Visible to the public Biblio

Filters: Keyword is anonymous messaging  [Clear All Filters]
2021-05-13
Feng, Liu, Jie, Yang, Deli, Kong, Jiayin, Qi.  2020.  A Secure Multi-party Computation Protocol Combines Pederson Commitment with Schnorr Signature for Blockchain. 2020 IEEE 20th International Conference on Communication Technology (ICCT). :57—63.

Blockchain is being pursued by a growing number of people with its characteristics of openness, transparency, and decentralization. At the same time, how to secure privacy protection in such an open and transparent ledger is an urgent issue to be solved for deep study. Therefore, this paper proposes a protocol based on Secure multi-party computation, which can merge and sign different transaction messages under the anonymous condition by using Pedersen commitment and Schnorr Signature. Through the rationality proof and security analysis, this paper demonstrates the private transaction is safe under the semi-honest model. And its computational cost is less than the equivalent multi-signature model. The research has made some innovative contributions to the privacy computing theory.

Guan, Bo, Takbiri, Nazanin, Goeckel, Dennis L., Houmansadr, Amir, Pishro-Nik, Hossein.  2020.  Sequence Obfuscation to Thwart Pattern Matching Attacks. 2020 IEEE International Symposium on Information Theory (ISIT). :884—889.

Suppose we are given a large number of sequences on a given alphabet, and an adversary is interested in identifying (de-anonymizing) a specific target sequence based on its patterns. Our goal is to thwart such an adversary by obfuscating the target sequences by applying artificial (but small) distortions to its values. A key point here is that we would like to make no assumptions about the statistical model of such sequences. This is in contrast to existing literature where assumptions (e.g., Markov chains) are made regarding such sequences to obtain privacy guarantees. We relate this problem to a set of combinatorial questions on sequence construction based on which we are able to obtain provable guarantees. This problem is relevant to important privacy applications: from fingerprinting webpages visited by users through anonymous communication systems to linking communicating parties on messaging applications to inferring activities of users of IoT devices.

Wu, Xiaohe, Xu, Jianbo, Huang, Weihong, Jian, Wei.  2020.  A new mutual authentication and key agreement protocol in wireless body area network. 2020 IEEE International Conference on Smart Cloud (SmartCloud). :199—203.

Due to the mobility and openness of wireless body area networks (WBANs), the security of WBAN has been questioned by people. The patient's physiological information in WBAN is sensitive and confidential, which requires full consideration of user anonymity, untraceability, and data privacy protection in key agreement. Aiming at the shortcomings of Li et al.'s protocol in terms of anonymity and session unlinkability, forward/backward confidentiality, etc., a new anonymous mutual authentication and key agreement protocol was proposed on the basis of the protocol. This scheme only uses XOR and the one-way hash operations, which not only reduces communication consumption but also ensures security, and realizes a truly lightweight anonymous mutual authentication and key agreement protocol.

Madanchi, Mehdi, Abolhassani, Bahman.  2020.  Authentication and Key Agreement Based Binary Tree for D2D Group Communication. 2020 28th Iranian Conference on Electrical Engineering (ICEE). :1—5.

Emerging device-to-device (D2D) communication in 5th generation (5G) mobile communication networks and internet of things (loTs) provides many benefits in improving network capabilities such as energy consumption, communication delay and spectrum efficiency. D2D group communication has the potential for improving group-based services including group games and group discussions. Providing security in D2D group communication is the main challenge to make their wide usage possible. Nevertheless, the issue of security and privacy of D2D group communication has been less addressed in recent research work. In this paper, we propose an authentication and key agreement tree group-based (AKATGB) protocol to realize a secure and anonymous D2D group communication. In our protocol, a group of D2D users are first organized in a tree structure, authenticating each other without disclosing their identities and without any privacy violation. Then, D2D users negotiate to set a common group key for establishing a secure communication among themselves. Security analysis and performance evaluation of the proposed protocol show that it is effective and secure.

Aghabagherloo, Alireza, Mohajeri, Javad, Salmasizadeh, Mahmoud, Feghhi, Mahmood Mohassel.  2020.  An Efficient Anonymous Authentication Scheme Using Registration List in VANETs. 2020 28th Iranian Conference on Electrical Engineering (ICEE). :1—5.

