Honest Users Research Articles

Bell Nonlocality Is Not Sufficient for the Security of Standard Device-Independent Quantum Key Distribution Protocols.

Device-independent quantum key distribution is a secure quantum cryptographic paradigm that allows two honest users to establish a secret key, while putting minimal trust in their devices. Most of the existing protocols have the following structure: first, a bipartite nonlocal quantum state is distributed between the honest users, who perform local projective measurements to establish nonlocal correlations. Then, they announce the implemented measurements and extract a secure key by postprocessing their measurement outcomes. We show that no protocol of this form allows for establishing a secret key when implemented on any correlation obtained by measuring local projective measurements on certain entangled nonlocal states, namely, on a range of entangled two-qubit Werner states. To prove this result, we introduce a technique for upper bounding the asymptotic key rate of device-independent quantum key distribution protocols, based on a simple eavesdropping attack. Our results imply that either different reconciliation techniques are needed for device-independent quantum key distribution in the large-noise regime, or Bell nonlocality is not sufficient for this task.

Flaw and amendment of a two-party authenticated key agreement protocol for post-quantum environments

Recent advances in quantum computers challenge the security of key agreement protocol that are designed with the intractability assumptions of discrete logarithmic problem and integer factorization problem. Hence, motivated to develop the key agreement protocol that is secure in post-quantum era, recently Islam proposed a provably secure two-party authenticated key agreement (2PAKA) protocol. The protocol is based on the intractability assumption of the famous Ring Learning With Error (RLWE) problem. In this work, we show that Islam’s two-party key agreement is vulnerable to the modified version of the signal leakage attack (SLA) which is termed as improved-signal leakage attack (i-SLA) in this article. Using i-SLA, the attacker can successfully recover the long term private key of the honest user by instantiating utmost q number of key exchange sessions with the honest user using q number of malformed public keys. To overcome the attack, we provide a countermeasure without changing the original design of the protocol.

Fine-Grained Cryptography Revisited

Fine-grained cryptographic primitives are secure against adversaries with bounded resources and can be computed by honest users with less resources than the adversaries. In this paper, we revisit the results by Degwekar, Vaikuntanathan, and Vasudevan in Crypto 2016 on fine-grained cryptography and show the constructions of three key fundamental fine-grained cryptographic primitives: one-way permutations, hash proof systems (which in turn implies a public-key encryption scheme against chosen chiphertext attacks), and trapdoor one-way functions. All of our constructions are computable in \(\mathsf {NC^1}\) and secure against (non-uniform) \(\mathsf {NC^1}\) circuits under the widely believed worst-case assumption \(\mathsf {NC^1}\subsetneq \mathsf{\oplus L/poly}\).

A mutual information based federated learning framework for edge computing networks

With the application of artificial intelligence in all field of life, people pay more attention to user privacy and data security. Under the condition of protecting user privacy, the federated learning model has become a popular research technology to solve the data islands problems. The edge computing network can be applied to smart city, Internet of vehicles and so on. Federated learning is a framework in which multiple hosts jointly learn a machine learning model. Each work device maintains the local model of its local training dataset, while the master device maintains the global model by aggregating the local models from the work devices. However, it cannot ensure that every local work device is an honest user because of a phenomenon that the hosts has been operated by attacker interferes in the process of local model training. In this paper, we assume that malicious nodes upload unreal learning parameters in the federated learning framework, which the global model will have high error rate. We propose a federated learning parameter aggregating algorithm based on mutual information. We introduced the relevance of model training learning rate to determine the consistency of the training direction of the local and central models at coarse granularity. We aggregated the parameters of the models at fine granularity based on the correlation of the gradients based on the mutual information. The mutual information method is used to calculate the similarity of the gradient trend between the local training model and overall model. We set the trust weight of each work device to reduce the negative impact of malicious nodes. The evaluation results show that the classification accuracy of the MIFL model is improved as compared with the average federated learning without malicious node. Especially, in the case of existing malicious nodes, the proposed algorithm can defend against malicious node attacks and sustain the robustness of Federated learning.

