2018년 June 1일

# ASIACCS 2018 Proceeding

ASIACCS ’18- Proceedings of the 2018 on Asia Conference on Computer and Communications Security

# ASIACCS ’18- Proceedings of the 2018 on Asia Conference on Computer and Communications Security

Full Citation in the ACM Digital Library

## SESSION: Session 1: Embedded System Security

### DeWiCam: Detecting Hidden Wireless Cameras via Smartphones

• Yushi Cheng
• Xiaoyu Ji
• Tianyang Lu
• Wenyuan Xu

Wireless cameras are widely deployed in surveillance systems for security guarding. However, the privacy concerns associated with unauthorized videotaping, are drawing an increasing attention recently. Existing detection methods for unauthorized wireless cameras are either limited by their detection accuracy or requiring dedicated devices. In this paper, we propose DeWiCam, a lightweight and effective detection mechanism using smartphones. The basic idea of DeWiCam is to utilize the intrinsic traffic patterns of flows from wireless cameras. Compared with traditional traffic pattern analysis, DeWiCam is more challenging because it cannot access the encrypted information in the data packets. Yet, DeWiCam overcomes the difficulty and can detect nearby wireless cameras reliably. To further identify whether a camera is in an interested room, we propose a human-assisted identification model. We implement DeWiCam on the Android platform and evaluate it with extensive experiments on 20 cameras. The evaluation results show that DeWiCam can detect cameras with an accuracy of 99% within 2.7 s.

### Leaky Wires: Information Leakage and Covert Communication Between FPGA Long Wires

• Kasper B. Rasmussen
• Ken Eguro

Field-Programmable Gate Arrays (FPGAs) are integrated circuits that implement reconfigurable hardware. They are used in modern systems, creating specialized, highly-optimized integrated circuits without the need to design and manufacture dedicated chips. As the capacity of FPGAs grows, it is increasingly common for designers to incorporate implementations of algorithms and protocols from a range of third-party sources. The monolithic nature of FPGAs means that all on-chip circuits, including third party black-box designs, must share common on-chip infrastructure, such as routing resources. In this paper, we observe that a “long” routing wire carrying a logical 1 reduces the propagation delay of other adjacent but unconnected long wires in the FPGA interconnect, thereby leaking information about its state. We exploit this effect and propose a communication channel that can be used for both covert transmissions between circuits, and for exfiltration of secrets from the chip. We show that the effect is measurable for both static and dynamic signals, and that it can be detected using very small on-board circuits. In our prototype, we are able to correctly infer the logical state of an adjacent long wire over 99% of the time, even without error correction, and for signals that are maintained for as little as 82us. Using a Manchester encoding scheme, our channel bandwidth is as high as 6kbps. We characterize the channel in detail and show that it is measurable even when multiple competing circuits are present and can be replicated on different generations and families of Xilinx devices (Virtex 5, Virtex 6, and Artix 7). Finally, we propose countermeasures that can be deployed by systems and tools designers to reduce the impact of this information leakage.

### HlcAuth: Key-free and Secure Communications via Home-Limited Channel

• Chaohao Li
• Xiaoyu Ji
• Xinyan Zhou
• Juchuan Zhang
• Jing Tian
• Yanmiao Zhang
• Wenyuan Xu

Nowadays most IoT devices in smart homes rely on radio frequency channels for communication, making them exposed to various attacks. Existing methods using encryption keys may be inapplicable on these resource-constrained devices that cannot afford the computationally expensive encryption operations. Thus, in this paper we design a key-free communication method for such devices. In particular, we introduce the Home-limited Channel (HLC) that can be accessed only within a house yet inaccessible for an outside-house attacker. Utilizing HLCs, we propose a challenge-response mechanism to authenticate the communications inside a house. The advantages of the HlcAuth protocol are low cost, lightweight as well as key-free, and requiring no human intervention. We show that HlcAuth can defeat replay attacks, message-forgery attacks, and man-in-the-middle (MiTM) attacks, among others. HlcAuth achieves 100% true positive rate (TPR) within 4.2m for in-house devices while 0% false positive rate (FPR) for outside attackers.

## SESSION: Session 2: Applied Crypto 1

### Ciphertext Integrity with Misuse and Leakage: Definition and Efficient Constructions with Symmetric Primitives

• Francesco Berti
• François Koeune
• Olivier Pereira
• Thomas Peters
• François-Xavier Standaert

Leakage resilience (LR) and misuse resistance (MR) are two important properties for the deployment of authenticated encryption (AE) schemes. They aim at mitigating the impact of implementation flaws due to side-channel leakages and misused randomness. In this paper, we discuss the interactions and incompatibilities between these two properties.

