Distributed Key Generation and Its Applications

Kate, Aniket

25 June 2010

Numerous cryptographic applications require a trusted authority to hold a secret. With a plethora of malicious attacks over the Internet, however, it is difficult to establish and maintain such an authority in online systems. Secret-sharing schemes attempt to solve this problem by distributing the required trust to hold and use the secret over multiple servers; however, they still require a trusted {\em dealer} to choose and share the secret, and have problems related to single points of failure and key escrow. A distributed key generation (DKG) scheme overcomes these hurdles by removing the requirement of a dealer in secret sharing. A (threshold) DKG scheme achieves this using a complete distribution of the trust among a number of servers such that any subset of servers of size greater than a given threshold can reveal or use the shared secret, while any smaller subset cannot. In this thesis, we make contributions to DKG in the computational security setting and describe three applications of it. We first define a constant-size commitment scheme for univariate polynomials over finite fields and use it to reduce the size of broadcasts required for DKG protocols in the synchronous communication model by a linear factor. Further, we observe that the existing (synchronous) DKG protocols do not provide a liveness guarantee over the Internet and design the first DKG protocol for use over the Internet. Observing the necessity of long-term stability, we then present proactive security and group modification protocols for our DKG system. We also demonstrate the practicality of our DKG protocol over the Internet by testing our implementation over PlanetLab. For the applications, we use our DKG protocol to define IND-ID-CCA secure distributed private-key generators (PKGs) for three important identity-based encryption (IBE) schemes: Boneh and Franklin's BF-IBE, Sakai and Kasahara's SK-IBE, and Boneh and Boyen's BB1-IBE. These IBE schemes cover all three important IBE frameworks: full-domain-hash IBEs, exponent-inversion IBEs and commutative-blinding IBEs respectively, and our distributed PKG constructions can easily be modified for other IBE schemes in these frameworks. As the second application, we use our distributed PKG for BF-IBE to define an onion routing circuit construction mechanism in the identity-based setting, which solves the scalability problem in single-pass onion routing circuit construction without hampering forward secrecy. As the final application, we use our DKG implementation to design a threshold signature architecture for quorum-based distributed hash tables and use it to define two robust communication protocols in these peer-to-peer systems.

Threshold cyptography

Distributed trust

Distributed key generation

Identity-based encryption

Anonymity

Distributed hash tables

Computer Science

Essays on Privacy, Information, and Anonymous Transactions

Wagman, Liad

January 2009

<p>This dissertation uses game theoretic models to examine the effects of agent anonymity on markets for goods and for information. In open, anonymous settings, such as the Internet, anonymity is relatively easy to obtain --- oftentimes another email address is sufficient. By becoming anonymous, agents can participate in various mechanisms (such as elections, opinion polls, auctions, etc.) multiple times. The first chapter (joint work with Vincent Conitzer) studies elections that disincentivize voters from voting multiple times. A voting rule is false-name-proof if no agent ever benefits from casting additional votes. In elections with two alternatives, it is shown that there is a unique false-name-proof voting rule that is most responsive to votes. The probability that this rule selects the majority winner converges to 1 as the population grows large. Methods to design analogous rules for elections with 3 or more alternatives are proposed. The second chapter (also joint work with Vincent Conitzer) extends the analysis in the first chapter to broader mechanism design settings, where the goal is to disincentivize agents from participating multiple times. The cost model from the first chapter is generalized and revelation principles are proven. The third chapter studies a setting where firms are able to recognize their previous customers, and may use information about consumers' purchase histories to price discriminate (which may incentivize consumers to be anonymous). The formal model considers a monopolist and a continuum of heterogeneous consumers, where consumers are able to maintain their anonymity at some cost. It is shown that when consumers can costlessly maintain their anonymity, they all individually choose to do so, which paradoxically results in the highest profit for the monopolist. Increasing the cost of anonymity can benefit consumers, but only up to a point; at that point, the effect is reversed. Some of the results are extended to a setting with two competing firms selling differentiated products. Finally, the cost of maintaining anonymity is endogenized by considering a third party that can make consumers anonymous for a fee of its choosing. It is shown that this third party would prefer to be paid by the firm for allowing consumers to costlessly maintain their anonymity.</p> / Dissertation

