E-commerce and its derived applications: smart card certificate system and recoverable and untraceable electronic cash.

January 2001

by Liu Kai Sui. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2001. / Includes bibliographical references (leaves 67-71). / Abstracts in English and Chinese. / Chapter 1. --- Introduction --- p.1 / Chapter 1.1 --- Security and E-commerce --- p.3 / Chapter 1.2 --- E-commerce: More than Commercial Activities --- p.4 / Chapter 1.3 --- What This Thesis Contains --- p.5 / Chapter 2. --- Introduction to Cryptographic Theories --- p.7 / Chapter 2.1 --- Six Cryptographic Primitives --- p.7 / Chapter 2.1.1 --- Symmetric Encryption --- p.8 / Chapter 2.1.2 --- Asymmetric Encryption --- p.8 / Chapter 2.1.3 --- Digital Signature --- p.9 / Chapter 2.1.4 --- Message Digest --- p.9 / Chapter 2.1.5 --- Digital Certificate and Certificate Authority --- p.10 / Chapter 2.1.6 --- Zero-Knowledge Proof --- p.11 / Chapter 2.2 --- The RSA Public Key Cryptosystem --- p.12 / Chapter 2.3 --- The ElGamal Public Key Encryption Scheme --- p.13 / Chapter 2.4 --- Elliptic Curve Cryptosystem --- p.14 / Chapter 2.4.1 --- The Algorithm of Elliptic Curve Cryptosystem --- p.15 / Chapter 2.5 --- Different kinds of Digital Signature --- p.16 / Chapter 2.5.1 --- RSA Digital Signature --- p.16 / Chapter 2.5.2 --- Elliptic Curve Nyberg-Rueppel Digital Signature --- p.16 / Chapter 2.6 --- Blind Signature --- p.17 / Chapter 2.7 --- Cut-and-choose protocol --- p.18 / Chapter 2.8 --- Diffie-Hellman Key Exchange --- p.19 / Chapter 3. --- "Introduction to E-commerce, M-commerce and Rich Media M-commerce" --- p.20 / Chapter 3.1 --- 1st Generation of E-commerce --- p.21 / Chapter 3.2 --- 2nd Generation of E-commerce ´ؤ M-commerce --- p.21 / Chapter 3.3 --- 3rd Generation of E-commerce - Rich Media M-commerce --- p.23 / Chapter 3.4 --- Payment Systems used in E-commerce --- p.23 / Chapter 3.4.1 --- Electronic Cash --- p.23 / Chapter 3.4.2 --- Credit Card --- p.24 / Chapter 3.4.3 --- Combined Payment System --- p.24 / Chapter 4. --- Introduction to Smart Card --- p.25 / Chapter 4.1 --- What is Smart Card? --- p.25 / Chapter 4.2 --- Advantages of Smart Cards --- p.26 / Chapter 4.2.1 --- Protable Device --- p.26 / Chapter 4.2.2 --- Multi-applications --- p.26 / Chapter 4.2.3 --- Computation Power --- p.26 / Chapter 4.2.4 --- Security Features --- p.27 / Chapter 4.3 --- What can Smart Cards Do? --- p.27 / Chapter 4.4 --- Java Card --- p.28 / Chapter 5. --- A New Smart Card Certificate System --- p.30 / Chapter 5.1 --- Introduction --- p.31 / Chapter 