Information Security
18th International Conference, ISC 2015, Trondheim, Norway, September 9-11, 2015, Proceedings
Published on 27. August 2015
XIII, 570 pages
978-3-319-23318-5 (ISBN)
Description
This book constitutes the refereed proceedings of the 18th International Conference on Information Security, ISC 2015, held in Trondheim, Norway, in September 2015. The 30 revised full papers presented were carefully reviewed and selected from 103 submissions. The papers cover a wide range of topics in the area of cryptography and cryptanalysis and are organized in the following topical sections: signatures; system and software security; block ciphers; protocols; network and cloud security; encryption and fundamentals; PUFs and implementation security; and key generation, biometrics and image security.
More details
Series
Edition
1st ed. 2015
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Product notice
Reflowable
Illustrations
XIII, 570 p. 110 illus.
File size
25,21 MB
ISBN-13
978-3-319-23318-5 (9783319233185)
DOI
10.1007/978-3-319-23318-5
Schweitzer Classification
Other editions
Additional editions
Javier Lopez | Chris J. Mitchell
Information Security
18th International Conference, ISC 2015, Trondheim, Norway, September 9-11, 2015, Proceedings
Book
08/2015
Springer
€53.49
Shipment within 10-15 days
Content
- Intro
- Preface
- Organization
- Contents
- Cryptography I: Signatures
- Black-Box Separations on Fiat-Shamir-Type Signatures in the Non-Programmable Random Oracle Model
- 1 Introduction
- 1.1 Our Results
- 2 Preliminaries
- 2.1 Digital Signature Scheme
- 2.2 Canonical Identification Scheme
- 2.3 Fiat-Shamir Transformation
- 3 Impossibility of Proving the Security of FS-Type Signatures in the NPROM
- 4 Security Incompatibility Between the DL Assumption and the EUF-CMA Security of the Schnorr Signature in the NPROM
- References
- The Generic Transformation from Standard Signatures to Identity-Based Aggregate Signatures
- 1 Introduction
- 2 Preliminaries
- 2.1 Indistinguishability Obfuscation
- 2.2 Puncturable PRFs
- 2.3 Universal Parameters
- 3 Identity-Based Aggregate Signatures
- 4 Generic Construction of Identity-Based Aggregate Signatures
- 5 Conclusions
- A Appendix
- 1 Public Key Encryption
- 2 Signature Schemes
- 3 Additively Homomorphic Encryption
- References
- Leveled Strongly-Unforgeable Identity-Based Fully Homomorphic Signatures
- 1 Introduction
- 1.1 Motivation
- 1.2 Contribution
- 1.3 Paper Organization
- 2 Preliminaries
- 2.1 Entropy and Statistical Distance
- 2.2 Background on Lattices and Hard Problems
- 2.3 Permutation Branching Program.
