Marcos Simplício - Academia.edu (original) (raw)

Papers by Marcos Simplício

Bancos de Dados são essenciais para a operação de diversos serviços, como bancos, lojas onlines e... more Bancos de Dados são essenciais para a operação de diversos serviços, como bancos, lojas onlines e até mesmo assistência médica. O custo de manutenção local dessa grande coleção de dados é alto, e a nuvem pode ser utilizada para compartilhar recursos computacionais e atenuar esse problema. Infelizmente, grande parte desses dados pode ser confidencial ou privada, necessitando, portanto, de proteção contra terceiros. Além disso, esses dados precisam ser manipulados para que seu dono consiga extrair informações relevantes. Nesse cenário, bancos de dados cifrados na nuvem que permitam a manipulação de seus dados foram desenvolvidos nos últimos anos. Embora promissoras, as soluções propostas até então apresentam oportunidades de melhorias em termos de eficiência, flexibilidade e também segurança. Neste trabalho, modificações são propostas para o CryptDB, uma solução de banco de dados cifrado na nuvem que faz parte do estado da arte, visando melhorar sua eficiência, flexibilidade e segurança, através do aprimoramento ou troca das primitivas criptográficas utilizadas. A eficiência foi melhorada através da substituição do algoritmo de Paillier presente no CryptDB por um novo algoritmo homomórfico proposto neste trabalho. A flexibilidade foi aprimorada através de uma modificação prévia no texto antes de sua cifração com o algoritmo de Song, Wagner e Perrig, o que permite a busca por wildcards no banco de dados. Por fim, a segurança foi incrementada através da substituição do algoritmo AES em modo CMC na camada determinística do banco de dados pelo algoritmo de Song, Wagner e Perrig.

International Conference on Operations Research and Enterprise Systems, 2012

Cloud computing services provide a new way of deploying applications over the Internet, as well a... more Cloud computing services provide a new way of deploying applications over the Internet, as well a prominent approach for achieving enhanced scalability. Usually, exploration of cloud computing resources relies on a regular programming paradigm (such as Oriented Object Programming), depending on adjustments to deal with details inherent to the cloud provider and the issues related to scalability of regular programming paradigm. This paper addresses how Flow-Based Programming (FBP), a software architecture model based on Functional Programming, can be used as a solution to the challenges involving the achievement of distributed systems requirements. Firstly, we present a review of the concepts of FBP. We analyze Live Distributed Objects, Microsoft Orleans, and Yahoo! S4 under FBP perspective, providing a comparison among these solutions based on FBP criteria. Finally, we present an analysis of how FBP could be used to provide a better way to developers create scalable applications such as cloud computing.

Abstract. For the last decade, elliptic curve cryptography has gained increasing interest in indu... more Abstract. For the last decade, elliptic curve cryptography has gained increasing interest in industry and in the academic community. This is especially due to the high level of security it provides with relatively small keys and to its ability to create very efficient and multifunctional cryptographic schemes by means of bilinear pairings. Pairings require pairingfriendly elliptic curves and among the possible choices, Barreto-Naehrig (BN) curves arguably constitute one of the most versatile families. In this paper, we further expand the potential of the BN curve family. We describe BN curves that are not only computationally very simple to generate, but also specially suitable for efficient implementation on a very broad range of scenarios. We also present implementation results of the optimal ate pairing using such a curve defined over a 254-bit prime field. 1

2019 22nd Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN)

Network virtualization is a key enabler for cloud computing and its economic benefits. However, m... more Network virtualization is a key enabler for cloud computing and its economic benefits. However, many security challenges arise when mutually untrusted tenants are co-located in the same virtualized network infrastructure. To address such issues, multi-tenant environments commonly employ isolation mechanisms to prevent interferences among different tenants’ network behavior. Even though the need for multi-tenant network isolation is widely accepted, and most cloud systems do employ network virtualization technologies to address this need, it is not always clear what exactly is isolated in each approach and, consequently, the level of security obtained in each case. Aiming to address this matter, in this article we describe three complementary strategies for addressing multi-tenant isolation in cloud networks, classified according to the type of tenant network resource being isolated, namely: data paths, software resources and hardware resources. These three strategies are then applied in the evaluation of existing network virtualization architectures, showing that most of them focus only on data path isolation. We then propose a more holistic design, based on the concept of “tenant network domains”, which combines the aforementioned isolation strategies to create a more secure network virtualization architecture.