Economics, Theory

Economics, Commerce-Business

Anonymity

Electronic commerce

False

name

proofness

Mechanism Design

Price Discrimination

Privacy

Anonymous Multi-Receiver Certificate-Based Encryption

Tsai, Pei-Jen

16 August 2011

In a multi-receiver encryption environment, a sender can randomly choose a set of authorized receivers while distributing messages to them efficiently and securely. Recently, more and more researchers concern the privacy of receivers. They mentioned that an authorized receiver does not want other entities, except the service provider, to be able to derive her/his identity in many applications such as pay-TV. However, most of these protocols either provide no formal security proofs or are inefficient owing to high computation cost. In this thesis, we construct two provably secure and efficient anonymous multi-receiver certificated-based encryption schemes, PMCE and SCMCE, which avoid the key escrow problem while preserving the implicit certification of identity-based setting. The proposed PMCE and SCMCE get rid of pairing computation to encrypt a message and only need one and two pairing computations to decrypt the ciphertext, respectively. Finally, we define the security models and offer formal proofs to all properties including receiver anonymity.

Key Escrow Freeness

Multi-Receiver Encryption

Bilinear Pairing

Certificate-Based Encryption

Anonymity

Imitative sequel writing: divine breathings, second part of the Pilgrim's Progress, and the case of T. S. (aka Thomas Sherman)

Garrett, Christopher E.

02 June 2009

During the period between 1640 and 1700, over forty works were produced by authors identifying themselves as “T. S.” In the field of early modern literary studies, one T. S. has been particularly important to scholars because of this author’s imitative version of John Bunyan’s popular allegory titled The Second Part of the Pilgrim’s Progress (1682). This work by T. S., who has become known as Thomas Sherman, achieves minor success and prompts Bunyan to write his own authentic sequel. My research has uncovered an attribution history that identifies four additional texts—Divine Breathings (circa 1671); Youth’s Tragedy (1671); Youth’s Comedy (1680); Divine Breathings, the Second Part (1680)—and credits all of them to a Thomas Sherman. Of the five works attributed to this author, the most impressive printing history belongs to the earliest offering, Divine Breathings, or a Pious Soul Thirsting after Christ in a Hundred Pathetical Meditations, which appears in over 60 printings from 1671 to 1883 in England, Scotland, and North America. My research scrutinizes this attribution history and raises questions about identifying this T. S. as Thomas Sherman. Based on internal and external evidence, I argue that T. S. is not the author of Divine Breathings but establishes his authorial identity as an imitative writer who actively participates in the genre of Protestant meditational literature by providing sequels (i.e., Divine Breathings …the Second Part and Second Part of the Pilgrim’s Progress).

Imitation

Sequels

Devotional Literature

17th-Century British Literature

Meditations

Attribution Studies

Anonymity

Modeling and control of network traffic for performance and secure communications

Xiong, Yong

17 February 2005

The objective of this research is to develop innovative techniques for modeling and control of network congestion. Most existing network controls have discontinuous actions, but such discontinuity in control actions is commonly omitted in analytical models, and instead continuous models were widely adopted in the literature. This approximation works well under certain conditions, but it does cause significant discrepancy in creating robust, responsive control solutions for congestion management. In this dissertation, I investigated three major topics. I proposed a generic discontinuous congestion control model and its design methodology to guarantee asymptotic stability and eliminate traffic oscillation, based on the sliding mode control (SMC) theory. My scheme shows that discontinuity plays a crucial role in optimization of the I-D based congestion control algorithms. When properly modeled, the simple I-D control laws can be made highly robust to parameter and model uncertainties. I discussed applicability of this model to some existing flow or congestion control schemes, e.g. XON/XOFF, rate and window based AIMD, RED, etc. It can also be effectively applied to design of detection and defense of distributed denial of service (DDoS) attacks. DDoS management can be considered a special case of the flow control problem. Based on my generic discontinuous congestion control model, I developed a backward-propagation feedback control strategy for DDoS detection and defense. It not only prevents DDoS attacks but also provides smooth traffic and bounded queue size. Another application of the congestion control algorithms is design of private group communication networks. I proposed a new technique for protection of group communications by concealment of sender-recipient pairs. The basic approach is to fragment and disperse encrypted messages into packets to be transported along different paths, so that the adversary cannot efficiently determine the source/recipient of a message without correct ordering of all packets. Packet flows among nodes are made balanced, to eliminate traffic patterns related to group activities. I proposed a sliding window-based flow control scheme to control transmission of payload and dummy packets. My algorithms allow flexible tradeoff between traffic concealment and performance requirement.

