Collaboration_Award_2018

Eligible for the Award is any collaboration between projects, for example joint publications, contributions to CogniCrypt, joint software tools or demonstrators or joint bachelor or master thesis.

Winners of the Collaboration Award get a trophy and certificate, and each collaborator receives funds for conference or workshop participation (travel, accommodation, conference fee), freely selectable by the price winners.

Poulami Das (S7), Siavash Riahi (S7), Patrick Struck (P1) and Andreas Erwig (S7) (from left to right); not in the photo: Nabil Alkeilani Alkadri (P1)

Abstract
Most blockchain solutions are susceptible to quantum adversaries as they rely on cryptography that is known to be insecure in the presence of quantum adversaries. In this work, we advance the study of quantum-resistant blockchain solutions by giving a quantum-resistant construction of a deterministic wallet scheme.
In cryptocurrencies, money is transfered via transactions. A transaction is valid only when signed with the sender's secret key. This makes secret keys of users an attractive target to attackers. Deterministic wallets are frequently used in practice in order to securely store user's keys. A deterministic wallet has two components – usually the sensitive secret key is stored in a so-called cold wallet which is most of the time online, whereas the public key is stored in an online wallet called the hot wallet. Recently, Das et al. developed a formal model for the security analysis of deterministic wallets and proposed a generic construction from certain types of classical signature schemes that exhibit key rerandomization properties. For security in a quantum world, it is therefore mandatory to show that the generic construction proposed in this paper is secure against quantum adversaries and to design post-quantum secure signature schemes with key rerandomization to instantiate this generic construction.

Link to the Paper
Deterministic Wallets in a Quantum World

Contact
Project P1, Project S7

Tommaso Frassetto, Ghada Dessouky and Shaza Zeitouni with Prof. Thomas Schneider (on behalf of Ágnes Kiss) and Prof. Stefan Katzenbeisser (on behalf of Giulia Traverso) and Spokesperson Prof. Johannes Buchmann (from left to right); Photo: Ann-Kathrin Braun

Abstract

Due to advances in cryptanalysis and quantum computing, longterm secure storage of sensitive data cannot rely on current encryption, especially when the storage service is hosted by third-party cloud computing providers. One approach to achieve long-term secure storage is secret sharing-based distributed storage systems, where shares of data are generated and distributed to multiple storage servers. Data confidentiality and integrity are maintained by periodically renewing the shares and verifying the consistency of the shares using commitment schemes. However, protecting outsourced data in such scenarios remains prohibitively costly and impractical: Share renewal requires an information-theoretically secure channel between any two storage servers and long-term confidential commitment schemes are computationally impractical for large files.

In this paper, we present Safe, a secret sharing-based long-term secure distributed storage system that leverages a Trusted Execution Environment (TEE). Share generation and renewal are performed inside the TEE and the shares are securely distributed to the storage servers.We propose optimized protocols for Safe where significantly fewer information-theoretically secure channels are required than in state-of-the-art long-term secure storage systems, and computationally binding commitment schemes are replaced by more efficient computationally secure signatures. We prototype Safe protocols using a TEE instantiation, and show their efficiency, even for large files, compared to existing schemes. Safe is TEEagnostic, as it allows seamless migration from one TEE to another while maintaining the same security guarantees.

Link to the Paper

Safe: A Secure and Efficient Long-Term Distributed Storage System

Contact

Project P3, Project E4, Project S2, Project S6

Prof. Marc Fischlin, Christian Weinert (S6), Stefan Krüger (E1), Daniel Demmler (E4) and Felix Günther (S4) (from left to right)

Abstract

There exists an extensive body of research demonstrating that application developers often fail to correctly and securely use cryptographic APIs and, as a result, produce insecure code. They mainly struggle with the cryptographic domain knowledge required to decide which algorithms are appropriate to use to perform a certain task and how to properly conﬁgure them. In addition, due to the low-level design of most cryptographic APIs, developers often face problems identifying the correct order of method calls and parameter values. When surveyed, developers indicate that they desire API design to be more high-level, more examplerich documentation showcasing common use cases of the API, as well as assistance tools that support them in using such APIs. In our work that was accepted at the ASE 2017 Tool Demonstrations track, we presented CogniCrypt, a tool that assists developers with the use of cryptographic APIs. CogniCrypt is implemented as an Eclipse plugin to smoothly integrate into any application developer’s workﬂow and assists the developer in two ways. First, for a number of common programming tasks that involve cryptography, CogniCrypt facilitates the generation of code snippets that implement the respective task in a secure manner. Currently, CogniCrypt supports tasks such as data encryption, communication over secure channels, and long-term archiving. Second, CogniCrypt continuously performs a suite of static code analyses in the background to ensure a secure integration of the generated code into the developer’s project. Since the code analysis runs independently of code generation, CogniCrypt still supports developers to produce secure code if they prefer to write the code themselves or are not aware of CogniCrypt’s full functionality. This video demo showcases the main features of CogniCrypt: youtube.com.