Proceedings of the 8th International Conference on Cloud Computing and Services Science

Clouds can be seen as a natural evolution of the Internet, allowing the utilization of computing ... more Clouds can be seen as a natural evolution of the Internet, allowing the utilization of computing capabilities maintained by third parties for optimizing resource usage. There are several elements that compose the cloud infrastructure and its services, and all of them must operate harmoniously. In particular, to allow the creation and deployment of services resilient to internal and external threats, the observance of security aspects is essential. This includes the deployment of authentication and authorization mechanisms to control the access to resources allocated on-demand, a strong requirement for any cloud-based solution. With this issue in mind, several providers have recently started using some form of Single Sign-On (SSO) mechanism to simplify the process of handling credentials inside the cloud. In this work, aiming to provide a structured overview of the wide variety of mechanisms that can be employed with this purpose, we propose a classification of SSO systems for cloud services, which can be used as a model for comparing current and future designing instances of such mechanisms. In addition, to validate the usefulness of the proposed taxonomy, we provide a classification of existing cloud-oriented SSO solutions.

Proceedings of the 11th International Conference on Cloud Computing and Services Science

Container-based virtualization enables the dynamic allocation of computational resources, thus ad... more Container-based virtualization enables the dynamic allocation of computational resources, thus addressing needs like scalability and fault tolerance. However, this added flexibility brought by containerization comes with a drawback: it makes system monitoring more challenging due to the large flow of calls and (de)allocations. In this article, we discuss how recording these operations in a blockchain-based data structure can facilitate auditing of employed resources, as well as analyses involving the chronology of performed operations. In addition, the use of a blockchain distributes the credibility of record integrity among providers, end-users, and developers of the container-based solution.

2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA), 2018

The installation and configuration of cloud environments has increasingly become automated and th... more The installation and configuration of cloud environments has increasingly become automated and therefore simple. For instance, solutions such as RedHat RDO and Mirantis Fuel facilitate the deployment of popular computational clouds like OpenStack. Despite the advances in usability, effort is still required to create and manage multiple users. This is of particular relevance when dealing with sensitive information, a somewhat common case for private clouds. To alleviate this burden, many clouds have adopted federated Single Sign-On (SSO) mechanisms for authenticating their users in a more transparent manner. In this work we analyze the practical security of an OpenStack IaaS cloud when combined with either OpenID Connect (using Google as IdP) or Facebook Connect (using Facebook as IdP). The criteria used in the analysis comprise the ability to provide data encryption, the risks involved in the use of an external IdP, and improper access control. We identify potential issues regarding...

The deployment of security solutions in Wireless Sensor Networks (WSNs) is considered a challenge... more The deployment of security solutions in Wireless Sensor Networks (WSNs) is considered a challenge due to the highly constrained devices involved in these applications. However, due the need for security services such as confidentiality, integrity and authenticity in a large number of important scenarios, such mechanisms are made necessary. In this demonstration paper, we show that deployment of security algorithms on a WSN testbed is possible without causing significant impact on the performance of such applications. I. I  B Most WSN deployments do not consider security among their requirements. However, when targeting WSN for health applications or scenarios that monitor sensitive information, it is important to deploy confidentiality mechanisms. Furthermore, data integrity and authenticity are critical in order to prevent fake data that could lead to mistaken actions. Therefore, it becomes necessary to employ security mechanisms such as encryption algorithms...

IACR Cryptol. ePrint Arch., 2018

Vehicular communication (V2X) technologies are expected to become increasingly common in the futu... more Vehicular communication (V2X) technologies are expected to become increasingly common in the future. Although they enable improvements on transportation safety and efficiency, the large scale deployment of V2X requires addressing some challenges. In particular, to prevent abuse by drivers and by the system itself, V2X architectures must: (1) ensure the authenticity of messages, which is usually accomplished by means of digital certification; and (2) preserve the privacy of honest users, so owners of non-revoked certificates cannot be easily identified and tracked by eavesdroppers. A promising design to address these requirements is the Security Credential Management System (SCMS), which is currently among the main candidates for protecting V2X communications in the United States. Even though SCMS provides efficient, scalable and privacy-preserving mechanisms for managing V2X-oriented certificates, in this article we show that its certificate revocation process can be further enhance...

