Integrated On-Line and Off-Line Electronic Cash

Liao, Tsai-hsiu

06 September 2007

Due to ubiquity of internet, the development of electronic commerce is growing up rapidly. Many payment mechanisms of electronic transactions are proposed, such as electronic cash, credit cards, and electronic wallets. Electronic cash (e-cash) is like the digital version of paper cash, which possesses some key features such as anonymity and untraceability, and it can be used on the Internet for various electronic transactions. In general, electronic cash is classified into two types which are on-line electronic cash and off-line electronic cash. Each of them is suitable for different applications and environments. All of the proposed electronic cash schemes only focus on one of two types. In these schemes, users must decide which type of electronic cash they will use later before withdrawing. However, in this thesis we propose a novel electronic cash scheme which supports a user to withdraw a generic e-cash and then decide to spend it as an on-line e-cash or an off-line e-cash. Our proposed scheme is more convenient for users and more flexible for the bank and shops. It not only satisfies the necessary properties of electronic cash but also provides flexibility.

Blind Signatures

On-Line E-Cash

Off-Line E-Cash

Anonymity

Traffic Analysis Attacks in Anonymity Networks : Relationship Anonymity-Overhead Trade-off

Vuković, Ognjen, Dán, György, Karlsson, Gunnar

January 2013

Mix networks and anonymity networks provide anonymous communication via relaying, which introduces overhead and increases the end-to-end message delivery delay. In practice overhead and delay must often be low, hence it is important to understand how to optimize anonymity for limited overhead and delay. In this work we address this question under passive traffic analysis attacks, whose goal is to learn the traffic matrix. For our study, we use two anonymity networks: MCrowds, an extension of Crowds, which provides unbounded communication delay and Minstrels, which provides bounded communication delay. We derive exact and approximate analytical expressions for the relationship anonymity for these systems. Using MCrowds and Minstrels we show that, contrary to intuition, increased overhead does not always improve anonymity. We investigate the impact of the system's parameters on anonymity, and the sensitivity anonymity to the misestimation of the number of attackers. / <p>QC 20130522</p>

Relationship anonymity

communication overhead

traffic analysis

Bayesian analysis

Network Performance Improvements for Low-Latency Anonymity Networks

Al-Sabah, Mashael

January 2013

While advances to the Internet have enabled users to easily interact and exchange information online, they have also created several opportunities for adversaries to prey on users’ private information. Whether the motivation for data collection is commercial, where service providers sell data for marketers, or political, where a government censors, blocks and tracks its people, or even personal, for cyberstalking purposes, there is no doubt that the consequences of personal information leaks can be severe. Low-latency anonymity networks have thus emerged as a solution to allow people to surf the Internet without the fear of revealing their identities or locations. In order to provide anonymity to users, anonymity networks route users’ traffic through several intermediate relays, which causes unavoidable extra delays. However, although these networks have been originally designed to support interactive applications, due to a variety of design weaknesses, these networks offer anonymity at the expense of further intolerable performance costs, which disincentivize users from adopting these systems. In this thesis, we seek to improve the network performance of low-latency anonymity networks while maintaining the anonymity guarantees they provide to users today. As an experimentation platform, we use Tor, the most widely used privacy-preserving network that empowers people with low-latency anonymous online access. Since its introduction in 2003, Tor has successfully evolved to support hundreds of thousands of users using thousands of volunteer-operated routers run all around the world. Incidents of sudden increases in Tor’s usage, coinciding with global political events, confirm the importance of the Tor network for Internet users today. We identify four key contributors to the performance problems in low-latency anonymity networks, exemplified by Tor, that significantly impact the experience of low-latency application users. We first consider the lack of resources problem due to the resource-constrained routers, and propose multipath routing and traffic splitting to increase throughput and improve load balancing. Second, we explore the poor quality of service problem, which is exacerbated by the existence of bandwidth-consuming greedy applications in the network. We propose online traffic classification as a means of enabling quality of service for every traffic class. Next, we investigate the poor transport design problem and propose a new transport layer design for anonymous communication networks which addresses the drawbacks of previous proposals. Finally, we address the problem of the lack of congestion control by proposing an ATM-style credit-based hop-by-hop flow control algorithm which caps the queue sizes and allows all relays to react to congestion in the network. Our experimental results confirm the significant performance benefits that can be obtained using our privacy-preserving approaches.

