Your search keyword '"DATA encryption"' showing total 2,502 results

1. Introduction.

Author

Tuyls, Pim, Skoric, Boris, and Kevenaar, Tom

Abstract

Over the past decades a large range of security primitives has been developed to protect digital information. These primitives have solved many traditional security problems and achieved a high level of sophistication. Their security properties are well understood. An intrinsic property, vital for secure operation, is that they are extremely sensitive to small variations in their input. [ABSTRACT FROM AUTHOR]

Published

2008

2. Experimental Hardware for Coating PUFs and Optical PUFs.

Author

Tuyls, Pim, Kevenaar, Tom, Skoric, Boris, Schrijen, Geert-Jan, Ophey, Wil, Wolters, Rob, Verhaegh, Nynke, and van Geloven, Jan

Abstract

In this chapter we discuss the hardware that was used to perform experiments on physical unclonable functions (PUFs).We describe the measurement setups and experimental samples in the case of coating PUFs and optical PUFs. These are two vastly different systems-the former based on integrated circuit (IC) technology and the latter on laser optics. [ABSTRACT FROM AUTHOR]

Published

2008

3. Controlled Physical Random Functions.

Author

Tuyls, Pim, Skoric, Boris, Kevenaar, Tom, Gassend, Blaise, van Dijk, Marten, Clarke, Dwaine, and Devadas, Srinivas

Abstract

The cryptographic protocols that we use in everyday life rely on the secure storage of keys in consumer devices. Protecting these keys from invasive attackers, who open a device to steal its key, is a challenging problem. We propose controlled physical random functions1 (CPUFs) as an alternative to digital key storage, and we describe the core protocols that are needed to use CPUFs. [ABSTRACT FROM AUTHOR]

Published

2008

4. Anti-Counterfeiting.

Author

Skoric, Boris, Kevenaar, Tom, Tuyls, Pim, Guajardo, Jorge, Batina, Lejla, and Kerins, Tim

Abstract

Counterfeiting of goods is becoming a very huge problem for our society. It not only has a global economic impact, but it also poses a serious threat to our global safety and health. Currently, global economic damage across all industries due to the counterfeiting of goods is estimated at over $600 billion annually [2]. In the United States, seizure of counterfeit goods has tripled in the last 5 years, and in Europe, over 100 million pirated and counterfeit goods were seized in 2004. Fake products cost businesses in the United Kingdom approximately $17 billion [2]. In India, 15% of fast-moving consumer goods and 38% of auto parts are counterfeit. Other industries in which many goods are being counterfeit are the toy industry, content and software, cosmetics, publishing, food and beverages, tobacco, apparel, sports goods, cards, and so forth. [ABSTRACT FROM AUTHOR]

Published

2008

5. Secure Key Storage with PUFs.

Author

Kevenaar, Tom, Skoric, Boris, Schrijen, Geert-Jan, Tuyls, Pim, Ignatenko, Tanya, and Willems, Frans

Abstract

Nowadays, people carry around devices (cell phones, PDAs, bank passes, etc.) that have a high value. That value is often contained in the data stored in it or lies in the services the device can grant access to (by using secret identification information stored in it). These devices often operate in hostile environments and their protection level is not adequate to deal with that situation. Bank passes and credit cards contain a magnetic stripe where identification information is stored. In the case of bank passes, a PIN is additionally required to withdraw money from an ATM (Automated Teller Machine). At various occasions, it has been shown that by placing a small coil in the reader, the magnetic information stored in the stripe can easily be copied and used to produce a cloned card. Together with eavesdropping the PIN (by listening to the keypad or recording it with a camera), an attacker can easily impersonate the legitimate owner of the bank pass by using the cloned card in combination with the eavesdropped PIN. [ABSTRACT FROM AUTHOR]

Published

2008

6. On the Amount of Entropy in PUFs.

Author

Kevenaar, Tom, Tuyls, Pim, and Skoric, Boris

Abstract

The aim of this chapter is to provide an information-theoretic framework for the analysis of physical unclonable function (PUF) security. We set up this framework and then apply it to optical PUFs and coating PUFs. From the description of PUFs in Chapter 1 some obvious questions arise in the context of the security primitives discussed in Part I. [ABSTRACT FROM AUTHOR]

Published

2008

7. Entropy Estimation for Optical PUFs Based on Context-Tree Weighting Methods.

Author

Kevenaar, Tom, Tuyls, Pim, Skoric, Boris, Ignatenko, Tanya, Willems, Frans, and Schrijen, Geert-Jan

Abstract

In this chapter we discuss estimation of the secrecy rate of fuzzy sources- more specifically of optical physical unclonable functions (PUFs)-using context-tree weighting (CTW) methods [291]. We show that the entropy of a stationary 2-D source is a limit of a series of conditional entropies [6] and extend this result to the conditional entropy of one 2-D source given another one. Furthermore, we show that the general CTW-method approaches the source entropy also in the 2-D stationary case. Moreover, we generalize Maurer's result [196] to the ergodic case, thus showing that we get realistic estimates of the achievable secrecy rate. Finally, we use these results to estimate the secrecy rate of speckle patterns from optical PUFs. [ABSTRACT FROM AUTHOR]

