Security Protocols
15th International Workshop, Brno, Czech Republic, April 18-20, 2007. Revised Selected Papers
Published on 10. December 2010
VIII, 257 pages
978-3-642-17773-6 (ISBN)
Description
This book constitutes the thoroughly refereed post-proceedings of the 15th International Workshop on Security Protocols, held in Brno, Czech Republic, in April 2007.
The 15 revised full papers presented together with edited transcriptions of some of the discussions following the presentations have passed through multiple rounds of reviewing, revision, and selection. The topics addressed reflect the question "When is a Protocol Broken?" and how can it degrade gracefully in the face of partially broken assumptions, or how can it work under un(der)specified assumptions.
More details
Series
Language
English
Place of publication
Berlin
Germany
Publishing group
Springer Berlin
Target group
Professional and scholarly
Illustrations
VIII, 257 p. 45 illus., 16 illus. in color.
File size
3,53 MB
ISBN-13
978-3-642-17773-6 (9783642177736)
DOI
10.1007/978-3-642-17773-6
Schweitzer Classification
Other editions
Additional editions
Bruce Christianson | Bruno Crispo | James A. Malcolm
Security Protocols
15th International Workshop, Brno, Czech Republic, April 18-20, 2007. Revised Selected Papers
Book
01/2011
Springer
€53.49
Shipment within 5-7 days
Content
- Title
- Preface
- Table of Contents
- When Is a Protocol Broken? (Transcript of Discussion)
- Measurable Security through Isotropic Channels
- Introduction
- Isotropic Channels
- Security Properties of Perfectly Isotropic Channels
- Graceful Degradation of Security with Imperfect Isotropism
- Some Practical Applications for Isotropic Communication
- Conclusion
- References
- Measurable Security through Isotropic Channels (Transcript of Discussion)
- Modeling Partial Attacks with Alloy
- Introduction
- Our Contributions
- Partial Attacks
- Entropy and Relationships
- Possibility Sets
- Alloy Overview
- Triple-Mode DES
- Alloy Model of ECB|ECB|OFB Attack
- PIN Decimalisation
- Alloy Model of PIN Decimalisation Attack
- Conclusion
- References
- Modeling Partial Attacks with Alloy (Transcript of Discussion)
- Resiliency Aspects of Security Protocols
- Introduction
- Resilient Key-Exchange
- $\mathcal{F}_{PKE}$-owf
- $\mathcal{F}_{PKE}$-NSL
- $\mathcal{F}_{PKE}$-sig
- Syntactic Patterns for Resilient Protocols
- Non-malleability in Challenge-Response
- Non-malleability Using Double-Msg Encryption
- Collision-Freeness Using Double-Msg Hashing
- Unverifiability in Double-Keyed Channels
- MAC x Encode-Then-Encipher
- EtA and AtE Are RCCA
- E&A and Syntactic IND-CPA
- Multiple Encryption Is RCCA
- Resilient Authentication
- Order of Cryptographic Operations
- Disjoint Sessions
- Mechanisms for Resilient Repudiation
- Resilient Kerberos PKINIT
- Related Work
- Conclusion
- References
- Privacy Amplification with Social Networks
- Introduction
- Background Work
- Threat Model
- Motivation
- Privacy Amplification in Social Networks
- Random Walks
- Protocols
- Social Salt
- Networks
- Mixing Properties of Social Networks
- Erdös-Rényi Model of Random Networks
- Scale-Free Networks with Linear Preferential Attachment
- Scale-Free Random Graph Topology
- Klienberg-Watts-Strogatz (KWS) Small World Topology
- A Note on Theoretical Topologies
- Conclusions
- References
- Privacy Amplification with Social Networks (Transcript of Discussion)
- Reconciling Multiple IPsec and Firewall Policies
- Introduction
- IPsec and Firewall Policies
- Extended Policies
- Preferences
- Basic Requirements for Reconciliation
- Reconciliation Theory
- Reconciliation Algorithm
- Shadowing and Collecting
- Algorithm Improvements
- Conclusion
- References
- Reconciling Multiple IPsec and Firewall Policies (Transcript of Discussion)
- Anchor-Less Secure Session Mobility
- Introduction
- Protocol Description
- New Host A' Is Triggered
- Old Host A Is Triggered