Truthful Multi-Resource Transaction Mechanism for P2P Task Offloading Based on Edge Computing

Peer-to-Peer (P2P) resource sharing promotes local resource-hungry task offloading to other mobile devices and balances the resource consumption between mobile devices. Most of existing P2P task offloading systems aims to solve the resource sharing between one pair exclusively without considering the cost of resource supply and the strategic behaviors of mobile users. In this paper, we propose two user models for the P2P task offloading system: honest user model and strategy user model. For the honest user model, we formulate the resource allocation maximization problem with latency and energy consumption constraints as an Integer Linear Programming. We show that the solution for honest user model can output 189% resource transactions of that for the strategic users. For the strategy user model, we propose a double auction-based P2P task offloading system, and design a truthful multi-resource transaction mechanism to maximize the number of resource transactions. We first group the mobile users based on the connected components to improve the efficiency of double auction. Then we utilize the McAfee Double Auction to price the resource transactions. Finally, we split each winning mobile user of double auction into multiple virtual mobile users, and use the matching approach to calculate the resource allocation. Through both rigorous theoretical analysis and extensive simulations, we demonstrate that the designed multi-resource transaction mechanism satisfies the desirable properties of computational efficiency, individual rationality, budget balance, truthfulness for resource request/supply, and general truthfulness for bid/ask price.

TruthTrust: Truth Inference-Based Trust Management Mechanism on a Crowdsourcing Platform.

On a crowdsourcing platform, in order to cheat for rewards or sabotage the crowdsourcing processes, spam workers may submit numerous erroneous answers to the tasks published by requesters. This type of behavior extremely reduces the completion rate of tasks and the enthusiasm of honest users, which may lead a crowdsourcing platform to a failure. Defending against malicious attacks is an important issue in crowdsourcing, which has been extensively addressed by existing methods, e.g., verification-based defense mechanisms, data analysis solutions, trust-based defense models, and workers’ properties matching mechanisms. However, verification-based defense mechanisms will consume a lot of resources, and data analysis solutions cannot motivate workers to provide high-quality services. Trust-based defense models and workers’ properties matching mechanisms cannot guarantee the authenticity of information when collusion requesters publish shadow tasks to help malicious workers get more participation opportunities. To defend such collusion attacks in crowdsourcing platforms, we propose a new defense model named TruthTrust. Firstly, we define a complete life cycle system that from users’ interaction to workers’ recommendation, and separately define the trust value of each worker and the credence of each requester. Secondly, in order to ensure the authenticity of the information, we establish a trust model based on the CRH framework. The calculated truth value and weight are used to define the global properties of workers and requesters. Moreover, we propose a reverse mechanism to improve the resistance under attacks. Finally, extensive experiments demonstrate that TruthTrust significantly outperforms the state-of-the-art approaches in terms of effective task completion rate.

Manipulation Attacks in Local Differential Privacy

Local differential privacy is a widely studied restriction on distributed algorithms that collect aggregates about sensitive user data, and is now deployed in several large systems. We initiate a systematic study of a fundamental limitation of locally differentially private protocols: they are highly vulnerable to adversarial manipulation. While any algorithm can be manipulated by adversaries who lie about their inputs, we show that any noninteractive locally differentially private protocol can be manipulated to a much greater extent---when the privacy level is high, or the domain size is large, a small fraction of users in the protocol can completely obscure the distribution of the honest users' input. We also construct protocols that are optimally robust to manipulation for a variety of common tasks in local differential privacy. Finally, we give simple experiments validating our theoretical results, and demonstrating that protocols that are optimal without manipulation can have dramatically different levels of robustness to manipulation. Our results suggest caution when deploying local differential privacy and reinforce the importance of efficient cryptographic techniques for the distributed emulation of centrally differentially private mechanisms.

Directed adversarial sampling attacks on phishing detection

Phishing websites trick honest users into believing that they interact with a legitimate website and capture sensitive information, such as user names, passwords, credit card numbers, and other personal information. Machine learning is a promising technique to distinguish between phishing and legitimate websites. However, machine learning approaches are susceptible to adversarial learning attacks where a phishing sample can bypass classifiers. Our experiments on publicly available datasets reveal that the phishing detection mechanisms are vulnerable to adversarial learning attacks. We investigate the robustness of machine learning-based phishing detection in the face of adversarial learning attacks. We propose a practical approach to simulate such attacks by generating adversarial samples through direct feature manipulation. To enhance the sample’s success probability, we describe a clustering approach that guides an attacker to select the best possible phishing samples that can bypass the classifier by appearing as legitimate samples. We define the notion of vulnerability level for each dataset that measures the number of features that can be manipulated and the cost for such manipulation. Further, we clustered phishing samples and showed that some clusters of samples are more likely to exhibit higher vulnerability levels than others. This helps an adversary identify the best candidates of phishing samples to generate adversarial samples at a lower cost. Our finding can be used to refine the dataset and develop better learning models to compensate for the weak samples in the training dataset.

