Your search keyword '"Henrich C. Pöhls"' showing total 31 results

1. Fully invisible protean signatures schemes

Author

Kai Samelin, Henrich C. Pöhls, Daniel Slamanig, and Stephan Krenn

Subjects

Scheme (programming language), Information privacy, Invisibility, Third party, Computer Networks and Communications, Computer science, RSS, Aggregate (data warehouse), 020206 networking & telecommunications, 0102 computer and information sciences, 02 engineering and technology, computer.file_format, Computer security, computer.software_genre, 01 natural sciences, Digital signature, 010201 computation theory & mathematics, 0202 electrical engineering, electronic engineering, information engineering, computer, Software, Information Systems, computer.programming_language

Abstract

Protean signatures (PSs), recently introduced by Krenn et al. (CANS ‘18), allow a semi-trusted third party (the sanitiser), to modify a signed message in a controlled way: the signer can define the message parts to be arbitrarily editable by the sanitiser, as well as message parts which can be redacted (but not altered otherwise) by the sanitiser. Thus, PSs generalise both redactable signatures (RSs) and sanitisable signatures (SSs) into a single notion. Invisibility for PSs guarantees that no outsider (i.e. any party not being signer or sanitiser) can decide which message parts can be edited. However, the current definition of invisibility does not prohibit that an outsider can decide which parts are redactable – only which parts can be edited are hidden. This negatively impacts the privacy guarantees provided by this definition. The authors extend PSs to be fully invisible. Their notion guarantees that an outsider can identify neither editable nor redactable parts. They, therefore, introduce the new notions of invisible RSs and invisible non-accountable SSs ( S S ′ ), along with a consolidated framework for aggregate signatures. Using those building blocks, their resulting construction is significantly more efficient than the original scheme by Krenn et al., which they demonstrate in a prototypical implementation.

Published

2020

2. Dynamic Consent: Physical Switches and Feedback to Adjust Consent to IoT Data Collection

Author

Noëlle Rakotondravony and Henrich C. Pöhls

Subjects

iot, Data collection, Computer science, business.industry, Internet privacy, Legal consent, 020207 software engineering, security, 02 engineering and technology, privacy, Order (business), 020204 information systems, Smart city, 11. Sustainability, 0202 electrical engineering, electronic engineering, information engineering, Natural (music), internet-of-things, consent, Smart environment, Decision-making, business

Abstract

From smart homes to highly energy-optimized office building and smart city, the adoption of living in smart spaces requires that the inhabitants feel comfortable with the level of data being collected about them in order to provide smartness. However, you usually provide this consent on—or best before—your very first interaction. Thus, firstly your consent might vary over the time of usage. Secondly, it is not always obvious if data is currently collected or not. This paper addresses two missing elements in the interaction with a smart environment: First, the general concept of dynamicity of consent to data collection. Second, provision of a physical interaction to gather and change consent and a physical feedback on the current data collection status. By the feedback being physical we mean being visual, haptic or accoustic, in order to allow natural perception by the users in the physical space. For both components we provide examples which show how one could make both the current status as well as the consent physical and discuss the user perception. We argue that having a physical interaction to start potentially privacy-invasive data collections is a useful enrichment for legal consent, and physically visible status is helpful to make a decision.

Published

2020

3. C3S: Cryptographically Combine Cloud Storage for Cost-Efficient Availability and Confidentiality

Author

Leon Sell, Henrich C. Pöhls, and Thomas Lorünser

Subjects

021110 strategic, defence & security studies, Cost efficiency, business.industry, Computer science, Replica, 0211 other engineering and technologies, Cloud computing, 02 engineering and technology, Adversary, Computer security, computer.software_genre, Secret sharing, Replication (computing), 020204 information systems, High availability, 0202 electrical engineering, electronic engineering, information engineering, media_common.cataloged_instance, Data Protection Act 1998, European union, business, Cloud storage, computer, media_common

Abstract

Increasing the availability by using multiple cloud storage providers for replication comes at a price; not only does it increase storage costs with every replica, it also greatly disperses the information to different cloud storage systems. Thus, all storage locations must be trusted to not read that data. Contrary the cryptographic technique of secret sharing splits data into confidentiality protected shares and if the adversary does not have access to more than a pre-defined threshold k of those shares, then the data's confidentiality is protected. At the same time secret sharing also increases the availability because the legitimate user must only download the data from k out of n shares. The goal of this paper is to quantify the economic advantages of efficient and secure information dispersal strategies in multi-cloud settings based on the current market situation. Therefore, we put together a database of 63 cloud storage offers and analyzed opportunities to combine them into virtual storage services delivering availabilities of 99.999% at the best price. Additionally, the combined multi-cloud storage is leaning towards data protection legislation of the European Union (EU), as any combination of k shares includes at least one from an EU-based provider. This inhibits non-EU jurisdictions to 'subpoena' the required number of shares to reconstruct data without the help of an EU-based provider. Our findings show that it is possible to find combinations which give the cloud storage consumer the wanted high availability and legal compliance guarantee at half the cost of any two providers from within the EU storing unencrypted replicas.

