Information Security and Privacy: 26th Australasian Conference, ACISP 2021, Virtual Event, December 1–3, 2021, Proceedings (Security and Cryptology)
معرفی کتاب «Information Security and Privacy: 26th Australasian Conference, ACISP 2021, Virtual Event, December 1–3, 2021, Proceedings (Security and Cryptology)» نوشتهٔ Joonsang Baek (editor), Sushmita Ruj (editor)، منتشرشده توسط نشر Springer International Publishing : Imprint: Springer در سال 1308. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
This book constitutes the refereed proceedings of the 26th Australasian Conference on Information Security and Privacy, ACISP 2021, held in Perth, WA, Australia, in November 2021. The 35 full papers presented were carefully revised and selected from 157 submissions. The papers present and discuss all aspects of information security and privacy as well as machine learning for privacy and much more. Preface Organization Contents Cryptographic Foundations Leakage Resilient Cheating Detectable Secret Sharing Schemes 1 Introduction 1.1 Our Work 1.2 Related Works 2 Preliminaries 3 Secrecy Notions in Leakage-Resilient Secret Sharing 4 Cheating Detection in Leakage-Resilient Secret Sharing 4.1 An Explicit Attack on Existing Leakage-Resilient Schemes 4.2 Leakage-Resilient Cheating Detection in OKS Model 4.3 A Compiler for LR Cheating Detectable Threshold SS 4.4 Leakage-Resilient Cheating Detectable Secret Sharing in the CDV Model 4.5 Extension to General Monotone Access Structures 5 Conclusion A Appendix A.1 The Scheme of Srinivasan-Vasudevan ch1SrinivasanspsVasudevansps2019 References Chosen Ciphertext Secure Functional Encryption from Constrained Witness PRF 1 Introduction 2 Preliminaries 2.1 Pseudorandom Generator 2.2 Constrained Pseudorandom Function 2.3 Constrained Witness Pseudorandom Functions 2.4 Puncturable Witness Pseudorandom Function 2.5 Functional Encryption 2.6 Indistinguishability Obfuscation 3 Construction of CWPRF from CPRF and iO 4 Construction of CCA Secure PKFE from CWPRF 5 Conclusion References Updatable Trapdoor SPHFs: Modular Construction of Updatable Zero-Knowledge Arguments and More 1 Introduction 2 Preliminaries 3 A New Framework for TSPHFs 3.1 Lighter-TSPHF (L-TSPHF) 3.2 Comparison of the TSPHF Frameworks 4 Updatable L-TSPHF 5 Applications of (Updatable) L-TSPHFs References Small Superset and Big Subset Obfuscation 1 Introduction 1.1 Technical Overview 1.2 Organization 2 Preliminaries 2.1 Obfuscation 3 Small Superset and Big Subset Functions 3.1 Function Definition 3.2 Evasive Function Family 4 Subset Product Problem 5 Obfuscation 5.1 Correctness 5.2 Parameters for Secure Obfuscation 6 Security Proofs 6.1 Input-Hiding 6.2 DVBB 7 Attacks 8 Conclusion References Symmetric Primitives Algebraic Attacks on Round-Reduced Keccak 1 Introduction 2 Preliminaries 2.1 Notation 2.2 Description of Keccak 2.3 The Keccak Hash Functions Keccak-512 and Keccak-384 2.4 Leaked Linear Relations 2.5 Overview 3 Preimage Attacks on 2-Round Keccak-384/512 3.1 Preimage Attack on 2-Round Keccak-512 3.2 Preimage Attack on 2-Round Keccak-384 4 Preimage Attack on 3-Round Keccak-384/512 4.1 Preimage Attack on 3-Round Keccak-512 4.2 Preimage Attack on 3-Round Keccak-384 5 Preimage Attack on 4-Round Keccak-384 6 Experiments 7 Conclusion References On MILP-Based Automatic Search for Bit-Based Division Property for Ciphers with (Large) Linear Layers 1 Introduction 2 Preliminaries 2.1 Notations and Definitions 2.2 MILP-Based Automated Search for Bit-Based Division Property 3 Previous MILP-Based Modelling for Linear Layers 3.1 Disjointed Representation 3.2 Compact Representation 4 MILP-Based Modelling for (Large) Linear Layers 4.1 Prior-Known Input Division Property to the Linear Layer 4.2 Complete Model and Search Approach 5 Applications of Our New Approach 5.1 Application to Kuznyechik 5.2 Application