Interpolation search-based malicious user detection in smart grids

Nowadays energy theft in smart grids has led to severe economic loss to utility companies and countries across the world. Malicious users who illegally steal electricity from the distribution centre without getting noticed lead to unplanned power loss and blackouts in many developing countries. In order to prevent and find the malicious users who steal electricity, a system must be introduced in such a way that the malicious users will be identified easily in a large neighbourhood area network. In this work, to detect energy theft, a decision-making system using the Hadoop multi-cluster model with interpolation search algorithm has been proposed to calculate the actual energy consumed by every user and classify the user as the honest user or malicious user. The proposed interpolation-based approach is lightweight in its operation, which reduces the time complexity for predicting the malicious users in the NAN. The simulation results indicate that the proposed algorithm performs better than the existing approaches in terms of number of inspection steps, execution speed, detection accuracy and false-negative rate.

Fuzzy-based reliable and secure cooperative spectrum sensing for the smart grid

Cognitive radio is a promising technology to solve the spectrum scarcity problem caused by inefficient utilization of radio spectrum bands. It allows secondary users to opportunistically access the underutilized spectrum bands assigned to licensed primary users. The local individual spectrum detection is inefficient, and cooperative spectrum sensing is employed to enhance spectrum detection accuracy. However, cooperative spectrum sensing opens up opportunities for new types of security attacks related to the cognitive cycle. One of these attacks is the spectrum sensing data falsification attack, where malicious secondary users send falsified sensing reports about spectrum availability to mislead the fusion center. This internal attack cannot be prevented using traditional cryptography mechanisms. To the best of our knowledge, none of the previous work has considered both unreliable communication environments and the spectrum sensing data falsification attack for cognitive radio based smart grid applications. This paper proposes a fuzzy inference system based on four conflicting descriptors. An attack model is formulated to determine the probability of detection for both honest and malicious secondary users. It considers four independent malicious secondary users’ attacking strategies of always yes, always no, random, and opposite attacks. The performance of the proposed fuzzy fusion system is simulated and compared with the conventional fusion rules of AND, OR, Majority, and the reliable fuzzy fusion that does not consider the secondary user’s sensing reputation. The results indicate that incorporating sensing reputation in the fusion center has enhanced the accuracy of spectrum detection and have prevented malicious secondary users from participating in the spectrum detection fusion

Compact E-Cash with Efficient Coin-Tracing

Compact E-cash achieves an efficient system by withdrawing ${\text{2}}^{n}$ 2 n coins within $O{\text{(1)}}$ O (1) operations and storing the coins in $O(n)$ O ( n ) bits. For preventing a double-spender from cheating again, it is necessary to trace his e-coins. So full-tracing in compact E-cash system means tracing double-spender and tracing his coins. However, the efficiency problem caused by coin-tracing without TTP (trusted third party) has not been solved. For solving this problem, we introduce a non-standard construction into zero-knowledge proof of payment protocol, which leaks coin information when double-spending but is proven to be perfect zero-knowledge to verifier when spending a coin only once. Therefore, it achieves tracing dishonest users’ coins and preserving the anonymity of honest users. Comparing with the existing most efficient method of coin-tracing without TTP, we improve computational complexity from $O(k)$ O ( k ) to $O{\text{(1)}}$ O (1) with less storage space. In addition, to improve efficiency and practicality further, batch-spending (spending any number of coins in one operation) and compact-spending (spending all coins in one operation) had been proposed. Based on the non-standard zero-knowledge proof, our scheme provides more efficient batch/compact–spending. Moreover, we also make a comparison with Bitcoin and Bitcoin Lightning Network, which have attracted considerable attention.

