Security and Trust in Distributed Computation

We propose three research problems to explore the relations between trust and security in the setting of distributed computation. In the first problem, we study trust-based adversary detection in distributed consensus computation. The adversaries we consider behave arbitrarily disobeying the consensus protocol. We propose a trust-based consensus algorithm with local and global trust evaluations. The algorithm can be abstracted using a two-layer structure with the top layer running a trust-based consensus algorithm and the bottom layer as a subroutine executing a global trust update scheme. We utilize a set of pre-trusted nodes, headers, to propagate local trust opinions throughout the network. This two-layer framework is flexible in that it can be easily extensible to contain more complicated decision rules, and global trust schemes. The first problem assumes that normal nodes are homogeneous, i.e. it is guaranteed that a normal node always behaves as it is programmed. In the second and third problems however, we assume that nodes are heterogeneous, i.e, given a task, the probability that a node generates a correct answer varies from node to node. The adversaries considered in these two problems are workers from the open crowd who are either investing little efforts in the tasks assigned to them or intentionally give wrong answers to questions. In the second part of the thesis, we consider a typical crowdsourcing task that aggregates input from multiple workers as a problem in information fusion. To cope with the issue of noisy and sometimes malicious input from workers, trust is used to model workers' expertise. In a multi-domain knowledge learning task, however, using scalar-valued trust to model a worker's performance is not sufficient to reflect the worker's trustworthiness in each of the domains. To address this issue, we propose a probabilistic model to jointly infer multi-dimensional trust of workers, multi-domain properties of questions, and true labels of questions. Our model is very flexible and extensible to incorporate metadata associated with questions. To show that, we further propose two extended models, one of which handles input tasks with real-valued features and the other handles tasks with text features by incorporating topic models. Our models can effectively recover trust vectors of workers, which can be very useful in task assignment adaptive to workers' trust in the future. These results can be applied for fusion of information from multiple data sources like sensors, human input, machine learning results, or a hybrid of them. In the second subproblem, we address crowdsourcing with adversaries under logical constraints. We observe that questions are often not independent in real life applications. Instead, there are logical relations between them. Similarly, workers that provide answers are not independent of each other either. Answers given by workers with similar attributes tend to be correlated. Therefore, we propose a novel unified graphical model consisting of two layers. The top layer encodes domain knowledge which allows users to express logical relations using first-order logic rules and the bottom layer encodes a traditional crowdsourcing graphical model. Our model can be seen as a generalized probabilistic soft logic framework that encodes both logical relations and probabilistic dependencies. To solve the collective inference problem efficiently, we have devised a scalable joint inference algorithm based on the alternating direction method of multipliers. The third part of the thesis considers the problem of optimal assignment under budget constraints when workers are unreliable and sometimes malicious. In a real crowdsourcing market, each answer obtained from a worker incurs cost. The cost is associated with both the level of trustworthiness of workers and the difficulty of tasks. Typically, access to expert-level (more trustworthy) workers is more expensive than to average crowd and completion of a challenging task is more costly than a click-away question. In this problem, we address the problem of optimal assignment of heterogeneous tasks to workers of varying trust levels with budget constraints. Specifically, we design a trust-aware task allocation algorithm that takes as inputs the estimated trust of workers and pre-set budget, and outputs the optimal assignment of tasks to workers. We derive the bound of total error probability that relates to budget, trustworthiness of crowds, and costs of obtaining labels from crowds naturally. Higher budget, more trustworthy crowds, and less costly jobs result in a lower theoretical bound. Our allocation scheme does not depend on the specific design of the trust evaluation component. Therefore, it can be combined with generic trust evaluation algorithms.

Efficient Secure Computation for Real-world Settings and Security Models

Secure computation involves multiple parties computing a common function while keeping their inputs private, and is a growing field of cryptography due to its potential for maintaining privacy guarantees in real-world applications. However, current secure computation protocols are not yet efficient enough to be used in practice. We argue that this is due to much of the research effort being focused on generality rather than specificity. Namely, current research tends to focus on constructing and improving protocols for the strongest notions of security or for an arbitrary number of parties. However, in real-world deployments, these security notions are often too strong, or the number of parties running a protocol would be smaller. In this thesis we make several steps towards bridging the efficiency gap of secure computation by focusing on constructing efficient protocols for specific real-world settings and security models. In particular, we make the following four contributions: - We show an efficient (when amortized over multiple runs) maliciously secure two-party secure computation (2PC) protocol in the multiple-execution setting, where the same function is computed multiple times by the same pair of parties. - We improve the efficiency of 2PC protocols in the publicly verifiable covert security model, where a party can cheat with some probability but if it gets caught then the honest party obtains a certificate proving that the given party cheated. - We show how to optimize existing 2PC protocols when the function to be computed includes predicate checks on its inputs. - We demonstrate an efficient maliciously secure protocol in the three-party setting.

