Sharif Digital Repository

In cloud storage services, public auditing mechanisms allow a third party to verify integrity of the outsourced data on behalf of data owners without the need to retrieve data from the cloud server. In some applications, the identity of data users should be kept private from the third party auditor. Oruta is a privacy preserving public auditing scheme for shared data in the cloud which exploits ring signatures to protect the identity privacy. In this paper, we propose two attacks and demonstrate that the scheme is insecure and a dishonest server can arbitrarily tamper the outsourced data without being detected by the auditor. We also propose a solution to remedy this weakness with the... 

One of the most used types of auctions in the smart grid is the double auction, in which both buyers and sellers can respectively submit their bids and asks to participate in the auction. In recent years, many schemes have been designed to propose a double auction mechanism for the smart grids; however, few of these schemes consider the information security aspects and users’ privacy. In this paper, we propose a protocol that helps different double auction mechanisms be implemented securely in the smart grids. This protocol not only can satisfy the security requirements of a double auction scheme but is also compatible with the smart grid technologies. In this scheme, in order to preserve... 

In vehicular ad-hoc networks (VANETs), the correctness of a message requires authentication of the origin vehicle.In this paper, we introduce a novel authentication scheme for VANETs which suggests a new solution for secure vehicle communications. The proposed scheme is an road side unit (RSU) based scheme in which the master key of the Trusted Authority (TA) is embedded in a tamper-proof device provided at the RSUs. Compared with the schemes that store the master key in the on-board units, our scheme is more practical because of a secure and high speed communication link between TA and RSUs. To the best of our knowledge,this solution has not yet been devised for secure authentication in... 

In the past decades, Vehicular Ad hoc Networks (VANETs) have been increasingly developed. Providing secure and efficient communication is essential in VANETs. One of most important challenges in the secure and efficient communications is proposing an appropriate authentication scheme. In this paper, we suggest an efficient and novel authentication scheme for VANETs. In the proposed scheme, vehicles authenticate each other without any limitation such as need for group of signers, online Road Side Units (RSUs), a set of pseudo identities and tamper-proof devices. Moreover, our simulation shows that the proposed scheme is well designed and efficient. © 2019, © 2019 Taylor & Francis Group, LLC  

Internet-of-Things (IoT) devices and applications are being deployed in our homes and workplaces. These devices often rely on continuous data collection to feed machine learning models. However, this approach introduces several privacy and efficiency challenges, as the service operator can perform unwanted inferences on the available data. Recently, advances in edge processing have paved the way for more efficient, and private, data processing at the source for simple tasks and lighter models, though they remain a challenge for larger and more complicated models. In this article, we present a hybrid approach for breaking down large, complex deep neural networks for cooperative, and... 

Cloud storage has significantly reduced data management costs for data owners. However, loss of physical control over the data after outsourcing, triggers some security concerns such as data integrity. Provable Data Possession (PDP) protocols, enable data owners to audit the integrity of their outsourced data without the need to retrieve the file from cloud server. However, most existing PDP schemes require resource-constrained users to perform costly operations for generating metadata on file blocks. In online/offline PDP mechanisms introduced most recently, the user’s computation is divided into online/offline phases, where the costly operations are allowed to be carried out in the offline... 

Data sharing is considered as a favorite service provided by cloud storage servers in which the stored data is shared among a group of users. However, auditing such shared data is a big security issue for cloud users. In this paper, we propose an ID-Based public shared data integrity auditing scheme, in which all the group users are able to update, delete or insert new blocks into the shared data. Besides, the cloud server can revoke a misbehaving user with a minimum overhead. The scheme is secure against an untrusted cloud server and also preserves data privacy against the public verifier. Furthermore, overhead analysis shows the efficiency of proposed scheme in comparison to the existing... 

Lightweight authentication protocols are crucial for privacy preserving in Internet of Things (IoT). Authentication protocols should be implementable for devices with constrained memory and computational power in this area, in addition to resistance against cryptographic threats. On the other hand, these protocols should not impose a heavy computational load on such devices. In this paper we proposed an authentication protocol that properly meets these features. Our protocol is suitable for wireless sensor networks (WSNs). In this protocol, authentication is fulfilled with low communication and computational loads between sensors and users through the gateway interface using a hash function... 

In a cloud storage service, public auditing mechanisms allow a third party to verify integrity of the outsourced data on behalf of data users without the need to retrieve data from the cloud server. Recently, Shen et al. proposed a new lightweight and privacy preserving cloud data auditing scheme which employs a third party medium to perform time-consuming operations on behalf of users. The authors have claimed that the scheme meets the security requirements of public auditing mechanisms. In this paper, we show that Shen et al.'s scheme is insecure by proposing two attacks on the scheme. In the first attack, an outside adversary can modify some messages in transmission to the cloud server... 