SAFE: A General Secure and Fair Auction Framework for Wireless Markets With Privacy Preservation

With the prosperity of wireless and mobile communications, the allocation of wireless resources, e.g., spectrum channels, femtocell access permissions, and resource blocks of D2D connections, has become a matter of great concern, which leads to the emergence and popularity of electronic auction. However, the lack of privacy protection and fairness guarantee in the existing market has posed great obstacles to user participation in electronic auctions. Without privacy protection, users will be worried about the unauthorized exposure of their commercial secrets, which may hurt their payoffs in the long run. Without fairness guarantee, selfish/malicious users may prematurely abort the auction to avoid unsatisfactory payment, thus causing loss to honest users and wasting system resources. Furthermore, the lack of fairness guarantee will incur an exchange dilemma, where mutually distrusting parties may refuse to initiate the goods/money exchange, hindering the market-clearing of auctions. Although extensive efforts have been made to develop privacy-preserving auction mechanisms for wireless markets, the fairness issue, to the best of our knowledge, has never been taken into account in the context of auctions. Moreover, a truly practical framework that can be applied to most mainstream auction formats is also missing in the literature. In this article, we present the first general framework, named SAFE, for representative auctions in (but not limited to) wireless markets. SAFE achieves a wide range of security goals with much higher efficiency than existing solutions. Furthermore, SAFE ensures auction fairness in a trust-free manner by developing a full set of carefully-designed modular protocols that can be easily adapted to any auction format. We implement the SAFE framework over a simulated Ethereum network. Extensive experimental results confirm that SAFE can indeed achieve high economic efficiency in terms of social welfare and participation satisfaction at very low computation and communication overheads.

Electricity theft detection based on stacked sparse denoising autoencoder

Inspired by the powerful feature extraction and the data reconstruction ability of autoencoder, a stacked sparse denoising autoencoder is developed for electricity theft detection in this paper. The technical route is to employ the electricity data from honest users as the training samples, and the autoencoder can learn the effective features from the data and then reconstruct the inputs as much as possible. For the anomalous behavior, since it contributes little to the autoencoder, the detector returns to a comparatively higher reconstruction error; hence the theft users can be recognized by setting an appropriate error threshold. To improve the feature extraction ability and the robustness, the sparsity and noise are introduced into the autoencoder, and the particle swarm optimization algorithm is applied to optimize these hyper-parameters. Moreover, the receiver operating characteristic curve is put forward to estimate the optimal error threshold. Finally, the proposed approach is evaluated and verified using the electricity dataset in Fujian, China.

Device-independent quantum key distribution with single-photon sources

Device-independent quantum key distribution protocols allow two honest users to establish a secret key with minimal levels of trust on the provider, as security is proven without any assumption on the inner working of the devices used for the distribution. Unfortunately, the implementation of these protocols is challenging, as it requires the observation of a large Bell-inequality violation between the two distant users. Here, we introduce novel photonic protocols for device-independent quantum key distribution exploiting single-photon sources and heralding-type architectures. The heralding process is designed so that transmission losses become irrelevant for security. We then show how the use of single-photon sources for entanglement distribution in these architectures, instead of standard entangled-pair generation schemes, provides significant improvements on the attainable key rates and distances over previous proposals. Given the current progress in single-photon sources, our work opens up a promising avenue for device-independent quantum key distribution implementations.

A topology and risk-aware access control framework for cyber-physical space

Cyber-physical space is a spatial environment that integrates the cyber world and the physical world, aiming to provide an intelligent environment for users to conduct their day-to-day activities. The interplay between the cyber space and physical space proposes specific security requirements that are not captured by traditional access control frameworks. On one hand, the security of the physical space and the cyber space should be both concerned in the cyber-physical space. On the other hand, the bad results caused by failure in providing secure policy enforcement may directly affect the controlled physical world. In this paper, we propose an effective access control framework for the cyber-physical space. Firstly, a topology-aware access control (TAAC) model is proposed. It can express the cyber access control, the physical access control, and the interaction access control simultaneously. Secondly, a risk assessment approach is proposed for the policy enforcement phase. It is used to evaluate the user behavior and ensures that the suspicious behaviors executed by authorized users can be handled correctly. Thirdly, we propose a role activation algorithm to ensure that the objects are accessed only by legal and honest users. Finally, we evaluate our approach by using an illustrative example and the performance analysis. The results demonstrate the feasibility of our approach.

Incentive Scheme for Cyber Physical Social Systems Based on User Behaviors

Cyber-physical social system (CPSS) has emerged as a new paradigm to help social users share and exchange data by the close association with the cyberspace and physical world. To further improve the performance of CPSS, the incentive computing scheme to provide efficient crowd sourcing in the CPPS becomes a challenge. Therefore, in this paper we propose a novel incentive scheme for CPSS based on the reputation of social users. First, we present a framework to provide crowd sourcing service in CPSS by dividing social users into three types, which are malicious users, speculative users and honest users, respectively. Second, based on the reputation of social users, an incentive scheme is proposed to encourage users to contribute sourcing data. Next, an auction game model is developed to help CPSS select the optimal social user to obtain the needed data. Finally, simulation results show that the proposal can obtain a lower cost and higher data accuracy than other conventional methods.

