发布求助
文献互助 智能选刊 最新文献

2013 International Conference on Security and Cryptography (SECRYPT)最新文献

筛选
英文 中文
Practical and exposure-resilient hierarchical ID-based authenticated key exchange without random oracles 实用且抗暴露的分层id认证密钥交换,无需随机oracle
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.1587/TRANSFUN.E97.A.1335
Kazuki Yoneyama
{"title":"Practical and exposure-resilient hierarchical ID-based authenticated key exchange without random oracles","authors":"Kazuki Yoneyama","doi":"10.1587/TRANSFUN.E97.A.1335","DOIUrl":"https://doi.org/10.1587/TRANSFUN.E97.A.1335","url":null,"abstract":"ID-based authenticated key exchange (ID-AKE) is a cryptographic tool to establish a common session key between parties with authentication based on their IDs. If IDs contain some hierarchical structure such as an email address, hierarchical ID-AKE (HID-AKE) is especially suitable because of scalability. However, most of existing HID-AKE schemes do not satisfy advanced security properties such as forward secrecy, and the only known strongly secure HID-AKE scheme is inefficient. In this paper, we propose a new HID-AKE scheme which achieves both strong security and efficiency. We prove that our scheme is eCK-secure (which ensures maximal-exposure-resilience including forward secrecy) without random oracles, while existing schemes is proved in the random oracle model. Moreover, the number of messages and pairing operations are independent of the hierarchy depth; that is, really scalable and practical for a large-system.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"150 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116337240","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Development of device identity using WiFi layer 2 management frames for combating Rogue APs 利用WiFi第二层管理框架开发设备身份识别以对抗流氓ap
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004506404880493
J. Milliken, Valerio Selis, K. Yap, A. Marshall
{"title":"Development of device identity using WiFi layer 2 management frames for combating Rogue APs","authors":"J. Milliken, Valerio Selis, K. Yap, A. Marshall","doi":"10.5220/0004506404880493","DOIUrl":"https://doi.org/10.5220/0004506404880493","url":null,"abstract":"The susceptibility of WiFi networks to Rogue Access Point attacks derives from the lack of identity for 802.11 devices. The most common means of detecting these attacks in current research is through tracking the credentials or the location of unauthorised and possibly malicious APs. In this paper, the authors outline a method of distinguishing WiFi Access Points using 802.11 MAC layer management frame traffic profiles. This system does not require location estimation or credential tracking techniques as used in current research techniques, which are known to be inaccurate. These characteristic management traffic profiles are shown to be unique for each device, tantamount to a MAC identity. The application of this technique to solving Rogue AP attacks under the constraints of an open access, public WiFi environment is discussed with the conclusion that the identity is practically very difficult to forge.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123535404","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
A model-driven approach for securing software architectures 用于保护软件体系结构的模型驱动方法
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004611305950602
M. A. Neri, M. Guarnieri, E. Magri, S. Mutti, S. Paraboschi
{"title":"A model-driven approach for securing software architectures","authors":"M. A. Neri, M. Guarnieri, E. Magri, S. Mutti, S. Paraboschi","doi":"10.5220/0004611305950602","DOIUrl":"https://doi.org/10.5220/0004611305950602","url":null,"abstract":"Current IT systems consist usually of several components and services that communicate and exchange data over the Internet. They have security requirements that aim at avoiding information disclosure and at showing compliance with government regulations. In order to effectively handle the security management of complex IT systems, techniques are needed to help the security administrator in the design and configuration of the security architecture. We propose a model-driven security approach for the design and generation of concrete security configurations for software architectures. In our approach the system architect models the architecture of the system by means of UML class diagrams, and then the security administrator adds security requirements to the model by means of Security4UML, a UML profile. From the model enriched with security requirements, the concrete security configuration is derived in a semi-automated way. We present a tool that supports this model-driven approach, and a case study that involves a distributed multi-user meeting scheduler application.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126141063","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Policy-based non-interactive outsourcing of computation using multikey FHE and CP-ABE 使用多键FHE和CP-ABE的基于策略的非交互式计算外包
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004534304440452
Michael Clear, C. McGoldrick
