Information Security
20th International Conference, ISC 2017, Ho Chi Minh City, Vietnam, November 22-24, 2017, Proceedings
Published on 13. November 2017
XIII, 474 pages
978-3-319-69659-1 (ISBN)
Description
This book constitutes the refereed proceedings of the 20th International Conference on Information Security, ISC 2017, held in Ho Chi Minh City, Vietnam, in November 2017.
The 25 revised full papers presented were carefully reviewed and selected from 97 submissions. The papers are organized in topical sections on symmetric cryptography, post-quantum cryptography, public-key cryptography, authentication, attacks, privacy, mobile security, software security, and network and system security.
The 25 revised full papers presented were carefully reviewed and selected from 97 submissions. The papers are organized in topical sections on symmetric cryptography, post-quantum cryptography, public-key cryptography, authentication, attacks, privacy, mobile security, software security, and network and system security.
More details
Series
Edition
1st ed. 2017
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Product notice
Reflowable
Illustrations
XIII, 474 p. 115 illus.
File size
24,71 MB
ISBN-13
978-3-319-69659-1 (9783319696591)
DOI
10.1007/978-3-319-69659-1
Schweitzer Classification
Other editions
Additional editions
Phong Q. Nguyen | Jianying Zhou
Information Security
20th International Conference, ISC 2017, Ho Chi Minh City, Vietnam, November 22-24, 2017, Proceedings
Book
10/2017
Springer
€53.49
Shipment within 10-15 days
Content
- Intro
- Preface
- ISC 2017 20th International Conference on Information Security Ho Chi Minh City, Vietnam November 22-24, 2017
- Contents
- Symmetric Cryptography
- Rate-One AE with Security Under RUP
- 1 Introduction
- 2 An Impossibility Result for PA2
- 2.1 Rate-One AE Schemes
- 2.2 Any Rate-One AE Scheme Is Not PA2
- 3 Basic Idea and Formulation
- 3.1 Tag Feedback TF in a Nutshell
- 3.2 Generalized AEAD Formulation by Shrimpton and Terashima
- 4 CBt Construction
- 5 Security Definitions
- 5.1 Adversarial Model
- 5.2 Security Notions
- 6 Security of CBt
- 7 Privacy Against (FV,T,A)-Repeating Adversaries
- 8 Discussion
- 8.1 Implementation Choices
- 8.2 Supporting Secret Message Number (SMN)
- A Rational of Associated Data Computation in CBt
- A.1 Synthetic Approach
- B Authenticity against Adversaries Asking Old Triplets
- References
- An Improved SAT-Based Guess-and-Determine Attack on the Alternating Step Generator
- 1 Introduction
- 2 Considered Cryptanalysis Problems
- 3 Algorithm for Constructing SAT-based Guess-and-Determine Attacks
- 4 Computational Experiments
- 4.1 Additional Optimization: Choosing the Right Keystream Fragment Size
- 4.2 ASG-72
- 4.3 ASG-96
- 4.4 MASG-72 and MASG0-72
- 4.5 ASG-192
- 5 Related Work
- 6 Conclusions
- References
- Efficient Masking of ARX-Based Block Ciphers Using Carry-Save Addition on Boolean Shares
- 1 Introduction
- 2 Preliminaries
- 3 Carry-Save Addition
- 3.1 Using a CSA for Single-Operand Addition
- 3.2 Security Aspects
- 4 Implementation Details and Evaluation
- 4.1 Secure Addition on Boolean Shares
- 4.2 Masked Implementation of Speck
- 4.3 Leakage Assessment
- 5 Conclusions
- References
- Improved Automatic Search Tool for Related-Key Differential Characteristics on Byte-Oriented Block Ciphers
- 1 Introduction
- 2 Preliminaries
- 2.1 Notations and Definitions
- 2.2 Depth-First Algorithm for Related-Key Characteristics
- 2.3 Breadth-First Algorithm for Related-Key Characteristics
- 3 Improved Tool for Search of Related-Key Differential Characteristics
- 3.1 Tool for Related-Key Differential Characteristics
- 4 Applications to AES
- 4.1 Former Results of AES
- 4.2 Improved Applications to AES-like Ciphers