We start from the usual definition of MR for AE schemes from Rogaway and Shrimpton, and argue that it may be overly demanding in the presence of leakages. As a result, we turn back to the basic security requirements for AE: ciphertext integrity (INT-CTXT) and CPA security, and propose to focus on a new notion of CIML security, which is an extension of INT-CTXT in the presence of misuse and leakages.

We discuss the extent to which CIML security is offered by previous proposals of MR AE schemes, conclude by the negative, and propose two new efficient CIML-secure AE schemes: the DTE scheme offers security in the standard model, while the DCE scheme offers security in the random oracle model, but comes with some efficiency benefits. On our way, we observe that these constructions are not trivial, and show for instance that the composition of a LR MAC and a LR encryption scheme, while providing a (traditional) MR AE scheme, can surprisingly lose the MR property in the presence of leakages and does not achieve CIML security. Eventually, we show the LR CPA security of DTE and DCE.

### On the Memory-Hardness of Data-Independent Password-Hashing Functions

• Joel Alwen
• Peter Gazi
• Chethan Kamath
• Karen Klein
• Georg Osang
• Krzysztof Pietrzak
• Lenoid Reyzin
• Michal Rolinek
• Michal Rybar

We show attacks on five data-independent memory-hard functions (iMHF) that were submitted to the password hashing competition (PHC). Informally, an MHF is a function which cannot be evaluated on dedicated hardware, like ASICs, at significantly lower hardware and/or energy cost than evaluating a single instance on a standard single-core architecture. Data-independent means the memory access pattern of the function is independent of the input; this makes iMHFs harder to construct than data-dependent ones, but the latter can be attacked by various side-channel attacks.

Following [Alwen-Blocki’16], we capture the evaluation of an iMHF as a directed acyclic graph (DAG). The cumulative parallel pebbling complexity of this DAG is a measure for the hardware cost of evaluating the iMHF on an ASIC. Ideally, one would like the complexity of a DAG underlying an iMHF to be as close to quadratic in the number of nodes of the graph as possible.

Instead, we show that (the DAGs underlying) the following iMHFs are far from this bound: Rig.v2, TwoCats and Gambit each having an exponent no more than 1.75. Moreover, we show that the complexity of the iMHF modes of the PHC finalists Pomelo and Lyra2 have exponents at most 1.83 and 1.67 respectively. To show this we investigate a combinatorial property of each underlying DAG (called its depth-robustness. By establishing upper bounds on this property we are then able to apply the general technique of [Alwen-Block’16] for analyzing the hardware costs of an iMHF.

### Non-interactive and Output Expressive Private Comparison from Homomorphic Encryption

• Wen-jie Lu
• Jun-jie Zhou
• Jun Sakuma

Private comparison is about privately determining whether a > b, given two input integers a and b which are held as private information. Private comparison is an important building block for applications such as secure auction and privacy-preserving decision tree evaluation.

In this paper, we consider a variant setting in which the inputs a and b as well as the result bit 1 {a > b} are encrypted. Using a ring variant of a fully homomorphic encryption scheme, our solution takes as input the ciphertexts of a and b and produces only one ciphertext which decrypts to the bit 1 {a > b} without any interaction with the secret key holder. Our approach does not encrypt the inputs bit-wisely and requires only a multiplicative depth of one, giving about 48 – 90 fold speed up over previous solutions.

## SESSION: Session 3: Authentication

### The Personal Identification Chord: A Four ButtonAuthentication System for Smartwatches

• Ian Oakley
• Jun Ho Huh
• Junsung Cho
• Geumhwan Cho
• Rasel Islam
• Hyoungshick Kim

Smartwatches support access to a wide range of private information but little is known about the security and usability of existing smartwatch screen lock mechanisms. Prior studies suggest that smartwatch authentication via standard techniques such as 4-digit PINs is challenging and error-prone. We conducted interviews to shed light on current practices, revealing that smartwatch users consider the ten-key keypad required for PIN entry to be hard to use due to its small button sizes. To address this issue, we propose the Personal Identification Chord (PIC), an authentication system based on a four-button chorded keypad that enables users to enter ten different inputs via taps to one or two larger buttons. Two studies assessing usability and security of our technique indicate PICs lead to increases in setup and (modestly) recall time, but can be entered accurately while maintaining high recall rates and may improve guessing entropy compared to PINs.

