Using vehicular ad-hoc network, smart vehicles can detect dangerous events on the road and announce warnings to other vehicles to ensure road safety. The other vehicles nearby may receive the warning ...messages and accordingly choose a different route. But, because of the presence of malicious users on the road and errors in the detection system, some warning messages may prove dubious. Therefore, to distinguish between genuine and dubious messages, an element of trust has to be infused into the warning system. One common approach for this is to enable the receivers count the popularity of the reports of a warning event, i.e., the trust level. Once the trust level meets a predefined threshold, the vehicle's on-board unit will trust the warning event and warn the driver. Yet, owing to security and privacy concerns, anonymous counting problem does exist, because it is hard to fulfill both anonymity and counting requirements. In this paper, the authors define the anonymous counting problem and then propose a conditional distinguishable pseudo identities scheme that achieves conditional anonymity to overcome the counting problem. To achieve this feature of pseudo identities, time slot was added to minimize the influence of the adversary. Randomized batch verification was applied to enhance efficiency. Furthermore, it is shown how to achieve those features and provide proof on pairing equations. Finally, the time complexity of the proposed scheme was analyzed and its performance evaluated by Simulation of Urban Mobility.
CAST-128 is a block cipher used in a number of products, notably as the default cipher in some versions of GPG and PGP. It has been approved for Canadian government use by the Communications Security ...Establishment. Haruki Seki et al. found 2-round differential characteristics and they can attack 5-round CAST-128. In this paper, we studied the properties of round functions F1 and F3 in CAST-128, and identified differential characteristics for F1 round function and F3 round function. So we identified a 6-round differential characteristic with probability 2-53 under 2-23.8 of the total key space. Then based on 6-round differential characteristic, we can attack 8-round CAST-128 with key sizes greater than or equal to 72bits and 9-round CAST-128 with key sizes greater than or equal to 104bits. We give the summary of attacks on reduced-round CAST-128 in Table 10.
This book constitutes the refereed proceedings of the 7th International Conference on Cryptology & Network Security, held in Hong Kong in 2008. The papers are organized in sections on cryptosystems, ...signatures, identification, authentication & key management, cryptographic algorithms & protocols, applications & implementations & more.
Verifying the integrity of a hard disk is an important concern in computer forensics, as the law enforcement party needs to confirm that the data inside the hard disk have not been modified during ...the investigation. A typical approach is to compute a single chained hash value of all sectors in a specific order. However, this technique loses the integrity of all other sectors even if only one of the sectors becomes a bad sector occasionally or is modified intentionally. In this paper we propose a k-dimensional hashing scheme, kD for short, to distribute sectors into a kD space, and to calculate multiple hash values for sectors in k dimensions as integrity evidence. Since the integrity of the sectors can be verified depending on any hash value calculated using the sectors, the probability to verify the integrity of unchanged sectors can be high even with bad/modified sectors in the hard disk. We show how to efficiently implement this kD hashing scheme such that the storage of hash values can be reduced while increasing the chance of an unaffected sector to be verified successfully. Experimental results of a 3D scheme show that both the time for computing the hash values and the storage for the hash values are reasonable.
Federated Machine Learning (FML) sheds light on secure distributed machine learning. However, generic FML methods may lead to privacy-leakage through the sharing of training information of individual ...models and have relatively poor performance when the training datasets for individual models are biased and diversified. This is a problem in combining models trained in different scenarios of IoT devices since the available training datasets are usually limited and biased. To tackle this problem, we propose a novel approach to precisely ensemble results from different models in distributed edge devices. Instead of passing the training information of individual models around that requires a relatively large amount of bandwidth and compromises data privacy, we suggest employing a trusted central agent that only collects different inference results from edge devices. Then based on a limited amount of labeled data, the agent runs a designed statistical iterative crowdsourcing algorithm to combine results for a more accurate aggregated prediction towards a user query. Our proposed system model, "Privacy-Preserving Federated Learning System", together with our light-weight Secure Crowdsourcing Aggregation (SC-Agg) algorithm, provide a more accurate prediction for outside queries at little cost without any prior knowledge of what query will be submitted. We experimentally verify that in our system, SC-Agg consistently outperforms the majority voting method and the best performing model of the ensemble in all testing scenarios. We believe that SC-Agg fits the real-world IoT applications better than other methods, such as the vanilla majority voting, for its robustness and better performance.
The 6th ACM Symposium on Information, Computer and Communication Security (ASIACCS 2011) was held in Hong Kong, China, on 22-24 March 2011. The conference was sponsored by the ACM Special Interest ...Group on Security, Audit, and Control (SIGSAC), and was supported by the Center for Information Security & Cryptography (CISC) at the University of Hong Kong, the School of Professional and Continuing Education (SPACE) at the University of Hong Kong, and the Department of Computer Science, City University of Hong Kong. The ASIACCS series is built on the success of ACM Conference on Computer and Communications Security (CCS) and ACM Transactions on Information and System Security (TISSEC) and aims at bringing together researchers and practitioners working in the areas of information, computer and communications security from universities, industry and government sectors. The Program Committee received 217 paper submissions, and accepted 35 regular papers and 24 short papers for presentation at the conference. The final versions of the accepted papers, which the authors finalized on the basis of comments from the reviewers, were included in the proceedings. Each paper was carefully reviewed by at least three program committee members on the basis of its significance, novelty, and technical quality. The individual reviewing process was double-blind. It was followed by a Web-based discussion. Based on the comments and scores given by reviewers, the final decisions on acceptance were made.
Electric vehicle has attracted more and more attention all around the world in recent years because of its many advantages such as low pollution to the environment. However, due to the limitation of ...current technology, charging remains an important issue. In this paper, we study the problem of finding and making reservation on charging stations via a vehicular ad hoc network (VANET). Our focus is on the privacy concern as drivers would not like to be traced by knowing which charging stations they have visited. Technically, we make use of the property of blind signature to achieve this goal. In brief, an electric vehicle first generates a set of anonymous credentials on its own. A trusted authority then blindly signs on them after verifying the identity of the vehicle. After that, the vehicle can make charging station searching queries and reservations by presenting those signed anonymous credentials. We implemented the scheme and show that the credential signing process (expected to be the most time consuming step) can be completed within reasonable time when the parameters are properly set. In particular, the process can be completed in 5 minutes when 1024 bits of RSA signing key is used. Moreover, we show that our scheme is secure in terms of authentication and privacy-preserving.
A distributed program is one that consists of several components distributed over a network of computers. The reliability of a distributed program is strongly affected by the behaviour of the ...underlying distributed system software platform. One of the most fundamental issues in improving the reliability of distributed programs is to provide a better environment within which these programs operate. This paper investigates the functional requirement of the infrastructure of a distributed operating system in anticipation of the goal of improving the reliability of distributed programs. It identifies the major problems that make the task of achieving high software quality hard to accomplish, then suggests possible functionality that is advisable for the system infrastructure to provide. The design and implementation of the new distributed system service are then described.
In (Hui and Martel, 1993), we designed and analyzed efficient self-adjusting linear list algorithms. Our analysis proves that a self-adjusting linear list algorithm, MP, is competitive to a large ...class of offline adversaries, where the operations are successful searches, unsuccessful searches, and insertions. Analysis of deletions is listed as an open question. This paper presents an improved version of MP which is also able to handle deletions efficiently, and proves that the new MP algorithm is 6-competitive to offline adversaries when considering successful searches, unsuccessful searches, insertions, and deletions.