Marina Kopeetsky

RFID Authentication Efficient Proactive Information Security within Computational Security

We consider repeated communication sessions between a RFID Tag (e.g., Radio Frequency Identification, RFID Tag) and a RFID Verifier. A proactive information theoretic security scheme is proposed. The scheme is based on the assumption that the information exchanged during at least one of every n successive communication sessions is not exposed to an adversary. The Tag and the Verifier maintain a vector of n entries that is repeatedly refreshed by pairwise xoring entries, with a new vector of n entries that is randomly chosen by the Tag and sent to the Verifier as a part of each communication session. The general case in which the adversary does not listen in k≥1 sessions among any n successive communication sessions is also considered. A lower bound of n⋅(k+1) for the number of random numbers used during any n successive communication sessions is proven. In other words, we prove that an algorithm must use at least n⋅(k+1) new random numbers during any n successive communication sessions. Then a randomized scheme that uses only O(nlog n) new random numbers is presented. A computational secure scheme which is based on the information theoretic secure scheme is used to ensure that even in the case that the adversary listens in all the information exchanges, the communication between the Tag and the Verifier is secure.

Computing multi-party trust privately: in O ( n ) time units sending one (possibly large) message at a time

Schemes for multi-party trust computation are presented. The schemes do not make use of a Trusted Authority. The schemes are more efficient than previous schemes by the number of messages exchanged which is proportional to the number of participants rather than to a quadratic number of the participants. We note that in our schemes the length of each message may be larger than the message length of previous schemes. The calculation of a trust, in a specific user by a group of community members, starts upon a request of an initiating user. The trust computation is provided in a completely distributed manner, while each user calculates its trust value privately. Given a community <i>C</i> and its members (users) <i>U</i>₁, ..., <i>U</i>_<i>n</i>, we present computationally secure schemes for trust computation. The first Accumulated Protocol <i>AP</i> computes the average trust in a specific user <i>U</i>_<i>t</i> upon the trust evaluation request initiated by a user <i>U</i>_<i>n</i>. The exact trust values of each queried user are not disclosed to <i>U</i>_<i>n</i>. The next Weighted Accumulated protocol <i>WAP</i> generates the average weighted trust in a specific user <i>U</i>_<i>t</i> taking into consideration the unrevealed trust that <i>U</i>_<i>n</i> has in each user participating in the trust process evaluation. We extend our schemes to the case when the initiating user <i>U</i>_<i>n</i> can be compromised by the adversary, and we introduce the Multiple Private Keys <i>M P K P</i> and the Multiple Private Keys Weighted <i>M P W P</i> protocols for computing average unweighted and weighted trust, respectively. The computation of all our algorithms requires the transmission of <i>O</i>(<i>n</i>) (possibly large) messages.

Secure communication for RFIDs proactive information security within computational security

We consider repeated communication sessions between a sender (e.g., Radio Frequency Identification, RFID, reader) and a receiver (RFID). A proactive information security scheme is proposed. The scheme is based on the assumption that the information exchanged during at least one of every n successive communication sessions is not exposed to an adversary. Then a computational secure scheme based on the information secure scheme is used to ensure that even in the case that the adversary listens to all the information exchanges, the communication between the sender and the receiver is secure. In particular, the scheme can be used in the domain of remote controls (e.g., for cars).

Efficient private multi-party computations of trust in the presence of curious and malicious users

