Browsing by Author "Kardas, Suleyman"

Now showing 1 - 12 of 12
  • Thumbnail Image
    ItemOpen Access
    A New Framework for Enhancing VANETs through Layer 2 DLT Architectures with Multiparty Threshold Key Management and PETs
    (MDPI, 2024-09-09) Kiraz, Mehmet Sabir; Al-Bayatti, Ali Hilal; Adarbah, Haitham; Kardas, Suleyman; Al-Bayatti, Hilal M. Y.
    This work proposes a new architectural approach to enhance the security, privacy, and scalability of VANETs through threshold key management and Privacy Enhancing Technologies (PETs), such as homomorphic encryption and secure multiparty computation, integrated with Decentralized Ledger Technologies (DLTs). These advanced mechanisms are employed to eliminate centralization and protect the privacy of transferred and processed information in VANETs, thereby addressing privacy concerns. We begin by discussing the weaknesses of existing VANET architectures concerning trust, privacy, and scalability and then introduce a new architectural framework that shifts from centralized to decentralized approaches. This transition applies a decentralized ledger mechanism to ensure correctness, reliability, accuracy, and security against various known attacks. The use of Layer 2 DLTs in our framework enhances key management, trust distribution, and data privacy, offering cost and speed advantages over Layer 1 DLTs, thereby enabling secure vehicle-to-everything (V2X) communication. The proposed framework is superior to other frameworks as it improves decentralized trust management, adopts more efficient PETs, and leverages Layer 2 DLT for scalability. The integration of multiparty threshold key management and homomorphic encryption also enhances data confidentiality and integrity, thus securing against various existing cryptographic attacks. Finally, we discuss potential future developments to improve the security and reliability of VANETs in the next generation of networks, including 5G networks.
  • Thumbnail Image
    ItemOpen Access
    Common Criteria Protection Profile for Secure Communication Module for Water Tracking System
    (Common Criteria Portal, 2015-10-15) Bingol, Muhammed Ali; Kocabas, Unal; Kardas, Suleyman
    The Target of Evaluation (TOE) as defined in this Protection Profile is the Secure Communication Module for Water Tracking System (WTS). The TOE collects information from input devices such as pH sensor, conductivity sensor, temperature sensor, flow meter, RFID / 2D barcode reader, etc., and then it sends these collected data to the Data Management Center (DMC). In this section, first the overall Water Tracking System is introduced. Then, details of Secure Communication Module (TOE) are given. Afterwards the components of TOE, the cryptographic operations performed by TOE and the capabilities of TOE are introduced.
  • Thumbnail Image
    ItemOpen Access
    Deploying OSK on Low-Resource Mobile Devices
    (Springer, 2013-11-01) Bingol, Muhammed Ali; Avoine, Gildas; Carpent, Xavier; Kardas, Suleyman
    It is a popular challenge to design authentication protocols that are both privacy-friendly and scalable. A large body of literature in RFID is dedicated to that goal, and many inventive mechanisms have been suggested to achieve it. However, to the best of our knowledge, none of these protocols have been tested so far in practical scenarios. In this paper, we present an implementation of the OSK protocol, a scalable and privacy-friendly authentication protocol, using a variant by Avoine and Oechslin that accommodates it to time-memory trade-offs. We show that the OSK protocol is suited to certain real-life scenarios, in particular when the authentication is performed by low-resource mobile devices. The implementation, done on an NFC-compliant cellphone and a ZC7.5 contactless tag, demonstrates the practicability and efficiency of the OSK protocol and illustrates that privacy-by-design is achievable in constrained environments.
  • Thumbnail Image
    ItemOpen Access
    A framework for analyzing RFID distance bounding protocols
    (IOS Press, 2011-03-14) Bingol, Muhammed Ali; Avoine, Gildas; Kardas, Suleyman; Lauradoux, Cedric; Martin, Benjamin
    Many distance bounding protocols appropriate for the RFID technology have been proposed recently. Unfortunately, they are commonly designed without any formal approach, which leads to inaccurate analyzes and unfair comparisons. Motivated by this need, we introduce a unified framework that aims to improve analysis and design of distance bounding protocols. Our framework includes a thorough terminology about the frauds, adversary and prover, thus disambiguating many misleading terms. It also explores the adversary's capabilities and strategies, and addresses the impact of the prover's ability to tamper with his device. It thus introduces some new concepts in the distance bounding domain as the black-box and white-box models, and the relation between the frauds with respect to these models. The relevancy and impact of the framework is finally demonstrated on a study case: Munilla–Peinado distance bounding protocol.
