main-content

## Über dieses Buch

This book constitutes the thoroughly refereed post-conference proceedings of the 20th International Conference on Information Security Applications, WISA 2019, held on Jeju Island, South Korea, in August 2019. The 29 revised full papers presented in this volume were carefully reviewed and selected from 63 submissions.

The primary focus of WISA 2019 was on systems and network security including all other technical and practical aspects of security application in general. The papers are grouped in the following topical sections: Application and Game Security; Network Security and Blockchain; Cryptography; Security with AI and Machine Learning; IoT Security; Hardware Security; and Selected Security Issues.

## Inhaltsverzeichnis

### Show Me Your Account: Detecting MMORPG Game Bot Leveraging Financial Analysis with LSTM

Abstract
With the rapid growth of MMORPG market, game bot detection has become an essential task for maintaining stable in-game ecosystem. To classify bots from normal users, detection methods are proposed in both game client and server-side. Among various classification methods, data mining method in server-side captured unique characteristics of bots efficiently. For features used in data mining, behavioral and social actions of character are analyzed with numerous algorithms. However, bot developers can evade the previous detection methods by changing bot’s activities continuously. Eventually, overall maintenance cost increases because the selected features need to be updated along with the change of bot’s behavior.
To overcome this limitation, we propose improved bot detection method with financial analysis. As bot’s activity absolutely necessitates the change of financial status, analyzing financial fluctuation effectively captures bots as a key feature. We trained and tested model with actual data of Aion, a leading MMORPG in Asia. Leveraging that LSTM efficiently recognizes time-series movement of data, we achieved meaningful detection performance. Further on this model, we expect sustainable bot detection system in the near future.
Kyung Ho Park, Eunjo Lee, Huy Kang Kim

### Turn On the Lights: User Behavior in Game Environment Using CPTED

Abstract
The proliferation of the internet has allowed various online games such as Massive Multiplayer Online Role Playing Game (MMORPG) and First-Person Shooter (FPS) to garner much attention. Both MMORPG and FPS requires lower network latency, as the users are constantly required to assess and respond to the gaming environment and other users’ decisions. Our study aims to investigate the users’ psychological behavior by changing the gaming environment. We present CPTED as a risk control measure. Based on the principle of CPTED, two types of maps were designed and compared to analyze the game violence of users in each map. In order to compare the game violence of the users, 100 questionnaires were conducted. In this study, we used FAIR, a risk analysis model, to assess the threat and violence of the users.
Jeongeun Seo, Minhee Joo, Kyungho Lee

### QR Code Watermarking for Digital Images

Abstract
With the growing use of online digital media, it is becoming increasingly challenging to protect copyright and intellectual property. Data hiding techniques like digital watermarking can be used to embed data within a signal for purposes such as digital rights management. This paper investigates a watermarking technique for digital images using QR codes. The advantage of using QR codes for watermarking is that properties of the QR code structure include error correction and high data capacity. This paper proposes a QR code watermarking technique, and examines its robustness and security against common digital image attacks.
Yang-Wai Chow, Willy Susilo, Joonsang Baek, Jongkil Kim

### FSF: Code Coverage-Driven Fuzzing for Software-Defined Networking

Abstract
A Software-Defined Networking (SDN) controller plays a key role for assuring the security and robustness of its underlying network system. Previous studies focus on eliciting bugs in such SDN controller via penetration testing or fuzzing without considering code coverage feedback from a target controller under testing. We propose FSF, a code coverage-driven SDN fuzzer. We designed and implemented a fuzzing algorithm to take into account coverage differences incurred by mutated OpenFlow (OF) messages. FSF demonstrated its superiority in increasing the code coverage of a target controller and generated unique 146 tests that trigger bugs in the latest version of Floodlight, a well-known open-source SDN controller.
Hyuntae Kim, Seongil Wi, Hyunjoo Lee, Sooel Son

### DroPPPP: A P4 Approach to Mitigating DoS Attacks in SDN

Abstract
Software-Defined Networking (SDN) has proven itself a useful technology for establishing and managing configurable, dynamic networks with the rapid deployment of services in the past decade. Despite these advantages, the fact that the functionality of SDN relies heavily on the controller with a much less capable data plane creates a single point of failure, which leaves the network susceptible to denial of service (DoS) attacks mainly targeting the controller to affect the operation of the whole network. An effective approach for mitigating DoS attacks in SDN requires identifying and stopping attacks as close to their source as possible, which will require involvement of the data plane in the mitigation strategy. In this work we propose DroPPPP, a DoS prevention approach for SDN that operates in the data plane using the P4 programming language. We demonstrate through experiments in the Mininet that lightweight processing of the packets in the data plane with DroPPPP negates significant overheads through reducing the traffic between switches while keeping the controller’s CPU usage at 0% and below 50% during spoofing and volumetric attacks.
Goksel Simsek, Hakan Bostan, Alper Kaan Sarica, Egemen Sarikaya, Alperen Keles, Pelin Angin, Hande Alemdar, Ertan Onur

