Dopad COVID-19 na bezpečnostní politiku států v oblasti kybernetické bezpečnosti / Impact of COVID-19 on Security Policies of States in the Area of Cyber Security

Rieger, Anastasiya

January 2022

CHARLES UNIVERSITY FACULTY OF SOCIAL SCIENCES Master of International Security Systems Anastasiya Neskoromna/Rieger Impact of COVID 19 on Security Policies of States in the Area of Cyber Security Abstract Prague 2022 Author: Ms. Anastasiya Neskoromna/Rieger Supervisor: prof. David Erkomashvile, Ph.D. Academic Year: 2021/2022 Abstract The SARS-Cov-19 or in different wording the global Covid pandemic outburst have created an unprecedented scenario for various organizations, agencies and structures. The COVID-19 pandemic in 2020 has become an extraordinary and shocking event for the world community and the global economy. On the part of the authorities, the COVID-19 pandemic is accompanied by sometimes harsh and ambiguous decisions, the consequences of which are felt by people in many countries of the world: movement between countries was stopped, businesses and enterprises were closed, the restriction was created, those who were sick or at risk of infection were isolated. There was also no possible assumption regarding how long such a mode of life will last. Many factors as a consequential chain of reactions from the pandemic in the aggregate have created a pleasant environment for altering and modifying the cybercrime landscape. This work aims to analyze the factorial presence of modification in the sphere...

Post-quantum self-tallying voting protocol

Wong, Vonn Kee

22 August 2022

No description available.

Mathematics

voting protocol

post-quantum

ring learning with errors

zero knowledge proofs

State Validation of Ethash-based Blockchains using a zk-SNARK-based Chain Relay

Leonard, Stutzer

January 2022

We present an Ethash-based blockchain relay that utilizes Off-Chain Computation (OCC) to validate block headers on-chain. Current work compromises on fundamental ideas of the blockchain concept: they either require a centralized entity, require a centralized Trusted Third Party (TTP) or are built on economic assumptions. That way, they try to circumvent the on-chain cost-heavy Ethash computation. We utilize Zero Knowledge Proofs (ZKPs) to outsource the Ethash validation to an Off-Chain Computation Framework (OCCF) and only verify the validity of the OCC on-chain. The required dataset for the Ethash validation is inserted into a merkle tree for computational feasibility. Additionally, we validate multiple block headers in batches to further minimize on-chain costs. The on-chain costs of our batch validation mechanism are minimal and constant since only the proof of an OCC is verified on-chain. Through merkle proofs we enable the efficient inclusion of intermediary block headers for any submitted batch. The OCC is feasible on average consumer hardware specifications. Our prototype verifies 5 block headers in a single proof using the ZoKrates framework. Compared to current approaches we only use 3.3% of the gas costs resulting in a highly scalable alternative that is trustless, distributed and has no economic assumptions. For future work, we propose to distribute the computational overhead of computing Ethash inside a ZKP through an off-chain distribution module. This is because we rely on the concurrent execution of the OCC by at least 36 active participants to catch up with the current state of the relay’s blockchain. / Vi presenterar ett Ethash-baserat blockchain-relä som använder sig av Off-Chain Computation (OCC) att validera blockhuvuden i kedjan. Nuvarande arbete kompromissar med grundläggande idéer om blockchain-konceptet: de kräver antingen en centraliserad enhet, kräver en centraliserad Trusted Third Party (TTP) eller bygger på ekonomiska antaganden. På så sätt försöker de kringgå den kostnadstunga Ethash-beräkningen på kedjan. Vi använda Zero Knowledge Proof (ZKP) för att lägga ut Ethash-valideringen på en Off-Chain Computation Framework (OCCF) och verifiera endast giltigheten av OCC på kedjan. Den nödvändiga datamängden för Ethash-valideringen är infogas i ett merkleträd för beräkningsmöjlighet. Dessutom validerar vi flera blockhuvuden i omgångar för att ytterligare minimera kostnader i kedjan. På-kedjan kostnaderna för vår batchvalideringsmekanism är minimala och konstanta eftersom endast bevis på en OCC verifieras i kedjan. Genom merkle proofs möjliggör vi det effektiva inkludering av mellanliggande blockrubriker för alla inlämnade partier. OCC är genomförbart i genomsnitt konsumenthårdvaruspecifikationer. Vår prototyp verifierar 5 blockhuvuden i ett enda bevis med hjälp av ZoKrates-ramverket. Jämfört med nuvarande tillvägagångssätt vi använder bara 3,3% av gaskostnaderna vilket resulterar i ett mycket skalbart alternativ dvs förtroendelös, distribuerad och har inga ekonomiska antaganden. För framtida arbete, föreslår vi för att distribuera beräkningsoverheaden för beräkning av Ethash inuti en ZKP genom en distributionsmodul utanför kedjan. Detta beror på att vi skulle förlita oss på det samtidiga utförandet av OCC med minst 36 aktiva deltagare för att komma ikapp med det aktuella tillståndet för reläets blockkedja.

