereby a threshold is set for each block and miners generate block hashes until one of those values falls below the threshold. Although largely effective, this mechanism produces blocks at a highly variable rate and also leaves a blockchain susceptible to chain death, i.e. abandonment in the event that the threshold is set too high to attract

    更新日期:2020-07-14
  • The Taint Rabbit: Optimizing Generic Taint Analysis with Dynamic Fast Path Generation
    arXiv.cs.CR Pub Date : 2020-07-12
    John Galea; Daniel Kroening

    Generic taint analysis is a pivotal technique in software security. However, it suffers from staggeringly high overhead. In this paper, we explore the hypothesis whether just-in-time (JIT) generation of fast paths for tracking taint can enhance the performance. To this end, we present the Taint Rabbit, which supports highly customizable user-defined taint policies and combines a JIT with fast context

    更新日期:2020-07-14
  • A Novel Dimension Reduction Scheme for Intrusion Detection Systems in IoT Environments
    arXiv.cs.CR Pub Date : 2020-07-12
    Amir Andalib; Vahid Tabataba Vakili

    Internet of Things (IoT) brings new challenges to the security solutions of computer networks. So far, intrusion detection system (IDS) is one of the effective security tools, but the vast amount of data that is generated by heterogeneous protocols and "things" alongside the constrained resources of the hosts, make some of the present IDS schemes defeated. To grant IDSs the ability of working in the

    更新日期:2020-07-14
  • On Runtime Software Security of TrustZone-M based IoT Devices
    arXiv.cs.CR Pub Date : 2020-07-12
    Lan Luo; Yue Zhang; Cliff C. Zou; Xinhui Shao; Zhen Ling; Xinwen Fu

    Internet of Things (IoT) devices have been increasingly integrated into our daily life. However, such smart devices suffer a broad attack surface. Particularly, attacks targeting the device software at runtime are challenging to defend against if IoT devices use resource-constrained microcontrollers (MCUs). TrustZone-M, a TrustZone extension for MCUs, is an emerging security technique fortifying MCU

    更新日期:2020-07-14
  • Understanding Object Detection Through An Adversarial Lens
    arXiv.cs.CR Pub Date : 2020-07-11
    Ka-Ho Chow; Ling Liu; Mehmet Emre Gursoy; Stacey Truex; Wenqi Wei; Yanzhao Wu

    Deep neural networks based object detection models have revolutionized computer vision and fueled the development of a wide range of visual recognition applications. However, recent studies have revealed that deep object detectors can be compromised under adversarial attacks, causing a victim detector to detect no object, fake objects, or mislabeled objects. With object detection being used pervasively

    更新日期:2020-07-14
  • ManiGen: A Manifold Aided Black-box Generator of Adversarial Examples
    arXiv.cs.CR Pub Date : 2020-07-11
    Guanxiong Liu; Issa Khalil; Abdallah Khreishah; Abdulelah Algosaibi; Adel Aldalbahi; Mohammed Alaneem; Abdulaziz Alhumam; Mohammed Anan

    Machine learning models, especially neural network (NN) classifiers, have acceptable performance and accuracy that leads to their wide adoption in different aspects of our daily lives. The underlying assumption is that these models are generated and used in attack free scenarios. However, it has been shown that neural network based classifiers are vulnerable to adversarial examples. Adversarial examples

    更新日期:2020-07-14
  • Efficient MDP Analysis for Selfish-Mining in Blockchains
    arXiv.cs.CR Pub Date : 2020-07-10
    Roi Bar Zur; Ittay Eyal; Aviv Tamar

    A proof of work (PoW) blockchain protocol distributes rewards to its participants, called miners, according to their share of the total computational power. Sufficiently large miners can perform selfish mining - deviate from the protocol to gain more than their fair share. Such systems are thus secure if all miners are smaller than a threshold size so their best response is following the protocol.

