-
Attribute-Based Authentication in Secure Group Messaging for Distributed Environments
Authors:
David Soler,
Carlos Dafonte,
Manuel Fernández-Veiga,
Ana Fernández Vilas,
Francisco J. Nóvoa
Abstract:
Messaging Layer security (MLS) and its underlying Continuous Group Key Agreement (CGKA) protocol allows a group of users to share a cryptographic secret in a dynamic manner, such that the secret is modified in member insertions and deletions. Although this flexibility makes MLS ideal for implementations in distributed environments, a number of issues need to be overcome. Particularly, the use of d…
▽ More
Messaging Layer security (MLS) and its underlying Continuous Group Key Agreement (CGKA) protocol allows a group of users to share a cryptographic secret in a dynamic manner, such that the secret is modified in member insertions and deletions. Although this flexibility makes MLS ideal for implementations in distributed environments, a number of issues need to be overcome. Particularly, the use of digital certificates for authentication in a group goes against the group members' privacy. In this work we provide an alternative method of authentication in which the solicitors, instead of revealing their identity, only need to prove possession of certain attributes, dynamically defined by the group, to become a member. Instead of digital certificates, we employ Attribute-Based Credentials accompanied with Selective Disclosure in order to reveal the minimum required amount of information and to prevent attackers from linking the activity of a user through multiple groups. We formally define a CGKA variant named Attribute-Authenticated Continuous Group Key Agreement (AA-CGKA) and provide security proofs for its properties of Requirement Integrity, Unforgeability and Unlinkability. We also provide guidelines for an integration of our construction in MLS.
△ Less
Submitted 20 May, 2024;
originally announced May 2024.
-
QKDNetSim+: Improvement of the Quantum Network Simulator for NS-3
Authors:
David Soler,
Iván Cillero,
Carlos Dafonte,
Manuel Fernández-Veiga,
Ana Fernández-Vilas,
Francisco J. Nóvoa
Abstract:
The first Quantum Key Distribution (QKD) networks are currently being deployed, but the implementation cost is still prohibitive for most researchers. As such, there is a need for realistic QKD network simulators. The \textit{QKDNetSim} module for the network simulator NS-3 focuses on the representation of packets and the management of key material in a QKD network at the application layer. Althou…
▽ More
The first Quantum Key Distribution (QKD) networks are currently being deployed, but the implementation cost is still prohibitive for most researchers. As such, there is a need for realistic QKD network simulators. The \textit{QKDNetSim} module for the network simulator NS-3 focuses on the representation of packets and the management of key material in a QKD network at the application layer. Although QKDNetSim's representation of a QKD network is insightful, some its components lack the depth that would allow the simulator to faithfully represent the behaviour of a real quantum network. In this work, we analyse QKDNetSim's architecture to identify its limitations, and we present an enhanced version of QKDNetSim in which some of its components have been modified to provide a more realistic simulation environment.
△ Less
Submitted 16 February, 2024;
originally announced February 2024.
-
A Privacy-preserving key transmission protocol to distribute QRNG keys using zk-SNARKs
Authors:
David Soler,
Carlos Dafonte,
Manuel Fernández-Veiga,
Ana Fernández Vilas,
Francisco J. Nóvoa
Abstract:
High-entropy random numbers are an essential part of cryptography, and Quantum Random Number Generators (QRNG) are an emergent technology that can provide high-quality keys for cryptographic algorithms but unfortunately are currently difficult to access. Existing Entropy-as-a-Service solutions require users to trust the central authority distributing the key material, which is not desirable in a h…
▽ More
High-entropy random numbers are an essential part of cryptography, and Quantum Random Number Generators (QRNG) are an emergent technology that can provide high-quality keys for cryptographic algorithms but unfortunately are currently difficult to access. Existing Entropy-as-a-Service solutions require users to trust the central authority distributing the key material, which is not desirable in a high-privacy environment. In this paper, we present a novel key transmission protocol that allows users to obtain cryptographic material generated by a QRNG in such a way that the server is unable to identify which user is receiving each key. This is achieved with the inclusion of Zero Knowledge Succinct Non-interactive Arguments of Knowledge (zk-SNARK), a cryptographic primitive that allow users to prove knowledge of some value without needing to reveal it. The security analysis of the protocol proves that it satisfies the properties of Anonymity, Unforgeability and Confidentiality, as defined in this document. We also provide an implementation of the protocol demonstrating its functionality and performance, using NFC as the transmission channel for the QRNG key.
