发布求助
文献互助 智能选刊 最新文献

2013 International Conference on Security and Cryptography (SECRYPT)最新文献

筛选
英文 中文
Massive group message authentication with revocable anonymity 具有可撤销匿名性的海量组消息身份验证
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004509203310338
Boaz Catane, A. Herzberg
{"title":"Massive group message authentication with revocable anonymity","authors":"Boaz Catane, A. Herzberg","doi":"10.5220/0004509203310338","DOIUrl":"https://doi.org/10.5220/0004509203310338","url":null,"abstract":"We present and implement schemes for authenticating messages from a group of users to a recipient, with revocable anonymity and massive (very high) message rate. Our implementations present a trade-off between the efficiency and the security required: from online group managers that participate in every message sent to offline managers, from assuming a trusted group manager and a trusted recipient to securing against both entities. All implementations have the traceablity feature, allowing distributive and efficient tracing of all messages originating from a specific group member without violating anonymity of other members. In addition, our schemes are efficient and practical.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130488942","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
On the security of the XOR sandwiching paradigm for multiple keyed block ciphers 多密钥分组密码的异或夹心范式安全性研究
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004505903050312
R. Ii-Yung, Khoongming Khoo, R. Phan
{"title":"On the security of the XOR sandwiching paradigm for multiple keyed block ciphers","authors":"R. Ii-Yung, Khoongming Khoo, R. Phan","doi":"10.5220/0004505903050312","DOIUrl":"https://doi.org/10.5220/0004505903050312","url":null,"abstract":"While block cipher design is relatively mature, advances in computational power mean that the keylength of block ciphers, upon which the security relies entirely, becomes less resistant to cryptanalysis over time. Therefore, the security for a block cipher with a particular keylength typically is seen to last for at most some decades. One common approach to strengthen a block cipher's security is based on increasing its keylength. In the literature, two strategies have emerged: multiple keyed multiple encryption and multiple keyed XOR sandwiching. Known attacks on these such as Meet-in-the-Middle(Merkle and Hellman, 1981; van Oorschot and Wiener, 1991; Lucks, 1998) and Related-Key (J. Kelsey and Wagner, 1996; Choi et al., 1996; Vaudenay, 2011; Phan, 2004) attacks, show that Triple Encryption is significantly weaker than a brute-force attack would suggest, especially for block ciphers with small keys, such as the Data Encryption Standard (DES). This paper provides a comprehensive analysis on the security of the XOR sandwiching paradigm against known attacks for the case of multiple keyed triple encryption, without loss of generality, using DES as the underlying block cipher. In particular, we focus on DES-XEXEXEX variants, based on 2-Key and 3-Key Triple-DES, which involve performing the XOR for key-whitening before and after each encryption with an additional 64-bit key. One of the conclusions to be drawn from this work is the increased strength obtained from the XOR sandwiching paradigm while requiring little in terms of additional computational resources.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125709648","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Symmetric searchable encryption for exact pattern matching using directed Acyclic Word Graphs 对称可搜索加密的精确模式匹配使用有向无环字图
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004530004030410
Rolf Haynberg, Jochen Rill, Dirk Achenbach, J. Müller-Quade
{"title":"Symmetric searchable encryption for exact pattern matching using directed Acyclic Word Graphs","authors":"Rolf Haynberg, Jochen Rill, Dirk Achenbach, J. Müller-Quade","doi":"10.5220/0004530004030410","DOIUrl":"https://doi.org/10.5220/0004530004030410","url":null,"abstract":"Searchable Encryption schemes allow searching within encrypted data without prior decryption. Various index-based schemes have been proposed in the past, which are only adequate for certain use cases. There is a lack of schemes with exact pattern matching capabilities. We introduce Symmetric Searchable Encryption for Exact Pattern Matching, a new class of searchable encryption schemes. To this end, we define the XPM-SSE primitive and two privacy notions for the new primitive. Our own construction, SEDAWG, is a XPM-SSE scheme which uses Directed Acyclic Word Graphs. We discuss and prove its properties.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"262 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133695238","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Adaptive resource management for balancing availability and performance in cloud computing 用于平衡云计算中的可用性和性能的自适应资源管理
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004535902540264