- Fixed Host B Is Triggered
- Double Jump Problem
- Security Analysis
- Summary and Further Work
- References
- Anchor-Less Secure Session Mobility (Transcript of Discussion)
- A Model for System-Based Analysis of Voting Systems
- Introduction
- A Model for Analysis of Voting Systems
- The Base Voting Model
- Extension 1: Adding a Voting Device
- Extension 2: Adding a Paper Audit Trail
- Extension 3: Adding a Web Bulletin Board (WBB) and Verifiable Receipts
- Applying the Model
- Threat Analysis of the Randell-Ryan ``Scratch Card'' Voting System
- Discussion and Future Work
- References
- A Model for System-Based Analysis of VotingSystems (Transcript of Discussion)
- Multi-Channel Key Agreement Using Encrypted Public Key Exchange
- Introduction
- Multi-Channel Protocols
- The New Protocol
- Discussion
- Generalizations
- References
- Multi-Channel Key Agreement Using Encrypted Public Key Exchange (Transcript of Discussion)
- On the Security of the EMV Secure Messaging API (Extended Abstract)
- On the Security of the EMV Secure Messaging API (Transcript of Discussion)
- Distributed Double Spending Prevention
- Introduction
- Our Results
- Related Research
- Structure of the Paper
- Model and Notation
- Distributing the Bank
- Fixed Clerk Sets: Deterministic Case
- Random Clerk Sets
- When Coins Get Spent More Often
- Coin-Specific Clerk Sets
- Conclusions and Further Research
- References
- Distributed Double Spending Prevention (Transcript of Discussion)
- Robbing the Bank with a Theorem Prover (Abstract)
- Robbing the Bank with a Theorem Prover (Transcript of Discussion)
- Disclosure Control of Natural Language Information to Enable Secure and Enjoyable Communication over the Internet
- Introduction
- Example Analysis and Requirements
- Data Source
- Unsafe Expressions
- Desirable Transformation
- Requirements for DCNL
- Possible Design for DCNL
- Existing Techniques
- System Structure of DCNL
- Knowledge of Sensitive Phrases and Suggestive Relations
- Suggestion Matrix and Its Generation Algorithm
- Transformation Algorithms
- Simulation
- Conclusion and Future Work
- References
- Disclosure Control of Natural Language Information to Enable Secure and Enjoyable Communication over the Internet (Transcript of Discussion)
- Towards Working with Small Atomic Functions
- Introduction
- Software Engineering
- Binary Relations and Function Tables
- Perfect Functional Entropy
- Function Table Illustrations
- Extending Perfect Functional Obfuscation to Larger Functions
- Perfect Program Encryption Process, Scope, and Limitations
- Function Performance and Size
- Adversarial Computational Capabilities and Limitations
- Generality
- Strength
- Conclusion
- References
- Towards Working with Small Atomic Functions (Transcript of Discussion)
- Daonity: Protocol Solutions to Grid Security Using Hardware Strengthened Software Environment
- Introduction
- Organisation of This Paper
- Grid Security Requirements
- Current Grid Security Solutions
- Authentication
- Authorisation
- Secured Communications
- Trusted Computing
- Trusted Computing for Grid Security
- Secure Storage of Cryptographic Credential
- Sharing of Security Resource by Roaming Professionals
- Distributed Firewall for a VO
- Attestation of Behaviour Conformity in a Remote System
- Securely Virtualised OSs and Services as ``Vaults''
- Group-Oriented Security Using Credential Migration
- Implementation Status and Known Challenges
- Known Challenges
- References
- Concluding Remarks
- Private Yet Abuse Resistant Open Publishing
- Introduction
- The Abuse Filtering Problem
- In the Beginning Was Email.
- .Then Came the Web
- Our Solution
- Interactive Realization
- Discussion
- Preliminary Evaluation
- Distributing Functionality
- Future Work
- Conclusions
- References
- Private Yet Abuse Resistant Open Publishing (Transcript of Discussion)
- Instructions to Reviewers
- Author Index