5.2 --- Comparison between RSA and ECC --- p.32 / Chapter 5.3 --- System Architecture --- p.33 / Chapter 5.3.1 --- System Setup --- p.33 / Chapter 5.3.2 --- Apply for a certificate --- p.34 / Chapter 5.3.3 --- Verification of Alice --- p.35 / Chapter 5.3.4 --- "Other Certificates ´ؤ the ""Hyper-Link"" concept" --- p.36 / Chapter 5.3.4.1 --- "Generation of the ""hyper-link""" --- p.37 / Chapter 5.3.4.2 --- "Verification ofAlice using the ""hyper-link""" --- p.37 / Chapter 5.3.5 --- Multiple Applications --- p.38 / Chapter 5.4 --- Security Analysis --- p.39 / Chapter 5.4.1 --- No Crypto-processor is needed --- p.40 / Chapter 5.4.2 --- PIN Protect --- p.40 / Chapter 5.4.3 --- Digital Certificate Protect --- p.40 / Chapter 5.4.4 --- Private Key is never left the smart card --- p.41 / Chapter 5.5 --- Extensions --- p.41 / Chapter 5.5.1 --- Biometrics Security --- p.41 / Chapter 5.5.2 --- E-Voting --- p.41 / Chapter 5.6 --- Conclusion --- p.42 / Chapter 6. --- Introduction to Electronic Cash --- p.44 / Chapter 6.1 --- Introduction --- p.44 / Chapter 6.2 --- The Basic Requirements --- p.45 / Chapter 6.3 --- Advantages of Electronic Cash over other kinds of payment systems --- p.46 / Chapter 6.3.1 --- Privacy --- p.46 / Chapter 6.3.2 --- Off-line payment --- p.47 / Chapter 6.3.3 --- Suitable for Small Amount Payment --- p.47 / Chapter 6.4 --- Basic Model of Electronic Cash --- p.48 / Chapter 6.5 --- Examples of Electronic Cash --- p.49 / Chapter 6.5.1 --- eCash --- p.49 / Chapter 6.5.2 --- Mondex --- p.49 / Chapter 6.5.3 --- Octopus Card --- p.50 / Chapter 7. --- A New Recoverable and Untraceable Electronic Cash --- p.51 / Chapter 7.1 --- Introduction --- p.52 / Chapter 7.2 --- The Basic Idea --- p.52 / Chapter 7.3 --- S. Brand's Single Term E-cash Protocol --- p.54 / Chapter 7.3.1 --- The Setup of the System --- p.54 / Chapter 7.3.2 --- The Withdrawal Protocol --- p.54 / Chapter 7.3.3 --- The Payment Protocol --- p.55 / Chapter 7.3.4 --- The Deposit Protocol --- p.56 / Chapter 7.4 --- The Proposed Protocol --- p.57 / Chapter 7.4.1 --- The Withdrawal Protocol --- p.57 / Chapter 7.4.2 --- The Payment Protocol --- p.58 / Chapter 7.4.3 --- The Deposit Protocol --- p.58 / Chapter 7.4.4. --- The Recovery Protocol --- p.59 / Chapter 7.5 --- Security Analysis --- p.60 / Chapter 7.5.1 --- Conditional Untraceability --- p.60 / Chapter 7.5.2 --- Cheating --- p.60 / Chapter 7.6 --- Extension --- p.60 / Chapter 7.7 --- Conclusion --- p.62 / Chapter 8. --- Conclusion --- p.63 / Appendix: Paper derived from this thesis --- p.66 / Bibliography --- p.67