to Kalyna 5.3 Application to PHOTON 6 Conclusions References Constructions of Iterative Near-MDS Matrices with the Lowest XOR Count 1 Introduction 1.1 Contribution 2 Preliminaries 2.1 Branch Number and Near-MDS Matrix 2.2 XOR Count 3 Iterative Near-MDS Matrices 3.1 Method of Construct Iterative Near-MDS Matrices in M4(Mm(F2)) 3.2 Lightest Iterative Near-MDS Matrices in M4(Mm(F2)) 3.3 Lightweight Iterative Near-MDS Matrices with Small Order 3.4 Lightweight Iterative Near-MDS Matrices in M5(Mm(F2)) 4 Conclusion References Forced Independent Optimized Implementation of 4-Bit S-Box 1 Introduction 1.1 Our Contributions 1.2 Organization 2 Notations and Preliminaries 2.1 Notations and Definitions 2.2 Binary Model 3 Optimizing Implementations for the S-Boxes with Forced Independence Property 3.1 Depth-L GEC Optimizing Scheme 3.2 New Ternary Model 3.3 New Area Profile Model 4 Application to 4-Bit S-Boxes 4.1 Comparison with the Binary Model 4.2 Comparison with Table-Based Method Using UMC 55nm Technology Library 5 Conclusion A Fault Propagation and Forced Independence Property B Gates in the 0-th Depth Layer C Encoding Model for Gates in the -th (1) Depth Layer References Distinguishing and Key Recovery Attacks on the Reduced-Round SNOW-V 1 Introduction 1.1 Background 1.2 Our Contribution 1.3 Organization of the Paper 2 Description of SNOW-V 2.1 Structure 2.2 Initialization 3 MILP-Aided Integral Distinguisher 3.1 The MILP Model 3.2 Our Search and Results 4 Bit-Wise Differential Distinguisher 4.1 Single-Bit and Dual-Bit Differential Cryptanalysis 4.2 Chosen-IV Technique 4.3 Experimental Results 5 Key Recovery Attack on the 4-Round SNOW-V 5.1 Differential Attack Based on Probabilistic Neutral Bits (PNB) 5.2 Application to SNOW-V 5.3 Experimental Results 6 Conclusion References Encryption Broadcast Authenticated Encryption with Keyword Search 1 Introduction 1.1 Contribution 1.2 Related Work 2 Preliminaries 2.1 Bilinear Map 2.2 Decisional Bilinear Diffie Hellman Assumption 3 Syntax and Security Definitions 3.1 Broadcast Authenticated Encryption with Keyword Search 3.2 Security Models 4 Broadcast Authenticated Encryption with Keyword Search 4.1 Construction 4.2 Correctness 5 Proof 5.1 Trapdoor Privacy 5.2 Ciphertext Indistinguishability 5.3 Anonymity and Trapdoor Anonymity 6 Comparison with Existing Works 7 Conclusion References An Anonymous Trace-and-Revoke Broadcast Encryption Scheme 1 Introduction 1.1 Contributions 1.2 Technical Overview 2 Definitions and Preliminaries 2.1 Linear Functional Encryption 2.2 Trace-and-Revoke Systems 3 Trace-and-Revoke from Linear Functional Encryption 3.1 Trace-and-Revoke for Single Bit Messages 3.2 Efficient Trace-and-Revoke for Bit Strings 4 Cryptanalysis of the Wang et al. IPFE Construction 5 Linear Functional Encryptions in Prime-Order Groups 5.1 MMFE from References Security Analysis of End-to-End Encryption for Zoom Meetings 1 Introduction 1.1 Background 1.2 Our Contribution 1.3 Uncovered Results and Limitation 1.4 Responsible Disclosure 1.5 Organization of This Paper 2 Adversary Models and Security Goals 2.1 Adversary Models 2.2 Security Goals 3 E2EE Specifications for Zoom Meetings 3.1 System Components 3.2 Cryptographic Algorithms 3.3 Join/Leave Protocol Flow 4 Impersonation Based on No Entity Authentication 4.1 Impersonation Based on Vulnerability 1 4.2 Discussion 4.3 Response from Zoom 5 Impersonation of Any Zoom User 5.1 Impersonation Based on Vulnerabilities 1, 2 and 3 5.2 Impersonation Based on Vulnerabilities 1, 2, 3 and 4 5.3 Discussion 5.4 Response from Zoom 6 Security Against Tampering with Meeting Streams 6.1 Tampering Based on Vulnerability 5 6.2 Discussion 6.3 Response from Zoom 7 Conclusion A Cryptographic Algorithms A.1 Signing A.2 Authenticated Public-Key Encryption B Further Discussion in Sect.5 B.1 Impersonation Based on