Schemes for multi-party trust computation are presented. The schemes do not make use of a Trusted Authority. The schemes are more ein a completely distributed manner, where each user calculates its trust value privately and independently. Given a community C and its members (users) U1,…,Un, we present computationally secure schemes for trust computation. The first scheme, Accumulated Protocol AP computes the average trust attributed to a specific user, Ut following a trust evaluation request initiated by a user Un. The exact trust values of each queried user are not disclosed to Un. The next scheme, Weighted Accumulated Protocol WAP generates the average weighted trust in a specific user Ut taking into consideration the unrevealed trust that Un has in each user participating in the trust evaluation process. The Public Key Encryption Protocol PKEP outputs a set of the exact trust values given by the users without linking the user that contributed a specific trust value to the trust this user contributed. The obtained vector of trust values assists in removing outliers. Given the set of trust values, the outliers that provide extremely low or high trust values can be removed from the trust evaluation process. We extend our schemes to the case when the initiator, Un, can be compromised by the adversary, and we introduce the Multiple Private Keys and the Weighted protocols (MPKP and MPWP) for computing average unweighted and weighted trust, respectively. Moreover, the Csed Protocol (CEBP) extends the PKEBP in this case. The computation of all our algorithms requires the transmission of O(n) (possibly large) messages.

Information security for sensors by overwhelming random sequences and permutations

We propose efficient schemes for information-theoretically secure key exchange in the Bounded Storage Model (BSM), where the adversary is assumed to have limited storage. Our schemes generate a secret One Time Pad (OTP) shared by the sender and the receiver, from a large number of public random bits produced by the sender or by an external source. Our schemes initially generate a small number of shared secret bits, using known techniques. We introduce a new method to expand a small number of shared bits to a much longer, shared key. Our schemes are tailored to the requirements of sensor nodes and wireless networks. They are simple, efficient to implement and take advantage of the fact that practical wireless protocols transmit data in frames, unlike previous protocols, which assume access to specific bits in a stream of data. Indeed, our main contribution is twofold. On the one hand, we construct schemes that are attractive in terms of simplicity, computational complexity, number of bits read from the shared random source and expansion factor of the initial key to the final shared key. On the other hand, we show how to transform any existing scheme for key exchange in BSM into a more efficient scheme in the number of bits it reads from the shared source, given that the source is transmitted in frames.

Entropy Adaptive On-Line Compression

Self-Organization is based on adaptivity. Adaptivity should start with the very basic fundamental communication tasks such as encoding the information to be transmitted or stored. Obviously, the less signal transmitted the less energy in transmission used. In this paper we present a novel on-line and entropy adaptive compression scheme for streaming unbounded length inputs. The scheme extends the window dictionary Lempel-Ziv compression, is adaptive and is tailored to on-line compress inputs with non stationary entropy. Specifically, the window dictionary size is changed in an adaptive manner to fit the current best compression rate for the input. On-line Entropy Adaptive Compression scheme (EAC), that is introduced and analyzed in this paper, examines all possible sliding window sizes over the next input portion to choose the optimal window size for this portion, a size that implies the best compression ratio. The size found is then used in the actual compression of this portion. We suggest an adaptive encoding scheme, which optimizes the parameters block by block, and base the compression performance on the optimality proof of Lempel Ziv algorithm when applied to blocks. The EAC scheme was tested over files of different types (docx, ppt, jpeg, xls) and over synthesized files that were generated as segments of homogeneous Markov Chains. Our experiments demonstrate that the EAC scheme typically provides a higher compression ratio than LZ77 does, when examined in the scope of on-line per-block compression of transmitted (or compressed) files.

Anonymous transactions in computer networks

We present schemes for providing anonymous transactions while privacy and anonymity are preserved, providing users anonymous authentication in distributed networks such as the Internet. We first present a practical scheme for anonymous transactions while the transaction resolution is assisted by a Trusted Authority. This practical scheme is extended to a theoretical scheme where a Trusted Authority is not involved in the transaction resolution. Both schemes assume that all the players interact over anonymous secure channels. Given authority that generates for each player hard to produce evidence EVID (e.g., problem instance with or without a solution) to each player, the identity of a user U is defined by the ability to prove possession of aforementioned evidence. We use zero-knowledge proof techniques to repeatedly identify U by providing a proof that U has evidence EVID, without revealing EVID, therefore avoiding identity theft. In both schemes the authority provides each user with a unique random string. A player U may produce a unique user name and password for each other player S using a one-way function over the random string and the IP address of S. The player does not have to maintain any information in order to reproduce the user name and password used for accessing a player S. Moreover, the player U may execute transactions with a group of players SU in two phases; in the first phase the player interacts with each server without revealing information concerning its identity and without possibly identifying linkability among the servers in SU. In the second phase the player allows linkability and therefore transaction commitment with all servers in SU, while preserving anonymity (for future transactions).

