@misc{13128, author = {{Bröcher, Henrik}}, publisher = {{Universität Paderborn}}, title = {{{Rational Secure Multiparty Computation}}}, year = {{2019}}, } @misc{10271, author = {{N., N.}}, publisher = {{Universität Paderborn}}, title = {{{Implementation and Evaluation of Authenticated Data Structures Using Intel SGX Enclaves}}}, year = {{2019}}, } @misc{13592, author = {{Pilot, Matthias}}, publisher = {{Universität Paderborn}}, title = {{{Efficient Finite-Field Arithmetic for Elliptic Curve Cryptography in Java}}}, year = {{2019}}, } @misc{13648, author = {{Scholz, Swante}}, publisher = {{Universität Paderborn}}, title = {{{Implementation and Comparison of Elliptic Curve Algorithms in Java}}}, year = {{2019}}, } @inproceedings{13904, abstract = {{In this paper, we introduce updatable anonymous credential systems (UACS) and use them to construct a new privacy-preserving incentive system. In a UACS, a user holding a credential certifying some attributes can interact with the corresponding issuer to update his attributes. During this, the issuer knows which update function is run, but does not learn the user's previous attributes. Hence the update process preserves anonymity of the user. One example for a class of update functions are additive updates of integer attributes, where the issuer increments an unknown integer attribute value v by some known value k. This kind of update is motivated by an application of UACS to incentive systems. Users in an incentive system can anonymously accumulate points, e.g. in a shop at checkout, and spend them later, e.g. for a discount.}}, author = {{Blömer, Johannes and Bobolz, Jan and Diemert, Denis Pascal and Eidens, Fabian}}, booktitle = {{Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security - CCS '19}}, location = {{London}}, title = {{{Updatable Anonymous Credentials and Applications to Incentive Systems}}}, doi = {{10.1145/3319535.3354223}}, year = {{2019}}, } @inproceedings{2862, author = {{Blömer, Johannes and Eidens, Fabian and Juhnke, Jakob}}, booktitle = {{Topics in Cryptology - {CT-RSA} 2018 - The Cryptographers' Track at the {RSA} Conference 2018, Proceedings}}, isbn = {{9783319769523}}, issn = {{0302-9743}}, location = {{San Francisco, CA, USA}}, pages = {{470--490}}, publisher = {{Springer International Publishing}}, title = {{{Practical, Anonymous, and Publicly Linkable Universally-Composable Reputation Systems}}}, doi = {{10.1007/978-3-319-76953-0_25}}, year = {{2018}}, } @article{2685, author = {{Blömer, Johannes and Kohn, Kathlén}}, issn = {{2470-6566}}, journal = {{SIAM Journal on Applied Algebra and Geometry.}}, number = {{2}}, pages = {{314--338}}, title = {{{Voronoi Cells of Lattices with Respect to Arbitrary Norms}}}, doi = {{10.1137/17M1132045}}, volume = {{2}}, year = {{2018}}, } @inproceedings{3265, abstract = {{We present CLARC (Cryptographic Library for Anonymous Reputation and Credentials), an anonymous credentials system (ACS) combined with an anonymous reputation system. Using CLARC, users can receive attribute-based credentials from issuers. They can efficiently prove that their credentials satisfy complex (access) policies in a privacy-preserving way. This implements anonymous access control with complex policies. Furthermore, CLARC is the first ACS that is combined with an anonymous reputation system where users can anonymously rate services. A user who gets access to a service via a credential, also anonymously receives a review token to rate the service. If a user creates more than a single rating, this can be detected by anyone, preventing users from spamming ratings to sway public opinion. To evaluate feasibility of our construction, we present an open-source prototype implementation.}}, author = {{Bemmann, Kai and Blömer, Johannes and Bobolz, Jan and Bröcher, Henrik and Diemert, Denis Pascal and Eidens, Fabian and Eilers, Lukas and Haltermann, Jan Frederik and Juhnke, Jakob and Otour, Burhan and Porzenheim, Laurens Alexander and Pukrop, Simon and Schilling, Erik and Schlichtig, Michael and Stienemeier, Marcel}}, booktitle = {{Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES '18}}, isbn = {{978-1-4503-6448-5}}, location = {{Hamburg, Germany}}, publisher = {{ACM}}, title = {{{Fully-Featured Anonymous Credentials with Reputation System}}}, doi = {{10.1145/3230833.3234517}}, year = {{2018}}, } @inproceedings{3422, abstract = {{We study the consensus problem in a synchronous distributed system of n nodes under an adaptive adversary that has a slightly outdated view of the system and can block all incoming and outgoing communication of a constant fraction of the nodes in each round. Motivated by a result of Ben-Or and Bar-Joseph (1998), showing that any consensus algorithm that is resilient against a linear number