integrating daga into the cothority framework and using it
play

Integrating DAGA into the cothority framework and using it to build - PowerPoint PPT Presentation

Jan 19, 2024 •305 likes •929 views

Integrating DAGA into the cothority framework and using it to build a login service DEDIS, EPFL 2018/19 - Lucas Pires Responsible: Prof. Bryan Ford, Dr. Ewa Syta Supervisor: Linus Gasser 1 Integrating DAGA into the cothority framework and

  1. Integrating DAGA into the cothority framework and using it to build a login service DEDIS, EPFL 2018/19 - Lucas Pires Responsible: Prof. Bryan Ford, Dr. Ewa Syta Supervisor: Linus Gasser 1

  2. Integrating DAGA into the cothority framework and using it to build a login service D eniable A nonymous G roup A uthentication • Decentralized Authentication Protocol • Forward-security, etc. more later 2

  3. Motivation / Intro • Authentication Identification and Privacy • ➔ where possible, get rid of identification • ➔ DAGA • GOAL: offer easy way to use DAGA, Login Service 3

  4. Overview • Background / DAGA • Cothority implementation • Authentication delegation • PoC & demo • Conclusion 4

  5. Background / DAGA Big picture Properties Description 5

  6. Background / DAGA – DAGA 6

  7. Background / DAGA – DAGA Entity / user 6

  8. Background / DAGA – DAGA Entity / user Anytrust servers 6

  9. Background / DAGA – Group DAGA Auth. request Entity / user Anytrust servers Decision 6

  10. Background / DAGA – • Completeness • Soundness Group DAGA Auth. request Entity / user Anytrust servers Decision 7

  11. Background / DAGA – • Completeness • Soundness Group • Anonymity DAGA Auth. request Entity / user Anytrust servers Decision 7

  12. Background / DAGA – • Anonymity • Proportionality Group DAGA Auth. request Entity / user Anytrust servers Decision + Linkage Tag 8

  13. Background / DAGA – • Anonymity • Proportionality Group • Deniability DAGA Auth. request Entity / user Anytrust servers Decision + Linkage Tag 9

  14. Background / DAGA – • Anonymity • Proportionality Group • Deniability • Forward security DAGA Auth. request Entity / user Anytrust servers Decision + Linkage Tag 10

  15. Background / DAGA – Build request / client’s protocol Prover Context Verifiers Adapted / redrawn from https://github.com/dedis/student_17/blob/master/pfs_pop/presentation_pfs_pop.pdf 11

  16. Background / DAGA – Build request / client’s protocol Initial tag Prover Context Verifiers Adapted / redrawn from https://github.com/dedis/student_17/blob/master/pfs_pop/presentation_pfs_pop.pdf 11

  17. Background / DAGA – Build request / client’s protocol Initial tag Proof generation Prover ∑ Challenge ∑ commitments Context Distributed randomness / challenge generation Verifiers Adapted / redrawn from https://github.com/dedis/student_17/blob/master/pfs_pop/presentation_pfs_pop.pdf 11

  18. Background / DAGA – Build request / client’s protocol Initial tag Proof generation Prover ∑ Challenge Linkage tag ∑ commitments Request Context (with ∑ responses) Collective proof verification, decision and Distributed randomness Servers’ protocol Tag building / challenge generation Verifiers Adapted / redrawn from https://github.com/dedis/student_17/blob/master/pfs_pop/presentation_pfs_pop.pdf 11

  19. Overview • Background / DAGA • Cothority implementation • Authentication delegation • PoC demo • Conclusion &? Future 12

  20. Cothority Implementation • DAGA Library (continuation of A. Villard’s work) • New Service & Protocols (context generation / challenge generation / DAGA servers’ protocol) • Can run simulations locally and on DETERLab • 80% code coverage • Possible to generate proto files • CLI client 13

  21. Cothority Implementation • DAGA Library (continuation of A. Villard’s work) • New Service & Protocols (context generation / challenge generation / DAGA servers’ protocol) • Can run simulations locally and on DETERLab • 80% code coverage • Possible to generate proto files • CLI client 14

