authentication codes
play

Authentication Codes Chris Culnane, David Bismark , James Heather, - PowerPoint PPT Presentation

Mar 04, 2024 •132 likes •455 views

Authentication Codes Chris Culnane, David Bismark , James Heather, Steve Schneider, Sriramkrishnan Srinivasan, and Zhe Xia Trustworthy Voting Systems Project Overview Introduction to Prt Voter Importance of Digital Signatures

  1. Authentication Codes Chris Culnane, David Bismark , James Heather, Steve Schneider, Sriramkrishnan Srinivasan, and Zhe Xia Trustworthy Voting Systems Project

  2. Overview • Introduction to Prêt à Voter • Importance of Digital Signatures • Human Verifiable Codes • Authentication Codes • Short Code Variant • Future Work

  3. Introduction to Prêt à Voter 1 3 2

  5. Human Verifiable Codes • Acknowledgement Codes in PGD • Matrix of codes • New simpler approach proposed

  6. Authentication Codes • Universal front-end for both ranked and plurality elections • Simple to use • Provides assurance that vote has been recorded as cast • Verification, and any challenge, is performed in the polling station

  7. Assumptions • Peered Web Bulletin Board • Trusted Election Manager • Chain of custody

  8. Overview

  9. Election Manager • Notation – n = number of candidates – m = preference range (n in ranked elections, 1 in plurality elections) – φ denotes blank spaces • Take values between 0 and m , along with one φ • Randomly permute and concatenate, n times • The following example uses n =4

  10. Election Manager • Extract locations of φ [3,7,17,19] • Replace φ with zero • Create Authentication Values – Zero value with a 1 in the location of φ

  11. Election Manager • Locations of φ [3,7,17,19]

  12. Election Manager • The Authentication Values and Authentication Code are encrypted using the shared public key • These encrypted values are sent to each peer

  13. Voter Perspective

  14. WBB Perspective • Receives voting preferences [3,1,2,0] • Each peer, independently, constructs Authentication Code from encrypted values and decrypts • Partial decryptions from peers are combined and plaintext returned to voter

  15. Scaling [3,1,2,0]

  16. Addition

  17. Decryption • Each peer performs partial decryption and provides proof of decryption • Each peer should have reconstructed exactly the same value to perform the decryption on • Valid partial decryptions are combined and plaintext Authentication Code is returned to the voter

  18. Summary • Easy user interface • Intuitive how preference is blinded • Code length grows quadratically with n

  19. Short Code Variant • Reduce to linear growth • Shorten initial code • Additional level of indirection • Code Length is given by: • Where n is the number of candidates and p is 1/ p probability of guessing location • ½ probability -> p =2, if n =4 • 4+(2-1)(4+1) = 9

  20. Short Code – Voter Perspective

  21. Short Code Election Manager • Notation – n = number of candidates – m = preference range ( n in ranked elections, 1 in plurality elections) – φ denotes blank spaces • Take values between 0 and m , along with n φ • Randomly permute • The following example uses n =4

  22. Short Code Election Manager • Extract locations of φ [1,4,7,9] • Replace φ with zero • Create Authentication Values – Zero value with a 1 in the location of φ

  23. Short Code Election Manager • Locations of φ [1,4,7,9]

  24. Short Code Election Manager • The Authentication Values and Authentication Code are encrypted using the shared public key • Each value is associated with a set of n labels in canonical order

  25. Short Code Election Manager • Create indirection by randomly permuting labels • The permuted list of letters is printed on the Authentication Strip

  26. Short Code Election Manager • Re-order Authentication Values according to canonical order of labels • These values are sent to the WBB peers

  27. WBB Perspective • Identical to full length scheme

  28. Summary • Same level of security by using an additional level of indirection • More work for the voter – Once a voter has destroyed their left hand side they can be assisted in filling in the Authentication Strip without breaking secrecy

  29. Further Discussion • Since the unverified digital signature does not provide the properties we desire, can we remove it and in doing so remove the need to check the WBB? • There is an additional chain of custody burden for the Authentication Strip – There is already a chain of custody for the ballot form (in terms of privacy)

  30. Future Work • Out of band construction of Authentication Strip – Removes chain of custody problem – Possibly increases coercion? • How to audit Authentication Strips • How can Authentication Strips be used during the Prêt à Voter ballot form audit

  31. QUESTIONS?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

References Message Authentication Codes (MACs) Message Authentication Codes (MACs), Chapter

References Message Authentication Codes (MACs) Message Authentication Codes (MACs), Chapter

Message Authentication Codes (MACs) Message Authentication Codes (MACs) References Message Authentication Codes (MACs) Message Authentication Codes (MACs), Chapter 12 of Understanding Cryptography by Paar & Pelzl Jim Royer Message

224 views • 3 slides
Aggregate Message Authentication Codes with Detecting Functionality from Biorthogonal Codes

