Notion Of Security Research Articles

Efficient public-key authenticated deniable encryption schemes

The notion of deniable encryption (DE) was introduced to achieve secret communications in situations of coercion or bribery. Generally, it allows a user to open the same ciphertext into multiple different messages. After the initial constructions, numerous DE schemes have been proposed to improve efficiency. Whereas, all existing DE schemes under the fully deniable framework are still inefficient due to the huge communication and computation overhead. Furthermore, these DE schemes also do not provide the functionality of authentication of users (include senders and receivers), which is a necessary functionality for various application scenarios. For instance, in the setting of electronic voting, if the voting center cannot correctly verify the identities and eligibility of voters, double voting and voter impersonation cannot be prevented. This will affect the final result of the voting and destroy the fairness of the election. Moreover, due to the existence of trust problems, voters also need to confirm whether the voting center is a genuine and legal institution. In this paper, we first formalize the syntax and security notions of public-key authenticated deniable encryption, and then propose two concrete constructions under the fully deniable framework. We also prove that our DE constructions are provably secure in the random oracle model. When comparing with available DE schemes, the proposed DE ones not only provide the desired functionality of mutual authentication, but also enjoy high efficiency. Therefore, they are more suitable for practical applications.

A CCA-PKE Secure-Cryptosystem Resilient to Randomness Reset and Secret-Key Leakage

In recent years, several new notions of security have begun receiving consideration for public-key cryptosystems, beyond the standard of security against adaptive chosen ciphertext attack (CCA2). Among these are security against randomness reset attacks, in which the randomness used in encryption is forcibly set to some previous value, and against constant secret-key leakage attacks, wherein the constant factor of a secret key’s bits is leaked. In terms of formal security definitions, cast as attack games between a challenger and an adversary, a joint combination of these attacks means that the adversary has access to additional encryption queries under a randomness of his own choosing along with secret-key leakage queries. This implies that both the encryption and decryption processes of a cryptosystem are being tampered under this security notion. In this paper, we attempt to address this problem of a joint combination of randomness and secret-key leakage attacks through two cryptosystems that incorporate hash proof system and randomness extractor primitives. The first cryptosystem relies on the random oracle model and is secure against a class of adversaries, called non-reversing adversaries. We remove the random oracle oracle assumption and the non-reversing adversary requirement in our second cryptosystem, which is a standard model that relies on a proposed primitive called LM lossy functions. These functions allow up to M lossy branches in the collection to substantially lose information, allowing the cryptosystem to use this loss of information for several encryption and challenge queries. For each cryptosystem, we present detailed security proofs using the game-hopping procedure. In addition, we present a concrete instantation of LM lossy functions in the end of the paper—which relies on the DDH assumption.

Concretely efficient secure multi-party computation protocols: survey and more

Secure multi-party computation (MPC) allows a set of parties to jointly compute a function on their private inputs, and reveals nothing but the output of the function. In the last decade, MPC has rapidly moved from a purely theoretical study to an object of practical interest, with a growing interest in practical applications such as privacy-preserving machine learning (PPML). In this paper, we comprehensively survey existing work on concretely efficient MPC protocols with both semi-honest and malicious security, in both dishonest-majority and honest-majority settings. We focus on considering the notion of security with abort, meaning that corrupted parties could prevent honest parties from receiving output after they receive output. We present high-level ideas of the basic and key approaches for designing different styles of MPC protocols and the crucial building blocks of MPC. For MPC applications, we compare the known PPML protocols built on MPC, and describe the efficiency of private inference and training for the state-of-the-art PPML protocols. Furthermore, we summarize several challenges and open problems to break though the efficiency of MPC protocols as well as some interesting future work that is worth being addressed. This survey aims to provide the recent development and key approaches of MPC to researchers, who are interested in knowing, improving, and applying concretely efficient MPC protocols.

Trapdoor Privacy in Public Key Encryption With Keyword Search: A Review

The public key encryption with keyword search (PEKS) scheme allows searches to be performed over ciphertext by a server in a public-key setting. The PEKS scheme suffers from a major drawback which is keyword guessing attack. A keyword guessing attack (KGA) allows the attacker to successfully guess the correct keyword encrypted in a searchable ciphertext and trapdoor. To overcome this vulnerability, security notions, such as keyword privacy and trapdoor privacy were introduced. Keyword privacy prevents any information leaked from the keyword itself, and similarly trapdoor privacy prevents any information leaked from the trapdoor side. A PEKS scheme that is secure against KGA should satisfy trapdoor privacy. In this paper, we compare various types of PEKS schemes in terms of their underlying computational hardness, system model, search function, security properties of keyword privacy and trapdoor privacy, and security against offline KGA and online KGA. From the comparison analysis, we highlight that trapdoor privacy and keyword privacy are essential for a PEKS scheme to be secure against KGA. Lastly, we draw some potential research directions.