of crash faults requires $\tilde \Omega(\sqrt n)$ rounds in an n-node network against an adaptive adversary, we consider a late adaptive adversary, who has full knowledge of the network state at the beginning of the previous round and unlimited computational power, but is oblivious to the current state of the nodes. Our main contributions are randomized distributed algorithms that achieve consensus with high probability among all except a small constant fraction of the nodes (i.e., "almost-everywhere'') against a late adaptive adversary who can block up to ε n$ nodes in each round, for a small constant ε >0$. Our first protocol achieves binary almost-everywhere consensus and also guarantees a decision on the majority input value, thus ensuring plurality consensus. We also present an algorithm that achieves the same time complexity for multi-value consensus. Both of our algorithms succeed in $O(log n)$ rounds with high probability, thus showing an exponential gap to the $\tilde\Omega(\sqrt n)$ lower bound of Ben-Or and Bar-Joseph for strongly adaptive crash-failure adversaries, which can be strengthened to $\Omega(n)$ when allowing the adversary to block nodes instead of permanently crashing them. Our algorithms are scalable to large systems as each node contacts only an (amortized) constant number of peers in each communication round. We show that our algorithms are optimal up to constant (resp.\ sub-logarithmic) factors by proving that every almost-everywhere consensus protocol takes $\Omega(log_d n)$ rounds in the worst case, where d is an upper bound on the number of communication requests initiated per node in each round. We complement our theoretical results with an experimental evaluation of the binary almost-everywhere consensus protocol revealing a short convergence time even against an adversary blocking a large fraction of nodes.}}, author = {{Robinson, Peter and Scheideler, Christian and Setzer, Alexander}}, booktitle = {{Proceedings of the 30th ACM Symposium on Parallelism in Algorithms and Architectures (SPAA)}}, isbn = {{978-1-4503-5799-9/18/07}}, keywords = {{distributed consensus, randomized algorithm, adaptive adversary, complexity lower bound}}, location = {{Wien}}, title = {{{Breaking the $\tilde\Omega(\sqrt{n})$ Barrier: Fast Consensus under a Late Adversary}}}, doi = {{10.1145/3210377.3210399}}, year = {{2018}}, } @inproceedings{2965, author = {{Blömer, Johannes and Löken, Nils}}, booktitle = {{Proceedings of the 13th International Conference on Availability, Reliability and Security, ARES 2018}}, isbn = {{978-1-4503-6448-5}}, location = {{Hamburg, Germany}}, pages = {{25:1----25:10}}, publisher = {{ACM}}, title = {{{Cloud Architectures for Searchable Encryption}}}, doi = {{10.1145/3230833.3230853}}, year = {{2018}}, } @phdthesis{1138, author = {{Gmyr, Robert}}, publisher = {{Universität Paderborn}}, title = {{{Distributed Algorithms for Overlay Networks and Programmable Matter}}}, doi = {{10.17619/UNIPB/1-265}}, year = {{2018}}, } @techreport{5820, abstract = {{In this paper, we investigate the use of trusted execution environments (TEEs, such as Intel's SGX) for an anonymous communication infrastructure over untrusted networks. For this, we present the general idea of exploiting trusted execution environments for the purpose of anonymous communication, including a continuous-time security framework that models strong anonymity guarantees in the presence of an adversary that observes all network traffic and can adaptively corrupt a constant fraction of participating nodes. In our framework, a participating node can generate a number of unlinkable pseudonyms. Messages are sent from and to pseudonyms, allowing both senders and receivers of messages to remain anonymous. We introduce a concrete construction, which shows viability of our TEE-based approach to anonymous communication. The construction draws from techniques from cryptography and overlay networks. Our techniques are very general and can be used as a basis for future constructions with similar goals.}}, author = {{Blömer, Johannes and Bobolz, Jan and Scheideler, Christian and Setzer, Alexander}}, title = {{{Provably Anonymous Communication Based on Trusted Execution Environments}}}, year = {{2018}}, } @inproceedings{5985, author = {{Scheideler, Christian}}, booktitle = {{Proceedings of the 2018 Workshop on Theory and Practice for Integrated Cloud, Fog and Edge Computing Paradigms, TOPIC@PODC 2018, Egham, United Kingdom, July 27, 2018}}, pages = {{1--2}}, title = {{{Relays: Towards a Link Layer for Robust and Secure Fog Computing}}}, doi = {{10.1145/3229774.3229781}}, year = {{2018}}, } @inproceedings{5216, abstract = {{A fundamental problem for overlay networks is to safely exclude leaving nodes, i.e., the nodes