Aneta Zwierko

A Light-Weight e-Voting System with Distributed Trust

A new agent-based scheme for secure electronic voting is proposed in the paper. The scheme is universal and can be realized in a network of stationary and mobile electronic devices. The proposed mechanism supports the implementation of a user interface simulating traditional election cards, semi-mechanical voting devices or utilization purely electronic voting booths. The security mechanisms applied in the system are based on verified cryptographic primitives: the secure secret sharing scheme and Merkles puzzles. Due to pre-computations during the generation of agent, the voter need not to do computations. The proposed distributed trust architecture makes the crucial stage of sending votes elastic, reliable, and effective.

Mobile agents: preserving privacy and anonymity

The mobile agent systems have been well known for years, but recent developments in the mobile technology (mobile phones, middleware) and the artificial intelligence created new research directions. Currently being widely used for the e-commerce and network management are entering into more personal areas of our life, e.g., booking airline tickets, doing shopping, making an appointment at the dentist. Future agents are becoming more like our representatives in the Internet than simple software. To operate efficiently in their new role they need to have the same capabilities as we do, showing their credentials when required and being anonymous when needed. Still they have to fulfill all security requirements for agent systems, including confidentiality, integrity, accountability, and availability. This paper focuses on providing mobile agents with anonymity and privacy. The proposed schemes are based on different cryptographic primitives: the secret sharing scheme and the zero-knowledge proof. The paper also includes a discussion of security of the proposed schemes.

A new protocol for group authentication providing partial anonymity

This paper provides a description of a new protocol for group authentication. The demand for anonymity have grown with a recent development of networking. On the other hand, all service providers, bound by the legal regulations have to be able to trace an entity that performed every single action, sent a specific data and so on. Finding a reasonable trade-off between these two requirements is rather hard. In this paper, we propose a protocol that provides a user within a group with the anonymity (for outside world the users within a group cannot be identified) and when needed provide a trusted authority with a possibility to identity each user.

Authentication with controlled anonymity in P2P systems

This paper describes a new protocol for authentication in Peer-to-Peer systems. The protocol has been designed to meet specialized requirements of P2P systems, such as lack of direct communication between peers or requirements for controlled anonymity. At the same time, a P2P authentication protocol must be resistant to spoofing, eavesdropping and playback, and man-in-the-middle attacks. The protocol is studied for a model P2P storage system that needs to implement file access rights.

Micropayments with Privacy — a New Proposal for E-commerce

This paper presents an original concept of micropayment schemes which combine both the simplicity of an electronic pre-paid card without trusted third party and users privacy. Two protocols are proposed - the first one is based on a secure one-way hash function, the second one is based on a cryptographically secure pseudorandom bit generator. The main advantage of the proposed schemes is the ability to perform a cryptographic key distribution within the micropayment process.