Název:
Privacy-Enhancing Technologies and Privacy-Enhancing Cryptography for Wearables
Překlad názvu:
Privacy-Enhancing Technologies and Privacy-Enhancing Cryptography for Wearables
Autoři:
Casanova-Marqués, Raúl ; Pendo,, Cristiano Gonçalves (oponent) ; PhD, Lukasz Michal Chmielewski, (oponent) ; Hajný, Jan (vedoucí práce) Typ dokumentu: Disertační práce
Rok:
2024
Jazyk:
eng
Nakladatel: Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií
Abstrakt:
The increasing concern surrounding privacy and the safeguarding of digital identities has emphasized the pressing necessity of establishing secure and confidential communication channels. This concern has led to the development of cryptographic mechanisms aimed at facilitating impervious information exchange. Nevertheless, traditional cryptographic approaches are proving insufficient in dynamic and resource-constrained environments, such as wearable devices. As a result, attribute-based credential schemes have emerged as a promising solution, offering fine-grained access control to digital services based on user-specific attributes. This doctoral thesis examines the efficacy and scalability of attribute-based anonymous credential schemes in ensuring the authenticity and security of users within dynamic architectures of wearable devices. It also explores enhancements to these schemes, with a primary focus on incorporating user revocation while maintaining privacy. Additionally, the thesis presents devised mechanisms to enable attribute-based authentication protocols on smart cards with limited support for elliptic curve cryptography. It addresses specific challenges associated with the usability of smart cards. Moreover, the thesis investigates the integration of anonymous authentication schemes in collaborative indoor positioning systems, aiming to provide privacy and security. Lastly, it explores the implementation of attribute-based authentication schemes in resource-constrained environments, with an emphasis on Internet of Things devices, and evaluates their feasibility within the dynamic architectures of wearable devices. The first contribution of this thesis introduces a purposefully designed protocol for anonymous authentication on smart cards. This protocol combines attribute-based credentials and user revocation while ensuring computational efficiency. To facilitate effective implementation and evaluation, the thesis employs smart cards equipped with the MULTOS operating system. The second contribution focuses on optimizing the capabilities of smart cards using Java Card technology for the implementation of attribute-based credential schemes. These smart cards are presented as a more accessible alternative for a wider consumer base. To overcome limitations in their application programming interface, the thesis devises strategies to augment the constrained support for elliptic curve cryptography and effectively implement such schemes. The third contribution presents the Privacy-Enhancing Authentication System, a robust solution compatible with smart cards, smartphones, and smartwatches. This system addresses the functional challenges associated with smart cards, including the absence of a graphical interface and limited user control over attribute disclosure. Consequently, it offers a practical and deployable solution for real-world scenarios. Finally, the thesis proposes a groundbreaking scheme to safeguard collaborative indoor positioning systems by addressing both privacy and security concerns. This scheme ensures the preservation of privacy and security by eliminating centralized architectures and employing encryption techniques for positioning information. The thesis includes comprehensive details such as protocol use cases, implementation specifics, execution benchmarks, and a comparative analysis with existing protocols.
Klíčová slova:
anonymity; attribute-based authentication; attribute-based credentials; collaborative indoor positioning systems; Cryptographic protocols; elliptic curve cryptography.; Internet of Things; privacy protection; smart cards; user revocation; wearable architectures; anonymity; attribute-based authentication; attribute-based credentials; collaborative indoor positioning systems; Cryptographic protocols; elliptic curve cryptography.; Internet of Things; privacy protection; smart cards; user revocation; wearable architectures
Instituce: Vysoké učení technické v Brně
(web)
Informace o dostupnosti dokumentu:
Plný text je dostupný v Digitální knihovně VUT. Původní záznam: http://hdl.handle.net/11012/245330