### 2MA: Verifying Voice Commands via Two Microphone Authentication

• Logan Blue
• Luis Vargas
• Patrick Traynor

Voice controlled interfaces have vastly improved the usability of many devices (e.g., headless IoT systems). Unfortunately, the lack of authentication for these interfaces has also introduced command injection vulnerabilities – whether via compromised IoT devices, television ads or simply malicious nearby neighbors, causing such devices to perform unauthenticated sensitive commands is relatively easy. We address these weaknesses with Two Microphone Authentication (2MA), which takes advantage of the presence of multiple ambient and personal devices operating in the same area. We develop an embodiment of 2MA that combines approximate localization through Direction of Arrival (DOA) techniques with Robust Audio Hashes (RSHs). Our results show that our 2MA system can localize a source to within a narrow physical cone ($<30^\circ$) with zero false positives, eliminate replay attacks and prevent the injection of inaudible/hidden commands. As such, we dramatically increase the difficulty for an adversary to carry out such attacks and demonstrate that 2MA is an effective means of authenticating and localizing voice commands.

### Beat-PIN: A User Authentication Mechanism for Wearable Devices Through Secret Beats

• Ben Hutchins
• Anudeep Reddy
• Wenqiang Jin
• Michael Zhou
• Ming Li
• Lei Yang

Wearable devices that capture users’ rich information regarding their daily activities have unmet authentication needs. Today’s solutions, which primarily rely on indirect authentication mechanisms via users’ smartphones, thus cumbersome and susceptible to adversary intrusions. Even though there have been some efforts trying to fill this gap, they either rely on some superior sensors, such as cameras and electrocardiogram (ECG) pads, or are awkward to use, e.g., users are asked to perform some pre-defined movement/gesture for authentication. Therefore, an authentication mechanism for wearable devices that is accurate, robust, light-weight and convenient is in dire need.

In this paper, we present the design, implementation and evaluation of a user authentication mechanism, Beat-PIN, for wearable devices that are equipped with touch sensors. A user’s password is a set of recorded beats when he/she taps the device. We call this rhythm-based password as a beat-PIN, which is represented by the timing of its beats. To achieve high authentication accuracy with short training overhead, we propose a novel classification method. Through extensive experimental evaluation with 124 participants, we show that our mechanism can achieve the average EER of 7.2% with only 7 training samples. Besides, its login time is as low as 1.7s. We also show that its average power consumption for training and login is 337.2mW and 181.4mW, separately, which is lower than that for most common operations on smartwatches. More importantly, we provide a theoretical analysis over the beat-PIN’s raw space size and show that it is much larger than that of digit-PINs and traditional passwords.

## SESSION: Session 4: Mobile

### iOracle: Automated Evaluation of Access Control Policies in iOS

• Luke Deshotels
• Razvan Deaconescu
• Costin Carabas
• Iulia Manda
• William Enck
• Mihai Chiroiu
• Ninghui Li

Modern operating systems, such as iOS, use multiple access control policies to define an overall protection system. However, the complexity of these policies and their interactions can hide policy flaws that compromise the security of the protection system. We propose iOracle, a framework that logically models the iOS protection system such that queries can be made to automatically detect policy flaws. iOracle models policies and runtime context extracted from iOS firmware images, developer resources, and jailbroken devices, and iOracle significantly reduces the complexity of queries by modeling policy semantics. We evaluate iOracle by using it to successfully triage executables likely to have policy flaws and comparing our results to the executables exploited in four recent jailbreaks. When applied to iOS 10, iOracle identifies previously unknown policy flaws that allow attackers to modify or bypass access control policies. For compromised system processes, consequences of these policy flaws include sandbox escapes (with respect to read/write file access) and changing the ownership of arbitrary files. By automating the evaluation of iOS access control policies, iOracle provides a practical approach to hardening iOS security by identifying policy flaws before they are exploited.

