Loading...
Search for:
anonymization
0.011 seconds
Total 39 records
Improving Path Selection in Tor Anonymous Network
, M.Sc. Thesis Sharif University of Technology ; Kharrazi, Mehdi (Supervisor)
Abstract
Today one of the most important challenges of internet is protecting the privacy of its users. Now, there are just a few practical anonymity systems over internet and one prominent is Tor anonymity network that works based on well-known onion routing. Although Tor is designed for providing low latency anonymity, but its users face long delays using this network and most of them do not tolerate these delays. So they leave the network and this leads to decreasing the members of anonymity set and in a smaller anonymity set, it’s easier attacking the network and violating the privacy of users.The most important factor affecting the performance and security of Tor is how selecting a path...
Double voting problem of some anonymous E-voting schemes
, Article Journal of Information Science and Engineering ; Volume 25, Issue 3 , 2009 , Pages 895-906 ; 10162364 (ISSN) ; Jalili, R ; Sharif University of Technology
2009
Abstract
In 1998, Mu and Varadharajan proposed an anonymous e-voting scheme to be applied in both small-scale and large-scale elections. They claimed that it protects the anonymity of voters and prevents double voting. They also mentioned that if a malicious voter votes more than once, his identity will be discovered by the election authority. In 2003, Lin et al. demonstrated that the scheme fails to resist double voting and further proposed an enhanced scheme to overcome the weakness. Their scheme has received a much of interest by Yang et al. (2004), Hwang et al. (2005), and Rodriguez-Henriquez et al. (2007). They have improved Lin et al.'s scheme to prevent their proposed weaknesses. This paper...
k-anonymity-based horizontal fragmentation to preserve privacy in data outsourcing
, Article Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 11 July 2012 through 13 July 2012, Paris ; Volume 7371 LNCS , 2012 , Pages 263-273 ; 03029743 (ISSN) ; 9783642315398 (ISBN) ; Hadavi, M. A ; Jalili, R ; Sharif University of Technology
Springer
2012
Abstract
This paper proposes a horizontal fragmentation method to preserve privacy in data outsourcing. The basic idea is to identify sensitive tuples, anonymize them based on a privacy model and store them at the external server. The remaining non-sensitive tuples are also stored at the server side. While our method departs from using encryption, it outsources all the data to the server; the two important goals that existing methods are unable to achieve simultaneously. The main application of the method is for scenarios where encrypting or not outsourcing sensitive data may not guarantee the privacy
An Approach to Improve the Security of Big Data
, M.Sc. Thesis Sharif University of Technology ; Jalili, Rasool (Supervisor)
Abstract
Different data sources are creating a huge amount of data at increasing speeds that require real-time processing. Such data is called “Big data stream". Although, mining and analysis this type of data is so useful for companies, but it also may cause many privacy breaches. The principle issues for big data stream’ anonymization are real time processing and information loss. There are some works that are proposed for data streams, but they have some drawbacks such as inefficient anonymization of big data stream and also not consider time expiration of tuples that lead to increase the information loss and cost of the data publishing. In this thesis, in order to speed up the ability of big data...
Identity based universal re-encryption for mix nets
, Article 2013 10th International ISC Conference on Information Security and Cryptology, ISCISC 2013 ; Aug , 2013 , 1 - 5 ; Mohajeri, J ; Salmasizadeh, M ; Sharif University of Technology
IEEE Computer Society
2013
Abstract
Universal Re-encryption Cryptosystems do not require the knowledge of the recipient's public key for re-encrypting a ciphertext whereas conventional Re-encryption Cryptosystems need that knowledge. In this paper, we present the first Identity-based Universal Re-encryption Cryptosystem scheme whose re-encryption algorithm does not need to have the knowledge of the recipient's identity. By generalizing the definition of Universal Semantic Security to Identity Based Universal Cryptosystems, we prove the security of our scheme. There are some applications for universal re-encryption cryptosystems which cannot be made using conventional cryptosystems. One significant application of these...
