Browse Proceedings

RFID technology arouses great interests from both its advocates and opponents because of the promising but privacy-threatening nature of low-cost RFID tags. A main privacy concern in RFID systems results from clandestine scanning through which an ...

There has been considerable interest recently on developing a system to track items like pharmaceutical drugs or food products. Such a system can help prevent counterfeits, aid product recall, and improve general logistics. In this paper, we ...

In this paper, we study the solvability of fair exchange in the context of Byzantine failures. In doing so, we first present a generic model with trusted and untrusted processes, and propose a specification of the fair exchange problem that ...

This paper reports on a security analysis of the IEEE 1588 standard, a.k.a. Precise Time Protocol (PTP). We show that attackers can use the protocol to (a) incorrectly resynchronize clocks, (b) rearrange or disrupt the hierarchy of PTP clocks, (c) ...

A proxy signature enables an original signer to delegate her signing capability to a proxy signer and then the proxy signer can sign a message on behalf of the original signer. In this paper we propose an ID-based proxy signature scheme from ...

At PODC’05, Subramanian, Katz, Roth, Shenker and Stoica (SKRSS) introduced and formulated a new theoretical problem called reliable broadcast problems in unknown fixed-identity networks [3] and further proposed a feasible result to this problem. ...

One of the most commonly used two-factor authentication mechanisms is based on smart card and user’s password. Throughout the years, there have been many schemes proposed, but most of them have already been found flawed due to the lack of formal ...

We propose a hierarchical key-assignment method to reduce the ciphertext size in a black-box tracing scheme presented at ASIACRYPT 2004. Applying the proposed method to this scheme, the ciphertext size is reduced from to O(k+log(n/k)) without a ...

Cache based side-channel attacks have recently been attracted significant attention due to the new developments in the field. In this paper, we present an efficient trace-driven cache attack on a widely used implementation of the AES cryptosystem. ...

The notion of Oblivious Commitment Based Envelope (OCBE) was recently proposed; it enables attribute-based access control without revealing any information about the attributes. Previous OCBE protocols are designed by taking zero-knowledge proof ...

To facilitate managing access control in a system, security officers increasingly write access control policies in specification languages such as XACML, and use a dedicated software component called a Policy Decision Point (PDP). To increase ...

Trust management (TM) is an approach to access control in decentralized distributed systems with access control decisions based on statements made by multiple principals. Li et al. developed the RT family of Role-Based Trust-management languages, ...

SAM is a processor extension used to protect execution of dedicated programs by preventing data disclosure and program manipulations in a multitasking environment. This paper presents an operating system design based on the Linux kernel for SAM. ...

This paper studies the notion of point-based policies for trust management, and gives protocols for realizing them in a disclosure-minimizing fashion. Specifically, Bob values each credential with a certain number of points, and requires a minimum ...

When datasets are distributed on different sources, finding out matched data while preserving the privacy of the datasets is a widely required task. In this paper, we address two matching problems against the private datasets on N (N≥2) parties. ...

Radio Frequency Identification (RFID) systems promise large scale, automated tracking solutions but also pose a threat to customer privacy. The tree-based hash protocol proposed by Molnar and Wagner presents a scalable, privacy-preserving ...

This paper presents the concept of anonymous identification card, a technique enabling a card holder to demonstrates his/her authenticity without disclosing real identity. Anonymous identification card can be used in settings in which people need ...

Microprocessor devices, such as smart cards, are used more and more to store and protect secret information. This development has its advantages, but microprocessor devices are susceptible to various attacks. Much attention has been devoted to ...

Proxy encryption schemes transform cipher-text from one key to another without revealing the plain-text. Agents that execute such transformations are therefore minimally trusted in distributed systems leading to their usefulness in many ...

A low-rate DoS attack to iterative servers has recently appeared as a new approach for defeating services using rates of traffic that could be adjusted to bypass security detection mechanisms. Although the fundamentals and effectiveness of these ...

A function-parallel network firewall is a scalable architecture that consists of multiple firewalls. Rules are distributed across the array such that each firewall implements a portion of the original policy. This resutls in significantly lower ...

In order to resist an unauthorized use of the resources accessible through mobile terminals, masquerader detection means can be employed. In this paper, the problem of mobile-masquerader detection is approached as a classification problem, and the ...

Cooperation between participants is essential to P2P applications’ viability. Due to obscure possibility to match peers’ needs and supplies in pairs, the widely used pair-wise exchange-based incentive schemes perform poorly. The N-way exchange-...

Non-interference has become the standard criterion for ensuring confidentiality of sensitive data in the information flow literature. However, application of non-interference to practical software systems has been limited. This is partly due to ...

Self-modifying codes (SMC) refer to programs that intentionally modify themselves at runtime, causing the runtime code to differ from the static binary representation of the code before execution. Hence SMC is an effective method to obstruct ...

Modern computing environments depend on extensive shared libraries. In this paper, we propose monitoring the calls between those libraries as a new source of data for host-based anomaly detection. That is, we characterize an application by its use ...

Bugs in dynamic memory management, including for instance heap-based buffer overflows and dangling pointers, are an important source of vulnerabilities in C and C++. Overwriting the management information of the memory allocation library is often ...

Password authentication is an important mechanism for remote login systems, where only authorized users can be authenticated via using their passwords and/or some similar secrets. In 1999, Yang and Shieh [14] proposed two password authentication ...