### Source Attribution of Cryptographic API Misuse in Android Applications

• Ildar Muslukhov
• Yazan Boshmaf
• Konstantin Beznosov

Recent research suggests that 88% of Android applications that use Java cryptographic APIs make at least one mistake, which results in an insecure implementation. It is unclear, however, if these mistakes originate from code written by application or third-party library developers. Understanding the responsible party for a misuse case is important for vulnerability disclosure. In this paper, we bridge this knowledge gap and introduce source attribution to the analysis of cryptographic API misuse. We developed BinSight, a static program analyzer that supports source attribution, and we analyzed 132K Android applications collected in years 2012, 2015, and 2016. Our results suggest that third-party libraries are the main source of cryptographic API misuse. In particular, 90% of the violating applications, which contain at least one call-site to Java cryptographic API, originate from libraries. When compared to 2012, we found the use of ECB mode for symmetric ciphers has significantly decreased in 2016, for both application and third-party library code. Unlike application code, however, third-party libraries have significantly increased their reliance on static encryption keys for symmetric ciphers and static IVs for CBC mode ciphers. Finally, we found that the insecure RC4 and DES ciphers were the second and the third most used ciphers in 2016.

### Don’t throw me away: Threats Caused by the Abandoned Internet Resources Used by Android Apps

• Elkana Pariwono
• Daiki Chiba
• Mitsuaki Akiyama
• Tatsuya Mori

This study aims to understand the threats caused by abandoned Internet resources used by Android apps. By abandoned, we mean Internet resources that support apps that were published and are still available on the mobile app marketplace, but have not been maintained and hence are at risk for abuse by an outsider. Internet resources include domain names and hard-coded IP addresses, which could be used for nefarious purposes, e.g., stealing sensitive private information, scamming and phishing, click fraud, and injecting malware distribution URL. As a result of the analysis of 1.1 M Android apps published in the official marketplace, we uncovered 3,628 of abandoned Internet resources associated with 7,331 available mobile apps. These resources are subject to hijack by outsiders. Of these apps, 13 apps have been installed more than a million of times, a measure of the breadth of the threat. Based on the findings of empirical experiments, we discuss potential threats caused by abandoned Internet resources and propose countermeasures against these threats.

## SESSION: Session 5: Machine Learning 1

### Protecting Intellectual Property of Deep Neural Networks with Watermarking

• Jialong Zhang
• Zhongshu Gu
• Jiyong Jang
• Hui Wu
• Marc Ph. Stoecklin
• Heqing Huang
• Ian Molloy

Deep learning technologies, which are the key components of state-of-the-art Artificial Intelligence (AI) services, have shown great success in providing human-level capabilities for a variety of tasks, such as visual analysis, speech recognition, and natural language processing and etc. Building a production-level deep learning model is a non-trivial task, which requires a large amount of training data, powerful computing resources, and human expertises. Therefore, illegitimate reproducing, distribution, and the derivation of proprietary deep learning models can lead to copyright infringement and economic harm to model creators. Therefore, it is essential to devise a technique to protect the intellectual property of deep learning models and enable external verification of the model ownership.

In this paper, we generalize the “digital watermarking” concept from multimedia ownership verification to deep neural network (DNNs) models. We investigate three DNN-applicable watermark generation algorithms, propose a watermark implanting approach to infuse watermark into deep learning models, and design a remote verification mechanism to determine the model ownership. By extending the intrinsic generalization and memorization capabilities of deep neural networks, we enable the models to learn specially crafted watermarks at training and activate with pre-specified predictions when observing the watermark patterns at inference. We evaluate our approach with two image recognition benchmark datasets. Our framework accurately (100%) and quickly verifies the ownership of all the remotely deployed deep learning models without affecting the model accuracy for normal input data. In addition, the embedded watermarks in DNN models are robust and resilient to different counter-watermark mechanisms, such as fine-tuning, parameter pruning, and model inversion attacks.

### Towards Fast and Semi-supervised Identification of Smart Meters Launching Data Falsification Attacks

• Shameek Bhattacharjee
• Sajal K. Das

Compromised smart meters sending false power consumption data in Advanced Metering Infrastructure (AMI) may have drastic consequences on the smart grid»s operation. Most existing defense models only deal with electricity theft from individual customers (isolated attacks) using supervised classification techniques that do not offer scalable or real time solutions. Furthermore, the cyber and interconnected nature of AMIs can also be exploited by organized adversaries who have the ability to orchestrate simultaneous data falsification attacks after compromising several meters, and also have more complex goals than just electricity theft. In this paper, we first propose a real time semi-supervised anomaly based consensus correction technique that detects the presence and type of smart meter data falsification, and then performs a consensus correction accordingly. Subsequently, we propose a semi-supervised consensus based trust scoring model, that is able to identify the smart meters injecting false data. The main contribution of the proposed approach is to provide a practical framework for compromised smart meter identification that (i) is not supervised (ii) enables quick identification (iii) scales classification error rates better for larger sized AMIs; (iv) counters threats from both isolated and orchestrated attacks; and (v) simultaneously works for a variety of data falsification types. Extensive experimental validation using two real datasets from USA and Ireland, demonstrates the ability of our proposed method to identify compromised meters in near real time across different datasets.