### A Secure and Self-tallying E-voting System Based on Blockchain

Abstract
E-voting has been studied for many years. Recently, researchers find that blockchain can provide an alternative secure platform for e-voting systems, because of its properties of tamper resistance and transparency. However, existing schemes either require centralized authorities to tally ballots or can only handle a limited number of voters. This paper tries to propose a self-tallying e-voting system, i.e., the public can verify the validity of all ballots and tally the ballots. To achieve this goal, technically, we design a new method on blockchain that can generate and distribute random numbers for ballot security and these random numbers will be cancelled out when multiplying all ballots to allow counting the ballots. Secondly, we adopt non-interactive zero knowledge proof to make sure these ballots are valid. Our scheme is proved to be secure.
Gongxian Zeng, Meiqi He, Siu Ming Yiu

### An Extended CTRT for AES-256

Abstract
At CRYPTO 2000, Desai proposed a simple and faster AONT based on the CTR mode of encryption (called, CTRT) and proved its security in the ideal cipher model. Though AES-128 whose key length $$k=128$$ and block length $$l=128$$ can be used in CTRT as a block cipher, AES-256 cannot be used in CTRT due to its intrinsic restriction of $$k \le l$$. According to a recent ECRYPT-CSA report, AES-256 is strongly recommended rather than AES-128 for long term protection (security for thirty to fifty years) and post-quantum security. In this paper, we propose an extended CTRT (named as XCTRT) suitable for AES-256. By thoroughly evaluating all the tricky cases, we prove that XCTRT is secure in the ideal cipher model under the same AONT security definition of Desai. Also, we discuss the security result of XCTRT in concrete parameter settings. After showing performance measurements of XCTRT, we can say that our XCTRT has high speed encoding/decoding performance and is quite practical to be deployed in the real-world applications (e.g., cloud storage service).
SeongHan Shin, Shota Yamada, Goichiro Hanaoka, Yusuke Ishida, Atsushi Kunii, Junichi Oketani, Shimpei Kunii, Kiyoshi Tomomura

### A Blind Ring Signature Based on the Short Integer Solution Problem

Abstract
A blind ring signature scheme is a combination of a ring signature and a blind signature, which allows not only any member of a group of signers to sign on a message on behalf of the group without revealing its identity but also the user who possesses the message to blind it before sending to the group to be signed. Blind ring signature schemes are essential components in e-commercial, e-voting etc. In this paper, we propose the first blind ring signature scheme based on lattices. More precisely, our proposed scheme is proven to be secure in random oracle model under the hardness of the short integer solution (SIS) problem.
Huy Quoc Le, Dung Hoang Duong, Willy Susilo

### A Note on the Invisibility and Anonymity of Undeniable Signature Schemes

Abstract
Undeniable signature is a special featured digital signature which can only be verified with the help of the signer. Undeniable signature should satisfy invisibility which implies the inability of a user to determine the validity of a message and signature pair as introduced by Chaum et al. Galbraith and Mao later proposed the notion of anonymity which implies the infeasibility to determine which user has issued the signature. They also proved that the notions of invisibility and anonymity are equivalent when the signers possess the same signature space, such that if an undeniable signature possesses invisibility, then it also possesses anonymity, and vice versa. In this paper, we show that in contradiction to the equivalency result established by Galbraith and Mao, there exist some undeniable signature schemes that possess invisibility but not anonymity. This motivates us to find out whether there is a limitation on Galbraith and Mao’s equivalency result or the schemes are actually flawed. Our analysis shows that the anonymity property requires all signers to possess the same signature space but the invisibility property does not. This conforms to the equivalency result and implies that an undeniable signature scheme can be invisible but not anonymous if the signers possess the different signature spaces. Our result invalidates two past cryptanalysis on undeniable signature schemes.
Jia-Ch’ng Loh, Swee-Huay Heng, Syh-Yuan Tan, Kaoru Kurosawa

