distributed verification of mixing local
play

Distributed Verification of Mixing - Local Anonymity Forking Proofs - PowerPoint PPT Presentation

Jan 06, 2023 •365 likes •832 views

Local Forking Proofs Cicho n, Klonowski, Kutyowski Distributed Verification of Mixing - Local Anonymity Forking Proofs Model mixing applications Building blocks de- & re-encryption proofs of knowledge Jacek Cicho n, Marek

  1. Local Forking Proofs Cicho´ n, Klonowski, Kutyłowski Distributed Verification of Mixing - Local Anonymity Forking Proofs Model mixing applications Building blocks de- & re-encryption proofs of knowledge Jacek Cicho´ n, Marek Klonowski, Mirek Kutyłowski Standard techniques Wrocław University of Technology RPC verifiable mixing Institute of Mathematics and Computer Science Forking proofs local verifiability ACISP’2008, Woolongong, 7.07.2008 process analysis

  2. Reaching anonymity typical scenario Local Forking Proofs Cicho´ n, Klonowski, Kutyłowski Input Anonymity a batch of encrypted messages/documents mixing applications the authors for each message is (more of less) known Building blocks de- & re-encryption proofs of knowledge Output Standard techniques plaintexts RPC verifiable mixing no link between the authors and the plaintexts Forking proofs local verifiability process analysis

  3. MIX David Chaum Local Forking Proofs Cicho´ n, Klonowski, Steps executed by a mix Kutyłowski 1 get a set of ciphertexts Anonymity mixing 2 decrypt and/or re-encrypt them applications Building 3 permute the results at random blocks de- & re-encryption 4 output them proofs of knowledge Standard techniques RPC a perfect anonimizer as long as: verifiable mixing Forking proofs cryptographic part does not leak information, local verifiability process the mix is honest. analysis

  4. Cascades of mixes protocol Local Forking Anonymization process with k parties Proofs Cicho´ n, each party holds a mix, Klonowski, Kutyłowski processing: 1 the input goes to mix 1, Anonymity mixing 2 mix i gets the input from mix i − 1 (for i > 1) and sends applications its output to mix i + 1 (for i < k ), Building blocks 3 mix k gives the output of the cascade. de- & re-encryption proofs of knowledge Standard techniques RPC verifiable mixing Forking proofs ? ? ? ? local verifiability process analysis

  5. Cascades of mixes anonymity Local Forking Proofs Cicho´ n, Klonowski, perfect anonymity if at at least one mix can be trusted Kutyłowski Alice may trust a different mix than Bob! Anonymity mixing applications Building blocks de- & re-encryption proofs of knowledge Standard ? techniques RPC verifiable mixing Forking proofs local verifiability process analysis

  6. Correctness Local Forking Proofs Cicho´ n, Klonowski, Problem Kutyłowski How do we know that no mix Anonymity mixing modifies the messages? applications Building removes message? blocks de- & re-encryption inserts own messages? proofs of knowledge Standard techniques RPC verifiable mixing Forking proofs local verifiability process analysis

  7. Correctness Local Forking Proofs Cicho´ n, Klonowski, Problem Kutyłowski How do we know that no mix Anonymity mixing modifies the messages? applications Building removes message? blocks de- & re-encryption inserts own messages? proofs of knowledge Standard techniques RPC It does not suffice that at least one mix can be trusted. verifiable mixing Forking proofs If at least one mix is cheating, then the plaintexts local verifiability can be manipulated process analysis

  8. Applications Local Forking Proofs Cicho´ n, Klonowski, Kutyłowski Anonymous communication in Internet Anonymity mixing messages sent to an Anonymizer encrypted with its applications public key, Building blocks protocols for processing through many hops (e.g. TOR) de- & re-encryption proofs of knowledge Standard techniques RPC we admit that a message can be removed or modified, verifiable mixing since it may occur anyway on the way to/from mixes Forking proofs local verifiability process analysis