    更新日期:2020-07-14
  • Hardware Implementation of Keyless Encryption Scheme for Internet of Things Based on Image of Memristors
    arXiv.cs.CR Pub Date : 2020-07-10
    Mohammad Mohammadinodoushan

    The Internet of Things (IoT) is rapidly increasing the number of connected devices. This causes new concerns towards solutions for authenticating numerous IoT devices. Most of these devices are resource-constrained. Therefore, the use of long-secret keys, in traditional cryptography schemes can be hard to implement. Also, the key generation, distribution, and storage are very complex. Moreover, the

    更新日期:2020-07-14
  • THEMIS: Decentralized and Trustless Ad Platform with Reporting Integrity
    arXiv.cs.CR Pub Date : 2020-07-10
    Gonçalo Pestana; Iñigo Querejeta-Azurmendi; Panagiotis Papadopoulos; Benjamin Livshits

    Online advertising fuels the (seemingly) free internet. However, although users can access a website free of charge, there is a heavy cost on their privacy due to the deployed user tracking. To make matters worse, in the current ad ecosystem there is no transparency: apart from users, publishers and advertisers, there are numerous dubious middlemen exploiting the ad revenues and the users' data beyond

    更新日期:2020-07-14
  • Differentially private cross-silo federated learning
    arXiv.cs.CR Pub Date : 2020-07-10
    Mikko A. Heikkilä; Antti Koskela; Kana Shimizu; Samuel Kaski; Antti Honkela

    Strict privacy is of paramount importance in distributed machine learning. Federated learning, with the main idea of communicating only what is needed for learning, has been recently introduced as a general approach for distributed learning to enhance learning and improve security. However, federated learning by itself does not guarantee any privacy for data subjects. To quantify and control how much

    更新日期:2020-07-14
  • SMEs Confidentiality Concerns for Security Information Sharing
    arXiv.cs.CR Pub Date : 2020-07-13
    Alireza Shojaifar; Samuel A. Fricker

    Small and medium sized enterprises are considered an essential part of the EU economy, however, highly vulnerable to cyberattacks. SMEs have specific characteristics which separate them from large companies and influence their adoption of good cybersecurity practices. To mitigate the SMEs cybersecurity adoption issues and raise their awareness of cyber threats, we have designed a self paced security

    更新日期:2020-07-14
  • The Good, The Bad, and The Ugly: Quality Inference in Federated Learning
    arXiv.cs.CR Pub Date : 2020-07-13
    Balázs Pejó

    Collaborative machine learning algorithms are developed both for efficiency reasons and to ensure the privacy protection of sensitive data used for processing. Federated learning is the most popular of these methods, where 1) learning is done locally, and 2) only a subset of the participants contribute in each training round. Despite of no data is shared explicitly, recent studies showed that models

    更新日期:2020-07-14
  • Probabilistic Jacobian-based Saliency Maps Attacks
    arXiv.cs.CR Pub Date : 2020-07-12
    António Loison; Théo Combey; Hatem Hajri

    Machine learning models have achieved spectacular performances in various critical fields including intelligent monitoring, autonomous driving and malware detection. Therefore, robustness against adversarial attacks represents a key issue to trust these models. In particular, the Jacobian-based Saliency Map Attack (JSMA) is widely used to fool neural network classifiers. In this paper, we introduce

    更新日期:2020-07-14
  • A Graph Symmetrisation Bound on Channel Information Leakage under Blowfish Privacy
    arXiv.cs.CR Pub Date : 2020-07-12
    Tobias Edwards; Benjamin I. P. Rubinstein; Zuhe Zhang; Sanming Zhou

    Blowfish privacy is a recent generalisation of differential privacy that enables improved utility while maintaining privacy policies with semantic guarantees, a factor that has driven the popularity of differential privacy in computer science. This paper relates Blowfish privacy to an important measure of privacy loss of information channels from the communications theory community: min-entropy leakage

    更新日期:2020-07-14
  • Improved Detection of Adversarial Images Using Deep Neural Networks
    arXiv.cs.CR Pub Date : 2020-07-10
    Yutong Gao; Yi Pan

    Machine learning techniques are immensely deployed in both industry and academy. Recent studies indicate that machine learning models used for classification tasks are vulnerable to adversarial examples, which limits the usage of applications in the fields with high precision requirements. We propose a new approach called Feature Map Denoising to detect the adversarial inputs and show the performance

    更新日期:2020-07-14
  • Quantum Secured Internet Transport
    arXiv.cs.CR Pub Date : 2020-07-10
    Bernardo Huberman; Bob Lund; Jing Wang

