发布求助
文献互助 智能选刊 最新文献

2013 IEEE Symposium on Security and Privacy最新文献

筛选
英文 中文
Implementing TLS with Verified Cryptographic Security 使用经过验证的加密安全性实现TLS
2013 IEEE Symposium on Security and Privacy Pub Date : 2013-05-19 DOI: 10.1109/SP.2013.37
K. Bhargavan, C. Fournet, Markulf Kohlweiss, A. Pironti, Pierre-Yves Strub
{"title":"Implementing TLS with Verified Cryptographic Security","authors":"K. Bhargavan, C. Fournet, Markulf Kohlweiss, A. Pironti, Pierre-Yves Strub","doi":"10.1109/SP.2013.37","DOIUrl":"https://doi.org/10.1109/SP.2013.37","url":null,"abstract":"TLS is possibly the most used protocol for secure communications, with a 18-year history of flaws and fixes, ranging from its protocol logic to its cryptographic design, and from the Internet standard to its diverse implementations. We develop a verified reference implementation of TLS 1.2. Our code fully supports its wire formats, ciphersuites, sessions and connections, re-handshakes and resumptions, alerts and errors, and data fragmentation, as prescribed in the RFCs; it interoperates with mainstream web browsers and servers. At the same time, our code is carefully structured to enable its modular, automated verification, from its main API down to computational assumptions on its cryptographic algorithms. Our implementation is written in F# and specified in F7. We present security specifications for its main components, such as authenticated stream encryption for the record layer and key establishment for the handshake. We describe their verification using the F7 typechecker. To this end, we equip each cryptographic primitive and construction of TLS with a new typed interface that captures its security properties, and we gradually replace concrete implementations with ideal functionalities. We finally typecheck the protocol state machine, and obtain precise security theorems for TLS, as it is implemented and deployed. We also revisit classic attacks and report a few new ones.","PeriodicalId":129633,"journal":{"name":"2013 IEEE Symposium on Security and Privacy","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125083931","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 188
Efficient Garbling from a Fixed-Key Blockcipher 固定密钥密码的有效乱码
2013 IEEE Symposium on Security and Privacy Pub Date : 2013-05-19 DOI: 10.1109/SP.2013.39
M. Bellare, V. Hoang, S. Keelveedhi, P. Rogaway
{"title":"Efficient Garbling from a Fixed-Key Blockcipher","authors":"M. Bellare, V. Hoang, S. Keelveedhi, P. Rogaway","doi":"10.1109/SP.2013.39","DOIUrl":"https://doi.org/10.1109/SP.2013.39","url":null,"abstract":"We advocate schemes based on fixed-key AES as the best route to highly efficient circuit-garbling. We provide such schemes making only one AES call per garbled-gate evaluation. On the theoretical side, we justify the security of these methods in the random-permutation model, where parties have access to a public random permutation. On the practical side, we provide the Just Garble system, which implements our schemes. Just Garble evaluates moderate-sized garbled-circuits at an amortized cost of 23.2 cycles per gate (7.25 nsec), far faster than any prior reported results.","PeriodicalId":129633,"journal":{"name":"2013 IEEE Symposium on Security and Privacy","volume":"95 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126076075","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 325
Finding the Linchpins of the Dark Web: a Study on Topologically Dedicated Hosts on Malicious Web Infrastructures 寻找暗网的关键:恶意Web基础设施拓扑专用主机的研究
2013 IEEE Symposium on Security and Privacy Pub Date : 2013-05-19 DOI: 10.1109/SP.2013.18
Zhou Li, Sumayah A. Alrwais, Yinglian Xie, Fang Yu, Xiaofeng Wang
{"title":"Finding the Linchpins of the Dark Web: a Study on Topologically Dedicated Hosts on Malicious Web Infrastructures","authors":"Zhou Li, Sumayah A. Alrwais, Yinglian Xie, Fang Yu, Xiaofeng Wang","doi":"10.1109/SP.2013.18","DOIUrl":"https://doi.org/10.1109/SP.2013.18","url":null,"abstract":"Malicious Web activities continue to be a major threat to the safety of online Web users. Despite the plethora forms of attacks and the diversity of their delivery channels, in the back end, they are all orchestrated through malicious Web infrastructures, which enable miscreants to do business with each other and utilize others' resources. Identifying the linchpins of the dark infrastructures and distinguishing those valuable to the adversaries from those disposable are critical for gaining an upper hand in the battle against them. In this paper, using nearly 4 million malicious URL paths crawled from different attack channels, we perform