Published

2008

8. Protection of Biometric Information.

Author

Tuyls, Pim, Skoric, Boris, and Kevenaar, Tom

Abstract

The field of biometrics is concerned with recognizing individuals by means of unique physiological or behavioral characteristics. In practical systems, several biometric modalities are used, such as fingerprint, face, iris, hand geometry, and so forth. Recently, biometric systems are becoming increasingly popular because they potentially offer more secure solutions than other identification means such as PIN codes and security badges because a biometric is tightly linked to an individual. For the same reason, biometrics can prevent the use of several identities by a single individual. Finally, biometrics are also more convenient because, unlike passwords and PIN codes, they cannot be forgotten and are always at hand. In this chapter we describe how biometrics can be combined with cryptographic techniques described in Part I of this book in order to, for example, derive cryptographic keys from biometric measurements or to protect the privacy of information stored in biometric systems. [ABSTRACT FROM AUTHOR]

Published

2008

9. Privacy Enhancements for Inexact Biometric Templates.

Author

Tuyls, Pim, Skoric, Boris, Kevenaar, Tom, Ratha, Nalini, Chikkerur, Sharat, Connell, Jonathan, and Bolle, Ruud

Abstract

Traditional authentication schemes utilize tokens or depend on some secret knowledge possessed by the user for verifying his or her identity. Although these techniques are widely used, they have several limitations. Both tokenand knowledge-based approaches cannot differentiate between an authorized user and an impersonator having access to the tokens or passwords. Biometrics-based authentication schemes overcome these limitations while offering usability advantages in the area of password management. However, despite its obvious advantages, the use of biometrics raises several security and privacy concerns. [ABSTRACT FROM AUTHOR]

Published

2008

10. Computationally Secure Authentication with Noisy Data.

Author

Skoric, Boris, Kevenaar, Tom, Schoenmakers, Berry, and Tuyls, Pim

Abstract

In this chapter we discuss authentication techniques involving data such as biometrics, which are assumed to be typical (essentially unique) for a particular person (or physical object). The data are captured by a sensor or measuring device, which is an imperfect process introducing some noise. Upon enrollment of a user, a sample of the noisy data is captured and stored as a template. Later, during authentication, another sample of the noisy data is captured and matched against the stored template. [ABSTRACT FROM AUTHOR]

Published

2008

11. Fuzzy Identities and Attribute-Based Encryption.

Author

Tuyls, Pim, Skoric, Boris, Kevenaar, Tom, Sahai, Amit, and Waters, Brent

Abstract

We introduce a new type of Identity-Based Encryption (IBE) scheme that we call Fuzzy Identity-Based Encryption. In fuzzy IBE, we view an identity as a set of descriptive attributes. A fuzzy IBE scheme allows for a private key for an identity,ωù, to decrypt a ciphertext encrypted with an identity, ùω´, if and only if the identities ùω and ùω´are close to each other as measured by the "set overlap" distance metric. A fuzzy IBE scheme can be applied to enable encryption using biometric inputs as identities; the error-tolerance property of a fuzzy IBE scheme is precisely what allows for the use of biometric identities, which inherently will have some noise each time they are sampled. Additionally, we show that fuzzy IBE can be used for a type of application that we term "attribute-based encryption." [ABSTRACT FROM AUTHOR]

Published

2008

12. Unconditionally Secure Multiparty Computation from Noisy Resources.

Author

Tuyls, Pim, Skoric, Boris, Kevenaar, Tom, Wolf, Stefan, and Wullschleger, Jürg

Abstract

In this chapter, we will only look at the special case of secure function evaluation; that is, every party holds an input to a function, and the output should be computed in a way such that no party has to reveal unnecessary information about her input. [ABSTRACT FROM AUTHOR]

Published

2008

13. Robust and Reusable Fuzzy Extractors.

Author

Tuyls, Pim, Skoric, Boris, Kevenaar, Tom, and Boyen, Xavier

Abstract

The use of biometric features as key material in security protocols has often been suggested to relieve their owner from the need to remember long cryptographic secrets. The appeal of biometric data as cryptographic secrets stems from their high apparent entropy, their availability to their owner, and their relative immunity to loss. In particular, they constitute a very effective basis for user authentication, especially when combined with complementary credentials such as a short memorized password or a physical token. However, the use of biometrics in cryptography does not come without problems. Some difficulties are technical, such as the lack of uniformity and the imperfect reproducibility of biometrics, but some challenges are more fundamental. [ABSTRACT FROM AUTHOR]

Published

2008

14. Fuzzy Extractors.

Author

Tuyls, Pim, Skoric, Boris, Kevenaar, Tom, Dodis, Yevgeniy, Reyzin, Leonid, and Smith, Adam

Abstract

This chapter presents a general approach for handling secret biometric data in cryptographic applications. The generality manifests itself in two ways: We attempt to minimize the assumptions we make about the data and to present techniques that are broadly applicable wherever biometric inputs are used. [ABSTRACT FROM AUTHOR]

