MobChain: Three-Way Collusion Resistance in Witness-Oriented Location Proof Systems Using Distributed Consensus

Smart devices have accentuated the importance of geolocation information. Geolocation identification using smart devices has paved the path for incentive-based location-based services (LBS). However, a user’s full control over a smart device can allow tampering of the location proof. Witness-oriented location proof systems (LPS) have emerged to resist the generation of false proofs and mitigate collusion attacks. However, witness-oriented LPS are still susceptible to three-way collusion attacks (involving the user, location authority, and the witness). To overcome the threat of three-way collusion in existing schemes, we introduce a decentralized consensus protocol called MobChain in this paper. In this scheme the selection of a witness and location authority is achieved through a distributed consensus of nodes in an underlying P2P network that establishes a private blockchain. The persistent provenance data over the blockchain provides strong security guarantees; as a result, the forging and manipulation of location becomes impractical. MobChain provides secure location provenance architecture, relying on decentralized decision making for the selection of participants of the protocol thereby addressing the three-way collusion problem. Our prototype implementation and comparison with the state-of-the-art solutions show that MobChain is computationally efficient and highly available while improving the security of LPS.

Anticollusion Attack Strategy Combining Trust Metrics and Secret Sharing for Friendships Protection

Online social networks provide users with services such as online interaction, instant messaging, and information sharing. The friend search engine, a new type of social application, provides users with the service for querying the list of other individuals’ friends. Currently, the existing research focuses on independent attacks for friend search engines while ignoring the more complicated collusion attacks, which can expose more friendships that users are not willing to share. Compared with independent attackers, collusion attackers share query results by cooperating with each other. In this article, we propose a resistance strategy against collusion attacks to protect the friendship privacy. The proposed trust metric is based on users’ behaviors and is combined with Shamir’s secret sharing system, which can transform friendships into secrets. Through secret distribution and reconfiguration, only the participants who meet the query requirements can successfully reconstruct the secret, while the participants who do not meet the query conditions cannot successfully obtain the secret fragments even if they obtain the secret fragments. Experiments are conducted to verify the effectiveness of the proposed strategy and proved that this strategy can greatly limit the number of malicious attackers, greatly reduce the probability of successful collusion attacks, and reduce the number of victims.

Proof-of-Prestige: A Useful Work Reward System for Unverifiable Tasks

As cryptographic tokens and altcoins are increasingly being built to serve as utility tokens, the notion of useful work consensus protocols is becoming ever more important. With useful work consensus protocols, users get rewards after they have carried out some specific tasks useful for the network. While in some cases the proof of some utility or service can be provided, the majority of tasks are impossible to verify reliably. To deal with such cases, we design “Proof-of-Prestige” (PoP)—a reward system that can run directly on Proof-of-Stake (PoS) blockchains or as a smart contract on top of Proof-of-Work (PoW) blockchains. PoP introduces “prestige,” which is a volatile resource that, in contrast to coins, regenerates over time. Prestige can be gained by performing useful work, spent when benefiting from services, and directly translates to users minting power. Our scheme allows us to reliably reward decentralized workers while keeping the system free for the end-users. PoP is resistant against Sybil and collusion attacks and can be used with a vast range of unverifiable tasks. We build a simulator to assess the cryptoeconomic behavior of the system and deploy a full prototype of a content dissemination platform rewarding its participants. We implement the blockchain component on both Ethereum (PoW) and Cosmos (PoS), provide a mobile application, and connect it with our scheme with a negligible memory footprint. Finally, we adapt a fair exchange protocol allowing us to atomically exchange files for rewards also in scenarios where not all the parties have Internet connectivity. Our evaluation shows that even for large Ethereum traces, PoP introduces sub-millisecond computational overhead for miners in Cosmos and less than 0.013$ smart contract invocation cost for users in Ethereum.

An Active and Passive Reputation Method for Secure Wideband Spectrum Sensing Based on Blockchain

Spectrum is a kind of non-reproducible scarce strategic resource. A secure wideband spectrum sensing technology provides the possibility for the next generation of ultra-dense, ultra-large-capacity communications to realize the shared utilization of spectrum resources. However, for the open collaborative sensing in cognitive radio networks, the collusion attacks of malicious users greatly affect the accuracy of the sensing results and the security of the entire network. To address this problem, this paper proposes a weighted fusion decision algorithm by using the blockchain technology. The proposed algorithm divides the single-node reputation into active reputation and passive reputation. Through the proposed token threshold concept, the active reputation is set to increase the malicious cost of the node; the passive reputation of the node is determined according to the historical data and recent performance of the blockchain. The final node weight is obtained by considering both kinds of reputation. The proposed scheme can build a trust-free platform for the cognitive radio collaborative networks. Compared with the traditional equal-gain combination algorithm and the centralized sensing algorithm based on the beta reputation system, the simulation results show that the proposed algorithm can obtain reliable sensing results with a lower number of assistants and sampling rate, and can effectively resist malicious users’ collusion attacks. Therefore, the security and the accuracy of cooperative spectrum sensing can be significantly improved in cognitive radio networks.