Blockchain Interoperability

Chain Relays

Zero-Knowledge Proofs

Sidechains

Computer and Information Sciences

Data- och informationsvetenskap

Secure, Distributed Financial Exchanges: Design and Implementation

Ngo, Chan Nam

17 October 2019

Blockchains and Byzantine Fault Tolerance form the basis of decentralized currencies and ledgers, such as Bitcoin, Ripple, ZeroCash, and Ethereum. Several studies have focused on the currency aspects (e.g. authenticity, integrity, anonymity, and independence from central banks). In this thesis, we start by exploring to understand the security challenges and practical solutions for building simple payment networks. Then, we leverage such understanding in identifying the security challenges of more advanced and complex systems, in particular Futures Exchanges. The decentralization of a Futures Exchange poses new security challenges: i) the interplay between the security and economic viability, i.e. using the Price Discrimination Attack one can strategically force a trader out of the market when the trader's anonymity is broken; ii) the non-monotonic security behavior of an Exchange, i.e. an honest action may invalidate security evidence; and iii) the proportional burden requirement in the presence of high-frequency participants. Our goal is to enucleate the non-trivial design principles to resolve these challenges for building secure and distributed financial exchanges. We demonstrate the application of the distilled design principles by building a cryptographic reference for a futures exchange called FuturesMEX. We also simulate the performance of a FuturesMEX Proof-of-Concept with the Lean Hog market data obtained from the Thomson Reuters Ticks History DB. The results show that the obtained protocol is feasible for a low-frequency market such as Lean Hog. Furthermore, we investigate an extension of public markets, i.e. dark pools (private markets), in which the order book information is conditionally visible to some (financially) suitable parties. We propose a new cryptographic scheme called Witness Key Agreement that makes dark trading possible by probing prices and volumes based on committed financial information Finally, we evaluate the theoretical and practical performance of the new scheme; using a simulation of the dark pool data collected from the aggressive Bloomberg Tradebook, we obtain positive results.

security challenge

design principle

distributed ledger

zero-knowledge

financial exchange

dark trading

Zero-Knowledge Proof for Knowledge of RLWE (Ring-Learning with Errors) Secret Keys

R V, Saraswathy

07 June 2018

No description available.

Mathematics

key exchange

RLWE

post-quantum

key reuse

active attacks

zero knowledge

Coevolution of Neuro-controllers to Train Multi-Agent Teams from Zero Knowledge

Scheepers, Christiaan

25 July 2013

After the historic chess match between Deep Blue and Garry Kasparov, many researchers considered the game of chess solved and moved on to the more complex game of soccer. Artificial intelligence research has shifted focus to creating artificial players capable of mimicking the task of playing soccer. A new training algorithm is presented in this thesis for training teams of players from zero knowledge, evaluated on a simplified version of the game of soccer. The new algorithm makes use of the charged particle swarm optimiser as a neural network trainer in a coevolutionary training environment. To counter the lack of domain information a new relative fitness measure based on the FIFA league-ranking system was developed. The function provides a granular relative performance measure for competitive training. Gameplay strategies that resulted from the trained players are evaluated. It was found that the algorithm successfully trains teams of agents to play in a cooperative manner. Techniques developed in this study may also be widely applied to various other artificial intelligence fields. / Dissertation (MSc)--University of Pretoria, 2013. / Computer Science / unrestricted

Multi agent system

Cooperative coevolution

Simple soccer

Zero knowledge

Competitive coevolution

Neural networks

Charged particle swarm optimiser

UCTD

Efficient lattice-based zero-knowledge proofs and applications / Preuves à divulgation nulle de connaissance efficaces à base de réseaux euclidiens et applications

