References of "Ryan, Peter 50002965"
     in
Bookmark and Share    
Peer Reviewed
See detailDeniability in Quantum Cryptography
Atashpendar, Arash UL; Roenne, Peter UL; Ostrev, Dimiter UL et al

Poster (2017, June 14)

This poster describes ongoing work on deniability in quantum cryptography, an area of research that remains almost entirely unexplored in the quantum information processing literature. Deniability is a ... [more ▼]

This poster describes ongoing work on deniability in quantum cryptography, an area of research that remains almost entirely unexplored in the quantum information processing literature. Deniability is a well-known and fundamental concept in classical cryptography and it can be defined as the ability for the sender of a message to deny the contents of a message or the very act of having participated in an exchange, e.g. having sent the said message. We discuss deniability in the context of quantum key exchange and address a particular problem, first discovered by Donald Beaver, where he claims that all QKD protocols are undeniable. The claim is that while we do get a one-time pad (OTP) using QKD, it does not provide the property of key equivocation as it is expected in the Shannon sense for a OTP. Intuitively, this difficulty lies in the quantum channel alone and it has to do with the fact that in QKD, while we generate entropy by expanding an initially short pre-shared key into an arbitrary longer secret key, we do so by exchanging information over a quantum as well as a classical channel, which could potentially leave a binding transcript of Alice's decisions to the final secret key. This is in contrast with the implicit assumption that Eve knows nothing about how two given parties have established their shared OTP in the first place. We discuss the importance of deniability in cryptography and its wide range of applications, along with cryptographic primitives other than key exchange where deniability might be a desired property. Finally, we present a series of fundamental open questions in this area of research and discuss quantum cryptographic primitives that lend themselves to devising deniable protocols. [less ▲]

Detailed reference viewed: 230 (20 UL)
Full Text
Peer Reviewed
See detailTrustworthy exams without trusted parties
Bella, Giampaolo; Giustolisi, Rosario; Lenzini, Gabriele UL et al

in Computer and Security (2017), 67

Historically, exam security has mainly focused on threats ascribed to candidate cheating. Such threats have been normally mitigated by invigilation and anti-plagiarism methods. However, as recent exam ... [more ▼]

Historically, exam security has mainly focused on threats ascribed to candidate cheating. Such threats have been normally mitigated by invigilation and anti-plagiarism methods. However, as recent exam scandals confirm, also invigilators and authorities may pose security threats. The introduction of computers into the different phases of an exam, such as candidate registration, brings new security issues that should be addressed with the care normally devoted to security protocols. This paper proposes a protocol that meets a wide set of security requirements and resists threats that may originate from candidates as well as from exam administrators. By relying on a combination of oblivious transfer and visual cryptography schemes, the protocol does not need to rely on any trusted third party. We analyse the protocol formally in ProVerif and prove that it verifies all the stated security requirements. [less ▲]

Detailed reference viewed: 142 (6 UL)
Full Text
Peer Reviewed
See detailUsing Selene to Verify your Vote in JCJ
Iovino, Vincenzo UL; Rial Duran, Alfredo UL; Roenne, Peter UL et al

in Workshop on Advances in Secure Electronic Voting (VOTING'17) (2017, April 07)

Detailed reference viewed: 185 (28 UL)
Full Text
Peer Reviewed
See detailThe Cipher, the Random and the Ransom: A Survey on Current and Future Ransomware
Genç, Ziya Alper UL; Lenzini, Gabriele UL; Ryan, Peter UL

in Advances in Cybersecurity 2017 (2017)

Although conceptually not new, ransomware recently regained attraction in the cybersecurity community: notorious attacks in fact have caused serious damage, proving their disruptive effect. This is likely ... [more ▼]

Although conceptually not new, ransomware recently regained attraction in the cybersecurity community: notorious attacks in fact have caused serious damage, proving their disruptive effect. This is likely just the beginning of a new era. According to a recent intelligence report by Cybersecurity Ventures, the total cost due to ransomware attacks is predicted to exceed $5 billion in 2017. How can this disruptive threat can be contained? Current anti-ransomware solutions are effective only against existing threats, and the worst is yet to come. Cyber criminals will design and deploy more sophisticated strategies, overcoming current defenses and, as it commonly happens in security, defenders and attackers will embrace a competition that will never end. In this arm race, anticipating how current ransomware will evolve may help at least being prepared for some future damage. In this paper, we describe existing techniques to mitigate ransomware and we discuss their limitations. Discussing how current ransomware could become even more disruptive and elusive is crucial to conceive more solid defense and systems that can mitigate zero-day ransomware, yielding higher security levels for information systems, including critical infrastructures such as intelligent transportation networks and health institutions. [less ▲]

Detailed reference viewed: 497 (19 UL)
Peer Reviewed
See detailCrypto Santa
Ryan, Peter UL

in The New Codebreakers - Essays Dedicated to David Kahn on the Occasion of His 85th Birthday (2016)

Detailed reference viewed: 63 (9 UL)
See detailThe New Codebreakers - Essays Dedicated to David Kahn on the Occasion of His 85th Birthday
Ryan, Peter UL; Naccache, David; Quisquater, Jean-Jacques