### Detecting Malicious PowerShell Commands using Deep Neural Networks

• Danny Hendler
• Shay Kels
• Amir Rubin

Microsoft»s PowerShell is a command-line shell and scripting language that is installed by default on Windows machines. Based on Microsoft»s .NET framework, it includes an interface that allows programmers to access operating system services. While PowerShell can be configured by administrators for restricting access and reducing vulnerabilities, these restrictions can be bypassed. Moreover, PowerShell commands can be easily generated dynamically, executed from memory, encoded and obfuscated, thus making the logging and forensic analysis of code executed by PowerShell challenging. For all these reasons, PowerShell is increasingly used by cybercriminals as part of their attacks» tool chain, mainly for downloading malicious contents and for lateral movement. Indeed, a recent comprehensive technical report by Symantec dedicated to PowerShell»s abuse by cybercrimials \citeSymantec16 reported on a sharp increase in the number of malicious PowerShell samples they received and in the number of penetration tools and frameworks that use PowerShell. This highlights the urgent need of developing effective methods for detecting malicious PowerShell commands. In this work, we address this challenge by implementing several novel detectors of malicious PowerShell commands and evaluating their performance. We implemented both “traditional” natural language processing (NLP) based detectors and detectors based on character-level convolutional neural networks (CNNs). Detectors» performance was evaluated using a large real-world dataset. Our evaluation results show that, although our detectors (and especially the traditional NLP-based ones) individually yield high performance, an ensemble detector that combines an NLP-based classifier with a CNN-based classifier provides the best performance, since the latter classifier is able to detect malicious commands that succeed in evading the former. Our analysis of these evasive commands reveals that some obfuscation patterns automatically detected by the CNN classifier are intrinsically difficult to detect using the NLP techniques we applied. Our detectors provide high recall values while maintaining a very low false positive rate, making us cautiously optimistic that they can be of practical value.

### Detection under Privileged Information

• Z. Berkay Celik
• Patrick McDaniel
• Rauf Izmailov
• Nicolas Papernot
• Ryan Sheatsley
• Raquel Alvarez
• Ananthram Swami

For well over a quarter century, detection systems have been driven by models learned from input features collected from real or simulated environments. An artifact (e.g., network event, potential malware sample, suspicious email) is deemed malicious or non-malicious based on its similarity to the learned model at runtime. However, the training of the models has been historically limited to only those features available at runtime. In this paper, we consider an alternate learning approach that trains models using privileged information–features available at training time but not at runtime–to improve the accuracy and resilience of detection systems. In particular, we adapt and extend recent advances in knowledge transfer, model influence, and distillation to enable the use of forensic or other data unavailable at runtime in a range of security domains. An empirical evaluation shows that privileged information increases precision and recall over a system with no privileged information: we observe up to 7.7% relative decrease in detection error for fast-flux bot detection, 8.6% for malware traffic detection, 7.3% for malware classification, and 16.9% for face recognition. We explore the limitations and applications of different privileged information techniques in detection systems. Such techniques provide a new means for detection systems to learn from data that would otherwise not be available at runtime.

## SESSION: Session 6: Privacy 1

### Entwining Sanitization and Personalization on Databases

• Sébastien Gambs
• Julien Lolive
• Jean-Marc Robert

In the last decade, a lot of research has been done to prevent the illegal distribution of digital content, % in the context in which the proprietary content is a medium such as musical works and movies. However, only few works have tackled this problem for databases, and even less for databases containing personal and sensitive information (\emphe.g, a medical database). In this work, we address this latter issue by proposing øuralgo\ (for Sanitization and Personalization of Databases ), an approach in which the owner of a database personalizes it before distributing it to ensure that a malicious buyer can be traced back in case of an illegal redistribution. Our novel solution entwines the personalization step with a sanitization mechanism to prevent the leak of personal information and limit the privacy risks. Thus, our objective is to release a sanitized and personalized database, both to protect the privacy of the concerned individuals and to prevent the illegal redistribution, even from a collusion of malicious buyers.

