References of "Ryan, Peter 50002965"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailThe Cipher, the Random and the Ransom: A Survey on Current and Future Ransomware
Genç, Ziya Alper UL; Lenzini, Gabriele UL; Ryan, Peter UL

Scientific Conference (2017, November 17)

Although conceptually not new, ransomware recently regained attraction in the cybersecurity community: notorious attacks in fact have caused serious damage, proving their disruptive effect. This is likely ... [more ▼]

Although conceptually not new, ransomware recently regained attraction in the cybersecurity community: notorious attacks in fact have caused serious damage, proving their disruptive effect. This is likely just the beginning of a new era. According to a recent intelligence report by Cybersecurity Ventures, the total cost due to ransomware attacks is predicted to exceed $5 billion in 2017. How can this disruptive threat can be contained? Current anti-ransomware solutions are effective only against existing threats, and the worst is yet to come. Cyber criminals will design and deploy more sophisticated strategies, overcoming current defenses and, as it commonly happens in security, defenders and attackers will embrace a competition that will never end. In this arm race, anticipating how current ransomware will evolve may help at least being prepared for some future damage. In this paper, we describe existing techniques to mitigate ransomware and we discuss their limitations. Discussing how current ransomware could become even more disruptive and elusive is crucial to conceive more solid defense and systems that can mitigate zero-day ransomware, yielding higher security levels for information systems, including critical infrastructures such as intelligent transportation networks and health institutions. [less ▲]

Detailed reference viewed: 19 (3 UL)
Full Text
Peer Reviewed
See detailSecurity in the Shell : An Optical Physical Unclonable Function made of Shells of Cholesteric Liquid Crystals
Lenzini, Gabriele UL; Samir, Ouchani; Roenne, Peter UL et al

in Proc. of the 9th IEEE Workshop on Information Forensics and Security (2017, October 02)

We describe the application in security of shells of Cholesteric Liquid Crystals (ChLCs). Such shells have a diameter in the microns range and can be gathered in hundreds in a surface area as small as a ... [more ▼]

We describe the application in security of shells of Cholesteric Liquid Crystals (ChLCs). Such shells have a diameter in the microns range and can be gathered in hundreds in a surface area as small as a nail’s head. Because of their structural properties, a bundle of them reflects light, creating colorful patterns that we argue to be unique and computationally hard to predict. We argue also that the bundle itself is unclonable. These are typical properties of Physically Unclonable Functions, a family to which shells of ChLCs belong too. Herein we discuss their physical and security properties and their potential use in object authentication. [less ▲]

Detailed reference viewed: 26 (1 UL)
Full Text
Peer Reviewed
See detailUsing Selene to Verify your Vote in JCJ
Iovino, Vincenzo UL; Rial Duran, Alfredo UL; Roenne, Peter UL et al

in Workshop on Advances in Secure Electronic Voting (VOTING'17) (2017, April 07)

Detailed reference viewed: 36 (15 UL)
See detail(Universal) Unconditional Verifiability in E-Voting without Trusted Parties
Gallegos-Garcia, Gina; Iovino, Vincenzo UL; Roenne, Peter UL et al

E-print/Working paper (2016)

Detailed reference viewed: 12 (2 UL)
See detailFinancial Cryptography and Data Security - FC 2016 International Workshops, BITCOIN, VOTING, and WAHC
Clark, Jeremy; Sarah; Ryan, Peter UL et al

Book published by Springer (2016)

Detailed reference viewed: 18 (2 UL)
Full Text
Peer Reviewed
See detailExpressing Receipt-Freeness and Coercion-Resistance in Logics of Strategic Ability: Preliminary Attempt
Tabatabaei, Masoud UL; Jamroga, Wojciech UL; Ryan, Peter UL

in The International Workshop on AI for Privacy and Security (PrAISe), 2016. (2016)

Voting is a mechanism of utmost importance to social processes. In this paper, we focus on the strategic aspect of information security in voting procedures. We argue that the notions of receipt-freeness ... [more ▼]

Voting is a mechanism of utmost importance to social processes. In this paper, we focus on the strategic aspect of information security in voting procedures. We argue that the notions of receipt-freeness and coercion resistance are underpinned by existence (or nonexistence) of a suitable strategy for some participants of the voting process. In order to back the argument formally, we provide logical ``transcriptions'' of the informal intuitions behind coercion-related properties that can be found in the existing literature. The transcriptions are formulated in the modal game logic ATL*, well known in the area of multi-agent systems. [less ▲]

Detailed reference viewed: 23 (6 UL)
See detailThe New Codebreakers - Essays Dedicated to David Kahn on the Occasion of His 85th Birthday
Ryan, Peter UL; Naccache, David; Quisquater, Jean-Jacques