Nowadays, Vehicular Ad hoc Networks (VANETs) are popularly known as they can reduce traffic and road accidents. These networks need several security requirements, such as anonymity, data authentication, confidentiality, traceability and cancellation of offending users, unlinkability, integrity, undeniability and access control. Authentication of the data and sender are most important security requirements in these networks. So many authentication schemes have been proposed up to now. One of the well-known techniques to provide users authentication in these networks is the authentication based on the smartcard (ASC). In this paper, we propose an ASC scheme that not only provides necessary security requirements such as anonymity, traceability and unlinkability in the VANETs but also is more efficient than the other schemes in the literatures.

Camenisch, Jan, Drijvers, Manu, Lehmann, Anja, Neven, Gregory, Towa, Patrick.  2020.  Zone Encryption with Anonymous Authentication for V2V Communication. 2020 IEEE European Symposium on Security and Privacy (EuroS P). :405—424.

Vehicle-to-vehicle (V2V) communication systems are currently being prepared for real-world deployment, but they face strong opposition over privacy concerns. Position beacon messages are the main culprit, being broadcast in cleartext and pseudonymously signed up to 10 times per second. So far, no practical solutions have been proposed to encrypt or anonymously authenticate V2V messages. We propose two cryptographic innovations that enhance the privacy of V2V communication. As a core contribution, we introduce zone-encryption schemes, where vehicles generate and authentically distribute encryption keys associated to static geographic zones close to their location. Zone encryption provides security against eavesdropping, and, combined with a suitable anonymous authentication scheme, ensures that messages can only be sent by genuine vehicles, while adding only 224 Bytes of cryptographic overhead to each message. Our second contribution is an authentication mechanism fine-tuned to the needs of V2V which allows vehicles to authentically distribute keys, and is called dynamic group signatures with attributes. Our instantiation features unlimited locally generated pseudonyms, negligible credential download-and-storage costs, identity recovery by a trusted authority, and compact signatures of 216 Bytes at a 128-bit security level.

Xia, Yusheng, Chen, Rongmao, Su, Jinshu, Pan, Chen, Su, Han.  2020.  Hybrid Routing: Towards Resilient Routing in Anonymous Communication Networks. ICC 2020 - 2020 IEEE International Conference on Communications (ICC). :1—7.

Anonymous communication networks (ACNs) are intended to protect the metadata during communication. As classic ACNs, onion mix-nets are famous for strong anonymity, in which the source defines a static path and wraps the message multi-times with the public keys of nodes on the path, through which the message is relayed to the destination. However, onion mix-nets lacks in resilience when the static on-path mixes fail. Mix failure easily results in message loss, communication failure, and even specific attacks. Therefore, it is desirable to achieve resilient routing in onion mix-nets, providing persistent routing capability even though node failure. The state-of-theart solutions mainly adopt mix groups and thus need to share secret keys among all the group members which may cause single point of failure. To address this problem, in this work we propose a hybrid routing approach, which embeds the onion mix-net with hop-by-hop routing to increase routing resilience. Furthermore, we propose the threshold hybrid routing to achieve better key management and avoid single point of failure. As for experimental evaluations, we conduct quantitative analysis of the resilience and realize a local T-hybrid routing prototype to test performance. The experimental results show that our proposed routing strategy increases routing resilience effectively, at the expense of acceptable latency.