Anonymity network

Tor

performance

Privacy-Enhancing Technology

Computer Science

Date Attachable Offline Electronic Cash Scheme

Hau, Hoi-tung

03 August 2011

With the convenience of mobile network, people can do different kinds of activities, such as payments, shopping, auctions, and so on, whenever and wherever. Electronic commerce (e-commerce) has become so popular that the number of people using these online services has been increasing enormously in recent years. Hence, the security issues of e-commerce and the rights of users in transaction have raised our concerns. Electronic cash (e-cash) is definitely one of the most popular research topics among e-commerce area. It is very important that e-cash has to be able to hold the anonymity and accuracy in order to preserve the privacy and rights of customers. There are two types of e-cash in general, which are online e-cash and offline e-cash. Both systems have their own pros and cons, and they can be used to construct various applications. In this thesis, we propose a provably secure and efficient offline e-cash scheme with date attachability based on blind signature technique, where expiration date and deposit date can be embedded in an e-cash, simultaneously. With the help of expiration date, the bank can manage the huge database much more easily against unlimited growth, and the deposit date cannot be forged so that users are able to calculate the amount of interests they can receive in the future correctly. Furthermore, our scheme maintains the properties of e-cash, which are anonymity control, double-spending checking and unforgeability. We also provide security analysis and formal proofs in this thesis.

Blind Signature

Offline Electronic Cash

Electronic Payment

Anonymity

Electronic Commerce

Strong Privacy Preserving Communication Protocol for VANETs

Huang, Shih-wei

23 August 2011

Vehicular ad hoc networks (VANETs) are instances of mobile ad hoc networks with the aim to enhance the safety and efficiency of road traffic. The basic idea is to allow arbitrary vehicles to broadcast ad hoc messages (e.g. traffic accidents) to other vehicles and remind drivers to change their route immediately or slow down to avoid dangers. However, some concerns of security and privacy are also raised in this environment. Messages should be signed and verified before they are trusted while the real identities of vehicles should not be revealed to guarantee the source privacy, but it still has to be traceable to prevent any abuse of VANETs (e.g. sending a fake message). Many related works have been presented in the literature so far. They can be generally divided into two constructions, where one is based on pseudonymous authentication and the other is based on group signatures. However, both of the two constructions have some drawbacks. Consequently, in this thesis, we come up with a provably secure and strong privacy preserving protocol based on the blind signature technique to guarantee privacy and fulfill other essential security requirements in the vehicular communication environment. Besides, compared with other similar works, we offer an efficient tracing mechanism to trace and revoke the vehicles abusing the VANETs. In addition, considering the real environment, we also provide simulation results to show that our scheme is more practical, efficient and suitable for VANETs under a real city street scenario with high vehicle density. Finally, we also demonstrate the security of the proposed protocol by formal proofs.

Blind Signature

Vehicular Communication

Privacy Preservation

Authentication

Anonymity

Efficient Strong Anonymous Authentication Scheme for Wireless Communications

Tong, Yi-Wen

30 August 2012

Because of the popularity of wireless communication technologies, people can access servers without the restriction of place and time. With the rapid development of mobile devices, such as smart phones and iPads, the frequency of wireless networks have increased. Roaming services ensure service provision without location constraints. A secure roaming authentication protocol is critical for the security and privacy of users when accessing services by roaming. It ensures the authenticity of mobile users, and foreign and home servers. After authentication, the session key for the mobile user and the foreign server is established for secure communication. In addition, a secure roaming protocol may provide anonymity for mobile users. When the mobile user requests a service, the server is unable to identify two requests from the same user. For the current anonymous authentication protocols, the foreign server must fulfill the revocation check by the computation linear to the number of revoked users. It makes the protocol infeasible in practical environments. This thesis proposes a strong anonymous authentication protocol, using two-stage authentication, in which the home server is involved in the initial authentication to eliminate the revocation list and issues a timely anonymous credential for subsequent authentication after successful authentication. It reduces the computation costs for the revocation check and minimizes the size of the revocation list. Finally, this thesis also provides security proofs and comparisons of the proposed authentication mechanism.

Authentication

Wireless Network

Anonymity

Group Signature

Revocation

Secure Roaming

Using Secure Real-time Padding Protocol to Secure Voice-over-IP from Traffic Analysis Attacks

Mohanty, Saswat

2011 May 1900

Voice Over IP (VoIP) systems and transmission technologies have now become the norm for many communications applications. However, whether they are used for personal communication or priority business conferences and talks, privacy and confidentiality of the communication is of utmost priority. The present industry standard is to encrypt VoIP calls using Secure Real-time Transport Protocol (SRTP), aided by ZRTP, but this methodology remains vulnerable to traffic analysis attacks, some of which utilize the length of the encrypted packets to infer the language and spoken phrases of the conversation. Secure Real-time Padding Protocol (SRPP) is a new RTP profile which pads all VoIP sessions in a unique way to thwart traffic analysis attacks on encrypted calls. It pads every RTP or SRTP packet to a predefined packet size, adds dummy packets at the end of every burst in a controllable way, adds dummy bursts to hide silence spurts, and hides information about the packet inter-arrival timings. This thesis discusses a few practical approaches and a theoretical optimization approach to packet size padding. SRPP has been implemented in the form of a library, libSRPP, for VoIP application developers and as an application, SQRKal, for regular users. SQRKal also serves as an extensive platform for implementation and verification of new packet padding techniques.