  9. E-voting Local Forking Proofs Cicho´ n, Klonowski, Kutyłowski requirements Anonymity mixing the encrypted votes need to be mixed so that: applications Building anonymity is guaranteed blocks de- & re-encryption a ballot cast must neither be modified nor replaced proofs of knowledge Standard techniques RPC verifiable mixing achieving correctness is the critical issue Forking proofs local verifiability process analysis

  10. E-auctions Local Forking Proofs Cicho´ n, Klonowski, Kutyłowski Requirements (for certain auctions) Anonymity mixing offers come through anonymous communication channels: applications Building anonymity must be guaranteed: nobody should be able blocks to say who is participating, de- & re-encryption proofs of knowledge an offer will neither be modified or replaced Standard techniques RPC verifiable mixing Forking proofs achieving correctness is the critical issue local verifiability process analysis

  11. Re-encryption with ElGamal Local Forking Proofs Cicho´ n, Klonowski, Kutyłowski Modifying a ciphertext without decryption Anonymity ciphertext ( a , b ) = ( m · β k , g k ) mixing applications re-encryption: Building blocks de- & re-encryption ( a , b ) := ( a · β k ′ , b · g k ′ ) proofs of knowledge Standard techniques for a random k ′ RPC verifiable mixing ( a , b ) becomes ( m · β k + k ′ , g k + k ′ ) Forking proofs local verifiability process analysis

  12. Universal re-encryption with ElGamal Local Forking Proofs Cicho´ n, Klonowski, Kutyłowski Modifying a ciphertext without knowing public key Anonymity ciphertext ( a , b , c , d ) = ( m · β k , g k , β m , g m ) mixing applications Building re-encryption: blocks de- & re-encryption ( a , b , c , d ) := ( a · c k ′ , b · d k ′ , c k ′′ , d k ′′ ) proofs of knowledge Standard techniques for random k ′ , k ′′ RPC verifiable mixing ( a , b , c , d ) becomes ( m · β k + mk ′ , g k + mk ′ , β mk ′′ , g mk ′′ ) Forking proofs local verifiability process analysis

  13. Partial decryption ElGamal Local Forking Proofs Cicho´ n, Klonowski, Kutyłowski Forcing decryption by many parties Anonymity ciphertext ( a , b ) = ( m · ( β 1 β 2 . . . β t ) k , g k ) mixing applications partial decryption: Building blocks de- & re-encryption ( a , b ) := ( a / b x 1 , b ) proofs of knowledge Standard techniques where g x 1 = β 1 RPC verifiable mixing Forking proofs ( a , b ) becomes ( m · ( β 2 . . . β t ) k , g k ) . local verifiability process analysis

  14. Proofs of knowledge tools for showing correctness of re-encryption, decryption Local Forking Proofs ZKP of correct re-encryption Cicho´ n, Klonowski, Kutyłowski given a , b and c , d , show that you know some k so that a = c · β k , b = d · g k Anonymity mixing or: log β ( a / c ) = log g ( b / d ) , i.e. equality of discrete applications logarithms Building blocks de- & re-encryption proofs of knowledge Standard techniques RPC verifiable mixing Forking proofs local verifiability process analysis

  15. Proofs of knowledge tools for showing correctness of re-encryption, decryption Local Forking Proofs ZKP of correct re-encryption Cicho´ n, Klonowski, Kutyłowski given a , b and c , d , show that you know some k so that a = c · β k , b = d · g k Anonymity mixing or: log β ( a / c ) = log g ( b / d ) , i.e. equality of discrete applications logarithms Building blocks de- & re-encryption proofs of knowledge ZKP of correct re-encryption Standard techniques given ( a 1 , b 1 ) , . . . , ( a s , b s ) and c , d , show that you know RPC verifiable mixing some k so that for some (unrevealed) i : Forking proofs a i = c · β k , b i = d · g k local verifiability process or: log β ( a i / c ) = log g ( b i / d ) , i.e. equality of discrete analysis logarithms with some pair

  16. RPC anonymization Local Forking Proofs Cicho´ n, Klonowski, Kutyłowski Anonymity mixing applications Building blocks de- & re-encryption proofs of knowledge Standard techniques RPC verifiable mixing Forking proofs local verifiability process analysis