Electronic commerce

Computer networks--Access control

Smart cards

Cryptography

Computer security

Data Sharing on Untrusted Storage with Attribute-Based Encryption

Yu, Shucheng

13 July 2010

"Storing data on untrusted storage makes secure data sharing a challenge issue. On one hand, data access policies should be enforced on these storage servers; on the other hand, confidentiality of sensitive data should be well protected against them. Cryptographic methods are usually applied to address this issue -- only encrypted data are stored on storage servers while retaining secret key(s) to the data owner herself; user access is granted by issuing the corresponding data decryption keys. The main challenges for cryptographic methods include simultaneously achieving system scalability and fine-grained data access control, efficient key/user management, user accountability and etc. To address these challenge issues, this dissertation studies and enhances a novel public-key cryptography -- attribute-based encryption (ABE), and applies it for fine-grained data access control on untrusted storage. The first part of this dissertation discusses the necessity of applying ABE to secure data sharing on untrusted storage and addresses several security issues for ABE. More specifically, we propose three enhancement schemes for ABE: In the first enhancement scheme, we focus on how to revoke users in ABE with the help of untrusted servers. In this work, we enable the data owner to delegate most computation-intensive tasks pertained to user revocation to untrusted servers without disclosing data content to them. In the second enhancement scheme, we address key abuse attacks in ABE, in which authorized but malicious users abuse their access privileges by sharing their decryption keys with unauthorized users. Our proposed scheme makes it possible for the data owner to efficiently disclose the original key owner's identity merely by checking the input and output of a suspicious user's decryption device. Our third enhancement schemes study the issue of privacy preservation in ABE. Specifically, our proposed schemes hide the data owner's access policy not only to the untrusted servers but also to all the users. The second part presents our ABE-based secure data sharing solutions for two specific applications -- Cloud Computing and Wireless Sensor Networks (WSNs). In Cloud Computing cloud servers are usually operated by third-party providers, which are almost certain to be outside the trust domain of cloud users. To secure data storage and sharing for cloud users, our proposed scheme lets the data owner (also a cloud user) generate her own ABE keys for data encryption and take the full control on key distribution/revocation. The main challenge in this work is to make the computation load affordable to the data owner and data consumers (both are cloud users). We address this challenge by uniquely combining various computation delegation techniques with ABE and allow both the data owner and data consumers to securely mitigate most computation-intensive tasks to cloud servers which are envisaged to have unlimited resources. In WSNs, wireless sensor nodes are often unattendedly deployed in the field and vulnerable to strong attacks such as memory breach. For securing storage and sharing of data on distributed storage sensor nodes while retaining data confidentiality, sensor nodes encrypt their collected data using ABE public keys and store encrypted data on storage nodes. Authorized users are given corresponding decryption keys to read data. The main challenge in this case is that sensor nodes are extremely resource-constrained and can just afford limited computation/communication load. Taking this into account we divide the lifetime of sensor nodes into phases and distribute the computation tasks into each phase. We also revised the original ABE scheme to make the overhead pertained to user revocation minimal for sensor nodes. Feasibility of the scheme is demonstrated by experiments on real sensor platforms. "

Secure Data Sharing

Access Control

Untrusted Storage

Cloud Computing

Attribute-Based Encryption

Opportunistic Routing in Multihop Wireless Networks: Capacity, Energy Efficiency, and Security