- 3 Identity-Based Homomorphic Trapdoor Functions
- 3.1 Definition
- 3.2 Construction: Basic Algorithms and Security
- 4 Homomorphic Evaluation and Noise Analysis
- 4.1 Basic Homomorphic Evaluation
- 4.2 The Homomorphic Output and Input Evaluation
- 4.3 Correctness of Homomorphic Evaluation and Noise Analysis
- 5 Strongly-Unforgeable Identity-Based Fully Homomorphic Signatures
- 5.1 Definition
- 5.2 Construction
- 6 Conclusions
- References
- Graded Signatures
- 1 Introduction
- 2 Definitions and Security Modeling
- 3 Graded Signatures with Linear Signature Size and Verification Time
- A Preliminaries
- References
- System and Software Security
- Dynamically Provisioning Isolation in Hierarchical Architectures
- 1 Introduction
- 2 Background and Related Work
- 3 Isolation and Co-Location
- 3.1 Locality
- 3.2 Confinements
- 4 SafeHaven
- 4.1 Overview
- 4.2 Migrating Confinements
- 4.3 Allocation
- 5 Case Studies
- 5.1 Case 1: System-Wide Covert Channel
- 5.2 Case 2: Moving Target Defence
- 5.3 Other Policies
- 6 Conclusion
- A Appendix: Migration Frequency and Performance
- References
- Factors Impacting the Effort Required to Fix Security Vulnerabilities
- 1 Introduction
- 2 Related Work
- 3 Secure Software Development at SAP
- 4 Research Approach
- 5 Study Results
- 5.1 Vulnerability-Fixing Process
- 5.2 Factors that Impact the Vulnerability-Fix Time
- 5.3 Discussion
- 6 Impacts and Limitations of the Study
- 6.1 Impacts of the Study
- 6.2 Limitations of the Study
- 7 Lessons Learned
- 8 Conclusions
- References
- Software Security Maturity in Public Organisations
- 1 Introduction
- 2 Background
- 2.1 OpenSAMM
- 2.2 BSIMM
- 3 Method
- 4 Results
- 4.1 Practices with a High Degree of Maturity
- 4.2 Practices with a Low Degree of Maturity
- 4.3 Result Summary
- 5 Discussion
- 6 Conclusion and Further Work
- A Questionnaire
- A.1 Governance
- A.2 Construction/Intelligence
- A.3 Verification/Touchpoints
- A.4 Deployment
- References
- Cryptanalysis I: Block Ciphers
- Extending the Applicability of the Mixed-Integer Programming Technique in Automatic Differential Cryptanalysis
- 1 Introduction
- 2 MIP-based Automatic Differential Analysis
- 3 Automatic Search for Related-Key Differential Characteristics of PRIDE
- 3.1 Description of PRIDE
- 3.2 Modelling the Differential Behavior of gi(j)() with Linear Inequalities
- 4 Constructing MIP Models Whose Feasible Regions are Exactly the Sets of All Differential Characteristics of SIMON
- 5 Automatic Analysis of the Propagation of Differences
- 6 Conclusion and Discussion
- A 2-round Iterative Related-key Differential Characteristics with Probability 2-4 for PRIDE
- References
- Automatic Search for Linear Trails of the SPECK Family
- 1 Introduction
- 2 Preliminaries
- 2.1 Notions
- 2.2 Description of SPECK
- 2.3 Automatic Search Framework
- 2.4 Linear Approximation of Modulo Addition
- 3 Linear Results on SPECK
- 3.1 Details of the Search
- 3.2 Search Results
- 3.3 Linear Distinguishers
- 3.4 Key Recovery Attacks
- 4 Another Implementation of Wallén's Algorithm
- 5 Conclusions
- A Straightforward Implementations of Wallén's Algorithm
- A.1 The Top-Down Method
- A.2 The Bottom-Up Method
- B The Gray_Visit Procedure
- References
- From Distinguishers to Key Recovery: Improved Related-Key Attacks on Even-Mansour
- 1 Introduction
