Applied Cryptography and Network Security
9th International Conference, ACNS 2011, Nerja, Spain, June 7-10, 2011, Proceedings
Published on 14. June 2011
XIII, 552 pages
978-3-642-21554-4 (ISBN)
Description
This book constitutes the refereed proceedings of the 9th International Conference on Applied Cryptography and Network Security, ACNS 2011, held in Nerja, Spain, in June 2011.
The 31 revised full papers included in this volume were carefully reviewed and selected from 172 submissions. They are organized in topical sessions on malware and intrusion detection; attacks, applied crypto; signatures and friends; eclectic assortment; theory; encryption; broadcast encryption; and security services.
More details
Other editions
Additional editions
Javier López | Gene Tsudik
Applied Cryptography and Network Security
9th International Conference, ACNS 2011, Nerja, Spain, June 7-10, 2011, Proceedings
Book
06/2011
1st Edition
Springer
€53.49
Shipment within 7-9 days
Content
- Title
- Preface
- Organisation
- Table of Contents
- Session 1: Malware and Intrusion Detection
- Inferring Protocol State Machine from Network Traces: A Probabilistic Approach
- Introduction
- Related Work
- Architecture of Veritas
- Packet Analysis
- Inferencing Protocol State Messages
- Probabilistic Protocol State Machine
- State Machine Inference
- Experimental Evaluation
- Text Protocol
- Binary Protocols
- Quality of Protocol Specification
- Summary
- Conclusions and Future Work
- References
- A Specification Based Intrusion Detection Framework for Mobile Phones
- Introduction
- Related Work
- Background
- Cellphone Platform
- Design Motivation
- Security Model
- Threat Model
- Trust Model
- Design Overview
- Specification Design and Enforcement
- Specification Formalization
- Specification Enforcement
- Evaluation
- Security Evaluation
- Overhead Evaluation
- Discussions
- Scalability
- Limitations and Future Work
- Conclusions
- References
- Misuse Detection in Consent-Based Networks
- Introduction
- Misuses in Consent-Based Architectures
- DIPLOMA Overview
- Misuses in DIPLOMA
- System Architecture
- Capability Encoding
- Communication Protocol
- Detection Algorithms
- Phase 1 - Duplicate Removal and Multipath Detection
- Phase 2 - Reuse of the Capability Detection
- Privacy Issues
- Experimental Evaluation
- Effectiveness in Containing Attacks
- Speed of Detecting Misuse
- Attack Bandwidth after Misuse
- Related Work
- Conclusions and Future Work
- References
- Session 2: Attacks I
- Cold Boot Key Recovery by Solving Polynomial Systems with Noise
- Introduction
- The $Cold Boot$ Problem
- Block Cipher Key Expansion
- AES
- Serpent
- Twofish
- Solving Systems of Algebraic Equations with Noise
- Cold Boot as Partial Weighted Max-PoSSo
- Mixed Integer Programming
- Cold Boot Key Recovery against Block Ciphers
- Prior Work on AES
- Generic Combinatorial Approach
- Adapted Combinatorial Approach for Twofish
- Algebraic Approach Using Max-PoSSo
- Conclusion and Discussions
- References
- Exponent Blinding Does Not Always Lift (Partial) Spa Resistance to Higher-Level Security
- Introduction
- Basic Attack
- Notation
- Entire Process of the Basic Attack
- Efficiency, Scalability, and Limits
- Enhanced Attack Variant
- Enhanced Attack: Overview
- NAF Representations
- Enhanced Attack: Step 1
- Enhanced Attack: Step 2
- Enhanced Attack: Step 3
- Efficiency, Scalability, and Limits
- Conclusion
- References
- Cryptanalysis of the Atmel Cipher in SecureMemory, CryptoMemory and CryptoRF
- Introduction
- Description of the Atmel Cipher and the Authentication Protocol
- Specification of the Atmel Cipher
- The Authentication Protocol
- Our Attack on SecureMemory
- Our Attack on CryptoMemory
- Recovering the Right and Left Registers r and l
- Recovering the Middle Register $m$