a large-scale study on the topological relations among hosts in the malicious Web infrastructure. Our study reveals the existence of a set of topologically dedicated malicious hosts that play orchestrating roles in malicious activities. They are well connected to other malicious hosts and do not receive traffic from legitimate sites. Motivated by their distinctive features in topology, we develop a graph-based approach that relies on a small set of known malicious hosts as seeds to detect dedicate malicious hosts in a large scale. Our method is general across the use of different types of seed data, and results in an expansion rate of over 12 times in detection with a low false detection rate of 2%. Many of the detected hosts operate as redirectors, in particular Traffic Distribution Systems (TDSes) that are long-lived and receive traffic from new attack campaigns over time. These TDSes play critical roles in managing malicious traffic flows. Detecting and taking down these dedicated malicious hosts can therefore have more impact on the malicious Web infrastructures than aiming at short-lived doorways or exploit sites.","PeriodicalId":129633,"journal":{"name":"2013 IEEE Symposium on Security and Privacy","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130210389","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 113
Ally Friendly Jamming: How to Jam Your Enemy and Maintain Your Own Wireless Connectivity at the Same Time 友军干扰:如何在干扰敌人的同时保持自己的无线连接
2013 IEEE Symposium on Security and Privacy Pub Date : 2013-05-19 DOI: 10.1109/SP.2013.22
Wenbo Shen, P. Ning, Xiaofan He, H. Dai
{"title":"Ally Friendly Jamming: How to Jam Your Enemy and Maintain Your Own Wireless Connectivity at the Same Time","authors":"Wenbo Shen, P. Ning, Xiaofan He, H. Dai","doi":"10.1109/SP.2013.22","DOIUrl":"https://doi.org/10.1109/SP.2013.22","url":null,"abstract":"This paper presents a novel mechanism, called Ally Friendly Jamming, which aims at providing an intelligent jamming capability that can disable unauthorized (enemy) wireless communication but at the same time still allow authorized wireless devices to communicate, even if all these devices operate at the same frequency. The basic idea is to jam the wireless channel continuously but properly control the jamming signals with secret keys, so that the jamming signals are unpredictable interference to unauthorized devices, but are recoverable by authorized ones equipped with the secret keys. To achieve the ally friendly jamming capability, we develop new techniques to generate ally jamming signals, to identify and synchronize with multiple ally jammers. This paper also reports the analysis, implementation, and experimental evaluation of ally friendly jamming on a software defined radio platform. Both the analytical and experimental results indicate that the proposed techniques can effectively disable enemy wireless communication and at the same time maintain wireless communication between authorized devices.","PeriodicalId":129633,"journal":{"name":"2013 IEEE Symposium on Security and Privacy","volume":"137 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132436149","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 72
A Hybrid Architecture for Interactive Verifiable Computation 交互式可验证计算的混合体系结构
2013 IEEE Symposium on Security and Privacy Pub Date : 2013-05-19 DOI: 10.1109/SP.2013.48
Victor Vu, Srinath T. V. Setty, A. Blumberg, Michael Walfish
{"title":"A Hybrid Architecture for Interactive Verifiable Computation","authors":"Victor Vu, Srinath T. V. Setty, A. Blumberg, Michael Walfish","doi":"10.1109/SP.2013.48","DOIUrl":"https://doi.org/10.1109/SP.2013.48","url":null,"abstract":"We consider interactive, proof-based verifiable computation: how can a client machine specify a computation to a server, receive an answer, and then engage the server in an interactive protocol that convinces the client that the answer is correct, with less work for the client than executing the computation in the first place? Complexity theory and cryptography offer solutions in principle, but if implemented naively, they are ludicrously expensive. Recently, however, several strands of work have refined this theory and implemented the resulting protocols in actual systems. This work is promising but suffers from one of two problems: either it relies on expensive cryptography, or else it applies to a restricted class of computations. Worse, it is not always clear which protocol will perform better for a given problem.We describe a system that (a) extends optimized refinements of the non-cryptographic protocols to a much broader class of computations, (b) uses static analysis to fail over to the cryptographic ones when the non-cryptographic ones would be more expensive, and (c) incorporates this core into a built system that includes a compiler for a high-level language, a distributed server, and GPU acceleration. Experimental results indicate that our system performs better and applies more widely than the best in the literature.","PeriodicalId":129633,"journal":{"name":"2013 IEEE Symposium on Security and Privacy","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115514948","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 153