Book published by Springer (2016)

Detailed reference viewed: 54 (0 UL)
See detailReal-World Electronic Voting: Design, Analysis and Deployment
Hao, Feng; Ryan, Peter UL

Book published by Auerbach Publications (2016)

Detailed reference viewed: 98 (5 UL)
See detail(Universal) Unconditional Verifiability in E-Voting without Trusted Parties
Gallegos-Garcia, Gina; Iovino, Vincenzo UL; Roenne, Peter UL et al

E-print/Working paper (2016)

Detailed reference viewed: 76 (4 UL)
See detailFinancial Cryptography and Data Security - FC 2016 International Workshops, BITCOIN, VOTING, and WAHC
Clark, Jeremy; Sarah; Ryan, Peter UL et al

Book published by Springer (2016)

Detailed reference viewed: 87 (10 UL)
Full Text
Peer Reviewed
See detailExpressing Receipt-Freeness and Coercion-Resistance in Logics of Strategic Ability: Preliminary Attempt
Tabatabaei, Masoud UL; Jamroga, Wojciech UL; Ryan, Peter UL

in The International Workshop on AI for Privacy and Security (PrAISe), 2016. (2016)

Voting is a mechanism of utmost importance to social processes. In this paper, we focus on the strategic aspect of information security in voting procedures. We argue that the notions of receipt-freeness ... [more ▼]

Voting is a mechanism of utmost importance to social processes. In this paper, we focus on the strategic aspect of information security in voting procedures. We argue that the notions of receipt-freeness and coercion resistance are underpinned by existence (or nonexistence) of a suitable strategy for some participants of the voting process. In order to back the argument formally, we provide logical ``transcriptions'' of the informal intuitions behind coercion-related properties that can be found in the existing literature. The transcriptions are formulated in the modal game logic ATL*, well known in the area of multi-agent systems. [less ▲]

Detailed reference viewed: 90 (7 UL)
Full Text
Peer Reviewed
See detailFormal Security Analysis of Traditional and Electronic Exams
Dreier, Jannik; Giustosi, Rosario; Kassem, Ali et al

in Communications in Computer and Information Science (2015), 554

Nowadays, students can be assessed not only by means of pencil-and-paper tests but also by electronic exams which they take in examination centers or even from home. Electronic exams are appealing as they ... [more ▼]

Nowadays, students can be assessed not only by means of pencil-and-paper tests but also by electronic exams which they take in examination centers or even from home. Electronic exams are appealing as they can reach larger audiences, but they are exposed to new threats that can potentially ruin the whole exam business. These threats are amplified by two issues: the lack of understanding of what security means for electronic exams (except the old concern about students cheating), and the absence of tools to verify whether an exam process is secure. This paper addresses both issues by introducing a formal description of several fundamental authentication and privacy properties, and by establishing the first theoretical framework for an automatic analysis of exam security. It uses the applied π-calculus as a framework and ProVerif as a tool. Three exam protocols are checked in depth: two Internet exam protocols of recent design, and the pencil-and-paper exam used by the University of Grenoble. The analysis highlights several weaknesses. Some invalidate authentication and privacy even when all parties are honest; others show that security depends on the honesty of parties, an often unjustified assumption in modern exams. [less ▲]

Detailed reference viewed: 164 (7 UL)
Full Text
Peer Reviewed
See detailInformation Leakage due to Revealing Randomly Selected Bits
Atashpendar, Arash UL; Roscoe, Bill; Ryan, Peter UL

in Security Protocols XXIII: Lecture Notes in Computer Science, Volume 9379, 2015 (2015, November 25)

This note describes an information theory problem that arose from some analysis of quantum key distribution protocols. The problem seems very natural and is very easy to state but has not to our knowledge ... [more ▼]

This note describes an information theory problem that arose from some analysis of quantum key distribution protocols. The problem seems very natural and is very easy to state but has not to our knowledge been addressed before in the information theory literature: suppose that we have a random bit string y of length n and we reveal k bits at random positions, preserving the order but without revealing the positions, how much information about y is revealed? We show that while the cardinality of the set of compatible y strings depends only on n and k, the amount of leakage does depend on the exact revealed x string. We observe that the maximal leakage, measured as decrease in the Shannon entropy of the space of possible bit strings corresponds to the x string being all zeros or all ones and that the minimum leakage corresponds to the alternating x strings. We derive a formula for the maximum leakage (minimal entropy) in terms of n and k. We discuss the relevance of other measures of information, in particular min-entropy, in a cryptographic context. Finally, we describe a simulation tool to explore these results. [less ▲]

Detailed reference viewed: 403 (62 UL)
Full Text
Peer Reviewed
See detailSelene: Voting with Transparent Verifiability and Coercion-Mitigation
Ryan, Peter UL; Roenne, Peter UL; Iovino, Vincenzo UL

in Abstract book of 1st Workshop on Advances in Secure Electronic Voting (2016), 2015

Detailed reference viewed: 341 (37 UL)
Full Text
See detailPrivacy and Security in an Age of Surveillance
Ryan, Peter UL; Preneel, Bart; Rogaway, Phillip et al

Report (2015)