  • Thumbnail Image
    ItemOpen Access
    Mitigating MEV attacks with a two-tiered architecture utilizing verifiable decryption
    (Springer, 2024-08-13) Kiraz, Mehmet Sabir; Alnajjar, Mustafa Ibrahim; Al-Bayatti, Ali Hilal; Kardas, Suleyman
    A distributed ledger is a shared and synchronized database across multiple designated nodes, often referred to as miners, validators, or peers. These nodes record, distribute, and access data to ensure security and transparency. However, these nodes can be compromised and manipulated by selectively choosing which user transactions to include, exclude, or reorder, thereby gaining an unfair advantage. This is known as a miner/maximal extractable value (MEV) attack. Existing solutions can be classified into various categories, such as MEV auction platforms and time-based ordering properties, which rely on private transaction Mempools. In this paper, we first identify some architectural weaknesses inherent in the latest proposals that divide the block creation and execution roles into separate functions: block builders and block executors. The existing schemes mainly suffer from the verifiability of the decryption process, where a corrupted builder or executor can simply deny the inclusion of specific targeted transactions by exploiting the fact that all transactions are in plain format. To address this, we propose an enhanced version that incorporates a verifiable decryption process. On a very high level, within our proposal, whenever an Executor or a Builder performs a decryption, the decrypted values must be broadcasted. This enables any entity in the network to publicly verify whether the decryption was executed correctly, thus preventing malicious behavior by either party from going undetected. We also define a new adversary model for MEV and conduct a comprehensive security analysis of our protocol against all kinds of potential adversaries related to MEV. Finally, we present the performance analysis of the proposed solution.
  • Thumbnail Image
    ItemOpen Access
    A new security and privacy framework for RFID in cloud computing
    (IEEE, 2014-03-06) Bingol, Muhammed Ali; Kardas, Suleyman; Celik, Serkan; Levi, Albert
    RFID is a leading technology that has been rapidly deployed in several daily life applications that require strong security and privacy mechanisms. However, RFID systems commonly have limited computational capacity and inefficient data management. There is a demanding urge to address these issues in the light of some mechanism which can make the technology excel. Cloud computing is one of the fastest growing segments of IT industry that provides cost effective solutions for handling and using data collected with RFID. As more and more information on companies and individuals is placed in the cloud, concerns are beginning to escalate about just how safe an environment it is. Therefore, while integrating RFID into the cloud, the security and privacy of the tag owner must be considered. Motivated by this, we first provide a new security and privacy model for RFID technology integrated to the cloud computing. In this model, we define the capabilities of the adversary and give the formal definitions. After that we propose a cloud-based RFID authentication protocol to illustrate our model. The protocol utilizes symmetric-key based cryptography. We prove that the protocol achieves destructive privacy according to our model.
  • Thumbnail Image
    ItemOpen Access
    Norwegian internet voting protocol revisited: ballot box and receipt generator are allowed to collude
    (Wiley, 2016-11-02) Bingol, Muhammed Ali; Kardas, Suleyman; Kiraz, Mehmet Sabir; Birinci, Fatih
    Norway experienced internet voting in 2011 and 2013 for municipal and parliamentary elections, respectively. Its security depends on the assumptions that the involving organizations are completely independent, reliable, and the receipt codes are securely sent to the voters. In this paper, we point out the following aspects: - The vote privacy of the Norwegian scheme is violated if Ballot Box and Receipt Generator cooperate because the private key of Decryption Service can be obtained by the two former players. We propose a solution to avoid this issue without adding new players. - To assure the correctness, the receipt codes are sent to the voters over a pre‐channel (postal service) and a post‐channel (Short Message Service [SMS]). However, by holding both SMS and the postal receipt code, a voter can reveal his vote even after the elections. Albeit revoting is a fairly well solution for coercion or concealment, intentional vote revealing is still a problem. We suggest SMS only for notification of vote submission. - In case the codes are falsely generated or the pre‐channel is not secure, a vote can be counted for a different candidate without detection. We propose a solution in which voters verify the integrity of the postal receipt codes.
  • Thumbnail Image
    ItemOpen Access
    A Novel RFID Distance Bounding Protocol Based on Physically Unclonable Functions
    (Springer, 2012-07-02) Bingol, Muhammed Ali; Kardas, Suleyman; Kiraz, Mehmet Sabir; Demirci, Huseyin
    Radio Frequency Identification (RFID) systems are vulnerable to relay attacks (i.e., mafia, terrorist and distance frauds) when they are used for authentication purposes. Distance bounding protocols are particularly designed as a countermeasure against these attacks. These protocols aim to ensure that the tags are in a distant area by measuring the round-trip delays during a rapid challenge-response exchange of short authenticated messages. Terrorist fraud is the most challenging attack to avoid, because a legitimate user (a tag owner) collaborates with an attacker to defeat the authentication system. Many RFID distance bounding protocols have been proposed recently, with encouraging results. However, none of them provides the ideal security against the terrorist fraud. Motivated by this need, we first introduce a strong adversary model for Physically Unclonable Functions (PUFs) based authentication protocol in which the adversary has access to volatile memory of the tag. We show that the security of Sadeghi et al.’s PUF based authentication protocol is not secure in this model. We provide a new technique to improve the security of their protocol. Namely, in our scheme, even if an adversary has access to volatile memory she cannot obtain all long term keys to clone the tag. Next, we propose a novel RFID distance bounding protocol based on PUFs which satisfies the expected security requirements. Comparing to the previous protocols, the use of PUFs in our protocol enhances the system in terms of security, privacy and tag computational overhead. We also prove that our extended protocol with a final signature provides the ideal security against all those frauds, remarkably the terrorist fraud. Besides that, our protocols enjoy the attractive properties of PUFs, which provide the most cost efficient and reliable means to fingerprint chips based on their physical properties.