Geometric Range Search on Encrypted Data With Forward/Backward Security

This article presents two dynamic symmetric searchable encryption schemes for geometric range search. Our constructions are the first to provide forward/backward security in the context of SSE-based schemes supporting geometric range search. Besides, we define a security notion called content privacy. This security notion captures the leakages that are critical in the context of geometric range search but not considered by forward/backward security. Content privacy eliminates the leakage on the updated points of the database during both search and update. Due to the inherent leakages associated with range queries, none of the existing related works can support content privacy, whereas the design of our constructions avoids such leakages. When compared to the state-of-the-art schemes, our constructions provide a higher level of security and practical efficiency supported by our experimental results.

An Efficient Update Algorithm for Mutable Order-Preserving Encryption

Order-preserving encryption (OPE) produces ciphertexts that preserve the numerical order of plaintexts. Many researchers have focused on designing ideally-secure OPE schemes. This security notion, known as IND-OCPA, has been shown to be achievable by the mutability of ciphertexts and interaction between a database server and a client. This implies that the ciphertexts stored on the server can be updated. Unfortunately, existing update algorithms of mutable OPE schemes are designed to generate ciphertexts uniformly regardless of the distribution of the plaintexts. This leads to inefficiency that requires frequent ciphertext updates for a certain input data pattern (e.g., sequential data). In this paper, we propose a more efficient ciphertext update algorithm that is suitable for mutable OPE schemes. This algorithm makes it possible to reduce the number of updates by considering the input pattern of encrypted data without loss of security. Our experimental results show that, when applied to existing mutable OPE schemes, our update algorithm delivers significantly improved performance on a variety of datasets.

The Qualitative Review of Human Security in South Africa: A Four Levels Analysis

Post-1994 South Africa is founded on values of human dignity, equality and ensuring fundamental human rights for all which are enshrined in its democratic constitution. This comes as the advent of democracy in South Africa from the apartheid past coincided with the advancement of the United Nations Development Programme’s (UNDPs) reconfigured concept of security from a state-centric to a people-focused ideal. The new concept of human security integrates all rights, needs and security of men together with aspirations for sustainable and inclusive development. It advocates for the protection and empowerment of people against threats to their lives, something that the apartheid state failed to do as it was the main orchestrator of human insecurity in the country. Likewise, the article is a qualitative review of the role that human security has played in post-South Africa’s policymaking decisions using the level of analysis approach. The four levels feature the individual, local/provincial, domestic/state and global analysis. These levels of analysis help in shedding qualitative understanding of how a single dynamic in socio-political empowerment affects another. It concludes that despite the notion of human security being widely articulated as a conceptual basis for the country’s official documents, it lacks de facto operational power to shaping actual policy actions.

Environmental security as a source of non-state legitimacy: An analysis of corporate governance

Environmental security concepts are shaping the contours of global environmental governance. Although many scholars have analyzed the emergence of environmental security agendas within state agencies and intergovernmental organizations, greater understanding of how environmental security debates traverse transnational, non-state politics is needed to provide a fuller view of environmental security as a globally contested concept. Therefore, this paper examines how transnational corporations (TNCs) leverage and generate ideas about environmental security on a cross-border scale. Specifically, I explore the ways three TNCs —BP, Nutrien, and Veolia—turn to environmental security as a source of legitimacy in their broader global environmental governance agendas. I find that these TNCs rely on particular notions of environmental security to validate their roles in filling governance gaps, promoting democratic principles, and mitigating planetary crisis, particularly to appease a primarily Western, elite audience. Ultimately, I reveal how environmental security concepts inform non-state legitimacy claims and advocate for a political economic perspective for understanding the wider implications of environmental security as a power-laden concept.