- 2 Notation
- 3 Generic Related-Key Key-Recovery Attacks on Even-Mansour Ciphers
- 3.1 Key-Recovery Attacks on r-round `39`42`"613A``45`47`"603AIEM with Independent Keys
- 3.2 Extension to 2-Round Even-Mansour with a Linear Key Schedule
- 4 Application to Prøst-OTR
- 5 Conclusion
- A Proof-of-concept Implementation for a 64-Bit Permutation
- References
- Cryptography II: Protocols
- Oblivious PAKE: Efficient Handling of Password Trials
- 1 Introduction
- 1.1 Oblivious PAKE and Our Contributions
- 2 Oblivious PAKE Model
- 3 Transforming PAKE Protocols into
- 3.1 Requirements on PAKE
- 3.2 The Compiler
- 3.3 Relation to LAKE
- 3.4 Security Analysis
- 3.5 Oblivious PAKE Instantiation
- 3.6 Processing Multi-Component Messages
- 4 Concrete Instantiation Examples
- 4.1 Oblivious SPAKE
- 5 Conclusion
- References
- Secure and Efficient Private Set Intersection Cardinality Using Bloom Filter
- 1 Introduction
- 2 Preliminaries
- 2.1 Security Model for Semi-honest Adversary [7]
- 2.2 Security Model for Malicious Adversary [7]
- 2.3 Goldwasser-Micali (GM) Encryption [8]
- 2.4 Bloom Filter [2]
- 3 Protocol
- 3.1 The PSI-CA
- 3.2 The APSI-CA
- 3.3 The PSI
- 3.4 The APSI
- 4 Security
- 5 Efficiency
- 6 Conclusion
- References
- On the Efficiency of Multi-party Contract Signing Protocols
- 1 Introduction
- 2 MPCS Requirements
- 3 Efficiency
- 4 Topologies
- 4.1 Ring
- 4.2 Sequential
- 4.3 Star
- 4.4 Mesh
- 5 Related Work
- 6 MPCS Protocols Overview
- 6.1 The TTP
- 7 Asynchronous Optimistic MPCS Protocols
- 7.1 An Asynchronous Optimistic MPCS Protocol Using Ring Topology
- 7.2 An Asynchronous Optimistic MPCS Protocol with Sequential, Star and Mesh Topology
- 8 Protocol Comparison
- 9 Conclusions
- References
- On the Provable Security of the Dragonfly Protocol
- 1 Introduction
- 2 Security Model
- 2.1 Model
- 2.2 Security Assumptions
- 3 The Dragonfly Protocol
- 4 Security Proof of Dragonfly Protocol
- 5 Conclusion
- References
- Network and Cloud Security
- Multipath TCP IDS Evasion and Mitigation
- 1 Introduction
- 1.1 Motivation and Research Questions
- 1.2 Contribution
- 1.3 Paper Structure
- 2 Related Work
- 3 Background
- 3.1 Multipath Networking
- 3.2 Network Security Reflections
- 3.3 Snort
- 4 Experimental Methodology
- 4.1 Client Side
- 4.2 Server Side
- 5 Statistical Analysis of Snort Rules
- 5.1 Results
- 5.2 Trends
- 6 Evaluation of Snort
- 6.1 Operation
- 6.2 Results
- 6.3 Discussion
- 7 Proposed Solution
- 7.1 Implementation
- 7.2 Validation
- 8 Outlook
- 9 Concluding Remarks
- References
- Provenance Based Classification Access Policy System Based on Encrypted Search for Cloud Data Storage
- 1 Introduction
- 2 Related Work
- 3 Provenance
- 4 PBCAP System Design
- 4.1 System Architecture
- 4.2 Provenance Based Classification Policy
- 5 Provenance Based Classification Scheme
- 5.1 Preliminaries
- 5.2 Policy Based Classification Scheme
- 5.3 Security Proof
- 6 Concluding Remarks
- References
- Multi-user Searchable Encryption in the Cloud
- 1 Introduction
- 2 Multi-user Searchable Encryption (MUSE)
- 3 Our Solution
- 3.1 Idea
- 3.2 Preliminaries
- 3.3 Protocol Description
- 3.4 Correctness
- 4 Security Model
- 4.1 Security with the CSP as Adversary
- 4.2 Security with the Proxy as Adversary
- 5 Security Analysis
- 5.1 Index Privacy with the CSP as the Adversary