Security analysis of an identity-based mix net
, Article 2013 10th International ISC Conference on Information Security and Cryptology, ISCISC 2013 ; 2013 ; Mahmoodi, A ; Mohajeri, J ; Salmasizadeh, M ; Sharif University of Technology
IEEE Computer Society
2013
Abstract
One of the most important systems for providing anonymous communication is the Mix nets which should provide correctness and privacy as security requirements against active adversaries. In 2009, Zhong proposed a new mix net scheme which uses identity-based cryptographic techniques and proved that it has 'correctness' and 'privacy' properties in the semi-honest model. Since the semi-honest model is a very strong assumption for practical application, we show that if a user or the last mix server is corrupted, Zhong scheme does not provide privacy against an active adversary
A composite-metric based path selection technique for the Tor anonymity network
, Article Journal of Systems and Software ; Volume 103 , 2015 , Pages 53-61 ; 01641212 (ISSN) ; Kharrazi, M ; Sharif University of Technology
Abstract
The Tor anonymous network has become quite popular with regular users on the Internet. In the Tor network, an anonymous path is created by selecting three relays through which the connection is redirected. Nevertheless, as the number of Tor users has increased substantially in recent years, the algorithm with which the relays are selected affects the performance provided by the Tor network. More importantly as the performance suffers, users will leave the network, resulting in a lower anonymity set and in turn lower security provided by Tor network. In this paper, we proposed an algorithm for improving performance and security of the Tor network, by employing a combination of different...
A technique to improve De-anonymization attacks on graph data
, Article 26th Iranian Conference on Electrical Engineering, ICEE 2018, 8 May 2018 through 10 May 2018 ; 2018 , Pages 704-709 ; 9781538649169 (ISBN) ; Delavar, M ; Mohajeri, J ; Salmasizadeh, M ; Sharif University of Technology
Abstract
Social networks and the shared data in these networks are always considered as good opportunities in hands of the attackers. To evaluate the privacy risks in these networks and challenge the anonymization techniques, several de-anonymization attacks have been introduced so far. In this paper, we propose a technique to improve the success rate of passive seed based de-anonymization attacks. Our proposed technique is simple and can be applied in combination with different types of de-anonymization attacks. We show that it can achieve high success rates with low number of seeds compared to similar attacks. Our technique can also be used for applying partial attacks on graphs which results in...
A Protocol to Improve Privacy and Security of Anonymity Networks
, M.Sc. Thesis Sharif University of Technology ; Jalili, Rasool (Supervisor)
Abstract
In recent two decades, different anonymous communication systems has been proposed. These systems are interested by journalists, bank employees, military forces, and human rights advocates. Tor is one of the most popular anonymous communication systems. Tor uses onion routing for privacy preserving. Re-cently, many attacks has been introduced against the anonymity of Tor users.In these attacks entry and exit nodes are compromised. One of these malicious nodes, makes the attack on the intented flow and the other one recognizes the flow. All these attacks admit their vulnerability against dummy messages. They state that, because of dynamics of onion’s keys, any dummy injection will dis-turb...
Analyze and Improvement of Secret Handshake Protocols
, M.Sc. Thesis Sharif University of Technology ; Mohajeri, Javad (Supervisor) ; Salmasizadeh, Mahmoud (Supervisor)
Abstract
In today's world in which a major part of information is digitalized and a large portion of the communication is done via computer networks, entities authentication while maintaining privacy is a concern with the growing importance and value. To meet this goal, during the past two decades, anonymous authentication protocols with different approaches for use in various applications has presented and developed. These protocols enable users to authenticate based on some of their properties, without revealing their own identities. Secret handshake protocols are considered as type of anonymous authentication protocols. This protocol has the unique feature of hiding users' affiliation to the...