△ Less
Submitted 29 January, 2024;
originally announced January 2024.
-
Decentralised and collaborative machine learning framework for IoT
Authors:
Martín González-Soto,
Rebeca P. Díaz-Redondo,
Manuel Fernández-Veiga,
Bruno Rodríguez-Castro,
Ana Fernández-Vilas
Abstract:
Decentralised machine learning has recently been proposed as a potential solution to the security issues of the canonical federated learning approach. In this paper, we propose a decentralised and collaborative machine learning framework specially oriented to resource-constrained devices, usual in IoT deployments. With this aim we propose the following construction blocks. First, an incremental le…
▽ More
Decentralised machine learning has recently been proposed as a potential solution to the security issues of the canonical federated learning approach. In this paper, we propose a decentralised and collaborative machine learning framework specially oriented to resource-constrained devices, usual in IoT deployments. With this aim we propose the following construction blocks. First, an incremental learning algorithm based on prototypes that was specifically implemented to work in low-performance computing elements. Second, two random-based protocols to exchange the local models among the computing elements in the network. Finally, two algorithmics approaches for prediction and prototype creation. This proposal was compared to a typical centralized incremental learning approach in terms of accuracy, training time and robustness with very promising results.
△ Less
Submitted 19 December, 2023;
originally announced December 2023.
-
Irregular Repetition Slotted Aloha with Multipacket Detection: A Density Evolution Analysis
Authors:
Manuel Fernández-Veiga,
M. E. Sousa-Vieira,
Ana Fernández-Vilas,
Rebeca P Díaz-Redondo
Abstract:
Irregular repetition slotted Aloha (IRSA) has shown significant advantages as a modern technique for uncoordinated random access with massive number of users due to its capability of achieving theoretically a throughput of $1$ packet per slot. When the receiver has also the multi-packet reception of multi-user (MUD) detection property, by applying successive interference cancellation, IRSA also ob…
▽ More
Irregular repetition slotted Aloha (IRSA) has shown significant advantages as a modern technique for uncoordinated random access with massive number of users due to its capability of achieving theoretically a throughput of $1$ packet per slot. When the receiver has also the multi-packet reception of multi-user (MUD) detection property, by applying successive interference cancellation, IRSA also obtains very low packet loss probabilities at low traffic loads, but is unable in general to achieve a normalized throughput close to the $1$. In this paper, we reconsider the case of IRSA with $k$-MUD receivers and derive the general density evolution equations for the non-asymptotic analysis of the packet loss rate, for arbitrary frame lengths and two variants of the first slot used for transmission. Next, using the potential function, we give new capacity bounds on the capacity of the system, showing the threshold arrival rate for zero decoding error probability. Our numerical results illustrate performance in terms of throughput and average delay for $k$-MUD IRSA with finite memory at the receiver, and also with bounded maximum delay.
△ Less
Submitted 11 December, 2023;
originally announced December 2023.
-
Scheduling and Communication Schemes for Decentralized Federated Learning
Authors:
Bahaa-Eldin Ali Abdelghany,
Ana Fernández-Vilas,
Manuel Fernández-Veiga,
Nashwa El-Bendary,
Ammar M. Hassan,
Walid M. Abdelmoez
Abstract:
Federated learning (FL) is a distributed machine learning paradigm in which a large number of clients coordinate with a central server to learn a model without sharing their own training data. One central server is not enough, due to problems of connectivity with clients. In this paper, a decentralized federated learning (DFL) model with the stochastic gradient descent (SGD) algorithm has been int…
▽ More
Federated learning (FL) is a distributed machine learning paradigm in which a large number of clients coordinate with a central server to learn a model without sharing their own training data. One central server is not enough, due to problems of connectivity with clients. In this paper, a decentralized federated learning (DFL) model with the stochastic gradient descent (SGD) algorithm has been introduced, as a more scalable approach to improve the learning performance in a network of agents with arbitrary topology. Three scheduling policies for DFL have been proposed for communications between the clients and the parallel servers, and the convergence, accuracy, and loss have been tested in a totally decentralized mplementation of SGD. The experimental results show that the proposed scheduling polices have an impact both on the speed of convergence and in the final global model.