- 6 Performance Analysis
- 7 Related Work
- 8 Conclusion
- References
- Cryptography III: Encryption and Fundamentals
- CCA Secure PKE with Auxiliary Input Security and Leakage Resiliency
- 1 Introduction
- 2 Preliminaries
- 2.1 Strengthened Subgroup Indistinguishability Assumption
- 2.2 All-but-One Lossy Functions
- 2.3 Chameleon Hash Function
- 2.4 Goldreich-Levin Theorem for Large Fields
- 2.5 DDH Assumption
- 2.6 Min-entropy
- 3 Auxiliary Input and Leakage Resilient Public Key Encryption
- 3.1 Auxiliary Input CCA Security of PKE
- 3.2 Leakage Resilient CCA Security of PKE
- 4 The Generic Construction
- 5 Instantiation over a Group of Known Order
- 6 Conclusions
- References
- General Circuit Realizing Compact Revocable Attribute-Based Encryption from Multilinear Maps
- 1 Introduction
- 2 Preliminaries
- 2.1 The Notion of RABE for General Circuits
- 2.2 Multilinear Maps and Complexity Assumptions
- 3 RABE-I
- 4 RABE-II
- 5 Efficiency
- 6 Conclusion
- References
- Hashing into Jacobi Quartic Curves
- 1 Introduction
- 2 Jacobi Quartic Curves
- 3 SWU Encoding
- 3.1 SWU Encoding
- 3.2 Brief SWU Encoding
- 3.3 Character Sum
- 3.4 One-Wayness
- 3.5 Collision-Resistance
- 4 Cube Root Encoding
- 4.1 Properties of Cube Root Encoding
- 4.2 The Genus of Ra,d
- 4.3 Calculating Character Sums on the Curve Ra,d
- 4.4 Galois Group of Field Extension L/K
- 4.5 Calculating the Size of the Images of f2
- 5 Indifferentiable from Random Oracle
- 5.1 First Construction
- 5.2 Second Construction
- 6 Time Complexity
- 6.1 Theoretical Analysis of Hash
- 6.2 Theoretical Analysis of Random Oracle
- 6.3 Practical Implementations
- 7 Conclusion
- References
- Cryptanalysis II
- Two Generic Methods of Analyzing Stream Ciphers
- 1 Introduction
- 2 Time-Memory-Data Tradeoff Attack Against Grain-v1 with Conditional Sampling Resistance Based on Guess-and-Determine Strategy
- 2.1 Introduction of Time-Memory-Data Tradeoff Attack
- 2.2 Description of Grain-v1
- 2.3 Preliminary Analysis
- 2.4 Time-Memory-Data Tradeoff Attack of Grain-v1
- 2.5 Complexity Analysis and Comparison
- 3 Security Evaluation of ACORN Using Linear Approximation and Guessing Strategy
- 3.1 Description of ACORN
- 3.2 Security Evaluation of ACORN
- 4 Conclusion
- References
- Key Recovery Attacks Against NTRU-Based Somewhat Homomorphic Encryption Schemes
- 1 Introduction
- 1.1 Our Contribution
- 1.2 Structure of the Paper
- 2 Preliminary
- 3 Attack Against the LTV12 SHE Scheme
- 3.1 Attack Preview
- 3.2 Detailed Attack
- 4 Attack Against the BLLN13 SHE Scheme
- 4.1 Attack Preview
- 4.2 Detailed Attack in Three Cases
- 5 Conclusion
- References
- PUFs and Implementation Security
- Bit Error Probability Evaluation of RO PUFs
- 1 Introduction
- 2 Preliminaries
- 2.1 Ring Oscillator PUF
- 2.2 The Evaluation Scheme of RO PUF
- 3 Analysis of the Model on Bit Error Probability
- 3.1 Notations
- 3.2 Analysis on RO PUF
- 3.3 Simulation Design for the Bit Error Probability Estimation
- 4 Experiment Design for Model Verification
- 4.1 Parameter Extraction
- 4.2 Simulation
- 4.3 Results From Simulations and Practical Experiments
- 5 Further Discussion
- 6 Conclusion
- References
- Extracting Robust Keys from NAND Flash Physical Unclonable Functions
- 1 Introduction
- 2 Related Works
- 3 Background
- 3.1 Uncertain States of NAND Flash Memory Cells
