Mohammad Shahriar Rahman

Dynamic attribute-based signcryption without random oracles

In SCN2010, Gagne, Narayan, and Safavi-Naini proposed attribute-based signcryption (ABSC) with threshold structure. As in ciphertext-policy attribute-based encryption (CP-ABE), an encryptor can specify the access structure of decryptors, and as in attribute-based signature (ABS), each decryptor can verify the encryptors attributes. In contrast to the access structure of decryptors, the access structure of the encryptor needs to be fixed in the setup phase. In this paper, we propose ABSC with dynamic property, where access structures of encryptor can be updated flexibly without re-issuing secret keys of users. We call this primitive dynamic attribute-based signcryption (DABSC). Our DABSC scheme is secure in the standard model under the decision bilinear Diffie-Hellman assumption and the computational Diffie-Hellman assumption.

Privacy-preserving data mining: a game-theoretic approach

Privacy-preserving data mining has been an active research area in recent years due to privacy concerns in many distributed data mining settings. Protocols for privacy-preserving data mining have considered semi-honest, malicious, and covert adversarial models in cryptographic settings, whereby an adversary is assumed to follow, arbitrarily deviate from the protocol, or behaving somewhere in between these two, respectively. Semi-honest model provides weak security requiring small amount of computation, on the other hand, malicious and covert models provide strong security requiring expensive computations like homomorphic encryptions. However, game theory allows us to design protocols where parties are neither honest nor malicious but are instead viewed as rational and are assumed (only) to act in their own self-interest. In this paper, we build efficient and secure set-intersection protocol in gametheoretic setting using cryptographic primitives. Our construction avoids the use of expensive tools like homomorphic encryption and oblivious transfer. We also show that our protocol satisfies computational versions of strict Nash equilibrium and stability with respect to trembles.

Efficient privacy-preserving data mining in malicious model

In many distributed data mining settings, disclosure of the original data sets is not acceptable due to privacy concerns. To address such concerns, privacy-preserving data mining has been an active research area in recent years. While confidentiality is a key issue, scalability is also an important aspect to assess the performance of a privacypreserving data mining algorithms for practical applications. With this in mind, Kantarcioglu et al. proposed secure dot product and secure setintersection protocols for privacy-preserving data mining in malicious adversarial model using zero knowledge proofs, since the assumption of semi-honest adversary is unrealistic in some settings. Both the computation and communication complexities are linear with the number of data items in the protocols proposed by Kantarcioglu et al. In this paper, we build efficient and secure dot product and set-intersection protocols in malicious model. In our work, the complexity of computation and communication for proof of knowledge is always constant (independent of the number of data items), while the complexity of computation and communication for the encrypted messages remains the same as in Kantarcioglu et al.s work (linear with the number of data items). Furthermore, we provide the security model in Universal Composability framework.

Privacy-friendly secure bidding for smart grid demand-response

Abstract The smart grid, as an emerging cyber-physical system, is attractive because of features such as distributed energy control and robust load fluctuation management. The demand Response (DR) component in smart grids helps in maintaining demand-supply balance and in controlling consumer side electricity bills. One of the visions of smart grids is to have communication between consumers and suppliers facilitate certain types of DR strategies, e.g., demand bidding (DR-DB). DR-DB is an incentive-based DR, where certain incentives are awarded to consumers who participate in DR events. However, privacy and security in the DR-DB bidding process are of paramount importance as potentially sensitive consumer data is used during the process. In this paper, we propose a private and secure bidding protocol for incentive-based demand-response systems using cryptographic primitives without assuming any trusted third-party. We analyze the security and privacy guarantees; and show that the various stages in our proposed demand bidding are computationally feasible, in terms of cryptographic primitives, through performance evaluation on three different computing environments.