△ Less
Submitted 27 November, 2023;
originally announced November 2023.
-
Using Decentralized Aggregation for Federated Learning with Differential Privacy
Authors:
Hadeel Abd El-Kareem,
Abd El-Moaty Saleh,
Ana Fernández-Vilas,
Manuel Fernández-Veiga,
asser El-Sonbaty
Abstract:
Nowadays, the ubiquitous usage of mobile devices and networks have raised concerns about the loss of control over personal data and research advance towards the trade-off between privacy and utility in scenarios that combine exchange communications, big databases and distributed and collaborative (P2P) Machine Learning techniques. On the other hand, although Federated Learning (FL) provides some l…
▽ More
Nowadays, the ubiquitous usage of mobile devices and networks have raised concerns about the loss of control over personal data and research advance towards the trade-off between privacy and utility in scenarios that combine exchange communications, big databases and distributed and collaborative (P2P) Machine Learning techniques. On the other hand, although Federated Learning (FL) provides some level of privacy by retaining the data at the local node, which executes a local training to enrich a global model, this scenario is still susceptible to privacy breaches as membership inference attacks. To provide a stronger level of privacy, this research deploys an experimental environment for FL with Differential Privacy (DP) using benchmark datasets. The obtained results show that the election of parameters and techniques of DP is central in the aforementioned trade-off between privacy and utility by means of a classification example.
△ Less
Submitted 27 November, 2023;
originally announced November 2023.
-
A Blockchain Solution for Collaborative Machine Learning over IoT
Authors:
Carlos Beis-Penedo,
Francisco Troncoso-Pastoriza,
Rebeca P. Díaz-Redondo,
Ana Fernández-Vilas,
Manuel Fernández-Veiga,
Martín González Soto
Abstract:
The rapid growth of Internet of Things (IoT) devices and applications has led to an increased demand for advanced analytics and machine learning techniques capable of handling the challenges associated with data privacy, security, and scalability. Federated learning (FL) and blockchain technologies have emerged as promising approaches to address these challenges by enabling decentralized, secure,…
▽ More
The rapid growth of Internet of Things (IoT) devices and applications has led to an increased demand for advanced analytics and machine learning techniques capable of handling the challenges associated with data privacy, security, and scalability. Federated learning (FL) and blockchain technologies have emerged as promising approaches to address these challenges by enabling decentralized, secure, and privacy-preserving model training on distributed data sources. In this paper, we present a novel IoT solution that combines the incremental learning vector quantization algorithm (XuILVQ) with Ethereum blockchain technology to facilitate secure and efficient data sharing, model training, and prototype storage in a distributed environment. Our proposed architecture addresses the shortcomings of existing blockchain-based FL solutions by reducing computational and communication overheads while maintaining data privacy and security. We assess the performance of our system through a series of experiments, showcasing its potential to enhance the accuracy and efficiency of machine learning tasks in IoT settings.
△ Less
Submitted 23 November, 2023;
originally announced November 2023.