The Snowden revelations have demonstrated that the US and other nations are amassing data about people's lives at an unprecedented scale. Furthermore, these revelations have shown that intelligence ... [more ▼]

The Snowden revelations have demonstrated that the US and other nations are amassing data about people's lives at an unprecedented scale. Furthermore, these revelations have shown that intelligence agencies are not only pursuing passive surveillance over the world's communication systems, but are also seeking to facilitate such surveillance by undermining the security of the internet and communications technologies. Thus the activities of these agencies threatens not only the rights of individual citizens but also the fabric of democratic society. Intelligence services do have a useful role to play in protecting society and for this need the capabilities and authority to perform targeted surveillance. But the scope of such surveillance must be strictly limited by an understanding of its costs as well as benefits, and it should not impinge on the privacy rights of citizens any more than necessary. Here we report on a recent Dagstuhl Perspectives Workshop addressing these issues - a four-day gathering of experts from multiple disciplines connected with privacy and security. The meeting explored the scope of mass-surveillance and the deliberate undermining of the security of the internet, defined basic principles that should underlie needed reforms, and discussed the potential for technical, legal and regulatory means to help restore the security of the internet and stem infringement of human-rights by ubiquitous electronic surveillance. [less ▲]

Detailed reference viewed: 193 (2 UL)
Full Text
Peer Reviewed
See detailEnd-to-End Verifiability in Voting Systems, from Theory to Practice
Ryan, Peter UL; Schneider, Steve; Teague, Vanessa

in IEEE SECURITY & PRIVACY (2015), 13(3), 59-62

End-to-end verifiability represents a paradigm shift in electronic voting, providing a way to verify the integrity of the election by allowing voters to audit the information published by the system ... [more ▼]

End-to-end verifiability represents a paradigm shift in electronic voting, providing a way to verify the integrity of the election by allowing voters to audit the information published by the system, rather than trusting that the system has behaved correctly. Recent deployments of these systems in real elections demonstrate their practical applicability. [less ▲]

Detailed reference viewed: 194 (9 UL)
Full Text
Peer Reviewed
See detailEnd-to-end verifiability
Ryan, Peter UL; Benaloh, Josh; Rivest, Ronald et al

in arXiv preprint arXiv:1504.03778 (2015)

This pamphlet describes end-to-end election verifiability (E2E-V) for a nontechnical audience: election officials, public policymakers, and anyone else interested in secure, transparent, evidence - based ... [more ▼]

This pamphlet describes end-to-end election verifiability (E2E-V) for a nontechnical audience: election officials, public policymakers, and anyone else interested in secure, transparent, evidence - based electronic elections. This work is part of the Overseas Vote Foundation’s End-to-End Verifiable Internet Voting: Specification and Feasibility Assessment Study (E2E VIV Project), funded by the Democracy Fund. [less ▲]

Detailed reference viewed: 99 (6 UL)
Full Text
Peer Reviewed
See detailA Secure Exam Protocol Without Trusted Parties
Bella, Giampaolo; Giustolisi, Rosario UL; Lenzini, Gabriele UL et al

in ICT Systems Security and Privacy Protection. 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26-28, 2015 (2015)

Detailed reference viewed: 249 (11 UL)
Full Text
Peer Reviewed
See detailvVote: a Verifiable Voting System
Culnane, Chris; Ryan, Peter UL; Schneider, Steve et al

in Jets (2014)

The Pret a Voter cryptographic voting system was designed to be flexible and to offer voters a familiar and easy voting experience. In this paper we present a case study of our efforts to adapt Pret a ... [more ▼]

The Pret a Voter cryptographic voting system was designed to be flexible and to offer voters a familiar and easy voting experience. In this paper we present a case study of our efforts to adapt Pret a Voter to the idiosyncrasies of elections in the Australian state of Victoria. This technical report includes general background, user experience and details of the cryptographic protocols and human processes. We explain the problems, present solutions, then analyse their security properties and explain how they tie in to other design decisions. We hope this will be an interesting case study on the application of end-to-end verifiable voting protocols to real elections. A preliminary version of this paper appeared as the 10th February 2014 version of "Draft Technical Report for VEC vVote System". This version augments that version with additional message sequence charts. The team involved in developing the vVote design described in this report were: Craig Burton, Chris Culnane, James Heather, Rui Joaquim, Peter Y. A. Ryan, Steve Schneider and Vanessa Teague. [less ▲]

Detailed reference viewed: 190 (3 UL)
Full Text
Peer Reviewed
See detailFormal Analysis of Electronic Exams
Dreier, Jannik; Giustolisi, Rosario UL; Kassem, Ali et al

in SECRYPT 2014 - Proceedings of the 11th International Conference on Security and Cryptography, Vienna, Austria, 28-30 August, 2014 (2014)

Detailed reference viewed: 219 (15 UL)
Full Text
Peer Reviewed
See detailRemark!: A Secure Protocol for Remote Exams
Giustolisi, Rosario UL; Lenzini, Gabriele UL; Ryan, Peter UL

in Security Protocols XXII - Lecture Notes in Computer Science (2014)

Detailed reference viewed: 333 (57 UL)