    Quantum computing represents an emerging threat to the public key infrastructure underlying transport layer security (TLS) widely used in the Internet. This paper describes how QKD symmetric keys can be used with TLS to provide quantum computing resistant security for existing Internet applications. We also implement and test a general hybrid key delivery architecture with QKD over long distance fibers

    更新日期:2020-07-13
  • From Task Tuning to Task Assignment in Privacy-Preserving Crowdsourcing Platforms
    arXiv.cs.CR Pub Date : 2020-07-10
    Joris DuguépérouxDRUID; Tristan AllardDRUID

    Specialized worker profiles of crowdsourcing platforms may contain a large amount of identifying and possibly sensitive personal information (e.g., personal preferences, skills, available slots, available devices) raising strong privacy concerns. This led to the design of privacy-preserving crowdsourcing platforms, that aim at enabling efficient crowd-sourcing processes while providing strong privacy

    更新日期:2020-07-13
  • Microarchitecture Online Template Attacks
    arXiv.cs.CR Pub Date : 2020-07-10
    Alejandro Cabrera Aldaya; Billy Bob Brumley

    Online template attack (OTA) is a powerful technique previously used to attack elliptic curve scalar multiplication algorithms. This attack has been only analyzed in the realm of power-consumption and EM side-channels, where the signals leak about the value to be processed. However, no microarchitecture analysis variant has been proposed, especially considering the different nature between power-consumption

    更新日期:2020-07-13
  • Enhancing the Performance of Practical Profiling Side-Channel Attacks Using Conditional Generative Adversarial Networks
    arXiv.cs.CR Pub Date : 2020-07-10
    Ping Wang; Ping Chen; Zhimin Luo; Gaofeng Dong; Mengce Zheng; Nenghai Yu; Honggang Hu

    Recently, many profiling side-channel attacks based on Machine Learning and Deep Learning have been proposed. Most of them focus on reducing the number of traces required for successful attacks by optimizing the modeling algorithms. In previous work, relatively sufficient traces need to be used for training a model. However, in the practical profiling phase, it is difficult or impossible to collect

    更新日期:2020-07-13
  • Decentralized Accessibility of e-commerce Products through Blockchain Technology
    arXiv.cs.CR Pub Date : 2020-07-10
    Gulshan Kumara; Rahul Sahaa; William J Buchanan; G. Geethaa; Reji Thomasa; Tai-Hoon Kimc; Mamoun Alazab

    A distributed and transparent ledger system is considered for various e-commerce products including health medicines, electronics, security appliances, food products and many more to ensure technological and e-commerce sustainability. This solution, named as 'PRODCHAIN', is a generic blockchain framework with lattice-based cryptographic processes for reducing the complexity for tracing the e-commerce

    更新日期:2020-07-13
  • "It's Not Something We Have Talked to Our Team About": Results From a Preliminary Investigation of Cybersecurity Challenges in Denmark
    arXiv.cs.CR Pub Date : 2020-07-10
    Camilla Nadja Fleron; Jonas Kofod Jørgensen; Oksana Kulyk; Elda Paja

    Although Denmark is reportedly one of the most digitised countries in Europe, IT security in Danish companies has not followed along. To shed light into the challenges that companies experience with implementing IT security, we conducted a preliminary study running semi-structured interviews with four employees from four different companies, asking about their IT security and what they need to reduce

    更新日期:2020-07-13
  • Towards Tracking Data Flows in Cloud Architectures
    arXiv.cs.CR Pub Date : 2020-07-10
    Immanuel Kunz; Valentina Casola; Angelika Schneider; Christian Banse; Julian Schütte

    As cloud services become central in an increasing number of applications, they process and store more personal and business-critical data. At the same time, privacy and compliance regulations such as GDPR, the EU ePrivacy regulation, PCI, and the upcoming EU Cybersecurity Act raise the bar for secure processing and traceability of critical data. Especially the demand to provide information about existing

    更新日期:2020-07-13
  • Security in Wireless Sensor Networks: Issues and Challenges
    arXiv.cs.CR Pub Date : 2020-07-09
    Mahsa Teymourzadeh; Roshanak Vahed; Soulmaz Alibeygi; Narges Dastanpour

