8,161 research outputs found
Cryptographic Enforcement of Access Control Policies: Models, Applications, and Future Directions
Cryptographic enforcement of access control policies is a rapidly evolving field with ongoing research and development aimed at addressing emerging security challenges and requirements.
Among the different techniques to cryptographically enforce ac- cess control policies, hierarchical key assignment schemes play a central role, since they can be used in a variety of application domains. In this talk, we give an overview of such a cryptographic primitive, by discussing different models, applications and future research directions
Sharing Multiple Secrets: Models, Schemes, and Analysis
A multi-secret sharing scheme is a protocol to share more than one secret among a set
of participants, where each secret may have a distinct family of subsets of participants (also called
‘access structure’) that are qualified to recover it. In this paper we use an information-theoretic
approach to analyze two different models for multi-secret sharing schemes. The proposed models
generalize specific models which have already been considered in the literature. We first analyze
the relationships between the security properties of the two models. Afterwards, we show that the
security property of a multi-secret sharing scheme does not depend on the particular probability distribution
on the sets of secrets. This extends the analogous result for the case of single-secret sharing
schemes and implies that the bounds on the size of the information distributed to participants
in multi-secret sharing schemes can all be strengthened. For each of the two models considered in
this paper, we show lower bounds on the size of the shares distributed to participants. Specifically,
for the general case in which the secrets are shared according to a tuple of arbitrary (and possibly
different) access structures, we show a combinatorial condition on these structures that is sufficient
to require a participant to hold information of size larger than a certain subset of secrets. For specific
access structures of particular interest, namely, when all access structures are threshold structures,
we show tight bounds on the size of the information distributed to participants
On the equivalence of two security notions for hierarchical key assignment schemes in the unconditional setting
The access control problem in a hierarchy can be solved by using a hierarchical key assignment scheme, where each class is assigned an encryption key and some private information. A formal security analysis for hierarchical key assignment schemes has been traditionally considered in two different settings, i.e., the unconditionally secure and the computationally secure setting, and with respect to two different notions: security against key recovery (KR-security) and security with respect to key indistinguishability (KI-security), with the latter notion being cryptographically stronger. Recently, Freire, Paterson and Poettering proposed strong key indistinguishability (SKI-security) as a new security notion in the computationally secure setting, arguing that SKI-security is strictly stronger than KI-security in such a setting. In this paper we consider the unconditionally secure setting for hierarchical key assignment schemes. In such a setting the security of the schemes is not based on specific unproven computational assumptions, i.e., it relies on the theoretical impossibility of breaking them, despite the computational power of an adversary coalition. We prove that, in this setting, SKI-security is not stronger than KI-security, i.e., the two notions are fully equivalent from an information-theoretic point of view
Capture The Flag: un nuovo approccio all’apprendimento della Cybersecurity
Nell’ambito della Cybersecurity si propone un approccio per l’insegnamento dell’Informatica che, sfruttando i principi della gamification, porta gli studenti ad applicare le proprie conoscenze ed abilità nell’affrontare sfide (challenge) inerenti vulnerabilità di vario tipo, sotto forma di gioco in uno spazio virtuale. Scopo del gioco sarà trovare una informazione nascosta, una parola detta bandierina (o “flag”), che lo studente dovrà catturare. Tale approccio è pensato per la Scuola Secondaria di II Grado, in particolare per un Istituto Tecnico con indirizzo “Informatica e Telecomunicazioni” all’interno dell’insegnamento di “Sistemi e Reti”. In ogni caso la flessibilità della struttura del percorso permette di rimodularlo ed adattarlo a tanti altri contesti formativi
Anonymous Membership Broadcast Schemes
A membership broadcast scheme is a method by which a dealer broadcasts a secret identity
among a set of users, in such a way that only a single user is sure that he is the intended recipient.
Anonymous membership broadcast schemes have several applications, such as anonymous delegation,
cheating prevention, etc.
In a w-anonymous membership broadcast scheme any coalition of at most w users, which does not
include the user chosen by the dealer, has no information about the identity of the chosen user. Wang and
Pieprzyk proposed a combinatorial approach to 1-anonymous membership broadcast schemes. In
particular, they proposed a 1-anonymous membership broadcast scheme offering a logarithmic complexity
for both communication and storage. However, their result is non-constructive.
In this paper, we consider w-anonymous membership broadcast schemes. First, we propose a formal
model to describe such schemes and show lower bounds on the communication and randomness
complexities of the schemes. Afterwards, we show that w-anonymous membership broadcast schemes can
be constructed starting from .w . 1.-wise independent families of permutations. The communication and
storage complexities of our schemes are logarithmic in the number of users
- …