Veh. Commun., 2021

Modern vehicular security architectures provision authorized vehicles with multiple short-term ps... more Modern vehicular security architectures provision authorized vehicles with multiple short-term pseudonym certificates, so users can avoid tracking by rotating among certificates when signing messages. The large number of certificates in the system, however, makes revocation via Certificate Revocation Lists (CRLs) complex and/or inefficient. Two possible solutions for this issue are: (1) frequently provision non-revoked vehicles with few certificates, as done in the Cooperative Intelligent Transport Systems (C-ITS) standard; or (2) provision many encrypted certificates and periodically broadcast “activation codes” for controlling decryption by non-revoked vehicles, as proposed in Activation Codes for Pseudonym Certificates (ACPC), an extension of the Security Credential Management System (SCMS) standard. In this article, we compare such approaches in terms of computational efficiency and privacy preservation. We show that ACPC has advantages over both C-ITS (e.g., support for distrib...

Privacy is a key concern in Location Based Applications (LBAs), especially due to their intensive... more Privacy is a key concern in Location Based Applications (LBAs), especially due to their intensive use resource constrained devices in which general purpose ciphers are di cult to deploy. In this paper, we address this issue by specifying a new, faster key-schedule algorithm for the Curupira block cipher. This special-purpose cipher follows the Wide Trail Strategy (such as AES) and is tailored for resource-constrained platforms, such as sensors and mobile devices. Furthermore, we present our benchmark results for both the Curupira-1 (which adopts the original key-schedule speci cation) and the Curupira-2 (which adopts the new one) in appropriate testbeds.

IACR Cryptol. ePrint Arch., 2018

Vehicular communication (V2X) technologies are expected to be common in the future, providing bet... more Vehicular communication (V2X) technologies are expected to be common in the future, providing better transportation safety and efficiency. However, their large-scale deployment requires addressing some challenges. In particular, to prevent abuse by drivers and by the system itself, V2X architectures must: (1) ensure the authenticity of messages, which is usually accomplished by means of digital certification; and (2) preserve the privacy of honest users, so owners of non-revoked certificates cannot be easily identified or tracked by eavesdroppers. A promising solution for managing V2X-oriented certificates in an efficient manner is the Security Credential Management System (SCMS), which is among the main candidates for standardization in the United States. In this paper, aiming to enhance and address issues in the SCMS architecture, we provide three main contributions. First, we describe and fix two birthday attacks against SCMS’s certificate revocation process, thus preventing the ...

Container-based virtualization enables the dynamic allocation of computational resources, thus ad... more Container-based virtualization enables the dynamic allocation of computational resources, thus addressing needs like scalability and fault tolerance. However, this added flexibility brought by containerization comes with a drawback: it makes system monitoring more challenging due to the large flow of calls and (de)allocations. In this article, we discuss how recording these operations in a blockchain-based data structure can facilitate auditing of employed resources, as well as analyses involving the chronology of performed operations. In addition, the use of a blockchain distributes the credibility of record integrity among providers, end-users, and developers of the container-based solution.

The advent of Mobile Internet and Web 2.0 raised the need for identity-oriented and user-centric ... more The advent of Mobile Internet and Web 2.0 raised the need for identity-oriented and user-centric services. In recent years, many Identity Management Systems (IdMS) have been developed to allow users to safely control and reuse their identity attributes. Service providers and users rely on the trust that the mechanisms provided by the IdMS are secure. However, if an attacker succeeds in exploiting some vulnerability of an IdMS, all the services that rely on it will be compromised. Therefore, it is crucial to perform an extensive threat analysis to ensure a deep understanding of the security issues when designing, implementing and operating such systems. In this paper, we tackle this issue by presenting a threat model of an IdMS for Mobile Internet that is composed of two enabling technologies: GAA/GBA and OpenID.

Randomization procedures are used in legal and statistical applications, aiming to shield importa... more Randomization procedures are used in legal and statistical applications, aiming to shield important decisions from spurious influences. This article gives an intuitive introduction to randomization and examines some intended consequences of its use related to truthful statistical inference and fair legal judgment. This article also presents an open-code Java implementation for a cryptographically secure, statistically reliable, transparent, traceable, and fully auditable randomization tool.