Published

2008

15. A Communication-Theoretical View on Secret Extraction.

Author

Kevenaar, Tom, Linnartz, Jean-Paul, Tuyls, Pim, and Skoric, Boris

Abstract

The recent achievements in enhanced throughput, efficiency, and reliability of wireless communication systems can largely be contributed to the availability of a versatile mathematical framework for the behavior and performance of digital transmission schemes. The key foundation was Shannon's 1948 paper [251] that introduced the notion of capacity. The term capacity is defined as the maximum achievable rate of information exchange, where the maximization is conducted over all possible choices of transmission and detection techniques. The existence of a fundamental limit has acted as an irresistible target for ambitious engineers. However, it was only until the 1990s that the signal processing capabilities allowed a true exploitation of these insights and the throughput of practical systems closely reached the capacity limits. Another important condition was met earlier: the availability of sufficiently realistic statistical models for signals, the noise, and the channel. [ABSTRACT FROM AUTHOR]

Published

2008

16. Fuzzy Commitment.

Author

Tuyls, Pim, Skoric, Boris, Kevenaar, Tom, and Juels, Ari

Abstract

The purpose of this chapter is to introduce fuzzy commitment, one of the earliest and simplest constructions geared toward cryptography over noisy data. The chapter also explores applications of fuzzy commitment to two problems in data security: (1) secure management of biometrics, with a focus on iriscodes, and (2) use of knowledge-based authentication (i.e., personal questions) for password recovery. [ABSTRACT FROM AUTHOR]

Published

2008

17. Unbreakable Keys from Random Noise.

Author

Tuyls, Pim, Skoric, Boris, Kevenaar, Tom, Maurer, Ueli, Renner, Renato, and Wolf, Stefan

Abstract

Virtually all presently used cryptosystems can theoretically be broken by an exhaustive key-search, and they might even be broken in practice due to novel algorithms or progress in computer engineering. In contrast, by exploiting the fact that certain communication channels are inherently noisy, one can achieve encryption provably secure against adversaries with unbounded computing power, in arguably practical settings. This chapter discusses secret key-agreement by public discussion from correlated information in a new definitional framework for information-theoretic reductions. [ABSTRACT FROM AUTHOR]

Published

2008

18. ICRep: An Incentive Compatible Reputation Mechanism for P2P Systems.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Junsheng Chang, and Huaimin Wang

Abstract

In peer-to-peer (P2P) systems, peers often must interact with unknown or unfamiliar peers without the benefit of trusted third parties or authorities to mediate the interactions. Trust management through reputation mechanism to facilitate such interactions is recognized as an important element of P2P systems. It is, however, faced by the problems of how to stimulate reputation information sharing and honest recommendation elicitation. This paper presents ICRep ( an incentive compatible reputation mechanism for P2P systems. ICRep has two unique features: (i) a recommender's credibility and level of confidence about the recommendation is considered in order to achieve a more accurate calculation of reputations and fair evaluation of recommendations. (ii) Incentive for participation and honest recommendation is implemented through a fair differential service mechanism. It relies on peer's level of participation and on the recommendation credibility. Theoretic analysis and simulation show that ICRep can help peers effectively detect dishonest recommendations in a variety of scenarios where more complex malicious strategies are introduced. Moreover, it can also stimulate peers to send sufficiently honest recommendations. [ABSTRACT FROM AUTHOR]

Published

2008

19. Provably Secure Countermeasure Resistant to Several Types of Power Attack for ECC.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, JaeCheol Ha, and JeaHoon Park

Abstract

Recently, it has been shown that some cryptographic devices, such as smart card, RFID and USB token, are vulnerable to the power attacks if they have no defence against them. With the introduction of new types of power analysis attack on elliptic curve cryptosystem (ECC) which is implemented in these secure devices, most existing countermeasures against differential power analysis (DPA) are now vulnerable to new power attacks, such as a doubling attack (DA), refined power analysis attack (RPA), and zero-value point attack (ZPA). Mamiya et al. recently proposed a countermeasure (so-called BRIP) against the DPA, RPA, ZPA, and simple power analysis (SPA) by introducing a random initial value. Yet, the BRIP was also shown to be vulnerable to the address-bit DPA by Itoh et al. and the 2-torsion attack by Yen et al.. Accordingly, this paper proposes a secure countermeasure based on a message-blinding technique. A security analysis demonstrates that the proposed countermeasure is secure against most existing power attacks with just a few additional registers. [ABSTRACT FROM AUTHOR]

Published

2008

20. Optimizing Quality Levels and Development Costs for Developing an Integrated Information Security System.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Myeonggil Choi, and Sangmun Shin

Abstract

Increased Internet threats make many kinds of information security systems performing various functions, which can often be combined into functions of an integrated information security system. To load various functions to an integration information system, much development resources should be invested to a development life cycles. The constraints of development resources force developers not to achieve a balanced quality of the system. To attain the specified quality of the system within the given development resources, the relative weights among quality factors of the system on a development life cycle should be measured and a balance between the levels of quality and development costs should be optimized, simultaneously. This paper suggests the relative weights of the quality factors influencing operations of the system, and shows an optimal solution for the quality levels and development costs using desirability function (DF). For optimization, this paper employs AHP as multiple criteria decision making (MCDM) technique and DF. [ABSTRACT FROM AUTHOR]