Published

2018

4. Towards GDPR-compliant data processing in modern SIEM systems

Author

Benjamin Taubmann, Johannes Köstler, Tobias Latzo, Sabine Sobola, Günther Pernul, Manfred Vielberth, Henrich C. Pöhls, Alexander Puchta, Hans P. Reiser, Felix C. Freiling, and Florian Menges

Subjects

Service quality, Data processing, General Computer Science, Process (engineering), Computer science, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Security information and event management, General Data Protection Regulation, 0202 electrical engineering, electronic engineering, information engineering, Data Protection Act 1998, 020201 artificial intelligence & image processing, Pseudonymization, Law, computer

Abstract

The introduction of the General Data Protection Regulation (GDPR) in Europe raises a whole series of issues and implications on the handling of corporate data. We consider the case of security-relevant data analyses in companies, such as those carried out by Security Information and Event Management (SIEM) systems. It is often argued that the processing of personal data is necessary to achieve service quality. However, at present existing systems arguably are in conflict with the GDPR since they often process personal data without taking data protection principles into account. In this work, we first examine the GDPR regarding the resulting requirements for SIEM systems. On this basis, we propose a SIEM architecture that meets the privacy requirements of the GDPR and show the effects of pseudonymization on the detectability of incidents.

Published

2021

5. The Road to Privacy in IoT: Beyond Encryption and Signatures, Towards Unobservable Communication

Author

Ralf C. Staudemeyer, Henrich C. Pöhls, and Marcin Wójcik

Subjects

020203 distributed computing, business.industry, Computer science, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Encryption, Computer security, computer.software_genre, Unobservable, Sketch, Transmission (telecommunications), Home automation, 0202 electrical engineering, electronic engineering, information engineering, The Internet, Architecture, business, computer

Abstract

Privacy requires more than just encryption of data before and during transmission. Privacy would actually demand hiding the sheer fact that communication takes place. This requires to protect meta-data from observation. We think that this feature is in particular useful and interesting for the Internet-of-Things. However, it requires strong cryptographic security mechanisms, like encryption of communication, to be in place. We motivate the need for strong privacy protection by highlighting privacy issues in a smart home use-case. We advance beyond encryption and discuss which existing techniques can be used to achieve unobservable communication. Then we describe the architecture needed to provide strong protection in this particular use-case. Lastly, we present the building blocks of the architecture we implemented so far on the Re-Mote sensor nodes running Contiki OS and sketch the computational and network overheads imposed by these techniques.

Published

2018

6. Protean Signature Schemes

Author

Daniel Slamanig, Kai Samelin, Henrich C. Pöhls, and Stephan Krenn

Subjects

Scheme (programming language), 021110 strategic, defence & security studies, Theoretical computer science, Third party, Invisibility, Computer science, 0211 other engineering and technologies, 02 engineering and technology, Transparency (human–computer interaction), Signature (logic), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, computer, computer.programming_language

Abstract

We introduce the notion of Protean Signature schemes. This novel type of signature scheme allows to remove and edit signer-chosen parts of signed messages by a semi-trusted third party simultaneously. In existing work, one is either allowed to remove or edit parts of signed messages, but not both at the same time. Which and how parts of the signed messages can be modified is chosen by the signer. Thus, our new primitive generalizes both redactable (Steinfeld et al., ICISC ’01, Johnson et al., CT-RSA ’02 & Brzuska et al., ACNS ’10) and sanitizable signatures schemes (Ateniese et al., ESORICS ’05 & Brzuska et al., PKC ’09). We showcase a scenario where either primitive alone is not sufficient. Our provably secure construction (offering both strong notions of transparency and invisibility) makes only black-box access to sanitizable and redactable signature schemes, which can be considered standard tools nowadays. Finally, we have implemented our scheme; Our evaluation shows that the performance is reasonable.

Published

2018

7. Chameleon-Hashes with Dual Long-Term Trapdoors and Their Applications

Author

Stephan Krenn, Kai Samelin, Henrich C. Pöhls, and Daniel Slamanig

Subjects

Discrete mathematics, Computer science, Ephemeral key, Hash function, 0202 electrical engineering, electronic engineering, information engineering, 020207 software engineering, 020201 artificial intelligence & image processing, 02 engineering and technology, DUAL (cognitive architecture), Term (time)

Abstract

A chameleon-hash behaves likes a standard collision-resistant hash function for outsiders. If, however, a trapdoor is known, arbitrary collisions can be found. Chameleon-hashes with ephemeral trapdoors (\(\mathsf {CHET}\); Camenisch et al., PKC 17) allow prohibiting that the holder of the long-term trapdoor can find collisions by introducing a second, ephemeral, trapdoor. However, this ephemeral trapdoor is required to be chosen freshly for each hash.

Published

2018

8. CryptSDLC - Embedding Cryptographic Engineering into Secure Software Development Lifecycle

Author

Leon Sell, Thomas Laenger, Thomas Loruenser, and Henrich C. Pöhls

Subjects

021110 strategic, defence & security studies, Cloud computing security, Privacy by Design, Cryptographic engineering, business.industry, Computer science, 0211 other engineering and technologies, Cloud computing, 02 engineering and technology, Computer security, computer.software_genre, Secure by design, Software development process, 020204 information systems, Systems development life cycle, 0202 electrical engineering, electronic engineering, information engineering, Software design, business, computer

Abstract

Application development for the cloud is already challenging because of the complexity caused by the ubiquitous, interconnected, and scalable nature of the cloud paradigm. But when modern secure and privacy aware cloud applications require the integration of cryptographic algorithms, developers even need to face additional challenges: An incorrect application may not only lead to a loss of the intended strong security properties but may also open up additional loopholes for potential breaches some time in the near or far future. To avoid these pitfalls and to achieve dependable security and privacy by design, cryptography needs to be systematically designed into the software, and from scratch. We present a system architecture providing a practical abstraction for the many specialists involved in such a development process, plus a suitable cryptographic software development life cycle methodology on top of the architecture. The methodology is complemented with additional tools supporting structured inter--domain communication and thus the generation of consistent results: cloud security and privacy patterns, and modelling of cloud service level agreements. We conclude with an assessment of the use of the Cryptographic Software Design Life Cycle (CryptSDLC) in a EU research project.

