BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Franco Chiaraluce

Franco Chiaraluce contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Cryptography and SecurityInformation Theorymath.IT

Trust snapshot

Quick read

Trust 21 - EmergingVerification L1Unclaimed author
8works
0followers
3topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

8 published item(s)

preprint2022arXiv

Analysis of a blockchain protocol based on LDPC codes

In a blockchain Data Availability Attack (DAA), a malicious node publishes a block header but withholds part of the block, which contains invalid transactions. Honest full nodes, which can download and store the full blockchain, are aware that some data are not available but they have no formal way to prove it to light nodes, i.e., nodes that have limited resources and are not able to access the whole blockchain data. A common solution to counter these attacks exploits linear error correcting codes to encode the block content. A recent protocol, called SPAR, employs coded Merkle trees and low-density parity-check codes to counter DAAs. In this paper, we show that the protocol is less secure than claimed, owing to a redefinition of the adversarial success probability. As a consequence we show that, for some realistic choices of the parameters, the total amount of data downloaded by light nodes is larger than that obtainable with competitor solutions.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

Implementation of Ethereum Accounts and Transactions on Embedded IoT Devices

The growing interest in Internet of Things (IoT) and Industrial IoT (IIoT) poses the challenge of finding robust solutions for the certification and notarization of data produced and collected by embedded devices. The blockchain and distributed ledger technologies represent a promising solution to address these issues, but rise other questions, for example regarding their practical feasibility. In fact, IoT devices have limited resources and, consequently, may not be able to easily perform all the operations required to participate in a blockchain. In this paper we propose a minimal architecture to allow IoT devices performing data certification and notarization on the Ethereum blockchain. We develop a hardware-software platform through which a lightweight device (e.g., an IoT sensor), holding a secret key and the associated public address, produces signed transactions, which are then submitted to the blockchain network. This guarantees data integrity and authenticity and, on the other hand, minimizes the computational burden on the lightweight device. To show the practicality of the proposed approach, we report and discuss the results of benchmarks performed on ARM Cortex-M4 hardware architectures, sending transactions over the Ropsten testnet. Our results show that all the necessary operations can be performed with small latency, thus proving that an IoT device can directly interact with the blockchain, without apparent bottlenecks.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

MAGIC: A Method for Assessing Cyber Incidents Occurrence

The assessment of cyber risk plays a crucial role for cybersecurity management, and has become a compulsory task for certain types of companies and organizations. This makes the demand for reliable cyber risk assessment tools continuously increasing, especially concerning quantitative tools based on statistical approaches. Probabilistic cyber risk assessment methods, however, follow the general paradigm of probabilistic risk assessment, which requires the magnitude and the likelihood of incidents as inputs. Unfortunately, for cyber incidents, the likelihood of occurrence is hard to estimate based on historical and publicly available data; so, expert evaluations are commonly used, which however leave space to subjectivity. In this paper, we propose a novel probabilistic model, called MAGIC (Method for AssessinG cyber Incidents oCcurrence), to compute the likelihood of occurrence of a cyber incident, based on the evaluation of the cyber posture of the target organization. This allows deriving tailor-made inputs for probabilistic risk assessment methods, like HTMA (How To Measure Anything in cybersecurity risk), FAIR (Factor Analysis of Information Risk) and others, thus considerably reducing the margin of subjectivity in the assessment of cyber risk. We corroborate our approach through a qualitative and a quantitative comparison with several classical methods.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

Optimization of a Reed-Solomon code-based protocol against blockchain data availability attacks

ASBK (named after the authors' initials) is a recent blockchain protocol tackling data availability attacks against light nodes, employing two-dimensional Reed-Solomon codes to encode the list of transactions and a random sampling phase where adversaries are forced to reveal information. In its original formulation, only codes with rate $1/4$ are considered, and a theoretical analysis requiring computationally demanding formulas is provided. This makes ASBK difficult to optimize in situations of practical interest. In this paper, we introduce a much simpler model for such a protocol, which additionally supports the use of codes with arbitrary rate. This makes blockchains implementing ASBK much easier to design and optimize. Furthermore, disposing of a clearer view of the protocol, some general features and considerations can be derived (e.g., nodes behaviour in largely participated networks). As a concrete application of our analysis, we consider relevant blockchain parameters and find network settings that minimize the amount of data downloaded by light nodes. Our results show that the protocol benefits from the use of codes defined over large finite fields, with code rates that may be even significantly different from the originally proposed ones.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

