Sharif Digital Repository

Design of anonymous authentication scheme is one of the most important challenges in Vehicular Ad hoc Networks (VANET). Most of the existing schemes have high computational and communication overhead and they do not meet security requirements. Recently, Azees et al. have introduced an Efficient Anonymous Authentication with Conditional Privacy-Preserving (EAAP) scheme for VANET and claimed that it is secure. We show that this protocol is vulnerable against replay attack, impersonation attack and message modification attack. Also, we show that the messages sent by a vehicle are linkable. Therefore, an adversary can easily track the vehicles. In addition, it is shown that vehicles face with... 

The internet of things is a network of interconnected things (people, electronic devices, mechanical machines, etc.) that are able to transfer data. The applications of internet of things in electronic health (eHealth) are becoming increasingly interested. Deployment of eHealth facilitates the access of users to healthcare services, and improves the quality of the services. Using cloud computing provides the accessibility of healthcare services, and enables a data owner to share his health data with doctors and healthcare service providers. Health data is considered sensitive. So, leakage of any information about it endangers data owner privacy. Attribute-based encryption is a cryptographic... 

The expansion of technology and the increasing use of mobile devices and smartphones have aected various aspects of personal and social life. These include the use of personal mobile devices in enterprise environments called BYODs have a number of positive and negative eects. On the one hand, it would be more cost-eective for an organization or business environment for users to use their own devices, but on the other hand, it poses numerous security and information challenges that are important to manage. These include disrupting the user’s privacy or disseminating organization information to personal devices and thus violating the organization’s security policies. In this study, a model is... 

Development of Smart Grid and deployment of smart meters in large scale has raised a lot of concerns regarding customers’ privacy. Consequently, several schemes have been proposed to overcome the above mentioned issue. These schemes mainly rely on data aggregation as a method of protecting users’ privacy from the grid operators. However, the main problem with most of these schemes is the fact that they require a large amount of processing power at the meter side. This, together with the fact that smart meters don’t usually have a powerful processor, can cause the unavailability of smart meter data at the required time for operators of the grid, and at the same time disables smart meters from... 

One of the applications of Internet of things (IoT) is its usage in the eHealth area. Various types of sensors (e.g., sensor to measure heart health, blood sugar levels, and respiratory) exist that not only provide required information for patients, but also send the health information to hospital staff through the network. Leveraging this technology in various intensive care units of hospital facilitate nurses and medical staff in monitoring of patients. However, moving towards these environments leads to new security challenges. One of the most important challenges is controlling access to sensors’ data and preserving patients privacy so that doctor and nurses should access patients’... 

In this thesis, we argue that in many basic algorithms for machine learning, including support vector machine (SVM) for classification, principal component analysis (PCA) for dimensionality reduction, and regression for dependency estimation, we need the inner products of the data samples, rather than the data samples themselves. Motivated by the above observation, we introduce the problem of private inner product retrieval for distributed machine learning, where we have a system including a database of some files, duplicated across some non-colluding servers. A user intends to retrieve a subset of specific size of the inner products of the data files with minimum communication load, without... 

In some applications in the field of information technology such as social networks and medical databases in different hospitals, sometimes an entity needs to calculate the extent of its sharing of information documents with other institutions. Access to one entity's information is not possible due to the confidentiality of users' information. Therefore, in order to calculate common documents, users should be able to do so without revealing their private information. Therefore, it is required protocols such that can only obtain the shared information between two mentioned entities, while preserving the confidentiality of uncommon information. The schemes that meet the above objectives are... 

Impressive progress in hardwares and developing encryption algorithms in last two decades are caused increase in using encryption protocols in network communications. In last decade, users use privacy preserving networks like Jap and Tor to protect their privacy. These networks protect users' data from eavesdroppers by using three-layer encryption and intermediate nodes between user and target website. Recent researches show that Deep Neural Networks can predict websites viewed by users with high accuracy. In other words, privacy preserving networks suffer from information leakage. In this research, we introduced some of the most powerful methods in encrypted traffic classification and then... 

Privacy preserving data mining helps organizations and companies not only to deal with privacy concerns of customers and regular limitations, but also to benefit from collaborative data mining. Utilizing cryptographic techniques and secure multiparty computation (SMC) are among widely employed approaches for preserving privacy in distributed data mining. The general purpose of secure multiparty computation protocols to compute specific functions on private inputs of parties in a collaborative manner and without revealing their private inputs. Providing rigorous security proof of secure multiparty computation makes it a good choice for privacy preservation, despite of its cryptographic... 

Differential privacy provides a powerful definition for protecting data privacy by adding noise. Differential privacy mechanisms add noise to the responses of queries made to a database. Differential privacy challenges the learning of useful information from a dataset without leaking any information about the individuals present in that dataset. However, studies have shown that these mechanisms make assumptions about the data that, if not met, can lead to privacy leaks. One of these assumptions is the lack of correlation between data. If an attacker is aware of the correlation between data, common mechanisms cannot guarantee differential privacy.This thesis proposes a solution for adding... 