A practical solution to clone problem in anonymous information system

Cloning user's identity is always a thorny problem for an information system, especially for an anonymous system. With the development of big data applications, clone behaviors sometimes even become attacks on these systems. But until now, there has been no very satisfactory anti-clone scheme in the anonymous system. After analyzing the problems in existing anti-clone schemes, without any assumptions about physical security, we provide a practical solution to the clone problem in anonymous authentication system. In our scheme, the authentication is not only related to user's private key, but also related to user's current state, which is constantly updated by the system. Therefore, the authentication trajectories of user and clone will inevitably overlap, and it results in information leakage so as to indentify clone behaviors and revoke clone user's credential. Meanwhile, we prove that honest users are truly anonymous and their login behaviors are unlinkable with complete security proofs. According to the analysis of the system function and the system efficiency, our scheme is much more efficient and has the best anti-clone properties comparing with the existing schemes.

Zero-Knowledge Proofs Do Not Solve the Privacy-Trust Problem of Attribute-Based Credentials: What if Alice Is Evil?

Zero-knowledge schemes have recently become a popular attempt to offer users privacy in an attribute-based credential system. In this article, we do not contest the mathematics of these schemes; we assume it is logically sound. Instead, we draw attention to the trade-off that is made when employing cryptography instead of trusted parties to protect user privacy. We assert that, for these approaches to create the trust required by credential verifiers, they must introduce mechanisms that limit their utility and create significant privacy risk to the user that cuts against data minimization goals. Greater trust must be placed in the shelf life of cryptography to prevent the user from being unwantonly correlated than alternative approaches. Just as we would discourage storing encrypted private data on public blockchains, we discourage this approach here. Lastly, this article introduces the concept of a trusted witness which provides privacy for honest users and solves the privacy- trust problem without the disadvantages of the zero-knowledge approach.

Seamless Personnel Authentication using Facial Recognition and Identity-Based Identification on Mobile Devices

Security systems for buildings are no longer an uncommon thing in daily life with increasingly complex access control systems to achieve secured building security system. Achieving a hassle-free yet secure access control systems has been always a challenge for organizations especially for those managing large buildings. In this project, we develop a prototype that utilizes a combination of biometric and cryptography based security schemes to grant access control on personnel going in and out of a building. Our development achieves two-factor authentication in one single step which provides users a seamless experience for authentication. The identity-based identification (IBI) scheme that is based on number-theoretic cryptography is implemented on mobile devices to allow the identification scheme to run in the background. A face recognition system and web server is also developed which can be deployed on any PC at the market. The novelty lies in the combination of the two, with the face recognition making potential intruders difficult to forge biometric data of honest users, and the identity-based scheme preventing the adversary to learn any secrets from the authentication process, while allowing honest users to verify themselves from face to smartphone without any user intervention, thus creating a seamless authentication experience.

On MMD-Based Secure Fusion Strategy for Robust Cooperative Spectrum Sensing

Collaborative spectrum sensing (CSS) in cognitive radio-based networks (CRNs) is vulnerable to spectrum sensing data falsification (SSDF) attack. Existing defense mechanisms are commonly subject to major limitations with unrealistic assumptions which can be easily violated in future wireless networks. Such assumptions include the number of honest users is in majority, the attackers’ flip rates are identical and fixed, the adoption of hard decision approach in the fusion strategy and only TV sets are considered as the primary users to be protected. Essentially, all existing representative schemes utilize certain low-dimensional human-observed metric to distinguish malicious users and honest users based on domain knowledge. Therefore, these defense mechanisms cannot perform properly under certain condition, such as sensing reports with different distributions but have equal mean and variance. In this paper, we propose a secure fusion strategy which adopts “soft decision” method and can distinguish malicious users and honest users under any distribution of sensing reports using maximum mean discrepancy (MMD). Our proposed CSS scheme is suitable for general CRN application scenarios. The simulation results reflect the effects of different kernel functions and window size on the system performance, and show our proposed defense mechanism outperforms the existing works.