Traffic Analysis

Padding

SRPP

VoIP

Security

Privacy and Anonymity

An Anonymous Authentication Protocol with Chargeability and Fair Privacy for Mobile Network Environments

Huang, Shi-Ming

26 July 2006

Mobile network equipments are widely popularized and advanced mobile communication services are provided increasingly such that ubiquitous computing environments will come true soon. It is a pleasure for mobile users to work or get recreations in the mobile network environments. However, just as the cases in wireline environments, there are a lot of security threats to mobile network systems and their impact on the security is more serious than that in wireline environments owing to the feature of wireless transmissions and the ubiquity property in mobile network systems. The secret personal information, important data, or classified missives which mobile users carry may be stolen by malicious entities. In order to guarantee the quality of the advanced communication services, the security and privacy would be the important issues when mobile users roam to the mobile networks. In this thesis, an anonymous authentication protocol will be proposed to protect both the security of the mobile network system and the privacy of mobile users. Not only does the proposed scheme provide mutual authentication between each user and the system, but also the identity of each user can be kept secret against anyone else including the system. Although the users are anonymously authenticated by the system, it can still make correct bills to charge these anonymous users. Finally, our protocol also achieves the goal of fair privacy which allows the judge to be able to revoke the anonymity and trace the illegal users when they misused the anonymity property such as they committed crimes.

Fair privacy

Cryptography

Mobile networks

Ubiquitous computing

Mutual authentication

Anonymity

Efficient network camouflaging in wireless networks

Jiang, Shu

12 April 2006

Camouflaging is about making something invisible or less visible. Network camouflaging is about hiding certain traffic information (e.g. traffic pattern, traffic flow identity, etc.) from internal and external eavesdroppers such that important information cannot be deduced from it for malicious use. It is one of the most challenging security requirements to meet in computer networks. Existing camouflaging techniques such as traffic padding, MIX-net, etc., incur significant performance degradation when protected networks are wireless networks, such as sensor networks and mobile ad hoc networks. The reason is that wireless networks are typically subject to resource constraints (e.g. bandwidth, power supply) and possess some unique characteristics (e.g. broadcast, node mobility) that traditional wired networks do not possess. This necessitates developing new techniques that take account of properties of wireless networks and are able to achieve a good balance between performance and security. In this three-part dissertation we investigate techniques for providing network camouflaging services in wireless networks. In the first part, we address a specific problem in a hierarchical multi-task sensor network, i.e. hiding the links between observable traffic patterns and user interests. To solve the problem, a temporally constant traffic pattern, called cover traffic pattern, is needed. We describe two traf- fic padding schemes that implement the cover traffic pattern and provide algorithms for achieving the optimal energy efficiencies with each scheme. In the second part, we explore the design of a MIX-net based anonymity system in mobile ad hoc networks. The objective is to hide the source-destination relationship with respect to each connection. We survey existing MIX route determination algorithms that do not account for dynamic network topology changes, which may result in high packet loss rate and large packet latency. We then introduce adaptive algorithms to overcome this problem. In the third part, we explore the notion of providing anonymity support at MAC layer in wireless networks, which employs the broadcast property of wireless transmission. We design an IEEE 802.11-compliant MAC protocol that provides receiver anonymity for unicast frames and offers better reliability than pure broadcast protocol.

wireless network security

network camouflaging

traffic padding

anonymity

An E-Cash Protocol with Efficient Double-Spending Revocability

Yu, Yao-chun

25 August 2009

Due to the fast progress of the internet technologies, electronic commerce becomes more and more popular. Many people and businesses deal with their transactions via the internet. The technologies of credit cards, electronic tickets, e-cash, and other advanced services have realized the vision of electronic commerce. In this thesis, we propose an off-line e-cash scheme with anonymity, untraceability, double-spending checking, and traceability. Anonymity and untraceability must be possessed in any e-cash scheme. In an off-line e-cash scheme, the bank or the third party (TTP) must be able to revoke the anonymity of a user who doubly spent her/his e-cash(s). In our proposed e-cash scheme, the bank can fast derive the identity of the user who doubly spent her/his e-cash(s) without the participation of TTP. If some illegal transactions are reported, TTP can also directly revoke the anonymity of the user who spent her/his e-cash(s) in the illegal transactions. In addition, the police needs to trace a specific user in some situation, and we propose a process to satisfy this requirement,called traceability.

Double-Spending

Chameleon Hash Functions

E-Cash

Anonymity

Untraceability