- 3.2 Disturbance Related to NAND Flash Memory Array Organization
- 4 Robust Key Generation
- 4.1 Extracting Raw NFPUF Output Numbers
- 4.2 Extracting Robust Keys from the Raw NFPUF Output Numbers
- 5 Implementation and Evaluation
- 5.1 Tested Device
- 5.2 Experimental Results and Evaluation
- 6 Conclusion
- References
- On Security of a White-Box Implementation of SHARK
- Abstract
- 1 Introduction
- 2 Recent Advances in White-Box Cryptography and Cryptanalysis
- 3 SHARK and its White-Box Implementation
- 4 Theoretical Analysis of T-Boxes
- 5 Extracting the Embedded Key
- 6 Conclusions
- Acknowledgments
- References
- GPU-Disasm: A GPU-Based X86 Disassembler
- 1 Introduction
- 2 Background
- 2.1 General Purpose Computing on GPUs (GPGPU)
- 2.2 x86 Architecture
- 2.3 Code Disassemblers
- 3 Architecture
- 3.1 Transferring Input Binaries to the GPU
- 3.2 Disassembling x86 Code on the GPU
- 3.3 Transferring the Results to the Host
- 3.4 Pipeline
- 4 Optimizations
- 4.1 Access to Global Memory
- 4.2 Constant Memory
- 4.3 Access to L2 Cache
- 4.4 Data in GPU Registers
- 5 Evaluation
- 5.1 Performance Analysis
- 5.2 Power Consumption and Cost
- 6 Related Work
- 7 Limitations
- 8 Conclusion
- References
- Key Generation, Biometrics and Image Security
- Reasoning about Privacy Properties of Biometric Systems Architectures in the Presence of Information Leakage
- 1 Introduction
- 2 A Formalism for Architectures and Privacy Properties
- 2.1 Architecture Syntax
- 2.2 Traces of Events
- 2.3 Architecture Semantics
- 2.4 Privacy Properties of Architectures
- 3 Application to Biometric Systems Architectures
- 3.1 Extension of the MOC Technology to Biometric Identification
- 3.2 Learning of the Protected Quantizations
- 3.3 Architecture Description in our Extended Framework
- 3.4 Variants of the Architecture
- 4 Conclusion
- A Sketch of Proof for Completeness and Correctness
- References
- Improvement of Multi-bit Information Embedding Algorithm for Palette-Based Images
- 1 Introduction
- 2 Conventional Method
- 2.1 Sorting of Color Palette
- 2.2 Embedding of Message
- 2.3 Extraction of Message
- 2.4 Problems of the Conventional Method
- 3 Proposed Method
- 3.1 Sorting of Color Palette
- 3.2 Embedding of Message
- 3.3 Extraction of Message
- 4 Experimental Results
- 4.1 Evaluation of Image Quality
- 4.2 Evaluation of Maximum Possible Amount of Embedding Bits
- 5 Conclusion
- References
- Efficient Ephemeral Elliptic Curve Cryptographic Keys
- 1 Introduction
- 2 Preliminaries
- 3 Special Cases of the Complex Multiplication Method
- 3.1 The CM Method
- 3.2 The CM Method for Class Numbers at Most Three
- 3.3 The CM Method for Larger Class Numbers
- 4 Ephemeral ECC Parameter Generation
- 5 Security Criteria
- 6 Conclusions and Future Work
- References
- Distributed Parameter Generation for Bilinear Diffie Hellman Exponentiation and Applications
- 1 Introduction
- 2 Definitions
- 3 Building Blocks
- 3.1 Sub-protocols
- 3.2 Security Analysis
- 4 Distributed Parameter Generation for the n-BDHE Problem and Applications
- 4.1 t-Secure Distributed n-BDHE Problem Parameters Generation Protocol
- 4.2 t-Secure DBE with Constant Size Ciphertext and Secret Key
- 4.3 Other Applications
- 5 Conclusion
- A Appendix
- A.1 Preliminaries
- A.2 Proof of Theorem 2
- References
- Author Index