Published

2018

9. Position Paper

Author

Arne Bilzhause, Henrich C. Pöhls, and Kai Samelin

Subjects

Point (typography), Third party, Computer science, RSS, 020206 networking & telecommunications, 02 engineering and technology, Research opportunities, computer.file_format, Computer security, computer.software_genre, Signature (logic), 0202 electrical engineering, electronic engineering, information engineering, Position paper, 020201 artificial intelligence & image processing, computer

Abstract

Sanitizable signature schemes (SSS), as well as redactable signature schemes (RSS), gained a lot of attention in the recent past. In a nutshell, both types of signature schemes allow to alter signed data in a controlled way by a, potentially semi-trusted, third party. The resulting signatures still verify. Thus, the authenticity of the subsequently modified content is preserved. In this position paper, we discuss the state-of-the-art, and highlight potential future research opportunities. We hope this work gives rise to additional ideas, real-life use-cases, and interesting upcoming research, helping to bring both primitives into practice. Hence, this paper is meant as a starting point for readers interested in these primitives, looking for new research and application opportunities. In other words, we think that both primitives deserve further attention.

Published

2017

10. Towards compactly encoded signed IoT messages

Author

Benedikt Petschkuhn and Henrich C. Pöhls

Subjects

MQTT, Firmware, Computer science, business.industry, Distributed computing, Node (networking), 010401 analytical chemistry, 020206 networking & telecommunications, 02 engineering and technology, computer.software_genre, 01 natural sciences, JSON, 0104 chemical sciences, Digital signature, Encoding (memory), 0202 electrical engineering, electronic engineering, information engineering, Elliptic curve cryptography, Resilience (network), business, computer, computer.programming_language, Computer network

Abstract

In this paper, we measure the overhead in message size and in firmware code-size for exchanging signed messages with constrained devices typically found in the Internet-of-Things (IoT) domain. The application of digital signatures on every important message in the IoT helps to increase its resilience against attacks and increases the data quality level. Other papers have shown that Elliptic Curve Cryptography (ECC) signatures can be applied on modern constrained devices. Our focus is on message size as we identified this to be the most prevailing problem as it relates to the storage required at each handling node and directly relates to the communication overhead, which in turn results in an increased energy consumption. We give analytical information for typical message sizes in two different protocols (MQTT and COAP), as well as real measurements on a Zolertia ReMOTE when it comes to firmware code-size overheads. Our measurements indicate that a suitable encoding of message level security can decrease the message overhead of signatures by at least 30 percent and still balance its usability by keeping it decodable into JSON, the prevailing exchange format of many IoT upper layer protocols. Our new HYBRID format is suitable to achieve end-to-end, i.e., device-to-application, integrity.

Published

2017

11. Practical Strongly Invisible and Strongly Accountable Sanitizable Signatures

Author

Stephan Krenn, David Derler, Daniel Slamanig, Michael Till Beck, Kai Samelin, Jan Camenisch, and Henrich C. Pöhls

Subjects

Scheme (programming language), Invisibility, Computer science, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Signature (logic), Random oracle, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Malleability, Digital signature, 0202 electrical engineering, electronic engineering, information engineering, ComputingMilieux_COMPUTERSANDSOCIETY, 020201 artificial intelligence & image processing, Limit (mathematics), computer, computer.programming_language

Abstract

Sanitizable signatures are a variant of digital signatures where a designated party (the sanitizer) can update admissible parts of a signed message. At PKC ’17, Camenisch et al. introduced the notion of invisible sanitizable signatures that hides from an outsider which parts of a message are admissible. Their security definition of invisibility, however, does not consider dishonest signers. Along the same lines, their signer-accountability definition does not prevent the signer from falsely accusing the sanitizer of having issued a signature on a sanitized message by exploiting the malleability of the signature itself. Both issues may limit the usefulness of their scheme in certain applications.

Published

2017

12. Chameleon-Hashes with Ephemeral Trapdoors

Author

Kai Samelin, Jan Camenisch, David Derler, Daniel Slamanig, Stephan Krenn, and Henrich C. Pöhls

Subjects

Theoretical computer science, Hash function, SWIFFT, 0102 computer and information sciences, 02 engineering and technology, 01 natural sciences, Hash tree, Collision resistance, 010201 computation theory & mathematics, SHA-2, 0202 electrical engineering, electronic engineering, information engineering, Cryptographic hash function, Hash chain, 020201 artificial intelligence & image processing, Double hashing, Mathematics

Abstract

A chameleon-hash function is a hash function that involves a trapdoor the knowledge of which allows one to find arbitrary collisions in the domain of the function. In this paper, we introduce the notion of chameleon-hash functions with ephemeral trapdoors. Such hash functions feature additional, i.e., ephemeral, trapdoors which are chosen by the party computing a hash value. The holder of the main trapdoor is then unable to find a second pre-image of a hash value unless also provided with the ephemeral trapdoor used to compute the hash value. We present a formal security model for this new primitive as well as provably secure instantiations. The first instantiation is a generic black-box construction from any secure chameleon-hash function. We further provide three direct constructions based on standard assumptions. Our new primitive has some appealing use-cases, including a solution to the long-standing open problem of invisible sanitizable signatures, which we also present.

