Information Security

Name: Information Security | 14th International Conference, ISC 2011, Xi'an, China, October 26-29, 2011, Proceedings
Brand: Springer
Price: 53.49 EUR
Availability: OnlineOnly

14th International Conference, ISC 2011, Xi'an, China, October 26-29, 2011, Proceedings

Xuejia Lai Jianying Zhou Hui Li(Editor)

Springer (Publisher)

Published on 13. October 2011

XIII, 388 pages

E-Book

PDF with digital watermarking

System requirements

978-3-642-24861-0 (ISBN)

€53.49incl. 7% vat

System requirements

for PDF with digital watermarking

E-Book Single Licence

Available for download

Description

More details

Other editions

Content

Title
Preface
ISC 2011
Table of Contents
Attacks
Replacement Attacks on Behavior Based Software Birthmark
Introduction
Our Replacement Attack Framework
Framework Overview
Various Replacement Attacks
The Rules of Replacement Attacks Construction
Effectiveness of Replacement Attacks
Graph-Subgraph Isomorphism Algorithms
Effectiveness Analysis against VF Algorithm
Implementation
Evaluation
Limitations and Future Work
Related Work
Conclusion
References
Attacking Traitor Tracing Schemes Using History Recording and Abrupt Decoders
Introduction
Traitor Tracing: Definitions
Hybrid Colorings
Attack against Hybrid Coloring Based Tracing
Conclusion
References
How to Find Short RC4 Colliding Key Pairs
Introduction
RC4 Key Collision
Known Searching Techniques
Brute Force Search
Matsui's Searching Algorithm
New Techniques to Reduce the Searching Complexity
Bypassing the First Round Deterministically
Bypassing the Second Round with High Probability
Reducing the Complexity in the Last Round
Multi-key Modification
New Searching Algorithm
Complexity Evaluation
Complexity for Our Proposed Algorithm
Complexity for Matsui's Algorithm
Conclusion
References
Protocols
A Formal Approach to Distance-Bounding RFID Protocols
Introduction
Distance Bounding Protocols
Our Contributions
Preliminaries
Security Model
Communication Model
Mafia Fraud Detection Model
Terrorist Attack Model
Distance-Fraud Model
Impersonation Resistance
Relationship between Fraud Types
Case Study: The Construction Due to Kim and Avoine
References
MASHA - Low Cost Authentication with a New Stream Cipher
Introduction
Related Work
MASHA
Feedback Shift Registers
Nonlinear Function
Encryption and Decryption
State Update
Streaming MAC Generation
Initialization Process
Design Decisions
Basing MASHA on the K2
Effectiveness of FSR-A
Using MSub to Protect against Differential Plaintext Attacks
Separating MAC Generation from Encryption
Analysis of MASHA
Statistical Properties
Resistance against Attacks
Performance Analysis
Conclusion
References
Toward Pairing-Free Certificateless Authenticated Key Exchanges
Introduction
Preliminaries
Computational Assumptions
Modeling CL-AKE Protocols
Security Definitions of CL-AKE Protocol
Kudla and Paterson's Modular Approach
Preciseness of Modular Approach
Proposed CL-AKE Protocol without Pairings
Protocol Description
Security Analysis
Comparison
Conclusions
References
Public-Key Cryptosystems
Security Analysis of an RSA Key Generation Algorithm with a Large Private Key
Introduction
Preliminaries
Notations and Definitions
Review of Encinas-Masqué-Dios RSA Key Generation Algorithm
The Proposed Attack on Encinas-Masqué-Dios RSA Key Generation Algorithm
Encinas-Masqué-Dios Algorithm Is Insecure When e&p+q
Encinas-Masqué-Dios Algorithm Is Insecure When e&N14
Conclusion
References
Adaptive Secure-Channel Free Public-Key Encryption with Keyword Search Implies Timed Release Encryption
Introduction
Preliminaries
Definition of TRE
Definitions of sUF OTS
Definitions of IND-Stag-CCA Secure TBE
Definitions of Anonymous IBE
Definitions of Adaptive SCF-PEKS
Adaptive SCF-PEKS Implies TRE
Proposed TRE Construction Based on Adaptive SCF-PEKS
Security Analysis of Our TRE Construction
Discussion: The Reason Why PEKS and Non-adaptive SCF-PEKS Are Not Suitable for Constructing TRE
Anonymous IBE Implies Adaptive SCF-PEKS
Proposed Adaptive SCF-PEKS Construction
Security Analysis of Our Adaptive SCF-PEKS Construction
Conclusion
References
The n-Diffie-Hellman Problem and Its Applications
Introduction
The n-DH Assumption
The n-BDH Assumption
Definitions of MPKE and MIBE
Multiple Public Key Encryption
Multiple Identity-Based Encryption
The n-ElGamal Encryption Scheme
The n-IBE Scheme
Conclusions
References
Network Security
RatBot: Anti-enumeration Peer-to-Peer Botnets
Introduction
Related Work
Threat Model
RatBot Design
Obscure Bot Selection
Identity Obfuscation
Bot Behavior Description
Rationale
Kad-Based RatBot Implementation
Experimental Evaluation
Exclusive RatBot
Immersive RatBot
Countermeasures
Conclusions
References
Detecting Near-Duplicate SPITs in Voice Mailboxes Using Hashes
Introduction
Background
The Problems
Collaborative Detection Architecture
Near-Duplicate SPIT
Matching Algorithms
Coskun Hash Algorithm
Nilsimsa Hash Algorithm
Experimental Results
Sample Collection
Experiment and Evaluation Method
Result to Detect Unintentional Near-Duplicate SPITs
Result to Detect Intentional Near-Duplicate SPITs
Related Work
Conclusion
References
Software Security
Multi-stage Binary Code Obfuscation Using Improved Virtual Machine
Introduction
