Biblio

Given a selected complex orthogonal space-time block code (STBC), transformation algorithms are provided to build a set, S, of unique orthogonal STBCs with cardinality equal to \textbackslashtextbarS\textbackslashtextbar = 2r+c+k-1·r!·c!, where r, c, and k are the number of rows, columns, and data symbols in the STBC matrix, respectively. A communications link is discussed that encodes data symbols with a chosen STBC from the set known only to the transmitter and intended receiver as a means of providing physical layer security (PLS). Expected bit error rate (BER) and informationtheoretic results for an eavesdropper with a priori knowledge of the communications link parameters with the exception of the chosen STBC are presented. Monte Carlo simulations are provided to confirm the possible BER results expected when decoding the communications link with alternative STBCs from the set. Application of the transformation algorithms provided herein are shown to significantly increase the brute force decoding complexity of an eavesdropper compared to a related work in the literature.

As 5G transitions from an industrial vision to a tangible, next-generation mobile technology, security remains key business driver. Heterogeneous environment, new networking paradigms and novel use cases makes 5G vulnerable to new security threats. This in turn necessitates a flexible and dependable security mechanism. End-to-End (E2E) data protection provides better security, avoids repeated security operations like encryption/decryption and provides differentiated security based on the services. E2E security deals with authentication, integrity, key management and confidentiality. The attack surface of a 5G system is larger as 5G aims for a heterogeneous networked society. Hence attack resistance needs to be a design consideration when defining new 5G protocols. This framework has been designed for accessing the manifold applications with high security and trust by offering E2E security for various services. The proposed framework is evaluated based on computation complexity, communication complexity, attack resistance rate and security defensive rate. The protocol is also evaluated for correctness, and resistance against passive, active and dictionary attacks using random oracle model and Automated Validation of Internet Security Protocols and Applications (AVISPA) tool.

Various research efforts have focused on the problem of customer privacy protection in the smart grid arising from the large deployment of smart energy meters. In fact, the deployed smart meters distribute accurate profiles of home energy use, which can reflect the consumers' behaviour. This paper proposes a privacy-preserving lattice-based homomorphic aggregation scheme. In this approach, the smart household appliances perform the data aggregation while the smart meter works as relay node. Its role is to authenticate the exchanged messages between the home area network appliances and the related gateway. Security analysis show that our scheme guarantees consumer privacy and messages confidentiality and integrity in addition to its robustness against several attacks. Experimental results demonstrate the efficiency of our proposed approach in terms of communication complexity.

Manufacturers often buy and/or license communication ICs from third-party suppliers. These communication ICs are then integrated into a complex computational system, resulting in a wide range of potential hardware-software security issues. This work proposes a compact supervisory circuit to classify the Bluetooth profile operation of a Bluetooth System-on-Chip (SoC) at low frequencies by monitoring the radio frequency (RF) output power of the Bluetooth SoC. The idea is to inexpensively manufacture an RF envelope detector to monitor the RF output power and a profile classification algorithm on a custom low-frequency integrated circuit in a low-cost legacy technology. When the supervisory circuit observes unexpected behavior, it can shut off power to the Bluetooth SoC. In this preliminary work, we proto-type the supervisory circuit using off-the-shelf components to collect a sufficient data set to train 11 different Machine Learning models. We extract smart descriptive time-domain features from the envelope of the RF output signal. Then, we train the machine learning models to classify three different Bluetooth operation profiles: sensor, hands-free, and headset. Our results demonstrate 100% classification accuracy with low computational complexity.

The Distributed Denial of Service attack is one of the most common attacks and it is hard to mitigate, however, it has become more difficult while dealing with the Low-rate DoS (LDoS) attacks. The LDoS exploits the vulnerability of TCP congestion-control mechanism by sending malicious traffic at the low constant rate and influence the victim machine. Recently, machine learning approaches are applied to detect the complex DDoS attacks and improve the efficiency and robustness of the intrusion detection system. In this research, the algorithm is designed to balance the detection rate and its efficiency. The detection algorithm combines the Power Spectral Density (PSD) entropy function and Support Vector Machine to detect LDoS traffic from normal traffic. In our solution, the detection rate and efficiency are adjustable based on the parameter in the decision algorithm. To have high efficiency, the detection method will always detect the attacks by calculating PSD-entropy first and compare it with the two adaptive thresholds. The thresholds can efficiently filter nearly 19% of the samples with a high detection rate. To minimize the computational cost and look only for the patterns that are most relevant for detection, Support Vector Machine based machine learning model is applied to learn the traffic pattern and select appropriate features for detection algorithm. The experimental results show that the proposed approach can detect 99.19% of the LDoS attacks and has an O (n log n) time complexity in the best case.