Cryptanalysis and security enhancement on the generation of Mu-Varadharajan electronic voting protocol
, Article International Journal of Electronic Governance ; Volume 3, Issue 1 , 2010 , Pages 72-84 ; 17427509 (ISSN) ; Mortazavi, A. S ; Baseri, Y ; Mohajeri, J ; Sharif University of Technology
Abstract
Mu and Varadharajan proposed an electronic voting scheme and claimed that their scheme authenticates the Voters, protects the anonymity of them, and detects the identity of double voters. Due to some weaknesses in Mu-Varadharajan scheme, several modified schemes have been proposed by Lin et al., Hwang et al., Rodríguez-Henríquez et al. and Asaar et al.; however this paper shows that these schemes suffer from some weaknesses in fulfilling the pointed properties. For this purpose, we get Hwang et al. scheme as a case study and apply our new attacks on it. Also we consider the applicability of the attacks on other pointed schemes. In addition, we present a new scheme and show that the scheme...
Security modification for the hwang-wen-hwang 's E-voting scheme
, Article 2008 International Conference on Security and Management, SAM 2008, Las Vegas, NV, 14 July 2008 through 17 July 2008 ; 2008 , Pages 486-490 ; 160132085X (ISBN); 9781601320858 (ISBN) ; Mohajeri, J ; Salmasizadeh, M ; Sharif University of Technology
2008
Abstract
Hwang-Wen-Hwang have proposed an anonymous secure electronic voting scheme to be applied over a network, and claimed that their scheme satisfies the requirement of perceptibility of double voting. But in this paper, by presenting an attack which shows imperceptible of double voting, we show that their scheme has a weakness in security and improve it. Finally, we show that this new scheme preserves the properties of the old one and also is resistant against the proposed attack
On secure consensus information fusion over sensor networks
, Article 2007 IEEE/ACS International Conference on Computer Systems and Applications, AICCSA 2007, Amman, 13 May 2007 through 16 May 2007 ; 2007 , Pages 108-115 ; 1424410312 (ISBN); 9781424410316 (ISBN) ; Talebi, M. S ; Rabiee, H. R ; Khalaj, B. H ; Sharif University of Technology
2007
Abstract
In this work we have examined the problem of consensus information fusion from a novel point of view, challenging the fundamental assumption of mutual trust among the fusion parties. In quest for a method to make information fusion possible while preserving the mutual confidentiality and anonymity of the fused information even in case of collusion of the malicious nodes, we propose the Blind Information Fusion Framework (BIFF). In BIFF, which is a secure information fusion framework, the nodes are not aware of the actual information they are processing, yet converging to the intended result(s). We formulate BIFF according to the anonymization transform and discuss its robustness against...
Enhancing De-anonymization Attacks on Graph Data
, M.Sc. Thesis Sharif University of Technology ; Mohajeri, Javad (Supervisor) ; Salmasizadeh, Mahmoud (Co-Supervisor)
Abstract
Social networks and the shared data in these networks are always considered as good opportunities in hands of the attackers. To evaluate the privacy risks in these networks and challenge the anonymization techniques, several de-anonymization attacks have been introduced so far. In this thesis, we propose a technique to improve the success rate of passive seed based de-anonymization attacks. Our proposed technique is simple and can be applied in combination with different types of de-anonymization attacks. We show that it can achieve high success rates with low number of seeds compared to similar attacks. Our technique can also be used for applying partial attacks on graphs which results in...
On the security of an efficient anonymous authentication with conditional privacy-preserving scheme for vehicular ad hoc networks
, Article 26th Iranian Conference on Electrical Engineering, ICEE 2018, 8 May 2018 through 10 May 2018 ; 2018 , Pages 510-514 ; 9781538649169 (ISBN) ; Delavar, M ; Mohajeri, J ; Salmasizadeh, M ; Sharif University of Technology
Institute of Electrical and Electronics Engineers Inc
2018
Abstract
Design of anonymous authentication scheme is one of the most important challenges in Vehicular Ad hoc Networks (VANET). Most of the existing schemes have high computational and communication overhead and they do not meet security requirements. Recently, Azees et al. have introduced an Efficient Anonymous Authentication with Conditional Privacy-Preserving (EAAP) scheme for VANET and claimed that it is secure. In this paper, we show that this protocol is vulnerable against replay attack, impersonation attack and message modification attack. Also, we show that the messages sent by a vehicle are linkable. Therefore, an adversary can easily track the vehicles. In addition, it is shown that...
