Building a Trusted Environment for Security Applications

Security controls (such as encryption endpoints, payment gateways, and firewalls) rely on correct program execution and secure storage of critical data (such as cryptographic keys and configuration files). Even when hardware security elements are used (e.g. cryptographic accelerators) software is still—in the form of drivers and libraries—critical for secure operations. This chapter introduces the features and foundations of Trusted Computing, an architecture that exploits the low-cost TPM chip to measure the integrity of a computing platform. This allows the detection of static unauthorized manipulation of binaries (be them OS components or applications) and configuration files, hence quickly detecting software attacks. For this purpose, Trusted Computing provides enhanced security controls, such as sealed keys (that can be accessed only by good applications when the system is in a safe state) and remote attestation (securely demonstrating the software state of a platform to a remote network verifier). Besides the theoretical foundation, the chapter also guides the reader towards creation of applications that enhance their security by using the features provided by the underlying PC-class trusted platform.

SEcure Neighbor Discovery

SEcure Neighbor Discovery (SEND) was proposed to counteract threats to the Neighbor Discovery Protocol (NDP). It is a strong security extension that can make the IPv6 local link very safe. SEND relies on dynamically Cryptographically Generated Addresses (CGAs) and X.509 certificates. However, SEND is not easily deployed and is still vulnerable to some types of attacks. This chapter evaluates the practical considerations of a SEND deployment taking a cryptographic approach as a means of securing the IPv6 local link operations. It reviews the remaining vulnerabilities and gives some recommendations with which to facilitate SEND deployment.

Entity Authentication and Trust Validation in PKI Using Petname Systems

Recognition of identities and certainty about identity ownership are crucial factors for secure communication in digital environments. Identity Management Systems have been designed to aid users as well as organisations to manage different user identities. However, traditional Identity Management Systems are primarily designed to facilitate the management of identities from the perspective of the service provider, but provide little support on the user side to manage organisational identities. Public Key Infrastructures (PKI) is the primary tool in aiding users to manage such identities on their sides as well as to establish trust during online transactions. Nevertheless, the complexities and difficulties involved in managing and understanding such certificates from the general public’s point of view are overlooked. This causes vulnerabilities that open up for serious attacks such as identity theft and Phishing. Petname Systems have been proposed for managing organisational identities on the user side in order to improve the user friendliness and to strengthen security. This chapter provides an analysis of the Petname Model by describing its history and background, properties, application domains, and usability issues, and explains how a Petname System can be effectively combined with the PKI to recognise identities and impose certainty by validating the user trust on those identities. The chapter also presents an analysis on two applications that integrate the Public Key Infrastructure with the Petname Model.

An Efficient Attribute-Based Signature with Application to Secure Attribute-Based Messaging System

A set of attributes instead of a single string to represent the signer’s identity is a challenging problem under standard cryptographic assumption in the standard model. Therefore, designing a fully secure (adaptive-predicate unforgeable and perfectly private) Attribute-Based Signature (ABS) that allows a signer to choose a set of attributes is vital. Existing schemes are either too complicated or have only been proved in the generic group model. In this chapter, the authors present an efficient fully secure ABS scheme in the standard model based on q-parallel BDHE assumption, which is more practical than the generic group model used in the previous schemes. The proposed scheme is highly expressive since it allows any signer to specify claim-predicates in terms of any predicate consisting of AND, OR, and Threshold gates over the attributes in the system. ABS has found many important applications in secure communications, such as anonymous authentication systems and attribute-based messaging systems.

Design Time Engineering of Side Channel Resistant Cipher Implementations

Dependable and trustworthy security solutions have emerged as a crucial requirement in the specification of the applications and protocols employed in modern Information Systems (IS). Threats to the security of embedded devices, such as smart phones and PDAs, have been growing since several techniques exploiting side-channel information leakage have proven successful in recovering secret keys even from complex mobile systems. This chapter summarizes the side-channel techniques based on power consumption and elaborates the issue of the design time engineering of a secure system, through the employment of the current hardware design tools. The results of the analysis show how these tools can be effectively used to understand possible vulnerabilities to power consumption side-channel attacks, thus providing a sound conservative margin on the security level. The possible extension of this methodology to the case of fault attacks is also sketched.