Series-connected IGBTs, when properly controlled, operate similarly to a single device with a much higher voltage capacity. Integrating series IGBTs into a Modular Multilevel Converter (MMC) can reduce its complexity without compromising the voltage capacity. This paper presents the circuit design on the sub-modular level of a MMC in which all the switching devices are series-connected IGBTs. The voltage sharing among the series IGBTs are regulated in a self-balancing manner. Therefore, no central series IGBT controller is needed, which greatly reduces the sensing and communication complexities, increasing the flexibility and expandability. Hardware experiment results demonstrate that the series IGBTs are able to self-regulate the voltage sharing in a fast and accurate manner and the system can operate similarly to a sub-module in a MMC.

We describe a new way of compressing two-party communication protocols to get protocols with potentially smaller communication. We show that every communication protocol that communicates C bits and reveals I bits of information about the participants' private inputs to an observer that watches the communication, can be simulated by a new protocol that communicates at most poly(I) $\cdot$ loglog(C) bits. Our result is tight up to polynomial factors, as it matches the recent work separating communication complexity from external information cost.

Permissioned Blockchain (PBC) has become a prevalent data structure to ensure that the records are immutable and secure. However, PBC still has significant challenges before it can be realized in different applications. One of such challenges is the overhead of the communication which is required to execute the Byzantine Agreement (BA) protocol that is needed for consensus building. As such, it may not be feasible to implement PBC for resource constrained environments such as Internet-of-Things (IoT). In this paper, we assess the communication overhead of running BA in an IoT environment that consists of wireless nodes (e.g., Raspberry PIs) with meshing capabilities. As the the packet loss ratio is significant and makes BA unfeasible to scale, we propose a network coding based approach that will reduce the packet overhead and minimize the consensus completion time of the BA. Specifically, various network coding approaches are designed as a replacement to TCP protocol which relies on unicasting and acknowledgements. The evaluation on a network of Raspberry PIs demonstrates that our approach can significantly improve scalability making BA feasible for medium size IoT networks.

{We study secret sharing schemes for general (non-threshold) access structures. A general secret sharing scheme for n parties is associated to a monotone function F:\0,1\n$\rightarrowłbrace$0,1\}. In such a scheme, a dealer distributes shares of a secret s among n parties. Any subset of parties T {$\subseteq$} [n] should be able to put together their shares and reconstruct the secret s if F(T)=1, and should have no information about s if F(T)=0. One of the major long-standing questions in information-theoretic cryptography is to minimize the (total) size of the shares in a secret-sharing scheme for arbitrary monotone functions F. There is a large gap between lower and upper bounds for secret sharing. The best known scheme for general F has shares of size 2n-o(n), but the best lower bound is {$Ømega$}(n2/logn). Indeed, the exponential share size is a direct result of the fact that in all known secret-sharing schemes, the share size grows with the size of a circuit (or formula, or monotone span program) for F. Indeed, several researchers have suggested the existence of a representation size barrier which implies that the right answer is closer to the upper bound, namely, 2n-o(n). In this work, we overcome this barrier by constructing a secret sharing scheme for any access structure with shares of size 20.994n and a linear secret sharing scheme for any access structure with shares of size 20.999n. As a contribution of independent interest, we also construct a secret sharing scheme with shares of size 2Õ({$\surd$}n) for 2n n/2 monotone access structures, out of a total of 2n n/2{$\cdot$} (1+O(logn/n)) of them. Our construction builds on recent works that construct better protocols for the conditional disclosure of secrets (CDS) problem.

Permissioned Blockchain (PBC) has become a prevalent data structure to ensure that the records are immutable and secure. However, PBC still has significant challenges before it can be realized in different applications. One of such challenges is the overhead of the communication which is required to execute the Byzantine Agreement (BA) protocol that is needed for consensus building. As such, it may not be feasible to implement PBC for resource constrained environments such as Internet-of-Things (IoT). In this paper, we assess the communication overhead of running BA in an IoT environment that consists of wireless nodes (e.g., Raspberry PIs) with meshing capabilities. As the the packet loss ratio is significant and makes BA unfeasible to scale, we propose a network coding based approach that will reduce the packet overhead and minimize the consensus completion time of the BA. Specifically, various network coding approaches are designed as a replacement to TCP protocol which relies on unicasting and acknowledgements. The evaluation on a network of Raspberry PIs demonstrates that our approach can significantly improve scalability making BA feasible for medium size IoT networks.

