Information Security Practice and Experience

Name: Information Security Practice and Experience | 8th International Conference, ISPEC 2012, Hangzhou, China, April 9-12, 2012, Proceedings
Brand: Springer
Price: 53.49 EUR
Availability: OnlineOnly

8th International Conference, ISPEC 2012, Hangzhou, China, April 9-12, 2012, Proceedings

Mark D. Ryan Ben Smyth Guilin Wang(Herausgeber*in)

Springer (Verlag)

Erschienen am 2. April 2012

XIII, 406 Seiten

E-Book

PDF mit Wasserzeichen-DRM

Systemvoraussetzungen

978-3-642-29101-2 (ISBN)

53,49 €inkl. 7% MwSt.

Systemvoraussetzungen

für PDF mit Wasserzeichen-DRM

E-Book Einzellizenz

Als Download verfügbar

Beschreibung

Weitere Details

Weitere Ausgaben

Inhalt

Title Page
Preface
ISPEC 2012
Table of Contents
Digital Signatures
A Pre-computable Signature Scheme with Efficient Verification for RFID
Introduction
Preliminaries and Definitions
Definition of Our Signature
Bilinear Groups
Complexity Assumptions
Our Signature Scheme
Construction
Correctness
Security
Application to RFID
Hardware Requirement
Comparisons
Signature Verification of Partially Known Messages
Conclusion
References
Redactable Signatures for Independent Removal of Structure and Content
Introduction
Attacking the Kundu-Scheme
Preliminaries, Notations and Security Properties
Security Properties
Aggregate Signatures and Bilinear Pairings
RSS Construction Using Aggregate Signatures
High-Level Description of Our Construction
Instantiation Using the BGLS-Scheme
Modifications
Performance Measurements
Conclusion and Open Questions
References
Public Key Cryptography
Improved Efficiency of Chosen Ciphertext Secure Encryption from Factoring
Introduction
Motivation
Our Contribution
Outline
Definitions
Key Encapsulation Mechanism
Target Collision Resistant Hash Function
New Variant of HK09
Security Proof
Efficiency
The case of QRN group.
The case of semi-smooth subgroup group.
Conclusion
References
Deniable Encryptions Secure against Adaptive Chosen Ciphertext Attack
Introduction
Other Related Work
Our Contribution
Organization
Preliminaries
Notations
Deniable Encryption
Building Blocks
A Deniable Encryption Scheme Secure under Chosen Ciphertext Attacks
Construction
Security Proof
Conclusion
References
Computational Soundness of Indistinguishability Properties without Computable Parsing
Introduction
The Symbolic Model
Terms
Predicates, Conditions, Frames and Static Equivalence
Processes
Computational Interpretation
Computational Interpretation of Terms and Predicate Symbols
Interactive Turing Machines
Cryptographic Assumptions
The Main Result
Computation Trees
Partial Unraveling
Replacing Plaintexts
Ruling Out Coincidences
Ruling Out Predictions
Trace Mapping
Conclusion
References
Cryptanalysis I: Differential Attacks
New Impossible Differential Attacks on Camellia
Introduction
Preliminaries
Notations
Description of Camellia
Encryption Procedure.
Key Schedule.
New 7-Round Impossible Differentials of Camellia with 2 FL/FL-1 Layers
Impossible Differential.
Impossible Differential Attacks on Camellia with FL/FL-1 Layers
Impossible Differential Attack on 11-Round Camellia-128
Complexity.
Impossible Differential Attack on 11-Round and 12-Round Camellia-192
Attack on 11-round Camellia-192.
Attack on 12-round Camellia-192.
Complexity.
Impossible Differential Attack on 14-Round Camellia-256
Complexity.
Conclusion
References
Impossible Differential Attacks on Reduced-Round LBlock
Introduction
Preliminaries
Some Notations
Overview of LBlock
14-Round Impossible Differentials of LBlock
Impossible Differential Attacks on 21-Round LBlock
Some Properties of LBlock
Some Observations on the Key Schedule of LBlock
Attack Procedure
Complexity of the Attack
Conclusion
References
New Truncated Differential Cryptanalysis on 3D Block Cipher
Introduction
Description of 3D Block Cipher
Previous Works on 3D Block Cipher
Key-Recovery Attack on 11-Round 3D Block Cipher
Truncated Differential Path
How to Obtain Chosen Plaintext
How to Recover a User Key
Differential Attack with Early Aborting Technique
Conclusion of 11-Round Attack
Extended Attack on 13-Round 3D Block Cipher
Truncated Differential Path