### Zero-Knowledge Proof System for Fully Anonymous Attribute Based Group Signatures from Lattices with VLR

Abstract
Signature schemes with Verifier-Local Revocation (VLR) fail to achieve stronger anonymity notion, full-anonymity. In full-anonymity, it is free to corrupt the secret signing keys. Secret signing keys of VLR schemes consist of tokens which can be used to identify the users. Thus VLR schemes restrict corrupting secret signing keys. VLR schemes can achieve full-anonymity by separating tokens from secret signing keys. However, separation of tokens gives space to signers to replace tokens with fake values. Generating signatures with fake tokens can be prevented with a suitable proof system. This paper proposes a new zero-knowledge protocol to support provers to convince verifiers, that attributes used for creating the signature are valid and have naive tokens. Moreover, this paper offers a new Attribute-Based Group Signature (ABGS) scheme, that uses the proposed protocol and achieves full anonymity.
Maharage Nisansala Sevwandi Perera, Toru Nakamura, Masayuki Hashimoto, Hiroyuki Yokoyama

### Reversible Data Hiding in Homomorphic Encrypted Images Without Preprocessing

Abstract
Recently, reversible data hiding in encrypted images (RDH-EI) has been developed to transmit additional data. Besides extracting the hidden data, the original or processed image should be obtained when needed. In this paper, a new RDH-EI method for homomorphic encrypted images is proposed by utilizing the additive homomorphism and self-blinding property in Paillier cryptosystem. Specifically, part of the hidden data may be extracted before image decryption while the rest can be extracted after image decryption. In addition, no preprocessing is required so that homomorphic processing can be performed before data embedding. The experimental results on test images validate that the proposed method is compatible with homomorphic image processing before data embedding. Compared with the state-of-the-art methods, higher embedding capacity can be obtained with the proposed method while the original or processed image can be correctly generated.
Hao-Tian Wu, Yiu-ming Cheung, Zhenwei Zhuang, Shaohua Tang

### Model Selection for Data Analysis in Encrypted Domain: Application to Simple Linear Regression

Abstract
In the big data era, data scientists explore machine learning methods for observed data to predict or classify. For machine learining to be effective, it requires access to raw data which is often privacy sensitive. In addition, whatever data and fitting procedures are employed, a crucial step is to select the most appropriate model from the given dataset. Model selection is a key ingredient in data analysis for reliable and reproducible statistical inference or prediction. To address this issue, we develop new techniques to provide solutions for running model selection over encrypted data. Our approach provides the best approximation of the relationship between the dependent and independent variable through cross validation. After performing 4-fold cross validation, 4 different estimates of our model’s errors are calculated. And then we use bias and variance extracted from these errors to find the best model. We perform an experiment on a dataset extracted from Kaggle and show that our approach can homomorphically regress a given encrypted data without decrypting it.
Mi Yeon Hong, Ji Won Yoon

### Timed-Release Encryption with Master Time Bound Key

Abstract
Timed-release encryption allows senders to send a message to a receiver which cannot decrypt until a server releases a time bound key at the release time. The release time usually supposed to be known to the receiver, the ciphertext therefore cannot be decrypted if the release time is lost. We solve this problem in this paper by having a master time bound key which can replace the time bound key of any release time. We first present security models of the timed-release encryption with master time bound key. We present a provably secure construction based on the Weil pairing.
Gwangbae Choi, Serge Vaudenay

### Secret Sharing on Evolving Multi-level Access Structure

Abstract
Secret sharing is a process that allows storing secret information in a distributed manner among several participants. In the original setting of secret sharing schemes, it was assumed that the total number of participants is fixed from the very beginning. However, to meet the state of the art needs, it is required to consider the scenario where any time a new participant can join and the total number of participants is (possibly) unbounded. Evolving secret sharing solves the problem. Secret sharing for evolving threshold access structure has been considered in the last few years. Here, we consider the Multi-level access structures. More specifically, we consider evolving compartmental and hierarchical access structures. We provide constructions with the estimation of share sizes.
Sabyasachi Dutta, Partha Sarathi Roy, Kazuhide Fukushima, Shinsaku Kiyomoto, Kouichi Sakurai

