Related papers: Formal Methods Analysis of the Secure Remote Passw…
The Internet, as it stands today, is highly vulnerable to attacks. However, little has been done to understand and verify the formal security guarantees of proposed secure inter-domain routing protocols, such as Secure BGP (S-BGP). In this…
Cloud-based services have become part of our day-to-day software solutions. The identity authentication process is considered to be the main gateway to these services. As such, these gates have become increasingly susceptible to aggressive…
Trusted Execution Environments (TEEs), such as Intel Software Guard Extensions (SGX), ensure the confidentiality and integrity of user applications when using cloud computing resources. However, in the multi-party cloud computing scenario,…
Different from traditional secure communication that focuses on symbolic protection at the physical layer, semantic secure communication requires further attention to semantic-level task performance at the application layer. There is a…
The paper reviews an implementation of an additional encrypted tunnel within TLS to further secure and authenticate the traffic of personal information between ProtonMail's frontends and the backend, implementing its key exchange, symmetric…
Secure delegated quantum computing allows a computationally weak client to outsource an arbitrary quantum computation to an untrusted quantum server in a privacy-preserving manner. One of the promising candidates to achieve classical…
In this paper, we present a novel ciphertext-policy attribute based encryption (CP-ABE) scheme that offers a flexible access structure. Our proposed scheme incorporates an access tree as its access control policy, enabling fine-grained…
Security protocols often use randomization to achieve probabilistic non-determinism. This non-determinism, in turn, is used in obfuscating the dependence of observable values on secret data. Since the correctness of security protocols is…
Single sign-on (SSO) allows a user to maintain only the credential for an identity provider (IdP) to log into multiple relying parties (RPs). However, SSO introduces privacy threats, as (a) a curious IdP could track a user's all visits to…
Modern society is increasingly surrounded by, and accustomed to, a wide range of Cyber-Physical Systems (CPS), Internet-of-Things (IoT), and smart devices. They often perform safety-critical functions, e.g., personal medical devices,…
Local Differential Privacy (LDP) offers strong privacy protection, especially in settings in which the server collecting the data is untrusted. However, designing LDP mechanisms that achieve an optimal trade-off between privacy, utility and…
The standard RSA relies on multiple big-number modular exponentiation operations and longer key-length is required for better protection. This imposes a hefty time penalty for encryption and decryption. In this study, we analyzed and…
Private set intersection (PSI) aims to allow users to find out the commonly shared items among the users without revealing other membership information. The most recently proposed approach to PSI in the database community was Prism, which…
Single Sign-On (SSO) systems simplify login procedures by using an an Identity Provider (IdP) to issue authentication tokens which can be consumed by Service Providers (SPs). Traditionally, IdPs are modeled as trusted third parties. This is…
Recently, in the area of Mobile Edge Computing (MEC) applications, Wu et al. proposed an authentication and key establishment scheme and claimed their protocol is secure. Nevertheless, cryptanalysis shows the scheme fails to provide…
Principal component analysis (PCA) is an essential algorithm for dimensionality reduction in many data science domains. We address the problem of performing a federated PCA on private data distributed among multiple data providers while…
Radio Frequency IDentification (RFID) is a pioneer technology which has depicted a new lifestyle for humanity in all around the world. Every day we observe an increase in the scope of RFID applications and no one cannot withdraw its…
The Resource Public Key Infrastructure (RPKI) is the main mechanism to protect inter-domain routing with BGP from prefix hijacks. It has already been widely deployed by large providers and the adoption rate is getting to a critical point.…
Elliptic Curve Scalar Multiplication denoted as kP operation is the basic operation in all Elliptic Curve based cryptographic protocols. The atomicity principle and different atomic patterns for kP algorithms were proposed in the past as…
Advances in smart devices has witnessed major developments in many mobile applications such as Android applications. These smart devices normally interconnect to the internet using wireless technology and applications using the TFTP…