Book published by Springer (2016)

Detailed reference viewed: 6 (0 UL)
See detailReal-World Electronic Voting: Design, Analysis and Deployment
Hao, Feng; Ryan, Peter UL

Book published by Auerbach Publications (2016)

Detailed reference viewed: 10 (0 UL)
Peer Reviewed
See detailCrypto Santa
Ryan, Peter UL

in The New Codebreakers - Essays Dedicated to David Kahn on the Occasion of His 85th Birthday (2016)

Detailed reference viewed: 19 (4 UL)
Full Text
Peer Reviewed
See detailFormal Security Analysis of Traditional and Electronic Exams
Dreier, Jannik; Giustosi, Rosario; Kassem, Ali et al

in Communications in Computer and Information Science (2015), 554

Nowadays, students can be assessed not only by means of pencil-and-paper tests but also by electronic exams which they take in examination centers or even from home. Electronic exams are appealing as they ... [more ▼]

Nowadays, students can be assessed not only by means of pencil-and-paper tests but also by electronic exams which they take in examination centers or even from home. Electronic exams are appealing as they can reach larger audiences, but they are exposed to new threats that can potentially ruin the whole exam business. These threats are amplified by two issues: the lack of understanding of what security means for electronic exams (except the old concern about students cheating), and the absence of tools to verify whether an exam process is secure. This paper addresses both issues by introducing a formal description of several fundamental authentication and privacy properties, and by establishing the first theoretical framework for an automatic analysis of exam security. It uses the applied π-calculus as a framework and ProVerif as a tool. Three exam protocols are checked in depth: two Internet exam protocols of recent design, and the pencil-and-paper exam used by the University of Grenoble. The analysis highlights several weaknesses. Some invalidate authentication and privacy even when all parties are honest; others show that security depends on the honesty of parties, an often unjustified assumption in modern exams. [less ▲]

Detailed reference viewed: 68 (6 UL)
Full Text
Peer Reviewed
See detailInformation Leakage due to Revealing Randomly Selected Bits
Atashpendar, Arash UL; Roscoe, Bill; Ryan, Peter UL

in Security Protocols XXIII: Lecture Notes in Computer Science, Volume 9379, 2015 (2015, November 25)

This note describes an information theory problem that arose from some analysis of quantum key distribution protocols. The problem seems very natural and is very easy to state but has not to our knowledge ... [more ▼]

This note describes an information theory problem that arose from some analysis of quantum key distribution protocols. The problem seems very natural and is very easy to state but has not to our knowledge been addressed before in the information theory literature: suppose that we have a random bit string y of length n and we reveal k bits at random positions, preserving the order but without revealing the positions, how much information about y is revealed? We show that while the cardinality of the set of compatible y strings depends only on n and k, the amount of leakage does depend on the exact revealed x string. We observe that the maximal leakage, measured as decrease in the Shannon entropy of the space of possible bit strings corresponds to the x string being all zeros or all ones and that the minimum leakage corresponds to the alternating x strings. We derive a formula for the maximum leakage (minimal entropy) in terms of n and k. We discuss the relevance of other measures of information, in particular min-entropy, in a cryptographic context. Finally, we describe a simulation tool to explore these results. [less ▲]

Detailed reference viewed: 292 (41 UL)
Full Text
Peer Reviewed
See detailSelene: Voting with Transparent Verifiability and Coercion-Mitigation
Ryan, Peter UL; Roenne, Peter UL; Iovino, Vincenzo UL

in Abstract book of 1st Workshop on Advances in Secure Electronic Voting (2016), 2015

Detailed reference viewed: 175 (24 UL)
Full Text
Peer Reviewed
See detailA Secure Exam Protocol Without Trusted Parties
Bella, Giampaolo; Giustolisi, Rosario UL; Lenzini, Gabriele UL et al

in ICT Systems Security and Privacy Protection. 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26-28, 2015 (2015)

Detailed reference viewed: 153 (6 UL)
Full Text
Peer Reviewed
See detailEnd-to-end verifiability
Ryan, Peter UL; Benaloh, Josh; Rivest, Ronald et al

in arXiv preprint arXiv:1504.03778 (2015)

This pamphlet describes end-to-end election verifiability (E2E-V) for a nontechnical audience: election officials, public policymakers, and anyone else interested in secure, transparent, evidence - based ... [more ▼]