### Strengthened PAKE Protocols Secure Against Malicious Private Key Generator

Abstract
At WISA 2015, Choi et al. [9] proposed an identity-based password-authenticated key exchange (iPAKE) protocol using the Boneh-Franklin IBE scheme. In this paper, we revisit the iPAKE protocol [9] (and its generic construction) that has been standardized in the international standard committee ISO/IEC JTC 1/SC 27. First, we show that the iPAKE protocol is insecure against passive/active attacks by a malicious PKG (Private Key Generator) where the malicious PKG can find out all clients’ passwords by just eavesdropping the communications, and the PKG can share a session key with any client by impersonating the server. Then, we propose two strengthened PAKE (SPI and SPI-S) protocols that prevents such malicious PKG’s passive/active attacks. Also, we discuss security of the SPI and SPI-S protocols, and compare relevant protocols in terms of efficiency and security.
SeongHan Shin

### Efficient Decentralized Random Commitment Key Generation for Mixnet Shuffle Proof

Abstract
In this paper, we propose a new commitment key generation method for the mixnet shuffle proof developed by Bayer-Groth in Eurocrypt’ 12. The problem of the shuffle proof algorithm is that it gives too much power to a single authority: It has been shown that the authority, who creates commitment keys and generates proofs for verifying electronic voting (e-voting) results, also can produce malicious verification proofs by logging the exponents of commitment keys. We suggest a new way to decentralize the commitment key generation process by allowing multiple parties to jointly participate in the commitment key generation. Therefore, any of the parties, even who operating e-voting system, cannot know the exponents of commitment keys fully. Therefore, our suggestion distributes the power that is concentrated on the single authority and makes the verification process of the proof more sound and prudent.
Jongkil Kim, Joonsang Baek, Willy Susilo, Yang-Wai Chow

### Catching the Phish: Detecting Phishing Attacks Using Recurrent Neural Networks (RNNs)

Abstract
The emergence of online services in our daily lives has been accompanied by a range of malicious attempts to trick individuals into performing undesired actions, often to the benefit of the adversary. The most popular medium of these attempts is phishing attacks, mainly through emails and websites. In order to defend against such attacks, there is an urgent need for automated mechanisms to identify this malicious content before it reaches users. Machine learning techniques have gradually become the standard for such classification problems. However, identifying common measurable features of phishing content (e.g., in emails) is notoriously difficult. To address this problem, we engage in a novel study into a phishing content classifier based on a recurrent neural network (RNN), which identifies such features without human input. At this stage, we scope our research to emails, but our approach can be extended to apply to websites. Our results show that the proposed system outperforms state-of-the-art tools. Furthermore, our classifier is efficient and takes into account only the text and, in particular, the textual structure of the email. Since these features are rarely considered in email classification, we argue that our classifier can complement existing classifiers with high information gain.
Lukáš Halgaš, Ioannis Agrafiotis, Jason R. C. Nurse

### CAPTCHA Image Generation Using Style Transfer Learning in Deep Neural Network

Abstract
CAPTCHA is widely used as a security solution to prevent automated attack tools on websites. However, CAPTCHA is difficult to recognize human perception when it gives a lot of distortion to have resistance against the automated attack. In this paper, we propose a method to deceive the machine while maintaining the human perception rate by applying the style transfer method. This method creates a style-plugged-CAPTCHA image by combining the styles of different images while maintaining the content of the original CAPTCHA sample. We used 6 datasets in the actual site and used Tensorflow as the machine learning library. Experimental results show that the proposed method reduces the recognition rate of the DeCAPTCHA system to 3.5% while maintaining human perception.
Hyun Kwon, Hyunsoo Yoon, Ki-Woong Park

Abstract
Owing to the generality and importance of the password as a means of authentication, many studies have addressed password-strength evaluation methods and password cracking methods. Recently, the generative adversarial networks approach to enhance password guessing (PassGAN) has been proposed as a password cracking method in research that is based on generative adversarial networks (GAN). The results of this study have received substantial attention. In this paper, we propose the use of a recurrent neural networks-based (RNN) GAN, which comprises the use of the improved Wasserstein GAN (IWGAN) cost function. These models that combine the RNN with IWGAN perform better than PassGAN. We have conducted experiments to compare the performance of our proposed model with that of PassGAN and analyzed the results. Using these analyses, we confirmed that our proposed models exhibited a password cracking performance improvement of 5–10% more than that of PassGAN.
Sungyup Nam, Seungho Jeon, Jongsub Moon