An Ideal-Security Protocol for Order-Preserving Encoding 一种理想的保序编码安全协议
2013 IEEE Symposium on Security and Privacy Pub Date : 2013-05-19 DOI: 10.1109/SP.2013.38
R. A. Popa, Frank H. Li, N. Zeldovich
{"title":"An Ideal-Security Protocol for Order-Preserving Encoding","authors":"R. A. Popa, Frank H. Li, N. Zeldovich","doi":"10.1109/SP.2013.38","DOIUrl":"https://doi.org/10.1109/SP.2013.38","url":null,"abstract":"Order-preserving encryption - an encryption scheme where the sort order of ciphertexts matches the sort order of the corresponding plaintexts - allows databases and other applications to process queries involving order over encrypted data efficiently. The ideal security guarantee for order-preserving encryption put forth in the literature is for the ciphertexts to reveal no information about the plaintexts besides order. Even though more than a dozen schemes were proposed, all these schemes leak more information than order. This paper presents the first order-preserving scheme that achieves ideal security. Our main technique is mutable ciphertexts, meaning that over time, the ciphertexts for a small number of plaintext values change, and we prove that mutable ciphertexts are needed for ideal security. Our resulting protocol is interactive, with a small number of interactions. We implemented our scheme and evaluated it on microbenchmarks and in the context of an encrypted MySQL database application. We show that in addition to providing ideal security, our scheme achieves 1 - 2 orders of magnitude higher performance than the state-of-the-art order-preserving encryption scheme, which is less secure than our scheme.","PeriodicalId":129633,"journal":{"name":"2013 IEEE Symposium on Security and Privacy","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116941775","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 373
Hiding Information in Flash Memory 在闪存中隐藏信息
2013 IEEE Symposium on Security and Privacy Pub Date : 2013-05-19 DOI: 10.1109/SP.2013.26
Yinglei Wang, Wing-Kei S. Yu, Sarah Q. Xu, E. Kan, G. Suh
{"title":"Hiding Information in Flash Memory","authors":"Yinglei Wang, Wing-Kei S. Yu, Sarah Q. Xu, E. Kan, G. Suh","doi":"10.1109/SP.2013.26","DOIUrl":"https://doi.org/10.1109/SP.2013.26","url":null,"abstract":"This paper introduces a novel information hiding technique for Flash memory. The method hides data within an analog characteristic of Flash, the program time of individual bits. Because the technique uses analog behaviors, normal Flash memory operations are not affected and hidden information is invisible in the data stored in the memory. Even if an attacker checks a Flash chip's analog characteristics, experimental results indicate that the hidden information is difficult to distinguish from inherent manufacturing variation or normal wear on the device. Moreover, the hidden data can survive erasure of the Flash memory data, and the technique can be used on current Flash chips without hardware changes.","PeriodicalId":129633,"journal":{"name":"2013 IEEE Symposium on Security and Privacy","volume":"120 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117301753","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 25
Ghost Talk: Mitigating EMI Signal Injection Attacks against Analog Sensors 鬼话:减轻对模拟传感器的EMI信号注入攻击
2013 IEEE Symposium on Security and Privacy Pub Date : 2013-05-19 DOI: 10.1109/SP.2013.20
Denis Foo Kune, John D. Backes, Shane S. Clark, D. Kramer, M. Reynolds, Kevin Fu, Yongdae Kim, Wenyuan Xu