Formal Verification of Privacy Property Using Applied Pi Calculus and Epistemic Logic
, M.Sc. Thesis Sharif University of Technology ; Ramezanian, Rasoul (Supervisor)
Abstract
Applied pi calculus is a variant of the pi calculus with extensions for modeling cryptographic protocols. In such a calculus, the security guarantees are usually stated as equivalences. While process calculi provide a natural means to describe the protocols themselves, epistemic logics are often better suited for expressing certain security properties such as secrecy and anonymity. These methods studied in this work to investigation the verification of privacy properties in security protocols. And finally, a new approach is introduced to bridge the gap between these two approaches: using the set of traces generated by a process as models. In this method an epistemic logic has constructs for...
Enhancing Privacy in Location-Based Services
, M.Sc. Thesis Sharif University of Technology ; Jalili, Rasool (Supervisor)
Abstract
Mobile localization development, is the reason for appearance of location-based services (LBS). Be sure of not disclosing the user personal information is the main challenge in LBS. Many different concepts and approaches for the protection of location privacy have been described in the literature which change the query of user to server. These approaches falling roughly into two main categories: centralized and distributed (user-centric). Centralized category includes approaches like “changing query pattern” using encryption on user device, or using an “anonymizer trusted third party”. In such approaches threat of an untrustworthy LBS server is addressed by the introduction of a new...
Vulnerability Analysis of Anonymity Protocols
, M.Sc. Thesis Sharif University of Technology ; Jalili, Rasool (Supervisor)
Abstract
Anonymity helps in preserving user’s privacy in communication networks. In this respect many protocols with different characteristics have been proposed, as yet. Beside these protocols there have been introduced a lot of attacks, in which the ultimate goal is reducing the degree of provided anonymity. There is a class of attacks, where attacker tries to relate users of anonymity system to each other, just by observing execution of protocol. There is no need to compromise system’s nodes or even manipulating sent or received messages. Here, the attacker omits internal mechanism of protocol and assumes it has no vulnerability. The Statistical Disclosure Attack (SDA) is one of these attacks....
Another security improvement over the Lin et al.'s electronic-voting scheme
, Article International Journal of Electronic Security and Digital Forensics ; Volume 1, Issue 4 , 2008 , Pages 413-422 ; 1751911X (ISSN) ; Mohajeri, J ; Salmasizadeh, M ; Sharif University of Technology
Inderscience Publishers
2008
Abstract
Lin, Hwang and Chang (2003) have proposed an electronic-voting scheme which can be utilised in large-scale elections, and claimed that it detects double voting. In this article, by presenting an attack, we show that voters can successfully vote more than once without being detected. Then, we propose a new modified scheme based on the Lin, Hwang and Chang's (2003) scheme with the same efficiency to solve this weakness and analyse its security. © 2008, Inderscience Publishers
Formal Verification of Anonymous Communication Protocols
, M.Sc. Thesis Sharif University of Technology ; Ramezanian, Rasool (Supervisor)
Abstract
One of the biggest challenges in online communication is privacy of individuals. Although anonymous communication (AC) protocols has been the subject of several security and anonymity analyses recently, there are still few frameworks for analyzing such complex systems (e.g. Tor) and their anonymity properties in a unified manner. In this study, an overview of anonymity features and techniques will be discussed by examining various protocols that provide undetectable network communication. Afterwards, the Tor network is described more precisely. Furthermore, the literature of formal methods is briefly reviewed, and the Universal Composable (UC) framework for the analysis of cryptography...