requesting to leave the overlay network are excluded from it without affecting its connectivity. To rigorously study self-stabilizing solutions to this problem, the Finite Departure Problem (FDP) has been proposed [9]. In the FDP we are given a network of processes in an arbitrary state, and the goal is to eventually arrive at (and stay in) a state in which all leaving processes irrevocably decided to leave the system while for all weakly-connected components in the initial overlay network, all staying processes in that component will still form a weakly connected component. In the standard interconnection model, the FDP is known to be unsolvable by local control protocols, so oracles have been investigated that allow the problem to be solved [9]. To avoid the use of oracles, we introduce a new interconnection model based on relays. Despite the relay model appearing to be rather restrictive, we show that it is universal, i.e., it is possible to transform any weakly-connected topology into any other weakly-connected topology, which is important for being a useful interconnection model for overlay networks. Apart from this, our model allows processes to grant and revoke access rights, which is why we believe it to be of interest beyond the scope of this paper. We show how to implement the relay layer in a self-stabilizing way and identify properties protocols need to satisfy so that the relay layer can recover while serving protocol requests.}}, author = {{Scheideler, Christian and Setzer, Alexander}}, booktitle = {{Proceedings of the 20th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS 2018)}}, location = {{Tokyo, Japan}}, title = {{{Relays: A New Approach for the Finite Departure Problem in Overlay Networks}}}, doi = {{10.1007/978-3-030-03232-6_16}}, year = {{2018}}, } @phdthesis{6597, author = {{Juhnke, Jakob}}, publisher = {{Universität Paderborn}}, title = {{{Models and Constructions for Secure Reputation Systems}}}, doi = {{10.17619/UNIPB/1-570}}, year = {{2018}}, } @inproceedings{3873, author = {{Blömer, Johannes and Eidens, Fabian and Juhnke, Jakob}}, booktitle = {{The International Conference on Cryptology And Network Security (CANS)}}, isbn = {{978-3-030-00434-7}}, location = {{Naples, Italy}}, pages = {{235--255}}, publisher = {{Springer}}, title = {{{Enhanced Security of Attribute-Based Signatures}}}, doi = {{10.1007/978-3-030-00434-7_12}}, volume = {{11124}}, year = {{2018}}, } @inproceedings{2379, abstract = {{In this paper, we introduce the notion of delegatable attribute-based anonymous credentials (DAAC). Such systems offer fine-grained anonymous access control and they give the credential holder the ability to issue more restricted credentials to other users. In our model, credentials are parameterized with attributes that (1) express what the credential holder himself has been certified and (2) define which attributes he may issue to others. Furthermore, we present a practical construction of DAAC. For this construction, we deviate from the usual approach of embedding a certificate chain in the credential. Instead, we introduce a novel approach for which we identify a new primitive we call dynamically malleable signatures (DMS) as the main ingredient. This primitive may be of independent interest. We also give a first instantiation of DMS with efficient protocols. }}, author = {{Blömer, Johannes and Bobolz, Jan}}, booktitle = {{ACNS 2018 Applied Cryptography & Network security}}, location = {{Leuven, Belgium}}, title = {{{Delegatable Attribute-based Anonymous Credentials from Dynamically Malleable Signatures}}}, doi = {{10.1007/978-3-319-93387-0_12}}, year = {{2018}}, } @inproceedings{2967, author = {{Blömer, Johannes and Liske, Gennadij}}, booktitle = {{Proceedings of the International Conference of Mathematical Aspects of Computer and Information Sciences (MACIS)}}, isbn = {{9783319724522}}, issn = {{0302-9743}}, pages = {{438--453}}, publisher = {{Springer International Publishing}}, title = {{{Subtleties in Security Definitions for Predicate Encryption with Public Index}}}, doi = {{10.1007/978-3-319-72453-9_35}}, volume = {{10693}}, year = {{2017}}, } @phdthesis{116, author = {{Liske, Gennadij}}, publisher = {{Universität Paderborn}}, title = {{{CCA-Security for Predicate Encryption Schemes}}}, doi = {{10.17619/UNIPB/1-220}}, year = {{2017}}, } @inproceedings{2344, author = {{Blömer, Johannes and Günther, Peter and Krummel, Volker and Löken, Nils}}, booktitle = {{Foundations and Practice of Security}}, isbn = {{9783319756493}}, issn = {{0302-9743}}, pages = {{3--17}}, publisher = {{Springer International Publishing}}, title = {{{Attribute-Based Encryption as a Service for Access Control in Large-Scale Organizations}}}, doi = {{10.1007/978-3-319-75650-9_1}}, year = {{2017}}, }