Zeng, Kai

24 July 2008

"Opportunistic routing (OR) takes advantages of the spatial diversity and broadcast nature of wireless networks to combat the time-varying links by involving multiple neighboring nodes (forwarding candidates) for each packet relay. This dissertation studies the properties, energy efficiency, capacity, throughput, protocol design and security issues about OR in multihop wireless networks. Firstly, we study geographic opportunistic routing (GOR), a variant of OR which makes use of nodes' location information. We identify and prove three important properties of GOR. The first one is on prioritizing the forwarding candidates according to their geographic advancements to the destination. The second one is on choosing the forwarding candidates based on their advancements and link qualities in order to maximize the expected packet advancement (EPA) with different number of forwarding candidates. The third one is on the concavity of the maximum EPA in respect to the number of forwarding candidates. We further propose a local metric, EPA per unit energy consumption, to tradeoff the routing performance and energy efficiency for GOR. Leveraging the proved properties of GOR, we propose two efficient algorithms to select and prioritize forwarding candidates to maximize the local metric. Secondly, capacity is a fundamental issue in multihop wireless networks. We propose a framework to compute the end-to-end throughput bound or capacity of OR in single/multirate systems given OR strategies (candidate selection and prioritization). Taking into account wireless interference and unique properties of OR, we propose a new method of constructing transmission conflict graphs, and we introduce the concept of concurrent transmission sets to allow the proper formulation of the maximum end-to-end throughput problem as a maximum-flow linear programming problem subject to the transmission conflict constraints. We also propose two OR metrics: expected medium time (EMT) and expected advancement rate (EAR), and the corresponding distributed and local rate and candidate set selection schemes, the Least Medium Time OR (LMTOR) and the Multirate Geographic OR (MGOR). We further extend our framework to compute the capacity of OR in multi-radio multi-channel systems with dynamic OR strategies. We study the necessary and sufficient conditions for the schedulability of a traffic demand vector associated with a transmitter to its forwarding candidates in a concurrent transmission set. We further propose an LP approach and a heuristic algorithm to obtain an opportunistic forwarding strategy scheduling that satisfies a traffic demand vector. Our methodology can be used to calculate the end-to-end throughput bound of OR in multi-radio/channel/rate multihop wireless networks, as well as to study the OR behaviors (such as candidate selection and prioritization) under different network configurations. Thirdly, protocol design of OR in a contention-based medium access environment is an important and challenging issue. In order to avoid duplication, we should ensure only the "best" receiver of each packet to forward it in an efficient way. We investigate the existing candidate coordination schemes and propose a "fast slotted acknowledgment" (FSA) to further improve the performance of OR by using a single ACK to coordinate the forwarding candidates with the help of the channel sensing technique. Furthermore, we study the throughput of GOR in multi-rate and single-rate systems. We introduce a framework to analyze the one-hop throughput of GOR, and provide a deeper insight on the trade-off between the benefit (packet advancement, bandwidth, and transmission reliability) and cost (medium time delay) associated with the node collaboration. We propose a local metric named expected one-hop throughput (EOT) to balance the benefit and cost. Finally, packet reception ratio (PRR) has been widely used as an indicator of the link quality in multihop wireless networks. Many routing protocols including OR in wireless networks depend on the PRR information to make routing decision. Providing accurate link quality measurement (LQM) is essential to ensure the right operation of these routing protocols. However, the existing LQM mechanisms are subject to malicious attacks, thus can not guarantee to provide correct link quality information. We analyze the security vulnerabilities in the existing link quality measurement (LQM) mechanisms and propose an efficient broadcast-based secure LQM (SLQM) mechanism, which prevents the malicious attackers from reporting a higher PRR than the actual one. We analyze the security strength and the cost of the proposed mechanism. "

opportunistic routing

security

energy efficiency

medium access control

capacity

throughput

Wireless LANS

Routers (Computer networks)

Security of distributed data systems

Finch, Steven D.

January 2010

Typescript (photocopy). / Digitized by Kansas Correctional Industries

Computers-- Access control.

Designing and implementing a network authentication service for providing a secure communication channel

Chance, Christopher P

January 2010

Typescript (photocopy). / Digitized by Kansas Correctional Industries / Department: Computer Science.

Computer networks--Security measures

Multiple-coupled random access techniques for packet radio networks.

Siegel, Lawrence Charles

January 1978

Thesis (B.S.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1978. / MICROFICHE COPY AVAILABLE IN ARCHIVES AND ENGINEERING. / Vita. / Bibliography: leaf 58. / B.S.

Packet switching (Data transmission)

Computers Access control

Computer networks

Encryption-based protection protocols for interactive user-computer communication over physically unsecured channels.

Kent, Stephen Thomas

January 1976

Thesis. 1976. M.S.--Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. / Microfiche copy available in Archives and Engineering. / Bibliography: leaves 119-121. / M.S.

Interactive computer systems

MULTICS (Electronic computer system)

Cryptography

Computers Access control

Critical analyses of some public-key cryptosystems for high-speed satellite transmission applications

Ma, Moses Hsingwen

January 1981

Thesis (M.S.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1981. / MICROFICHE COPY AVAILABLE IN ARCHIVES AND ENGINEERING. / Vita. / Bibliography: leaves 83-86. / by Moses Hsingwen Ma. / M.S.

Digital communications

Data transmission systems

Cryptography

Computers Access control Passwords

Non-discretionary access control for decentralized computing systems.