Vulnerabilities 1–4 without Colluding with a Malicious Insider B.2 Discussion References CCA Secure Attribute-Hiding Inner Product Encryption from Minimal Assumption 1 Introduction 2 Preliminaries 2.1 Pairing Groups and Hardness Assumptions 2.2 Inner Product Functional Encryption 2.3 Non-zero Inner Product Encryption 2.4 Quasi-adaptive Non-interactive Zero-Knowledge Proof 3 Generic Approach: AHNIPE from IPFE and QANIZK 4 CCA Secure AHNIPE from DDH and KerMDH 5 Application: Anonymous Identity-Based Revocation References Privacy Optimal Randomized Partial Checking for Decryption Mix Nets 1 Introduction 2 Related Work 3 Decryption Mix Nets 4 Original RPC 5 Attacks on Original RPC 6 Optimal RPC 6.1 Idea 6.2 Protocol 7 Formal Verifiability Analysis 8 Conclusion References A Novel Proof of Shuffle: Exponentially Secure Cut-and-Choose 1 Introduction 2 Related Work 2.1 Proofs of Shuffle 2.2 Machine-Checked Proofs 3 Technical Overview 3.1 Main Idea 3.2 Applications 4 Sigma Protocols 4.1 General Sigma Protocols 4.2 Shuffle-Compatible Sigma Protocols (SCSP) 5 Transform 6 Complexity 6.1 Basic Complexity 6.2 Interactive vs Non-interactive 6.3 Optimisations 6.4 Comparison 6.5 Concrete Efficiency 7 Conclusion References Private Decision Tree Evaluation with Constant Rounds via (Only) Fair SS-4PC 1 Introduction 1.1 Backgrounds 1.2 Our Results 1.3 Related Work 2 Preliminaries 3 Our Protocols 3.1 Proposed Oblivious Shuffling Protocol 3.2 Proposed MSB Extraction, LT, and EQ Protocols 3.3 Proposed Protocol of PDTE 4 Security Proof Sketch References Partially-Fair Computation from Timed-Release Encryption and Oblivious Transfer 1 Introduction 1.1 Relaxed Notions of Fairness 1.2 Partial Fairness 1.3 Context and Motivation 1.4 Our Contribution 1.5 Our Method 1.6 Informal Overview of the Protocol 2 Preliminaries 3 A Partially-Fair Exchange Protocol 3.1 Definition 3.2 Building Blocks 3.3 Protocol 3.4 Informal Overview A Extensions B Other Applications of Partially-Fair Exchange References Blockchain - Protocols and Foundations Concise Mercurial Subvector Commitments: Definitions and Constructions 1 Introduction 2 Preliminaries 2.1 Bilinear Groups 2.2 Diffie-Hellman Exponent Assumption 2.3 Algebraic Group Model 3 System Model and Security Model 4 Proposed MSVC 4.1 Correctness 4.2 Mercurial Binding 4.3 Mercurial Hiding 4.4 Performance Analysis 5 Applications of Mercurial Subvector Commitments 5.1 Zero-Knowledge Elementary Database with Batch Verification 5.2 Mercurial Subvector Commitments in Blockchain 6 Conclusion References A Secure Cross-Shard View-Change Protocol for Sharding Blockchains 1 Introduction 2 System Model and Assumption 2.1 Notations 2.2 System Model 2.3 Assumptions 3 System Overview 3.1 Intra-shard Consensus Algorithm 3.2 The Basic Two-Phase Commit Protocol 3.3 Cross-Shard Transaction Censorship 3.4 Protocol Overview 4 Concrete Protocol 5 Security Analysis 6 Related Work 7 Discussion 8 Conclusion References Efficient Unique Ring Signature for Blockchain Privacy Protection 1 Introduction 2 Preliminaries 2.1 Unique Ring Signature 2.2 Mathematical Assumptions 3 A Unique Ring Signature Scheme Based on the Decisional Diffie-Hellman and Discrete Logarithm Assumptions 4 Performance 5 Conclusion References Redactable Transactions in Consortium Blockchain: Controlled by Multi-authority CP-ABE 1 Introduction 1.1 Motivation 1.2 Our Contributions 1.3 Related Works 1.4 Paper Organization 2 Preliminaries 2.1 Notations 2.2 Chameleon Hash Functions 2.3 Multi-Authority CP-ABE 3 Our Scheme 3.1 Definitions 3.2 Generic Construction and Security Analysis 4 Integration in Blockchain 4.1 Overview 4.2 Integration Details 4.3 Evaluation 5 Conclusion A Data Structure Modifications in HLF References Blockchain - Analysis and Attack Transparency or Anonymity Leak: Monero Mining Pools Data Publication 1 