Ahmed, Farooq, Li, Xudong, Niu, Yukun, Zhang, Chi, Wei, Lingbo, Gu, Chengjie.  2020.  UniRoam: An Anonymous and Accountable Authentication Scheme for Cross-Domain Access. 2020 International Conference on Networking and Network Applications (NaNA). :198—205.
In recent years, cross-domain roaming through Wi-Fi is ubiquitous, and the number of roaming users has increased dramatically. It is essential to authenticate users belonging to different institutes to ensure network privacy and security. Existing systems, such as eduroam, have centralized and hierarchical structure on indorse accounts that create privacy and security issues. We have proposed UniRoam, a blockchain-based cross-domain authentication scheme that provides accountability and anonymity without any trusted authority. Unlike traditional centralized approaches, UniRoam provides access authentication for its servers and users to provide anonymity and accountability without any privacy leakage issues efficiently. By using the sovrin identifier as an anonymous identity, we integrate our system with Hyperledger and Intel SGX to authenticate users that preserves both anonymity and trust when the user connects to the network. Therefore, UniRoam is highly “faulted-tolerant” to deal with different attacks and provides an effective solution that can be deployed easily in different environments.
Whaiduzzaman, Md, Oliullah, Khondokar, Mahi, Md. Julkar Nayeen, Barros, Alistair.  2020.  AUASF: An Anonymous Users Authentication Scheme for Fog-IoT Environment. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1—7.
Authentication is a challenging and emerging issue for Fog-IoT security paradigms. The fog nodes toward large-scale end-users offer various interacted IoT services. The authentication process usually involves expressing users' personal information such as username, email, and password to the Authentication Server (AS). However, users are not intended to express their identities or information over the fog or cloud servers. Hence, we have proposed an Anonymous User Authentication Scheme for Fog-IoT (AUASF) to keep the anonymity existence of the IoT users and detect the intruders. To provide anonymity, the user can send encrypted credentials such as username, email, and mobile number through the Cloud Service Provider (CSP) for registration. IoT user receives the response with a default password and a secret Id from the CSP. After that, the IoT user submits the default password for first-time access to Fog Service Provider (FSP). The FSP assigns a One Time Password (OTP) to each user for further access. The developed scheme is equipped with hash functions, symmetric encryptions, and decryptions for security perceptions across fog that serves better than the existing anonymity schemes.
Zhang, Mingyue, Zhou, Junlong, Cao, Kun, Hu, Shiyan.  2020.  Trusted Anonymous Authentication For Vehicular Cyber-Physical Systems. 2020 International Conferences on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) and IEEE Congress on Cybermatics (Cybermatics). :37—44.
In vehicular cyber-physical systems, the mounted cameras on the vehicles, together with the fixed roadside cameras, can produce pictorial data for multiple purposes. In this process, ensuring the security and privacy of vehicles while guaranteeing efficient data transmission among vehicles is critical. This motivates us to propose a trusted anonymous authentication scheme for vehicular cyber-physical systems and Internet-of-Things. Our scheme is designed based on a three-tier architecture which contains cloud layer, fog layer, and user layer. It utilizes bilinear-free certificateless signcryption to realize a secure and trusted anonymous authentication efficiently. We verify its effectiveness through theoretical analyses in terms of correctness, security, and efficiency. Furthermore, our simulation results demonstrate that the communication overhead, the computation overhead, and the packet loss rate of the proposed scheme are significantly better than those of the state-of-the-art techniques. Particularly, the proposed scheme can speed up the computation process at least 10× compared to all the state-of-the-art approaches.
2020-08-13
Xu, Ye, Li, Fengying, Cao, Bin.  2019.  Privacy-Preserving Authentication Based on Pseudonyms and Secret Sharing for VANET. 2019 Computing, Communications and IoT Applications (ComComAp). :157—162.