Published

2008

21. Risk & Distortion Based K-Anonymity.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Shenkun Xu, and Xiaojun Ye

Abstract

Current optimizations for K-Anonymity pursue reduction of data distortion unilaterally, and rarely evaluate disclosure risk during process of anonymization. We propose an optimal K-Anonymity algorithm in which the balance of risk & distortion $\left(RD\right)$ can be equilibrated at each anonymity stage: we first construct a generalization space $\left(GS\right)$, then, we use the probability and entropy metric to measure RD for each node in GS, and finally we introduce releaser's RD preference to decide an optimal anonymity path. Our algorithm adequately considers the dual-impact on RD and obtains an optimal anonymity with satisfaction of releaser. The efficiency of our algorithm will be evaluated by extensive experiments. [ABSTRACT FROM AUTHOR]

Published

2008

22. Dynamic Access Control Research for Inter-operation in Multi-domain Environment Based on Risk.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Zhuo Tang, and Ruixuan Li

Abstract

For the complexity of the multi-domain environment and the ceaseless evolvement of the information secure sharing, the traditional access control method can not ensure the absolute security for the exchange of data resources. Through introducing the concept of risk, this paper proposes a dynamic access control model for multi-domain environment based on risk of inter-operations. The risk rank of an access policy can be calculated by the history of the inter-operations among domains, the security degree of the objects and the safety factor of the access events. Through adjusting the access policies which be considered the high risk, the risk in the system can be controlled in real time. The security analysis shows that this method can reinforce the facility of the access control and the security of the multi-domain environment. [ABSTRACT FROM AUTHOR]

Published

2008

23. Differential Power Analysis of HMAC Based on SHA-2, and Countermeasures.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, McEvoy, Robert, and Tunstall, Michael

Abstract

The HMAC algorithm is widely used to provide authentication and message integrity to digital communications. However, if the HMAC algorithm is implemented in embedded hardware, it is vulnerable to side-channel attacks. In this paper, we describe a DPA attack strategy for the HMAC algorithm, based on the SHA-2 hash function family. Using an implementation on a commercial FPGA board, we show that such attacks are practical in reality. In addition, we present a masked implementation of the algorithm, which is designed to counteract first-order DPA attacks. [ABSTRACT FROM AUTHOR]

Published

2008

24. Longer Randomly Blinded RSA Keys May Be Weaker Than Shorter Ones.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, and Walter, Colin D.

Abstract

Side channel leakage from smart cards has been of concern since their inception and counter-measures are routinely employed. So a number of standard and reasonable assumptions are made here regarding an implementation of RSA in a cryptographic token which may be subjected to non-invasive side-channel cryptanalysis. These include blinding the re-usable secret key, input whitening, and using an exponentiation algorithm whose operation sequence partially obscures the key. The working hypothesis is that there is limited side channel leakage which only distinguishes very imprecisely between squarings and multiplications. For this typical situation, a method is described for recovering the private exponent, and, realistically, it does not require an excessive number of traces. It just requires the modulus to be public and the public exponent not to be too large. The attack is computationally feasible unless parameters are appropriately adjusted. It reveals that longer keys are much more vulnerable than shorter ones unless blinding is proportional to key length. A further key conclusion is that designers must assume that the information theoretic level of leakage from smart cards can be transformed into usable key information by adversaries whatever counter-measures are put in place. [ABSTRACT FROM AUTHOR]

Published

2008

25. A Compositional Multiple Policies Operating System Security Model.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Lei Xia, and Wei Huang

Abstract

Multilevel security policies aim at only confidentiality assurance, with less consideration on integrity assurance and weakness in expressing channel control policies. Besides, the trusted subjects it introduces to handle the information flow "downgrade" have many security flaws. Moreover, increasing diversity of the computing environments results in various security requirements. However, current mainstream security models are aiming at only one or few requirements of them each. The Multi-Policy Views Security Model is presented, which is based on the MLS model, combining the domain and role attributes to the model, to enforce the expression power in channel control policies, make permission management more fine-grained and enhance the ability of confining the permission of the trusted subjects. Moreover, MPVSM has integrated the properties and functions of MLS, Domain-Type and Role Based models into one unified model. It is able to enforce multi-policy views in operating system in a flexible way. [ABSTRACT FROM AUTHOR]

Published

2008

26. Authorization Constraints Specification of RBAC.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Lilong Han, and Qingtan Liu

Abstract

Constraints are an important aspect of role-based access control (RBAC) and are often regarded as one of the principle motivations behind RBAC. Although the importance of the constraints in RBAC has been recognized for a long time, they have not received much attention. In this article, we introduce an intuitive formal language for specifying role-based authorization constraints named RCL2000 including its basic elements, syntax and semantics. We show how previously identified role-based authorization constraints such as separation of duty (SOD) can be expressed in this language, and that there are other significant SOD properties that have not been previously identified in the literature. Our work indicates that there are many alternate formulations of even the simplest SOD properties, with varying degree of flexibility and assurance. So this language provides us a rigorous foundation for systematic study of role-based authorization constraints. [ABSTRACT FROM AUTHOR]

Published

2008

27. On the Security of a Popular Web Submission and Review Software (WSaR) for Cryptology Conferences.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Swee-Won Lo, and Phan, Raphael C. -W.