  17. RPC anonymization Local Forking Proofs Cicho´ n, Klonowski, Kutyłowski Anonymity mixing applications Building blocks de- & re-encryption proofs of knowledge Standard techniques RPC verifiable mixing Forking proofs local verifiability process analysis

  18. RPC anonymization Local Forking Proofs Cicho´ n, Klonowski, Kutyłowski Anonymity mixing applications Building blocks de- & re-encryption proofs of knowledge Standard techniques RPC verifiable mixing Forking proofs local verifiability process analysis

  19. RPC anonymization Local Forking Proofs Cicho´ n, Klonowski, Kutyłowski Anonymity mixing applications Building blocks de- & re-encryption proofs of knowledge Standard techniques RPC verifiable mixing Forking proofs local verifiability process analysis

  20. RPC Local Forking Proofs Cicho´ n, Klonowski, Kutyłowski Anonymity Properties mixing applications 50% of links for each mix revealed Building blocks no path of consecutive links revealed de- & re-encryption proofs of knowledge good properties in terms of probability distribution after Standard techniques O ( 1 ) mixes RPC verifiable mixing Forking proofs local verifiability process analysis

Recommend

Local Distributed Verification A. Balliu , G. DAngelo, P. Fraigniaud, and D. Oliveti CNRS and

Local Distributed Verification A. Balliu , G. DAngelo, P. Fraigniaud, and D. Oliveti CNRS and

Model Local decision Local verification Local Hierarchy Complete Problems Conclusions Local Distributed Verification A. Balliu , G. DAngelo, P. Fraigniaud, and D. Oliveti CNRS and University Paris Diderot GSSI LAquila Model Local

1.41k views • 72 slides
Local perspective of mixing - a CSP approach Stathis Stathakidis Department of Computing

Local perspective of mixing - a CSP approach Stathis Stathakidis Department of Computing

Outline Mixnets Assumptions Algorithms CSP Problems and future work Questions Local perspective of mixing - a CSP approach Stathis Stathakidis Department of Computing University of Surrey, UK 15 October 2012 E. Stathakidis Local

725 views • 51 slides
Genie Distributed Systems Synthesis and Verification Marc Rosen EN.600.667: Advanced Distributed

Genie Distributed Systems Synthesis and Verification Marc Rosen EN.600.667: Advanced Distributed

Genie Distributed Systems Synthesis and Verification Marc Rosen EN.600.667: Advanced Distributed Systems and Networks May 1, 2017 1 / 35 Outline Introduction Problem Statement Prior Art Demo How does it work? Code Generation How does it

504 views • 35 slides
CP Violation and Flavor Mixing Makoto Kobayashi KEK and JSPS Plan 1. Introduction to the

CP Violation and Flavor Mixing Makoto Kobayashi KEK and JSPS Plan 1. Introduction to the

CP Violation and Flavor Mixing Makoto Kobayashi KEK and JSPS Plan 1. Introduction to the Standard Model 2. Sakata and His Group 3. The CP Paper with Maskawa 4. Experimental Verification at B-factories 5. Lepton Flavor Mixing Introduction to

482 views • 21 slides
Formal Methods for the Verification of Distributed Algorithms Paul Gastin Laboratoire

Formal Methods for the Verification of Distributed Algorithms Paul Gastin Laboratoire

Formal Methods for the Verification of Distributed Algorithms Paul Gastin Laboratoire Spcification et Vrification ENS Paris Saclay &amp; CNRS with C. Aiswarya (CMI) &amp; Benedikt Bollig (LSV) Motivations Distributed algorithms are

1.23k views • 90 slides
Specification and Verification for distributed applications running on heterogeneous

Specification and Verification for distributed applications running on heterogeneous

Specification and Verification for distributed applications running on heterogeneous infrastructures E. Madelaine Oasis team INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis ECNU Dept of Software Engineering October 2010 Eric

683 views • 49 slides
AUTOMATIC MIXING Dissonance suppression during harmonic mixing A journey through the DJ world by

AUTOMATIC MIXING Dissonance suppression during harmonic mixing A journey through the DJ world by

