Show simple item record

dc.contributor.advisorReyzin, Leoniden_US
dc.contributor.authorYakoubov, Sophiaen_US
dc.date.accessioned2020-11-17T15:10:56Z
dc.date.available2020-11-17T15:10:56Z
dc.date.issued2020
dc.identifier.urihttps://hdl.handle.net/2144/41697
dc.description.abstractThis thesis presents advances in several areas of authentication. First, we consider cryptographic accumulators, which are compact digital objects representing arbitrarily large sets. They support efficient proofs of membership (or, alternatively, of non-membership). We give the first definition of cryptographic accumulators in the UC framework, and construct two new accumulators: one uniquely suited for use in a revokable anonymous credential scheme, and one uniquely suited for use in a distributed system such as a blockchain-based PKI. Next, we consider multi-designated verifier signatures (MDVS). An MDVS is a special kind of signature that can only be verified by parties explicitly specified by the signer; more than that, even if those designated verifiers wanted to prove to an external party (e.g. an adversary) that a certain message was signed by the signer, they should be unable to do so. This is crucial in contexts where off-the-record communication is desirable; the sender may not want to be provably linked to a possibly sensitive message, but still want the intended recipients to be able to verify the authenticity of the message. Existing literature defines and builds limited notions of MDVS, where the off-the-record property only holds when it is conceivable that all verifiers collude. We strengthen this property to support any subset of colluding verifiers, and give two constructions of our stronger notion of MDVS: one from functional encryption, and one from standard primitives (but with a slightly larger signature size). Finally, we consider fuzzy password authenticated key exchange (Fuzzy PAKE). PAKEs are protocols which enable two parties holding the same password (that is, the same potentially low-entropy, non-uniform string) to agree on a (high-entropy, uniform) secret key in a way that resists man-in-the-middle attacks and offline dictionary attacks on the password. We define Fuzzy PAKE, a special kind of PAKE where the passwords used for authentication may contain some errors. We provide the first efficient and general solutions to this problem that enable, for example, key agreement based on commonly used biometrics such as iris scans.en_US
dc.language.isoen_US
dc.rightsAttribution 4.0 Internationalen_US
dc.rights.urihttp://creativecommons.org/licenses/by/4.0/
dc.subjectComputer scienceen_US
dc.subjectAuthenticationen_US
dc.subjectCryptographyen_US
dc.subjectSecurityen_US
dc.titleStudies in authenticationen_US
dc.typeThesis/Dissertationen_US
dc.date.updated2020-11-15T05:01:43Z
etd.degree.nameDoctor of Philosophyen_US
etd.degree.leveldoctoralen_US
etd.degree.disciplineComputer Scienceen_US
etd.degree.grantorBoston Universityen_US
dc.identifier.orcid0000-0001-7958-8537


This item appears in the following Collection(s)

Show simple item record

Attribution 4.0 International
Except where otherwise noted, this item's license is described as Attribution 4.0 International