Pino, Rafaël del

01 June 2018

Le chiffrement à base de réseaux euclidiens a connu un grand essor durant les vingt dernières années. Autant grâce à l’apparition de nouvelles primitives telles que le chiffrement complètement homomorphe, que grâce à l’amélioration des primitives existantes, comme le chiffrement á clef publique ou les signatures digitales, qui commencent désormais à rivaliser avec leurs homologues fondés sur la théorie des nombres. Cela dit les preuves à divulgation nulle de connaissance, bien qu’elles représentent un des piliers des protocols de confidentialité, n’ont pas autant progressé, que ce soit au niveau de leur expressivité que de leur efficacité. Cette thèse s’attelle dans un premier temps à améliorer l’état de l’art en matière de preuves à divulgation nulle de connaissance. Nous construisons une preuve d’appartenance à un sous ensemble dont la taille est indépendante de l’ensemble en question. Nous construisons de même une preuve de connaissance amortie qui est plus efficace et plus simple que toutes les constructions qui la précèdent. Notre second propos est d’utiliser ces preuves à divulgation nulle de connaissance pour construire de nouvelles primitives cryptographiques. Nous concevons une signature de groupe dont la taille est indépendante du groupe en question, ainsi qu’un schéma de vote électronique hautement efficace, y compris pour des élections à grand échelle. / Lattice based cryptography has developed greatly in the last two decades, both with new and stimulating results such as fully-homomorphic encryption, and with great progress in the efficiency of existing cryptographic primitives like encryption and signatures which are becoming competitive with their number theoretic counterparts. On the other hand, even though they are a crucial part of many privacy-based protocols, zero-knowledge proofs of knowledge are still lagging behind in expressiveness and efficiency. The first goal of this thesis is to improve the quality of lattice-based proofs of knowledge. We construct new zero-knowledge proofs of knowledge such as a subset membership proof with size independent of the subset. We also work towards making zero-knowledge proofs more practical, by introducing a new amortized proof of knowledge that subsumes all previous results. Our second objective will be to use the proofs of knowledge we designed to construct novel and efficient cryptographic primitives. We build a group signature whose size does not depend on the size of the group, as well as a practical and highly scalable lattice-based e-voting scheme.

Cryptographie

Réseaux euclidiens

Preuves de connaissance

Signatures de groupe

Vote électronique

Cryptography

Lattices

Zero knowledge

Group signatures

E-voting

005.8

Protocolo de Identificação baseado em Polinômios Multivariáveis Quadráticos / Multivariate Quadratic Polynomials Identification Protocol

Monteiro, Fabio de Salles

03 December 2012

Os sistemas criptográficos de chave pública amplamente utilizados hoje em dia tem sua segurança baseada na suposição da intratabilidade dos problemas de fatoração de inteiros e do logaritmo discreto, sendo que ambos foram demonstrados inseguros sob o advento dos computadores quânticos. Sistemas criptográficos baseados em Multivariáveis Quadráticas (MQ) utilizam como base o problema MQ, que consiste em resolver um sistema de equações polinomiais multivariáveis quadráticas sobre um corpo finito. O problema MQ foi provado como sendo NP-completo e até hoje não se conhece algoritmo, nem mesmo quântico, de tempo polinomial que possa resolver o problema, fazendo com que sistemas criptográficos baseados nesta primitiva mereçam ser investigados e desenvolvidos como reais candidatos a proverem nossa criptografia pós-quântica. Durante a CRYPTO\'2011 Sakumoto, Shirai e Hiwatari introduziram dois novos protocolos de identificação baseados em polinômios multivariáveis quadráticos, os quais chamamos de MQID-3 e MQID-5, e que em especial e pela primeira vez, tem sua segurança reduzida apenas ao problema MQ. Baseados nestas propostas iremos apresentar uma versão aprimorada do protocolo MQID-3 na qual teremos uma redução da comunicação necessária em aproximadamente 9%. / The public-key cryptography widely used nowadays have their security based on the assumption of the intractability of the problems of integer factorization and discrete logarithm, both of which were proven unsafe in the advent of quantum computers. Cryptographic systems based on Multivariate Quadratic polynomials (MQ) are based on the MQ problem, which consists in solve a system of multivariate quadratic polynomials over a finite field. The MQ problem has been proven NP-complete and so far no polynomial time algorithm is known, not even quantum, which would resolve this problem, making worthwhile to be investigated and developed as a real candidate to provide post-quantum cryptography. In CRYPTO\'2011 Sakumoto, Shirai and Hiwatari introduced two new identification protocols based on multivariate quadratic polynomials, which we call MQID-3 and MQID-5, in particular, for the first time, their security is based only on the MQ problem. Using these proposals, we will present an improved version of the protocol MQID-3 that reduces communication by approximately 9%.