discontinuous congestion control

network performance

sliding mode control

DDoS

traffic anonymity

Bystander intervention in cyberbullying

Brody, Nicholas Paul

18 October 2013

Cyberbullying incidents often occur in the presence of other bystanders. The inaction of bystanders can augment the deleterious effects of bullying on a victim. However, bystanders can often take action to stop a cyberbullying incident or offer support to the victim. Two studies examined the association between several variables which were expected to influence the propensity for a bystander to take action in cyberbullying incidents -- the number of bystanders, the depersonalization/anonymity of the bystander, and the relational closeness between the bystander and the victim. Moreover, the first study addressed the need for more descriptive research into cyberbullying by examining the strategies and topics used by perpetrators. Results of both Study 1 and Study 2 provided support for the diffusion of responsibility effect. Specifically, a higher number of bystanders was negatively associated with a bystander's propensity to intervene and stop the incident. In Study 2, this effect was moderated by both depersonalization and closeness. That is, individuals were most likely to intervene when they did not feel depersonalized, the victim was a close friend, and there were a low number of bystanders. Moreover, in both Study 1 and Study 2 the perceived anonymity of bystanders negatively related to their propensity to intervene, and closeness with the victim was associated with a higher likelihood to intervene and support the victim. Finally, descriptive data illustrated the types and strategies of cyberbullying episodes which occur in a college-aged sample. Altogether, the results shed light on the interplay of context, relationships, and technology in the behavior of bystanders to a cyberbullying episode. / text

Cyberbullying

Bullying

Bystander intervention

Diffusion of responsibility

Computer-mediated communication

Social support

Anonymity

Grundskolan i en digital omgivning. : en studie i skolans handlingsberedskap mot digitala kränkningar.

Fahlgren, Bengt

January 2010

Uppsatsen centrerades kring ett accelererande problem- med konsekvenser även för skolan - nämligen de digitala kränkningarna. Syftet med själva projektet är att primärt belysa hur skolledning och skolpersonal dels uppfattar och dels hanterar möjliga digitala kränkningar, oavsett var och hur dessa kränkningar framförs.Uppsatsen bygger på intervjuer med nyckelinformanter i skolorganisationen i en kommun, från politisk nivå till verkställande nivå i form av rektorer m fl. Dessa intervjuer speglas mot svar från Skolverket, barnombudsmannen m fl. Intervjuerna - med nyckelinformanter – visade på vissa svårigheter med detta problemområde. En svårighet visade sig vara ansvarsfördelningen skola - hem. Informanterna upplevde att en dominerande del av kränkningarna sker på fritiden och ansåg i varierande grad att detta är hemmets problem och inte skolans. En åsikt som inte helt delas av de informanter som har anknytning till Skolverket eller Barnombudsmannen.