With the burgeoning Vehicle-to-Everything (V2X) communication, security and privacy concerns are ... more With the burgeoning Vehicle-to-Everything (V2X) communication, security and privacy concerns are paramount. Such concerns are usually mitigated by combining cryptographic mechanisms with a suitable key management architecture. However, cryptographic operations may be quite resource-intensive, placing a considerable burden on the vehicle’s V2X computing unit. To assuage this issue, it is reasonable to use hardware acceleration for common cryptographic primitives, such as block ciphers, digital signature schemes, and key exchange protocols. In this scenario, custom extension instructions can be a plausible option, since they achieve fine-tuned hardware acceleration with a low to moderate logic overhead, while also reducing code size. In this article, we apply this method along with dual-data memory banks for the hardware acceleration of the PRESENT block cipher, as well as for the F2255−19 finite field arithmetic employed in cryptographic primitives based on Curve25519 (e.g., EdDSA an...

IACR Cryptol. ePrint Arch., 2019

In the implicit certification model, the process of verifying the validity of the signer’s public... more In the implicit certification model, the process of verifying the validity of the signer’s public key is combined with the verification of the signature itself. When compared to traditional, explicit certificates, the main advantage of the implicit approach lies in the shorter public key validation data. This property is particularly important in resource-constrained scenarios where public key validation is performed very often, which is common in vehicular communications (V2X) that employ pseudonym certificates. In this article, we show that an alternative, Schnorr-based implicit certification procedure can improve the efficiency of a popular V2X-oriented pseudonym certificate provisioning approach, the (unified) butterfly key expansion. As an additional contribution, we show that butterfly keys are vulnerable to existential forgery attacks under certain conditions, and also discuss how this issue can be fixed in an effective and efficient manner.

Post-Quantum Cryptography

Supersingular isogeny-based cryptography is one of the more recent families of post-quantum propo... more Supersingular isogeny-based cryptography is one of the more recent families of post-quantum proposals. An interesting feature is the comparatively low bandwidth occupation in key agreement protocols, which stems from the possibility of key compression. However, compression and decompression introduce a significant overhead to the overall processing cost despite recent progress. In this paper we address the main processing bottlenecks involved in key compression and decompression, and suggest substantial improvements for each of them. Some of our techniques may have an independent interest for other, more conventional areas of elliptic curve cryptography as well.

2018 IEEE Vehicular Networking Conference (VNC)

With the increasing demand for intelligent transportation systems (ITS), security and privacy req... more With the increasing demand for intelligent transportation systems (ITS), security and privacy requirements are paramount. This led to many proposals aimed at creating a Vehicular Public Key Infrastructure (VPKI) able to address such prerequisites. Among them, the Security Credential Management System (SCMS) is particularly promising, providing data authentication in a privacy-preserving manner and also supporting revocation of misbehaving vehicles. Despite SCMS's appealing design, in this paper we show that its certificate issuing process can be further improved. Namely, one of the main benefits of SCMS is its so-called butterfly key expansion process, which issues arbitrarily large batches of pseudonym certificates by means of a single request. Although this protocol requires the vehicle to provide two separate public/private key pairs to registration authorities, we hereby propose an improved approach that unifies them into a single key. As a result, the processing and bandwidth utilization for certificate provisioning are reduced from 10% to 50% for all entities involved in the protocol. We also show that such performance gains come with no negative impact in terms of security, flexibility or scalability when compared to the original SCMS.

Proceedings of the 8th International Conference on Cloud Computing and Services Science, 2018

Clouds can be seen as a natural evolution of the Internet, allowing the utilization of computing ... more Clouds can be seen as a natural evolution of the Internet, allowing the utilization of computing capabilities maintained by third parties for optimizing resource usage. There are several elements that compose the cloud infrastructure and its services, and all of them must operate harmoniously. In particular, to allow the creation and deployment of services resilient to internal and external threats, the observance of security aspects is essential. This includes the deployment of authentication and authorization mechanisms to control the access to resources allocated on-demand, a strong requirement for any cloud-based solution. With this issue in mind, several providers have recently started using some form of Single Sign-On (SSO) mechanism to simplify the process of handling credentials inside the cloud. In this work, aiming to provide a structured overview of the wide variety of mechanisms that can be employed with this purpose, we propose a classification of SSO systems for cloud services, which can be used as a model for comparing current and future designing instances of such mechanisms. In addition, to validate the usefulness of the proposed taxonomy, we provide a classification of existing cloud-oriented SSO solutions.