This pamphlet describes end-to-end election verifiability (E2E-V) for a nontechnical audience: election officials, public policymakers, and anyone else interested in secure, transparent, evidence - based electronic elections. This work is part of the Overseas Vote Foundation’s End-to-End Verifiable Internet Voting: Specification and Feasibility Assessment Study (E2E VIV Project), funded by the Democracy Fund. [less ▲]

Detailed reference viewed: 33 (3 UL)
Full Text
See detailPrivacy and Security in an Age of Surveillance
Ryan, Peter UL; Preneel, Bart; Rogaway, Phillip et al

Report (2015)

The Snowden revelations have demonstrated that the US and other nations are amassing data about people's lives at an unprecedented scale. Furthermore, these revelations have shown that intelligence ... [more ▼]

The Snowden revelations have demonstrated that the US and other nations are amassing data about people's lives at an unprecedented scale. Furthermore, these revelations have shown that intelligence agencies are not only pursuing passive surveillance over the world's communication systems, but are also seeking to facilitate such surveillance by undermining the security of the internet and communications technologies. Thus the activities of these agencies threatens not only the rights of individual citizens but also the fabric of democratic society. Intelligence services do have a useful role to play in protecting society and for this need the capabilities and authority to perform targeted surveillance. But the scope of such surveillance must be strictly limited by an understanding of its costs as well as benefits, and it should not impinge on the privacy rights of citizens any more than necessary. Here we report on a recent Dagstuhl Perspectives Workshop addressing these issues - a four-day gathering of experts from multiple disciplines connected with privacy and security. The meeting explored the scope of mass-surveillance and the deliberate undermining of the security of the internet, defined basic principles that should underlie needed reforms, and discussed the potential for technical, legal and regulatory means to help restore the security of the internet and stem infringement of human-rights by ubiquitous electronic surveillance. [less ▲]

Detailed reference viewed: 115 (2 UL)
Full Text
Peer Reviewed
See detailEnd-to-End Verifiability in Voting Systems, from Theory to Practice
Ryan, Peter UL; Schneider, Steve; Teague, Vanessa

in IEEE SECURITY & PRIVACY (2015), 13(3), 59-62

End-to-end verifiability represents a paradigm shift in electronic voting, providing a way to verify the integrity of the election by allowing voters to audit the information published by the system ... [more ▼]

End-to-end verifiability represents a paradigm shift in electronic voting, providing a way to verify the integrity of the election by allowing voters to audit the information published by the system, rather than trusting that the system has behaved correctly. Recent deployments of these systems in real elections demonstrate their practical applicability. [less ▲]

Detailed reference viewed: 124 (8 UL)
Full Text
Peer Reviewed
See detailDoubleMod and SingleMod: Simple Randomized Secret-Key Encryption with Bounded Homomorphicity
Ryan, Peter UL; Phatak, Dhananjay S.; Tang, Qiang et al

in IACR Cryptology ePrint Archive (2014)

An encryption relation f Z Z with decryption function f 􀀀1 is “group-homomorphic” if, for any suitable plaintexts x1 and x2, x1+x2 = f 􀀀1( f (x1)+f (x2)). It is “ring-homomorphic” if furthermore x1x2 ... [more ▼]

An encryption relation f Z Z with decryption function f 􀀀1 is “group-homomorphic” if, for any suitable plaintexts x1 and x2, x1+x2 = f 􀀀1( f (x1)+f (x2)). It is “ring-homomorphic” if furthermore x1x2 = f 􀀀1( f (x1) f (x2)); it is “field-homomorphic” if furthermore 1=x1 = f 􀀀1( f (1=x1)). Such relations would support oblivious processing of encrypted data. We propose a simple randomized encryption relation f over the integers, called DoubleMod, which is “bounded ring-homomorphic” or what some call ”somewhat homomorphic.” Here, “bounded” means that the number of additions and multiplications that can be performed, while not allowing the encrypted values to go out of range, is limited (any pre-specified bound on the operation-count can be accommodated). Let R be any large integer. For any plaintext x 2 ZR, DoubleMod encrypts x as f (x) = x + au + bv, where a and b are randomly chosen integers in some appropriate interval, while (u; v) is the secret key. Here u > R2 is a large prime and the smallest prime factor of v exceeds u. With knowledge of the key, but not of a and b, the receiver decrypts the ciphertext by computing f 􀀀1(y) = (y mod v) mod u. DoubleMod generalizes an independent idea of van Dijk et al. 2010. We present and refine a new CCA1 chosen-ciphertext attack that finds the secret key of both systems (ours and van Dijk et al.’s) in linear time in the bit length of the security parameter. Under a known-plaintext attack, breaking DoubleMod is at most as hard as solving the Approximate GCD (AGCD) problem. The complexity of AGCD is not known. We also introduce the SingleMod field-homomorphic cryptosystems. The simplest SingleMod system based on the integers can be broken trivially. We had hoped, that if SingleMod is implemented inside non-Euclidean quadratic or higher-order fields with large discriminants, where GCD computations appear di cult, it may be feasible to achieve a desired level of security. We show, however, that a variation of our chosen-ciphertext attack works against SingleMod even in non-Euclidean fields. [less ▲]