Poster: attribute based broadcast encryption with permanent revocation

We propose a new and efficient scheme for broadcast encryption. A broadcast encryption system allows a broadcaster to send an encrypted message to a dynamically chosen subset RS, |RS|=n of a given set of users, such that only users in this subset can decrypt the message. An important component of broadcast encryption schemes is revocation of users by the broadcaster, thereby updating the subset RS. Revocation may be either temporary, for a specific ciphertext, or permanent. We present the first public key broadcast encryption scheme that support permanent revocation of users. Our scheme is fully collusion resistant. In other words, even if all the users in the network collude with a revoked user, the revoked user cannot encrypt messages without receiving new keys from the broadcaster. The procedure is based on Cipher-text Policy Attribute-Based Encryption (CP-ABE). The overhead of our system is O(log n) in all major performance measures including length of private and public keys, computational complexity, users storage space, and computational complexity of encryption and decryption.

Improving of entropy adaptive on-line compression

Since energy efficiency, high bandwidth, and low transmission delay are challenging issues in mobile networks, due to resource constraints, there is a great importance in designing of new communication methods. In particular, lossless data compression may provide high performance under constrained resources. In this paper we present a novel on-line and entropy adaptive compression scheme for streaming unbounded length inputs. The scheme extends the window dictionary Lempel–Ziv compression and is adaptive and tailored to compress on-line non entropy stationary inputs. Specifically, the window dictionary size is changed in an adaptive manner to fit the current best compression rate for the input. On-line entropy adaptive compression scheme (EAC), introduced and analyzed in this paper, examines all possible sliding window sizes over the next input portion to choose the optimal window size for this portion; a size that implies the best compression ratio. The size found is then used in the actual compression of this portion. We suggest an adaptive encoding scheme, which optimizes the parameters block by block, and base the compression performance on the optimality proof of LZ77 when applied to blocks (Ziv in IEEE Trans Inf Theory 55(5):1941–1944, 2009). This adaptivity can be useful for many communication tasks. In particular, providing efficient utilization of energy consuming wireless devices by data compression. Due to the dynamic and non-uniform structure of multimedia data, adaptive approaches for data processing are of special interest. The EAC scheme was tested on different types of files (docx, ppt, jpeg, xls) and over synthesized files that were generated as segments of homogeneous Markov Chains. Our experiments demonstrate that the EAC scheme typically provides a higher compression ratio than LZ77 does, when examined in the scope of on-line per-block compression of transmitted (or compressed) files. We propose techniques intended to control the adaptive on-line compression process by estimating relative entropy between two sequential blocks of data. This approach may enhance performance of the mobile networks.

Lempel-Ziv-Welch Compression Algorithm with Exponential Decay

This paper proposes an improvement over Lempel-Ziv-Welch (LZW) compression algorithm by employing a new method that uses exponential decay (ED) as a tool to manage and remove infrequently used entries in the LZW dictionary. The presented results demonstrate that ED may be an efficient tool to manage and refresh the LZW dictionary. The achieved compression ratio is higher than in the traditional methods like Dictionary Reset DR and Least Recently used LRU. The experimental results demonstrate that the dictionary refresh by the ED may provide higher compression ratio, compared with the original LZW algorithm. In order to investigate the benefits of ED method, it is compared with some other way of LRU-based enhancements. In particular, we consider a LRU-like LZW scheme with Huffman coding of difference from last used word.