AUTOMATIC MIXING Dissonance suppression during harmonic mixing A journey through the DJ world by Stefan Hamburger July 2017 Seminar Topics in Computer Music Prof. Paolo Bientinesi, RWTH Aachen 1 WHAT IS AUTOMATIC MIXING? Generating a

898 views • 35 slides
Verification of Implementations of Distributed Systems under Churn Ryan Doenges , James R. Wilcox,

Verification of Implementations of Distributed Systems under Churn Ryan Doenges , James R. Wilcox,

Verification of Implementations of Distributed Systems under Churn Ryan Doenges , James R. Wilcox, Doug Woos, Zachary Tatlock, and Karl Palmskog We should verify implementations of distributed systems... ...and we have! Framework Prover

1.41k views • 86 slides
Math 211 Math 211 Lecture #7 Mixing Problems September 10, 2003 2 Mixing Problem #1 Mixing

Math 211 Math 211 Lecture #7 Mixing Problems September 10, 2003 2 Mixing Problem #1 Mixing

1 Math 211 Math 211 Lecture #7 Mixing Problems September 10, 2003 2 Mixing Problem #1 Mixing Problem #1 A tank originally holds 500 gallons of pure water. At t = 0 there starts a flow of sugar water into the tank with a concentration of 1 2

251 views • 11 slides
Modelling and Verification of a Distributed Interlocking System using UPPAAL and UMC Van Anh Thi

Modelling and Verification of a Distributed Interlocking System using UPPAAL and UMC Van Anh Thi

Modelling and Verification of a Distributed Interlocking System using UPPAAL and UMC Van Anh Thi Trinh &amp; Per Lange Laursen DTU Compute, Technical University of Denmark 22. maj 2019 DTU Compute Outline Objectives Modelling with

418 views • 11 slides
Formal Specification and Verification of Distributed Components Soutenance de Thse pour obtenir

Formal Specification and Verification of Distributed Components Soutenance de Thse pour obtenir

Formal Specification and Verification of Distributed Components Soutenance de Thse pour obtenir le titre de Docteur en Sciences de l'Universit de Nice-Sophia Antipolis Jean-Paul R IGAULT Prsident Rapporteurs Carlos C ANAL Frantisek P

711 views • 55 slides
A Timeless Model for the Verification of Quasi-Periodic Distributed Systems Maryam Dabaghchian

A Timeless Model for the Verification of Quasi-Periodic Distributed Systems Maryam Dabaghchian

A Timeless Model for the Verification of Quasi-Periodic Distributed Systems Maryam Dabaghchian Zvonimir Rakamari School of Computing University of Utah Motivating Example Safety property: speed is always in a valid range Liveness property:

596 views • 3 slides
Mixing transition in time-dependent Mixing transition in time-dependent flows flows Presented

Mixing transition in time-dependent Mixing transition in time-dependent flows flows Presented

Mixing transition in time-dependent Mixing transition in time-dependent flows flows Presented to 8th International Workshop on the Physics of Compressible Turbulent Mixing (IWPCTM) Ye Zhou, H. F. Robey, A. C. Buckingham, B. A. Remington, A.

393 views • 27 slides
Specification, Design and Verification of Distributed Embedded Systems Mani Chandy John Doyle

Specification, Design and Verification of Distributed Embedded Systems Mani Chandy John Doyle

Specification, Design and Verification of Distributed Embedded Systems Mani Chandy John Doyle Richard Murray (PI) California Institute of Technology Eric Klavins Pablo Parrilo U. Washington

527 views • 35 slides
Three-Valued Asynchronous Distributed Runtime Verification Torben Scheffel Institute for

Three-Valued Asynchronous Distributed Runtime Verification Torben Scheffel Institute for

Three-Valued Asynchronous Distributed Runtime Verification Torben Scheffel Institute for Software Engineering and Programming Languages University of Lbeck, Germany scheffel@isp.uni-luebeck.de October 19, 2014 Torben Scheffel Three-Valued

531 views • 27 slides
Energy-Efficient Mixing Solutions The power of innovation BioMix TM Compressed Gas Mixing