{"title":"Policy-based non-interactive outsourcing of computation using multikey FHE and CP-ABE","authors":"Michael Clear, C. McGoldrick","doi":"10.5220/0004534304440452","DOIUrl":"https://doi.org/10.5220/0004534304440452","url":null,"abstract":"We consider the problem of outsourced computation that operates on encrypted inputs supplied by multiple independent parties. To facilitate fine-grained access control, it would be desirable if each party could encrypt her input under an appropriate access policy. Moreover, a party should only be authorized to decrypt the result of a computation performed on a set of encrypted inputs if his credentials satisfy the composition of all input policies. There has been limited success so far achieving homomorphic encryption in the functional setting; that is, for primitives such as Ciphertext-Policy Attribute Based Encryption (CP-ABE) and Identity Based Encryption (IBE). We introduce a new primitive that captures homomorphic encryption with support for access policies and policy composition. We then present a generic construction using CP-ABE and multikey Fully-Homomorphic encryption (FHE). Furthermore, we show that a CP-ABE scheme that is homomorphic for circuits of polylogarithmic depth in some parameter m implies a CP-ABE scheme that is homomorphic for circuits of arity m and unbounded depth.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122377592","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Secure computation of hidden Markov models 隐马尔可夫模型的安全计算
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004533502420253
Mehrdad Aliasgari, Marina Blanton
{"title":"Secure computation of hidden Markov models","authors":"Mehrdad Aliasgari, Marina Blanton","doi":"10.5220/0004533502420253","DOIUrl":"https://doi.org/10.5220/0004533502420253","url":null,"abstract":"Hidden Markov Model (HMM) is a popular statistical tool with a large number of applications in pattern recognition. In some of such applications, including speaker recognition in particular, the computation involves personal data that can identify individuals and must be protected. For that reason, we develop privacy-preserving techniques for HMM and Gaussian mixture model (GMM) computation suitable for use in speaker recognition and other applications. Unlike prior work, our solution uses floating point arithmetic, which allows us to simultaneously achieve high accuracy, provable security guarantees, and reasonable performance. We develop techniques for both two-party HMM and GMM computation based on threshold homomorphic encryption and multi-party computation based on threshold linear secret sharing, which are suitable for secure collaborative computation as well as secure outsourcing.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"63 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133040169","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
AVON: A fast Hash function for Intel SIMD architectures 雅芳:一个快速哈希函数为英特尔SIMD架构
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004502104820487
Matt Henricksen, S. Kiyomoto
{"title":"AVON: A fast Hash function for Intel SIMD architectures","authors":"Matt Henricksen, S. Kiyomoto","doi":"10.5220/0004502104820487","DOIUrl":"https://doi.org/10.5220/0004502104820487","url":null,"abstract":"In this paper, we propose a hash function that takes advantage of the AES-NI and other Single-Instruction Multiple-Data operations on Intel x64 platforms to generate digests very efficiently. It is suitable for applications in which a server needs to securely hash electronic documents at a rate of several cycles/byte. This makes it much more efficient for certain applications than SHA-2, SHA-3 or any of the SHA-3 finalists. On the common Sandy Bridge micro-architecture, our hash function, AVON, has a throughput of 2.65 cycles per byte while retaining a high degree of security.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123752181","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Privacy-enhanced perceptual hashing of audio data 增强隐私的音频数据感知哈希
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004532605490554
H. Knospe
{"title":"Privacy-enhanced perceptual hashing of audio data","authors":"H. Knospe","doi":"10.5220/0004532605490554","DOIUrl":"https://doi.org/10.5220/0004532605490554","url":null,"abstract":"Audio hashes are compact and robust representations of audio data and allow the efficient identification of specific recordings and their transformations. Audio hashing for music identification is well established and similar algorithms can also be used for speech data. A possible application is the identification of replayed telephone spam. This contribution investigates the security and privacy issues of perceptual hashes and follows an information-theoretic approach. The entropy of the hash should be large enough to prevent the exposure of audio content. We propose a privacy-enhanced randomized audio hash and analyze its entropy as well as its robustness and discrimination power over a large number of hashes.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127259835","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Extending the ciphertext-policy attribute based encryption scheme for supporting flexible access control 扩展了基于cipher -policy属性的加密方案,支持灵活的访问控制
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004525801470157
B. Lang, Runhua Xu, Yawei Duan
