Herman Galteland scite author profile

Gjøsteen

2017

Abstract. A malware author constructing malware wishes to infect a specific location in the network. The author will then infect n initial nodes with n different variations of his malicious code. The malware continues to infect subsequent nodes in the network by making similar copies of itself. An analyst defending M nodes in the network observes N infected nodes with some malware and wants to know if any sample is targeting any of his nodes. To reduce his work, the analyst need only look at unique malware samples. We show that by encrypting the malware payload and using rerandomization to replicate malware, we can make the N observed malware samples distinct and increase the analyst's work factor substantially.

Cloud-Assisted Asynchronous Key Transport with Post-Quantum Security

Davies

Gjøsteen

et al. 2020

In cloud-based outsourced storage systems, many users wish to securely store their files for later retrieval, and additionally to share them with other users. These retrieving users may not be online at the point of the file upload, and in fact they may never come online at all. In this asynchronous environment, key transport appears to be at odds with any demands for forward secrecy. Recently, Boyd et al. (ISC 2018) presented a protocol that allows an initiator to use a modified key encapsulation primitive, denoted a blinded KEM (BKEM), to transport a file encryption key to potentially many recipients via the (untrusted) storage server, in a way that gives some guarantees of forward secrecy. Until now all known constructions of BKEMs are built using RSA and DDH, and thus are only secure in the classical setting.We further the understanding of the use of blinding in post-quantum cryptography in two aspects. First, we show how to generically build blinded KEMs from homomorphic encryption schemes with certain properties. Second, we construct the first post-quantum secure blinded KEMs, and the security of our constructions are based on hard lattice problems.

Backward-Leak Uni-Directional Updatable Encryption from (Homomorphic) Public Key Encryption

Pan

2023

The understanding of directionality for updatable encryption (UE) schemes is important, but not yet completed in the literature. We show that security in the backward-leak uni-directional key updates setting is equivalent to the no-directional one. Combining with the work of Jiang (ASIACRYPT 2020) and Nishimaki (PKC 2022), it is showed that the backward-leak notion is the strongest one among all known key update notions and more relevant in practice. We propose two novel generic constructions of UE schemes that are secure in the backward-leak uni-directional key update setting from public key encryption (PKE) schemes: the first one requires a key and message homomorphic PKE scheme and the second one requires a bootstrappable PKE scheme. These PKE can be constructed based on standard assumptions (such as the Decisional Diffie-Hellman and Learning With Errors assumptions).

Attacks on the Basic cMix Design: On the Necessity of Commitments and Randomized Partial Checking

Mjølsnes

Olimid

2017

The cMix scheme was proposed by Chaum et al. in 2016 as the first practical set of cryptographic protocols that offer sender-recipient unlinkability at scale. The claim was that the cMix is secure unless all nodes collude. We argue that their assertion does not hold for the basic description of cMix, and we sustain our statement by two different types of attacks: a tagging attack and an insider attack. For each one, we discuss the settings that make the attack feasible, and then possible countermeasures. By this, we highlight the necessity of implementing additional commitments or mechanisms that have only been mentioned as additional features.

Adversaries monitoring Tor traffic crossing their jurisdictional border and reconstructing Tor circuits

Galteland¹,

Gjøsteen²

2018

Preprint

We model and analyze passive adversaries that monitors Tor traffic crossing the border of a jurisdiction an adversary is controlling. We show that a single adversary is able to connect incoming and outgoing traffic of their border, tracking the traffic, and cooperating adversaries are able to reconstruct parts of the Tor network, revealing user-server relationships. In our analysis we created two algorithms to estimate the capabilities of the adversaries. The first generates Tor-like traffic and the second analyzes and reconstructs the simulated data.