Energy-Efficient Mixing Solutions The power of innovation BioMix TM Compressed Gas Mixing

Straightforward, Energy Efficient Straightforward, Mixing Solutions Energy-Efficient Mixing Solutions The power of innovation BioMix TM Compressed Gas Mixing Mixing Alternatives Mixing Alternatives Mixing Alternatives Municipal

1.47k views • 21 slides
Value of DER to D: The role of distributed energy resources in local electric

Value of DER to D: The role of distributed energy resources in local electric

Value of DER to D: The role of distributed energy resources in local electric distribution system reliability Sue Tierney Presentation to CPUC Thought Leaders Forum April 21, 2016 Context: Multiple Lenses on the Value of

478 views • 14 slides
What Makes a Distributed Problem Truly Local? or: why might Coloring just possibly be

What Makes a Distributed Problem Truly Local? or: why might Coloring just possibly be

What Makes a Distributed Problem Truly Local? or: why might Coloring just possibly be easier than MIS? Adrian Kosowski IRIF and Inria Paris Includes results of work with: Pierre Fraigniaud, Cyril Gavoille, Marc Heinrich, and Marcin

678 views • 47 slides
Local Processing in Distributed Storage Arya Mazumdar

Local Processing in Distributed Storage Arya Mazumdar

Local Processing in Distributed Storage Arya Mazumdar Based on Joint works with Viveck Cadambe, Venkat Chander, Greg Wornell (MIT) Ankit

878 views • 49 slides
DISTRIBUTED SYSTEMS II A POLYNOMIAL LOCAL SOLUTION TO MUTUAL EXCLUSION Doorways Doorway is a

DISTRIBUTED SYSTEMS II A POLYNOMIAL LOCAL SOLUTION TO MUTUAL EXCLUSION Doorways Doorway is a

Prof Philippas Tsigas Distributed Computing and Systems Research Group DISTRIBUTED SYSTEMS II A POLYNOMIAL LOCAL SOLUTION TO MUTUAL EXCLUSION Doorways Doorway is a separation mechanism of two areas. Processes which pass a doorway at

327 views • 10 slides
Local Distributed Computing Pierre Fraigniaud cole de Printemps en Informatique Thorique

Local Distributed Computing Pierre Fraigniaud cole de Printemps en Informatique Thorique

Local Distributed Computing Pierre Fraigniaud cole de Printemps en Informatique Thorique Porquerolles 14-19 mai 2017 What can be computed locally? LOCAL model An abstract model capturing the essence of locality: Processors connected

703 views • 53 slides
Von Dyck symmetries and lepton mixing Daniel Hernndez In colab. with A. Yu. Smirnov; 1204.0445

Von Dyck symmetries and lepton mixing Daniel Hernndez In colab. with A. Yu. Smirnov; 1204.0445

Von Dyck symmetries and lepton mixing Daniel Hernndez In colab. with A. Yu. Smirnov; 1204.0445 It all begins with large mixing angles in the leptonic sector TriBimaximal Mixing Harrison, Perkins, Scott, 2002 Even before and for different

306 views • 30 slides
Entropy and mixing for Z d SFTs Ronnie Pavlov University of Denver www.math.du.edu/ rpavlov

Entropy and mixing for Z d SFTs Ronnie Pavlov University of Denver www.math.du.edu/ rpavlov

Introduction Mixing conditions Consequences of mixing conditions Entropy and mixing for Z d SFTs Ronnie Pavlov University of Denver www.math.du.edu/ rpavlov 1st School on Dynamical Systems and Computation (DySyCo) CMM, Santiago, Chile

1.1k views • 80 slides
Local State Space Construction for Compositional Verification of Concurrent Systems Hao Zheng

Local State Space Construction for Compositional Verification of Concurrent Systems Hao Zheng

Local State Space Construction for Compositional Verification of Concurrent Systems Hao Zheng Department of Computer Science and Engineering University of South Florida H. Zheng (CSE USF) Local State Space Construction for Compositional

1.12k views • 50 slides

More recommend