Fixing User Authentication for the Internet of Things (IoT)

Over the last few years Internet of Things products have become known for their weak security. News articles regularly describe security vulnerabilities of cars, surveillance cameras, kettles, and other IoT devices. There are, however, recent standardization activities addressing some of these security challenges. This article describes how the work of the IETF and the FIDO Alliance can lead to improved security.     

Unpopuläre E-Mail-Verschlüsselung – Auflösung des Henne-Ei-Problems

E-Mail-Verschlüsselung könnte längst flächendeckend Verwendung finden. Der Beitrag gibt eine Antwort auf die Frage, warum dies nicht der Fall ist–und macht Vorschläge, was getan werden sollte, um dies zu ändern.     

„E-Mail made in Germany“

Das Projekt ?E-Mail made in Germany“ wurde als Reaktion auf die Enthüllungen von Edward Snowden initiiert. Es ist das erklärte Ziel, den E-Mail-Nutzern in Deutschland einen hohen Sicherheits- und Datenschutzstandard anzubieten. Das Produkt wurde mit einer breit angelegten Werbekampagne beworben. Im Mittelpunkt der Kampagne stand ein 30sekündiger TV-Spot, der auf die Notwendigkeit von sicherer E-Mail-Kommunikation eingeht. Kritiker bemängeln jedoch, dass dabei ein falsches Sicherheitsverständnis von ?E-Mail made in Germany“ vermittelt wird. Dieser Kritik wurde mit einer Laborstudie nachgegangen.     

Automatisches Sicherheitstesten

Moderne Testgeneratoren finden Schwachstellen in Eingabeschnittstellen von Programmen, indem sie in Sekunden tausende Eingaben zufällig erzeugen. Die Werkzeuge lassen sich leicht von jedermann einsetzen–zum Angriff oder zur Verteidigung.     

Secure three-party computational protocols for triangle area

In this work, we have put forth two different protocols to address a concrete secure multi-party computational (MPC) problem related to a triangle, of which the coordinates of the three vertices are confidentially kept by the three participants, respectively. The three parties wish to collaboratively compute the area of this triangle while preserving their own coordinate privacy. As one of the merits, our protocols employ weaker assumptions of the existence of pseudorandom generators. In particular, unlike massive secure MPC protocols that rely a lot on oblivious transfer, ours utilize a new computing idea called “pseudorandom-then-rounding” method to avoid this burdensome obstacle. The two protocols are based on different theorems, while they both make use of the same underlying idea. At last, we provide a detailed proof for the first protocol by a series of security reductions of our newly defined games, which seems somewhat stronger than the previous simulation-based proofs and a proof sketch for the second one. Analysis and discussion about the reasons are provided as well to round off our work.     

Practical chosen-ciphertext secure Hierarchical Identity-Based Broadcast Encryption

We focus on practical Hierarchical Identity-Based Broadcast Encryption (HIBBE) with semantic security against adaptively chosen-ciphertext attacks (CCA2) in the standard model. We achieve this goal in two steps. First, we propose a new HIBBE scheme that is secure against chosen-plaintext attacks (CPA). Compared with the existing HIBBE scheme that is built from composite-order bilinear groups, our construction is based on prime-order bilinear groups. The much better efficiency of group operations in prime-order bilinear groups makes our proposed HIBBE scheme more practical. Then, we convert it into a CCA2-secure scheme at the cost of a one-time signature. Instead of extending one user hierarchy in the Canetti–Halevi–Katz approach from CPA-secure (\(l+1\))-Hierarchical Identity-Based Encryption [(\(l+1\))-HIBE] to CCA2-secure \(l\)-HIBE, our construction merely adds one on-the-fly dummy user in the basic scheme. We formally prove the security of these two schemes in the standard model. Comprehensive theoretical analyses and experimental results demonstrate that the proposed HIBBE schemes achieve desirable performance.     

Measuring the role of age in user performance during interaction with computers

The influence of aging on computer interaction has been widely analyzed in human–computer interaction research literature. Despite this, there are no age-based user maps that could support the user-interface customization. Studying the specific needs and constraints of these groups is crucial in order to adapt a user interface to the user’s interaction requirements. This work studies the performance of a sample of participants on three different basic tasks (pointing, dragging and dropping, and text selection) and the influence of age for each of them. It is concluded that this influence differs between specific activities. A group profile map that can support automatic classification in the future has been obtained.     

Nonparametric approach for uncertainty-based multidisciplinary design optimization considering limited data

Uncertainty-based multidisciplinary design optimization (UMDO) has been widely acknowledged as an advanced methodology to address competing objectives and reliable constraints of complex systems by coupling relationship of disciplines involved in the system. UMDO process consists of three parts. Two parts are to define the system with uncertainty and to formulate the design optimization problem. The third part is to quantitatively analyze the uncertainty of the system output considering the uncertainty propagation in the multidiscipline analysis. One of the major issues in the UMDO research is that the uncertainty propagation makes uncertainty analysis difficult in the complex system. The conventional methods are based on the parametric approach could possibly cause the error when the parametric approach has ill-estimated distribution because data is often insufficient or limited. Therefore, it is required to develop a nonparametric approach to directly use data. In this work, the nonparametric approach for uncertainty-based multidisciplinary design optimization considering limited data is proposed. To handle limited data, three processes are also adopted. To verify the performance of the proposed method, mathematical and engineering examples are illustrated.