In this paper, we propose a conditional privacy-preserving authentication scheme based on pseudonyms and (t,n) threshold secret sharing, named CPPT, for vehicular communications. To achieve conditional privacy preservation, our scheme implements anonymous communications based on pseudonyms generated by hash chains. To prevent bad vehicles from conducting framed attacks on honest ones, CPPT introduces Shamir (t,n) threshold secret sharing technique. In addition, through two one-way hash chains, forward security and backward security are guaranteed, and it also optimize the revocation overhead. The size of certificate revocation list (CRL) is only proportional to the number of revoked vehicles and irrelated to how many pseudonymous certificates are held by the revoked vehicles. Extensive simulations demonstrate that CPPT outperforms ECPP, DCS, Hybrid and EMAP schemes in terms of revocation overhead, certificate updating overhead and authentication overhead.
Shao, Sicong, Tunc, Cihan, Al-Shawi, Amany, Hariri, Salim.  2019.  One-Class Classification with Deep Autoencoder Neural Networks for Author Verification in Internet Relay Chat. 2019 IEEE/ACS 16th International Conference on Computer Systems and Applications (AICCSA). :1—8.
Social networks are highly preferred to express opinions, share information, and communicate with others on arbitrary topics. However, the downside is that many cybercriminals are leveraging social networks for cyber-crime. Internet Relay Chat (IRC) is the important social networks which can grant the anonymity to users by allowing them to connect channels without sign-up process. Therefore, IRC has been the playground of hackers and anonymous users for various operations such as hacking, cracking, and carding. Hence, it is urgent to study effective methods which can identify the authors behind the IRC messages. In this paper, we design an autonomic IRC monitoring system, performing recursive deep learning for classifying threat levels of messages and develop a novel author verification approach with one-class classification with deep autoencoder neural networks. The experimental results show that our approach can successfully perform effective author verification for IRC users.
Wang, Liang, Asharov, Gilad, Pass, Rafael, Ristenpart, Thomas, shelat, abhi.  2019.  Blind Certificate Authorities. 2019 IEEE Symposium on Security and Privacy (SP). :1015—1032.
We explore how to build a blind certificate authority (CA). Unlike conventional CAs, which learn the exact identity of those registering a public key, a blind CA can simultaneously validate an identity and provide a certificate binding a public key to it, without ever learning the identity. Blind CAs would therefore allow bootstrapping truly anonymous systems in which no party ever learns who participates. In this work we focus on constructing blind CAs that can bind an email address to a public key. To do so, we first introduce secure channel injection (SCI) protocols. These allow one party (in our setting, the blind CA) to insert a private message into another party's encrypted communications. We construct an efficient SCI protocol for communications delivered over TLS, and use it to realize anonymous proofs of account ownership for SMTP servers. Combined with a zero-knowledge certificate signing protocol, we build the first blind CA that allows Alice to obtain a X.509 certificate binding her email address alice@domain.com to a public key of her choosing without ever revealing “alice” to the CA. We show experimentally that our system works with standard email server implementations as well as Gmail.
Kim, MyeongHyun, Lee, JoonYoung, Yu, SungJin, Park, KiSung, Park, YoHan, Park, YoungHo.  2019.  A Secure Authentication and Key Establishment Scheme for Wearable Devices. 2019 28th International Conference on Computer Communication and Networks (ICCCN). :1—2.
With the rapid development of micro-electronics and Information and Communication Technology (ICT), users can utilize various service such as Internet of Things(IoT), smart-healthcare and smart-home using wearable devices. However, the sensitive information of user are revealed by attackers because the medical services are provided through open channel. Therefore, secure mutual authentication and key establishment are essential to provide secure services for legitimate users in Wireless Body Area Networks(WBAN). In 2019, Gupta et al. proposed a lightweight anonymous user authentication and key establishment scheme for wearable devices. We demonstrate that their scheme cannot withstand user impersonation, session key disclosure and wearable device stolen attacks. We also propose a secure and lightweight mutual authentication and key establishment scheme using wearable devices to resolve the security shortcomings of Gupta et al.'s scheme. The proposed scheme can be suitable to resource-limited environments.
Huang, Qinlong, Li, Nan, Zhang, Zhicheng, Yang, Yixian.  2019.  Secure and Privacy-Preserving Warning Message Dissemination in Cloud-Assisted Internet of Vehicles. 2019 IEEE Conference on Communications and Network Security (CNS). :1—8.