Privacy-preserving data release is about disclosing information about useful data while retaining the privacy of sensitive data. Assuming that the sensitive data is threatened by a brute-force adversary, we define Guessing Leakage as a measure of privacy, based on the concept of guessing. After investigating the properties of this measure, we derive the optimal utility-privacy trade-off via a linear program with any f-information adopted as the utility measure, and show that the optimal utility is a concave and piece-wise linear function of the privacy-leakage budget  

Design of anonymous authentication scheme is one of the most important challenges in Vehicular Ad hoc Networks (VANET). Most of the existing schemes have high computational and communication overhead and they do not meet security requirements. Recently, Azees et al. have introduced an Efficient Anonymous Authentication with Conditional Privacy-Preserving (EAAP) scheme for VANET and claimed that it is secure. In this paper, we show that this protocol is vulnerable against replay attack, impersonation attack and message modification attack. Also, we show that the messages sent by a vehicle are linkable. Therefore, an adversary can easily track the vehicles. In addition, it is shown that... 

Vehicular ad-hoc networks (VANETs) are under active development, thanks in part to recent advances in wireless communication and networking technologies. The most fundamental part in VANETs is to enable message authentications between vehicles and roadside units. Message authentication using proxy vehicles has been proposed to reduce the computational overhead of roadside units significantly. In this message authentication scheme, proxy vehicles that verify multiple messages at the same time improve roadside units' efficiency. In this paper, first we show that the only proxy-based authentication scheme (PBAS) presented for this goal by Liu et al. cannot guarantee message authenticity, and... 

The ability of wearable cameras to continuously capture the first person viewpoint with minimal user interaction, has made them very attractive in many application domains. Wearable technology today is available and useful but not widely used and accepted due to various challenges mainly privacy concerns. In this paper, we introduce a novel efficient privacy-aware framework for wearable cameras that can protect all sensitive subjects such as people, objects (e.g, display screens, license plates and credit cards) and locations (e.g, bathrooms and bedrooms). It uses the contextual information obtained from the wearable's sensors and recorded images to identify the potential sensitive subjects... 

Privacy preservation is an important issue in data publishing. Existing approaches on privacy-preserving data publishing rely on tabular anonymization techniques such as k-anonymity, which do not provide appropriate results for aggregate queries. The solutions based on graph anonymization have also been proposed for relational data to hide only bipartite relations. In this paper, we propose an approach for anonymizing multirelation constraints (ternary or more) with (t,k) hypergraph anonymization in data publishing. To this end, we model constraints as undirected hypergraphs and formally cluster attribute relations as hyperedge with the t-means-clustering algorithm. In addition,... 

Researchers have been studying security challenges of database outsourcing for almost a decade. Privacy of outsourced data is one of the main challenges when the "Database As a Service" model is adopted in the service oriented trend of the cloud computing paradigm. This is due to the insecurity of the network environment or even the untrustworthiness of the service providers. This paper proposes a method to preserve privacy of outsourced data based on Shamir's secret sharing scheme. We split attribute values into several parts and distribute them among untrusted servers. The problem of using secret sharing in data outsourcing scenario is how to search efficiently within the randomly... 

Chevallier-Mames et al, proved that in a specific condition (such as the lack of untappable channels and trusted-third parties), the universal verifiability and privacy-preserving properties of e-voting protocols are incompatible (WOTE'06 and TTE'10). In this paper, we first show a flaw in their proof. Then, we prove that even with more assumptions, such as the existence of TTPs and untappable channels between the authorities, an e-voting protocol is unable to preserve privacy, regardless of verifiability. Finally, we demonstrate that preserving privacy in e-voting protocols requires the provision of at least one of the following assumptions: limited computational power of adversary,... 

Privacy preservation in wireless sensor networks has drawn considerable attention from research community during last few years. Emergence of single-owner, multi-user commercial sensor networks along with hostile and uncontrollable environment of such networks, makes the security issue in such networks of a great importance. This paper concentrates on token-based privacy preservation schemes. A possible attack on such schemes has been introduced. Two different approaches has been utilized to mitigate the attack. We present mathematical models for it's effects and overheads. The results have been verified using extensive simulations  

With technical advancement of location technologies and their widespread adoption, information regarding physical location of individuals is becoming more available, augmenting the development and growth of location-based services. As a result of such availability, threats to location privacy are increasing, entailing more robust and sophisticated solutions capable of providing users with straightforward yet flexible privacy. The ultimate objective of this work is to design a privacy- preserving solution, based on obfuscation techniques (imprecision and inaccuracy), capable of handling location privacy, as required by users and according to their preferences. To this aim, we propose an...