    A wireless sensor network (WSN) has important applications such as remote environmental monitoring and target tracking. In addition, Wireless Sensor networks is an emerging technology and have great potential to be employed in critical situations like battlefields and commercial applications such as building, traffic surveillance, habitat monitoring and smart homes and many more scenarios. One of the

    更新日期:2020-07-13
  • Generating Adversarial Inputs Using A Black-box Differential Technique
    arXiv.cs.CR Pub Date : 2020-07-10
    João Batista Pereira Matos Juúnior; Lucas Carvalho Cordeiro; Marcelo d'Amorim; Xiaowei Huang

    Neural Networks (NNs) are known to be vulnerable to adversarial attacks. A malicious agent initiates these attacks by perturbing an input into another one such that the two inputs are classified differently by the NN. In this paper, we consider a special class of adversarial examples, which can exhibit not only the weakness of NN models - as do for the typical adversarial examples - but also the different

    更新日期:2020-07-13
  • Improving Software Defined Cognitive and Secure Networking
    arXiv.cs.CR Pub Date : 2020-07-10
    Ijaz Ahmad

    Traditional communication networks consist of large sets of vendor-specific manually configurable devices which are hardwired with specific control logic or algorithms. The resulting networks comprise distributed control plane architectures that are complex in nature, difficult to integrate and operate, and are least efficient in terms of resource usage. However, the rapid increase in data traffic

    更新日期:2020-07-13
  • Differentially Private Simple Linear Regression
    arXiv.cs.CR Pub Date : 2020-07-10
    Daniel Alabi; Audra McMillan; Jayshree Sarathy; Adam Smith; Salil Vadhan

    Economics and social science research often require analyzing datasets of sensitive personal information at fine granularity, with models fit to small subsets of the data. Unfortunately, such fine-grained analysis can easily reveal sensitive individual information. We study algorithms for simple linear regression that satisfy differential privacy, a constraint which guarantees that an algorithm's output

    更新日期:2020-07-13
  • Attack of the Tails: Yes, You Really Can Backdoor Federated Learning
    arXiv.cs.CR Pub Date : 2020-07-09
    Hongyi Wang; Kartik Sreenivasan; Shashank Rajput; Harit Vishwakarma; Saurabh Agarwal; Jy-yong Sohn; Kangwook Lee; Dimitris Papailiopoulos

    Due to its decentralized nature, Federated Learning (FL) lends itself to adversarial attacks in the form of backdoors during training. The goal of a backdoor is to corrupt the performance of the trained model on specific sub-tasks (e.g., by classifying green cars as frogs). A range of FL backdoor attacks have been introduced in the literature, but also methods to defend against them, and it is currently

    更新日期:2020-07-13
  • Human Cognition through the Lens of Social Engineering Cyberattacks
    arXiv.cs.CR Pub Date : 2020-07-09
    Rosana Montanez Rodriguez; Edward Golog; Shouhuai Xu

    Social engineering cyberattacks are a major threat because they often prelude sophisticated and devastating cyberattacks. Social engineering cyberattacks are a kind of psychological attack that exploits weaknesses in human cognitive functions. Adequate defense against social engineering cyberattacks requires a deeper understanding of what aspects of human cognition are exploited by these cyberattacks

    更新日期:2020-07-10
  • Human-Computer Interaction Considerations When Developing Cyber Ranges
    arXiv.cs.CR Pub Date : 2020-07-09
    Lynsay A. Shepherd; Stefano De Paoli; Jim Conacher

    The number of cyber-attacks are continuing to rise globally. It is therefore vital for organisations to develop the necessary skills to secure their assets and to protect critical national infrastructure. In this short paper, we outline upon human-computer interaction elements which should be considered when developing a cybersecurity training platform, in an effort to maintain levels of user engagement

    更新日期:2020-07-10
  • The Road Not Taken: Re-thinking the Feasibility of Voice Calling Over Tor
    arXiv.cs.CR Pub Date : 2020-07-09
    Piyush Kumar Sharma; Shashwat Chaudhary; Nikhil Hassija; Mukulika Maity; Sambuddho Chakravarty