A Secure RFID Authentication Protocol with Low Communication Cost

Gene Tsudik proposed a Trivial RFID Authentication Protocol (YA-TRAP), where a valid tag can become incapacitated after exceeding the prestored threshold value and is thus vulnerable to DoS attack. Our scheme solves the problem by allowing a tag to refresh its prestored threshold value. Moreover, our scheme is forward secure and provides reader authentication, resistance against timing, replay, tracking attacks. We show the use of aggregate hash functions in our complete scheme to reduce the reader to server communication cost. The reader uses partial authentication to keep the rogue tags out of the aggregate function.

A secure and private RFID authentication protocol under SLPN problem

Authentication is one of the prominent features of RFID system. As wireless link between the tag and the reader in an RFID system is vulnerable against active adversary, ample research has been done in this area. In this paper, we present a novel, efficient and privacy preserving mutual authentication protocol of HB-family to meet the demand of low-cost tags. It is composed of Subspace Learning Parity from Noise problem (SLPN) and pseudo-inverse matrix properties; both of them significantly minimize the cost in terms of computation and hardware requirements. We compare our protocol with other existing HB and non-HB authentication protocols according to their construction and achievements of security and privacy attributes.

Optimizing Share Size in Efficient and Robust Secret Sharing Scheme for Big Data

Secret sharing scheme has been applied commonly in distributed storage for Big Data. It is a method for protecting outsourced data against data leakage and for securing key management systems. The secret is distributed among a group of participants where each participant holds a share of the secret. The secret can be only reconstructed when a sufficient number of shares are reconstituted. Although many secret sharing schemes have been proposed, they are still inefficient in terms of share size, communication cost and storage cost; and also lack robustness in terms of exact-share repair. In this paper, for the first time, we propose a new secret sharing scheme based on Slepian-Wolf coding. Our scheme can achieve an optimal share size utilizing the simple binning idea of the coding. It also enhances the exact-share repair feature whereby the shares remain consistent even if they are corrupted. We show, through experiments, how our scheme can significantly reduce the communication and storage cost while still being able to support direct share repair leveraging lightweight exclusive-OR (XOR) operation for fast computation.

Privacy-Preserving Two-Party k-Means Clustering in Malicious Model

In data mining, clustering is a well-known and useful technique. One of the most powerful and frequently used techniques is k-means clustering. Most of the privacy-preserving solutions based on cryptography proposed by different researchers in recent years are in semi-honest model, where participating parties always follow the protocol. This model is realistic in many cases. But providing stonger solutions considering malicious model would be more useful for many practical applications because it tries to protect a protocol from arbitrary malicious behavior using cryptographic tools. In this paper, we have proposed a new protocol for privacy-preserving two-party k-means clustering in malicious model. We have used threshold homomorphic encryption and non-interactive zero knowledge protocols to construct our protocol according to real/ideal world paradigm.

On blockchain-based anonymized dataset distribution platform

In this paper, we design a distributed platform for anonymized dataset trading without any centralized trusted third party. The platform consists of peers and consensus-based blockchain mechanism, and each peer acts as a data broker, data receiver, or verifier for blockchain in a data transfer transaction. A data broker collects data from data owners under their consent for data trading. The Privacy Policy Manager (PPM) manages the consent information and confirms them on behalf of data owners, when data distribution is requested from data broker. We implement a prototype system of the platform using an open-source blockchain mechanism, Hyperledger Fabric, and provide evaluation results of the prototype system.

MediBchain: A Blockchain Based Privacy Preserving Platform for Healthcare Data

Healthcare data are grabbing the interest of cyber attackers in recent years. Annihilating consequences of healthcare data could be alleviated through decentralization. A peer to peer (P2P) network enables the property of decentralization, where different parties can store and run computation while keeping the sensitive health data private. Blockchain technology leverages decentralized or distributed process, which ensures the accountability and integrity of its use. This paper presents a patient centric healthcare data management system by using Blockchain as storage to attain privacy. Pseudonymity is ensured by using the cryptographic functions to protect patient’s data.