digital environment

anonymity

digital harassment

digital bullying

deindividuation theory

school's responsibilities

parents responsibilities

Distributed Key Generation and Its Applications

Kate, Aniket

25 June 2010

Numerous cryptographic applications require a trusted authority to hold a secret. With a plethora of malicious attacks over the Internet, however, it is difficult to establish and maintain such an authority in online systems. Secret-sharing schemes attempt to solve this problem by distributing the required trust to hold and use the secret over multiple servers; however, they still require a trusted {\em dealer} to choose and share the secret, and have problems related to single points of failure and key escrow. A distributed key generation (DKG) scheme overcomes these hurdles by removing the requirement of a dealer in secret sharing. A (threshold) DKG scheme achieves this using a complete distribution of the trust among a number of servers such that any subset of servers of size greater than a given threshold can reveal or use the shared secret, while any smaller subset cannot. In this thesis, we make contributions to DKG in the computational security setting and describe three applications of it. We first define a constant-size commitment scheme for univariate polynomials over finite fields and use it to reduce the size of broadcasts required for DKG protocols in the synchronous communication model by a linear factor. Further, we observe that the existing (synchronous) DKG protocols do not provide a liveness guarantee over the Internet and design the first DKG protocol for use over the Internet. Observing the necessity of long-term stability, we then present proactive security and group modification protocols for our DKG system. We also demonstrate the practicality of our DKG protocol over the Internet by testing our implementation over PlanetLab. For the applications, we use our DKG protocol to define IND-ID-CCA secure distributed private-key generators (PKGs) for three important identity-based encryption (IBE) schemes: Boneh and Franklin's BF-IBE, Sakai and Kasahara's SK-IBE, and Boneh and Boyen's BB1-IBE. These IBE schemes cover all three important IBE frameworks: full-domain-hash IBEs, exponent-inversion IBEs and commutative-blinding IBEs respectively, and our distributed PKG constructions can easily be modified for other IBE schemes in these frameworks. As the second application, we use our distributed PKG for BF-IBE to define an onion routing circuit construction mechanism in the identity-based setting, which solves the scalability problem in single-pass onion routing circuit construction without hampering forward secrecy. As the final application, we use our DKG implementation to design a threshold signature architecture for quorum-based distributed hash tables and use it to define two robust communication protocols in these peer-to-peer systems.

Threshold cyptography

Distributed trust

Distributed key generation

Identity-based encryption

Anonymity

Distributed hash tables

Computer Science

Conceiving a Feminist Legal Approach to Frozen Embryos: Exploring the Limitations of Canadian Responses to Disposition Disputes and Donor Anonymity

Carsley, Stefanie

21 November 2013

This thesis advances a feminist critique of Canadian legal responses to disputes over frozen in vitro embryos and embryo donor anonymity. It argues that current laws that provide spouses or partners with joint control over the use and disposition of embryos created from their genetic materials, that mandate the creation of agreements setting out these parties intentions in the event of a disagreement or divorce and that protect donor anonymity without providing mechanisms to allow donors, recipients and donor offspring to voluntarily exchange information do not adequately account for the lived experiences of women who undergo in vitro fertilization treatment or who serve as embryo donors. This thesis provides recommendations for how Canadian laws and policies might better support the express objectives and intentions of Canadian federal and provincial statutes to protect the rights, interests and health of women who seek to build their families through assisted reproductive technologies.

In Vitro Fertilization

Embryo Donation

Family Law

Health Law

Feminist Theory

Donor Anonymity

Assisted Reproductive Technologies

0398

Covert Communication Networks

Nix, Timothy Glen

16 December 2013

A covert communications network (CCN) is a connected, overlay peer-to-peer network used to support communications within a group in which the survival of the group depends on the confidentiality and anonymity of communications, on concealment of participation in the network to both other members of the group and external eavesdroppers, and finally on resilience against disconnection. In this dissertation, we describe the challenges and requirements for such a system. We consider the topologies of resilient covert communications networks that: (1) minimize the impact on the network in the event of a subverted node; and (2) maximize the connectivity of the survivor network with the removal of the subverted node and its closed neighborhood. We analyze the properties of resilient covert networks, propose measurements for determining the suitability of a topology for use in a covert communication network, and determine the properties of an optimal covert network topology. We analyze multiple topologies and identify two constructions that are capable of generating optimal topologies. We then extend these constructions to produce near-optimal topologies that can “grow” as new nodes join the network. We also address protocols for membership management and routing. Finally, we describe the architecture of a prototype system for instantiating a CCN.

anonymity

anonymous communication

communications networks

covert communication

membership concealment

overlay networks

peer-to-peer

privacy

security