Revisiting Cryptographic Accumulators, Additional Properties and Relations to Other Primitives

Derler, David; Hanser, Christian; Slamanig, Daniel

doi:10.1007/978-3-319-16715-2_7

Cited by 65 publications

(60 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Compute the interior node h 01 ← H(h 0 h 1 ), then finally r ← H(h 01 h 23 ). 5 Given an Ω ordered list of certificates it is trivial to locate where a subject's wild-card matches are: binary search to find the index of an exact match (if any), then up to t matches follow in order. This is not the only way to find the right range and matches.…”

Section: Authenticated Wild-card Queriesmentioning

confidence: 99%

See 1 more Smart Citation

Verifiable Light-Weight Monitoring for Certificate Transparency Logs

Dahlberg

Pulls

2018

Secure IT Systems

View full text Add to dashboard Cite

Trust in publicly verifiable Certificate Transparency (CT) logs is reduced through cryptography, gossip, auditing, and monitoring. The role of a monitor is to observe each and every log entry, looking for suspicious certificates that interest the entity running the monitor. While anyone can run a monitor, it requires continuous operation and copies of the logs to be inspected. This has lead to the emergence of monitoring as-a-service: a trusted third-party runs the monitor and provides registered subjects with selective certificate notifications. We present a CT/bis extension for verifiable light-weight monitoring that enables subjects to verify the correctness of such certificate notifications, making it easier to distribute and reduce the trust which is otherwise placed in these monitors. Our extension supports verifiable monitoring of wild-card domains and piggybacks on CT's existing gossip-audit security model.

show abstract

Section: Authenticated Wild-card Queriesmentioning

confidence: 99%

“…Earlier work related to transparent certificate and key management often use dynamic authenticated dictionaries [3,5,7,10]. CONIKS maps a user's mail address to her public key in a binary Merkle prefix tree, and after each update a client self-monitors her own key-binding by fetching an exact-match (non-)membership proof [14].…”

Section: Related Workmentioning

confidence: 99%

Verifiable Light-Weight Monitoring for Certificate Transparency Logs

Dahlberg

Pulls

2018

Secure IT Systems

View full text Add to dashboard Cite

show abstract

“…The intuition is that two parties may resort to some cryptographic primitives in order to identify the membership of them. More specifically, two parties may request an accumulator, a one-way function (Derler et al 2015), with probability ψ > 0 so as to enforce cooperation before they exchange their shares. The function of the accumulator is to proving a membership without leaking information with respect to any individual members.…”

Section: A Random Solution For the Proposed Attacking Modelmentioning

confidence: 99%

Incentive-driven attacker for corrupting two-party protocols

et al. 2018

View full text Add to dashboard Cite

Adversaries in two-party computation may sabotage a protocol, leading to possible collapse of the information security management. In practice, attackers often breach security protocols with specific incentives. For example, attackers manage to reap additional rewards by sabotaging computing tasks between two clouds. Unfortunately, most of the existing research works neglect this aspect when discussing the security of protocols. Furthermore, the construction of corrupting two parties is also missing in two-party computation. In this paper, we propose an incentive-driven attacking model where the attacker leverages corruption costs, benefits and possible consequences. We here formalize the utilities used for two-party protocols and the attacker(s), taking into account both corruption costs and attack benefits. Our proposed model can be considered as the extension of the seminal work presented by Groce and Katz (Annual international conference on the theory and applications of cryptographic techniques, Springer, Berlin, pp [81][82][83][84][85][86][87][88][89][90][91][92][93][94][95][96][97][98] 2012), while making significant contribution in addressing the corruption of two parties in two-party protocols. To the best of our knowledge, this is the first time to model the corruption of both parties in two-party protocols.

show abstract

“…Solutions could involve private information retrieval as [27] or oblivious transfer, but a scalable use of these protocols for MUSE remains to be found; another option could be based on a construction akin to cryptographic accumulators (see [10] for a good overview of the topic) where the CSP has no choice but to process an encrypted index as a single, indivisible entity.…”

Section: Countermeasures and Future Workmentioning

confidence: 99%

A Leakage-Abuse Attack Against Multi-User Searchable Encryption

Rompay

Molva

Önen

2017

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Searchable Encryption (SE) allows a user to upload data to the cloud and to search it in a remote fashion while preserving the privacy of both the data and the queries. Recent research results describe attacks on SE schemes using the access pattern, denoting the ids of documents matching search queries, which most SE schemes reveal during query processing. However SE schemes usually leak more than just the access pattern, and this extra leakage can lead to attacks (much) more harmful than the ones using basic access pattern leakage only. We remark that in the special case of Multi-User Searchable Encryption (MUSE), where many users upload and search data in a cloud-based infrastructure, a large number of existing solutions have a common leakage in addition to the well-studied access pattern leakage. We show that this seemingly small extra leakage allows a very simple yet powerful attack, and that the privacy degree of the affected schemes have been overestimated. We also show that this new vulnerability affects existing software. Finally we formalize the newly identified leakage profile and show how it relates to previously defined ones.

show abstract

Revisiting Cryptographic Accumulators, Additional Properties and Relations to Other Primitives

Cited by 65 publications

References 32 publications

Verifiable Light-Weight Monitoring for Certificate Transparency Logs

Verifiable Light-Weight Monitoring for Certificate Transparency Logs

Incentive-driven attacker for corrupting two-party protocols

A Leakage-Abuse Attack Against Multi-User Searchable Encryption

Contact Info

Product

Resources

About