Abstract

Most, if not all, conferences use an online system to handle paper submissions and reviews. Introduction of these systems has significantly facilitated the administration, submission and review process compared to traditional paper-based ones. However, it is crucial that these systems have strong resistance against Web attacks as they involve confidential data and privacy. Some submissions could be leading edge breakthroughs that authors do not wish to leak out and be subtly plagiarized. Also, security of the employed system will attract more submissions to conferences that use it and gives confidence of the quality that the conferences uphold. In this paper, we analyze the security of the Web-Submission-and-Review (WSaR) software - latest version 0.53 beta at the time of writing; developed by Shai Halevi from IBM Research. WSaR is currently in use by top cryptology and security-related conferences including Eurocrypt 2007 & 2008, Crypto 2007, and Asiacrypt 2007, annually sponsored by the International Association for Cryptologic Research (IACR). We present detailed analysis on WSaR's security features. In particular, we first discuss the desirable security features that are designed into WSaR and what attacks these features defend against. Then, we discuss how some untreated security issues may lead to problems, and we show how to enhance WSaR security features to take these issues into consideration. Our results are the first known careful analysis of WSaR, or any type of online submission system for that matter. [ABSTRACT FROM AUTHOR]

Published

2008

28. A Generic Method for Secure SBox Implementation.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Prouff, Emmanuel, and Rivain, Matthieu

Abstract

Cryptographic algorithms embedded in low resource devices are vulnerable to side channel attacks. Since their introduction in 1996, the effectiveness of these attacks has been highly improved and many countermeasures have been invalidated. It was especially true for countermeasures whose security was based on heuristics and experiments. Consequently, there is not only a need for designing new and various countermeasures, but it is also necessary to prove the security of the new proposals in formal models. In this paper we provide a simple method for securing the software implementation of functions called SBoxes that are widely used in symmetric cryptosystems. The main advantage of the proposed solution is that it does not require any RAM allocation. We analyze its efficiency and we compare it with other well-known countermeasures. Moreover, we use a recently introduced proof-of-security framework to demonstrate the resistance of our countermeasure from the viewpoint of Differential Power Analysis. Finally, we apply our method to protect the AES implementation and we show that the performances are suitable for practical implementations. [ABSTRACT FROM AUTHOR]

Published

2008

29. Detecting Motifs in System Call Sequences.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Wilson, William O., and Feyereisl, Jan

Abstract

The search for patterns or motifs in data represents an area of key interest to many researchers. In this paper we present the Motif Tracking Algorithm, a novel immune inspired pattern identification tool that is able to identify unknown motifs which repeat within time series data. The power of the algorithm is derived from its use of a small number of parameters with minimal assumptions. The algorithm searches from a completely neutral perspective that is independent of the data being analysed and the underlying motifs. In this paper the motif tracking algorithm is applied to the search for patterns within sequences of low level system calls between the Linux kernel and the operating system's user space. The MTA is able to compress data found in large system call data sets to a limited number of motifs which summarise that data. The motifs provide a resource from which a profile of executed processes can be built. The potential for these profiles and new implications for security research are highlighted. A higher level system call language for measuring similarity between patterns of such calls is also suggested. [ABSTRACT FROM AUTHOR]

Published

2008

30. Security Analysis of MISTY1.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Tanaka, Hidema, and Hatano, Yasuo

Abstract

We analyze 64-bit block cipher MISTY1 from several standpoints. Our analysis consists of two algorithms based on the higher order differential property of the S-box. The first succeeds in attacking a six round MISTY1 provided 218.9 chosen plaintexts and 280.9 computational cost. The second succeeds in attacking a seven round MISTY1 with no FL functions by controlling the value of the fixed part of the plaintext and using a 2-round elimination method provided 211.9 chosen plaintexts and 2125.1 computational cost. Both algorithms exceeds the existing attack algorithms against MISTY1 and give new perspectives for the security of MISTY1. [ABSTRACT FROM AUTHOR]

Published

2008

31. Efficient Implementation of the Pairing on Mobilephones Using BREW.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Yoshitomi, Motoi, and Takagi, Tsuyoshi

Abstract

Pairing based cryptography can accomplish novel security applications such as ID-based cryptosystems, which have not been constructed efficiently without the pairing. The processing speed of the pairing based cryptography is relatively slow compared with the other conventional public key cryptography. However, several efficient algorithms for computing the pairing have been proposed, namely Duursma-Lee algorithm and its variant ηT pairing. In this paper, we present an efficient implementation of the pairing over some mobilephones, and examine the feasibility of the pairing based cryptosystems on ubiquitous devices. Indeed the processing speed of our implementation in ARM9 processors on BREW achieves under 100 milliseconds using the supersingular curve over $\mathbb F_{3^{97}}$. It has become fast enough for implementing security applications using the pairing on mobilephones. [ABSTRACT FROM AUTHOR]

Published

2008

32. Comparative Studies in Key Disagreement Correction Process on Wireless Key Agreement System.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Hashimoto, Toru, and Itoh, Takashi

Abstract

This paper describes the comparison of the error-correcting codes that is adopted by the key disagreement correction process about wireless key agreement system called ESPARSKEY that is expected to achieve information-theoretic security. This system consists of AP with a variable directional antenna, that is, an ESPAR antenna, and UT with an omni-directional antenna. We employ conditional mutual information as the evaluation index. From experimental evaluation results, we clarified that the best way is adopting BCH(31,16,7) with table-aided soft-decision decoding as the key disagreement process where one eavesdropper exists more than 40cm from UT. After adopting this error-correcting code, we should transact 200 wireless packets between the nodes to share a 128-bit unguessable key against an eavesdropper. [ABSTRACT FROM AUTHOR]