Published

2017

13. A Privacy Engineering Framework for the Internet of Things

Author

Adam Kapovits, Henrich C. Pöhls, Antonio Kung, Nicolás Notario McDonnell, Santiago Reinhard Suppan, Frank Kargl, Yod Samuel Martín, and Jorge Cuellar

Subjects

Information privacy, Privacy by Design, business.industry, Privacy software, Computer science, Data_MISCELLANEOUS, Internet privacy, 020207 software engineering, 02 engineering and technology, Computer security, computer.software_genre, Web of Things, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), ComputingMilieux_COMPUTERSANDSOCIETY, The Internet, Privacy engineering, business, Internet of Things, computer

Abstract

This paper describes a privacy engineering framework for the Internet of Things (IoT). It shows how existing work and research on IoT privacy and on privacy engineering can be integrated into a set of foundational concepts that will help practice privacy engineering in the IoT. These concepts include privacy engineering objectives, privacy protection properties, privacy engineering principles, elicitation of requirements for privacy and design of associated features. The resulting framework makes the key difference between privacy engineering for IoT systems targeting data controllers, data processors and associated integrators, and privacy engineering for IoT subsystems, targeting suppliers.

Published

2017

14. Designing Secure IoT Architectures for Smart City Applications

Author

Elias Z. Tragos, Henrich C. Pöhls, Alexandros Fragkiadakis, and Vangelis Angelakis

Subjects

021110 strategic, defence & security studies, Privacy by Design, Exploit, Computer science, 0211 other engineering and technologies, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Secure by design, Information and Communications Technology, Enabling, Smart city, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Trust management (information system), computer

Abstract

The Internet of Things (IoT) presents itself as a promising set of technologies to support a wide range of applications that aim to improve the quality of life of humans. IoT aims to simplify the way that users receive information providing a unique way of bringing them close to the source of information, hiding the complexity of knowing who or what one should ask to get that information. For this reason, IoT has become a key enabler for smart city applications, and municipalities are very interested to invest in IoT for providing advanced applications to their citizens, who might not be at all familiar with Information and Communication Technologies (ICT). It is quite common in the last few years that large cities are forming strategic agendas for becoming “smarter” through IoT technologies. Their main goal is to build IoT-based infrastructures that can be reused for supporting a plethora of smart city applications, for, i.e., monitoring the weather conditions, the traffic, the citizens’ needs, or for managing the wastes, the city waters, etc. All these applications are indeed very promising for making the cities smarter, but as they are becoming more and more mainstream, they are turning into attractive targets for attackers that aim to exploit the constrained nature of IoT devices toward stealing personal data or performing physical attacks on critical infrastructures. IoT deployments pose severe challenges with regard to ensuring the security of the overall system and the privacy of the users’ data, and only lately there have been advances toward designing secure IoT architectures for smart city applications. This chapter aims to provide an overview of the challenges, the methodology, and the latest attempts for securing the IoT architectures in smart city environments.

Published

2016

15. Security and Privacy for the Internet of Things Communication in the SmartCity

Author

Ralf C. Staudemeyer, Henrich C. Pöhls, and Bruce W. Watson

Subjects

business.industry, Computer science, Process (engineering), Internet privacy, Control (management), 020206 networking & telecommunications, 02 engineering and technology, Information security, Encryption, Computer security, computer.software_genre, Information and Communications Technology, Scalability, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), 020201 artificial intelligence & image processing, Confidentiality, business, computer

Abstract

Growing SmartCities means that the amount of information processed and stored to manage a city’s infrastructure (e.g., traffic, public transport, electricity) is growing as well. To manage this, SmartCities are deploying truly distributed and highly scalable information and communication (ICT) infrastructure, connecting a conglomerate of smart devices and ‘smart things’. In recent years, the term Internet-of-Things (IoT) was coined to describe constrained systems that react via sensors to physical changes in its environment and may be able to influence that environment via actuators. While ICT generally helps to ‘mine’ collected information, the IoT complements this with direct access to a sensor’s data or even taking immediate corrective action. Using the capabilities of the IoT to monitor and control the SmartCity implies numerous devices communicate data about the city its citizens. The communicated data is used to make decisions that will affect many citizens, and if not secured correctly, attackers (or other ‘errors’) could disrupt operation of the SmartCity. Moreover, collected data possibly impinges on basic privacy rights if not gathered, communicated and processed correctly. This chapter provides a primer on general information security, its main goals, and the basic IoT security challenges in the SmartCity. Built upon the basic IT security goals of confidentiality, integrity, and availability, this chapter addresses security and privacy problems faced in the communication aspects of the SmartCity. We highlight that security is a crucial enabler for the ICT-dependent SmartCity to base the decisions on reliable data and to execute commands securely. We specifically point out that security starts at the very beginning of the data collection and communication process. On top of this, we focus on major issues related to private communication, as privacy is a key acceptance factor for an ICT-enabled SmartCity by its citizens.