- 5 Applications to Deoxys and Joltik
- 5.1 Descriptions of Deoxys and Joltik
- 5.2 Applications to Deoxys-128-128 and Joltik-64-64
- 5.3 Applications to Deoxys-256-128 and Joltik-128-64
- 6 Applications to Midori
- 7 Evaluating the Complexity
- 7.1 Evaluating the Complexity for Breadth-First Algorithm
- 7.2 Evaluating the Complexity for Depth-First Algorithm
- 7.3 Time Complexity of Breadth-Depth Algorithm
- 8 Conclusions
- References
- Post-quantum Cryptography
- Choosing Parameters for the Subfield Lattice Attack Against Overstretched NTRU
- 1 Introduction
- 2 Preliminaries
- 3 Overview of the Subfield Lattice Attack
- 3.1 Norming down to the Subfield
- 3.2 Lattice Reduction in the Subfield
- 3.3 Lifting up the Short Vector
- 4 Revisiting Albrecht et al.'s Attack [1]
- 4.1 Theoretical Analysis
- 4.2 Implementation Results
- 5 Conclusion
- References
- Zero-Knowledge Password Policy Check from Lattices
- 1 Introduction
- 2 Preliminaries
- 2.1 Some Lattice-Based Cryptographic Ingredients
- 2.2 Zero-Knowledge Argument Systems and Stern-Like Protocols
- 2.3 Password Strings and Password Policies
- 2.4 Randomised Password Hashing and Zero-Knowledge Password Policy Check
- 3 Our Constructions
- 3.1 Notations, Sets and Permutations
- 3.2 Randomised Password Hashing from Lattices
- 3.3 Techniques for Proving Set Membership
- 3.4 Zero-Knowledge Password Policy Check Protocol
- 4 Conclusion and Open Questions
- References
- Generic Forward-Secure Key Agreement Without Signatures
- 1 Introduction
- 2 Preliminaries
- 2.1 Standard Definitions
- 2.2 Passively Secure Unauthenticated Key Agreement Protocol
- 3 Forward-Secure Authenticated Key Agreement Protocols and Security Model
- 3.1 AKA Protocol Definition
- 3.2 Execution Environment
- 3.3 Secure Mutual Authentication
- 3.4 Session Key Secrecy and Forward Secrecy
- 3.5 Full Security Definition
- 4 A New AKA Protocol Construction
- References
- Public-Key Cryptography
- A Constant-Size Signature Scheme with Tighter Reduction from CDH Assumption
- 1 Introduction
- 1.1 Background
- 1.2 Related Works
- 1.3 Our Contribution
- 2 Preliminaries
- 2.1 Digital Signatures
- 2.2 Trapdoor Commitments
- 2.3 Security Class of Digital Signatures
- 2.4 Bilinear Groups
- 2.5 Computational Diffie-Hellman Assumption
- 2.6 Pseudorandom Functions
- 2.7 Scheme of Böhl et al.
- 3 Proposal: Modified Mildly Secure Signature Scheme
- 3.1 Construction
- 3.2 Security Analysis
- 4 EUF-CMA Full Security Scheme
- 4.1 Construction
- 4.2 Security Analysis
- 5 Discussion
- 6 Conclusion
- References
- Homomorphic-Policy Attribute-Based Key Encapsulation Mechanisms
- 1 Introduction
- 1.1 Homomorphic-Policy Attribute-Based Key Encapsulation Mechanisms
- 1.2 Contribution
- 1.3 Our Technique
- 1.4 Organization of the Paper
- 2 Definitions
- 2.1 Access Structure
- 2.2 Linear Secret Sharing Scheme
- 2.3 Attribute-Based Key Encapsulation Mechanism
- 3 Homomorphic-Policy
- 3.1 Definition
- 3.2 Security
- 4 Construction
- 4.1 Modified Lewko-Waters Scheme
- 4.2 Description
- 4.3 Construction of the LSSS
- 4.4 Homomorphic Policy
- 4.5 Security
- 4.6 Homomorphic Policy
- 5 Conclusion
- References
- Watermarking Public-Key Cryptographic Functionalities and Implementations
- 1 Introduction
- 2 Preliminaries
- 2.1 Defining Cryptographic Objects
- 3 Watermarking Cryptographic Functionalities
- 3.1 Syntax of a Watermarking Scheme
- 3.2 Security Model
- 3.3 Security Properties
- 4 Watermarking Cryptographic Implementations
- 5 A Watermarking Scheme for Implementations of PKE
- 6 Watermarking PKE Funtionality from IBE
- References
- Authentication
- Contactless Access Control Based on Distance Bounding
- 1 Introduction
- 2 Definitions from Previous Work
- 3 Security and Privacy Model of AC
- 3.1 Security
- 3.2 Privacy
