Cryptology and Network Security

Jan Camenisch

Panos Papadimitratos (Eds.)

123

LNCS 11124

17th International Conference, CANS 2018

Naples, Italy, September 30 – October 3, 2018

Proceedings

Cryptology and

Network Security

Lecture Notes in Computer Science 11124

Commenced Publication in 1973

Founding and Former Series Editors:

Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen

Editorial Board

David Hutchison

Lancaster University, Lancaster, UK

Takeo Kanade

Carnegie Mellon University, Pittsburgh, PA, USA

Josef Kittler

University of Surrey, Guildford, UK

Jon M. Kleinberg

Cornell University, Ithaca, NY, USA

Friedemann Mattern

ETH Zurich, Zurich, Switzerland

John C. Mitchell

Stanford University, Stanford, CA, USA

Moni Naor

Weizmann Institute of Science, Rehovot, Israel

C. Pandu Rangan

Indian Institute of Technology Madras, Chennai, India

Bernhard Steffen

TU Dortmund University, Dortmund, Germany

Demetri Terzopoulos

University of California, Los Angeles, CA, USA

Doug Tygar

University of California, Berkeley, CA, USA

Gerhard Weikum

Max Planck Institute for Informatics, Saarbrücken, Germany

More information about this series at http://www.springer.com/series/7410

Jan Camenisch • Panos Papadimitratos (Eds.)

Cryptology and

Network Security

17th International Conference, CANS 2018

Naples, Italy, September 30 – October 3, 2018

Proceedings

123

Editors

Jan Camenisch

IBM Research - Zurich

Rüschlikon

Switzerland

Panos Papadimitratos

KTH Royal Institute of Technology

Stockholm

Sweden

ISSN 0302-9743 ISSN 1611-3349 (electronic)

Lecture Notes in Computer Science

ISBN 978-3-030-00433-0 ISBN 978-3-030-00434-7 (eBook)

https://doi.org/10.1007/978-3-030-00434-7

Library of Congress Control Number: 2018953695

LNCS Sublibrary: SL4 – Security and Cryptology

© Springer Nature Switzerland AG 2018

This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the

material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,

broadcasting, reproduction on microfilms or in any other physical way, and transmission or information

storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now

known or hereafter developed.

The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication

does not imply, even in the absence of a specific statement, that such names are exempt from the relevant

protective laws and regulations and therefore free for general use.

The publisher, the authors and the editors are safe to assume that the advice and information in this book are

believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors

give a warranty, express or implied, with respect to the material contained herein or for any errors or

omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in

published maps and institutional affiliations.

This Springer imprint is published by the registered company Springer Nature Switzerland AG

The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland

Preface

A warm welcome to the 17th International Conference on Cryptology and Network

Security (CANS)! Held in Naples, Italy, during September 30 – October 3, 2018,

CANS 2018, the latest in a long series of conferences focusing on all aspects of

cryptology and the security of data, networks, and computers, attracted cutting-edge

results from world-renowned scientists in the area.

This year, the technical program featured 26 enticing papers, covering a range of

topics from privacy, network protection, and malware, to cryptanalysis, cryptographic

protocols, signature schemes, symmetric key cryptographic primitives, secret sharing,

and cryptographic protocols. The program was presented in a single track, along with 4

invited talks. The exciting technical program is enriched by 4 keynote talks delivered

by Prof. Pierangela Samarati (University of Milano), Prof. Abhi Shelat (Northeastern

University), Prof. Ivan Visconti (Università degli Studi di Salerno), and Dr. Paolo

Campegiani (Bit4id). Many thanks go to all keynote speakers!

Our call for papers attracted 79 qualified submissions from authors affiliated with a

diverse set of organizations. The 49 members of the Technical Program Committee

along with a selected group of external experts carefully reviewed all papers and

selected 26 papers for presentation at the conference and inclusion in these proceed￾ings. The review process was double-blind and it was carried out in a single stage. All

papers received at least 3 reviews and approximately half of them received an addi￾tional fourth review.