  22. DAGA Cothority 15

  23. Client / 3 rd party service admin Administrative phase 1) Collect public keys of subscribers 2) Build a roster of willing conodes (partnerships or open access nodes) 16

  24. Client / 3 rd party service admin Administrative phase 1) Collect public keys of 3) Call CreateContext( keys , roster ) subscribers 2) Build a roster of willing conodes (partnerships or open access nodes) Context generation protocol Random node Other nodes 16

  25. Client / 3 rd party service admin Administrative phase 1) Collect public keys of 3) Call CreateContext( keys , roster ) subscribers 2) Build a roster of willing conodes Context (partnerships or open access nodes) Context generation protocol New Cothority Random node Other nodes For the new context 16

  26. Build auth. Message M Proof generation Initial tag Entity ∑ Challenge Call PKClient( ∑ commitments, ) DAGA Linkage context tag Call Auth(M, ) challenge generation Servers’ protocol protocol Need to keep state across endpoint calls ➔ avoid by storing it in clients DAGA cothority

  27. Cothority Implementation • DAGA Library (continuation of A. Villard’s work) • New Service & Protocols (context generation / challenge generation / DAGA servers’ protocol) • Can run simulations locally and on DETERLab • 80% code coverage • Possible to generate proto files • CLI client 18

  28. Simulation results – total authentication time Local DETERLab 1) DETERLab Setup: • pc2133 nodes: • Ubuntu 14.04, AMD64 • CPU: 4 @ 2,13 GHz • RAM: 4 GiB Wall time [s] • LAN with 100 ms delay 2) Local Setup: • Debian 9, AMD64 • CPU: 8 @ 2.50GHz Number of group members Number of group members • RAM: 16 GiB 19

  29. Original results and previous student’s results Original paper (2014) Previous student Taken from https://github.com/dedis/student_17/blob/master/pfs_pop/presentation_pfs_pop.pdf 20

  30. Simulation results – total authentication time Local 4 servers Local 16 servers Wall time [s] Number of group members Number of group members 21

  31. Simulation results – total server traffic Previous student’s results ~ Traffic [KiB] 22

  32. Cothority Implementation • DAGA Library (continuation of A. Villard’s work) • New Service & Protocols (context generation / challenge generation / DAGA servers’ protocol) • Can run simulations locally and on DETERLab • 80% code coverage • Possible to generate proto files • CLI client 23

  33. Overview • Background / DAGA • Cothority implementation • Authentication delegation • PoC demo • Conclusion &? Future 24

  34. Authentication delegation Entity / user DAGA cothority 25

  35. Authentication delegation Service Provider Entity / user DAGA cothority 25

  36. Authentication delegation Service Provider Entity / user DAGA cothority 25

  37. Authentication delegation Service Provider Entity / user DAGA cothority Authentication Delegation Protocol 25

  38. RP IdP OpenID connect authentication - “code flow” 26

  39. RP IdP GET rp/login OpenID connect authentication - “code flow” 26

  40. RP IdP GET rp/login REDIRECT IdP/daga_auth GET IdP/daga_auth OpenID connect authentication - “code flow” 26

  41. RP IdP GET rp/login REDIRECT IdP/daga_auth GET IdP/daga_auth OpenID connect 200 authentication page authentication - “code flow” IdP authenticates user-agent REDIRECT rp/callback with code GET rp/callback with code 26

  42. RP IdP GET rp/login REDIRECT IdP/daga_auth GET IdP/daga_auth OpenID connect 200 authentication page authentication - “code flow” IdP authenticates user-agent REDIRECT rp/callback with code GET rp/callback with code POST IdP/token_endpoint with code 200 token 26

  43. RP IdP GET rp/login REDIRECT IdP/daga_auth GET IdP/daga_auth 200 authentication page 27

  44. RP IdP GET rp/login REDIRECT IdP/daga_auth GET IdP/daga_auth 200 authentication page 27

  45. RP IdP GET rp/login REDIRECT IdP/daga_auth GET IdP/daga_auth DAGA client 200 authentication page daemon Browser / WEB UI 27

