scholarly journals Publicly Traceable Attribute-Based Anonymous Authentication and Its Application to Voting

2021 ◽  
Vol 2021 ◽  
pp. 1-17
Author(s):  
Peng Li ◽  
Junzuo Lai ◽  
Yongdong Wu
Keyword(s):  
Access Control ◽  
Third Party ◽  
Security Requirements ◽  
Trusted Third Party ◽  
Access Policy ◽  
Anonymous Authentication ◽  
Generic Construction ◽  
Authentication Schemes

Numerous anonymous authentication schemes are designed to provide efficient authentication services while preserving privacy. Such schemes may easily neglect access control and accountability, which are two requirements that play an important role in some particular environments and applications. Prior designs of attribute-based anonymous authentication schemes did not concentrate on providing full anonymity while at the same time holding public traceability. To address this problem, we formally define and present a new primitive called traceable attribute-based anonymous authentication (TABAA) which achieves (i) full anonymity, i.e., both registration and authentication cannot reveal user’s privacy; (ii) reusable credential, i.e., a registered credential can be repeatedly used without being linked; (iii) access control, i.e., only when the user’s attribute satisfies the access policy can the user be involved in authentication; and (iv) public traceability, i.e., anyone, without help from the trusted third party, can trace a misbehaving user who has authenticated two messages corresponding to a common address. Then, we formally define the security requirements of TABAA, including unforgeability, anonymity, and accountability, and give a generic construction satisfying the security requirements. Furthermore, based on TABAA, we propose the first attribute-based, decentralized, fully anonymous, publicly traceable e-voting, which enables voters to engage in a number of different voting activities without repeated registration.

The Analysis of Database Security Requirements for Cryptographic Algorithm

2013 ◽  
Vol 646 ◽  
pp. 235-239
Author(s):  
Hana Do ◽  
Hoon Jeong ◽  
Eui In Choi
Keyword(s):  
Access Control ◽  
Key Management ◽  
Database Security ◽  
Third Party ◽  
Security Requirements ◽  
Security Assessment ◽  
Storage Space ◽  
Cloud Environment ◽  
Variable Environment ◽  
Cryptographic Algorithm

The cloud environment is recently emphasized when we save a large amount of data with a minimum of maintenance. But the cloud is a variable environment that data is likely to be changed when which is transferred, and even doesn't permanently store. Besides it has the risk of phishing from a third party. A scalable storage space as one of the features of the cloud has to consist as more proactive access control, secure encryption, and key management in the aspect of the size of the database and the number of users. In this paper, we analyze about database security requirements of these environment and the provided encryption technologies of until now. And, even anyone who don't have the expertise for security assessment and management or CC could be easily accessible it.

scholarly journals A Secure Protocol for Exchanging Cards in P2P Trading Card Games Based on Transferable e-cash

2016 ◽  
Vol 3 (1) ◽  
pp. 26
Author(s):  
Marcos Silva ◽  
Marcos Junior
Keyword(s):  
Third Party ◽  
Security Requirements ◽  
Trusted Third Party ◽  
Card Games ◽  
Secure Protocol ◽  
Computer Based ◽  
Do So

Trading card games (TCG) distinguish from traditional card games mainly because the cards are not shared between players in a match. Instead, users play with the cards they own (e.g., purchased or traded with other players), which corresponds to a subset of all cards produced by the game provider. Even though most computer-based TCGs rely on a trusted third-party (TTP) for preventing cheating during trades, allowing them to securely do so without such entity remains a challenging task. Actually, potential solutions are related to e-cash protocols, but, unlike the latter, TCGs require users to play with the cards under their possession, not only to be able to pass those cards over. In this work, we present the security requirements of TCGs and how they relate to e-cash. We then propose a concrete, TTP-free protocol for anonymously trading cards, using as basis a secure transferable e-cash protocol.

Cross-domain access control based on trusted third-party and attribute mapping center

2020 ◽  
pp. 101957
Author(s):  
Liyang Bai ◽  
Kai Fan ◽  
Yuhan Bai ◽  
Xiaochun Cheng ◽  
Hui Li ◽  
...  
Keyword(s):  
Access Control ◽  
Third Party ◽  
Trusted Third Party ◽  
Cross Domain

scholarly journals An access control model for the Internet of Things based on zero-knowledge token and blockchain

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Lihua Song ◽  
Xinran Ju ◽  
Zongke Zhu ◽  
Mengchen Li
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Single Point ◽  
Control Model ◽  
Third Party ◽  
Security Level ◽  
Zero Knowledge ◽  
Access Control Model ◽  
Test Analysis ◽  
Zero Knowledge Proof

AbstractInformation security has become a hot topic in Internet of Things (IoT), and traditional centralized access control models are faced with threats such as single point failure, internal attack, and central leak. In this paper, we propose a model to improve the access control security of the IoT, which is based on zero-knowledge proof and smart contract technology in the blockchain. Firstly, we deploy attribute information of access control in the blockchain, which relieves the pressure and credibility problem brought by the third-party information concentration. Secondly, encrypted access control token is used to gain the access permission of the resources, which makes the user's identity invisible and effectively avoids attribute ownership exposure problem. Besides, the use of smart contracts solves the problem of low computing efficiency of IoT devices and the waste of blockchain computing power resources. Finally, a prototype of IoT access control system based on blockchain and zero-knowledge proof technology is implemented. The test analysis results show that the model achieves effective attribute privacy protection, compared with the Attribute-Based Access Control model of the same security level, the access efficiency increases linearly with the increase of access scale.

Enhancing Privacy in PUF-Cash through Multiple Trusted Third Parties and Reinforcement Learning

2022 ◽  
Vol 18 (1) ◽  
pp. 1-26
Author(s):  
Georgios Fragkos ◽  
Cyrus Minwalla ◽  
Eirini Eleni Tsiropoulou ◽  
Jim Plusquellic
Keyword(s):  
User Anonymity ◽  
Third Party ◽  
Security And Privacy ◽  
Machine Learning Techniques ◽  
User Privacy ◽  
Trusted Third Party ◽  
Physical Unclonable Functions ◽  
Learning Techniques ◽  
Direct Contrast ◽  
Debit Cards

Electronic cash ( e-Cash ) is a digital alternative to physical currency such as coins and bank notes. Suitably constructed, e-Cash has the ability to offer an anonymous offline experience much akin to cash, and in direct contrast to traditional forms of payment such as credit and debit cards. Implementing security and privacy within e-Cash, i.e., preserving user anonymity while preventing counterfeiting, fraud, and double spending, is a non-trivial challenge. In this article, we propose major improvements to an e-Cash protocol, termed PUF-Cash, based on physical unclonable functions ( PUFs ). PUF-Cash was created as an offline-first, secure e-Cash scheme that preserved user anonymity in payments. In addition, PUF-Cash supports remote payments; an improvement over traditional currency. In this work, a novel multi-trusted-third-party exchange scheme is introduced, which is responsible for “blinding” Alice’s e-Cash tokens; a feature at the heart of preserving her anonymity. The exchange operations are governed by machine learning techniques which are uniquely applied to optimize user privacy, while remaining resistant to identity-revealing attacks by adversaries and trusted authorities. Federation of the single trusted third party into multiple entities distributes the workload, thereby improving performance and resiliency within the e-Cash system architecture. Experimental results indicate that improvements to PUF-Cash enhance user privacy and scalability.

Sign in / Sign up

Export Citation Format

Share Document