Cryptology and Network Security

Existing work on secure data collection and secure aggregation is mainly focused on confidentiality issues. That is, ensuring that the untrusted Aggregator learns only the aggregation result without divulging individual data inputs. In this paper however we consider a malicious Aggregator which is not only interested in compromising users’ privacy but also is interested in providing bogus aggregate values. More concretely, we extend existing security models with the requirement of aggregate unforgeability. Moreover, we instantiate an efficient protocol for private and unforgeable data aggregation that allows the Aggregator to compute the sum of users’ inputs without learning individual values and constructs a proof of correct computation that can be verified by any third party. The proposed protocol is provably secure and its communication and computation overhead is minimal.

[1]  Antonio F. Gómez-Skarmeta,et al.  Distributed Capability-based Access Control for the Internet of Things , 2013, J. Internet Serv. Inf. Secur..

[2]  Cong Wang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[3]  Dieter Hayn,et al.  The Internet of Things for Ambient Assisted Living , 2010, 2010 Seventh International Conference on Information Technology: New Generations.

[4]  Antonio F. Gómez-Skarmeta,et al.  Telematic platform for integral management of agricultural/perishable goods in terrestrial logistics , 2012 .

[5]  Tatsuaki Okamoto,et al.  Adaptively Attribute-Hiding (Hierarchical) Inner Product Encryption , 2012, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[6]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[7]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[8]  Jenna Burrell,et al.  Vineyard computing: sensor networks in agricultural production , 2004, IEEE Pervasive Computing.

[9]  Markus Jakobsson,et al.  Threshold Password-Authenticated Key Exchange , 2002, Journal of Cryptology.

[10]  Dominique Guinard,et al.  Embedding internet technology for home automation , 2010, 2010 IEEE 15th Conference on Emerging Technologies & Factory Automation (ETFA 2010).

[11]  Tatsuaki Okamoto,et al.  Hierarchical Predicate Encryption for Inner-Products , 2009, ASIACRYPT.

[12]  Antonio F. Gómez-Skarmeta,et al.  An internet of things–based personal device for diabetes therapy management in ambient assisted living (AAL) , 2011, Personal and Ubiquitous Computing.

[13]  Tatsuaki Okamoto,et al.  Fully Secure Unbounded Inner-Product and Attribute-Based Encryption , 2012, ASIACRYPT.

[14]  Rafail Ostrovsky,et al.  Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords , 2001, EUROCRYPT.

[15]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[16]  Rodrigo Roman,et al.  On the features and challenges of security and privacy in distributed internet of things , 2013, Comput. Networks.

[17]  Koji Chida,et al.  Actively Private and Correct MPC Scheme in t , 2014, IACR Cryptol. ePrint Arch..

[18]  Tatsuaki Okamoto,et al.  Homomorphic Encryption and Signatures from Vector Decomposition , 2008, Pairing.

[19]  Dan Bogdanov,et al.  A new way to protect privacy in large-scale genome-wide association studies , 2013, Bioinform..

[20]  Guoping Zhang,et al.  The Research of Access Control Based on UCON in the Internet of Things , 2011, J. Softw..

[21]  Carsten Bormann,et al.  Terminology for Constrained-Node Networks , 2014, RFC.

[22]  Pieter H. Hartel,et al.  Searching Keywords with Wildcards on Encrypted Data , 2010, SCN.

[23]  Sarvar Patel,et al.  Number theoretic attacks on secure password schemes , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[24]  V. C. Gungor,et al.  Smart Grid and Smart Homes: Key Players and Pilot Projects , 2012, IEEE Industrial Electronics Magazine.

[25]  Elaine Shi,et al.  Delegating Capabilities in Predicate Encryption Systems , 2008, ICALP.

[26]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[27]  Ramjee Prasad,et al.  Capability-based access control delegation model on the federated IoT network , 2012, The 15th International Symposium on Wireless Personal Multimedia Communications.

[28]  Ludwig Seitz,et al.  Authorization framework for the Internet-of-Things , 2013, 2013 IEEE 14th International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM).

[29]  Melissa Chase,et al.  Substring-Searchable Symmetric Encryption , 2015, Proc. Priv. Enhancing Technol..

[30]  William C. Mann,et al.  The Gator Tech Smart House: a programmable pervasive space , 2005, Computer.

[31]  Peter Friess,et al.  Internet of Things Strategic Research Roadmap , 2011 .

[32]  Mukhtiar Memon,et al.  Ambient Assisted Living Healthcare Frameworks, Platforms, Standards, and Quality Attributes , 2014, Sensors.

[33]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[34]  Franziskus Kiefer,et al.  Distributed Smooth Projective Hashing and Its Application to Two-Server Password Authenticated Key Exchange , 2014, ACNS.

[35]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[36]  M. Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2008, Journal of Cryptology.

[37]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[38]  Qiang Tang,et al.  Public-Key Encryption with Registered Keyword Search , 2009, EuroPKI.

[39]  David P. Jablon Strong password-only authenticated key exchange , 1996, CCRV.

[40]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[41]  Rosario Gennaro,et al.  Provably secure threshold password-authenticated key exchange , 2006, J. Comput. Syst. Sci..

[42]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[43]  Antonio F. Gómez-Skarmeta,et al.  Smart Lighting Solutions for Smart Cities , 2013, 2013 27th International Conference on Advanced Information Networking and Applications Workshops.

[44]  Luca Mainetti,et al.  Evolution of wireless sensor networks towards the Internet of Things: A survey , 2011, SoftCOM 2011, 19th International Conference on Software, Telecommunications and Computer Networks.

[45]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[46]  Tatsuaki Okamoto,et al.  Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption , 2010, IACR Cryptol. ePrint Arch..

[47]  Artemis Moroni,et al.  Vision and Challenges for Realising the Internet of Things , 2010 .

[48]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[49]  Jonathan Katz,et al.  Two-server password-only authenticated key exchange , 2005, J. Comput. Syst. Sci..

[50]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[51]  Domenico Rotondi,et al.  A capability-based security approach to manage access control in the Internet of Things , 2013, Math. Comput. Model..

[52]  Yvo Desmedt,et al.  A New Paradigm of Hybrid Encryption Scheme , 2004, CRYPTO.

[53]  Jonathan Katz,et al.  Round-Optimal Password-Based Authenticated Key Exchange , 2011, Journal of Cryptology.

[54]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[55]  Brent Waters,et al.  Secure attribute-based systems , 2006, CCS '06.

[56]  Dan Boneh,et al.  Generalized Identity Based and Broadcast Encryption Schemes , 2008, ASIACRYPT.

[57]  Vasile Radu Stochastic Modeling of Thermal Fatigue Crack Growth , 2014 .