{"title":"Ghost Talk: Mitigating EMI Signal Injection Attacks against Analog Sensors","authors":"Denis Foo Kune, John D. Backes, Shane S. Clark, D. Kramer, M. Reynolds, Kevin Fu, Yongdae Kim, Wenyuan Xu","doi":"10.1109/SP.2013.20","DOIUrl":"https://doi.org/10.1109/SP.2013.20","url":null,"abstract":"Electromagnetic interference (EMI) affects circuits by inducing voltages on conductors. Analog sensing of signals on the order of a few millivolts is particularly sensitive to interference. This work (1) measures the susceptibility of analog sensor systems to signal injection attacks by intentional, low-power emission of chosen electromagnetic waveforms, and (2) proposes defense mechanisms to reduce the risks. Our experiments use specially crafted EMI at varying power and distance to measure susceptibility of sensors in implantable medical devices and consumer electronics. Results show that at distances of 1-2m, consumer electronic devices containing microphones are vulnerable to the injection of bogus audio signals. Our measurements show that in free air, intentional EMI under 10 W can inhibit pacing and induce defibrillation shocks at distances up to 1-2m on implantable cardiac electronic devices. However, with the sensing leads and medical devices immersed in a saline bath to better approximate the human body, the same experiment decreases to about 5 cm. Our defenses range from prevention with simple analog shielding to detection with a signal contamination metric based on the root mean square of waveform amplitudes. Our contribution to securing cardiac devices includes a novel defense mechanism that probes for forged pacing pulses inconsistent with the refractory period of cardiac tissue.","PeriodicalId":129633,"journal":{"name":"2013 IEEE Symposium on Security and Privacy","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125153695","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 219
Caveat Coercitor: Coercion-Evidence in Electronic Voting 警告强制:电子投票中的强制证据
2013 IEEE Symposium on Security and Privacy Pub Date : 2013-05-19 DOI: 10.1109/SP.2013.32
Gurchetan S. Grewal, Mark Ryan, Sergiu Bursuc, P. Ryan
{"title":"Caveat Coercitor: Coercion-Evidence in Electronic Voting","authors":"Gurchetan S. Grewal, Mark Ryan, Sergiu Bursuc, P. Ryan","doi":"10.1109/SP.2013.32","DOIUrl":"https://doi.org/10.1109/SP.2013.32","url":null,"abstract":"The balance between coercion-resistance, election verifiability and usability remains unresolved in remote electronic voting despite significant research over the last few years. We propose a change of perspective, replacing the requirement of coercion-resistance with a new requirement of coercion-evidence: there should be public evidence of the amount of coercion that has taken place during a particular execution of the voting system. We provide a formal definition of coercion-evidence that has two parts. Firstly, there should be a coercion-evidence test that can be performed against the bulletin board to accurately determine the degree of coercion that has taken place in any given run. Secondly, we require coercer independence, that is the ability of the voter to follow the protocol without being detected by the coercer. To show how coercion-evidence can be achieved, we propose a new remote voting scheme, Caveat Coercitor, and we prove that it satisfies coercion-evidence. Moreover, Caveat Coercitor makes weaker trust assumptions than other remote voting systems, such as JCJ/Civitas and Helios, and has better usability properties.","PeriodicalId":129633,"journal":{"name":"2013 IEEE Symposium on Security and Privacy","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122812346","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 59
Welcome to the Entropics: Boot-Time Entropy in Embedded Devices 欢迎来到《熵:嵌入式设备的启动时间熵》
2013 IEEE Symposium on Security and Privacy Pub Date : 2013-05-19 DOI: 10.1109/SP.2013.46
K. Mowery, M. Wei, David Kohlbrenner, H. Shacham, S. Swanson
{"title":"Welcome to the Entropics: Boot-Time Entropy in Embedded Devices","authors":"K. Mowery, M. Wei, David Kohlbrenner, H. Shacham, S. Swanson","doi":"10.1109/SP.2013.46","DOIUrl":"https://doi.org/10.1109/SP.2013.46","url":null,"abstract":"We present three techniques for extracting entropy during boot on embedded devices. Our first technique times the execution of code blocks early in the Linux kernel boot process. It is simple to implement and has a negligible runtime overhead, but, on many of the devices we test, gathers hundreds of bits of entropy. Our second and third techniques, which run in the bootloader, use hardware features - DRAM decay behavior and PLL locking latency, respectively -- and are therefore less portable and less generally applicable, but their behavior is easier to explain based on physically unpredictable processes. We implement and measure the effectiveness of our techniques on ARM-, MIPS-, and AVR32-based systems-on-a-chip from a variety of vendors.","PeriodicalId":129633,"journal":{"name":"2013 IEEE Symposium on Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131820807","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信