Membership revocation is essential for cryptographic applications, from traditional PKIs to group signatures and anonymous credentials. Of the various solutions for the revocation problem that have been explored, dynamic accumulators are one of the most promising. We propose Braavos, a new, RSA-based, dynamic accumulator. It has optimal communication complexity and, when combined with efficient zero-knowledge proofs, provides an ideal solution for anonymous revocation. For the construction of Braavos we use a modular approach: we show how to build an accumulator with better functionality and security from accumulators with fewer features and weaker security guarantees. We then describe an anonymous revocation component (ARC) that can be instantiated using any dynamic accumulator. ARC can be added to any anonymous system, such as anonymous credentials or group signatures, in order to equip it with a revocation functionality. Finally, we implement ARC with Braavos and plug it into Idemix, the leading implementation of anonymous credentials. This work resolves, for the first time, the problem of practical revocation for anonymous credential systems.

We set up a framework for the formal proofs of RFID protocols in the computational model. We rely on the so-called computationally complete symbolic attacker model. Our contributions are: 1) to design (and prove sound) axioms reflecting the properties of hash functions (Collision-Resistance, PRF). 2) to formalize computational unlinkability in the model. 3) to illustrate the method, providing the first formal proofs of unlinkability of RFID protocols, in the omputational model.

We study coding schemes for multiparty interactive communication over synchronous networks that suffer from stochastic noise, where each bit is independently flipped with probability ε. We analyze the minimal overhead that must be added by the coding scheme in order to succeed in performing the computation despite the noise. Our main result is a lower bound on the communication of any noise-resilient protocol over a synchronous star network with n-parties (where all parties communicate in every round). Specifically, we show a task that can be solved by communicating T bits over the noise-free network, but for which any protocol with success probability of 1-o(1) must communicate at least Ω(T log n / log log n) bits when the channels are noisy. By a 1994 result of Rajagopalan and Schulman, the slowdown we prove is the highest one can obtain on any topology, up to a log log n factor. We complete our lower bound with a matching coding scheme that achieves the same overhead; thus, the capacity of (synchronous) star networks is Θ(log log n / log n). Our bounds prove that, despite several previous coding schemes with rate Ω(1) for certain topologies, no coding scheme with constant rate Ω(1) exists for arbitrary n-party noisy networks.

We study the problem of approximate nearest neighbor search in \$d\$-dimensional Hamming space \0,1\d. We study the complexity of the problem in the famous cell-probe model, a classic model for data structures. We consider algorithms in the cell-probe model with limited adaptivity, where the algorithm makes k rounds of parallel accesses to the data structure for a given k. For any k ≥ 1, we give a simple randomized algorithm solving the approximate nearest neighbor search using k rounds of parallel memory accesses, with O(k(log d)1/k) accesses in total. We also give a more sophisticated randomized algorithm using O(k+(1/k log d)O(1/k)) memory accesses in k rounds for large enough k. Both algorithms use data structures of size polynomial in n, the number of points in the database. We prove an Ω(1/k(log d)1/k) lower bound for the total number of memory accesses required by any randomized algorithm solving the approximate nearest neighbor search within k ≤ (log log d)/(2 log log log d) rounds of parallel memory accesses on any data structures of polynomial size. This lower bound shows that our first algorithm is asymptotically optimal for any constant round k. And our second algorithm approaches the asymptotically optimal tradeoff between rounds and memory accesses, in a sense that the lower bound of memory accesses for any k1 rounds can be matched by the algorithm within k2=O(k1) rounds. In the extreme, for some large enough k=Θ((log log d)/(log log log d)), our second algorithm matches the Θ((log log d)/(log log log d)) tight bound for fully adaptive algorithms for approximate nearest neighbor search due to Chakrabarti and Regev.

Designing a centralised group key management with minimal computation complexity to support dynamic secure multicast communication is a challenging issue in secure multimedia multicast. In this study, the authors propose a Chinese remainder theorem-based group key management scheme that drastically reduces computation complexity of the key server. The computation complexity of key server is reduced to O(1) in this proposed algorithm. Moreover, the computation complexity of group member is also minimised by performing one modulo division operation when a user join or leave operation is performed in a multicast group. The proposed algorithm has been implemented and tested using a key-star-based key management scheme and has been observed that this proposed algorithm reduces the computation complexity significantly.