- Complexity Analysis
- Practical Implementation
- Conclusions
- References
- Cache Timing Analysis of RC4
- Introduction
- The Context of the Attack
- Description of RC4
- Structure and Use of Cache Memory
- Cache Timing Analysis
- Prerequisites
- Conventions and Experimental Set-Up
- A First Algorithm for Idealized Cases
- Adaptation to Real Caches
- The Known-Plaintext Attack
- An Improvement: Searching Permutations
- The Unknown-Plaintext Attack
- A Partially-Known-Plaintext Attack
- Remarks on Collecting Data
- Conclusion
- References
- Session 3: Applied Crypto I
- Secure Efficient Multiparty Computing of Multivariate Polynomials and Applications
- Introduction
- Protocol Overview
- Definitions and Building Block Protocols
- Vector Homomorphic Encryption
- Polynomial Code Commutativity
- Incremental Encrypted Polynomial Evaluation
- Polynomial Interpolation over Encrypted Values
- Input Sharing via Enhanced Shamir Scheme
- Multiparty Polynomial Evaluation
- Communication and Computational Complexity
- Protocol Optimizations and Application to Multiparty Set Intersection
- Multiparty Set Intersection
- References
- Private Discovery of Common Social Contacts
- Introduction
- Private Contact Discovery with Available Tools?
- Contribution and Organization
- Preliminaries: Assumptions and Building Blocks
- Private Contact Discovery
- Contact Discovery: Syntax and Correctness
- Protocol Specification
- Protocol Correctness
- Protocol Efficiency and Performance Analysis
- Security Model for Contact Discovery Protocols
- Adversary Model
- Contact-Hiding Security
- Security Analysis of Our Protocol
- Conclusion
- References
- Session 4: Signatures and Friends
- Sanitizable Signatures in XML Signature - Performance, Mixing Properties, and Revisiting the Property of Transparency
- Introduction
- Related Work
- Implementation in JAVA and Integration into XML
- JCA Implementation Details for the Five Schemes
- Integration into an XML Signature
- Performance Evaluation of Implemented Schemes
- Algorithms: Setup, Hashing and Forging
- Signature Generation and Verification
- Summary
- Property Changes of Schemes due to Mixing
- Properties of Sanitizable Signature Schemes
- Extensions of the $Ateniese$ Scheme
- $Miyazaki$ Scheme
- The Transparency Property Revisited
- Conclusion
- References
- Double-Trapdoor Anonymous Tags for Traceable Signatures
- Introduction
- Public-Key Anonymous Tags with Double-Trapdoor
- Modular Construction and CCA-Anonymity
- Real Authorship Claiming and Denial Mechanism
- Anonymous Tag System
- Definitions
- Efficient Instantiation
- A Modular Construction of Traceable Signatures
- Syntax and Security Model
- Construction
- Security
- Efficient Instantiation
- References
- Hierarchical Identity-Based Chameleon Hash and Its Applications
- Introduction
- Our Contributions
- Related Work
- Organization
- Preliminaries
- Bilinear Pairings
- Identity-Based Chameleon Hash
- Hierarchical Identity-Based Chameleon Hash
- Hierarchical Trapdoor Sanitizable Signature and Its Construction from HIBCH
- Hierarchical Trapdoor Sanitizable Signature
- Generic Construction of HTSS from HIBCH
- Key-Exposure Free IBCH from HIBCH
- Construction of HIBCH
- Conclusions
- References
- Session 5: Eclectic Assortment
- Efficient Generic Constructions of Signcryption with Insider Security in the Multi-user Setting
- Introduction
- Preliminaries
- Notation
- Tag-Based Key Encapsulation Mechanism
- Data Encapsulation Mechanism
- Signature
- Signcryption
- Security
- Proposed Generic Constructions
- Composition Using TBKEM
- Composition Using KEM
- Comparison
- References
- Quantitatively Analyzing Stealthy Communication Channels
- Introduction
- Communication Modes
- Codeword Mode
- Tunneled Mode
- Query Strategies and Quantitative Evaluation