Clash of Identities

The notion of security denotes freedom from threats. Ontological security implies emancipation from threats to core values that identify a person or a state. This article demonstrates the Pak-Afghan relationship as a case in point. It offers a relatively new perspective for understanding the continued contentious relationship between Afghanistan and Pakistan. It argues that the Pashtun state identity of Afghanistan mismatches with the Islamic identity of Pakistan. This causes cognitive anxiety over self-identity in both states, which confronts their respective ontological (in)security challenges. Consequently, both countries engage in dangerous routines of self-identity affirmation to manage their ontological (in)securities. The routines often have harmful consequences for the civilian population, especially in the Pashtun areas of Pakistan.

Cryptographically Privileged State Estimation With Gaussian Keystreams

State estimation via public channels requires additional planning with regards to state privacy and information leakage of involved parties. In some scenarios, it is desirable to allow partial leakage of state information, thus distinguishing between privileged and unprivileged estimators and their capabilities. Existing methods that make this distinction typically result in reduced estimation quality, require additional communication channels, or lack a formal cryptographic backing. We introduce a method to decrease estimation quality at an unprivileged estimator using a stream of pseudorandom Gaussian samples while leaving privileged estimation unaffected and requiring no additional transmission beyond an initial key exchange. First, a cryptographic definition of privileged estimation is given, capturing the difference between privileges, before a privileged estimation scheme meeting the security notion is presented. Achieving cryptographically privileged estimation without additional channel requirements allows quantifiable estimation to be made available to the public while keeping the best estimation private to trusted privileged parties and can find uses in a variety of service-providing and privacy-preserving scenarios.

Investigating the role of usable security in developers' intention toward security enhancement in service‐oriented applications

AbstractSecurity threats have increased in recent years. To motivate the developers to stick to the security policies, the notion of usable security is investigated. Enhancing the usability of security services leads to developing software products that are resilient against security threats. In this paper, we investigate the role of usable security in developers' intention toward fulfilling the security considerations through the development process. To study this, we conducted empirical research on 25 experts in the field of software development. We proposed a model for analyzing the research outcome using statistical inference based on an extension of the theory of planned behavior. In particular, we posit that attitude toward the development of usable services, subjective norms, and moral obligation are determinants of intention to develop usable security services. We developed 11 security services that are used in the development of service‐oriented software. We asked the experts to integrate the security services in the software and studied the integration process using a detailed questionnaire. The findings indicate a strong positive influence of all correlations, which describe developers' intentions to develop usable secure services to 52%. Our insights enhance the understanding of developers' intentions toward developing usable secure services and their fulfillment.

Securitization Theory or a Well Overlooked Old: On the Philosophical and Theoretical Premises and Origins of the Theory

More than 20 years have passed since B. Buzan, O. Wver and J. de Wilde published their Security: A New Framework for Analysis, which has become a classic in the discipline of security studies. Although Russian scholars increasingly attempt to use the securitization theorys conceptual apparatus in their research, the knowledge of the theory itself remains rather fragmentary. The overwhelming majority of existing papers refer to the so-called Copenhagen Schools (CS) intellectual heritage, while more comprehensive approaches and recent studies remain almost unknown among Russian scholars. The author attempts to fill this gap. This article is first in line of a series of studies, entirely devoted to the phenomenon of securitization: from the earliest milestones to the modern stage of development of the theory. The paper examines the theoretical and philosophical premises, as well as the ideas and assumptions of the securitization theory, first formulated by O. Wver in the late 1980s. The author refers to the original texts of the main figures of the CS: O. Wver and B. Buzan, conceptualizing the history of the concept of securitization and immersing the reader into the atmosphere of security studies field at the end of the 20th century. As a result, it becomes possible to determine the key elements of the early theory of securitization: security as a speech act, national security as a main focus of study, post-structural realism as a research agenda of O. Wver, and the idea of security as a negative meaning. The article concludes that despite the shortcomings of the early theory of securitization noted by many critics, it was based on a valuable and fruitful idea - an attempt to go beyond the notion of security as an absolute good or a metaphysical entity, which was typical of traditional and many alternative approaches to the definition of security.

Economic security in Southeast Asia: An introduction

The subject of economic security has always been bandied about in academic discourse since the emergence of an interconnected world economy. With ASEAN states getting increasingly enmeshed in free trade agreements, and common market like arrangements, it is imperative to explore what economic security means for national governments today. The shocks of the 2017-20 Donald Trump presidency of the USA and the COVID-19 pandemic impart timely momentum for inquiring after economic security. If the USA currently embodies the idea of zero-sum economic logics as the way forward into the twenty first century, it becomes even more urgent that Asians re-examine the degrees of openness needed to sustain growth and prosperity. Contributors to this Special Section will not only examine government-to-government trade interactions, the prospects of Islamic Finance and gender inequalities will also be analysed in terms of how they can make or break conventional notions of economic security.