    Anonymous VoIP calls over the Internet holds great significance for privacy-conscious users, whistle-blowers and political activists alike. Prior research deems popular anonymization systems like Tor unsuitable for providing requisite performance guarantees that real-time applications like VoIP need. Their claims are backed by studies that may no longer be valid due to constant advancements in Tor

    更新日期:2020-07-10
  • A Secure Back-up and Restore for Resource-Constrained IoT based on Nanotechnology
    arXiv.cs.CR Pub Date : 2020-07-09
    Mesbah Uddin; Md. Badruddoja Majumder; Md. Sakib Hasan; Garrett S. Rose

    With the emergence of IoT (Internet of things), huge amounts of sensitive data are being processed and transmitted everyday in edge devices with little to no security. Due to their aggressive power management schemes, it is a common and necessary technique to make a back-up of their program states and other necessary data in a non-volatile memory (NVM) before going to sleep or low power mode. However

    更新日期:2020-07-10
  • Artificial Intelligence and Machine Learning in 5G Network Security: Opportunities, advantages, and future research trends
    arXiv.cs.CR Pub Date : 2020-07-09
    Noman Haider; Muhammad Zeeshan Baig; Muhammad Imran

    Recent technological and architectural advancements in 5G networks have proven their worth as the deployment has started over the world. Key performance elevating factor from access to core network are softwareization, cloudification and virtualization of key enabling network functions. Along with the rapid evolution comes the risks, threats and vulnerabilities in the system for those who plan to exploit

    更新日期:2020-07-10
  • Are PETs (Privacy Enhancing Technologies) Giving Protection for Smartphones? -- A Case Study
    arXiv.cs.CR Pub Date : 2020-07-08
    Tanusree Sharma; Masooda Bashir

    With smartphone technologies enhanced way of interacting with the world around us, it has also been paving the way for easier access to our private and personal information. This has been amplified by the existence of numerous embedded sensors utilized by millions of apps to users. While mobile apps have positively transformed many aspects of our lives with new functionalities, many of these applications

    更新日期:2020-07-10
  • Epidemic Exposure Notification with Smartwatch: A Proximity-Based Privacy-Preserving Approach
    arXiv.cs.CR Pub Date : 2020-07-08
    Pai Chet Ng; Petros Spachos; Stefano Gregori; Konstantinos Plataniotis

    Businesses planning for the post-pandemic world are looking for innovative ways to protect the health and welfare of their employees and customers. Wireless technologies can play a key role in assisting contact tracing to quickly halt a local infection outbreak and prevent further spread. In this work, we present a wearable proximity and exposure notification solution based on a smartwatch that also

    更新日期:2020-07-10
  • Serverless Electronic Mail
    arXiv.cs.CR Pub Date : 2020-07-09
    Geoffrey Goodell

    We describe a simple approach to peer-to-peer electronic mail that would allow users of ordinary workstations and mobile devices to exchange messages without relying upon third-party mail server operators. Crucially, the system allows participants to establish and use multiple unlinked identities for communication with each other. The architecture leverages ordinary SMTP \cite{smtp} for message delivery

    更新日期:2020-07-10
  • SmartBugs: A Framework to Analyze Solidity Smart Contracts
    arXiv.cs.CR Pub Date : 2020-07-08
    João F. Ferreira; Pedro Cruz; Thomas Durieux; Rui Abreu

    Over the last few years, there has been substantial research on automated analysis, testing, and debugging of Ethereum smart contracts. However, it is not trivial to compare and reproduce that research. To address this, we present SmartBugs, an extensible and easy-to-use execution framework that simplifies the execution of analysis tools on smart contracts written in Solidity, the primary language

    更新日期:2020-07-10
  • A Critical Evaluation of Open-World Machine Learning
    arXiv.cs.CR Pub Date : 2020-07-08
    Liwei Song; Vikash Sehwag; Arjun Nitin Bhagoji; Prateek Mittal

    Open-world machine learning (ML) combines closed-world models trained on in-distribution data with out-of-distribution (OOD) detectors, which aim to detect and reject OOD inputs. Previous works on open-world ML systems usually fail to test their reliability under diverse, and possibly adversarial conditions. Therefore, in this paper, we seek to understand how resilient are state-of-the-art open-world