How to Obtain Another Right Pair
How to Recover a User Key
Conclusion of 13-Round Attack
Conclusion
References
Applications I.i: Oblivious Transfer
T-out-of-n Distributed Oblivious Transfer Protocols in Non-adaptive and Adaptive Settings
Introduction
Preliminaries
Notations and Definitions
Security Model
One-Round t-out-of-n DOT Protocol
Principle of the Protocol
Description of the Protocol
Correctness and Security of the Protocol
Adaptive DOT Protocol with Limited Queries
Description of the Protocol
Correctness and Security of the Protocol
Adaptive DOT Protocol with Unlimited Queries
Description of the Protocol
Correctness and Security of the Protocol
Efficiency Consideration
References
A Code-Based 1-out-of-N Oblivious Transfer Based on McEliece Assumptions
Introduction
Preliminaries
Security Definition of Oblivious Transfer
Security Assumptions
Overview of McEliece PKC
Review of the Passively Secure 1- out-of-2 Protocol for OT by Dowsley et al.
The OT Protocol
Security of the Protocol against Active Adversary
1-out-of-N Oblivious Transfer
The 1-out-of-N OT Scheme
Security of the Scheme
Efficiency and Parameters of the Proposed Scheme
Conclusion
References
Applications I.ii: Internet Security(Works-in-Progress)
Towards Fine-Grained Access Control on Browser Extensions
Introduction
Background Overview
Basic Notions
Firefox Overview
JavaScript Extensions of Firefox
Browser Extension Security Policy Framework
Motivation
Architecture
Access Control Module
Dynamic Regulations Module
Implementation
Position to Achieve the Framework
Resource Acquiring Component
Evaluation
Compatibility with Legitimate JSEs
Effectiveness on Restricting Malicious JSEs
Performance
Related Work
Conclusion
References
Enhanced STE3D-CAP: A Novel 3D CAPTCHA Family
Introduction
Our Contributions
Related Work
CAPTCHA Security
CAPTCHA Usability
3D CAPTCHAs
Enhanced Stereoscopic 3D CAPTCHA: STE3D-CAP-e
Design and Implementation
Issues Unique to STE3D-CAP-e
New AI Problem Family
Security Analysis
Brute Force Attacks
Single Image Attacks
Usability
Pilot Study Conclusions
Conclusion
References
Key Management
High-Entropy Visual Identification for Touch Screen Devices
Introduction
Visual Cryptography
System Overview
Prior Work
Design
Threat Model
The Challenge Schema
System Game
Visual Secret Shares That Don't Leak
Incomplete Erasure Attacks
Implementation
Estimating Timing
Future Work
Conclusion
A Framework for Security Analysis of Key Derivation Functions
Introduction
Key Derivation Functions
General Security Framework
Defining the Security Models
Known Public Inputs Attack - KPM-Secure
Known Public Inputs Attack - KPS-Secure
Adaptive Chosen Context Information Attack (CCM)
Adaptive Chosen Context Information Attack (Krawczyk)
Adaptive Chosen Public Inputs Attack (CPM)
Relating These Five Security Models
Implications between Security Models
Non-implications between Security Models
Conclusion
References
Applied Cryptography
On the Equivalence of Two Definitions of Visual Cryptography Scheme
Introduction
Preliminaries
The Equivalence of Two Definitions of Basis Matrix VCS
The Equivalence of Two Definitions of Threshold Basis Matrix VCS
The Equivalence of Two Definitions of General Access Structure Basis Matrix VCS
The Equivalence of Two Definitions of General Access Structure SIVCS
The Inequivalence of Two Definitions of Non-basis Matrix VCS
Conclusions
References
Key Length Estimation of Pairing-Based Cryptosystems Using ?T Pairing
Introduction
Outline of Function Field Sieve
DLP and ?T Pairing
FFS
Known Evaluation Methods
Asymptotic Evaluation Formulas
Granger's Evaluation Formula
New Evaluation Formulas for Efficient Implementation of FFS
Well-Used Efficient Algorithms for FFS
Criteria for Sufficient Number of Relations
New Evaluation Formulas
Estimation of Key Length
Conclusions
References
Lightweight Integrity for XOR Network Coding in Wireless Sensor Networks
Introduction
Related Work
Preliminaries
Requirements
Notation
System and Network Assumptions
Threat Model [16]
Universal Hash Functions (UHFs)
MAC Based on UHFs
The Yu's Scheme
Problem Statement
Our Scheme
Discussion
Security
Efficiency