Aggregate Message Authentication Codes with Detecting Functionality from Biorthogonal Codes

IEEE IS IE ISIT IT 20 2020 Aggregate Message Authentication Codes with Detecting Functionality from Biorthogonal Codes Yoshinori Ogawa *, Shingo Sato** Junji Shikata*, Hideki Imai*** *Yokohama National University, Japan **NICT, Japan

254 views • 13 slides
Data Integrity & Authentication Message Authentication Codes (MACs) Goal Ensure integrity

Data Integrity & Authentication Message Authentication Codes (MACs) Goal Ensure integrity

Data Integrity & Authentication Message Authentication Codes (MACs) Goal Ensure integrity of messages, even in presence of an active adversary who sends own messages. Alice Bob (sender) (reciever) Fran (forger) Remark: Authentication

450 views • 31 slides
Message Authentication Codes Digital Signatures Lecture 11 Shafi Goldwasser Authentication

Message Authentication Codes Digital Signatures Lecture 11 Shafi Goldwasser Authentication

Message Authentication Codes Digital Signatures Lecture 11 Shafi Goldwasser Authentication Problem Bob Alice k k message M Eve is Active: Can alter messages Can insert new messages Authentication Problem Secrecy is not the only

553 views • 37 slides
Crypto Conclusion (maybe) Message Authentication Codes Key Management Fall 2018 CS 334:

Crypto Conclusion (maybe) Message Authentication Codes Key Management Fall 2018 CS 334:

Crypto Conclusion (maybe) Message Authentication Codes Key Management Fall 2018 CS 334: Computer Security 1 Message Authentication message authentication is concerned with: protecting the integrity of a message Confirming

512 views • 48 slides
Crypto Conclusion Message Authentication Codes Key Management Fall 2012 CS 334: Computer

Crypto Conclusion Message Authentication Codes Key Management Fall 2012 CS 334: Computer

Crypto Conclusion Message Authentication Codes Key Management Fall 2012 CS 334: Computer Security 1 Message Authentication message authentication is concerned with: protecting the integrity of a message Confirming identity of

982 views • 46 slides
Hash Functions, Message Authentication Codes Ahmet Burak Can Hacettepe University

Hash Functions, Message Authentication Codes Ahmet Burak Can Hacettepe University

Hash Functions, Message Authentication Codes Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr 1 Information Security Security Services Confidentiality : Symmetric encryption solves Integrity Authentication

272 views • 14 slides
CPSC 418/MATH 318 Introduction to Cryptography Message Authentication Codes Randy Yee

CPSC 418/MATH 318 Introduction to Cryptography Message Authentication Codes Randy Yee

CPSC 418/MATH 318 Introduction to Cryptography Message Authentication Codes Randy Yee Department of Computer Science University of Calgary March 4, 2020 Outline Password hashing 1 SHA-3 2 Design strategy Details MACs 3 Properties of

519 views • 39 slides
Quantum-Secure Message Authentication Codes Dan Boneh and Mark

Quantum-Secure Message Authentication Codes Dan Boneh and Mark

Quantum-Secure Message Authentication Codes Dan Boneh and Mark Zhandry Stanford University 1/19 Classical Chosen Message Attack (CMA) m i i = S ( k, m i )

658 views • 19 slides
On the design of message-authentication codes D. J. Bernstein University of Illinois at Chicago

On the design of message-authentication codes D. J. Bernstein University of Illinois at Chicago

On the design of message-authentication codes D. J. Bernstein University of Illinois at Chicago When we design hash functions, stream ciphers, and other secret-key primitives, should we use integer multiplication? AES uses 32 ; 32 ! 32 xor;

634 views • 39 slides
Message Authentication Codes Auth. with MAC Security Algorithms CSS441: Security and

Message Authentication Codes Auth. with MAC Security Algorithms CSS441: Security and

CSS441 Introduction Functions Auth. with Encryption Message Authentication Codes Auth. with MAC Security Algorithms CSS441: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by

673 views • 21 slides
On the design of When we design message-authentication codes hash functions, stream ciphers,

On the design of When we design message-authentication codes hash functions, stream ciphers,

On the design of When we design message-authentication codes hash functions, stream ciphers, and other secret-key primitives, D. J. Bernstein should we use University of Illinois at Chicago integer multiplication? AES uses 32 32 32

1.76k views • 149 slides
MESSAGE AUTHENTICATION CODES and PRF DOMAIN EXTENSION The goal is to ensure that M really

MESSAGE AUTHENTICATION CODES and PRF DOMAIN EXTENSION The goal is to ensure that M really

Integrity and authenticity MESSAGE AUTHENTICATION CODES and PRF DOMAIN EXTENSION The goal is to ensure that M really originates with Alice and not someone else M has not been modified in transit Mihir Bellare UCSD 1 Mihir Bellare