{"title":"Extending the ciphertext-policy attribute based encryption scheme for supporting flexible access control","authors":"B. Lang, Runhua Xu, Yawei Duan","doi":"10.5220/0004525801470157","DOIUrl":"https://doi.org/10.5220/0004525801470157","url":null,"abstract":"Ciphertext-Policy Attribute Based Encryption (CP-ABE) is recognized as an important data protection mechanism in cloud computing environment for its flexible, scalable and fine-grained access control features. For enhancing its security, efficiency and policy flexibility, researchers have proposed different schemes of CP-ABE which have different kinds of access policy structures. However, as far as we know, most of these structures only support AND, OR and threshold attribute operations. In order to achieve more effective data self-protection mechanisms in open environments such as Cloud computing, CP-ABE needs to support more flexible attribute based policies, most of which are described using operators of NOT, <, ≤, >, ≥. This paper proposed an Extended CP-ABE(ECP-ABE) scheme based on the existing CP-ABE scheme. The ECP-ABE scheme can express any access policy represented by arithmetic comparison and logical expressions that involve NOT, <, ≤, >, ≥ operators in addition to AND, OR and threshold operators. We prove the Chosen-plaintext Attack (CPA) security of our scheme under the Decisional Bilinear Diffie-Hellman (DBDH) assumption in the standard model, and also discuss the experimental results of the efficiency of ECP-ABE.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128452076","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
LMM: A common component for software license management on cloud LMM:用于云上软件许可证管理的通用组件
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004504502840295
S. Kiyomoto, André Rein, Yuto Nakano, C. Rudolph, Yutaka Miyake
{"title":"LMM: A common component for software license management on cloud","authors":"S. Kiyomoto, André Rein, Yuto Nakano, C. Rudolph, Yutaka Miyake","doi":"10.5220/0004504502840295","DOIUrl":"https://doi.org/10.5220/0004504502840295","url":null,"abstract":"On a cloud environment, the platform that runs a program is not fixed, and there is a possibility that a program runs on several servers in a cloud environment. Transferability of the license information by a valid user should be allowed, even though general requirements for license management have to be satisfied. In this paper, we consider software license management models for cloud environments, and discuss security functions for building secure license management schemes. We show four license management models and analyze the security requirements for the models. Then, we design a common component referred to as the license management module (LMM), and explain the security functions required for the LMM. Furthermore, we discuss how to realize the security functions and evaluate their performance using a prototype implementation.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129194785","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Behavior-based Malware analysis using profile hidden Markov models 基于行为的恶意软件分析使用配置文件隐马尔可夫模型
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004528201950206
S. Ravi, N. Balakrishnan, Bharath Venkatesh
{"title":"Behavior-based Malware analysis using profile hidden Markov models","authors":"S. Ravi, N. Balakrishnan, Bharath Venkatesh","doi":"10.5220/0004528201950206","DOIUrl":"https://doi.org/10.5220/0004528201950206","url":null,"abstract":"In the area of malware analysis, static binary analysis techniques are becoming increasingly difficult with the code obfuscation methods and code packing employed when writing the malware. The behavior-based analysis techniques are being used in large malware analysis systems because of this reason. In these dynamic analysis systems, the malware samples are executed and monitored in a controlled environment using tools such as CWSandbox(Willems et al., 2007). In previous works, a number of clustering and classification techniques from machine learning and data mining have been used to classify the malwares into families and to identify even new malware families, from the behavior reports. In our work, we propose to use the Profile Hidden Markov Model to classify the malware files into families or groups based on their behavior on the host system. PHMM has been used extensively in the area of bioinformatics to search for similar protein and DNA sequences in a large database. We see that using this particular model will help us overcome the hurdle posed by polymorphism that is common in malware today. We show that the classification accuracy is high and comparable with the state-of-art-methods, even when using very few training samples for building models. The experiments were on a dataset with 24 families initially, and later using a larger dataset with close to 400 different families of malware. A fast clustering method to group malware with similar behaviour following the scoring on the PHMM profile database was used for the large dataset. We have presented the challenges in the evaluation methods and metrics of clustering on large number of malware files and show the effectiveness of using profile hidden model models for known malware families.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117013082","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信