Identity-based encryption with security against the KGC: A formal model and its instantiations

The key escrow problem is one of the main barriers to the widespread real-world use of identity-based encryption (IBE). Specifically, a key generation center (KGC), which generates secret keys for a given identity, has the power to decrypt all ciphertexts. At PKC 2009, Chow defined a notion of security against the KGC, that relies on assuming that it cannot discover the underlying identities behind ciphertexts. However, this is not a realistic assumption since, in practice, the KGC manages an identity list, and hence it can easily guess the identities corresponding to given ciphertexts. Chow later amended this issue by introducing a new entity called an identity-certifying authority (ICA) and proposed an anonymous key-issuing protocol. Essentially, this allows the users, KGC, and ICA to interactively generate secret keys without users ever having to reveal their identities to the KGC. Unfortunately, since Chow separately defined the security of IBE and that of the anonymous key-issuing protocol, his IBE definition did not provide any formal treatment when the ICA is used to authenticate the users. Effectively, all of the subsequent works following Chow lack the formal proofs needed to determine whether or not it delivers a secure solution to the key escrow problem.In this paper, based on Chow's work, we formally define an IBE scheme that resolves the key escrow problem and provide formal definitions of security against corrupted users, KGC, and ICA. Along the way, we observe that if we are allowed to assume a fully trusted ICA, as in Chow's work, then we can construct a trivial (and meaningless) IBE scheme that is secure against the KGC. Finally, we present two instantiations in our new security model: a lattice-based construction based on the Gentry–Peikert–Vaikuntanathan IBE scheme (STOC 2008) and Rückert's lattice-based blind signature scheme (ASIACRYPT 2010), and a pairing-based construction based on the Boneh–Franklin IBE scheme (CRYPTO 2001) and Boldyreva's blind signature scheme (PKC 2003).

Generic Hardware Private Circuits

With an increasing number of mobile devices and their high accessibility, protecting the implementation of cryptographic functions in the presence of physical adversaries has become more relevant than ever. Over the last decade, a lion’s share of research in this area has been dedicated to developing countermeasures at an algorithmic level. Here, masking has proven to be a promising approach due to the possibility of formally proving the implementation’s security solely based on its algorithmic description by elegantly modeling the circuit behavior. Theoretically verifying the security of masked circuits becomes more and more challenging with increasing circuit complexity. This motivated the introduction of security notions that enable masking of single gates while still guaranteeing the security when the masked gates are composed. Systematic approaches to generate these masked gates – commonly referred to as gadgets – were restricted to very simple gates like 2-input AND gates. Simply substituting such small gates by a secure gadget usually leads to a large overhead in terms of fresh randomness and additional latency (register stages) being introduced to the design.In this work, we address these problems by presenting a generic framework to construct trivially composable and secure hardware gadgets for arbitrary vectorial Boolean functions, enabling the transformation of much larger sub-circuits into gadgets. In particular, we present a design methodology to generate first-order secure masked gadgets which is well-suited for integration into existing Electronic Design Automation (EDA) tools for automated hardware masking as only the Boolean function expression is required. Furthermore, we practically verify our findings by conducting several case studies and show that our methodology outperforms various other masking schemes in terms of introduced latency or fresh randomness – especially for large circuits.

On Neoliberal Exceptionalism in Spain: A State Plan to Prevent Radicalization

This article offers a critical review of the Spanish Plan Estratégico Nacional de Lucha Contra la Radicalización Violenta (National Strategic Plan to Fight Violent Radicalization or “PEN-LCRV”), focusing on its most controversial discursive elements. While it is not possible to perform a complete empirical examination of its impact after five years, we can highlight some if its achievements, effects and shortcomings. Through a review of the key concepts and logic underlying the PEN-LCRV, this article considers how the notion of security can enable the design and implementation of public policies, as well as the current trends regarding the relationship between social protection and punitive control.