### Is It Possible to Hide My Key into Deep Neural Network?

Abstract
The use of cryptographic functions has become vital for various devices, such as PCs, smart phones, drones, and smart appliances; however, the secure storage of cryptographic keys (or passwords) is a major issue. One way to securely store such a key is to register the key using secret data such as biometric data and then regenerate the key whenever it is needed. In this paper, we present a novel methodology for hiding cryptographic keys inside a deep neural network (DNN), and is termed as the DNN-based key hiding scheme. In this method, DNNs are constructed and trained with noisy data to hide the key within the network. To prove that our methodology works in practice, we propose an example of the DNN-based key hiding scheme and prove its correctness. For its robustness, we propose two basic security analysis tools to be able to check the example’s security. To the best of our knowledge, this is the first attempt of its kind.
Taehyuk Kim, Taek-Young Youn, Dooho Choi

### RC PUF: A Low-Cost and an Easy-to-Design PUF for Resource-Constrained IoT Devices

Abstract
A physically unclonable function (PUF) is a security primitive that can generate device-specific cryptographic information by extracting the features of hardware uncertainty. Despite the advantages of PUFs introduced over the past decade, the majority of them have to be implemented on a separate chip or embedded as a part of a chip, making it difficult to use them in low-cost IoT devices. To increase the usability of PUFs in IoT devices, we propose a novel resistor-capacitor (RC) PUF that can be configured at low cost. The main feature of this RC-based PUF is that it extracts the small difference caused by charging and discharging of RC circuits and uses it as a response. Experimental results show that the proposed RC PUF has more than 49% uniqueness while maintaining over 98% reliability. It also reveals less than 1% stability at 10% voltage changes from 3.3 V to 3.0 V, representing very robust characteristics against voltage variations. For temperature changes from −30 °C to 70°, the stability is maintained below 4%.
Sangjae Lee, Mi-Kyung Oh, Yousung Kang, Dooho Choi

### On the Automation of Security Testing for IoT Constrained Scenarios

Abstract
Due to the high increase of IoT technologies and devices, analyzing their security is crucial for their acceptance. Towards this end, an automated security testing approach should be considered as a cornerstone to cope with the business interests and the high fragmentation of new approaches. In particular, this work analyses the use of the Model-Based Testing (MBT) approach and specific technologies and tools to automate the generation of security tests. Then, we provide a detailed description of its application to the Elliptic Curve Diffie-Hellman over COSE (EDHOC) protocol, which is being defined within the scope of the Internet Engineering Task Force (IETF).
Sara N. Matheu, Salvador Pérez, José L. Hernández Ramos, Antonio Skarmeta

### Cyber Deception in the Internet of Battlefield Things: Techniques, Instances, and Assessments

Abstract
The Internet of Battlefield Things (IoBT) is an emerging application to improve operational effectiveness for military applications. The security of IoBT is one of the more challenging aspects, where adversaries can exploit vulnerabilities in IoBT software and deployment conditions to gain insight into their state. In this work, we look into the security of IoBT from the lens of cyber deception. First, we formulate the IoBT domain as a graph learning problem from an adversarial point of view and introduce various tools through which an adversary can learn the graph starting with partial prior knowledge. Second, we use this model to show that an adversary can learn high-level information from low-level graph structures, including the number of soldiers and their proximity. For that, we use a powerful n-gram based algorithm to obtain features from random walks on the underlying graph representation of IoBT. Third, we provide microscopic and macroscopic approaches that manipulate the underlying IoBT graph structure to introduce uncertainty in the adversary’s learning. Finally, we show our approach’s effectiveness through analyses and evaluations.
Jeman Park, Aziz Mohaisen, Charles A. Kamhoua, Michael J. Weisman, Nandi O. Leslie, Laurent Njilla

### Ring-LWE on 8-Bit AVR Embedded Processor

Abstract
Fast implementation of Ring-LWE is a challenge for the low-end embedded processors. One of the most expensive operation for Ring-LWE is Number Theoretic Transform (NTT). Many works have investigated the optimized implementation for the NTT operation. In this paper, we further optimized the NTT operation on the low-end 8-bit AVR microcontrollers. We focused on the optimized and secure polynomial multiplication to ensure countermeasures against timing attacks and high performance. In particular, we propose the combined Look-Up Table (LUT) based fast reduction techniques in regular fashion. With the optimization techniques, the proposed NTT implementation enhances the performance by 14.6% than previous best results. Finally, proposed NTT implementations are applied to the Ring-LWE key scheduling and encryption operations, which require the only 1,325,171 and 1,430,601 clock cycles for 256-bit security levels.
Hwajeong Seo, Hyeokdong Kwon, Yongbeen Kwon, Kyungho Kim, Seungju Choi, Hyunjun Kim, Kyoungbae Jang