CANS 2018 was a team effort. First of all, we would like to express our sincere

gratitude to the Program Committee members and the external reviewers — their

efforts were instrumental in constructing the strong technical program. Special thanks

go to those that very effectively undertook the role of shepherds and helped to improve

the few papers that were accepted conditionally. Needless to say, we wholeheartedly

thank all the authors that submitted their research to the conference. Last but not least,

our profound thanks go to the local organizing team, in particular, to Dr. Vincenzo

Iovino and Dr. Giovanni Schmid for their prompt support in all matters, and to the

Steering Committee, notably Prof. Yvo Desmedt, for their guidance.

Again, welcome to CANS 2018. We hope you enjoyed the program and that you

had a splendid time in the beautiful city of Naples!

July 2018 Jan Camenisch

Panos Papadimitratos

Organization

Program Co-chairs

Jan Camenisch IBM Research - Zurich, Switzerland

Panos Papadimitratos KTH Royal Institute of Technology, Sweden

General Chair

Vincenzo Iovino University of Luxembourg, Luxembourg

Organising Chair

Giovanni Schmid CNR-Icar and Parthenope University, Italy

Publicity Chair

Giovanni Livraga University of Milan, Italy

Local and Organizing Committee

Elena Pagnin Chalmers University, Sweden

Giuseppe Persiano University of Salerno, Italy

Steering Committee

Yvo Desmedt (Chair) University of Texas at Dallas, USA

Juan A. Garay Yahoo! Labs, USA

Amir Herzberg Bar-Ilan University, Israel

Yi Mu University of Wollongong, Australia

David Pointcheval CNRS and ENS Paris, France

Huaxiong Wang Nanyang Technological University, Singapore

Program Committee

Giuseppe Ateniese Stevens Institute of Technology, USA

Tuomas Aura Aalto University, Finland

Reza Azarderakhsh Florida Atlantic University, USA

Lejla Batina Radboud University, The Netherlands

Elisa Bertino Purdue University, USA

Erik-Oliver Blass Airbus Group Innovations, France

Sonja Buchegger KTH Royal Institute of Technology, Sweden

Jan Camenisch IBM Research - Zurich, Switzerland

Jing Deng UNCG, USA

Rafael Dowsley Aarhus University, Denmark

Manu Drijvers IBM Research - Zurich, Switzerland

Rachid El Bansarkhani TU Darmstadt, Germany

Ali El Kaafarani University of Oxford, UK

Pooya Farshim ENS, France

Elena Ferrari University of Insubria, Italy

Chaya Ganesh Aarhus University, Denmark

Peter Gaži IST Austria, Austria

Esha Ghosh Microsoft, USA

Dieter Gollmann Hamburg University of Technology, Germany

Jan Hajny VUT Brno, Czech Republic

Gerhard Hancke City University of Hong Kong, SAR China

Amir Herzberg Bar-Ilan University, Israel

Julia Hesse TU Darmstadt, Germany

Vincenzo Iovino University of Luxembourg, Luxembourg

Frank Kargl Ulm University, Germany

Stefan Katzenbeisser TU Darmstadt, Germany

Florian Kerschbaum University of Waterloo, Canada

Stephan Krenn AIT Austrian Institute of Technology, Austria

Ralf Kuesters University of Stuttgart, Germany

Loukas Lazos University of Arizona, USA

Zhe Lie Nanjing University of Aeronautics and Astronautics,

China

Panos Louridas Athens University of Economics and Business and

Greek Research and Technology Network, Greece

Songwu Lu University of California, Los Angeles, USA