Secure Encapsulation Schemes Using Key Recovery System in IoMT Environments

Recently, as Internet of Things systems have been introduced to facilitate diagnosis and treatment in healthcare and medical environments, there are many issues concerning threats to these systems’ security. For instance, if a key used for encryption is lost or corrupted, then ciphertexts produced with this key cannot be decrypted any more. Hence, this paper presents two schemes for key recovery systems that can recover the lost or the corrupted keys of an Internet of Medical Things. In our proposal, when the key used for the ciphertext is needed, this key is obtained from a Key Recovery Field present in the cyphertext. Thus, the recovered key will allow decrypting the ciphertext. However, there are threats to this proposal, including the case of the Key Recovery Field being forged or altered by a malicious user and the possibility of collusion among participating entities (Medical Institution, Key Recovery Auditor, and Key Recovery Center) which can interpret the Key Recovery Field and abuse their authority to gain access to the data. To prevent these threats, two schemes are proposed. The first one enhances the security of a multi-agent key recovery system by providing the Key Recovery Field with efficient integrity and non-repudiation functions, and the second one provides a proxy re-encryption function resistant to collusion attacks against the key recovery system.

Privacy-Preserving and Robust Watermarking on Sequential Genome Data using Belief Propagation and Local Differential Privacy

Motivation Genome data is a subject of study for both biology and computer science since the start of the Human Genome Project in 1990. Since then, genome sequencing for medical and social purposes becomes more and more available and affordable. Genome data can be shared on public websites or with service providers. However, this sharing compromises the privacy of donors even under partial sharing conditions. We mainly focus on the liability aspect ensued by the unauthorized sharing of these genome data. One of the techniques to address the liability issues in data sharing is the watermarking mechanism. Results To detect malicious correspondents and service providers (SPs) -whose aim is to share genome data without individuals’ consent and undetected-, we propose a novel watermarking method on sequential genome data using belief propagation algorithm. In our method, we have two criteria to satisfy. (i) Embedding robust watermarks so that the malicious adversaries can not temper the watermark by modification and are identified with high probability (ii) Achieving ε-local differential privacy in all data sharings with SPs. For the preservation of system robustness against single SP and collusion attacks, we consider publicly available genomic information like Minor Allele Frequency, Linkage Disequilibrium, Phenotype Information and Familial Information. Our proposed scheme achieves 100% detection rate against the single SP attacks with only 3% watermark length. For the worst case scenario of collusion attacks (50% of SPs are malicious), 80% detection is achieved with 5% watermark length and 90% detection is achieved with 10% watermark length. For all cases, the impact of ε on precision remained negligible and high privacy is ensured. Availability https://github.com/acoksuz/PPRW_SGD_BPLDP Supplementary information Supplementary data are available at Bioinformatics online.

A Lattice-Based Homomorphic Proxy Re-Encryption Scheme with Strong Anti-Collusion for Cloud Computing

The homomorphic proxy re-encryption scheme combines the characteristics of a homomorphic encryption scheme and proxy re-encryption scheme. The proxy can not only convert a ciphertext of the delegator into a ciphertext of the delegatee, but also can homomorphically calculate the original ciphertext and re-encryption ciphertext belonging to the same user, so it is especially suitable for cloud computing. Yin et al. put forward the concept of a strong collusion attack on a proxy re-encryption scheme, and carried out a strong collusion attack on the scheme through an example. The existing homomorphic proxy re-encryption schemes use key switching algorithms to generate re-encryption keys, so it can not resist strong collusion attack. In this paper, we construct the first lattice-based homomorphic proxy re-encryption scheme with strong anti-collusion (HPRE-SAC). Firstly, algorithm TrapGen is used to generate an encryption key and trapdoor, then trapdoor sampling is used to generate a decryption key and re-encryption key, respectively. Finally, in order to ensure the homomorphism of ciphertext, a key switching algorithm is only used to generate the evaluation key. Compared with the existing homomorphic proxy re-encryption schemes, our HPRE-SAC scheme not only can resist strong collusion attacks, but also has smaller parameters.