460 views • 12 slides
Hash Functions, Message Hash Functions, Message Security Services Security Services

Hash Functions, Message Hash Functions, Message Security Services Security Services

Hash Functions, Message Hash Functions, Message Security Services Security Services Authentication Codes Authentication Codes Confidentiality : Symmetric encryption solves Integrity Ahmet Burak Can Authentication Hacettepe

341 views • 4 slides
Cryptography [Message Authentication Codes and Hash Functions] Fall 2017 Franziska (Franzi)

Cryptography [Message Authentication Codes and Hash Functions] Fall 2017 Franziska (Franzi)

CSE 484 / CSE M 584: Computer Security and Privacy Cryptography [Message Authentication Codes and Hash Functions] Fall 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno,

488 views • 24 slides
Cryptography: Symmetric Encryption (finish), Hash Functions, Message Authentication Codes Spring

Cryptography: Symmetric Encryption (finish), Hash Functions, Message Authentication Codes Spring

CSE 484 / CSE M 584: Computer Security and Privacy Cryptography: Symmetric Encryption (finish), Hash Functions, Message Authentication Codes Spring 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann,

529 views • 34 slides
Trans- -Modal Modal Interface Interface Trans Migration Migration Renata Bandelloni, Silvia

Trans- -Modal Modal Interface Interface Trans Migration Migration Renata Bandelloni, Silvia

Trans- -Modal Modal Interface Interface Trans Migration Migration Renata Bandelloni, Silvia Berti, Fabio Patern HIIS Laboratory ISTI-CNR Pisa, Italy Mobile HCI 2004 13 - 16 September 2004 University of Strathclyde, Glasgow, Scotland

156 views • 14 slides
Observables and anomalies in B K ( ) + decays Sam Cunliffe on behalf of the

Observables and anomalies in B K ( ) + decays Sam Cunliffe on behalf of the

Observables and anomalies in B K ( ) + decays Sam Cunliffe on behalf of the LHCb collaboration. [stc09@ic.ac.uk] Frontiers in Fundamental Physics, Aix Marseille Universit e 18th July 2014 Why study rare decays? The LHCb

659 views • 49 slides
Metric Temporal Logic With Counting S.N.Krishna, Khushraj Madnani, Paritosh.K.Pandya February 1,

Metric Temporal Logic With Counting S.N.Krishna, Khushraj Madnani, Paritosh.K.Pandya February 1,

Metric Temporal Logic With Counting S.N.Krishna, Khushraj Madnani, Paritosh.K.Pandya February 1, 2016 S.N.Krishna, Khushraj Madnani, Paritosh.K.Pandya Metric Temporal Logic With Counting Introduction S.N.Krishna, Khushraj Madnani,

1.35k views • 132 slides
Changing Points in APN Functions Nikolay S. Kaleyski (joint work with Lilya Budaghyan, Claude

Changing Points in APN Functions Nikolay S. Kaleyski (joint work with Lilya Budaghyan, Claude

Changing Points in APN Functions Nikolay S. Kaleyski (joint work with Lilya Budaghyan, Claude Carlet and Tor Helleseth) University of Bergen June 18, 2018 Nikolay S. Kaleyski (University of Bergen) Changing Points in APN Functions June 18,

1.14k views • 70 slides
Lecture 10 - Authentication CSE497b - Spring 2007 Introduction Computer and Network Security

Lecture 10 - Authentication CSE497b - Spring 2007 Introduction Computer and Network Security

Lecture 10 - Authentication CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger

332 views • 22 slides
Eclipse GEF DOT Graphviz authoring environment in Eclipse Matthias Wienand works for

Eclipse GEF DOT Graphviz authoring environment in Eclipse Matthias Wienand works for

Eclipse GEF DOT Graphviz authoring environment in Eclipse Matthias Wienand works for project lead on the Eclipse GEF project special interest in programming languages and graphics wienand@itemis.de

486 views • 17 slides
The i-score interactive sequencer an intermedia sequencer for interactive scenarios authoring

The i-score interactive sequencer an intermedia sequencer for interactive scenarios authoring

The i-score interactive sequencer an intermedia sequencer for interactive scenarios authoring Jean-Michal Celerier, Tho de la Hogue LaBRI, Blue Yeti, GMEA January 30, 2016 1 / 20 2 / 20 The problem A lot of tools for entirely fixed

550 views • 32 slides
MathWiki a Web-based Collaborative Authoring Environment for Formal Proofs ICIS colloquium

MathWiki a Web-based Collaborative Authoring Environment for Formal Proofs ICIS colloquium

MathWiki a Web-based Collaborative Authoring Environment for Formal Proofs ICIS colloquium Radboud Universiteit Nijmegen April 21 2008 Herman Geuvers Joint work with Pierre Corbineau, Cezary Kaliszyk, James McKinna, Freek Wiedijk 1 MathWiki:

590 views • 29 slides

More recommend