- 4 Distance Bounding in Access Control
- 4.1 Secure AC with Secure DB
- 4.2 Private AC with Private DB
- 5 Conclusion
- References
- Improving Gait Cryptosystem Security Using Gray Code Quantization and Linear Discriminant Analysis
- 1 Introduction
- 2 Preliminaries
- 2.1 Notations
- 2.2 The Fuzzy Commitment Scheme
- 2.3 Fisher's Linear Discriminant Analysis
- 3 The Proposed Gait Cryptosystem
- 3.1 Overall of System Architecture
- 3.2 Data Preprocessing and Feature Extraction
- 3.3 Improving the Discriminability of Gait Data
- 3.4 Gray Code Quantization
- 3.5 Reliable Binary String Extraction
- 4 Experiments
- 4.1 Configurations and Results
- 4.2 The Impact of LDA Projection
- 4.3 The Impact of Gray Code Quantization
- 4.4 Security Analysis
- 5 Related Work
- 6 Conclusion
- References
- Attacks
- Low-Level Attacks in Bitcoin Wallets
- 1 Introduction
- 2 Background
- 3 Ledger Wallet Implementation
- 4 Attacks
- 4.1 Attacks in Practice
- 5 A Lightweight Fix of the Protocols
- 6 Discussion
- A Appendix
- A.1 Example Communication Trace
- A.2 Active Attacks
- References
- Improving Password Guessing Using Byte Pair Encoding
- 1 Introduction
- 2 Related Work
- 3 Password Guessing on PCFGs with BPE
- 3.1 Password Segmentation Method Based on BPE
- 3.2 BPE-PCFGs Password Guessing Model
- 3.3 Rich-BPE-PCFGs Password Guessing Model
- 4 Experimental Evaluation
- 4.1 Introduction of Our Datasets
- 4.2 Experimental Results
- 5 Conclusion and Future Work
- References
- How to Make Information-Flow Analysis Based Defense Ineffective: An ART Behavior-Mask Attack
- 1 Introduction
- 2 Technical Background
- 2.1 Android ART Runtime
- 2.2 ART Addressing Modes
- 3 Behavior-Mask Attack
- 3.1 Motivating Example
- 3.2 Attack Design
- 3.3 Covert Data Transformation via Object Fields Redirecting
- 3.4 Hijacking Control-Flow via Method Call Rebinding
- 4 An Automatic Development Framework of Behavior-Mask Attack
- 4.1 Syntax Analyzing Target Code and Hunting Usable Mask Method
- 4.2 Design of Data Container Class and Implementation of Covert Data Transformation
- 4.3 Design of Method Container and Implementation of Hijacking Control-Flow
- 5 Evaluation
- 5.1 Effectiveness
- 5.2 Performance
- 6 Discussion
- 6.1 Limitation
- 6.2 Preventing Behavior-Mask Attack
- 7 Related Work
- 8 Conclusion
- References
- Privacy
- Harvesting Smartphone Privacy Through Enhanced Juice Filming Charging Attacks
- 1 Introduction
- 2 Background of JFC Attack
- 3 Enhanced JFC Attack
- 3.1 Accuracy of Information Extraction
- 3.2 Improvement for Information Extraction
- 3.3 Information Correlation
- 4 User Study
- 5 Further Discussion
- 6 Related Work
- 7 Conclusion
- References
- A Differentially Private Encryption Scheme
- 1 Introduction
- 2 Preliminaries
- 2.1 Notation
- 2.2 Basic Definitions
- 3 Our Definition of m1,m2-Correct Encryption Scheme
- 3.1 Definition
- 3.2 Construction of an m1,m2-Correct 1-bit Encryption Scheme
- 3.3 Construction of an m1,m2-Correct N-Elements Encryption Scheme
- 3.4 Fix , Find m1,m2
- 4 Equality Between DP-then-Encrypt and Encrypt+DP
- 5 Example of an m1,m2-Correct Homomorphic Encryption Scheme
- 5.1 Implementation and Statistics
- 6 Conclusions and Future Work
- References
- Mobile Security
- Droid Mood Swing (DMS): Automatic Security Modes Based on Contexts
- 1 Introduction
- 2 Background
- 2.1 Android Security
- 3 DMS Architecture and Operation
- 3.1 DMS Architecture
- 3.2 DMS Security Modes
- 3.3 Fine-Grained Permissions
- 3.4 Context-Aware Filesystem
- 3.5 Inter-process Communication (IPC) Firewall
- 3.6 Restrict Network
- 3.7 Permission Verification
- 3.8 DMS Configuration Language
- 3.9 DMS Developer API
- 4 Evaluation
- 4.1 Evaluation of the Classifiers for the Permission Verification System
- 4.2 Portability