Published

2008

33. Breaking 104 Bit WEP in Less Than 60 Seconds.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Tews, Erik, and Weinmann, Ralf-Philipp

Abstract

We demonstrate an active attack on the WEP protocol that is able to recover a 104-bit WEP key using less than 40,000 frames with a success probability of 50%. In order to succeed in 95% of all cases, 85,000 packets are needed. The IV of these packets can be randomly chosen. This is an improvement in the number of required frames by more than an order of magnitude over the best known key-recovery attacks for WEP. On a IEEE 802.11g network, the number of frames required can be obtained by re-injection in less than a minute. The required computational effort is approximately 220 RC4 key setups, which on current desktop and laptop CPUs is negligible. [ABSTRACT FROM AUTHOR]

Published

2008

34. An Architecture Providing Virtualization-Based Protection Mechanisms Against Insider Attacks.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Stumpf, Frederic, and Röder, Patrick

Abstract

Insider attacks are very powerful and are relevant in many scenarios, such as grid computing, corporate computing on home computers and electronic commerce of digital content. We present an example scenario to illustrate these attacks and perform a threat analysis to extract requirements for preventing insider attacks. We believe that these requirements are also representative of other scenarios. We develop a four layered protection architecture by using virtualization techniques based on these requirements. Therefore, the proposed architecture prevents insider attacks in scenarios with similar requirements as well. [ABSTRACT FROM AUTHOR]

Published

2008

35. Windows Vault: Prevention of Virus Infection and Secret Leakage with Secure OS and Virtual Machine.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Sameshima, Yoshiki, and Saisho, Hideaki

Abstract

We present an integrated system of two Windows workstations; while the first workstation is prepared to process secret information, the second is for non-secret which may contain computer virus, and the two workstations are integrated into a PC with secure OS, virtual machine and gateways. Since the two workstations are virtually separated at the physical level, the first workstation is not infected by virus, nor is secret leaked out to the Internet, even if the second is infected by unknown virus. Comparing previous work which realizes complete data isolation for intelligence community, user of the proposed system can import data securely from the second workstation to the first through security guaranteed channel between the two workstations. The user can also read e-mail from the Internet on the first without fear of virus infection, and as a result the user does not need to be aware that she/he uses the two workstations. [ABSTRACT FROM AUTHOR]

Published

2008

36. A Compact Architecture for Montgomery Elliptic Curve Scalar Multiplication Processor.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Yong Ki Lee, and Verbauwhede, Ingrid

Abstract

We propose a compact architecture of a Montgomery elliptic curve scalar multiplier in a projective coordinate system over GF(2m). To minimize the gate area of the architecture, we use the common Z projective coordinate system where a common Z value is kept for two elliptic curve points during the calculations, which results in one register reduction. In addition, by reusing the registers we are able to reduce two more registers. Therefore, we reduce the number of registers required for elliptic curve processor from 9 to 6 (a 33%). Moreover, a unidirectional circular shift register file reduces the complexity of the register file, resulting in a further 17% reduction of total gate area in our design. As a result, the total gate area is 13.2k gates with 314k cycles which is the smallest compared to the previous works. [ABSTRACT FROM AUTHOR]

Published

2008

37. Iteration Bound Analysis and Throughput Optimum Architecture of SHA-256 (384,512) for Hardware Implementations.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Yong Ki Lee, and Herwin Chan

Abstract

The hash algorithm forms the basis of many popular cryptographic protocols and it is therefore important to find throughput optimal implementations. Though there have been numerous published papers proposing high throughput architectures, none of them have claimed to be optimal. In this paper, we perform iteration bound analysis on the SHA2 family of hash algorithms. Using this technique, we are able to both calculate the theoretical maximum throughput and determine the architecture that achieves this throughput. In addition to providing the throughput optimal architecture for SHA2, the techniques presented can also be used to analyze and design optimal architectures for some other iterative hash algorithms. [ABSTRACT FROM AUTHOR]

Published

2008

38. Implementation of LSM-Based RBAC Module for Embedded System.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Jae-Deok Lim, and Sung-Kyong Un

Abstract

Security requirements of the embedded system which were not considered when the embedded system is independently deployed are being increased because the embedded system is connected to an internet. Accordingly, the coverage of the system security is being expanded from the general server to the embedded system. And it is not enough that the embedded system supports only its inherent functions and it becomes the essential element to provide the security function to the embedded system. This paper implements the Role Based Access Control(RBAC) module which is designed using the Linux Security Module(LSM) for the embedded system. RBAC allows security management to be administrated easily and LSM is a lightweight, general purpose, access control framework for mainstream Linux kernel that enables many different access control models. The combination of RABC and LSM properties is very suitable for one of security solutions of embedded system because of the simplicity and flexibility of RBAC and a lightweight loadable mechanism of LSM. And we show the performance of our implementation that has very small overhead for the intended processing and is acceptable. [ABSTRACT FROM AUTHOR]

Published

2008

39. Geometrically Invariant Image Watermarking in the DWT Domain.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Shijun Xiang, and Hyoung-Joong Kim