Bancos de Dados são essenciais para a operação de diversos serviços, como bancos, lojas onlines e... more Bancos de Dados são essenciais para a operação de diversos serviços, como bancos, lojas onlines e até mesmo assistência médica. O custo de manutenção local dessa grande coleção de dados é alto, e a nuvem pode ser utilizada para compartilhar recursos computacionais e atenuar esse problema. Infelizmente, grande parte desses dados pode ser confidencial ou privada, necessitando, portanto, de proteção contra terceiros. Além disso, esses dados precisam ser manipulados para que seu dono consiga extrair informações relevantes. Nesse cenário, bancos de dados cifrados na nuvem que permitam a manipulação de seus dados foram desenvolvidos nos últimos anos. Embora promissoras, as soluções propostas até então apresentam oportunidades de melhorias em termos de eficiência, flexibilidade e também segurança. Neste trabalho, modificações são propostas para o CryptDB, uma solução de banco de dados cifrado na nuvem que faz parte do estado da arte, visando melhorar sua eficiência, flexibilidade e segurança, através do aprimoramento ou troca das primitivas criptográficas utilizadas. A eficiência foi melhorada através da substituição do algoritmo de Paillier presente no CryptDB por um novo algoritmo homomórfico proposto neste trabalho. A flexibilidade foi aprimorada através de uma modificação prévia no texto antes de sua cifração com o algoritmo de Song, Wagner e Perrig, o que permite a busca por wildcards no banco de dados. Por fim, a segurança foi incrementada através da substituição do algoritmo AES em modo CMC na camada determinística do banco de dados pelo algoritmo de Song, Wagner e Perrig.

International Conference on Operations Research and Enterprise Systems, 2012

Cloud computing services provide a new way of deploying applications over the Internet, as well a... more Cloud computing services provide a new way of deploying applications over the Internet, as well a prominent approach for achieving enhanced scalability. Usually, exploration of cloud computing resources relies on a regular programming paradigm (such as Oriented Object Programming), depending on adjustments to deal with details inherent to the cloud provider and the issues related to scalability of regular programming paradigm. This paper addresses how Flow-Based Programming (FBP), a software architecture model based on Functional Programming, can be used as a solution to the challenges involving the achievement of distributed systems requirements. Firstly, we present a review of the concepts of FBP. We analyze Live Distributed Objects, Microsoft Orleans, and Yahoo! S4 under FBP perspective, providing a comparison among these solutions based on FBP criteria. Finally, we present an analysis of how FBP could be used to provide a better way to developers create scalable applications such as cloud computing.

Abstract. For the last decade, elliptic curve cryptography has gained increasing interest in indu... more Abstract. For the last decade, elliptic curve cryptography has gained increasing interest in industry and in the academic community. This is especially due to the high level of security it provides with relatively small keys and to its ability to create very efficient and multifunctional cryptographic schemes by means of bilinear pairings. Pairings require pairingfriendly elliptic curves and among the possible choices, Barreto-Naehrig (BN) curves arguably constitute one of the most versatile families. In this paper, we further expand the potential of the BN curve family. We describe BN curves that are not only computationally very simple to generate, but also specially suitable for efficient implementation on a very broad range of scenarios. We also present implementation results of the optimal ate pairing using such a curve defined over a 254-bit prime field. 1

2019 22nd Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN)

Network virtualization is a key enabler for cloud computing and its economic benefits. However, m... more Network virtualization is a key enabler for cloud computing and its economic benefits. However, many security challenges arise when mutually untrusted tenants are co-located in the same virtualized network infrastructure. To address such issues, multi-tenant environments commonly employ isolation mechanisms to prevent interferences among different tenants’ network behavior. Even though the need for multi-tenant network isolation is widely accepted, and most cloud systems do employ network virtualization technologies to address this need, it is not always clear what exactly is isolated in each approach and, consequently, the level of security obtained in each case. Aiming to address this matter, in this article we describe three complementary strategies for addressing multi-tenant isolation in cloud networks, classified according to the type of tenant network resource being isolated, namely: data paths, software resources and hardware resources. These three strategies are then applied in the evaluation of existing network virtualization architectures, showing that most of them focus only on data path isolation. We then propose a more holistic design, based on the concept of “tenant network domains”, which combines the aforementioned isolation strategies to create a more secure network virtualization architecture.