Cloud-assisted Internet of Vehicles (IoV)which merges the advantages of both cloud computing and Internet of Things that can provide numerous online services, and bring lots of benefits and conveniences to the connected vehicles. However, the security and privacy issues such as confidentiality, access control and driver privacy may prevent it from being widely utilized for message dissemination. Existing attribute-based message encryption schemes still bring high computational cost to the lightweight vehicles. In this paper, we introduce a secure and privacy-preserving dissemination scheme for warning message in cloud-assisted IoV. Firstly, we adopt attribute-based encryption to protect the disseminated warning message, and present a verifiable encryption and decryption outsourcing construction to reduce the computational overhead on vehicles. Secondly, we present a conditional privacy preservation mechanism which utilizes anonymous identity-based signature technique to ensure anonymous vehicle authentication and message integrity checking, and also allows the trusted authority to trace the real identity of malicious vehicle. We further achieve batch verification to improve the authentication efficiency. The analysis indicate that our scheme gains more security properties and reduces the computational overhead on the vehicles.

Li, Xincheng, Liu, Yali, Yin, Xinchun.  2019.  An Anonymous Conditional Privacy-Preserving Authentication Scheme for VANETs. 2019 IEEE 21st International Conference on High Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS). :1763—1770.
Vehicular ad hoc networks (VANETs) have been growing rapidly because it can improve traffic safety and efficiency in transportation. In VANETs, messages are broadcast in wireless environment, which is vulnerable to be attacked in many ways. Accordingly, it is essential to authenticate the legitimation of vehicles to guarantee the performance of services. In this paper, we propose an anonymous conditional privacy-preserving authentication scheme based on message authentication code (MAC) for VANETs. With verifiable secret sharing (VSS), vehicles can obtain a group key for message generation and authentication after a mutual authentication phase. Security analysis and performance evaluation show that the proposed scheme satisfies basic security and privacy-preserving requirements and has a better performance compared with some existing schemes in terms of computational cost and communication overhead.
Nosouhi, Mohammad Reza, Yu, Shui, Sood, Keshav, Grobler, Marthie.  2019.  HSDC–Net: Secure Anonymous Messaging in Online Social Networks. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :350—357.
Hiding contents of users' messages has been successfully addressed before, while anonymization of message senders remains a challenge since users do not usually trust ISPs and messaging application providers. To resolve this challenge, several solutions have been proposed so far. Among them, the Dining Cryptographers network protocol (DC-net) provides the strongest anonymity guarantees. However, DC-net suffers from two critical issues that makes it impractical, i.e., (1) collision possibility and (2) vulnerability against disruptions. Apart from that, we noticed a third critical issue during our investigation. (3) DC-net users can be deanonymized after they publish at least three messages. We name this problem the short stability issue and prove that anonymity is provided only for a few cycles of message publishing. As far as we know, this problem has not been identified in the previous research works. In this paper, we propose Harmonized and Stable DC-net (HSDC-net), a self-organizing protocol for anonymous communications. In our protocol design, we first resolve the short stability issue and obtain SDC-net, a stable extension of DC-net. Then, we integrate the Slot Reservation and Disruption Management sub-protocols into SDC-net to overcome the collision and security issues, respectively. The obtained HSDC-net protocol can also be integrated into blockchain-based cryptocurrencies (e.g. Bitcoin) to mix multiple transactions (belonging to different users) into a single transaction in such a way that the source of each payment is unknown. This preserves privacy of blockchain users. Our prototype implementation shows that HSDC-net achieves low latencies that makes it a practical protocol.
Fan, Chun-I, Tseng, Yi-Fan, Cheng, Chen-Hsi, Kuo, Hsin-Nan, Huang, Jheng-Jia, Shih, Yu-Tse.  2019.  Anonymous Authentication and Key Agreement Protocol for LTE Networks. 2019 2nd International Conference on Communication Engineering and Technology (ICCET). :68—71.
In 2008, 3GPP proposed the Long Term Evolution (LTE) in version 8. The standard is used in high-speed wireless communication standard for mobile terminal in telecommunication. It supports subscribers to access internet via specific base station after authentication. These authentication processes were defined in standard TS33.401 and TS33.102 by 3GPP. Authenticated processing standard inherits the authentication and key agreement protocol in RFC3310 and has been changed into authenticated scheme suitable for LTE. In the origin LTE authenticated scheme, subscribers need to transfer its International Mobile Subscriber Identity (IMSI) with plaintext. The IMSI might be intercepted and traced by fake stations. In this work, we propose a new scheme with a pseudo IMSI so that fake stations cannot get the real IMSI and trace the subscriber. The subscriber can keep anonymous and be confirmed by the base station for the legality. The pseudo identity is unlinkable to the subscriber. Not only does the proposed scheme enhance the security but also it just has some extra costs for signature generation and verification as compared to the original scheme.
2020-07-10
Yang, Ying, Yu, Huanhuan, Yang, Lina, Yang, Ming, Chen, Lijuan, Zhu, Guichun, Wen, Liqiang.  2019.  Hadoop-based Dark Web Threat Intelligence Analysis Framework. 2019 IEEE 3rd Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC). :1088—1091.