  46. RP IdP DAGA client daemon Browser / WEB UI 28

  47. RP IdP DAGA client daemon Arguments, context + key Browser / WEB UI 28

  48. RP IdP Call PKClient (commitments) DAGA client Challenge daemon Arguments, context + key Browser / WEB UI 28

  49. RP IdP Call PKClient (commitments) DAGA client Challenge daemon Auth. Msg Arguments, context + key Browser / WEB UI 28

  50. RP IdP Call PKClient (commitments) DAGA client Challenge daemon Auth. Msg Arguments, context + key POST back with Auth. msg Browser / WEB UI 28

  51. RP IdP Call PKClient (commitments) DAGA client Challenge daemon Auth. Msg Arguments, context + key POST back with Auth. msg Browser / Call Auth (Auth. msg) WEB UI Linkage Tag 28

  52. RP IdP Call PKClient (commitments) DAGA client Challenge daemon Auth. Msg Arguments, context + key POST back with Auth. msg Browser / Call Auth (Auth. msg) WEB UI Linkage Tag REDIRECT rp/callback with code GET rp/callback with code 28

  53. RP IdP Call PKClient (commitments) DAGA client Challenge daemon Auth. Msg Arguments, context + key POST back with Auth. msg Browser / Call Auth (Auth. msg) WEB UI Linkage Tag REDIRECT rp/callback with code GET rp/callback with code POST IdP/token_endpoint with code 200 token 28

  54. Demo 29

  55. Conclusion • Democratization of DAGA as anonymous authentication is feasible • Future works: 30

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cothority Mobile: a mobile application to perform distributed tasks using the cothority-framework

Cothority Mobile: a mobile application to perform distributed tasks using the cothority-framework

Cothority Mobile: a mobile application to perform distributed tasks using the cothority-framework Bachelor Project Spring 2017 Romerio Lucio Index Project Overview and Motivation Introduction Architecture Implementation

366 views • 21 slides
Extending the web-frontend for the cothority-framework DEDIS - June 2017 Student: Gaylor Bosson

Extending the web-frontend for the cothority-framework DEDIS - June 2017 Student: Gaylor Bosson

Extending the web-frontend for the cothority-framework DEDIS - June 2017 Student: Gaylor Bosson Supervisor: Linus Gasser 1 Outline Goals Cothority Technologies Architecture Website Inliner Conclusion 2

802 views • 46 slides
rtel : A System for Collaborative Transfer Learning at the Edge Harshit Daga * | Patrick K.

rtel : A System for Collaborative Transfer Learning at the Edge Harshit Daga * | Patrick K.

Ca Cart rtel : A System for Collaborative Transfer Learning at the Edge Harshit Daga * | Patrick K. Nicholson + | Ada Gavrilovska * | Diego Lugones + * Georgia Institute of Technology, + Nokia Bell Labs Multi-access Edge Computing (MEC)

402 views • 22 slides
Cross-over Methodology How does GDA serve as a framework for integrating different species of

Cross-over Methodology How does GDA serve as a framework for integrating different species of

Cross-over Methodology How does GDA serve as a framework for integrating different species of empirical data, compared to other such traditions? Jan Thorhauge Frederiksen, Dep. Of Psychology & Educational Studies, Roskilde University 14.

420 views • 17 slides
Integrating a database migration framework Jeff Trawick January 23, 2020 TriPython Triangle

Integrating a database migration framework Jeff Trawick January 23, 2020 TriPython Triangle

What are migrations? Integrating with deployment Alembic migrations for SQLAlchemy References Integrating a database migration framework Jeff Trawick January 23, 2020 TriPython Triangle Python Users Group What are migrations?

729 views • 44 slides
Cross-Platform Mobile Application for the Cothority Sacha Kozma June 12, 2018 Decentralized and

Cross-Platform Mobile Application for the Cothority Sacha Kozma June 12, 2018 Decentralized and

Cross-Platform Mobile Application for the Cothority Sacha Kozma June 12, 2018 Decentralized and Distributed Systems lab, EPFL Responsible Prof. Bryan Ford Supervisor Linus Gasser 1 5 Conclusion 7 Demo 6 Drawback Presentation BeerCoin

410 views • 40 slides
Application for the Cothority Cedric Maire & Vincent Petri Supervisor Responsible Linus