    更新日期:2020-07-10
  • Agile Approach for IT Forensics Management
    arXiv.cs.CR Pub Date : 2020-07-08
    Matthias Schopp; Peter Hillmann

    The forensic investigation of cyber attacks and IT incidents is becoming increasingly difficult due to increasing complexity and intensify networking. Especially with Advanced Attacks (AT) like the increasing Advanced Persistent Threats an agile approach is indispensable. Several systems are involved in an attack (multi-host attacks). Current forensic models and procedures show considerable deficits

    更新日期:2020-07-09
  • Automated Multi-Architectural Discovery of CFI-Resistant Code Gadgets
    arXiv.cs.CR Pub Date : 2020-07-06
    Patrick Wollgast; Robert Gawlik; Behrad Garmany; Benjamin Kollenda; Thorsten Holz

    Memory corruption vulnerabilities are still a severe threat for software systems. To thwart the exploitation of such vulnerabilities, many different kinds of defenses have been proposed in the past. Most prominently, Control-Flow Integrity (CFI) has received a lot of attention recently. Several proposals were published that apply coarse-grained policies with a low performance overhead. However, their

    更新日期:2020-07-09
  • Green-PoW: An Energy-Efficient Blockchain Proof-of-Work Consensus Algorithm
    arXiv.cs.CR Pub Date : 2020-07-08
    Noureddine Lasla; Lina Alsahan; Mohamed Abdallah; Mohamed Younis

    This paper opts to mitigate the energy-inefficiency of the Blockchain Proof-of-Work (PoW) consensus algorithm by rationally repurposing the power spent during the mining process. The original PoW mining scheme is designed to consider one block at a time and assign a reward to the first place winner of a computation race. To reduce the mining-related energy consumption, we propose to compensate the

    更新日期:2020-07-09
  • Threshold ECDSA with an Offline Recovery Party
    arXiv.cs.CR Pub Date : 2020-07-08
    Michele BattagliolaDepartment of Mathematics, University of Trento, Italy; Riccardo LongoDepartment of Mathematics, University of Trento, Italy; Alessio MeneghettiDepartment of Mathematics, University of Trento, Italy; Massimiliano SalaDepartment of Mathematics, University of Trento, Italy

    A $(t,n)-$ threshold signature scheme enables distributed signing among $n$ players such that any subgroup of size $t$ can sign, whereas any group with fewer players cannot. Our goal is to produce signatures that are compatible with an existing centralized signature scheme: the key generation and signature algorithm are replaced by a communication protocol between the parties, but the verification

    更新日期:2020-07-09
  • Privacy and Integrity Preserving Computations with CRISP
    arXiv.cs.CR Pub Date : 2020-07-08
    Sylvain Chatel; Apostolos Pyrgelis; Juan Ramon Troncoso-Pastoriza; Jean-Pierre Hubaux

    In the digital era, users share their personal data with service providers to obtain some utility, e.g., access to high-quality services. Yet, the induced information flows raise privacy and integrity concerns. Consequently, cautious users may want to protect their privacy by minimizing the amount of information they disclose to curious service providers. Service providers are interested in verifying

    更新日期:2020-07-09
  • Attacking Split Manufacturing from a Deep Learning Perspective
    arXiv.cs.CR Pub Date : 2020-07-08
    Haocheng Li; Satwik Patnaik; Abhrajit Sengupta; Haoyu Yang; Johann Knechtel; Bei Yu; Evangeline F. Y. Young; Ozgur Sinanoglu

    The notion of integrated circuit split manufacturing which delegates the front-end-of-line (FEOL) and back-end-of-line (BEOL) parts to different foundries, is to prevent overproduction, piracy of the intellectual property (IP), or targeted insertion of hardware Trojans by adversaries in the FEOL facility. In this work, we challenge the security promise of split manufacturing by formulating various

    更新日期:2020-07-09
  • Power Side-Channel Attacks in Negative Capacitance Transistor (NCFET)
    arXiv.cs.CR Pub Date : 2020-07-08
    Johann Knechtel; Satwik Patnaik; Mohammed Nabeel; Mohammed Ashraf; Yogesh S. Chauhan; Jörg Henkel; Ozgur Sinanoglu; Hussam Amrouch