Bodies Coming Apart and Bodies Becoming Parts: Widening, Deepening, and Embodying Ontological (In)Security in the Context of the COVID-19 Pandemic

This article widens and deepens the notion of ontological security and therefore both the scope of ontological security studies (OSS) within the discipline of international relations (IR) and ontological security theory (OST) writ large by introducing and explaining the implications of (re/dis)embodiment—the continually contested social–political process through which bodies come to be or not be and upon which everybody existentially and ontologically depends. Understood as both a source of and a threat to individual and collective bodies’ ontological security, in this article I explain how taking the process of (re/dis)embodiment into account entails widening and deepening OSS to allow for the consideration and appreciation of how individual and collective bodies are continually, simultaneously, materially, and ideationally contested. As a primarily theoretical contribution, this is done through an interdisciplinary approach bringing Achille Mbembe's necropolitical theory into conversation with Sara Ahmed's theses on willfulness and use and is illustrated through discussions on the body politics of the COVID-19 pandemic. In short, I argue that, under conditions of contemporary global necropolitics, individuals’ ontological security as bodies becomes increasingly threatened according to raced, classed, and gendered local–global hierarchies which determine the reduction and use of individuals to the status of parts within collectives that are themselves embodied and increasingly unfit for the purpose of healthy living, especially in a time of pandemic.

Spiritual security: an explanatory framework for conflict-related sexual violence against men

Abstract While there is a growing interest in conflict-related sexual violence (CRSV) against men, conceptual understanding and empirical knowledge are still inadequate. The notion of spiritual security is introduced in this article as an explanatory variable in CRSV, using survivors' discursive views of sexual violence victimizations in Nigeria's north-eastern region. The CRSV of males, it is argued, may also be understood as a ritual or spiritual activity carried out for bodily protection, financial prosperity, or socio-political ascendency. The survivors' impressions of CRSV's spiritual undertones are not unrelated to the heteronormative and collectively homophobic culture in their society, in which violent same-sex relations are considered so perverse and meaningful only if they are conceived as ‘evil or devilish practices’. Spiritual beliefs and practices, on the other hand, determine much of the social reality of many people in various parts of the world, and they are regarded as potent on security issues ranging from physical protection to wealth creation and socio-political advancement. This study adds to the continuing discussion on the reasons behind CRSV against men.

Functional signatures: new definition and constructions

Functional signatures (FS) enable a master authority to delegate its signing privilege to an assistant. Concretely, the master authority uses its secret key skF to issue a signing key skf for a designated function \(f \in {{\cal F}_{{\rm{FS}}}}\) and sends both f and skf to the assistant \({\cal E}\), which is then able to compute a signature σf with respect to pkF for a message y in the range of f. In this paper, we modify the syntax of FS slightly to support the application scenario where a certificate of authorization is necessary. Compared with the original FS, our definition requires that \({{\cal F}_{{\rm{FS}}}}\) is an injective function family and for any f0, \({f_1} \in {{\cal F}_{{\rm{FS}}}}\) there does not exist an intersection between range(f0) and range(f1). Accordingly, we redefine the security of FS and introduce two additional security notions, called unlinkability and accountability. Signatures σf in our definition do not expose the intention of the master authority. We propose two constructions of FS. The first one is a generic construction based on signatures with perfectly re-randomizable keys, non-interactive zero-knowledge proof (NIZK) and traditional digital signatures, and the other is based on RSA (Rivest-Shamir-Adleman) signatures with full domain hash and NIZK. We prove that both schemes are secure under the given security models.

Selective-Opening Security for Public-Key Encryption in the Presence of Parameter Subversion

In public-key encryption (PKE), ciphertexts received by a receiver may be possibly correlated and the security of a PKE relies on honestly generated system parameters. Security against selective opening attacks (SOA) for PKE guarantees that even when an attacker has broken into a subset of honestly generated ciphertexts and opened them (i.e., seeing plaintexts and random bits), the unopened ciphertexts remain secure. While security against parameter subversion attacks (PSA) for PKE requires that even when the public system parameters are maliciously generated, a PKE scheme should be secure. In this paper, we initiate the study of PKE secure against both SOA and PSA. To capture SOA and PSA simultaneously, we formulate a new security notion called indistinguishability under selective opening attacks and parameter subversion attacks (IND-SO-PSA). Further, we define the lossy trapdoor function and all-but-many lossy trapdoor function in the presence of PSA (LTF-PSA and ABM-LTF-PSA correspondingly) and propose an instantiation with the efficiently-embeddable group (EG). Applying these new primitives, we construct a PKE scheme that is proven to be IND-SO-PSA secure.