With the development of network services and people's privacy requirements continue to increase. On the basis of providing anonymous user communication, it is necessary to protect the anonymity of the server. At the same time, there are many threatening crime messages in the dark network. However, many scholars lack the ability or expertise to conduct research on dark-net threat intelligence. Therefore, this paper designs a framework based on Hadoop is hidden threat intelligence. The framework uses HDFS as the underlying storage system to build a HBase-based distributed database to store and manage threat intelligence information. According to the heterogeneous type of the forum, the web crawler is used to collect data through the anonymous TOR tool. The framework is used to identify the characteristics of key dark network criminal networks, which is the basis for the later dark network research.

2020-05-22
Desmoulins, Nicolas, Diop, Aïda, Rafflé, Yvan, Traoré, Jacques, Gratesac, Josselin.  2019.  Practical Anonymous Attestation-based Pseudonym Schemes for Vehicular Networks. 2019 IEEE Vehicular Networking Conference (VNC). :1—8.

Vehicular communication systems increase traffic efficiency and safety by allowing vehicles to share safety-related information and location-based services. Pseudonym schemes are the standard solutions providing driver/vehicle anonymity, whilst enforcing vehicle accountability in case of liability issues. State-of-the-art PKI-based pseudonym schemes present scalability issues, notably due to the centralized architecture of certificate-based solutions. The first Direct Anonymous Attestation (DAA)-based pseudonym scheme was introduced at VNC 2017, providing a decentralized approach to the pseudonym generation and update phases. The DAA-based construction leverages the properties of trusted computing, allowing vehicles to autonomously generate their own pseudonyms by using a (resource constrained) Trusted Hardware Module or Component (TC). This proposition however requires the TC to delegate part of the (heavy) pseudonym generation computations to the (more powerful) vehicle's On-Board Unit (OBU), introducing security and privacy issues in case the OBU becomes compromised. In this paper, we introduce a novel pseudonym scheme based on a variant of DAA, namely a pre-DAA-based pseudonym scheme. All secure computations in the pre-DAA pseudonym lifecycle are executed by the secure element, thus creating a secure enclave for pseudonym generation, update, and revocation. We instantiate vehicle-to-everything (V2X) with our pre-DAA solution, thus ensuring user anonymity and user-controlled traceability within the vehicular network. In addition, the pre-DAA-based construction transfers accountability from the vehicle to the user, thus complying with the many-to-many driver/vehicle relation. We demonstrate the efficiency of our solution with a prototype implementation on a standard Javacard (acting as a TC), showing that messages can be anonymously signed and verified in less than 50 ms.

2019-01-31
Liao, Y., Zhou, J., Yang, Y., Ruan, O..  2018.  An Efficient Oblivious Transfer Protocol with Access Control. 2018 13th Asia Joint Conference on Information Security (AsiaJCIS). :29–34.

Due to the rapid development of internet in our daily life, protecting privacy has become a focus of attention. To create privacy-preserving database and prevent illegal user access the database, oblivious transfer with access control (OTAC) was proposed, which is a cryptographic primitive that extends from oblivious transfer (OT). It allows a user to anonymously query a database where each message is protected by an access control policy and only if the user' s attribute satisfy that access control policy can obtain it. In this paper, we propose a new protocol for OTAC by using elliptic curve cryptography, which is more efficient compared to the existing similar protocols. In our scheme, we also preserves user's anonymity and ensures that the user's attribute is not disclosed to the sender. Additionally, our construction guarantees the user to verify the correctness of messages recovered at the end of each transfer phase.

Arfaoui, A., Kribeche, A., Boudia, O. R. M., Letaifa, A. Ben, Senouci, S. M., Hamdi, M..  2018.  Context-Aware Authorization and Anonymous Authentication in Wireless Body Area Networks. 2018 IEEE International Conference on Communications (ICC). :1–7.