Proceedings of the 8th International Conference on Cloud Computing and Services Science

Clouds can be seen as a natural evolution of the Internet, allowing the utilization of computing ... more Clouds can be seen as a natural evolution of the Internet, allowing the utilization of computing capabilities maintained by third parties for optimizing resource usage. There are several elements that compose the cloud infrastructure and its services, and all of them must operate harmoniously. In particular, to allow the creation and deployment of services resilient to internal and external threats, the observance of security aspects is essential. This includes the deployment of authentication and authorization mechanisms to control the access to resources allocated on-demand, a strong requirement for any cloud-based solution. With this issue in mind, several providers have recently started using some form of Single Sign-On (SSO) mechanism to simplify the process of handling credentials inside the cloud. In this work, aiming to provide a structured overview of the wide variety of mechanisms that can be employed with this purpose, we propose a classification of SSO systems for cloud services, which can be used as a model for comparing current and future designing instances of such mechanisms. In addition, to validate the usefulness of the proposed taxonomy, we provide a classification of existing cloud-oriented SSO solutions.

Proceedings of the 11th International Conference on Cloud Computing and Services Science

Container-based virtualization enables the dynamic allocation of computational resources, thus ad... more Container-based virtualization enables the dynamic allocation of computational resources, thus addressing needs like scalability and fault tolerance. However, this added flexibility brought by containerization comes with a drawback: it makes system monitoring more challenging due to the large flow of calls and (de)allocations. In this article, we discuss how recording these operations in a blockchain-based data structure can facilitate auditing of employed resources, as well as analyses involving the chronology of performed operations. In addition, the use of a blockchain distributes the credibility of record integrity among providers, end-users, and developers of the container-based solution.

2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA), 2018

The installation and configuration of cloud environments has increasingly become automated and th... more The installation and configuration of cloud environments has increasingly become automated and therefore simple. For instance, solutions such as RedHat RDO and Mirantis Fuel facilitate the deployment of popular computational clouds like OpenStack. Despite the advances in usability, effort is still required to create and manage multiple users. This is of particular relevance when dealing with sensitive information, a somewhat common case for private clouds. To alleviate this burden, many clouds have adopted federated Single Sign-On (SSO) mechanisms for authenticating their users in a more transparent manner. In this work we analyze the practical security of an OpenStack IaaS cloud when combined with either OpenID Connect (using Google as IdP) or Facebook Connect (using Facebook as IdP). The criteria used in the analysis comprise the ability to provide data encryption, the risks involved in the use of an external IdP, and improper access control. We identify potential issues regarding...

The deployment of security solutions in Wireless Sensor Networks (WSNs) is considered a challenge... more The deployment of security solutions in Wireless Sensor Networks (WSNs) is considered a challenge due to the highly constrained devices involved in these applications. However, due the need for security services such as confidentiality, integrity and authenticity in a large number of important scenarios, such mechanisms are made necessary. In this demonstration paper, we show that deployment of security algorithms on a WSN testbed is possible without causing significant impact on the performance of such applications. I. I  B Most WSN deployments do not consider security among their requirements. However, when targeting WSN for health applications or scenarios that monitor sensitive information, it is important to deploy confidentiality mechanisms. Furthermore, data integrity and authenticity are critical in order to prevent fake data that could lead to mistaken actions. Therefore, it becomes necessary to employ security mechanisms such as encryption algorithms...

IACR Cryptol. ePrint Arch., 2018

Vehicular communication (V2X) technologies are expected to become increasingly common in the futu... more Vehicular communication (V2X) technologies are expected to become increasingly common in the future. Although they enable improvements on transportation safety and efficiency, the large scale deployment of V2X requires addressing some challenges. In particular, to prevent abuse by drivers and by the system itself, V2X architectures must: (1) ensure the authenticity of messages, which is usually accomplished by means of digital certification; and (2) preserve the privacy of honest users, so owners of non-revoked certificates cannot be easily identified and tracked by eavesdroppers. A promising design to address these requirements is the Security Credential Management System (SCMS), which is currently among the main candidates for protecting V2X communications in the United States. Even though SCMS provides efficient, scalable and privacy-preserving mechanisms for managing V2X-oriented certificates, in this article we show that its certificate revocation process can be further enhance...