With the help of cloud computing, easy and fast access to a wide range of computing resources through the network is provided for a wide range of users. Cloud computing, on the other hand, faces security challenges in protecting users' privacy and access control because the cloud service provider is not a trusted entity, so it is possible to access or disclose sensitive data. Various solutions have been proposed to simultaneously meet the above two security requirements. The most well-known solution in this field is "Attribute-Based Encryption".In this dissertation, after reviewing the existing schemes to respond to the obstacles to implementing attribute-based encryption, an attribute-based... 

Recent advances in Machine Learning and specially Deep Learning, have caused a dramatic increase in the use of these algorithms in different applications, such as sickness diagnosis, anomaly detection, malware detection, and etc. Since training deep neural networks requires a high cost in terms of both gathering loads of labeled data and computing and human resources, deep learning models are a part of an organization’s intellectual property and so, the importance of securing these models is increasing. One of the most important types of attacks that compromises the security of deep neural networks is black-box adversarial example attack. In adversarial example attacks, the adversary... 

large-scale data collection from multiple sources to a single entity, such as a cloud provider, poses a challenging problem for implementing centralized machine learning algorithms. Constraints such as privacy protection and restrictive access policies that prevent accessing personally identifiable information hinder the development of centralized machine learning algorithms in important and sensitive domains like healthcare. However, from early disease detection to discovering new drugs, leveraging artificial intelligence in this domain is a fun-damental necessity. As a potential solution, federated learning has been proposed, allowing data owners (users) to jointly train a shared machine... 

With the dramatic advancements in information technology and the industry requirements for security and privacy, proof systems play a crucial role in cryptography. Among the vast variety of proof systems, succinct non-interactive arguments (SNARG) seem to be the most appealing class of proof systems, due to their attractive properties. SNARGs are usually made up of two constructive components, namely the information theoretic part and the cryptographic part. The GKR protocol was introduced as a proof system for a tractable family of languages called “log-Space Uniform Circuits”. The log-space uniformity is a necessary condition for the protocol to be succinct. Hence, it is not possible to... 

With the dramatic advancements in information technology and the industry requirements for security and privacy, proof systems play a crucial role in cryptography. Among the vast variety of proof systems, succinct non-interactive arguments (SNARG) seem to be the most appealing class of proof systems, due to their attractive properties. SNARGs are usually made up of two constructive components, namely the information theoretic part and the cryptographic part. The GKR protocol was introduced as a proof system for a tractable family of languages called “log-Space Uniform Circuits”. The log-space uniformity is a necessary condition for the protocol to be succinct. Hence, it is not possible to... 

Opportunistic delay tolerance networks are widely used networks that do not require infrastructure. Many routing algorithms have been proposed for these networks in which nodes need to compare their metrics (such as visit frequency, node geographical location, etc.)Therefore, routing in these networks has a high security risk and the possibility of violating privacy. There are many ways to protect privacy, but these methods have limitations: some are limited to vehicles and some are limited to social networks and node communities. Also, more general methods require a lot of complexity, including processing time, storage resources, and key management.In this study, we propose a method with... 

The multi people tracking is considered a fundamental problem in computer vision, which has received considerable attention from academic and commercial fields. This issue deals with a set of proposed methods that track the movement path of several humans in a video-like sequence. The problem of multi people tracking is the foundation of other computer vision problems, including human gesture estimation, motion recognition, and behavioral analysis, and is mainly used in emerging fields such as automatic car driving, smart security, service robots, etc. Although many methods have been proposed and investigated to solve the above problem; But there are still serious challenges, such as severe... 

Real-time applications play a significant role in the area of VANET, and are mainly required for these kinds of networks. On the other hand, when the number of messages received by vehicles increases in the network, then the applied computation load becomes extremely high and consequently, delay on the message authentication process significantly increases. This thesis, is presented with the aim of introducing a novel cooperative message authentication (CMA) scheme for VANET, the main purpose of which is alleviating the computation load on vehicles while verifying messages by using two-part identity-based signature. The scheme enables vehicles to verify only a limited number of the total... 

The applications of Internet of Things technology are increasing day by day. In the Internet of Things, various devices are connected to each other with the help of the Internet and perform various operations automatically. Today, this technology has various applications in smart city, smart home, smart car, as well as military industries and industrial factories. One of the newest applications is its use in the field of health and hygiene, which is known as the Internet of Medical Things or Smart Health. With the emergence of new epidemic diseases, the importance of this application becomes more clear. Smart health helps the patient. without going to the hospital and doctor in person, to... 

The Internet of Things is one of the most common technologies in today's world where its security is an important issue. Lightweight authentication protocols are crucial for privacy preserving in Internet of Things (IoT). IoT authentication protocols must meet security requirements and resist against cryptographic threats. On the other hand, these protocols should be implementable for devices with constrained memory and computational power in this area and should not impose a heavy computational load on such devices. In some IoT devices, such as RFIDs, resource constraints are critical, such that using standard hash functions is not practical. In this applications, security requirements is...