With the pervasiveness of the Internet of Things (IoT) and the rapid progress of wireless communications, Wireless Body Area Networks (WBANs) have attracted significant interest from the research community in recent years. As a promising networking paradigm, it is adopted to improve the healthcare services and create a highly reliable ubiquitous healthcare system. However, the flourish of WBANs still faces many challenges related to security and privacy preserving. In such pervasive environment where the context conditions dynamically and frequently change, context-aware solutions are needed to satisfy the users' changing needs. Therefore, it is essential to design an adaptive access control scheme that can simultaneously authorize and authenticate users while considering the dynamic context changes. In this paper, we propose a context-aware access control and anonymous authentication approach based on a secure and efficient Hybrid Certificateless Signcryption (H-CLSC) scheme. The proposed scheme combines the merits of Ciphertext-Policy Attribute-Based Signcryption (CP-ABSC) and Identity-Based Broadcast Signcryption (IBBSC) in order to satisfy the security requirements and provide an adaptive contextual privacy. From a security perspective, it achieves confidentiality, integrity, anonymity, context-aware privacy, public verifiability, and ciphertext authenticity. Moreover, the key escrow and public key certificate problems are solved through this mechanism. Performance analysis demonstrates the efficiency and the effectiveness of the proposed scheme compared to benchmark schemes in terms of functional security, storage, communication and computational cost.

Lyu, C., Pande, A., Zhang, Y., Gu, D., Mohapatra, P..  2018.  FastTrust: Fast and Anonymous Spatial-Temporal Trust for Connected Cars on Expressways. 2018 15th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON). :1–9.

Connected cars have received massive attention in Intelligent Transportation System. Many potential services, especially safety-related ones, rely on spatial-temporal messages periodically broadcast by cars. Without a secure authentication algorithm, malicious cars may send out invalid spatial-temporal messages and then deny creating them. Meanwhile, a lot of private information may be disclosed from these spatial-temporal messages. Since cars move on expressways at high speed, any authentication must be performed in real-time to prevent crashes. In this paper, we propose a Fast and Anonymous Spatial-Temporal Trust (FastTrust) mechanism to ensure these properties. In contrast to most authentication protocols which rely on fixed infrastructures, FastTrust is distributed and mostly designed on symmetric-key cryptography and an entropy-based commitment, and is able to fast authenticate spatial-temporal messages. FastTrust also ensures the anonymity and unlinkability of spatial-temporal messages by developing a pseudonym-varying scheduling scheme on cars. We provide both analytical and simulation evaluations to show that FastTrust achieves the security and privacy properties. FastTrust is low-cost in terms of communication and computational resources, authenticating 20 times faster than existing Elliptic Curve Digital Signature Algorithm.

Kazemi, M., Delavar, M., Mohajeri, J., Salmasizadeh, M..  2018.  On the Security of an Efficient Anonymous Authentication with Conditional Privacy-Preserving Scheme for Vehicular Ad Hoc Networks. Iranian Conference on Electrical Engineering (ICEE). :510–514.

Design of anonymous authentication scheme is one of the most important challenges in Vehicular Ad hoc Networks (VANET). Most of the existing schemes have high computational and communication overhead and they do not meet security requirements. Recently, Azees et al. have introduced an Efficient Anonymous Authentication with Conditional Privacy-Preserving (EAAP) scheme for VANET and claimed that it is secure. In this paper, we show that this protocol is vulnerable against replay attack, impersonation attack and message modification attack. Also, we show that the messages sent by a vehicle are linkable. Therefore, an adversary can easily track the vehicles. In addition, it is shown that vehicles face with some problems when they enter in a new Trusted Authority (TA) range. As a solution, we propose a new authentication protocol which is more secure than EAAP protocol without increasing its computational and communication overhead.

Khodaei, Mohammad, Noroozi, Hamid, Papadimitratos, Panos.  2018.  Privacy Preservation Through Uniformity. Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks. :279–280.

Inter-vehicle communications disclose rich information about vehicle whereabouts. Pseudonymous authentication secures communication while enhancing user privacy thanks to a set of anonymized certificates, termed pseudonyms. Vehicles switch the pseudonyms (and the corresponding private key) frequently; we term this pseudonym transition process. However, exactly because vehicles can in principle change their pseudonyms asynchronously, an adversary that eavesdrops (pseudonymously) signed messages, could link pseudonyms based on the times of pseudonym transition processes. In this poster, we show how one can link pseudonyms of a given vehicle by simply looking at the timing information of pseudonym transition processes. We also propose "mix-zone everywhere": time-aligned pseudonyms are issued for all vehicles to facilitate synchronous pseudonym update; as a result, all vehicles update their pseudonyms simultaneously, thus achieving higher user privacy protection.