Introduction 2 Background 2.1 Monero Anonymity 2.2 Monero Consensus, Mining Activities, and Mining Pools 3 Known Attacks to Monero Anonymity 3.1 Zero-Mixin Transactions and Cascade Effect (Chain Reaction) 3.2 Hard Fork Problems 3.3 Closed-Set Transaction Attack 4 Analyses on Mining Pool-Related Information 4.1 Public Information from Mining Pools 4.2 Data Collection 4.3 Traceability Analysis 4.4 Multi-candidate Untraceable Inputs 4.5 Second-Order Traceability Analysis 4.6 Additional Analyses on Mining Pools' Public Information 5 Possible Countermeasures 5.1 Transaction Obfuscation 5.2 Accountable Data Publication 6 Mining Pool Feature Analysis 6.1 Mining Pool Data Publication and the Lack of Verification 6.2 Characteristics of Top Ten Monero Mining Pools and Miners' Preference 7 Conclusion and Future Work References Mind the Scraps: Attacking Blockchain Based on Selfdestruct 1 Introduction 2 Background and Related Work 2.1 Decentralized Ledger Technology 2.2 Consensus Algorithm 2.3 Smart Contract 2.4 Self-destruction 3 Our Proposed Threat 3.1 Potential Threat 3.2 Our Attack and Impact 4 Possible Prevention 4.1 The Password Game 4.2 Mind the Exploits 4.3 Access Control and Encryption 4.4 On-Chain or Off-Chain 5 Conclusion and Future Work References Machine Learning for Privacy A Blockchain-Enabled Federated Learning Model for Privacy Preservation: System Design 1 Introduction 2 Related Work 3 System Model 3.1 Proposed System Architecture 3.2 Model Working Process 4 Model Improvement 4.1 Multi-smart Contracts 4.2 Modified PBFT Consensus Protocol 4.3 Off-Chain and On-Chain Storage Strategy 4.4 Homomorphic Encryption 5 Model Evaluation 5.1 Privacy Analysis 5.2 Performance Evaluation 6 Conclusion and Future Work References ALRS: An Adversarial Noise Based Privacy-Preserving Data Sharing Mechanism 1 Introduction 2 Related Work 2.1 Privacy Representation Learning 2.2 Adversarial Examples 3 Encoding-Based Data Sharing Mechanism 3.1 Privacy-Preserving Data Sharing Scenario 3.2 Basic Encoding-Based Data Sharing Mechanism 3.3 Decoding-Based Attack 4 Stronger Privacy-Preserving: Add Adversarial Noise 4.1 Adding Simple Adversarial Noise 4.2 Adv-Training Decoder Attack 4.3 Adding Masked Adversarial Noise 5 Experiments 5.1 Experiment Settings 5.2 Protecting Privacy Against Reconstruction Attacks 5.3 Preserving Privacy of Attributes 6 Conclusion A Discussions on Mask Mechanism References Non-interactive, Secure Verifiable Aggregation for Decentralized, Privacy-Preserving Learning 1 Introduction 1.1 Our Contributions 1.2 Related Work 1.3 Paper Organisation 2 Preliminaries 3 NIVA 3.1 NIVA Instantiation 3.2 Additional Properties and Extensions 4 Implementation and Comparisons 4.1 Comparison to Related Work References Machine Learning - Analysis and Attack Towards Visualizing and Detecting Audio Adversarial Examples for Automatic Speech Recognition 1 Introduction 2 Related Work 3 Audio Adversarial Examples 3.1 Targeted Audio Adversarial Examples 3.2 Untargeted Audio Adversarial Examples 4 Proposed Method 4.1 Visualizing Decision Boundaries 4.2 Feature Extraction 5 Experiments and Discussion 5.1 Target Models and Data Sets 5.2 Visualizing Decision Boundaries 5.3 Dimensionality Reduction 5.4 Anomaly Detection 5.5 Potential Limitation 6 Conclusions and Future Work References Oriole: Thwarting Privacy Against Trustworthy Deep Learning Models 1 Introduction 2 Related Work 2.1 Defending Against Data Poisoning Attacks 2.2 Defending Against Decision-Time Attacks 2.3 White-Box Attacks 2.4 Fawkes 3 Design Overview 4 The Oriole System Against Fawkes 4.1 Model Training 4.2 Model Testing 5 Experiments 5.1 Datasets and Models 5.2 Experimental Evaluation 6 Discussion 6.1 Restricted Imperceptibility of Fawkes 6.2 Countermeasures 7 Conclusion References Post Quantum Cryptography - Encryption Puncturable Identity-Based