    Side-channel attacks have empowered bypassing of cryptographic components in circuits. Power side-channel (PSC) attacks have received particular traction, owing to their non-invasiveness and proven effectiveness. Aside from prior art focused on conventional technologies, this is the first work to investigate the emerging Negative Capacitance Transistor (NCFET) technology in the context of PSC attacks

    更新日期:2020-07-09
  • MPC Protocol for G-module and its Application in Secure Compare and ReLU
    arXiv.cs.CR Pub Date : 2020-07-08
    Qizhi Zhang; Lichun Li; Shan Yin; Juanjuan Sun

    Secure multi-party computation (MPC) is a subfield of cryptography. Its aim is creating methods for multiple parties to jointly compute a function over their inputs meanwhile keeping their inputs privately. The Secure Compare problem, introduced by Yao under the name millionaire's problem, is an important problem in MPC. On the other hand, Privacy Preserving Machine Learning (PPML) is an intersectional

    更新日期:2020-07-09
  • Open-Pub: A Transparent yet Privacy-Preserving Academic Publication System based on Blockchain
    arXiv.cs.CR Pub Date : 2020-07-08
    Yan Zhou; Zhiguo Wan; Zhangshuang Guan

    Academic publication of latest research results are crucial to advance development of all disciplines. However, there are a number of severe disadvantages in current academic publication systems. The first problem is the misconduct during the publication process due to the opaque paper review process. An anonymous reviewer may give biased comments to a paper without being noticed or punished, because

    更新日期:2020-07-09
  • Security Apps under the Looking Glass: An Empirical Analysis of Android Security Apps
    arXiv.cs.CR Pub Date : 2020-07-08
    Weixian Yao; Yexuan Li; Weiye Lin; Tianhui Hu; Imran Chowdhury; Rahat Masood; Suranga Seneviratne

    Third-party security apps are an integral part of the Android app ecosystem. Many users install them as an extra layer of protection for their devices. There are hundreds of such security apps, both free and paid in Google Play Store and some of them are downloaded millions of times. By installing security apps, the smartphone users place a significant amount of trust towards the security companies

    更新日期:2020-07-09
  • Skeptic: Automatic, Justified and Privacy-Preserving Password Composition Policy Selection
    arXiv.cs.CR Pub Date : 2020-07-07
    Saul Johnson; João F. Ferreira; Alexandra Mendes; Julien Cordry

    The choice of password composition policy to enforce on a password-protected system represents a critical security decision, and has been shown to significantly affect the vulnerability of user-chosen passwords to guessing attacks. In practice, however, this choice is not usually rigorous or justifiable, with a tendency for system administrators to choose password composition policies based on intuition

    更新日期:2020-07-09
  • Giving Up Privacy For Security: A Survey On Privacy Trade-off During Pandemic Emergency
    arXiv.cs.CR Pub Date : 2020-07-01
    Sajedul Talukder; Md. Iftekharul Islam Sakib; Zahidur Talukder

    While the COVID-19 pandemic continues to be as complex as ever, the collection and exchange of data in the light of fighting coronavirus poses a major challenge for privacy systems around the globe. The disease's size and magnitude is not uncommon but it appears to be at the point of hysteria surrounding it. Consequently, in a very short time, extreme measures for dealing with the situation appear

    更新日期:2020-07-09
  • Secure Distributed Matrix Computation with Discrete Fourier Transform
    arXiv.cs.CR Pub Date : 2020-07-08
    Nitish Mital; Cong Ling; Deniz Gunduz

    We consider the problem of secure distributed matrix computation (SDMC), where a \textit{user} can query a function of data matrices generated at distributed \textit{source} nodes. We assume the availability of $N$ honest but curious computation servers, which are connected to the sources, the user, and each other through orthogonal and reliable communication links. Our goal is to minimize the amount

    更新日期:2020-07-09
  • BlockFLow: An Accountable and Privacy-Preserving Solution for Federated Learning
    arXiv.cs.CR Pub Date : 2020-07-08
    Vaikkunth Mugunthan; Ravi Rahman; Lalana Kagal