### Low-Noise LLC Side-Channel Attack with Perf

Abstract
Many cache side-channel attacks have been proposed, and they threaten sensitive programs in real-world. The success of the attacks depends on how accurately to decide whether a set of cache lines are in cache or not. However, external factors insert noise into cache attacks, and the noise disturbs the attacks’ decision process. Attacks in last-level cache (LLC) have more noise compared with core-dedicated caches.
In this paper, we propose an attack method using Perf—a performance analyzing tool in Linux, attack$$_{Perf}$$, to achieve low-noise in cache side-channel attacks to LLC. The proposed method utilizes Perf to decide cache hits/misses when accessing memory. Since Perf gets the number of cache hits and misses from hardware performance counters, it can identify the cache hits/misses of memory accesses with the less noise. For evaluation, we compare the performance of attacks$$_{timer}$$ (existing attack method) and attacks$$_{Perf}$$ by implementing Flush+Reload and Prime+Probe. For the accuracy of Perf, we compare the clock cycles of the timer and the counts of Perf according to the victim’s access.
Youngjoo Ko, Sangwoo Ji, Jong Kim

### Optimized SIKE Round 2 on 64-bit ARM

Abstract
In this work, we present the first highly-optimized implementation of Supersingular Isogeny Key Encapsulation (SIKE) submitted to NIST’s second round of post quantum standardization process, on 64-bit ARMv8 processors. To the best of our knowledge, this work is the first optimized implementation of SIKE round 2 on 64-bit ARM over SIKEp434 and SIKEp610. The proposed library is explicitly optimized for these two security levels and provides constant-time implementation of the SIKE mechanism on ARMv8-powered embedded devices. We adapt different optimization techniques to reduce the total number of underlying arithmetic operations on the filed level. In particular, the benchmark results on embedded processors equipped with ARM Cortex-A53@1.536 GHz show that the entire SIKE round 2 key encapsulation mechanism takes only 84 ms at NIST’s security level 1. Considering SIKE’s extremely small key size in comparison to other candidates, our result implies that SIKE is one of the promising candidates for key encapsulation mechanism on embedded devices in the quantum era.
Hwajeong Seo, Amir Jalali, Reza Azarderakhsh

### Shedding Light on Dark Korea: An In-Depth Analysis and Profiling of the Dark Web in Korea

Abstract
The Dark Web sites are operated over anonymity-preserving protocols like Tor, making users of the Dark Web services more resilient to identification and monitoring. Although some previous works have focused on understanding the size of the Dark Web services and investigating their criminal activities, there is a lack of research on chronological analysis and in-depth profiling of the Dark Web sites, particularly in South Korea. Therefore, in this study, we implemented a Dark Web crawling system, and collected seed and sub Dark Web URLs using it. Then, the 3,000 Dark Web sites from the seed URLs were selected and their web pages were captured for profiling. An in-depth analysis was then conducted on the collected 3,000 Dark Web sites, and an intensive categorization was performed on the basis of their major criminal activities. We then carried out an in-depth profiling for top 3 Korean Dark Web sites to investigate cyber criminal activities in South Korea. In the profiling, criminal activities were collected and analyzed in a chronological point of view. Personal information leakage and Sybil IDs in the Dark Web were also identified based on the PGP keys we collected.
Jinhee Lee, Younggee Hong, Hyunsoo Kwon, Junbeom Hur

### An SGX-Based Key Management Framework for Data Centric Networking

Abstract
As the Internet has evolved from host-to-host communications to content distribution, data-centric networking platforms are gaining a momentum. Especially, as the cloud computing becomes the norm, there is a consensus that data is to be distributed over some potentially untrusted servers to which its publishers/subscribers are connected. While data-centric networking platforms have been an area of active research, there have been few studies on how to distribute and manage keys for data protection in such platforms with untrusted servers. We present a key management framework in which symmetric and asymmetric keys are securely managed. A writer publishes not only his (encrypted) data but also the symmetric key for the data. Likewise, a reader retrieves the symmetric key as well as the data of interest. To make the key distribution securely between a writer and a reader via an untrusted server, we introduce a key server running on top of the Intel SGX technology. In this way, we can manage and distribute keys for data protection in an efficient and flexible manner. We demonstrate that the prototype of the proposed framework is running with the negligible overhead.
Minkyung Park, Jeongnyeo Kim, Youngho Kim, Eunsang Cho, Soobin Park, Sungmin Sohn, Minhyeok Kang, Ted “Taekyoung” Kwon

### Backmatter

Weitere Informationen