- 4.3 Functionality
- 4.4 Security Analysis
- 4.5 Operational Overheads
- 5 Related Work
- 6 Conclusion
- References
- T-MAC: Protecting Mandatory Access Control System Integrity from Malicious Execution Environment on ARM-Based Mobile Devices
- 1 Introduction
- 2 Background
- 2.1 Mandatory Access Control
- 2.2 ARM TrustZone Security Extension
- 3 Threat Model and Assumptions
- 3.1 Threat Model
- 3.2 Assumptions
- 4 Design
- 4.1 T-MAC Architecture
- 4.2 Rich Execution Environment Enhancement
- 4.3 Security Cross-World Communication
- 5 Implementation
- 5.1 Trusted Execution Environment
- 5.2 SELinux and Kernel Instrumentation
- 5.3 Secure Booting
- 6 Evaluation
- 6.1 Platform
- 6.2 Overhead of World Switching
- 6.3 Performance Impact on Mainstream Benchmarking
- 6.4 Latency of Application Loading Time
- 6.5 Security Analysis
- 7 Related Work
- 8 Conclusion
- References
- Enforcing ACL Access Control on Android Platform
- 1 Introduction
- 2 Background
- 2.1 Access Control List
- 2.2 Permission Mechanism in Android
- 2.3 Transplantation Attack
- 3 System Design
- 3.1 ACL Control Center
- 3.2 ACL Service Provider
- 3.3 ACL Support
- 4 Implementation
- 4.1 Kernel Configuration
- 4.2 Shared Library Support
- 4.3 ACL Service Provider
- 4.4 SEAndroid Configuration
- 4.5 Access Permission Checking
- 5 Evaluation
- 5.1 Stability
- 5.2 Effectiveness
- 5.3 Overall Performance
- 6 Related Work
- 6.1 Android Middleware Layer Enforcements
- 6.2 Kernel Layer Enforcements
- 7 Conclusions and Future Work
- References
- Software Security
- Nightingale: Translating Embedded VM Code in x86 Binary Executables
- 1 Introduction
- 2 Preliminaries
- 2.1 Basic Concept
- 2.2 Assumptions
- 3 VM Code Translating
- 3.1 Overview
- 3.2 Interpretation Pinpointing
- 3.3 VM-State Analysis
- 3.4 Handler Translating
- 3.5 Code Simplification
- 3.6 Dynamic Patching
- 4 Empirical Evaluation
- 4.1 Analysis Results
- 4.2 Case Studies
- 5 Related Work
- 6 Conclusion
- References
- Run-Time Verification for Observational Determinism Using Dynamic Program Slicing
- Abstract
- 1 Introduction
- 2 Preliminaries
- 3 Dynamic Program Slicing for Enforcing Observational Determinism
- 4 Verifying the Proposed Mechanism
- 4.1 Proof of Soundness
- 5 Conclusion
- References
- Automated Analysis of Accountability
- 1 Introduction
- 2 Related Work
- 3 Definitions
- 4 Case Study I: Secure Exam Protocol
- 4.1 Analysis
- 5 Case Study II: Certificate Transparency
- 5.1 Certificate Transparency
- 5.2 Analysis
- 6 Case Study III: Bingo Voting
- 6.1 Analysis
- 7 Conclusion
- References
- Network and System Security
- Visualization of Intrusion Detection Alarms Collected from Multiple Networks
- 1 Introduction
- 2 Related Work
- 3 Motivation and Background
- 3.1 Threat Management System
- 4 Visualization of IDS alarms from multiple networks
- 4.1 Design Goals
- 4.2 Structure and Components
- 4.3 Additional Functions
- 4.4 Display of Special S-Events
- 5 Application of VisIDAC to S&T-CSC
- 5.1 Basic Setting
- 5.2 Overall Effects
- 6 Conclusion and Future Work
- References
- Curtain: Keep Your Hosts Away from USB Attacks
- 1 Introduction
- 2 Background and Threat Model
- 2.1 USB Work Flow
- 2.2 USB Devices' Enumeration in Windows
- 2.3 Existing Attack Methods
- 2.4 Threat Model
- 3 System Design
- 3.1 IRP Collector & Filter
- 3.2 Device Identifier
- 3.3 IRP Analyser
- 3.4 Anomaly Detector
- 4 Malicious Objects Detection
- 4.1 Unauthorized Access to Important Files Detection
- 4.2 Abnormal Behaviors Detection
- 4.3 Fake Device Type Claim
- 5 Evaluation
- 5.1 Functionality Evaluation
- 5.2 Performance Evaluation
- 6 Future Work
- 7 Discussion
- 7.1 Automatically Device Type Identification
- 7.2 Migration to Other OS
- 8 Conclusion
- References
- Author Index
