When competing in eBay bidding, online games or e-exams in embedded computing environments, people naturally face asynchronous starts from different computing devices, which is treated as a security risk of online contests. The security risks of online contest also include eavesdropping during data transmission without in tended rights, and false start by malicious competitors, which also means asynchrony in contests. Accordingly, online contests need security guarantee especially on synchronization.
In this paper, for synchronic and secure start in a contest, we update security requirements of confidentiality, anonymity and synchrony comparing to our previous work. Based on the updated requirements, we propose a general framework of Advanced Secure Synchronized Reading (ASSR) system that can hold multiple contests simultaneously by Cloud. Importantly, the system can ignore the impacts of heterogeneity among competitors.
Considering the heterogeneity both on transmission and computing, we construct a novel Randomnessreused Identity Based Key Encapsulation Mechanism (RIBKEM) to support separable decapsulation, which can shorten both decryption delay and transmission delay with the best efforts. Finally, ASSR enhances synchronization achievement for contests start with heterogeneous delays of competitors while satisfying other security requirements. As a complement, the analysis on the provable security of ASSR is given, as well as a further analysis on the achievement of synchronization.
SYSTEM MODEL AND SECURITY REQUIREMENT
Considering a large-scale application that supports multiple secure online contests, our ASSR system consists of four objects (refer to Figure 1): Contest Hosts, Competitors, a Trusted Third Party (TTP), and the popular computing platform Cloud. The SSR system adopts point-to-point transmission between any Contest Host and Competitor. Different from the original SSR system, an engaging Cloud renders Contest Hosts occasionally online during a contest.
For a general design, we make the reasonable assumptions that there are at least two Competitors in a contest and that any Contest Host should deliver different files to different Competitors. The special case where the same files are delivered to competitors is also supported by our general system. The details of modeling the ASSR system are presented as follows.
DISCUSSIONS ON ENCRYPTION SCHEMES
Encryption in the ASSR system is used for two functions. First, it is applied to preserve the security of all privacies in a contest on the Cloud. Second, it guarantees the synchrony of the reading process with trivial delays. Given these two functions, the selection of encryption schemes is critical to our work. In this section, we discuss the decisions we made for encryption schemes.
- Public-Key Encryption vs. Symmetric-Key Encryption
- The Speciality of Cryptography for Embedded Computing
CONSTRUCTING RIBKEM WITH SEPARABLE DECAPSULATION
In this section, we propose a RIBKEM scheme with separable decapsulation. In concept, RIBKEM revises the traditional concept of IBKEM in the scenario of multiple receivers. Specifically, when sending an encrypted file in the identity-based setting to multiple receivers, the traditional IBKEM scheme requires the sender to choose a new randomness for each key encapsulation. In contrast, RIBKEM allows the sender to reuse the same randomness for all key encapsulations. Therefore, RIBKEM generates a much shorter size of ciphertext than traditional IBKEM.
- Separable Decapsulation
- Provable Security
AN INSTANTIATED ASSR SYSTEM BASED ON THE ABOVE RIBKEM SCHEME
To synchronize the time for the Competitors to read their files, we allow Contest Host IDX to control the publication of tX. Moreover, when they receive the value tX, all Competitors in set IT can decrypt out their files. The correctness of decryption is guaranteed by the proposed RIBKEM scheme and the symmetric-key encryption scheme see Figure 2 illustrates the procedures of our ASSR system with Competitor IDi and Contest Host IDX for contest T.
SYSTEM ANALYSIS OF ASSR
Analysis of Security
We prove that our instantiated ASSR system satisfies the security requirements defined in Subsection 2.2. Supposing that the symmetric-key encryption scheme SE utilized by our ASSR system is secure; then, for any symmetric-key ciphertext C′i = E ( Ki,Fi ) ( i ∈ [1 , N ] ), no one can read the corresponding file Fi of C’i if he does not know the symmetric key Ki.
- System Performance
- Synchronization Achievement
According to our construction and analysis, the Advanced Synchronized Reading System can be conveniently applied to online contests with provable security and enhanced synchronization performance. Our goal in this paper is to preserve the synchrony and security in online contests. Synchrony can be achieved by engineering without considering security. However, it is a paradox to consider both security and synchrony by naive approaches. We resort to cryptographic methods and produce a novel formula for the synchronization problem in a cryptographic framework.
Our revised RIBKEM reduces decryption delays by its novel property of supporting separable decapsulation. Moreover, the remainder of the decapsulations of different Competitors are controllable in terms of the Contest Hosts achieving synchrony. Finally, we prove that security requirements are guaranteed by the security proofs of the ASSR, and we analyze the synchronization performance, which is enhanced compared to previous works. In conclusion, ASSR is a promising and efficient system that satisfies security requirements for online contests.
Source: University of Wollongong
Authors: Wei Wang | Peng Xu | Laurence T.Yang | Willy Susilo | Jinjun Chen