Application for the Cothority Cedric Maire & Vincent Petri Supervisor Responsible Linus

Cross-Platform Mobile Application for the Cothority Cedric Maire & Vincent Petri Supervisor Responsible Linus Gasser Prof. Bryan Ford Semester Project Decentralized EPFL/DeDiS EPFL/DeDiS and Distributed Fall 2017 Systems Lab

454 views • 18 slides
A Framework for Integrating Heterogeneous Agent Communication Platforms Andrei Olaru

A Framework for Integrating Heterogeneous Agent Communication Platforms Andrei Olaru

A Framework for Integrating Heterogeneous Agent Communication Platforms Andrei Olaru and Adina Magda Florea cs@andreiolaru.ro AI-MAS Group, University Politehnica of Bucharest 23.09.2015 0 / 14 . Andrei Olaru and

560 views • 39 slides
Integrating and Aligning Behavioral Health Initiatives within Your PBIS Framework Dama Abshier,

Integrating and Aligning Behavioral Health Initiatives within Your PBIS Framework Dama Abshier,

Integrating and Aligning Behavioral Health Initiatives within Your PBIS Framework Dama Abshier, PhD Cat Raulerson, Ed.S Katrina Emerich, M.Ed This product was developed by the Florida Positive Behavioral Interventions and FLPBIS Technical

726 views • 49 slides
Towards a framework for integrating digital preservation research Michael Day Digital Curation

Towards a framework for integrating digital preservation research Michael Day Digital Curation

Towards a framework for integrating digital preservation research Michael Day Digital Curation Centre UKOLN, University of Bath http://www.ukoln.ac.uk/ International Conference on Preservation of Digital Objects (iPres), Gttingen, Germany,

553 views • 40 slides
AN OPEN-SOURCE FRAMEWORK FOR INTEGRATING MULTI-SOURCE LAYOUT AND TEXT RECOGNITION TOOLS INTO

AN OPEN-SOURCE FRAMEWORK FOR INTEGRATING MULTI-SOURCE LAYOUT AND TEXT RECOGNITION TOOLS INTO

AN OPEN-SOURCE FRAMEWORK FOR INTEGRATING MULTI-SOURCE LAYOUT AND TEXT RECOGNITION TOOLS INTO SCALABLE OCR WORKFLOWS KAY-MICHAEL WRZNER KONSTANTIN BAIERER 1 . 1 Bibliotheca Baltica 2018 Rostock 2018-10-05 OVERVIEW 1. Why OCR-D 2. The

776 views • 48 slides
Management Framework: Integrating with Strategy and Performance 1 Mission COSOs Mission

Management Framework: Integrating with Strategy and Performance 1 Mission COSOs Mission

Enterprise Risk Management Framework: Integrating with Strategy and Performance 1 Mission COSOs Mission is To provide thought leadership through the development of comprehensive frameworks and guidance on enterprise risk management,

528 views • 32 slides
XT9? XT9? Integrating Integrating and and Operating Operating a a Conjoined XT4 Conjoined X

XT9? XT9? Integrating Integrating and and Operating Operating a a Conjoined XT4 Conjoined X

XT9? XT9? Integrating Integrating and and Operating Operating a a Conjoined XT4 Conjoined X T4+XT5 +XT5 Sy System stem presented by Don Maxwell HPC Systems ORNL Managed by UT-Battelle for the Department of Energy What is a

368 views • 19 slides
SURFnet6 SURFnet6 SURFnet6 Integrating the IP and Optical worlds Integrating the IP and Optical

SURFnet6 SURFnet6 SURFnet6 Integrating the IP and Optical worlds Integrating the IP and Optical

SURFnet6 SURFnet6 SURFnet6 Integrating the IP and Optical worlds Integrating the IP and Optical worlds Integrating the IP and Optical worlds Erik-Jan Bos Director of Network Services SURFnet, The Netherlands TrefPunkt Kiruna, 30-31 mars

1.2k views • 50 slides
A Framework for Integrating Business Processes and Business Requirements Raman Kazhamiakin, Marco

A Framework for Integrating Business Processes and Business Requirements Raman Kazhamiakin, Marco