Chave Pública Multivariável

Conhecimento-Zero

Criptografia Pós-Quântica

Identification Protocols

MQ Problem

Multivariate Public-Key

Post-Quantum Cryptography

Problema MQ

Protocolos de Identificação

Zero-Knowledge

Nymbler: Privacy-enhanced Protection from Abuses of Anonymity

Henry, Ryan

January 2010

Anonymous communications networks help to solve the real and important problem of enabling users to communicate privately over the Internet. However, by doing so, they also introduce an entirely new problem: How can service providers on the Internet---such as websites, IRC networks and mail servers---allow anonymous access while protecting themselves against abuse by misbehaving anonymous users? Recent research efforts have focused on using anonymous blacklisting systems (also known as anonymous revocation systems) to solve this problem. As opposed to revocable anonymity systems, which enable some trusted third party to deanonymize users, anonymous blacklisting systems provide a way for users to authenticate anonymously with a service provider, while enabling the service provider to revoke access from individual misbehaving anonymous users without revealing their identities. The literature contains several anonymous blacklisting systems, many of which are impractical for real-world deployment. In 2006, however, Tsang et al. proposed Nymble, which solves the anonymous blacklisting problem very efficiently using trusted third parties. Nymble has inspired a number of subsequent anonymous blacklisting systems. Some of these use fundamentally different approaches to accomplish what Nymble does without using third parties at all; so far, these proposals have all suffered from serious performance and scalability problems. Other systems build on the Nymble framework to reduce Nymble's trust assumptions while maintaining its highly efficient design. The primary contribution of this thesis is a new anonymous blacklisting system built on the Nymble framework---a nimbler version of Nymble---called Nymbler. We propose several enhancements to the Nymble framework that facilitate the construction of a scheme that minimizes trust in third parties. We then propose a new set of security and privacy properties that anonymous blacklisting systems should possess to protect: 1) users' privacy against malicious service providers and third parties (including other malicious users), and 2) service providers against abuse by malicious users. We also propose a set of performance requirements that anonymous blacklisting systems should meet to maximize their potential for real-world adoption, and formally define some optional features in the anonymous blacklisting systems literature. We then present Nymbler, which improves on existing Nymble-like systems by reducing the level of trust placed in third parties, while simultaneously providing stronger privacy guarantees and some new functionality. It avoids dependence on trusted hardware and unreasonable assumptions about non-collusion between trusted third parties. We have implemented all key components of Nymbler, and our measurements indicate that the system is highly practical. Our system solves several open problems in the anonymous blacklisting systems literature, and makes use of some new cryptographic constructions that are likely to be of independent theoretical interest.

Privacy

privacy enhancing technologies

PETs

anonymity

authentication

anonymous blacklisting

anonymous revocation

privacy-enhanced revocation

zero-knowledge proofs

anonymous credentials

restricted blind signatures

Computer Science

Nymbler: Privacy-enhanced Protection from Abuses of Anonymity

Henry, Ryan

January 2010

Anonymous communications networks help to solve the real and important problem of enabling users to communicate privately over the Internet. However, by doing so, they also introduce an entirely new problem: How can service providers on the Internet---such as websites, IRC networks and mail servers---allow anonymous access while protecting themselves against abuse by misbehaving anonymous users? Recent research efforts have focused on using anonymous blacklisting systems (also known as anonymous revocation systems) to solve this problem. As opposed to revocable anonymity systems, which enable some trusted third party to deanonymize users, anonymous blacklisting systems provide a way for users to authenticate anonymously with a service provider, while enabling the service provider to revoke access from individual misbehaving anonymous users without revealing their identities. The literature contains several anonymous blacklisting systems, many of which are impractical for real-world deployment. In 2006, however, Tsang et al. proposed Nymble, which solves the anonymous blacklisting problem very efficiently using trusted third parties. Nymble has inspired a number of subsequent anonymous blacklisting systems. Some of these use fundamentally different approaches to accomplish what Nymble does without using third parties at all; so far, these proposals have all suffered from serious performance and scalability problems. Other systems build on the Nymble framework to reduce Nymble's trust assumptions while maintaining its highly efficient design. The primary contribution of this thesis is a new anonymous blacklisting system built on the Nymble framework---a nimbler version of Nymble---called Nymbler. We propose several enhancements to the Nymble framework that facilitate the construction of a scheme that minimizes trust in third parties. We then propose a new set of security and privacy properties that anonymous blacklisting systems should possess to protect: 1) users' privacy against malicious service providers and third parties (including other malicious users), and 2) service providers against abuse by malicious users. We also propose a set of performance requirements that anonymous blacklisting systems should meet to maximize their potential for real-world adoption, and formally define some optional features in the anonymous blacklisting systems literature. We then present Nymbler, which improves on existing Nymble-like systems by reducing the level of trust placed in third parties, while simultaneously providing stronger privacy guarantees and some new functionality. It avoids dependence on trusted hardware and unreasonable assumptions about non-collusion between trusted third parties. We have implemented all key components of Nymbler, and our measurements indicate that the system is highly practical. Our system solves several open problems in the anonymous blacklisting systems literature, and makes use of some new cryptographic constructions that are likely to be of independent theoretical interest.

Privacy

privacy enhancing technologies

PETs

anonymity

authentication

anonymous blacklisting

anonymous revocation

privacy-enhanced revocation

zero-knowledge proofs

anonymous credentials

restricted blind signatures

Computer Science