Provable Security for Cryptocurrencies

The past several years have seen the surprising and rapid rise of Bitcoin and other “cryptocurrencies.” These are decentralized peer-to-peer networks that allow users to transmit money, tocompose financial instruments, and to enforce contracts between mutually distrusting peers, andthat show great promise as a foundation for financial infrastructure that is more robust, efficientand equitable than ours today. However, it is difficult to reason about the security of cryptocurrencies. Bitcoin is a complex system, comprising many intricate and subtly-interacting protocol layers. At each layer it features design innovations that (prior to our work) have not undergone any rigorous analysis. Compounding the challenge, Bitcoin is but one of hundreds of competing cryptocurrencies in an ecosystem that is constantly evolving. The goal of this thesis is to formally reason about the security of cryptocurrencies, reining in their complexity, and providing well-defined and justified statements of their guarantees. We provide a formal specification and construction for each layer of an abstract cryptocurrency protocol, and prove that our constructions satisfy their specifications. The contributions of this thesis are centered around two new abstractions: “scratch-off puzzles,” and the “blockchain functionality” model. Scratch-off puzzles are a generalization of the Bitcoin “mining” algorithm, its most iconic and novel design feature. We show how to provide secure upgrades to a cryptocurrency by instantiating the protocol with alternative puzzle schemes. We construct secure puzzles that address important and well-known challenges facing Bitcoin today, including wasted energy and dangerous coalitions. The blockchain functionality is a general-purpose model of a cryptocurrency rooted in the “Universal Composability” cryptography theory. We use this model to express a wide range of applications, including transparent “smart contracts” (like those featured in Bitcoin and Ethereum), and also privacy-preserving applications like sealed-bid auctions. We also construct a new protocol compiler, called Hawk, which translates user-provided specifications into privacy-preserving protocols based on zero-knowledge proofs.

Optical Wireless Communication for Mobile Platforms

The past few decades have witnessed the widespread adaptation of wireless devices such as cellular phones and Wifi-connected laptops, and demand for wireless communication is expected to continue to increase. Though radio frequency (RF) communication has traditionally dominated in this application space, recent decades have seen an increasing interest in the use of optical wireless (OW) communication to supplement RF communications. In contrast to RF communication technology, OW systems offer the use of largely unregulated electromagnetic spectrum and large bandwidths for communication. They also offer the potential to be highly secure against jamming and eavesdropping. Interest in OW has become especially keen in light of the maturation of light-emitting diode (LED) technology. This maturation, and the consequent emerging ubiquity of LED technology in lighting systems, has motivated the exploration of LEDs for wireless communication purposes in a wide variety of applications. Recent interest in this field has largely focused on the potential for indoor local area networks (LANs) to be realized with increasingly common LED-based lighting systems. We envision the use of LED-based OW to serve as a supplement to RF technology in communication between mobile platforms, which may include automobiles, robots, or unmanned aerial vehicles (UAVs). OW technology may be especially useful in what are known as RF-denied environments, in which RF communication may be prohibited or undesirable. The use of OW in these settings presents major challenges. In contrast to many RF systems, OWsystems that operate at ranges beyond a few meters typically require relatively precise alignment. For example, some laser-based optical wireless communication systems require alignment precision to within small fractions of a degree. This level of alignment precision can be difficult to maintain between mobile platforms. Additionally, the use of OW systems in outdoor settings presents the challenge of interference from ambient light, which can be much brighter than any LED transmitter. This thesis addresses these challenges to the use of LED-based communication between mobile platforms. We propose and analyze a dual-link LED-based system that uses one link with a wide transmission beam and relaxed alignment constraints to support a more narrow, precisely aligned, higher-data-rate link. The use of an optical link with relaxed alignment constraints to support the alignment of a more precisely aligned link motivates our exploration of a panoramic imaging receiver for estimating the range and bearing of neighboring nodes. The precision of such a system is analyzed and an experimental system is realized. Finally, we present an experimental prototype of a self-aligning LED-based link.