-
Energy Efficient Power and Channel Allocation in Underlay Device to Multi Device Communications
Authors:
Mariem Hmila,
Manuel Fernández-Veiga,
Miguel Rodríguez-Pérez,
Sergio Herrería-Alonso
Abstract:
In this paper, we optimize the energy efficiency (bits/s/Hz/J) of device-to-multi-device (D2MD) wireless communications. While the device-to-device scenario has been extensively studied to improve the spectral efficiency in cellular networks, the use of multicast communications opens the possibility of reusing the spectrum resources also inside the groups. The optimization problem is formulated as…
▽ More
In this paper, we optimize the energy efficiency (bits/s/Hz/J) of device-to-multi-device (D2MD) wireless communications. While the device-to-device scenario has been extensively studied to improve the spectral efficiency in cellular networks, the use of multicast communications opens the possibility of reusing the spectrum resources also inside the groups. The optimization problem is formulated as a mixed integer non-linear joint optimization for the power control and allocation of resource blocks (RBs) to each group. Our model explicitly considers resource sharing by letting co-channel transmission over a RB (up to a maximum of r transmitters) and/or transmission through s different channels in each group. We use an iterative decomposition approach, using first matching theory to find a stable even if sub-optimal channel allocation, to then optimize the transmission power vectors in each group via fractional programming. Additionally, within this framework, both the network energy efficiency and the max-min individual energy efficiency are investigated. We characterize numerically the energy-efficient capacity region, and our results show that the normalized energy efficiency is nearly optimal (above 90 percent of the network capacity) for a wide range of minimum-rate constraints. This performance is better than that of other matching-based techniques previously proposed.
△ Less
Submitted 8 May, 2019;
originally announced May 2019.
-
Dynamic EEE Coalescing: Techniques and Bounds
Authors:
Sergio Herrería-Alonso,
Miguel Rodríguez-Pérez,
Manuel Fernández-Veiga,
Cándido López-García
Abstract:
Frame coalescing is one of the most efficient techniques to manage the low power idle (LPI) mode supported by Energy Efficient Ethernet (EEE) interfaces. This technique enables EEE interfaces to remain in the LPI mode for a certain amount of time upon the arrival of the first frame (time-based coalescing) or until a predefined amount of traffic accumulates in the transmission buffer (size-based co…
▽ More
Frame coalescing is one of the most efficient techniques to manage the low power idle (LPI) mode supported by Energy Efficient Ethernet (EEE) interfaces. This technique enables EEE interfaces to remain in the LPI mode for a certain amount of time upon the arrival of the first frame (time-based coalescing) or until a predefined amount of traffic accumulates in the transmission buffer (size-based coalescing). This paper provides new insights on the practical efficiency limits of both coalescing techniques. In particular, we derive the fundamental limits on the maximum energy savings considering a target average frame delay. Additionally, we present new open-loop adaptive variants of both time-based and size-based coalescing techniques. These proposals dynamically adjust the length of the slee** periods in accordance with actual traffic conditions to reduce energy consumption while kee** the average delay near a predefined value simultaneously. Analytical and simulation results show that the energy consumption of both proposals is comparable to the fundamental limits. Consequently, we recommend the usage of the time-based algorithm in most scenarios because of its simplicity as well as its ability to bound the maximum frame delay at the same time.
△ Less
Submitted 10 January, 2019;
originally announced January 2019.
-
Frame Coalescing in Dual-Mode EEE
Authors:
Sergio Herrería-Alonso,
Miguel Rodríguez-Pérez,
Manuel Fernández-Veiga,
Cándido López-García
Abstract:
The IEEE has recently released the 802.3bj standard that defines two different low power operating modes for high speed Energy Efficient Ethernet physical interfaces (PHYs) working at 40 and 100 Gb/s. In this paper, we propose the use of the well-known frame coalescing algorithm to manage them and provide an analytical model to evaluate the influence of coalescing parameters and PHY characteristic…
▽ More
The IEEE has recently released the 802.3bj standard that defines two different low power operating modes for high speed Energy Efficient Ethernet physical interfaces (PHYs) working at 40 and 100 Gb/s. In this paper, we propose the use of the well-known frame coalescing algorithm to manage them and provide an analytical model to evaluate the influence of coalescing parameters and PHY characteristics on their power consumption.
△ Less
Submitted 13 October, 2015;
originally announced October 2015.