Veh. Commun., 2021

Modern vehicular security architectures provision authorized vehicles with multiple short-term ps... more Modern vehicular security architectures provision authorized vehicles with multiple short-term pseudonym certificates, so users can avoid tracking by rotating among certificates when signing messages. The large number of certificates in the system, however, makes revocation via Certificate Revocation Lists (CRLs) complex and/or inefficient. Two possible solutions for this issue are: (1) frequently provision non-revoked vehicles with few certificates, as done in the Cooperative Intelligent Transport Systems (C-ITS) standard; or (2) provision many encrypted certificates and periodically broadcast “activation codes” for controlling decryption by non-revoked vehicles, as proposed in Activation Codes for Pseudonym Certificates (ACPC), an extension of the Security Credential Management System (SCMS) standard. In this article, we compare such approaches in terms of computational efficiency and privacy preservation. We show that ACPC has advantages over both C-ITS (e.g., support for distrib...

Privacy is a key concern in Location Based Applications (LBAs), especially due to their intensive... more Privacy is a key concern in Location Based Applications (LBAs), especially due to their intensive use resource constrained devices in which general purpose ciphers are di cult to deploy. In this paper, we address this issue by specifying a new, faster key-schedule algorithm for the Curupira block cipher. This special-purpose cipher follows the Wide Trail Strategy (such as AES) and is tailored for resource-constrained platforms, such as sensors and mobile devices. Furthermore, we present our benchmark results for both the Curupira-1 (which adopts the original key-schedule speci cation) and the Curupira-2 (which adopts the new one) in appropriate testbeds.

IACR Cryptol. ePrint Arch., 2018

Vehicular communication (V2X) technologies are expected to be common in the future, providing bet... more Vehicular communication (V2X) technologies are expected to be common in the future, providing better transportation safety and efficiency. However, their large-scale deployment requires addressing some challenges. In particular, to prevent abuse by drivers and by the system itself, V2X architectures must: (1) ensure the authenticity of messages, which is usually accomplished by means of digital certification; and (2) preserve the privacy of honest users, so owners of non-revoked certificates cannot be easily identified or tracked by eavesdroppers. A promising solution for managing V2X-oriented certificates in an efficient manner is the Security Credential Management System (SCMS), which is among the main candidates for standardization in the United States. In this paper, aiming to enhance and address issues in the SCMS architecture, we provide three main contributions. First, we describe and fix two birthday attacks against SCMS’s certificate revocation process, thus preventing the ...

Container-based virtualization enables the dynamic allocation of computational resources, thus ad... more Container-based virtualization enables the dynamic allocation of computational resources, thus addressing needs like scalability and fault tolerance. However, this added flexibility brought by containerization comes with a drawback: it makes system monitoring more challenging due to the large flow of calls and (de)allocations. In this article, we discuss how recording these operations in a blockchain-based data structure can facilitate auditing of employed resources, as well as analyses involving the chronology of performed operations. In addition, the use of a blockchain distributes the credibility of record integrity among providers, end-users, and developers of the container-based solution.

The advent of Mobile Internet and Web 2.0 raised the need for identity-oriented and user-centric ... more The advent of Mobile Internet and Web 2.0 raised the need for identity-oriented and user-centric services. In recent years, many Identity Management Systems (IdMS) have been developed to allow users to safely control and reuse their identity attributes. Service providers and users rely on the trust that the mechanisms provided by the IdMS are secure. However, if an attacker succeeds in exploiting some vulnerability of an IdMS, all the services that rely on it will be compromised. Therefore, it is crucial to perform an extensive threat analysis to ensure a deep understanding of the security issues when designing, implementing and operating such systems. In this paper, we tackle this issue by presenting a threat model of an IdMS for Mobile Internet that is composed of two enabling technologies: GAA/GBA and OpenID.

Randomization procedures are used in legal and statistical applications, aiming to shield importa... more Randomization procedures are used in legal and statistical applications, aiming to shield important decisions from spurious influences. This article gives an intuitive introduction to randomization and examines some intended consequences of its use related to truthful statistical inference and fair legal judgment. This article also presents an open-code Java implementation for a cryptographically secure, statistically reliable, transparent, traceable, and fully auditable randomization tool.

