05 Fakultät Informatik, Elektrotechnik und Informationstechnik
Permanent URI for this collectionhttps://elib.uni-stuttgart.de/handle/11682/6
Browse
36 results
Search Results
Item Open Access Verifiable tally-hiding E-voting with fully homomorphic encryption(2020) Hasler, SebastianAn E-voting system is end-to-end verifiable if arbitrary external parties can check whether the result of the election is correct or not. It is tally-hiding if it does not disclose the full election result but rather only the relevant information, such as e.g. the winner of the election. In this thesis we pursue the goal of constructing an end-to-end verifiable tally-hiding E-voting system using fully homomorphic encryption. First we construct an alteration of the GSW levelled fully homomorphic encryption scheme based on the learning with errors over rings assumption. We utilize a key homomorphic property of this scheme in order to augment the scheme by a distributed key generation and distributed decryption. This leads to a passively secure 4-round multi-party computation protocol in the common random string model that can evaluate arithmetic circuits of arbitrary size. The complexity of this protocol is quasi-linear in the number of parties, polynomial in the security parameter and polynomial in the size of the circuit. By using Fiat-Shamir-transformed discrete-log-based zero-knowledge proofs we achieve security against active adversaries in the random oracle model while preserving the number of 4 rounds. Based on this actively secure protocol we construct an end-to-end verifiable tally-hiding E-voting system that has quasi-linear time complexity in the number of voters.Item Open Access Informelle Sicherheitsanalyse der Sequent Tech Identitäts- und Zugriffsmanagementkomponente(2022) Vatic, AmelDie IAM-Komponente wurde von Sequent Tech Inc. für ihre E-Voting-Anwendung entwickelt und anschließend als eigenständige Software-Komponente veröffentlicht. Sie bietet Funktionalität zur Authentifizierung und Autorisierung von Benutzern in einem Anwendungssystem. In dieser Arbeit wird eine informelle Sicherheitsanalyse der IAM-Komponente und der in der Komponente definierten Authentifizierungsprotokolle angefertigt. Die Authentifizierungsprotokolle legen dabei jeweils fest, wie sich die Benutzer bei der IAM-Komponente authentisieren müssen. Die Grundlage dieser Analyse bildet dabei eine ausführliche Beschreibung dieser Komponente und ihrer Authentifizierungsprotokolle, die im Rahmen dieser Arbeit ebenfalls angefertigt wird. Von besonderer Interesse ist dabei das Single-Sign-On Authentifizierungsprotokoll SmartLink. Nachdem wir die Beschreibung angefertigt haben, werden die IAM-Komponente und ihre Authentifizierungsprotokolle informell analysiert. Dabei beginnen wir mit der Identifikation der Annahmen und der Angreifermodelle, die für die Sicherheitsanalyse zu Grunde gelegt werden. Die drei Sicherheitsziele, die in von der IAM-Komponente erfüllt werden müssen sind dabei Authentifizierung, Autorisierung und Session Integrity. In der darauffolgenden Sicherheitsanalyse werden die Komponente und die Authentifizierungsprotokolle bezüglich allen Sicherheitsdefinitionen überprüft.Item Open Access XSS in issue tracking systems(2021) Hildebrand, MoritzToday, virtually every software project, especially in a collaborative and distributed setting, is managed through an issue tracking system (ITS). As developers rely heavily on ITSs, the risk of cyberattacks and their associated impact increases. An interesting particularity of ITSs is that, compared to conventional web applications, the attack surface is extended through additional input interfaces such as email or version control systems (VCSs).This bachelor thesis develops a methodology to test ITSs for Cross-site scripting (XSS) vulnerabilities via these ITS-specific input interfaces. Exemplarily, we implement the developed methodology for the input interfaces email and Git and test it on the three open-source ITSs Redmine, MantisBT, and Trac.Item Open Access Disinformation campaigns in social media(2020) Sliwa, RobinIn an increasingly digitally connected world, social networks have become a large factor in news consumption, discussion and staying connected to friends. This thesis aims to give an overview over how this new platform has been a vector for the conduction of disinformation campaigns. Beyond the prime example - possible Russian disinformation in the U.S. from 2015 to 2017 - and its efficacy, further candidates as well as the historical context, technical aspects and the public response are touched upon. The U.S. election of 2016 is evidently a well-documented example of an election targeted by a large-scale disinformation campaign conducted through social media. Indications exist that campaigns are also being conducted in other political contexts (France, 2017) and with contexts extending into economics. This thesis also finds that more research is needed to systematically detect and investigate disinformation campaigns, especially in order to measure and contain their real-world impact.Item Open Access A formal analysis of hashgraph and its accountability properties(2022) Flinspach, MarcelThe Hashgraph algorithm is a distributed ledger technology (DLT) consensus algorithm that is an alternative to conventional blockchains. Generally, a distributed ledger can be seen as a database of transactions that is replicated across serveral locations, typically run by multiple parties. In order to reach an agreement