Abstract

Watermark resistance to both geometric attacks and lossy compressions is a fundamental issue in the image watermarking community. In this paper, we propose a DWT (Discrete Wavelet Transform) based watermarking scheme for such a challenging problem. Watermark resistance to geometric deformations is achieved by using the invariance of the histogram shape. In both theoretical analysis and experimental way, we show that the invariance can be extended to the DWT domain thanks to the time-frequency localization property of DWT. Consequently, we achieve the goal to embed a geometrically invariant watermark into the low-frequency sub-band of DWT in such a way that the watermark is not only invariant to various geometric transforms, but also robust to common image processing operations. Extensive simulation results demonstrate the superiority of the proposed watermark strategy due to the use of the histogram shape invariance combined with the DWT technique. [ABSTRACT FROM AUTHOR]

Published

2008

40. Information Hiding in Software with Mixed Boolean-Arithmetic Transforms.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Yongxin Zhou, and Main, Alec

Abstract

As increasingly powerful software analysis and attack tools arise, we need increasingly potent software protections. We generate an unlimited supply of obscuring transforms via mixed-mode computation over Boolean-arithmetic (mba) algebras corresponding to real-world functions and data. Such transforms resist reverse engineering with existing advanced tools and create np-hard problems for the attacker. We discuss broad uses and concrete applications to aacs key hiding and software watermarking. [ABSTRACT FROM AUTHOR]

Published

2008

41. Implementation of BioAPI Conformance Test Suite Using BSP Testing Model.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Jihyeon Jang, and Elliott, Stephen J.

Abstract

The purpose of this paper is to design a Conformance Test Suite(CTS) for BSPs(Biometric Service Provider) based upon the BioAPI (Biometric Application Programming Interface) v2.0, an international standard by ISO/IEC JTC1/SC37. The proposed BioAPI CTS enables users to test BSPs without depending on various frameworks. In this paper, a test scheduling tool has been embodied in order to use Test Assertion with XML. In order to demonstrate the performance of the CTS, the experiment was performed using both commercial fingerprint verification and identification BSPs. The developed CTS will be installed at Korean National Biometrics Test Center and used to test whether commercial biometrics products are compliant to BioAPI. [ABSTRACT FROM AUTHOR]

Published

2008

42. Secret Signatures: How to Achieve Business Privacy Efficiently?

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Byoungcheon Lee, and Choo, Kim-Kwang Raymond

Abstract

Digital signatures provide authentication and non-repudiation in a public way in the sense that anyone can verify the validity of a digital signature using the corresponding public key. In this paper, we consider the issues of (1) signature privacy and (2) the corresponding public provability of signature. We propose a new digital signature variant, secret signature, which provides authentication and non-repudiation to the designated receiver only. If required, the correctness of the secret signature can be proven to the public either by the signer or the receiver. We conclude with a discussion to demonstrate the usefulness of the proposed cryptographic primitive (e.g., achieving signature privacy in an efficient manner). [ABSTRACT FROM AUTHOR]

Published

2008

43. Convertible Undeniable Proxy Signatures: Security Models and Efficient Construction.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Wei Wu, and Yi Mu

Abstract

In the undeniable signatures, the validity or invalidity can only be verified via the Confirmation/Disavowal protocol with the help of the signer. Convertible undeniable signatures provide the flexibility that a signer can convert an undeniable signature into publicly verifiable one. A proxy signature scheme allows an entity to delegate his/her signing capability to another entity in such a way that the latter can sign messages on behalf of the former when the former is not available. Proxy signatures have found numerous practical applications in ubiquitous computing, distributed systems, mobile agent applications, etc. In this paper, we propose the first convertible undeniable proxy signature scheme with rigorously proven security. The properties of Unforgeability, Invisibility and Soundness in the context of convertible undeniable proxy signatures are also clearly defined. The security of our construction is formally proven in the random oracle models, based on some natural complexity assumptions. [ABSTRACT FROM AUTHOR]

Published

2008

44. Universal ηT Pairing Algorithm over Arbitrary Extension Degree.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Shirase, Masaaki, and Kawahara, Yuto

Abstract

The ηT pairing on supersingular is one of the most efficient algorithms for computing the bilinear pairing [3]. The ηT pairing defined over finite field ${\mathbb F}_{3^n}$ has embedding degree 6, so that it is particularly efficient for higher security with large extension degree n. Note that the explicit algorithm over ${\mathbb F}_{3^n}$ in [3] is designed just for $n \equiv 1\ (\bmod \ 12)$, and it is relatively complicated to construct an explicit algorithm for $n \not \equiv 1\ (\bmod \ 12)$. It is better that we can select many n's to implement the ηT pairing, since n corresponds to security level of the ηT pairing. In this paper we construct an explicit algorithm for computing the ηT pairing with arbitrary extension degree n. However, the algorithm should contain many branch conditions depending on n and the curve parameters, that is undesirable for implementers of the ηT pairing. This paper then proposes the universal ηT pairing ($\widetilde{\eta_T}$ pairing), which satisfies the bilinearity of pairing (compatible with Tate pairing) without any branches in the program, and is as efficient as the original one. Therefore the proposed universal ηT pairing is suitable for the implementation of various extension degrees n with higher security. [ABSTRACT FROM AUTHOR]

Published

2008

45. Collecting Autonomous Spreading Malware Using High-Interaction Honeypots.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sihan Qing, Hideki Imai, Guilin Wang, Jianwei Zhuge, and Holz, Thorsten

