Christian Schindelhauer

Kevin Wallis, Christoph Reich, Blesson Varghese et al.

Distributed machine learning algorithms that employ Deep Neural Networks (DNNs) are widely used in Industry 4.0 applications, such as smart manufacturing. The layers of a DNN can be mapped onto different nodes located in the cloud, edge and shop floor for preserving privacy. The quality of the data that is fed into and processed through the DNN is of utmost importance for critical tasks, such as inspection and quality control. Distributed Data Validation Networks (DDVNs) are used to validate the quality of the data. However, they are prone to single points of failure when an attack occurs. This paper proposes QUDOS, an approach that enhances the security of a distributed DNN that is supported by DDVNs using quorums. The proposed approach allows individual nodes that are corrupted due to an attack to be detected or excluded when the DNN produces an output. Metrics such as corruption factor and success probability of an attack are considered for evaluating the security aspects of DNNs. A simulation study demonstrates that if the number of corrupted nodes is less than a given threshold for decision-making in a quorum, the QUDOS approach always prevents attacks. Furthermore, the study shows that increasing the size of the quorum has a better impact on security than increasing the number of layers. One merit of QUDOS is that it enhances the security of DNNs without requiring any modifications to the algorithm and can therefore be applied to other classes of problems.

Fabian Schillinger, Christian Schindelhauer

Online social networks are used frequently by many people: Staying in contact with friends and sharing experiences with them is very important. However, users are increasingly concerned that their data will end up in the hands of strangers or that personal data may even be misused. Secure OSNs can help. These often use different types of encryption to keep the communication between the participants incomprehensible to outsiders. However, participants in such social networks cannot be sure that their data is secure. Various approaches show that even harmless-looking metadata, such as the number of contacts of users, can be evaluated to draw conclusions about the users and their communication. These attack methods are analyzed, and existing secure OSNs are examined, whether these attack methods can be utilized to violate the user's privacy. To prevent these privacy attacks, protocols for a secure centralized OSN are developed. Metadata is obscured in the presented OSM and end-to-end encryption is used for secure communication between clients. Additionally, communication channels are concealed using mix networks such that adversaries cannot determine which user is accessing which data or which user is communicating with whom even with access to the server.

Fabian Schillinger, Christian Schindelhauer

When using Online Social Networks, users often share information with different social groups. When considering the backgrounds of the groups there is often no or little intersection within the members. This means that a user who shares information often has to share it with all members of all groups. It can be problematic that the user cannot decide which group sees which information. Our approach therefore, allows users to decide for every bit of information who can access it. Further, protected circles can be created, where users can share information within. Shared information and circles are encrypted and the keys can be distributed by proxies.

Fabian Schillinger, Christian Schindelhauer

In secure Online Social Networks (OSN), often end-to-end encryption approaches are used. This ensures the privacy of communication between the participants. To manage, store, or transfer the cryptographic keys from one device to another one, encrypted private storages can be used. To gain access to such storages, login credentials, only known to the user, are needed. Losing these credentials results in a permanent loss of cryptographic keys and messages because the storage is encrypted. We present a scheme to split encrypted user storages into multiple storages. Each one can be reconstructed with the help of other participants of the OSN. The more of the storages can be reconstructed, the higher the chance of successfully reconstructing the complete private storage is. Therefore, regaining possession of the cryptographic keys used for communication is increased. We achieve high rates of successful reconstructions, even if a large fraction of the distributed shares are not accessible anymore because the shareholders are inactive or malicious.

Fabian Schillinger, Christian Schindelhauer

Secret sharing is the well-known problem of splitting a secret into multiple shares, which are distributed to shareholders. When enough or the correct combination of shareholders work together the secret can be restored. We introduce two new types of shares to the secret sharing scheme of Shamir. Crucial shares are always needed for the reconstruction of the secret, whereas mutual redundant shares only help once in reconstructing the secret. Further, we extend the idea of crucial and redundant shares to a compartmented secret sharing scheme. The scheme, which is based on Shamir's, allows distributing the secret to different compartments, that hold shareholders themselves. In each compartment, another secret sharing scheme can be applied. Using the modifications the overall complexity of general access structures realized through compartmented secret sharing schemes can be reduced. This improves the computational complexity. Also, the number of shares can be reduced and some complex access structures can be realized with ideal amount and size of shares.