    Federated learning enables the development of a machine learning model among collaborating agents without requiring them to share their underlying data. However, malicious agents who train on random data, or worse, on datasets with the result classes inverted, can weaken the combined model. BlockFLow is an accountable federated learning system that is fully decentralized and privacy-preserving. Its

    更新日期:2020-07-09
  • Bypassing the Ambient Dimension: Private SGD with Gradient Subspace Identification
    arXiv.cs.CR Pub Date : 2020-07-07
    Yingxue Zhou; Zhiwei Steven Wu; Arindam Banerjee

    Differentially private SGD (DP-SGD) is one of the most popular methods for solving differentially private empirical risk minimization (ERM). Due to its noisy perturbation on each gradient update, the error rate of DP-SGD scales with the ambient dimension $p$, the number of parameters in the model. Such dependence can be problematic for over-parameterized models where $p \gg n$, the number of training

    更新日期:2020-07-09
  • Defending Against Backdoors in Federated Learning with Robust Learning Rate
    arXiv.cs.CR Pub Date : 2020-07-07
    Mustafa Safa Ozdayi; Murat Kantarcioglu; Yulia R. Gel

    Federated Learning (FL) allows a set of agents to collaboratively train a model in a decentralized fashion without sharing their potentially sensitive data. This makes FL suitable for privacy-preserving applications. At the same time, FL is susceptible to adversarial attacks due to decentralized and unvetted data. One important line of attacks against FL is the backdoor attacks. In a backdoor attack

    更新日期:2020-07-09
  • Detection as Regression: Certified Object Detection by Median Smoothing
    arXiv.cs.CR Pub Date : 2020-07-07
    Ping-yeh Chiang; Michael J. Curry; Ahmed Abdelkader; Aounon Kumar; John Dickerson; Tom Goldstein

    Despite the vulnerability of object detectors to adversarial attacks, very few defenses are known to date. While adversarial training can improve the empirical robustness of image classifiers, a direct extension to object detection is very expensive. This work is motivated by recent progress on certified classification by randomized smoothing. We start by presenting a reduction from object detection

    更新日期:2020-07-09
  • Learning while Respecting Privacy and Robustness to Distributional Uncertainties and Adversarial Data
    arXiv.cs.CR Pub Date : 2020-07-07
    Alireza Sadeghi; Gang Wang; Meng Ma; Georgios B. Giannakis

    Data used to train machine learning models can be adversarial--maliciously constructed by adversaries to fool the model. Challenge also arises by privacy, confidentiality, or due to legal constraints when data are geographically gathered and stored across multiple learners, some of which may hold even an "anonymized" or unreliable dataset. In this context, the distributionally robust optimization framework

    更新日期:2020-07-09
  • Cryptanalysis of Quantum Secure Direct Communication Protocol with Mutual Authentication Based on Single Photons and Bell States
    arXiv.cs.CR Pub Date : 2020-07-07
    Nayana Das; Goutam Paul

    Recently, Yan et al. proposed a quantum secure direct communication (QSDC) protocol with authentication using single photons and Einstein-Podolsky-Rosen (EPR) pairs (Yan et al., CMC-Computers, Materials \& Continua, 63(3), 2020). In this work, we show that the QSDC protocol is not secure against intercept-and-resend attack and impersonation attack. An eavesdropper can get the full secret message by

    更新日期:2020-07-09
Contents have been reproduced by permission of the publishers.
导出
全部期刊列表>>
AI核心技术
10years
材料学研究精选
Springer Nature Live 产业与创新线上学术论坛
胸腔和胸部成像专题
自然科研论文编辑服务
ACS ES&T Engineering
ACS ES&T Water
屿渡论文,编辑服务
杨超勇
周一歌
华东师范大学
段炼
清华大学
廖矿标
李远
跟Nature、Science文章学绘图
隐藏1h前已浏览文章
中洪博元
课题组网站
新版X-MOL期刊搜索和高级搜索功能介绍
ACS材料视界
x-mol收录
福州大学
南京大学
王杰
左智伟
电子显微学
何凤
洛杉矶分校
吴杰
赵延川
试剂库存
天合科研
down
wechat
bug