on the validity and order of transactions, DLTs typically rely on consensus protocols as a key component. Participants of the Hashgraph algorithm locally manage a hashgraph. This is a directed acyclic graph of events. All events include, among other (meta)data, mainly transactions that were submitted by clients. In order to reach a consens, Hashgraph utilizes so-called virtual voting so that parties with different hashgraphs assign all events the same position in the total order of events. We call this desirable property consistency, which allows different participants to calculate and agree on the same order of transactions. Accountability is a well-known concept in distributed systems and cryptography but new to blockchains and DLTs in general. With this concept, misbehaving parties violating predefined security goals can be identified and held accountable with undeniable cryptographic evidence to incentivize participants to behave honestly. In this work, we put forward a rigorous proof that Hashgraph does achieve accountability w.r.t. consistency. That is, participants that misbehave by calculating a different order of transactions, by not following the Hashgraph protocol, can always be identified and rightfully blamed. To achieve this, we construct an iUC model of the hashgraph protocol with the necessary additions to hold dishonest participants accountable. In particular, we prove under relatively mild assumptions that honest participants, following the Hashgraph algorithm, will always assign events in their hashgraph the same order. That is, honest participants can reach a consens on the total order of events and transactions. Due to the real-world applications of Hashgraph, we believe this result is of independent interest.Item Open Access Enhancement of a tool for comprehensive security scanning(2020) Hauck, FabianThe demand for web applications is rapidly increasing worldwide. Since the world wide web is accessible to everyone with a connection to the internet, web-based systems are especially vulnerable to attacks. This is why cybersecurity is getting increased attention. While it is difficult to defend a system from sophisticated attacks it is rather easy to find and fix insecure system configurations. Since web applications and their infrastructure are rapidly changing, it is hard to manually detect security breaches. Therefore advanced testing software is needed to detect security leaks automatically. The present work describes several extensions of an automated security scanning tool called yesses. The yesses tool was originally designed to scan web servers for basic security properties like open ports, insecure HTTP methods and missing cookie security features. The tool is accessible open-source on GitHub. Within the scope of this work, the yesses tool was extended by seven modules. Hereby the following three main topics were investigated: Transportation Layer Security (TLS), Domain Name System Security Extensions (DNSSEC) and information leakages. Within the TLS topic, TLS scans of the TLS settings of a server are performed and the differences compared to a Mozilla TLS profile were analyzed. Among other things this gives important insights into possible insecure encryption algorithms. In the scope of DNSSEC, the DNSSEC configuration of a domain name was scanned. Hereby the tool can detect possible misconfigurations, e.g. a missing signature for a DNS resource record. Concerning information leakages, the yesses tool was extended in such a way, that it detects sensitive data exposures which are very useful for potential adversaries. The described extensions do not only make the yesses tool more powerful, they also enable it to detect security leaks that could not have been detected beforehand.Item Open Access Improved usability of differential privacy in machine learning : techniques for quantifying the privacy-accuracy trade-off(2022) Bernau, Daniel; Küsters, Ralf (Prof.)Differential privacy allows bounding the influence that training data records have on a neural network. To use differential privacy in machine learning with neural networks, data scientists must choose privacy parameter epsilon. Choosing meaningful privacy parameters is key since differentially private neural networks that have been trained with weak privacy parameters might result in excessive privacy leakage, while strong privacy parameters might overly degrade model utility. However, privacy parameter values are difficult to choose for two main reasons. First, the theoretical upper bound on privacy loss epsilon might be loose, depending on the chosen sensitivity and data distribution of practical datasets. Second, legal requirements and societal norms for anonymization often refer to individual identifiability, to which epsilon is only indirectly related. Within this thesis, we address the problem of choosing epsilon from two angles. First, we quantify the empirical lower bound on the privacy loss under empirical membership inference attacks to allow data scientists to compare the empirical privacy-accuracy trade-off between local and central differential privacy. Specifically, we consider federated and non-federated discriminative models, as well as generative models. Second, we transform the privacy loss under differential privacy into an analytical bound on identifiability map legal and societal expectations w.r.t. identifiability to corresponding privacy parameters. The thesis contributes techniques for quantifying the trade-off