Denise Demirel

Towards a New Paradigm for Privacy and Security in Cloud Services

The market for cloud computing can be considered as the major growth area in ICT. However, big companies and public authorities are reluctant to entrust their most sensitive data to external parties for storage and processing. The reason for their hesitation is clear: There exist no satisfactory approaches to adequately protect the data during its lifetime in the cloud. The EU Project Prismacloud (Horizon 2020 programme; duration 2/2015–7/2018) addresses these challenges and yields a portfolio of novel technologies to build security enabled cloud services, guaranteeing the required security with the strongest notion possible, namely by means of cryptography. We present a new approach towards a next generation of security and privacy enabled services to be deployed in only partially trusted cloud infrastructures.

Towards a Publicly-Verifiable Mix-Net Providing Everlasting Privacy

All implementations of verifiable mix-nets provide computational privacy only, because the audit information published is encrypted using some public key algorithm. Consequently, at some time in the future, when the underlying cryptographic assumption is broken, privacy is violated, and each output message can be traced back to its input. We address this problem by presenting a mix-net that uses a homomorphic, unconditionally hiding commitment scheme to encrypt the audit information, implying unconditional or everlasting privacy towards the public. The correctness of our mix-net is guaranteed with overwhelming probability even if all authorities conspire, under the assumption that the commitment scheme is computationally binding until the mixing process has ended. An implication of our result is that many current applications that use mix-nets can be upgraded to unconditional privacy.

Prêt à voter providing everlasting privacy

This paper shows how Pret a Voter can be adjusted in order to provide everlasting privacy. This is achieved by adapting the ballot generation and anonymisation process, such that only unconditional hiding commitments and zero knowledge proofs are published for verification, thus ensuring privacy towards the public. This paper presents a security analysis carried out in a collaboration between computer scientists and legal researchers. On the technical side it is shown that the modified Pret a Voter provides verifiability, robustness, and everlasting privacy towards the public. Everlasting privacy towards the authorities can be achieved by implementing several organisational measures. A legal evaluation of these measures demonstrates that the level of privacy achieved would be acceptable under German law.

A security analysis of techniques for long-term integrity protection

The amount of security critical information that is only available in digital form is increasing constantly. Some of these data, such as medical or tax data, need to be preserved for long periods of time. Thus, several schemes for long-term integrity protection of long-lived and archived data were developed. However, a comprehensive security analysis is still missing. In this paper we discuss existing security models for long lived systems and show to what extend they allow to prove the security of those schemes. Then, we introduce a new model that overcomes the shortcomings of the state of the art and allows to formally analyze timestamp-based long-term integrity schemes. Finally, we show how the security level of the long-term integrity scheme can be determined for concrete instantiations.

Vote casting device with VV-SV-PAT for elections with complicated ballot papers

Some ballots such as those for local elections in Germany contain more than 500 candidates, allow for more than 70 votes and the system allows voters to perform cumulative voting, vote splitting and crossing out of candidates which results in huge ballot papers containing only one race. As none of the existing electronic voting systems seem to be feasible for this kind of election we propose a new approach in this paper. The main idea is to have a vote casting device that does not store votes but only prints a summary of the selection voters made at device. This printout is put into the ballot box. In addition, to the human readable summary, the so called Voter Verifiable Summary of the Vote Paper Audit Trail (VV-SV-PAT) contains a 2D barcode which makes it easier to properly enter votes into the counting software. In addition, we propose an improvement for the counting software. With this approach we aim to support the actual procedure of vote casting and tallying by an accurate use of technology while at the same time preserving, or even improving, verifiability and usability compared to the traditional system.

Feasibility analysis of Prêt à voter for german federal elections

Pret a Voter is one of the most well-known and most extensively analysed electronic voting systems for polling stations. However, an analysis from a legal point of view has not yet been conducted. The purpose of this paper is to analyse the readiness of Pret a Voter for legally binding federal elections in Germany. This case is of particular interest as Germany has with the Constitutional Court Decision from 2009 probably the most restrictive requirements on electronic voting in particular regarding the public nature of elections and verifiability respectively. While many aspects are analysed, some remain open for further legal and technical discussions. Thus, a final decision is not yet possible. Aspects analysed are the ballot paper layout, different processes from ballot printing through to the publishing of results, as well as verifiability, and the overall election management.