-
Adaptive DRX Scheme to Improve Energy Efficiency in LTE Networks with Bounded Delay
Authors:
Sergio Herrería-Alonso,
Miguel Rodríguez-Pérez,
Manuel Fernández-Veiga,
Cándido López-García
Abstract:
The Discontinuous Reception (DRX) mechanism is commonly employed in current LTE networks to improve energy efficiency of user equipment (UE). DRX allows UEs to monitor the physical downlink control channel (PDCCH) discontinuously when there is no downlink traffic for them, thus reducing their energy consumption. However, DRX power savings are achieved at the expense of some increase in packet dela…
▽ More
The Discontinuous Reception (DRX) mechanism is commonly employed in current LTE networks to improve energy efficiency of user equipment (UE). DRX allows UEs to monitor the physical downlink control channel (PDCCH) discontinuously when there is no downlink traffic for them, thus reducing their energy consumption. However, DRX power savings are achieved at the expense of some increase in packet delay since downlink traffic transmission must be deferred until the UEs resume listening to the PDCCH. In this paper, we present a promising mechanism that reduces energy consumption of UEs using DRX while simultaneously maintaining average packet delay around a desired target. Furthermore, our proposal is able to achieve significant power savings without either increasing signaling overhead or requiring any changes to deployed wireless protocols.
△ Less
Submitted 18 September, 2015;
originally announced September 2015.
-
A Self-Tuning Receiver-Initiated MAC Protocol for Wireless Sensor Networks
Authors:
Miguel Rodríguez-Pérez,
Sergio Herrería-Alonso,
Manuel Fernández-Veiga,
Cándido López-García
Abstract:
Receiver-initiated medium access control protocols for wireless sensor networks are theoretically able to adapt to changing network conditions in a distributed manner. However, existing algorithms rely on fixed beacon rates at each receiver. We present a new received initiated MAC protocol that adapts the beacon rate at each receiver to its actual traffic load. Our proposal uses a computationally…
▽ More
Receiver-initiated medium access control protocols for wireless sensor networks are theoretically able to adapt to changing network conditions in a distributed manner. However, existing algorithms rely on fixed beacon rates at each receiver. We present a new received initiated MAC protocol that adapts the beacon rate at each receiver to its actual traffic load. Our proposal uses a computationally inexpensive formula for calculating the optimum beacon rate that minimizes network energy consumption and, so, it can be easily adopted by receivers. Simulation results show that our proposal reduces collisions and diminishes delivery time maintaining a low duty cycle.
△ Less
Submitted 26 August, 2015;
originally announced August 2015.
-
Achieving Fair Network Equilibria with Delay-based Congestion Control Algorithms
Authors:
Miguel Rodríguez-Pérez,
Sergio Herrería-Alonso,
Manuel Fernández-Veiga,
Andrés Suárez-González,
Cándido López-García
Abstract:
Delay-based congestion control algorithms provide higher throughput and stability than traditional loss-based AIMD algorithms, but they are inherently unfair against older connections when the queuing and the propagation delay cannot be measured accurately and independently. This paper presents a novel measurement algorithm whereby fairness between old and new connections is preserved. The algorit…
▽ More
Delay-based congestion control algorithms provide higher throughput and stability than traditional loss-based AIMD algorithms, but they are inherently unfair against older connections when the queuing and the propagation delay cannot be measured accurately and independently. This paper presents a novel measurement algorithm whereby fairness between old and new connections is preserved. The algorithm does not modify the dynamics of congestion control, and runs entirely in the server host using locally available information.
△ Less
Submitted 27 July, 2015;
originally announced July 2015.
-
Improved Opportunistic Slee** Algorithms for LAN Switches
Authors:
Miguel Rodríguez-Pérez,
Sergio Herrería-Alonso,
Manuel Fernández-Veiga,
Cándido López-García
Abstract:
Network interfaces in most LAN computing devices are usually severely under-utilized, wasting energy while waiting for new packets to arrive. In this paper, we present two algorithms for opportunistically powering down unused network interfaces in order to save some of that wasted energy. We compare our proposals to the best known opportunistic method, and show that they provide much greater power…
▽ More
Network interfaces in most LAN computing devices are usually severely under-utilized, wasting energy while waiting for new packets to arrive. In this paper, we present two algorithms for opportunistically powering down unused network interfaces in order to save some of that wasted energy. We compare our proposals to the best known opportunistic method, and show that they provide much greater power savings inflicting even lower delays to Internet traffic.