  • Thumbnail Image
    ItemOpen Access
    Optimal security limits of RFID distance bounding protocols
    (Springer, 2010-06-08) Bingol, Muhammed Ali; Kara, O.; Kardas, Suleyman; Avoine, Gildas
    In this paper, we classify the RFID distance bounding protocols having bitwise fast phases and no final signature. We also give the theoretical security bounds for two specific classes, leaving the security bounds for the general case as an open problem. As for the classification, we introduce the notion of k-previous challenge dependent (k-PCD) protocols where each response bit depends on the current and k-previous challenges and there is no final signature. We treat the case k = 0, which means each response bit depends only on the current challenge, as a special case and define such protocols as current challenge dependent (CCD) protocols. In general, we construct a trade-off curve between the security levels of mafia and distance frauds by introducing two generic attack algorithms. This leads to the conclusion that CCD protocols cannot attain the ideal security against distance fraud, i.e. 1/2, for each challenge-response bit, without totally losing the security against mafia fraud. We extend the generic attacks to 1-PCD protocols and obtain a trade-off curve for 1-PCD protocols pointing out that 1-PCD protocols can provide better security than CCD protocols. Thereby, we propose a natural extension of a CCD protocol to a 1-PCD protocol in order to improve its security. As a study case, we give two natural extensions of Hancke and Kuhn protocol to show how to enhance the security against either mafia fraud or distance fraud without extra cost.
  • Thumbnail Image
    ItemOpen Access
    Security and Efficiency Analysis of the Hamming Distance Computation Protocol Based on Oblivious Transfer
    (Wiley, 2015-08-21) Kiraz, Mehmet Sabir; Genc, Ziya Alper; Kardas, Suleyman
    Bringer et al. proposed two cryptographic protocols for the computation of Hamming distance. Their first scheme uses Oblivious Transfer and provides security in the semi-honest model. The other scheme uses Committed Oblivious Transfer and is claimed to provide full security in the malicious case. The proposed protocols have direct implications to biometric authentication schemes between a prover and a verifier where the verifier has biometric data of the users in plain form. In this paper, we show that their protocol is not actually fully secure against malicious adversaries. More precisely, our attack breaks the soundness property of their protocol where a malicious user can compute a Hamming distance which is different from the actual value. For biometric authentication systems, this attack allows a malicious adversary to pass the authentication without knowledge of the honest user's input with at most $O(n)$ complexity instead of $O(2^n)$, where $n$ is the input length. We propose an enhanced version of their protocol where this attack is eliminated. The security of our modified protocol is proven using the simulation-based paradigm. Furthermore, as for efficiency concerns, the modified protocol utilizes Verifiable Oblivious Transfer which does not require the commitments to outputs which improves its efficiency significantly.
  • Thumbnail Image
    ItemOpen Access
    Security of distance-bounding: A survey
    (ACM, 2018-09-25) Bingol, Muhammed Ali; Avoine, Gildas; Boureanu, Ioana; Capkun, Srdjan; Gerhard, Hancke; Kardas, Suleyman; Kim, Chong Hee; Lauradoux, Cedric; Martin, Benjamin; Munilla, Jorge; Peinado, Alberto; Rasmussen, Kasper Bonne; Singelee, Dave; Tchamkerten, Aslan; Trujillo-Rasua, Rolando; Vaudenay, Serge
    Distance-bounding protocols allow a verifier to both authenticate a prover and evaluate whether the latter is located in his vicinity. These protocols are of particular interest in contactless systems, e.g., electronic payment or access control systems, which are vulnerable to distance-based frauds. This survey analyzes and compares in a unified manner many existing distance-bounding protocols with respect to several key security and complexity features.
  • Thumbnail Image
    ItemOpen Access
    Solution of a Conjecture: On 2-PCD RFID Distance Bounding Protocols
    (Springer, 2013-11-27) Bingol, Muhammed Ali; Kardas, Suleyman; Kocaaga, Eren; Tanil, Bunyamin
    It is a popular challenge to design distance bounding protocols that are both secure and efficient. Motivated by this, many distance bounding protocols against relay attacks have been advanced in recent times. Another interesting question is whether these protocols provides the best security. In 2010, Kara et al. analysis the optimal security limits of low-cost distance bounding protocols having bit-wise fast phases and no final signature. As for the classification, they have introduced the notion of k-previous challenge dependent (k-PCD) protocols where each response bit depends on the current and the k previous challenges. They have given the theoretical security bounds for two specific classes k = 0 and 1, but have left the security bounds for k >= 2 as an open problem. In this paper, we aim to answer the open question concerning the security limits of 2-PCD protocols. We describe two generic attacks for mafia and distance frauds that can be applied on any 2-PCD protocols. Then, we provide the optimal trade-off curve between the security levels of mafia and distance frauds that determines the security limits of 2-PCD protocols. Finally our results also prove the conjecture that 2-PCD protocols enhance the security compared to 0-PCD and 1-PCD cases.