Evangelos Markatos ICS-FORTH, Greece

Ivan Martinovic University of Oxford, UK

Panos Papadimitratos KTH Royal Institute of Technology, Sweden

Stefano Paraboschi Universita di Bergamo, Italy

Alfredo Rial University of Luxembourg, Luxembourg

Pierangela Samarati University of Milan, Italy

Alessandra Scafuro North Carolina State University, USA

Nolen Scaife University of Florida, USA

Thomas Schneider TU Darmstadt, Germany

Dominique Schroeder Friedrich-Alexander-Universiät Erlangen-Nürnberg,

Germany

Antonio Skarmeta Gomez Universidad de Murcia, Spain

Claudio Soriente NEC Laboratories Europe, Germany

Willy Susilo University of Wollongong, Australia

George Theodorakopoulos Cardiff University, UK

Ari Trachtenberg Boston University, USA

Frederik Vercauteren KU Leuven, Belgium

VIII Organization

Additional Reviewers

Agrikola, Thomas

Al-Momani, Ala’A

Alkadri, Nabil

Bacis, Enrico

Bakos Lang, Elena

Bernal Bernabe, Jorge

Bernieri, Giuseppe

Beullens, Ward

Bonte, Charlotte

Büscher, Niklas

Cohn-Gordon, Katriel

D’Anvers, Jan-Pieter

Daemen, Joan

De Cristofaro, Emiliano

Demmler, Daniel

Engelmann, Felix

Etemad, Mohammad

Francati, Danilo

Galbraith, Steven

Geihs, Matthias

Genc, Ziya A.

Gunasinghe, Hasini

Hough, Patrick

Järvinen, Kimmo

Kaplan, Anna

Karmakar, Angshuman

Khovratovich, Dmitry

Kiss, Ágnes

Kleber, Stephan

Kopp, Henning

Liedtke, Julian

Makri, Eleftheria

Marin, Leandro

Markatou, Evangelia Anna

Massolino, Pedro Maat

Matousek, Matthias

Misoczki, Rafael

Mueller, Johannes

Neven, Gregory

Nguyen, Khoa

Nuñez, David

Rao, Fang-Yu

Rausch, Daniel

Renes, Joost

Rosenthal, Joachim

Sagirlar, Gokhan

Samardjiska, Simona

Shani, Barak

Shiehian, Sina

Simon, Mike

Slamanig, Daniel

Tkachenko, Oleksandr

Viet Xuan Phuong, Tran

Weinert, Christian

Zamyatin, Alexei

Organization IX

Contents

Privacy

Faster Privacy-Preserving Location Proximity Schemes . . . . . . . . . . . . . . . . 3

Kimmo Järvinen, Ágnes Kiss, Thomas Schneider, Oleksandr Tkachenko,

and Zheng Yang

Computing Betweenness Centrality: An Efficient Privacy-Preserving

Approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Varsha Bhat Kukkala and S. R. S. Iyengar

HIKE: Walking the Privacy Trail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Elena Pagnin, Carlo Brunetta, and Pablo Picazo-Sanchez

Internet Misbehavior and Protection

DNS-DNS: DNS-Based De-NAT Scheme . . . . . . . . . . . . . . . . . . . . . . . . . 69

Liran Orevi, Amir Herzberg, and Haim Zlatokrilov

CLEF: Limiting the Damage Caused by Large Flows in the Internet Core . . . 89

Hao Wu, Hsu-Chun Hsiao, Daniele E. Asoni, Simon Scherrer,

Adrian Perrig, and Yih-Chun Hu

Towards Video Compression in the Encrypted Domain: A Case-Study

on the H264 and HEVC Macroblock Processing Pipeline. . . . . . . . . . . . . . . 109

Donald Nokam Kuate, Sebastien Canard, and Renaud Sirdey

Malware

Malware Tolerant (Mesh-)Networks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

Michael Denzel and Mark Dermot Ryan

Inside GandCrab Ransomware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

Yassine Lemmou and El Mamoun Souidi

Symmetric Key Cryptography

The Relation Between CENC and NEMO . . . . . . . . . . . . . . . . . . . . . . . . . 177