Related Work
Our Approach
Block-to-Byte Virtual Machine
Multi-staged Code Obfuscation
Security Analysis
Multi-stage Polymorphism
Improved Execution Efficiency
Experiments
Control Flow Graph
Program Size
Running Time
Conclusion
References
Detection and Analysis of Cryptographic Data Inside Software
Introduction
Background and Related Work
Static Analysis Based Approaches
Dynamic Analysis Based Approaches
Cryptographic Data Pattern Analysis
Data Patterns
Implementation
Fochs: Data Tracing System
Lochs: Data Analysis System
Evaluation
Accuracy
Performance
Conclusion
References
System Security
SudoWeb: Minimizing Information Disclosure to Third Parties in Single Sign-on Platforms
Introduction
Background
OAuth Protocol
Facebook Authentication
Facebook Social Plug-ins
Related Work
Design
Implementation
SudoWeb Modules
Operation and Interaction of SudoWeb Modules
Discussion
Conclusion
References
Hello rootKitty: A Lightweight Invariance-Enforcing Framework
Introduction
Problem Description
Rootkits
Attacker Model
Hello rootKitty: Protecting Kernel Data against Rootkits
Approach
Implementation
Evaluation
Security Evaluation
Performance Benchmarks
Memory Overhead
Detection Time
Limitations
Related Work
Conclusion
References
Opacity Analysis in Trust Management Systems
Introduction
Related Work
A Framework for Probing Attacks
Abstract Framework
Datalog-Based Policies
Example
Verifying Opacity
Initial States
Finding Minimal Witnesses
Implementation with Optimizations
Discussion
References
Database Security
On the Inference-Proofness of Database Fragmentation Satisfying Confidentiality Constraints
Introduction
Confidentiality by Fragmentation
Controlled Query Evaluation
A Logic-Oriented View on Fragmentation
Inference-Proofness of Fragmentation
Conclusion and Future Work
References
Round-Efficient Oblivious Database Manipulation
Introduction
Frameworks for Share Computing
Oblivious Database Manipulation
Generic Construction for Oblivious Selection
Generic Construction for Oblivious Database Filtering
Oblivious Read-Write Access
Protocols for Oblivious Shuffle
Oblivious Shuffle Based on Permutation Matrices
Oblivious Shuffle Based on Sorting
Resharing Based Oblivious Shuffle for Semihonest Setting
Resharing Based Oblivious Shuffle for Malicious Setting
Conclusions and Future Work
References
A Privacy-Preserving Join on Outsourced Database
Introduction
Motivation
Related Work
Preliminaries
Boneh-Goh-Nissim Encryption System
Bloom Filters
Pseudo-Random Generators
Discrete Logarithm Assumption
Definitions
Main Construction
Outsourced Equijoin
Proof of Security
Discussion
Extension
Conclusion
References
Privacy
APPA: Aggregate Privacy-Preserving Authentication in Vehicular Ad Hoc Networks
Introduction
Our Results
Related Work
Paper Organization
System Architecture and Design Goals
System Architecture
Design Goals
The Building Block: OTIBAS
Modeling OTIBAS
An OTIBAS Scheme
Correctness and Security
The APPA Protocol
Intuition behind Our Protocol
The Concrete Protocol
Evaluation
Security and Privacy
Transmission and Storage Overhead
Impact of Signature Verification on Response Time
Tracing Efficiency
Conclusion
References
Assessing Location Privacy in Mobile Communication Networks
Introduction
Related Work
Location Privacy in Mobile Telephony Networks
Locating Mobile Phones
Privacy Threats
Adversary Model
Determining an Adversary's Knowledge Level
Determining an Adversary's Knowledge Gain
Case Study GSM Network
Data Analysis
Privacy Improvements
Conclusion
References
How Much Is Enough? Choosing $\epsilon$ for Differential Privacy
Introduction
Related Work
Differential Privacy
Example: Mean
Achieving Differential Privacy
Adversary Model
Attack Model
Limitation of Differential Privacy
Choice of $\epsilon$
Upper Bound on Adversary's Posterior Belief
Determining the Right Value of $\epsilon$
Example: Median
Conclusion
References
Digital Signatures
Non-interactive CDH-Based Multisignature Scheme in the Plain Public Key Model with Tighter Security
Introduction
Rogue Key Attacks
Multisignatures in the PPK Model
Our Contributions
Preliminaries
Definitions of Multisignatures
Cryptographic Complexity Assumption
Our Construction
Security Analysis
Additional Related Work
Conclusion
References
An Efficient Construction of Time-Selective Convertible Undeniable Signatures
Introduction
Related Work
Time-Selective Convertible Undeniable Signature
Definition
Security Models
Number-Theoretic Assumptions
Our TSCUS Scheme
Zhang-Safavi-Naini-Susilo (ZSS) Signature
A New TSCUS Scheme
Security Analysis
Randomized Signature Generation
Efficiency and Comparison
Conclusion
References
Efficient Fail-Stop Signatures from the Factoring Assumption
Introduction
Previous Work
Our Contribution
Preliminaries
Notations and Negligible Probabilities
Number Theoretic and Factoring Background
Fail-Stop Signatures
The General Construction Using Bundling Homomorphisms
New Fail-Stop Signatures from Factoring
The Construction
Security Analysis
Efficiency Analysis
References
Author Index

System requirements

Save as PDF Copy link into clipboard

Schweitzer Fachinformationen

Information Security

Description

More details

Other editions

Additional editions

Content

System requirements