Detailed reference viewed: 28 (6 UL)
Full Text
Peer Reviewed
See detailTrapdoor Privacy in Asymmetric Searchable Encryption Schemes
Delerue Arriaga, Afonso UL; Tang, Qiang UL; Ryan, Peter UL

in Progress in Cryptology -- AFRICACRYPT 2014, Marrakesh 28-30 May 2014 (2014)

Asymmetric searchable encryption allows searches to be carried over ciphertexts, through delegation, and by means of trapdoors issued by the owner of the data. Public Key Encryption with Keyword Search ... [more ▼]

Asymmetric searchable encryption allows searches to be carried over ciphertexts, through delegation, and by means of trapdoors issued by the owner of the data. Public Key Encryption with Keyword Search (PEKS) is a primitive with such functionality that provides delegation of exact-match searches. As it is important that ciphertexts preserve data privacy, it is also important that trapdoors do not expose the user’s search criteria. The difficulty of formalizing a security model for trapdoor privacy lies in the verification functionality, which gives the adversary the power of verifying if a trapdoor encodes a particular keyword. In this paper, we provide a broader view on what can be achieved regarding trapdoor privacy in asymmetric searchable encryption schemes, and bridge the gap between previous definitions, which give limited privacy guarantees in practice against search patterns. We propose the notion of Strong Search Pattern Privacy for PEKS and construct a scheme that achieves this security notion. [less ▲]

Detailed reference viewed: 273 (19 UL)
Full Text
Peer Reviewed
See detailvVote: a Verifiable Voting System
Culnane, Chris; Ryan, Peter UL; Schneider, Steve et al

in Jets (2014)

The Pret a Voter cryptographic voting system was designed to be flexible and to offer voters a familiar and easy voting experience. In this paper we present a case study of our efforts to adapt Pret a ... [more ▼]

The Pret a Voter cryptographic voting system was designed to be flexible and to offer voters a familiar and easy voting experience. In this paper we present a case study of our efforts to adapt Pret a Voter to the idiosyncrasies of elections in the Australian state of Victoria. This technical report includes general background, user experience and details of the cryptographic protocols and human processes. We explain the problems, present solutions, then analyse their security properties and explain how they tie in to other design decisions. We hope this will be an interesting case study on the application of end-to-end verifiable voting protocols to real elections. A preliminary version of this paper appeared as the 10th February 2014 version of "Draft Technical Report for VEC vVote System". This version augments that version with additional message sequence charts. The team involved in developing the vVote design described in this report were: Craig Burton, Chris Culnane, James Heather, Rui Joaquim, Peter Y. A. Ryan, Steve Schneider and Vanessa Teague. [less ▲]

Detailed reference viewed: 134 (2 UL)
Full Text
Peer Reviewed
See detailPrivacy and Security in an Age of Surveillance
Preneel, Bart; Rogaway, Phillip; Ryan, Mark D. et al

in Dagstuhl Reports (2014), 4(9), 106-123

The Snowden revelations have demonstrated that the US and other nations are amassing data about people's lives at an unprecedented scale. Furthermore, these revelations have shown that intelligence ... [more ▼]

The Snowden revelations have demonstrated that the US and other nations are amassing data about people's lives at an unprecedented scale. Furthermore, these revelations have shown that intelligence agencies are not only pursuing passive surveillance over the world's communication systems, but are also seeking to facilitate such surveillance by undermining the security of the internet and communications technologies. Thus the activities of these agencies threatens not only the rights of individual citizens but also the fabric of democratic society. Intelligence services do have a useful role to play in protecting society and for this need the capabilities and authority to perform targeted surveillance. But the scope of such surveillance must be strictly limited by an understanding of its costs as well as benefits, and it should not impinge on the privacy rights of citizens any more than necessary. Here we report on a recent Dagstuhl Perspectives Workshop addressing these issues - a four-day gathering of experts from multiple disciplines connected with privacy and security. The meeting explored the scope of mass-surveillance and the deliberate undermining of the security of the internet, defined basic principles that should underlie needed reforms, and discussed the potential for technical, legal and regulatory means to help restore the security of the internet and stem infringement of human-rights by ubiquitous electronic surveillance. [less ▲]

Detailed reference viewed: 259 (2 UL)