Karger, Paul Ashley

January 1977

Thesis. 1977. M.S.--Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. / MICROFICHE COPY AVAILABLE IN ARCHIVES AND ENGINEERING. / Bibliography : leaves 131-139. / M.S.

Computers Access control

Database management

Achieving secure and efficient access control of personal health records in a storage cloud

Binbusayyis, Adel

January 2017

A personal health record (PHR) contains health data about a patient, which is maintained by the patient. Patients may share their PHR data with a wide range of users such as healthcare providers and researchers through the use of a third party such as a cloud service provider. To protect the confidentiality of the data and to facilitate access by authorized users, patients use Attribute-Based Encryption (ABE) to encrypt the data before uploading it onto the cloud servers. With ABE, an access policy is defined based on users' attributes such as a doctor in a particular hospital, or a researcher in a particular university, and the encrypted data can only be decrypted if and only if a user's attributes comply with the access policy attached to a data object. Our critical analysis of the related work in the literature shows that existing ABE based access control frameworks used for sharing PHRs in a storage cloud can be enhanced in terms of scalability and security. With regard to scalability, most existing ABE based access control frameworks rely on the use of a single attribute authority to manage all users, making the attribute authority into a potential bottleneck regarding performance and security. With regard to security, the existing ABE based access control frameworks assume that all users have the same level of trust (i.e. they are equally trustworthy) and all PHR data files have the same sensitivity level, which means that the same protection level is provided. However, in our analysis of the problem context, we have observed that this assumption may not always be valid. Some data, such as patients' personal details and certain diseases, is more sensitive than other data, such as anonymised data. Access to more sensitive data should be governed by more stringent access control measures. This thesis presents our work in rectifying the two limitations highlighted above. In doing so, we have made two novel contributions. The first is the design and evaluation of a Hierarchical Attribute-Based Encryption (HABE) framework for sharing PHRs in a storage cloud. The HABE framework can spread the key management overheads imposed on a single attribute authority tasked with the management of all the users into multiple attribute authorities. This is achieved by (1) classifying users into different groups (called domains) such as healthcare, education, etc., (2) making use of multiple attribute authorities in each domain, (3) structuring the multiple attribute authorities in each domain in a hierarchical manner, and (4) allowing each attribute authority to be responsible for managing particular users in a specific domain, e.g. a hospital or a university. The HABE framework has been analyzed and evaluated in term of security and performance. The security analysis demonstrates that the HABE framework is resistant to a host of security attacks including user collusions. The performance has been analyzed in terms of computational and communication overheads and the results show that the HABE framework is more efficient and scalable than the most relevant comparable work. The second novel contribution is the design and evaluation of a Trust-Aware HABE (Trust+HABE) framework, which is an extension of the HABE framework. This framework is also intended for sharing PHRs in a storage cloud. The Trust+HABE framework is designed to enhance security in terms of protecting access to sensitive PHR data while keeping the overhead costs as low as possible. The idea used here is that we classify PHR data into different groups, each with a distinctive sensitivity level. A user requesting data from a particular group (with a given sensitivity level) must demonstrate that his/her trust level is not lower than the data sensitivity level (i.e. trust value vs data sensitivity verification). A user's trust level is derived based on a number of trust-affecting factors, such as his/her behaviour history and the authentication token type used to identify him/herself etc. For accessing data at the highest sensitivity level, users are required to get special permissions from the data owners (i.e. the patients who own the data), in addition to trust value vs data sensitivity verification. In this way, the framework not only adapts its protection level (in imposing access control) in response to the data sensitivity levels, but also provides patients with more fine-grained access control to their PHR data. The Trust+HABE framework is also analysed and evaluated in term of security and performance. The performance results from the Trust+HABE framework are compared against the HABE framework. The comparison shows that the additional computational, communication, and access delay costs introduced as the result of using the trust-aware approach to access control in this context are not significant compared with computational, communication, and access delay costs of the HABE framework.

004