SPANSE: combining sparsity with density for efficient one-time code-based digital signatures

The use of codes defined by sparse characteristic matrices, like QC-LDPC and QC-MDPC codes, has become an established solution to design secure and efficient code-based public-key encryption schemes, as also witnessed by the ongoing NIST post-quantum cryptography standardization process. However, similar approaches have been less fortunate in the context of code-based digital signatures, since no secure and efficient signature scheme based on these codes is available to date. The main limitation of previous attempts in this line of research has been the use of sparse signatures, which produces some leakage of information about the private key. In this paper, we propose a new code-based digital signature scheme that overcomes such a problem by publishing signatures that are abnormally dense, rather than sparse. This eliminates the possibility of deducing information from the sparsity of signatures, and follows a recent trend in code-based cryptography exploiting the hardness of the decoding problem for large-weight vectors, instead of its classical version based on small-weight vectors. In this study we focus on one-time use and provide some preliminary instances of the new scheme, showing that it achieves very fast signature generation and verification with reasonably small public keys.

0 citations0 reviewsNo code linkedOpen access
preprint2021arXiv

A New Path to Code-based Signatures via Identification Schemes with Restricted Errors

In this paper we introduce a variant of the Syndrome Decoding Problem (SDP), that we call Restricted SDP (R-SDP), in which the entries of the searched vector are defined over a subset of the underlying finite field. We prove the NP-completeness of R-SDP, via a reduction from the classical SDP, and describe algorithms which solve such new problem. We study the properties of random codes under this new decoding perspective, in the fashion of traditional coding theory results, and assess the complexity of solving a random R-SDP instance. As a concrete application, we describe how Zero-Knowledge Identification (ZK-ID) schemes based on SDP can be tweaked to rely on R-SDP, and show that this leads to compact public keys as well as significantly reduced communication costs. Thus, these schemes offer an improved basis for the construction of code-based digital signature schemes derived from identification schemes through the well-know Fiat-Shamir transformation.

0 citations0 reviewsNo code linkedOpen access
preprint2021arXiv

Information set decoding of Lee-metric codes over finite rings

Information set decoding (ISD) algorithms are the best known procedures to solve the decoding problem for general linear codes. These algorithms are hence used for codes without a visible structure, or for which efficient decoders exploiting the code structure are not known. Classically, ISD algorithms have been studied for codes in the Hamming metric. In this paper we switch from the Hamming metric to the Lee metric, and study ISD algorithms and their complexity for codes measured with the Lee metric over finite rings.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Analysis of the error correction capability of LDPC and MDPC codes under parallel bit-flipping decoding and application to cryptography

Iterative decoders used for decoding low-density parity-check (LDPC) and moderate-density parity-check (MDPC) codes are not characterized by a deterministic decoding radius and their error rate performance is usually assessed through intensive Monte Carlo simulations. However, several applications, like code-based cryptography, need guaranteed low values of the error rate, which are infeasible to assess through simulations, thus requiring the development of theoretical models for the error rate of these codes under iterative decoding. Some models of this type already exist, but become computationally intractable for parameters of practical interest. Other approaches approximate the code ensemble behaviour through some assumptions, which may not hold true for a specific code. We propose a theoretical analysis of the error correction capability of LDPC and MDPC codes that allows deriving tight bounds on the error rate at the output of parallel bit-flipping decoders. Special attention is devoted to the case of codes with small girth; moreover, single-iteration decoding is investigated through a rigorous approach, which does not require any assumption and hence results in a guaranteed error correction capability for any single code. We show an example of application of the new bound to the context of code-based cryptography, where guaranteed error rates are needed to achieve some strong security levels.

0 citations0 reviewsNo code linkedOpen access