PAG: Private and Accountable Gossip

Decouchant, Jérémie; Mokhtar, Sonia Ben; Petit, Albin; Quéma, Vivien

doi:10.1109/icdcs.2016.34

Cited by 8 publications

(20 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The duck attack is named after the duck test 1 and it can be summarized as follows: if you provide me the cryptographic digest H (m) of a message m, then it probably means that you know H (m) and the message m. Note that, this is outrightly false because concluding that you know m from the fact that you know H (m) is incorrect. We find this logical flaw in PAG [DMPQ16] and AcTinG [MDQ14a]. In a duck attack, the colluding nodes execute the protocol without exchanging the messages.…”

Section: Contributionsmentioning

confidence: 92%

“…In Section 2, we discuss the threat model and colluding adversaries. We first demonstrate the power of the duck attack on PAG [DMPQ16] (Section 3). In Section 4, we also illustrate the duck attack on AcTinG a protocol which inherits the secure log system of PeerReview [HKD07].…”

Section: Contributionsmentioning

confidence: 99%

“…PAG [DMPQ16] has been designed to provide accountability to fight both individual malicious nodes and malicious colluding nodes in gossip-based message dissemination schemes, where nodes periodically exchange data chunks with randomly chosen nodes [KMG03, BMM + 08]. In addition, it provides privacy guarantees for the messages provided by the nodes.…”

Section: Duck Attack On Pag (And More)mentioning

confidence: 99%

“…LiFTinG [GHK + 10] uses cross checking and statistical analysis. Finally, AcTinG [MDQ14a] and PAG [DMPQ16] rely on cryptography to ensure that nodes' actions are bound, nonrepudiable, tamper-evident and verifiable [YC04,YC05]. This last category of solutions is the focus of our work.…”

Section: Introductionmentioning

confidence: 99%

“…This last category of solutions is the focus of our work. We analyze the security provided by AcTinG [MDQ14a] and PAG [DMPQ16] and discover a new attack.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Duck Attack on Accountable Distributed Systems

Kumar¹,

Lafourcade²,

Lauradoux³

2018

Proceedings of the 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services

View full text Add to dashboard Cite

Accountability plays a key role in dependable distributed systems. It allows to detect, isolate and churn malicious/selfish nodes that deviate from a prescribed protocol. To achieve these properties, several accountable systems use at their core cryptographic primitives that produce non-repudiable evidence of inconsistent or incorrect behavior. In this paper, we show how colluding adversaries can exploit the use of cryptographic digests in accountability protocols to mount what we call a duck attack. In a duck attack, colluding adversaries exploit the use of cryptographic digests to alter the transmission of messages while still looking honest: selfish behaviors remain undetected. We first discover the duck attack while analyzing PAG -a custom cryptographic protocol for accountable systems presented at ICDCS 2016. We later discover that accountable distributed systems based on tamper-evident log are also vulnerable to the duck attack and apply it on AcTinG -a protocol presented at SRDS 2014. To defeat our attack, we modify the commonly used hash-based log structure to have high-order dependency level between the authenticators and the messages stored in the log.

show abstract

Section: Contributionsmentioning

confidence: 92%

Section: Contributionsmentioning

confidence: 99%

Section: Duck Attack On Pag (And More)mentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

“…This last category of solutions is the focus of our work. We analyze the security provided by AcTinG [MDQ14a] and PAG [DMPQ16] and discover a new attack.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Duck Attack on Accountable Distributed Systems

Kumar¹,

Lafourcade²,

Lauradoux³

2018

Proceedings of the 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services

View full text Add to dashboard Cite

show abstract

Reinforced Secure Gossiping Against DoS Attacks in Post-Disaster Scenarios

2020

View full text Add to dashboard Cite

show abstract

Practical Byzantine Reliable Broadcast on Partially Connected Networks

Bonomi

Decouchant

Farina

et al. 2021

2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS)

Self Cite

View full text Add to dashboard Cite

Where a licence is displayed above, please note the terms and conditions of the licence govern your use of this document.When citing, please reference the published version. Take down policy While the University of Birmingham exercises care and attention in making items available there are rare occasions when an item has been uploaded in error or has been deemed to be commercially or otherwise sensitive.

show abstract

PAG: Private and Accountable Gossip

Cited by 8 publications

References 27 publications

Duck Attack on Accountable Distributed Systems

Duck Attack on Accountable Distributed Systems

Reinforced Secure Gossiping Against DoS Attacks in Post-Disaster Scenarios

Practical Byzantine Reliable Broadcast on Partially Connected Networks

Contact Info

Product

Resources

About