Published

2016

16. An IoT Middleware for Enhanced Security and Privacy: The RERUM Approach

Author

Elias Z. Tragos, Daniel Calvo, Henrich C. Pöhls, George Moldovan, and Alexandros Fragkiadakis

Subjects

021110 strategic, defence & security studies, Focus (computing), Exploit, Privacy by Design, Computer science, business.industry, 0211 other engineering and technologies, Access control, 02 engineering and technology, Computer security, computer.software_genre, Variety (cybernetics), World Wide Web, Middleware (distributed applications), 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), 020201 artificial intelligence & image processing, Layer (object-oriented design), business, computer

Abstract

The Internet of Things (IoT) presents itself as a promising set of key technologies to provide advanced smart applications. IoT has become a major trend lately and smart solutions can be found in a large variety of products. Since it provides a flexible and easy way to gather data from huge numbers of devices and exploit them ot provide new applications, it has become a central research area lately. However, due to the fact that IoT aims to interconnect millions of constrained devices that are monitoring the everyday life of people, acting upon physical objects around them, the security and privacy challenges are huge. Nevertheless, only lately the research focus has been on security and privacy solutions. Many solutions and IoT frameworks have only a minimum set of security, which is a basic access control. The EU FP7 project RERUM has a main focus on designing an IoT architecture based on the concepts of Security and Privacy by design. A central part of RERUM is the implementation of a middleware layer that provides extra functionalities for improved security and privacy. This work, presents the main elements of the RERUM middleware, which is based on the widely accepted OpenIoT middleware.

Published

2016

17. PRISMACLOUD Tools: A Cryptographic Toolbox for Increasing Security in Cloud Services

Author

Henrich C. Pöhls, Daniel Slamanig, Thomas Länger, and Thomas Loruenser

Subjects

021110 strategic, defence & security studies, Cloud computing security, Cryptographic primitive, business.industry, Computer science, 0211 other engineering and technologies, Cloud computing, Cryptography, 02 engineering and technology, Cryptographic protocol, Computer security, computer.software_genre, Toolbox, Controlled Cryptographic Item, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Reference implementation, business, computer

Abstract

The EC Horizon 2020 project PRISMACLOUD aims at cryptographically addressing several severe risks threatening end user security and privacy in current cloud settings. This shall be achieved by the provision of a reusable toolbox encapsulating cryptographic functionality from which dependably secure cloud services can be assembled. In order to provide a tangible abstraction of the complexity involved with the construction of cryptographically secured cloud services, we introduce the four-layer PRISMACLOUD architecture. Top down, it consists of a use cases (application) layer, a services layer, a tools layer, and a cryptographic primitives and protocols layer. In this paper we provide a detailed description of the P RISMACLOUD tools in terms of functional components, as well as how they interact to provide the desired security functionality. We also briefly describe the cutting-edge cryptographic primitives which are encompassed by the tools. Both the toolbox and the cryptographic primitives and protocols are being currently developed and will be provided as reference implementation by project end in July 2018.

Published

2016

18. Cryptographically Enforced Four-Eyes Principle

Author

Henrich C. Pöhls, Manuel Huber, Arne Bilzhause, and Kai Samelin

Subjects

Corruption, business.industry, Computer science, media_common.quotation_subject, Authorization, 020206 networking & telecommunications, Access control, 02 engineering and technology, Computer security model, 16. Peace & justice, Computer security, computer.software_genre, Signature (logic), Adversarial system, Order (business), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer, media_common

Abstract

The 4-eyes principle (4EP) is a well-known access control and authorization principle, and used in many scenarios to minimize the likelihood of corruption. It states that at least two separate entities must approve a message before it is considered authentic. Hence, an adversarial party aiming to forge bogus content is forced to convince other parties to collude in the attack. We present a formal framework along with a suitable security model. Namely, a party sets a policy for a given message which involves multiple additional approvers in order to authenticate the message. Finally, we show how these signatures are black-box realized by secure sanitizable signature schemes.

Published

2016

19. Towards quantifying the cost of a secure IoT: Overhead and energy consumption of ECC signatures on an ARM-based device

Author

Benedikt Petschkuhn, Ralf C. Staudemeyer, Max Mossinger, Johannes Bauer, Henrich C. Pöhls, and Marcin Wójcik

Subjects

Chipset, Firmware, Computer science, business.industry, 010401 analytical chemistry, Cryptography, 02 engineering and technology, Energy consumption, computer.software_genre, Encryption, 01 natural sciences, 020202 computer hardware & architecture, 0104 chemical sciences, Embedded system, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), Elliptic curve cryptography, business, computer, Key size, Computer network

Abstract

In this paper, we document the overhead in terms of runtime, firmware size, communication and energy consumption for Elliptic Curve Cryptography (ECC) signatures of modern ARM-based constrained devices. The experiments we have undertaken show that the cryptographic capabilities of the investigated Zolertia Re-Mote based on a TI's CC2538 chipset running Contiki OS is indeed suitable for the Internet-of-Things (IoT): Computing a signature using a curve with a 192-bit key length adds an additional runtime of roughly 200 ms. However, we found that in comparison to sending an unsigned message approximately two-thirds of the runtime overhead is spent on cryptographic operations, while sending the signed message accounts for the remainder. We give real measurements which can be used as a basis for analytical models. Our measurements show that the saving gained by using curves with lower security levels (i. e., 160-bit key length) is not worth the sacrifice in protection. While signatures add non-negligible overhead, we still think that the additional 200 ms (signing with secp192r) is worth consideration. This paper gives an indication of the true costs of cryptographically protected message integrity which is greater or equal to the cost of encryption. We show what needs to be spent in order to verify the origin of the data in the application, since in the IoT it will have travelled through many ‘things’.