Abstract

Autonomous spreading malware in the form of worms or bots has become a severe threat in today's Internet. Collecting the sample as early as possible is a necessary precondition for the further treatment of the spreading malware, e.g., to develop antivirus signatures. In this paper, we present an integrated toolkit called HoneyBow, which is able to collect autonomous spreading malware in an automated manner using high-interaction honeypots. Compared to low-interaction honeypots, HoneyBow has several advantages due to a wider range of captured samples and the capability of collecting malware which propagates by exploiting new vulnerabilities. We validate the properties of HoneyBow with experimental data collected during a period of about nine months, in which we collected thousands of malware binaries. Furthermore, we demonstrate the capability of collecting new malware via a case study of a certain bot. [ABSTRACT FROM AUTHOR]

Published

2008

46. Drive-By Pharming.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Qing, Sihan, Imai, Hideki, Wang, Guilin, Stamm, Sid, and Ramzan, Zulfikar

Abstract

This paper describes an attack concept termed Drive-by Pharming where an attacker sets up a web page that, when simply viewed by the victim (on a JavaScript-enabled browser), attempts to change the DNS server settings on the victim's home broadband router. As a result, future DNS queries are resolved by a DNS server of the attacker's choice. The attacker can direct the victim's Internet traffic and point the victim to the attacker's own web sites regardless of what domain the victim thinks he is actually going to, potentially leading to the compromise of the victim's credentials. The same attack methodology can be used to make other changes to the router, like replacing its firmware. Routers could then host malicious web pages or engage in click fraud. Since the attack is mounted through viewing a web page, it does not require the attacker to have any physical proximity to the victim nor does it require the explicit download of traditional malicious software. The attack works under the reasonable assumption that the victim has not changed the default management password on their broadband router. [ABSTRACT FROM AUTHOR]

Published

2008

47. Detection and Diagnosis of Control Interception.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sihan Qing, Hideki Imai, Guilin Wang, Chang-Hsien Tsai, and Shih-Kun Huang

Abstract

Crash implies that a software is unstable and possibly vulnerable. Stack overflow is one of many causes of crashes. This kind of bug is often hard to debug because of the corrupted stack, so that debuggers cannot trace the control flow of the programs. A control-type crash caused by stack overflow is easy to be developed as a control interception attack. We develop a method to locate this attack and implement it as a plug-in of Valgrind [1]. This tool can be used in the honeypot to detect and diagnose zero-day exploits. We use it to detect several vulnerabilities and automatically locate the bugs. [ABSTRACT FROM AUTHOR]

Published

2008

48. Firewall for Dynamic IP Address in Mobile IPv6.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sihan Qing, Hideki Imai, Guilin Wang, Ying Qiu, and Feng Bao

Abstract

Mobile communication is becoming the mainstream with the rapid growth of mobile devices penetrating our daily life. More and more mobile devices such as mobile phones, personal digital assistants, notebooks etc, are capable of Internet access. Mobile devices frequently change their communication IP addresses in mobile IPv6 network following its current attached domain. This raises a big challenge for building firewall for mobile devices. The conventional firewalls are primarily based on IPv4 networks where the security criteria are specified only to the fixed IP addresses or subnets, which apparently do not apply to mobile IPv6. In this paper we propose three solutions for mobile IPv6 firewall. Our approaches make the firewall adaptive to dynamic IP addresses in mobile IPv6 network. They have different expense and weight corresponding to different degree of universality. The paper focuses the study more from practical aspect. [ABSTRACT FROM AUTHOR]

Published

2008

49. DDoS Attack Detection Algorithms Based on Entropy Computing.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sihan Qing, Hideki Imai, Guilin Wang, Liying Li, and Jianying Zhou

Abstract

Distributed Denial of Service (DDoS) attack poses a severe threat to the Internet. It is difficult to find the exact signature of attacking. Moreover, it is hard to distinguish the difference of an unusual high volume of traffic which is caused by the attack or occurs when a huge number of users occasionally access the target machine at the same time. The entropy detection method is an effective method to detect the DDoS attack. It is mainly used to calculate the distribution randomness of some attributes in the network packets' headers. In this paper, we focus on the detection technology of DDoS attack. We improve the previous entropy detection algorithm, and propose two enhanced detection methods based on cumulative entropy and time, respectively. Experiment results show that these methods could lead to more accurate and effective DDoS detection. [ABSTRACT FROM AUTHOR]

Published

2008

50. BIOS Security Analysis and a Kind of Trusted BIOS.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sihan Qing, Hideki Imai, Guilin Wang, ZhenLiu Zhou, and RongSheng Xu

Abstract

The BIOS's security threats to computer system are analyzed and security requirements for firmware BIOS are summarized in this paper. Through discussion about TCG's trust transitivity, a new approach about CRTM implementation based on BIOS is developed. In this paper, we also put forward a new trusted BIOS architecture-UTBIOS which is built on Intel Framework for EFI/UEFI. The trustworthiness of UTBIOS is based on trusted hardware TPM. In UTBIOS, trust encapsulation and trust measurement are used to construct pre-OS trust chain. Performance of trust measurement is also analyzed in the end. [ABSTRACT FROM AUTHOR]

Published

2008