Conclusion
References
Applications II.i: PINs
iPIN and mTAN for Secure eID Applications
Introduction
Motivation
The eID Functionality of the German Identity Card
Identity Theft Attacks Concerning the eID Functionality
Approach and Outline
Background
PACE
Multiparty Computation
iPINandmTANforeIDCards
Preliminaries
Variant 1: Multiparty Decryption of Nonce
Variant 2: Secret Shared PIN
Variant 3: PACE with mTAN
Variant 4: Remote PACE and EAC
Variant 5: Combination
Analysis
Security Analysis
Feasibility
Conclusion and Future Work
References
Applications II.ii: Fundamentals (Works-in-Progress)
Secure Distributed Computation of the Square Root and Applications
Introduction
Cryptographic Primitives and Definitions
Mathematical Foundations
Newton-Raphson Method
Goldschmidt's Algorithm
Computation of the Starting Value
Description and Analysis of the Algorithms
Norm
Approximation
Goldschmidt's Algorithm
Security
Application to QR-Decomposition
Secure Computation of the QR-Decomposition
Multiplication with a Householder-Matrix
Computation of the QR-Decomposition
Experimental Results
The Setup
Computation of the Square Root
Computation of the QR-Decomposition
Conclusion and Further Work
References
Prevent Kernel Return-Oriented Programming Attacks Using Hardware Virtualization
Introduction
Return-Oriented Programming Attack
ROP Introduction
Challenges for Defense Kernel ROP Attacks
Our Solution
ROP Attack Defense Overview
Hardware Virtualization
Implementation and Evaluation
Related Work
Conclusion
References
Cryptanalysis II: Fault Attacks and Key Recovery
Structure-Based RSA Fault Attacks
Introduction
Background
Protection of Integrity and Authenticity
Related Work
Structure-Based Fault Attack
Enabling the Attack
Conducting the Attack
Infeasibility of Trivial Attacks
Proof-of-Concept Practical Attack
System Overview
File Verification
Attacking the Exponent
Attacking the Modulus
Impact on the STB
Further Attacks
3G Access Point
PGP Key Vulnerability
Conclusion
References
Fault Analysis of the KATAN Family of Block Ciphers
Introduction
A Brief Description of KATAN
An Overview of the Cube and Extended Cube Attacks
Fault Analysis of KATAN
Attack on KATAN32
Attack on KATAN48
Attack on KATAN64
Attack Complexity
Conclusion
References
Biclique Cryptanalysis of Reduced-Round Piccolo Block Cipher
Introduction
A Brief Description of Piccolo
Notations
Description of Piccolo
Biclique Cryptanalysis of Piccolo
Definition of Biclique
Pattern of Biclique Cryptanalysis of Piccolo
Key Recovery for Reduced-Round Piccolo
Key Recovery for Full Round Piccolo-80
Key Recovery for 28-Round Piccolo-128
Conclusion
References
On the CCA-1 Security of Somewhat Homomorphic Encryption over the Integers
Introduction
Preliminaries
Notations
Gentry's Framework
Overview of vDGHV SHE Scheme
Security Models
LMSV CCA-1 Attack
Our CCA-1 Attack
The Attack
Correctness
Efficiency
An Example
Implementation
Discussions
On the Difference between Our Attack and LMSV Attack
On Adapting Our Attack to SHE Schemes with Ideal Lattice
On LMSV SHE CCA-1 Approach
Conclusion
References
Cryptanalysis III: Key Recovery (Works-in-Progress
Partial Key Exposure on RSA with Private Exponents Larger Than N
Introduction
LLL and Multivariate Polynomials
Lattices
KeyRecoveryfromKnownMSBs
Preliminaries
Trivariate Approach: ß 3/2 - a
Bivariate Approach: ß & 3/2 - a
KeyRecoveryfromKnownLSBs
Practical Experiments
Results for Attack on MSBs
Results for Attack on LSBs
Conclusion
References
Linear Cryptanalysis of Reduced-Round ICEBERG
Introduction
Description of ICEBERG
Non-linear Layer ?
Linear Layer K
Linear Cryptanalysis of 6-Round ICEBERG
Linear Characteristic of 6-Round ICEBERG
6-Round Linear Characteristic
Linear Attacks against 7-Round ICEBERG
Linear Attacks under Weak Keys against 7-Round ICEBERG
Summary
References
Overcoming Significant Noise: Correlation-Template-Induction Attack
Introduction
Preliminary
Correlation Power Analysis
Template Attack
Correlation-Template-Induction Attack
Our Attack Model
Efficiency Analysis
Experimental Results
Conclusion
References
Author Index

Systemvoraussetzungen

Als PDF speichern Als Link merken