between accuracy and privacy over epsilon. The techniques provide information for interpreting differentially private training datasets or models trained with the differentially private stochastic gradient descent to improve usability of differential privacy in machine learning. In particular, we identify preferable ranges for privacy parameter epsilon and compare local and central differential privacy mechanisms for training differentially private neural networks under membership inference adversaries. Furthermore, we contribute an implementable instance of the differential privacy adversary that can be used to audit trained models w.r.t. identifiability.Item Open Access Joint state composition theorems for public-key encryption and digital signature functionalities with local computation(2020) Küsters, Ralf; Tuengerthal, Max; Rausch, DanielIn frameworks for universal composability, complex protocols can be built from sub-protocols in a modular way using composition theorems. However, as first pointed out and studied by Canetti and Rabin, this modular approach often leads to impractical implementations. For example, when using a functionality for digital signatures within a more complex protocol, parties have to generate new verification and signing keys for every session of the protocol. This motivates to generalize composition theorems to so-called joint state (composition) theorems, where different copies of a functionality may share some state, e.g., the same verification and signing keys. In this paper, we present a joint state theorem which is more general than the original theorem of Canetti and Rabin, for which several problems and limitations are pointed out. We apply our theorem to obtain joint state realizations for three functionalities: public-key encryption, replayable public-key encryption, and digital signatures. Unlike most other formulations, our functionalities model that ciphertexts and signatures are computed locally, rather than being provided by the adversary. To obtain the joint state realizations, the functionalities have to be designed carefully. Other formulations proposed in the literature are shown to be unsuitable. Our work is based on the IITM model. Our definitions and results demonstrate the expressivity and simplicity of this model. For example, unlike Canetti’s UC model, in the IITM model no explicit joint state operator needs to be defined and the joint state theorem follows immediately from the composition theorem in the IITM model.Item Open Access Applications for arithmetic tuples(2022) Schieber, MikaSecure Multi-Party Computation (SMPC) is a subfield of cryptography that allows multiple parties to compute a function without disclosing the inputs. Different types of specialised computation of specific (sub)functions are used to make SMPC computations more efficient. A recently published paper introduced Arithmetic Tuples, a new approach for evaluating multivariate polynomials and thereby, arithmetic circuits, in a minimal number of rounds and with practicable precomputation. In this thesis, we demonstrate the practicality of the new approach by applying it to a variety of real-world applications in which it has the potential to be particularly effective. These applications are multiplexers, permutations, demultiplexers and prefix products, which include functions with several outputs. We analyze each application and compare Arithmetic Tuples to the existing approaches Beaver Triples and Binomial Tuples. Comparison criteria are the number of rounds, the number of elements to be precalculated and the number of elements to be communicated.Item Open Access Erweiterung von Ordinos um politische Wahlverfahren: House of Commons, Storting (Norwegen), Deutscher Bundestag(2022) Wabartha, CarmenDamit E-Voting Systeme in der Praxis eingesetzt werden können, müssen sie eine Vielzahl an Eigenschaften erfüllen. So sollen sie nicht nur das Ergebnis einer Wahl berechnen, sondern auch funktionieren, wenn ein Teil derer, die an der Auswertung beteiligt sind, unehrlich sind. Auch in diesem nicht optimalen Fall muss sichergestellt werden, dass das Wahlgeheimnis gewährleistet bleibt, dass jeder Wähler überprüfen kann, ob seine Stimme gezählt wurde, dass das Wahlergebnis korrekt ist und dass Teilnehmer, die die Berechnung manipulieren, zur Verantwortung gezogen werden können. Eine besondere Eigenschaft von sicheren E-Voting Systemen ist das Tally Hiding. Dabei bleiben einzelne Wählerstimmen und Zwischenergebnisse der Wahl wie beispielsweise die Anzahl der Stimmen pro Partei verschlüsselt und nur das benötigte Ergebnis wie die finale Sitzverteilung wird entschlüsselt. Tally Hiding bewirkt, dass die Vote Privacy deutlich erhöht wird und einige Angriffe nicht mehr möglich sind. Ordinos ist ein E-Voting System, das sowohl Tally Hiding als auch Vote Privacy und Accountability sicherstellt. Das Grundgerüst von Ordinos wurde bereits entwickelt und Evaluierungsfunktionen für einige Wahlen sind ebenfalls implementiert. In dieser Arbeit wird Ordinos um einige Parlamentswahlen, wie sie in der Realität durchgeführt werden, erweitert. Konkret werden die Wahlverfahren für das britische House of Commons, das norwegische Storting und den Deutschen Bundestag hinzugefügt. Im Gegensatz zu vorherigen Wahlverfahren liegt nun der Fokus darauf, die Wahlen so umzusetzen, wie sie in der Praxis durchgeführt werden. Daher wird nicht mehr von der konkreten Wahl abstrahiert, sondern es müssen alle Feinheiten der Wahlen beachtet werden.