- Exponentially Distributed Query and Piggybacking Query
- Experimental Evaluation
- Perfect Stealth and Countermeasures
- Perfect Stealth in Content-Based Covert Channel
- A Countermeasure Based on Deep Packet Inspection
- An Open Question on Domain Names
- Related Work
- Conclusions
- References
- Fully Non-interactive Onion Routing with Forward-Secrecy
- Introduction
- Forward-Secure Identity-Based Onion Routing
- Security of Forward-Secure Identity-Based Onion Routing
- A Generic Construction of FS-ID Onion Routing
- Our Generic Construction
- Security
- Certificateless and PKI Variants
- The Proposed Construction
- Efficiency and Comparisons
- References
- Session 6: Theory
- Generic Fully Simulatable Adaptive Oblivious Transfer
- Introduction
- Background
- Our Contribution
- Preliminaries
- Notations
- Fully-Simulatable OT{k x 1}^n
- Generic Adaptive OT from Verifiable Shuffles
- Building Blocks
- The OT Protocol
- Instantiations from DDH and Linear Assumptions
- Generic Adaptive OT from Permutation Networks
- Loosely Homomorphic KEM
- The OT Protocol
- How to Execute the ZKPK at Step 4
- How to Execute Other ZKPK Protocols
- Leakage-Resilient Adaptive OT
- References
- Simple and Efficient Single Round almost Perfectly Secure Message Transmission Tolerating Generalized Adversary
- Introduction
- Non-Threshold Adversary
- Almost Perfectly Secure Message Transmission: Almost-PSMT
- Almost-PSMT Tolerating Non-Threshold Adversary: Motivation of Our Work
- Our Results and Comparison with the Existing Results
- Tools and Techniques Used in Our Protocol
- Primitives
- Linear Secret Sharing Scheme: LSSS
- Efficient Single Round Almost-PSMT Protocol Tolerating Non-Threshold Adversary
- Underlying Idea of the Protocol
- Sending the Authentication Information
- Simple and Computationally Efficient Single Round Almost-PSMT Tolerating Threshold Adversary with Optimum Communication Complexity
- Conclusion
- References
- Relaxed Security Notions for Signatures of Knowledge
- Introduction
- Relaxing the Notion of Signature of Knowledge
- Our Contributions
- Signatures of Knowledge
- Security Notions for SoKs
- Simulatability, Unforgeability, and Witness Indistinguishability
- Relationships of Security Notions
- Universally Composable Versions
- SoK Instantiation
- Waters' Signature Scheme
- General Construction
- Embedding Witnesses
- Application Scenarios
- Digital Signatures
- Ring Signatures
- References
- Session 7: Encryption
- LBlock: A Lightweight Block Cipher
- Introduction
- Specification of LBlock
- Notations
- Encryption Algorithm
- Decryption Algorithm
- Key Scheduling
- Design Rationale
- Structure
- Diffusion Layer
- S-Box Layer
- Key Scheduling
- Security Evaluation
- Differential Cryptanalysis
- Linear Cryptanalysis
- Impossible Differential Cryptanalysis
- Integral Attack
- Related-Key Attacks
- Performance Evaluation
- Hardware Performance
- Software Implementations
- Conclusion
- References
- On Hiding a Plaintext Length by Preencryption
- Introduction
- Preliminaries
- Encryption Scheme
- Preencryption Schemes
- Pad-then-Encrypt Scheme
- Maximal Security of the Pad-then-Encrypt Scheme
- Uniform Padding Schemes
- Conclusion
- References
- Session 8: Broadcast Encryption
- Fighting Pirates 2.0
- Introduction
- Pirates 2.0: A New Attack Scenario
- The Subset-Cover Framework: CS, SD, and LSD
- Partial Measures against Pirates 2.0
- A New Scheme
- Adding Secret Sharing Schemes to CS
- Subset Difference and Layered Subset Difference
- Anonymity against Private Collusion
- Conclusions and Open Problems
- References
- Security Notions for Broadcast Encryption
- Introduction
- Definitions
- Terminologies and Various Types of Schemes
- Security Notions
- Standard Security Notions
- Alternatives and Variants