Published

2016

20. Towards Authenticity and Privacy Preserving Accountable Workflows

Author

Christian Hanser, Henrich C. Pöhls, David Derler, and Daniel Slamanig

Subjects

Third party, business.industry, Computer science, Business process, Cloud computing, Cryptography, 0102 computer and information sciences, 02 engineering and technology, Computer security, computer.software_genre, 01 natural sciences, Outsourcing, Privacy preserving, Workflow, Documentation, 010201 computation theory & mathematics, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, business, computer

Abstract

Efficient and well structured business processes (and their corresponding workflows) are drivers for the success of modern enterprises. Today, we experience the growing trends to have IT supported workflows and to outsource enterprise IT to the cloud. Especially when executing (interorganizational) business processes on third party infrastructure such as the cloud, the correct execution and documentation become very important issues. To efficiently manage those processes, to immediately detect deviations from the intended workflows and to hold tenants (such as the cloud) accountable in such (decentralized) processes, a mechanism for efficient and accountable monitoring and documentation is highly desirable. Ideally, these features are provided by means of cryptography in contrast to organizational measures.

Published

2016

21. ECDSA on Things: IoT Integrity Protection in Practise

Author

Alexandros Fragkiadakis, Henrich C. Pöhls, Ralf C. Staudemeyer, and Johannes Bauer

Subjects

business.industry, Computer science, Elliptic Curve Digital Signature Algorithm, 020206 networking & telecommunications, 02 engineering and technology, ARM architecture, Protocol stack, Digital signature, Embedded system, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Side channel attack, business, 6LoWPAN, Replay attack, Wireless sensor network

Abstract

This paper documents some experiences and lessons learned during the development of an IoT security application for the EU-funded project RERUM. The application provides sensor data with end-to-end integrity protection through elliptic curve digital signatures (ECDSA). Here, our focus is on the cost in terms of hardware, runtime and power-consumption in a real-world trials scenario. We show that providing signed sensor data has little impact on the overall power consumption. We present the experiences that we made with different ECDSA implementations. Hardware accelerated signing can further reduce the costs in terms of runtime, however, the differences were not significant. The relevant aspect in terms of hardware is memory: experiences made with MSP430 and ARM Cortex M3 based hardware platforms revealed that the limiting factor is RAM capacity. Our experiences made during the trials show that problems typical for low-power and lossy networks can be addressed by the chosen network stack of CoAP, UDP, 6LoWPAN and 802.15.4; while still being lightweight enough to drive the application on the constrained devices investigated.

Published

2016

22. Malleable Signatures for Resource Constrained Platforms

Author

Joachim Posegga, Kai Samelin, Hermann de Meer, Stefan Peters, and Henrich C. Pöhls

Subjects

Modular exponentiation, 0303 health sciences, Computer science, business.industry, 02 engineering and technology, Trusted third party, Computer security, computer.software_genre, USable, Accumulator (cryptography), Signature (logic), 03 medical and health sciences, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Smart card, Key management, business, Host (network), computer, 030304 developmental biology

Abstract

Malleable signatures allow the signer to control alterations to a signed document. The signer limits alterations to certain parties and to certain parts defined during signature generation. Admissible alterations do not invalidate the signature and do not involve the signer. These properties make them a versatile tool for several application domains, like e-business and health care. We implemented one secure redactable and three secure sanitizable signature schemes on secure, but computationally bounded, smart card. This allows for a secure and practically usable key management and meets legal standards of EU legislation. To gain speed we securely divided the computing tasks between the powerful host and the card; and we devise a new accumulator to yield a useable redactable scheme. The performance analysis of the four schemes shows only a small performance hit by the use of an off-the-shelf card.

Published

2013

23. Non-interactive Public Accountability for Sanitizable Signatures

Author

Henrich C. Pöhls, Christina Brzuska, and Kai Samelin

Subjects

Scheme (programming language), Third party, business.industry, Computer science, Internet privacy, 02 engineering and technology, E-commerce, 16. Peace & justice, Computer security, computer.software_genre, Transparency (behavior), Public accountability, 020204 information systems, Accountability, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer, computer.programming_language

Abstract

Sanitizable signatures enable a designated party to modify signed documents in a controlled way, while the derived signature still verifies. In this paper, we introduce the notion of non-interactive and public accountability. It allows a third party to determine whether a message-signature pair was issued by the signer or the sanitizer. The original notion of accountability does not satisfy European legal standards, while non-interactive public accountability does. A contradictory security goal is the indistinguishability of message-signature pairs from the signer and the sanitizer, a.k.a. transparency. As state-of-the-art schemes often satisfy transparency, they can only achieve a weaker notion of accountability. We show that non-interactive public accountability does not contradict privacy by proving that an existing scheme by Brzuska et al. BIOSIG '09 satisfies both notions. We then extend the scheme to also satisfy blockwise public accountability. Overall, for e-business applications within the EU, opting for non-interactive public accountability can be preferable over transparency.

