José A. Montenegro

@article{MoLo15,

title = {A practical solution for sealed bid and multi-currency auctions},

author = {Jose A. Montenegro and Javier Lopez},

url = {/wp-content/papers/MoLo15.pdf},

doi = {10.1016/j.cose.2014.06.004},

issn = {0167-4048},

year  = {2014},

date = {2014-09-01},

urldate = {2014-09-01},

journal = {Computers \& Security},

volume = {45},

pages = {186-198},

publisher = {Elsevier},

abstract = {This paper introduces a sealed bid and underlinemulti-currency auction using secure multiparty computation (underlineSMC). 

Two boolean functions, a comparison and multiplication function, have been designed as required to apply underlineSMC. These functions are applied without revealing any information, not even to trusted third parties such as the auctioneer. A type of Zero Knowledge proof, discreet proof, has been implemented with three variants, interactive, regular and reduced non interactive proofs. These proofs make it possible to verify the correctness of the functions whilst preserving the privacy of the bid values. Moreover, a system performance evaluation of the proposal has been realized on heterogeneous platforms, including a mobile platform. The evaluation concludes that our proposal is practical even on mobile platforms.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{MFLR13,

title = {Secure sealed-bid online auctions using discreet cryptographic proofs},

author = {Jose A. Montenegro and Michael J. Fischer and Javier Lopez and Rene Peralta},

url = {/wp-content/papers/MFLR13.pdf},

doi = {10.1016/j.mcm.2011.07.027},

issn = {0895-7177},

year  = {2013},

date = {2013-06-01},

urldate = {2013-06-01},

journal = {Mathematical and Computer Modelling},

volume = {57},

pages = {2583\textendash2595},

publisher = {Elsevier},

abstract = {This work describes the design and implementation of an auction system using secure multiparty computation techniques. Our aim is to produce a system that is practical under actual field constraints on computation, memory, and communication. The underlying protocol is privacy-preserving, that is, the winning bid is determined without information about the losing bids leaking to either the auctioneer or other bidders. Practical implementation of the protocol is feasible using circuit-based cryptographic proofs along with additively homomorphic bit commitment. Moreover, we propose the development of a emphProof Certificate standard. These certificates convey sufficient information to recreate the cryptographic proofs and verify them offline.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{JordiForne2009,

title = {Pervasive Authentication and Authorization Infrastructures for Mobile Users},

author = {Jordi Forne and M. Francisca Hinarejos and Andres Marin and Florina Almenarez and Javier Lopez and Jose A. Montenegro and Marc Lacoste and Daniel Diaz},

url = {/wp-content/papers/JordiForne2009.pdf},

doi = {10.1016/j.cose.2009.09.001},

issn = {0167-4048},

year  = {2010},

date = {2010-01-01},

urldate = {2010-01-01},

journal = {Computer and Security},

volume = {29},

pages = {501-514},

publisher = {elsevier},

abstract = {Network and device heterogeneity, nomadic mobility, intermittent connectivity and, more generally, extremely dynamic operating conditions, are major challenges in the design of security infrastructures for pervasive computing. Yet, in a ubiquitous computing environment, limitations of traditional solutions for authentication and authorization can be overcome with a pervasive public key infrastructure (pervasive-PKI). This choice allows the validation of credentials of users roaming between heterogeneous networks, even when global connectivity is lost and some services are temporarily unreachable. Proof-of-concept implementations and testbed validation results demonstrate that strong security can be achieved for users and applications through the combination of traditional PKI services with a number of enhancements like: (i) dynamic and collaborative trust model, (ii) use of attribute certificates for privilege management, and (iii) modular architecture enabling nomadic mobility and enhanced with reconfiguration capabilities.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}