Dual Quorum Quenching Capsules: Disrupting two bacterial communication pathways that lead to virulence

Healthcare Associated Infections (HAIs) in the United States, are estimated to cost nearly $10 billion annually. And, while device-related infections have decreased, the 60% attributed to pneumonia, gastrointestinal pathogens and surgical site infections (SSIs) remain prevalent. Furthermore, these are often complicated by antibacterial resistance that ultimately cause 2 million illnesses and 23,000 deaths in the US annually. Antibacterial resistance is an issue increasing in severity as existing antibiotics are losing effectiveness, and fewer new antibiotics are being developed. As a result, new methods of combating bacterial virulence are required. Modulating communications of bacteria can alter phenotype, such as biofilm formation and toxin production. Disrupting these communications provides a means of controlling virulence without directly interacting with the bacteria of interest, a strategy contrary to traditional antibiotics. Inter- and intra-species bacterial communication is commonly called quorum sensing because the communication molecules have been linked to phenotypic changes based on bacterial population dynamics. By disrupting the communication, a method called ‘quorum quenching’, bacterial phenotype can be altered. Virulence of bacteria is both population and species dependent; each species will secrete different toxic molecules, and total population will affect bacterial phenotype9. Here, the kinase LsrK and lactonase SsoPox were combined to simultaneously disrupt two different communication pathways with direct ties to virulence leading to SSIs, gastrointestinal infection and pneumonia. To deliver these enzymes for site-specific virulence prevention, two naturally occurring polymers were used, chitosan and alginate. Chitosan, from crustacean shells, and alginate, from seaweed, are frequently studied due to their biocompatibility, availability, self-assembly and biodegrading properties and have already been verified in vivo for wound-dressing. In this work, a novel functionalized capsule of quorum quenching enzymes and biocompatible polymers was constructed and demonstrated to have dual-quenching capability. This combination of immobilized enzymes has the potential for preventing biofilm formation and reducing bacterial toxicity in a wide variety of medical and non-medical applications.

Nested Sampling and its Applications in Stable Compressive Covariance Estimation and Phase Retrieval with Near-Minimal Measurements

Compressed covariance sensing using quadratic samplers is gaining increasing interest in recent literature. Covariance matrix often plays the role of a sufficient statistic in many signal and information processing tasks. However, owing to the large dimension of the data, it may become necessary to obtain a compressed sketch of the high dimensional covariance matrix to reduce the associated storage and communication costs. Nested sampling has been proposed in the past as an efficient sub-Nyquist sampling strategy that enables perfect reconstruction of the autocorrelation sequence of Wide-Sense Stationary (WSS) signals, as though it was sampled at the Nyquist rate. The key idea behind nested sampling is to exploit properties of the difference set that naturally arises in quadratic measurement model associated with covariance compression. In this thesis, we will focus on developing novel versions of nested sampling for low rank Toeplitz covariance estimation, and phase retrieval, where the latter problem finds many applications in high resolution optical imaging, X-ray crystallography and molecular imaging. The problem of low rank compressive Toeplitz covariance estimation is first shown to be fundamentally related to that of line spectrum recovery. In absence if noise, this connection can be exploited to develop a particular kind of sampler called the Generalized Nested Sampler (GNS), that can achieve optimal compression rates. In presence of bounded noise, we develop a regularization-free algorithm that provably leads to stable recovery of the high dimensional Toeplitz matrix from its order-wise minimal sketch acquired using a GNS. Contrary to existing TV-norm and nuclear norm based reconstruction algorithms, our technique does not use any tuning parameters, which can be of great practical value. The idea of nested sampling idea also finds a surprising use in the problem of phase retrieval, which has been of great interest in recent times for its convex formulation via PhaseLift, By using another modified version of nested sampling, namely the Partial Nested Fourier Sampler (PNFS), we show that with probability one, it is possible to achieve a certain conjectured lower bound on the necessary measurement size. Moreover, for sparse data, an l1 minimization based algorithm is proposed that can lead to stable phase retrieval using order-wise minimal number of measurements.