- Relationship between the Security Notions
- Separating CPA and CCA
- Separating Notions of Dynamicity
- Separating Forms of Corruption
- Choice of the Target Set
- Relationships between Notions from the Literature
- Previous Schemes
- References
- Session 9: Security Services
- Towards User-Friendly Credential Transfer on Open Credential Platforms
- Introduction
- Assumptions and Requirements
- Credential Transfer Protocol
- Requirement Analysis
- Protocol Validation
- Discussion
- Related Work
- Summary
- References
- Non-transferable User Certification Secure against Authority Information Leaks and Impersonation Attacks
- Introduction
- Preliminaries
- Nominative Signatures
- Security Model
- Unforgeability
- Security against Malicious Signers
- Invisibility
- Protocol Security
- Key Registration
- Concrete Scheme
- Security
- Conclusion
- References
- Composable Security Analysis of OS Services
- Introduction
- Related Work
- The Universal Composability Framework
- Conventions for Software Systems
- SimpFS: A Simple Idealized File-System
- A Formal Model of SimpFS
- Implementing SimpFS over POSIX
- Concepts and Properties of POSIX
- The safeDirOpen Procedure
- Implementing the simpfs Commands
- Consistency Properties of the Implementation
- Rationale and Discussion
- Conclusion
- References
- Session 10: Attacks II
- Practical Attacks on the Maelstrom-0 Compression Function
- Introduction
- Description of Maelstrom-0
- Block Cipher $E$
- Outline of the Attack
- Differential Properties of the Round Transformations
- Differential Properties of the Key Schedule
- Constructing the Differential Path
- Finding the Message Pair
- Extension to More Rounds
- Conclusion
- References
- Linear Analysis of Reduced-Round CubeHash
- Introduction
- A Brief Description of CubeHash
- Previous Results on CubeHash
- Linear Approximation of CubeHash
- Linear Approximation of Addition Modulo 2^{32}
- The Linear Approximation of the Round Function of CubeHash
- Message Modification Techniques -A Chosen-Plaintext Linear Approximations
- Distinguishing Reduced-Round Variants of the Compression Function of CubeHash
- Conclusions
- References
- On the Indifferentiability of Fugue and Luffa
- Introduction
- Preliminaries
- Main Tools for Bounding Distinguisher's Advantage
- Indifferentiability Security Analysis of Fugue
- Indifferentiability Security Analysis of LuffaS
- Indifferentiability Security Analysis of Luffa
- Conclusion
- References
- Analysis of Message Injection in Stream Cipher-Based Hash Functions
- Introduction
- Related Work
- Security Definitions of Hash Functions
- Hash Function Constructions
- Definition of Message Injection Function
- Stream Cipher Model
- Inject into Feedback
- Inject into the Internal State
- Security Analysis
- Inject into Feedback
- Inject into the Internal State
- Extension to Two LFSRs
- Two-LFSR-Based SCH
- Security Analysis
- Discussion
- Single LFSR
- Two LFSRs
- Comparison to Real Algorithms
- Abacus
- MCSSHA-3
- Boole
- Conclusion
- References
- Session 11: Applied Crypto II
- Secure Authenticated Comparisons
- Introduction
- Preliminaries
- Notation
- Problem Formulation
- Security Definitions
- Bilinear Maps and Assumptions
- Scheme
- Two Straightforward Schemes
- A More Interesting Scheme
- Complexity Analysis
- Proof of Security
- Extensions
- Min/Max Queries
- Extension to Partial Orders
- Related Work
- A More Exact Comparison with Previous Work
- Conclusion/Future Work
- References
- Public-Key Encryption with Delegated Search
- Introduction
- Our Contribution
- Related Work
- Bilinear Groups and Complexity Assumptions
- Description and Security Model of PKEDS Scheme
- A Construction of PKEDS Scheme
- Efficiency
- Security
- Applications
- Conclusion
- References
- Author Index