Dynamic and Verifiable Hierarchical Secret Sharing

In this work we provide a framework for dynamic secret sharing and present the first dynamic and verifiable hierarchical secret sharing scheme based on Birkhoff interpolation. Since the scheme is dynamic it allows, without reconstructing the message distributed, to add and remove shareholders, to renew shares, and to modify the conditions for accessing the message. Furthermore, each shareholder can verify its share received during these algorithms protecting itself against malicious dealers and shareholders. While these algorithms were already available for classical Lagrange interpolation based secret sharing, corresponding techniques for Birkhoff interpolation based schemes were missing. Note that Birkhoff interpolation is currently the only technique available that allows to construct hierarchical secret sharing schemes that are efficient and allow to provide shares of equal size for all shareholder in the hierarchy. Thus, our scheme is an important contribution to hierarchical secret sharing.

AS 3 : Adaptive social secret sharing for distributed storage systems

Distributed storage allows to outsource a document to the cloud such that multiple users can easily access the file. The protection of the document stored relies on secret sharing, which generates and distributes shares of the document to the storage servers. However, the users have to trust that a certain amount of storage servers behaves honestly and do not lose (retrievability) or reveal (confidentiality) the document. To address this so called social secret sharing schemes were developed that allow to adjust the distribution of shares according to the experience made with the involved storage servers. In this work, we provide a framework called AS3 that allows to build social secret sharing schemes based on dynamic secret sharing. The resulting protocol has more freedom in adjusting the parameters of the shares distribution and therefore leads to more efficient and accurate solutions as well as an optimal storage consumption. Furthermore, we provide measures to detect and to prevent that the document is lost or accidentally revealed to individual storage servers. We also demonstrate how to compute trust values for storage servers, how to initialize trust values for newcomers, and provide a proof of concept implementation.

A Performance Analysis of Long-Term Archiving Techniques

A challenge for digital archives managing long lived data, such as medical records and land registers, is to guarantee long-term authenticity, integrity, and datedness. Although some techniques have been proposed that provide these security goals, most proposals lack a corresponding performance analysis. Thus, in this paper we provide an analytical analysis of the performance of several proposals. Following, to see the impact of different approaches on the runtime, we implemented the most promising schemes and compared them with respect to their required storage space and verification time. Furthermore, the identified computational bottlenecks of the techniques are presented and corresponding improvements are indicated. Finally, we show how to select a long-term archiving scheme and the appropriate key sizes based on trust assumptions and the number of documents to be archived.

LINCOS: A Storage System Providing Long-Term Integrity, Authenticity, and Confidentiality

The amount of digital data that requires long-term protection of integrity, authenticity, and confidentiality grows rapidly. Examples include electronic health records, genome data, and tax data. In this paper we present the secure storage system LINCOS, which provides protection of integrity, authenticity, and confidentiality in the long-term, i.e., for an indefinite time period. It is the first such system. It uses the long-term integrity scheme COPRIS, which is also presented here and is the first such scheme that does not leak any information about the protected data. COPRIS uses information-theoretic hiding commitments for confidentiality-preserving integrity and authenticity protection. LINCOS uses proactive secret sharing for confidential storage of secret data. We also present implementations of COPRIS and LINCOS. A special feature of our LINCOS implementation is the use of quantum key distribution and one-time pad encryption for information-theoretic private channels within the proactive secret sharing protocol. The technological platform for this is the Tokyo QKD Network, which is one of worlds most advanced networks of its kind. Our experimental evaluation establishes the feasibility of LINCOS and shows that in view of the expected progress in quantum communication technology, LINCOS is a promising solution for protecting very sensitive data in the cloud.