### Large-Scale Privacy-Preserving Statistical Computations for Distributed Genome-Wide Association Studies

• Oleksandr Tkachenko
• Christian Weinert
• Thomas Schneider
• Kay Hamacher

### POSTER: A Framework for Phylogenetic Analysis in Mobile Environment

• Fabio Martinelli
• Francesco Mercaldo
• Andrea Ssaracino

To maximize the probability of successful attacks and reduce the odds of being detected, malware developers implement different versions of the same malicious payloads. As a matter of fact, malware writers often generate new malicious code starting from existing ones, adding small programmed variations, or applying obfuscation mechanisms, that change the code structure, without altering the malicious functionalities. For these reasons phylogenetic analysis is becoming of interest as instrument for malware analysts in order to understand the derivation of a malicious payload, being thus able to reconduct a derived piece of code to its original, known originator. In this poster we describe a framework designed to infer and shape the phylogenetic tree of mobile malicious applications. The framework considers multi-level features with rule-based machine learning algorithm to retrieve antecedents and descendants of malicious samples.

### POSTER: CPS Security Testbed Development Using Controller-in-the-Middle

• Seungoh Choi
• Woomyo Lee
• Hyeok-Ki Shin
• Jeong-Han Yun
• Sin-Kyu Kim

Cyber-physical systems (CPSs) are used in a variety of domains such as critical infrastructure, smart factory, transportation, etc. Since dependable CPSs tend to be configured for specific tasks that are performed repeatedly, security threats to CPSs have started increasing. To enhance CPS security, it is necessary to realistically reproduce and test scenarios that reflect the characteristics of the target system. Prior to developing technologies for CPS security, individual experimental environments are necessary to evaluate the developed technologies. In this paper, we propose a Controller-in-the-Middle (CitM) scheme that provides a flexible experimental environment for CPS security, which consists of an independent process exchanged between field devices and a complex process combining different independent processes. Using the proposed scheme, various scenarios and test environment can be reproduced flexibly.

### POSTER: I Can’t Hear This Because I Am Human: A Novel Design of Audio CAPTCHA System

• Jusop Choi
• Taekkyung Oh
• William Aiken
• Simon S. Woo
• Hyoungshick Kim

A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) provides the first line of defense to protect websites against bots and automatic crawling. Recently, audio-based CAPTCHA systems are started to use for visually impaired people in many internet services. However, with the recent improvement of speech recognition and machine learning system, audio CAPTCHAs have come to struggle to distinguish machines from users, and this situation will likely continue to worsen. Unlike conventional CAPTCHA systems, we propose a new conceptual audio CAPTCHA system, combining certain sound, which is only understandable by a machine. Our experiment results demonstrate that the tested speech recognition systems always provide correct responses for our CAPTCHA samples while humans cannot possibly understand them. Based on this computational gap between the human and machine, we can detect bots with their correct responses, rather than their incorrect ones.

### POSTER: On Compressing PKI Certificates for Resource Limited Internet of Things Devices

• HyukSang Kwon
• Shahid Raza
• JeongGil Ko

Certificate-based Public Key Infrastructure (PKI) schemes are used to authenticate the identity of distinct nodes on the Internet. Using certificates for the Internet of Things (IoT) can allow many privacy sensitive applications to be trusted over the larger Internet architecture. However, since IoT devices are typically resource limited, full sized PKI certificates are not suitable for use in the IoT domain. This work outlines our approach in compressing standards-compliant X.509 certificates so that their sizes are reduced and can be effectively used on IoT nodes. Our scheme combines the use of Concise Binary Object Representation (CBOR) and also a scheme that compresses all data that can be implicitly inferenced within the IoT sub-network. Our scheme shows a certificate compression rate of up to ~30%, which allows effective energy reduction when using X.509-based certificates on IoT platforms.

### POSTER: Mining with Proof-of-Probability in Blockchain

• Sungmin Kim
• Joongheon Kim

As interest in cryptocurrency has increased, problems have arisen with Proof-of-Work (PoW) and Proof-of-Stake (PoS) methods, the most representative methods of acquiring cryptocurrency in a blockchain. The PoW method is uneconomical and the PoS method can be easily monopolized by a few people. To cope with this issue, this paper introduces a Proof-of-Probability (PoP) method. The PoP is a method where each node sorts the encrypted actual hash as well as a number of fake hash, and then the first node to decrypt actual hash creates block. In addition, a wait time is used when decrypting one hash and then decrypting the next hash for restricting the excessive computing power competition. In addition, the centralization by validaters with many stakes can be avoided in the proposed PoP method.

• Hosung Park
• Daeyong Kwon
• Seungsoo Nam
• Daeseon Choi