GOST Encryption Algorithm and Approaches to its Analysis

This chapter considers approaches to analysis of the GOST 28147-89 encryption algorithm (also known as simply GOST), which is the basis of most secure information systems in the Russian Federation. As soon as the GOST algorithm is characterized by a simple structure and uses widely known mathematical operations, approaches to its analysis can be easily propagated to other cryptographic systems. In the conclusion, the authors consider some interesting observations that are related to the structure of GOST encryption and can be useful for further development of cryptanalysis.

Secure Multiparty Computation via Oblivious Polynomial Evaluation

The number of opportunities for cooperative computation has exponentially been increasing with growing interaction via Internet technologies. These computations could occur between almost trusted partners, between partially trusted partners, or even between competitors. Most of the time, the communicating parties may not want to disclose their private data to the other principal while taking the advantage of collaboration, hence concentrating on the results rather than private data values. For performing such computations, one party must know inputs from all the participants; however, if none of the parties can be trusted enough to know all the inputs, privacy will become a primary concern. Hence, the techniques for Secure Multiparty Computation (SMC) are quite relevant and practical to overcome such kind of privacy gaps. The subject of SMC has evolved from earlier solutions of combinational logic circuits to the recent proposals of anonymity-enabled computation. In this chapter, the authors put together the significant research that has been carried out on SMC. They demonstrate the concept by concentrating on a specific technique called Oblivious Polynomial Evaluation (OPE) together with concrete examples. The authors put critical issues and challenges and the level of adaptation achieved before the researchers. They also provide some future research proposals based on the literature survey.

Theory and Practice of Secure E-Voting Systems

Electronic voting is a popular application of cryptographic and network techniques to e-government. Most of the existing e-voting schemes can be classified into two categories: homomorphic voting and shuffling-based voting. In a homomorphic voting, an encryption algorithm with special homomorphic property (e.g. ElGamal encryption or Paillier encryption) is employed to encrypt the votes such that the sum of the votes can be recovered without decrypting any single vote. An advantage of homomorphic voting is efficient tallying. Tallying in homomorphic voting only costs one single decryption operation for each candidate. In this chapter, the existing e-voting solutions in both categories are surveyed and analysed. The key security properties in both categories are presented and then the existing e-voting schemes in each category are checked against the corresponding security properties. Security and efficiency of the schemes are analysed and the strongest security and highest efficiency achievable in each category is estimated. Problems and concerns about the existing solutions including vulnerability to malicious voters and (or) talliers, possible failure of complete correctness, imperfect privacy, dependence on computational assumptions, and exaggerated efficiency are addressed. New approaches will be proposed in both kinds of solutions to overcome the existing drawbacks in them. In homomorphic e-voting, the authors deal with possibly malicious voters and aim at efficient vote validity check to achieve strong and formally provable soundness and privacy. It can be implemented through new zero knowledge proof techniques, which are both efficient and provably secure. In mix-network-based e-voting, the authors deal with possibly deviating operations of both voters and talliers and aim at efficient proof of validity of shuffling, which guarantees the desired security properties and prevent attacks from malicious participants. It can be based on inspiring linear algebra knowledge and the new zero knowledge proof of existence of secret permutation.

Search in Encrypted Data

Recently, the concept of Search in Encrypted Data (SED) has become a highlight in cryptography. A SED scheme enables a client to have third-party server(s) perform certain search functionalities on the encrypted data. In this chapter, the authors conduct a systematic study on SED schemes. First, they describe three application scenarios and identify the desirable security requirements. Second, they provide two orthogonal categorizations and review the related security models for each category of SED schemes. Third, the authors analyze the practical issues related to SED schemes and identify some future research directions.

Ontology-Based Analysis of Cryptography Standards and Possibilities of Their Harmonization

Security means for shared computer, networking, and information resources are not balanced, inefficient, and poorly integrative. This chapter gives a brief overview of certain discrepancies and incompletenesses of ISO standards ISO 15408, ISO 18045, ISO 27k, etc., which are not balanced. Formal methods for their harmonization and coordination are described. Then the chapter discusses Hybrid Ontology Technology using Unified Modeling Language, State Transitions Model (state machine diagrams), and a special tool based on Equivalent Transformations of syntax graph-scheme.