△ Less
Submitted 27 July, 2015;
originally announced July 2015.
-
Common Problems in Delay-Based Congestion Control Algorithms: A Gallery of Solutions
Authors:
Miguel Rodríguez Pérez,
Sergio Herrería-Alonso,
Manuel Fernández-Veiga,
Cándido López-García
Abstract:
Although delay-based congestion control protocols such as FAST promise to deliver better performance than traditional TCP Reno, they have not yet been widely incorporated to the Internet. Several factors have contributed to their lack of deployment. Probably, the main contributing factor is that they are not able to compete fairly against loss-based congestion control protocols. In fact, the trans…
▽ More
Although delay-based congestion control protocols such as FAST promise to deliver better performance than traditional TCP Reno, they have not yet been widely incorporated to the Internet. Several factors have contributed to their lack of deployment. Probably, the main contributing factor is that they are not able to compete fairly against loss-based congestion control protocols. In fact, the transmission rate in equilibrium of delay-based approaches is always less than their fair share when they share the network with traditional TCP-Reno derivatives, that employ packet losses as their congestion signal. There are also other performance impairments caused by the sensitivity to errors in the measurement of the congestion signal (queuing delay) that reduce the efficiency and the intra-protocol fairness of the algorithms. In this paper we report, analyze and discuss some recent proposals in the literature to improve the dynamic behavior of delay-based congestion control algorithms, and FAST in particular. Coexistence of sources reacting differently to congestion, identifying congestion appearance in the reverse path and the persistent congestion problem are the issues specifically addressed.
△ Less
Submitted 21 May, 2014;
originally announced May 2014.
-
The persistent congestion problem of FAST-TCP: analysis and solutions
Authors:
Miguel Rodríguez-Pérez,
Sergio Herrería-Alonso,
Manuel Fernández-Veiga,
Cándido López-García
Abstract:
FAST-TCP achieves better performance than traditional TCP-Reno schemes, but unfortunately it is inherently unfair to older connections due to wrong estimations of the round-trip propagation delay.
This paper presents a model for this anomalous behavior of FAST flows, known as the persistent congestion problem. We first develop an elementary analysis for a scenario with just two flows, and then b…
▽ More
FAST-TCP achieves better performance than traditional TCP-Reno schemes, but unfortunately it is inherently unfair to older connections due to wrong estimations of the round-trip propagation delay.
This paper presents a model for this anomalous behavior of FAST flows, known as the persistent congestion problem. We first develop an elementary analysis for a scenario with just two flows, and then build up the general case with an arbitrary number of flows. The model correctly quantifies how much unfairness shows up among the different connections, confirming experimental observations made by several previous studies.
We built on this model to develop an algorithm to obtain a good estimate of the propagation delay for FAST-TCP that enables to achieve fairness between aged and new connections while preserving the high throughput and low buffer occupancy of the original protocol. Furthermore, our proposal only requires a modification of the sender host, avoiding the need to upgrade the intermediate routers in any way.
△ Less
Submitted 1 September, 2015; v1 submitted 21 May, 2014;
originally announced May 2014.
-
Improving Energy Efficiency in Upstream EPON Channels by Packet Coalescing
Authors:
Miguel Rodríguez-Pérez,
Sergio Herrería-Alonso,
Manuel Fernández-Veiga,
Cándido López-García
Abstract:
In this paper, we research the feasibility of adapting the packet coalescing algorithm, used successfully in IEEE 802.3az Ethernet cards, to upstream EPON channels. Our simulation experiments show that, using this algorithm, great power savings are feasible without requiring any changes to the deployed access network infrastructure nor to protocols.
In this paper, we research the feasibility of adapting the packet coalescing algorithm, used successfully in IEEE 802.3az Ethernet cards, to upstream EPON channels. Our simulation experiments show that, using this algorithm, great power savings are feasible without requiring any changes to the deployed access network infrastructure nor to protocols.
△ Less
Submitted 27 July, 2015; v1 submitted 21 May, 2014;
originally announced May 2014.