|
|
Privacy-Enhancing Technologies and Privacy-Enhancing Cryptography for Wearables
Casanova-Marqués, Raúl ; Pendo,, Cristiano Gonçalves (referee) ; PhD, Lukasz Michal Chmielewski, (referee) ; Hajný, Jan (advisor)
The increasing concern surrounding privacy and the safeguarding of digital identities has emphasized the pressing necessity of establishing secure and confidential communication channels. This concern has led to the development of cryptographic mechanisms aimed at facilitating impervious information exchange. Nevertheless, traditional cryptographic approaches are proving insufficient in dynamic and resource-constrained environments, such as wearable devices. As a result, attribute-based credential schemes have emerged as a promising solution, offering fine-grained access control to digital services based on user-specific attributes. This doctoral thesis examines the efficacy and scalability of attribute-based anonymous credential schemes in ensuring the authenticity and security of users within dynamic architectures of wearable devices. It also explores enhancements to these schemes, with a primary focus on incorporating user revocation while maintaining privacy. Additionally, the thesis presents devised mechanisms to enable attribute-based authentication protocols on smart cards with limited support for elliptic curve cryptography. It addresses specific challenges associated with the usability of smart cards. Moreover, the thesis investigates the integration of anonymous authentication schemes in collaborative indoor positioning systems, aiming to provide privacy and security. Lastly, it explores the implementation of attribute-based authentication schemes in resource-constrained environments, with an emphasis on Internet of Things devices, and evaluates their feasibility within the dynamic architectures of wearable devices. The first contribution of this thesis introduces a purposefully designed protocol for anonymous authentication on smart cards. This protocol combines attribute-based credentials and user revocation while ensuring computational efficiency. To facilitate effective implementation and evaluation, the thesis employs smart cards equipped with the MULTOS operating system. The second contribution focuses on optimizing the capabilities of smart cards using Java Card technology for the implementation of attribute-based credential schemes. These smart cards are presented as a more accessible alternative for a wider consumer base. To overcome limitations in their application programming interface, the thesis devises strategies to augment the constrained support for elliptic curve cryptography and effectively implement such schemes. The third contribution presents the Privacy-Enhancing Authentication System, a robust solution compatible with smart cards, smartphones, and smartwatches. This system addresses the functional challenges associated with smart cards, including the absence of a graphical interface and limited user control over attribute disclosure. Consequently, it offers a practical and deployable solution for real-world scenarios. Finally, the thesis proposes a groundbreaking scheme to safeguard collaborative indoor positioning systems by addressing both privacy and security concerns. This scheme ensures the preservation of privacy and security by eliminating centralized architectures and employing encryption techniques for positioning information. The thesis includes comprehensive details such as protocol use cases, implementation specifics, execution benchmarks, and a comparative analysis with existing protocols.
|
|
|
Cryptographic protocols in practice
Truneček, Petr ; Hajný, Jan (referee) ; Pelka, Tomáš (advisor)
The purpose of this work was first to describe the requirements for cryptographic protocols. Furthermore, the classification of these protocols should have been made with specific examples given. The aim of the next part of the work was to describe the methods which are suitable for description and modeling of cryptographic protocols. This work also addressed the analysis of cryptographic protocols by appropriate analytical means. The CSP method for modeling of the cryptographic protocols was applied in the practical part. The Yahalom protocol was selected as a protocol suitable for modeling. Two analysis was made. The first analysis concerned the standard version of the Yahalom protocol, which was tested to the requirements of cryptographic properties of the secrecy and authenticity. The second analysis was based on the possibility of disclosure of the key, including counterexamples and traces given by FDR. The first analysis did not reveal any weakening, in terms of two cryptographic properties. To demonstrate the possibility of FDR, Yahalom protocol was modified in order to cause the situation when the disclosure of keys appears. FDR then finds the exact procedure that an intruder must make to get the possession of the key.
|
|
|
Cryptographic protocols in practice
Truneček, Petr ; Hajný, Jan (referee) ; Pelka, Tomáš (advisor)
The purpose of this work was first to describe the requirements for cryptographic protocols. Furthermore, the classification of these protocols should have been made with specific examples given. The aim of the next part of the work was to describe the methods which are suitable for description and modeling of cryptographic protocols. This work also addressed the analysis of cryptographic protocols by appropriate analytical means. The CSP method for modeling of the cryptographic protocols was applied in the practical part. The Yahalom protocol was selected as a protocol suitable for modeling. Two analysis was made. The first analysis concerned the standard version of the Yahalom protocol, which was tested to the requirements of cryptographic properties of the secrecy and authenticity. The second analysis was based on the possibility of disclosure of the key, including counterexamples and traces given by FDR. The first analysis did not reveal any weakening, in terms of two cryptographic properties. To demonstrate the possibility of FDR, Yahalom protocol was modified in order to cause the situation when the disclosure of keys appears. FDR then finds the exact procedure that an intruder must make to get the possession of the key.
|
guest ::