With the burgeoning Vehicle-to-Everything (V2X) communication, security and privacy concerns are ... more With the burgeoning Vehicle-to-Everything (V2X) communication, security and privacy concerns are paramount. Such concerns are usually mitigated by combining cryptographic mechanisms with a suitable key management architecture. However, cryptographic operations may be quite resource-intensive, placing a considerable burden on the vehicle’s V2X computing unit. To assuage this issue, it is reasonable to use hardware acceleration for common cryptographic primitives, such as block ciphers, digital signature schemes, and key exchange protocols. In this scenario, custom extension instructions can be a plausible option, since they achieve fine-tuned hardware acceleration with a low to moderate logic overhead, while also reducing code size. In this article, we apply this method along with dual-data memory banks for the hardware acceleration of the PRESENT block cipher, as well as for the F2255−19 finite field arithmetic employed in cryptographic primitives based on Curve25519 (e.g., EdDSA an...

IACR Cryptol. ePrint Arch., 2019

In the implicit certification model, the process of verifying the validity of the signer’s public... more In the implicit certification model, the process of verifying the validity of the signer’s public key is combined with the verification of the signature itself. When compared to traditional, explicit certificates, the main advantage of the implicit approach lies in the shorter public key validation data. This property is particularly important in resource-constrained scenarios where public key validation is performed very often, which is common in vehicular communications (V2X) that employ pseudonym certificates. In this article, we show that an alternative, Schnorr-based implicit certification procedure can improve the efficiency of a popular V2X-oriented pseudonym certificate provisioning approach, the (unified) butterfly key expansion. As an additional contribution, we show that butterfly keys are vulnerable to existential forgery attacks under certain conditions, and also discuss how this issue can be fixed in an effective and efficient manner.

Post-Quantum Cryptography

Supersingular isogeny-based cryptography is one of the more recent families of post-quantum propo... more Supersingular isogeny-based cryptography is one of the more recent families of post-quantum proposals. An interesting feature is the comparatively low bandwidth occupation in key agreement protocols, which stems from the possibility of key compression. However, compression and decompression introduce a significant overhead to the overall processing cost despite recent progress. In this paper we address the main processing bottlenecks involved in key compression and decompression, and suggest substantial improvements for each of them. Some of our techniques may have an independent interest for other, more conventional areas of elliptic curve cryptography as well.

2018 IEEE Vehicular Networking Conference (VNC)

With the increasing demand for intelligent transportation systems (ITS), security and privacy req... more With the increasing demand for intelligent transportation systems (ITS), security and privacy requirements are paramount. This led to many proposals aimed at creating a Vehicular Public Key Infrastructure (VPKI) able to address such prerequisites. Among them, the Security Credential Management System (SCMS) is particularly promising, providing data authentication in a privacy-preserving manner and also supporting revocation of misbehaving vehicles. Despite SCMS's appealing design, in this paper we show that its certificate issuing process can be further improved. Namely, one of the main benefits of SCMS is its so-called butterfly key expansion process, which issues arbitrarily large batches of pseudonym certificates by means of a single request. Although this protocol requires the vehicle to provide two separate public/private key pairs to registration authorities, we hereby propose an improved approach that unifies them into a single key. As a result, the processing and bandwidth utilization for certificate provisioning are reduced from 10% to 50% for all entities involved in the protocol. We also show that such performance gains come with no negative impact in terms of security, flexibility or scalability when compared to the original SCMS.

Proceedings of the 8th International Conference on Cloud Computing and Services Science, 2018

Clouds can be seen as a natural evolution of the Internet, allowing the utilization of computing ... more Clouds can be seen as a natural evolution of the Internet, allowing the utilization of computing capabilities maintained by third parties for optimizing resource usage. There are several elements that compose the cloud infrastructure and its services, and all of them must operate harmoniously. In particular, to allow the creation and deployment of services resilient to internal and external threats, the observance of security aspects is essential. This includes the deployment of authentication and authorization mechanisms to control the access to resources allocated on-demand, a strong requirement for any cloud-based solution. With this issue in mind, several providers have recently started using some form of Single Sign-On (SSO) mechanism to simplify the process of handling credentials inside the cloud. In this work, aiming to provide a structured overview of the wide variety of mechanisms that can be employed with this purpose, we propose a classification of SSO systems for cloud services, which can be used as a model for comparing current and future designing instances of such mechanisms. In addition, to validate the usefulness of the proposed taxonomy, we provide a classification of existing cloud-oriented SSO solutions.