Encryption from Lattices 1 Introduction 2 Overview of Our Technique 2.1 Sketch of Puncturable Encryption 2.2 Overview of PIBE 3 Preliminaries 3.1 Lattices 3.2 Puncturable Identity-Based Encryption 4 Selectively Secure Puncturable Identity-Based Encryption (Selective-PIBE) 4.1 Construction of Selective-PIBE 4.2 Correctness and Security 5 Adaptively Secure Puncturable Identity-Based Encryption Scheme (Adaptive-PIBE) 5.1 Construction of Adaptive-PIBE 5.2 Correctness and Security References Optimizing Bootstrapping and Evaluating Large FHE Gates in the LWE-Based GSW-FHE 1 Introduction 1.1 Our Works 1.2 Our Techniques 1.3 Related Works 1.4 Organization 2 Preliminaries 2.1 Learning with Errors 2.2 Subgaussian Random Variables 2.3 Symmetric Groups and Zq-Embeddings 3 Homomorphic Matrix-Vector Multiplication 3.1 Definitions 3.2 Operations 4 Our Bootstrapping Procedure 4.1 Bootstrapping 4.2 Procedures 4.3 Correctness 4.4 Determining the Function func 4.5 Security 4.6 Time and Space Complexity References Forward-Secure Group Encryptions from Lattices 1 Introduction 2 Preliminaries 2.1 Lattices 2.2 Computational Problems 2.3 Signatures Supporting Efficient Protocols 2.4 Agrawal-Boneh-Boyen HIBE with Fixed Dimension 2.5 Zero-Knowledge Argument of Knowledge 3 Forward-Secure Group Encryption 4 Forward-Secure Group Encryptions from Lattices 4.1 Our Construction 4.2 Analysis of the Scheme 5 Conclusion References Anonymous Lattice Identity-Based Encryption with Traceable Identities 1 Introduction 2 Preliminary 2.1 Lattices, Discrete Gaussians, and Trapdoors 2.2 Definition 2.3 Construction 3 Security Proof 3.1 Proof of Anonymity 3.2 Proof of Ciphertext Indistinguishability 4 Conclusion and Discussion References Post Quantum Cryptography - Authentication Lattice-Based Secure Biometric Authentication for Hamming Distance 1 Introduction 1.1 Our Contribution 1.2 Related Work 2 Preliminaries 2.1 Notations 2.2 Lattices and Gaussian Distribution 2.3 The Learning with Errors Problem 3 Secure Biometric Authentication Protocol 3.1 Syntax 3.2 Security Model 4 Inner Product Functional Encryption for SBA 4.1 Definition 4.2 From SFB-IPFE to SBA 4.3 Our Construction 5 Performance Evaluation 5.1 Experimental Setup and Optimizations 5.2 Parameter Setting 5.3 Performance of Our SBA from SFB-IPFE 5.4 Comparison References A Trustless GQ Multi-signature Scheme with Identifiable Abort 1 Introduction 1.1 Related Work 1.2 Contributions 2 Preliminaries 2.1 Adversary Model and Security Definitions 2.2 Guillou-Quisquater Signature (GQ) 2.3 Class Group of Imaginary Quadratic Field 3 GQ Signature Scheme Without Trapdoor (CL-GQ) 4 Our Multi-signature Scheme 4.1 Distributed Key Generation 4.2 Distributed Signing 4.3 Verification 4.4 Rogue-Key Attack Resistant 4.5 Identifiable Abort or Not 5 Security Proof of Our Multi-signature Scheme 6 Zero-Knowledge Proofs 6.1 Zero-Knowledge Proof for the -v-th Root 6.2 Zero-Knowledge Proof of a CL-GQ Signature 6.3 ZKPoK with Lower Soundness 7 Implementation and Evaluation 7.1 Standard GQ v.s. CL-GQ 7.2 Performance of Trustless GQ Multi-signature 8 Conclusion References Verifiable Obtained Random Subsets for Improving SPHINCS+ 1 Introduction 2 Preliminaries 3 Specifications of SPHINCS+ 3.1 Parameters 3.2 Signing Algorithm 4 SPHINCS+ with Verifiable ORS 4.1 Rationale of Design Choices 4.2 Performance Implications 5 Interleaved Target Subset Resilience of v-ORS 6 vSPHINCS+ Security Reduction 7 vSPHINCS+: Comparison and New Parameters 7.1 Efficient Parameter Sets 7.2 SPHINCS+ Re-parameterization in Round Three Submission 8 Conclusion A Existential Unforgeability Under Adaptive Chosen Message Attacks References Author Index
دانلود کتاب Information Security and Privacy: 26th Australasian Conference, ACISP 2021, Virtual Event, December 1–3, 2021, Proceedings (Security and Cryptology)