Published

2013

24. What it takes to boost Internet of Things privacy beyond encryption with unobservable communication: a survey and lessons learned from the first implementation of DC-net

Author

Marcin Wójcik, Henrich C. Pöhls, and Ralf C. Staudemeyer

Subjects

Dining cryptographers problem, Renewable Energy, Sustainability and the Environment, Computer Networks and Communications, business.industry, computer.internet_protocol, Computer science, 010401 analytical chemistry, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Encryption, Computer security, computer.software_genre, 01 natural sciences, Unobservable, 0104 chemical sciences, Computer Science Applications, Datagram Transport Layer Security, Artificial Intelligence, Home automation, 0202 electrical engineering, electronic engineering, information engineering, Message authentication code, The Internet, business, computer

Abstract

Privacy requires more than just encryption of data before and during transmission. Privacy would actually demand hiding the sheer fact that communication takes place. This requires to protect meta-data from observation. We motivate the need for strong privacy protection in a smart home use case by highlighting the privacy issues that cannot be solved by confidentiality mechanisms like encryption alone. Our solution is a implementation of DC-net on Re-Mote sensor nodes running Contiki OS. From this, we conclude that the computational and network overheads imposed by these techniques do not make them impractical to use in the IoT. To the best knowledge of the authors, this is the first implementation of DC-net on sensors. Alongside, we provide a survey of the required strong cryptographic security mechanisms, like encryption of communication, to be in place. We describe how the current existing techniques can be facilitated to achieve unobservable communication for the IoT. This includes mechanisms for encrypted IoT communication like DTLS or message authentication like ECDSA signatures on IoT devices. For readers unfamiliar with the concepts of MIXing and DC-net, we explain and analyse how those techniques, formerly used to provide private communication in the Internet, can be applied to the IoT. We briefly survey what complementary features from the IoT architecture are helpful in providing strong protection in this particular use case. Finally, we state some recommendations hoping that following these will enable us to reduce the privacy invasiveness of the IoT on all levels. We think that this will be indispensable if IoT devices shall become a part of our daily lives without rendering us into an Orwellian society.

25. Selected Cloud Security Patterns to Improve End User Security and Privacy in Public Clouds

Author

Thomas Länger, Solange Ghernaouti, and Henrich C. Pöhls

Subjects

Information privacy, Cloud computing security, business.industry, Data_MISCELLANEOUS, Internet privacy, Data security, Provisioning, Cloud computing, 02 engineering and technology, Cryptographic protocol, Computer security, computer.software_genre, Security information and event management, Security service, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Business, computer

Abstract

Cloud computing has the potential to dramatically reduce the cost and complexity of provisioning information technology resources for end users. However, to make it secure and privacy-preserving for end users, additional technical safeguards must be added—the application of strong cryptography is such a safeguard. The Horizon 2020 project PRISMACLOUD surveys and advances several cryptographic protocols and primitives usable to cryptographically address common cloud security and privacy issues. The cryptographic functionality will entirely be encapsulated in five configurable tools, from which cloud services providing end-to-end security can be constructed. This approach relieves cloud service designers from dealing with the complex and error prone correct application of cryptographic functionality and shall spark the emergence of a multitude of privacy and security preserving cloud applications for the benefit of the end-users—who will no longer have to rely on contractual and legal instruments for ensuring, that privacy and security is enforced by cloud providers on their behalf. In order to support the privacy-by-design development of the tools, we developed several cloud security patterns for common critical situations in the cloud—in the three fields of data storage in the cloud, user privacy protection and data minimisation, and authentication of stored and processed data.

26. Towards Privacy-Preserving Local Monitoring and Evaluation of Network Traffic from IoT Devices and Corresponding Mobile Phone Applications

Author

Felix Klement, Korbinian Spielvogel, and Henrich C. Pöhls

Subjects

business.industry, Computer science, 020206 networking & telecommunications, 02 engineering and technology, Monitoring and evaluation, 021001 nanoscience & nanotechnology, Computer security, computer.software_genre, Event management, Privacy preserving, Information sensitivity, Software deployment, Mobile phone, 0202 electrical engineering, electronic engineering, information engineering, 0210 nano-technology, Internet of Things, business, computer

Abstract

This paper describes ways for users to gain an insight into the actual communication flow of their Internet of Things (IoT) devices. The paper’s main objective is to enable a comparison of the flow with the devices’ intended purpose understandable to the device user. On the basis of what the device sends, the user should be enabled to decide whether the traffic is legitimate or not. With our framework no additional data will leave the user’s premises at any time. Only when a user decides that the traffic is unwanted communication flows the user can voluntarily transfer selected excerpts to a third party for further analysis. This limits data leakage compared to existing security incident event management (SIEM) solutions, where the monitoring third party seeks to constantly collect all information about the user’s traffic and thus constantly gets sensitive information. In this paper we propose a first set of tools for purely local analysis and user-friendly local visualizations. By this we educate the local user/operator of the IoT deployment and allow for more informed and more transparent decisions. Thus, we show that a privacy-preserving and thus more data-protection (GDPR) compliant monitoring of IoT-related network traffic is possible – and showcase how it will look.

27. Integrity and Authenticity Protection with Selective Disclosure Control in the Cloud & IoT

Author

Noëlle Rakotondravony, Henrich C. Pöhls, Kai Samelin, Christoph Frädrich, and Wolfgang Popp

Subjects

020205 medical informatics, business.industry, Computer science, RSS, Internet privacy, Control (management), Cloud computing, 02 engineering and technology, computer.file_format, Redaction, Computer security, computer.software_genre, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, Internet of Things, computer, Selective disclosure

Abstract

\(\mathsf {RSS}\) allow the redaction of parts from signed data. Updatable \(\mathsf {RSS}\) additionally enable the signatory to add new elements, while signatures can be merged by third parties under certain conditions.