A Framework for Integrating Business Processes and Business Requirements Raman Kazhamiakin, Marco Pistore, Marco Roveri { raman,pistore } @dit.unitn.it roveri@itc.it DIT, University of Trento, Italy ITC-irst, Trento, Italy EDOC04

687 views • 43 slides
ggim.un.org The Benefits of Coordinating and Integrating Statistical and Geospatial Data within

ggim.un.org The Benefits of Coordinating and Integrating Statistical and Geospatial Data within

ggim.un.org The Benefits of Coordinating and Integrating Statistical and Geospatial Data within the Framework of the 2030 Agenda Fifth Plenary Meeting of UN-GGIM Arab States Tim Trainor Former Co-Chair, UN-GGIM ggim.un.org The Value of

592 views • 45 slides
Thank May 25 th 26 th , 2016

Thank May 25 th 26 th , 2016

01 M etrasat Serving Areas 02 M etrasat Portofolio Business 2005 - 2008 2009 2010 IDR SCPC STM1 DS3 Over T3 & Ethernet dSCPC VSAT IP / TDMA SCPC Low Rate 2012 2011 2013 SOTM VSAT MOBILE VSAT Incline

474 views • 12 slides
Pipeline Safety Management System Journey API RP-1173 Pipeline Safety Management System WUTC

Pipeline Safety Management System Journey API RP-1173 Pipeline Safety Management System WUTC

Pipeline Safety Management System Journey API RP-1173 Pipeline Safety Management System WUTC Safety Seminar: June 6, 2018 Presented by: Jodie D. Lamb, PMP, LEG - Manager, Pipeline Safety Planning Presentation Overview Avista Gas

388 views • 14 slides
Accountability Circles Initiation and Youth Empowerment Evolution of the Accountability Circles

Accountability Circles Initiation and Youth Empowerment Evolution of the Accountability Circles

Accountability Circles Initiation and Youth Empowerment Evolution of the Accountability Circles The Accountability Circle Process Wisdom Confidence Courage Respect The Circle Space Check-in Conferences and Plans Necklaces

643 views • 8 slides
Operations management course presentation Rossella Pozzi School of Industrial Engineering

Operations management course presentation Rossella Pozzi School of Industrial Engineering

Operations management course presentation Rossella Pozzi School of Industrial Engineering Instructors information Rossella Pozzi School of Industrial Engineering Torre building 1 st floor, office 1.5 Email: rpozzi@liuc.it Violetta Giada

251 views • 7 slides
A smart approach to commercial assets Working in partnership with Housing & Regeneration I

A smart approach to commercial assets Working in partnership with Housing & Regeneration I

A smart approach to commercial assets Working in partnership with Housing & Regeneration I Commercial Real Estate I Conveyancing I Charities Todays speakers Bob Agnew Partner, Head of Commercial Real Estate Croftons Solicitors Gareth

313 views • 29 slides
LED Parking Garages & Controls Course Disclaimer This is not an IES endorsed course nor

LED Parking Garages & Controls Course Disclaimer This is not an IES endorsed course nor

LED Parking Garages & Controls Course Disclaimer This is not an IES endorsed course nor have they reviewed or approved the material being presented. This course intended to help individuals understand RP-20-14 and gain a better

497 views • 38 slides
Do it yourself Check your configuration and connectivity - Connect the NEA online test session

Do it yourself Check your configuration and connectivity - Connect the NEA online test session

W ebinars Stakeholder Dialogue: Experience and Lessons for Young and Old Experts and Researchers In collaboration with the International Radiological Protection Association (IRPA) C onnectivity and Equipment Recommendations for ensuring

120 views • 8 slides
Lembongan ? We have a SMALL problem Bali Eco Deli, May 2013 for LMA Local wastes management

Lembongan ? We have a SMALL problem Bali Eco Deli, May 2013 for LMA Local wastes management

Lembongan ? We have a SMALL problem Bali Eco Deli, May 2013 for LMA Local wastes management history NONE ! NONE ! Long term option (AKA step 3) Having Bali Recycling coming on a regular basis to collect E-V-E-R-Y-T-H-I-N-G that can be

299 views • 17 slides

More recommend