Bart Mennink

On the Efficiency of ZMAC-Type Modes . . . . . . . . . . . . . . . . . . . . . . . . . 190

Yusuke Naito

Signatures

Hierarchical Attribute-Based Signatures . . . . . . . . . . . . . . . . . . . . . . . . . . . 213

Constantin-Cǎtǎlin Drǎgan, Daniel Gardham, and Mark Manulis

Enhanced Security of Attribute-Based Signatures . . . . . . . . . . . . . . . . . . . . 235

Johannes Blömer, Fabian Eidens, and Jakob Juhnke

Protean Signature Schemes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256

Stephan Krenn, Henrich C. Pöhls, Kai Samelin, and Daniel Slamanig

Code-Based Signature Schemes from Identification Protocols

in the Rank Metric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277

Emanuele Bellini, Florian Caullery, Alexandros Hasikos,

Marcos Manzano, and Victor Mateu

SETLA: Signature and Encryption from Lattices . . . . . . . . . . . . . . . . . . . . . 299

François Gérard and Keno Merckx

Cryptanalysis

Assessing and Countering Reaction Attacks Against Post-Quantum

Public-Key Cryptosystems Based on QC-LDPC Codes . . . . . . . . . . . . . . . . 323

Paolo Santini, Marco Baldi, and Franco Chiaraluce

Breaking the Hardness Assumption and IND-CPA Security of HQC

Submitted to NIST PQC Project . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344

Zhen Liu, Yanbin Pan, and Tianyuan Xie

Solving LWR via BDD Strategy: Modulus Switching Approach . . . . . . . . . . 357

Huy Quoc Le, Pradeep Kumar Mishra, Dung Hoang Duong,

and Masaya Yasuda

Acceleration of Index Calculus for Solving ECDLP over Prime Fields and

Its Limitation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377

Momonari Kudo, Yuki Yokota, Yasushi Takahashi, and Masaya Yasuda

Several MILP-Aided Attacks Against SNOW 2.0 . . . . . . . . . . . . . . . . . . . . 394

Yuki Funabiki, Yosuke Todo, Takanori Isobe, and Masakatu Morii

Cryptographic Primitives

Identity-Based Encryption Resilient to Auxiliary Leakage under

the Decisional Linear Assumption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417

Masahito Ishizaka and Kanta Matsuura

XII Contents

Adaptive-Secure VRFs with Shorter Keys from Static Assumptions. . . . . . . . 440

Răzvan Roşie

Cryptographic Protocols

Secret Sharing Schemes for (k, n)-Consecutive Access Structures . . . . . . . . . 463

Javier Herranz and Germán Sáez

Extending a Framework for Biometric Visual Cryptography . . . . . . . . . . . . . 481

Koray Karabina and Angela Robinson

Constructions of Secure Multi-Channel Broadcast Encryption Schemes

in Public Key Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495

Kamalesh Acharya and Ratna Dutta

Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517

Contents XIII

Privacy

Faster Privacy-Preserving Location

Proximity Schemes

Kimmo J¨arvinen1(B)

, Agnes Kiss ´ 2(B)

, Thomas Schneider2(B)

,

Oleksandr Tkachenko2(B)

, and Zheng Yang3(B)

1 University of Helsinki, Helsinki, Finland

[email protected] 2 TU Darmstadt, Darmstadt, Germany

{kiss,schneider,tkachenko}@encrypto.cs.tu-darmstadt.de 3 Singapore University of Technology and Design, Singapore, Singapore

zheng [email protected]

Abstract. In the last decade, location information became easily

obtainable using off-the-shelf mobile devices. This gave a momentum

to developing Location Based Services (LBSs) such as location proxim￾ity detection, which can be used to find friends or taxis nearby. LBSs

can, however, be easily misused to track users, which draws attention to

the need of protecting privacy of these users.