28. Accountable Redactable Signatures

Author

Kai Samelin and Henrich C. Pöhls

Subjects

Scheme (programming language), 021110 strategic, defence & security studies, Profit (real property), business.industry, Computer science, RSS, Internet privacy, 0211 other engineering and technologies, 02 engineering and technology, computer.file_format, 16. Peace & justice, Computer security, computer.software_genre, Transparency (behavior), Signature (logic), Malleability, Public accountability, Accountability, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer, computer.programming_language

Abstract

Redact able signature schemes (RSS) allow removing blocks from signed data. State-of-the-art schemes have public redactions, i.e., Any party can remove parts from a signed message. This prohibits meaningful definitions of accountability. We address this gap by introducing the notion of accountable redact able signature schemes (ARSS). We present a generic construction which couples a sanitizable signature scheme (SSS) to profit from its accountability with an RSS to maintain the reduced malleability of RSSs. Depending on the building blocks, the resulting scheme offers transparency or public accountability. Transparency provides stronger privacy guarantees, while public accountability meets legal and application requirements.

29. A General Framework for Redactable Signatures and New Constructions

Author

David Derler, Daniel Slamanig, Kai Samelin, and Henrich C. Pöhls

Subjects

Property (philosophy), Theoretical computer science, 020205 medical informatics, Computer science, business.industry, Cryptography, 02 engineering and technology, Transparency (human–computer interaction), Computer security model, Signature (logic), Cover (topology), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Commitment scheme, business

Abstract

A redactable signature scheme (\({\mathsf {RSS}}\)) allows removing parts of a signed message by any party without invalidating the respective signature. State-of-the-art constructions thereby focus on messages represented by one specific data-structure, e.g., lists, sets or trees, and adjust the security model accordingly. To overcome the necessity for this myriad of models, we present a general framework covering arbitrary data-structures and even more sophisticated possibilities. For example, we cover fixed elements which must not be redactable and dependencies between elements. Moreover, we introduce the notion of designated redactors, i.e., the signer can give some extra information to selected entities which become redactors. In practice, this often allows to obtain more efficient schemes. We then present two \(\mathsf {RSS}\)s; one for sets and one for lists, both constructed from any EUF-CMA secure signature scheme and indistinguishable cryptographic accumulators in a black-box way and show how the concept of designated redactors can be used to increase the efficiency of these schemes. Finally, we present a black-box construction of a designated redactor \(\mathsf {RSS}\) by combining an \(\mathsf {RSS}\) for sets with non-interactive zero-knowledge proof systems. All the three constructions presented in this paper provide transparency, which is an important property, but quite hard to achieve, as we also conceal the length of the original message and the positions of the redactions.

30. On the Optimality of Correlation Power Attack on Embedded Cryptographic Systems

Author

Ali Maalaoui, Youssef Souissi, Jean-Luc Danger, Sami Mekki, Sylvain Guilley, Nicolas Debande, Télécom ParisTech, Morpho, Rutgers University [Camden], Rutgers University System (Rutgers), Ioannis Askoxylakis, Henrich C. Pöhls, Joachim Posegga, TC 11, and WG 11.2

Subjects

Correlation Power Attack (CPA), Theoretical computer science, Exploit, Computer science, business.industry, Estimation theory, Cryptographic implementations, Cryptography, 02 engineering and technology, Security metrics, Pearson product-moment correlation coefficient, 020202 computer hardware & architecture, Correlation, symbols.namesake, Spearman attack, Power attack, 0202 electrical engineering, electronic engineering, information engineering, symbols, 020201 artificial intelligence & image processing, [INFO]Computer Science [cs], business, Leakage (electronics)

Abstract

Part 8: Cryptography (Short Papers); International audience; In this paper, we answer the question of what are the necessary conditions under which Correlation Power Attack (CPA), that essentially targets embedded cryptographic implementations, is optimal with regards to attacks that exploit the same leakage model. For this purpose, we offer an in-depth theoretical study which aims at determining the conditions under which the Pearson correlation coefficient is maximized. Moreover, we propose theoretical metrics to practically verify the validity of those conditions. Besides, we illustrate our theoretical study by an experiment on real electromagnetic traces acquired from a DES cryptographic implementation.

Published

2012

31. Privacy Bubbles: User-Centered Privacy Control for Mobile Content Sharing Applications

Author

Michaela Kauer, Matthias Hollick, Delphine Christin, Andreas Reinhardt, Pablo Sánchez López, Secure Mobile Networking Lab [Darmstadt] (SEEMOO), Technische Universität Darmstadt (TU Darmstadt), Multimedia Communications Lab [Darmstadt] (KOM), Institute of Ergonomics & Human Factors [Darmstadt], Ioannis Askoxylakis, Henrich C. Pöhls, Joachim Posegga, TC 11, and WG 11.2

Subjects

Scheme (programming language), Social graph, Computer science, Application server, business.industry, Event (computing), Internet privacy, 02 engineering and technology, Private sphere, computer.software_genre, World Wide Web, Technical feasibility, Interpersonal ties, Mobile phone, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, [INFO]Computer Science [cs], business, computer, computer.programming_language

Abstract

Part 4: Privacy; International audience; A continually increasing number of pictures and videos is shared in online social networks. Current sharing platforms however only offer limited options to define who has access to the content. Users may either share it with individuals or groups from their social graph, or make it available to the general public. Sharing content with users to which no social ties exist, even if they were physically close to the places where content was created and witnessed the same event, is however not supported by most existing platforms. We thus propose a novel approach to share content with such users based on so-called privacy bubbles. Privacy bubbles metaphorically represent the private sphere of the users and automatically confine the access to the content generated by the bubble creator to people within the bubble. Bubbles extend in both time and space, centered around the collection time and place, and their size can be adapted to the user’s preferences. We confirm the user acceptance of our concept through a user study with 175 participants, and a prototype implementation shows the technical feasibility of our scheme.

Published

2012