In this work, we address this issue by designing, implementing, and

evaluating multiple algorithms for Privacy-Preserving Location Proxim￾ity (PPLP) that are based on different secure computation protocols. Our

PPLP protocols are well-suited for different scenarios: for saving band￾width, energy/computational power, or for faster runtimes. Furthermore,

our algorithms have runtimes of a few milliseconds to hundreds of mil￾liseconds and bandwidth of hundreds of bytes to one megabyte. In addi￾tion, the computationally most expensive parts of the PPLP computa￾tion can be precomputed in our protocols, such that the input-dependent

online phase runs in just a few milliseconds.

Keywords: Location privacy · Proximity · Secure computation

Homomorphic encryption

1 Introduction

Nowadays, many mobile devices (e.g., smartphones or tablets) can easily mea￾sure and report precise locations in real time, so that several Location-Based

Services (LBSs) over mobile networks have emerged in recent years. A basic

LBS is location proximity detection that enables a user to test whether or not

another user is nearby. This promising function has boosted the development of

social applications to help users to find their nearby friends [22], Uber cars [17], or

medical personnel in an event of emergency [33]. Although some users have noth￾ing against sharing their location, many privacy-aware users want to protect it

c Springer Nature Switzerland AG 2018

J. Camenisch and P. Papadimitratos (Eds.): CANS 2018, LNCS 11124, pp. 3–22, 2018.

https://doi.org/10.1007/978-3-030-00434-7_1

4 K. J¨arvinen et al.

from third parties. The reason for that are the possible privacy threats caused by

location proximity detection [31] that may lead to serious consequences, includ￾ing unintended tracking, stalking, harassment, and even kidnapping. Potential

adversaries range from curious social media contacts to abusive family mem￾bers and even professional criminals (e.g., burglars checking if a victim is at

home), and sometimes the level of their technological skills may be high. Hence,

it is desirable to provide location proximity detection services which preserve

the privacy of the users’ exact location. Furthermore, modern law (e.g., the EU

General Data Protection Regulation (GDPR)1) obligates companies to better

protect users’ privacy. This affects companies such as smartphone manufactur￾ers that frequently offer built-in LBSs and LBS providers that provide additional

privacy-preserving LBSs based on the result of the Privacy-Preserving Location

Proximity (PPLP) protocol, e.g., for advertising ongoing movies in nearby cin￾emas to friends in the vicinity.

1.1 Our Contributions

Our contributions are as follows:

Efficient PPLP Schemes. We design and evaluate practically efficient

Euclidean distance-based Privacy-Preserving Location Proximity (PPLP)

schemes (i) using a mix of Secure Two-Party Computation (STPC) proto￾cols, (ii) using DGK encryption [7] and Bloom filters [4], and (iii) using expo￾nential ElGamal encryption [13] over elliptic curves (ECs) and Bloom filters.

This allows us to provide custom solutions for different PPLP applications

with different requirements with respect to communication, computation, and

runtime.

Optimizations. We present an optimization of the Boolean circuit for com￾puting Euclidean and Manhattan distance for 32-bit values that reduces the

number of AND gates by up to 22%.

Pre-computation. We consider two scenarios where (i) a precomputation sce￾nario where two parties run a PPLP protocol on an ongoing basis, which

allows pre-computations (e.g., overnight while charging) and substantially

reduces computation and communication in the online phase, and (ii) an ad￾hoc scenario where two strangers run a PPLP protocol only once (e.g., for

mobile health care), and pre-computations are not possible.

Extensive Performance Evaluation. We give an extensive communication

comparison of our PPLP protocols and the PPLP protocols presented in

recent related work. Furthermore, we implement our most efficient protocols

(two STPC-based and one EC-ElGamal-based algorithm) and give a runtime

comparison of them and the most efficient recently introduced PPLP protocol

of Hallgren et al. [15,16]. Additionally, we run our protocols in a real-world

mobile Internet setting.

1 https://www.eugdpr.org/.