R. Jhawar, V. Piuri
{"title":"Adaptive resource management for balancing availability and performance in cloud computing","authors":"R. Jhawar, V. Piuri","doi":"10.5220/0004535902540264","DOIUrl":"https://doi.org/10.5220/0004535902540264","url":null,"abstract":"Security, availability and performance are critical to meet service level agreements in most Cloud computing services. In this paper, we build on the virtual machine technology that allows software components to be cheaply moved, replicated, and allocated on the hardware infrastructure to devise a solution that ensures users availability and performance requirements in Cloud environments. To deal with failures and vulnerabilities also due to cyber-attacks, we formulate the availability and performance attributes in the users perspective and show that the two attributes may often be competing for a given application. We then present a heuristics-based approach that restores application's requirements in the failure and recovery events. Our algorithm uses Markov chains and queuing networks to estimate the availability and performance of different deployment contexts, and generates a set of actions to re-deploy a given application. By simulation, we show that our proposed approach improves the availability and lowers the degradation of system's response time compared to traditional static schemes.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115095685","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Towards cryptographic function distinguishers with evolutionary circuits 基于进化电路的密码函数区分器研究
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004524001350146
P. Švenda, Martin Ukrop, Vashek Matyás
{"title":"Towards cryptographic function distinguishers with evolutionary circuits","authors":"P. Švenda, Martin Ukrop, Vashek Matyás","doi":"10.5220/0004524001350146","DOIUrl":"https://doi.org/10.5220/0004524001350146","url":null,"abstract":"Cryptanalysis of a cryptographic function usually requires advanced cryptanalytical skills and extensive amount of human labour. However, some automation is possible, e.g., by using randomness testing suites like STS NIST (Rukhin, 2010) or Dieharder (Brown, 2004). These can be applied to test statistical properties of cryptographic function outputs. Yet such testing suites are limited only to predefined patterns testing particular statistical defects. We propose more open approach based on a combination of software circuits and evolutionary algorithms to search for unwanted statistical properties like next bit predictability, random data non-distinguishability or strict avalanche criterion. Software circuit that acts as a testing function is automatically evolved by a stochastic optimization algorithm and uses information leaked during cryptographic function evaluation. We tested this general approach on problem of finding a distinguisher (Englund et al., 2007) of outputs produced by several candidate algorithms for eStream competition from truly random sequences. We obtained similar results (with some exceptions) as those produced by STS NIST and Dieharder tests w.r.t. the number of rounds of the inspected algorithm. This paper focuses on providing solid assessment of the proposed approach w.r.t. STS NIST and Dieharder when applied over multiple different algorithms rather than obtaining best possible result for a particular one. Additionally, proposed approach is able to provide random distinguisher even when presented with very short sequence like 16 bytes only.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132131436","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
On the connection between t-closeness and differential privacy for data releases 数据发布的t贴近度与差分隐私之间的关系
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004500904780481
J. Domingo-Ferrer
{"title":"On the connection between t-closeness and differential privacy for data releases","authors":"J. Domingo-Ferrer","doi":"10.5220/0004500904780481","DOIUrl":"https://doi.org/10.5220/0004500904780481","url":null,"abstract":"t-Closeness was introduced as an improvement of the well-known k-anonymity privacy model for data release. On the other hand, e-differential privacy was originally proposed as a privacy property for answers to on-line database queries and it has been very welcome in academic circles. In spite of their quite diverse origins and motivations, we show in this paper that t-closeness and e-differential privacy actually provide related privacy guarantees when applied to off-line data release. Specifically, k-anonymity for the quasi-identifiers combined with differential privacy for the confidential attributes yields t-closeness in expectation.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134083527","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
A key-revocable attribute-based encryption for mobile cloud environments 用于移动云环境的基于密钥可撤销属性的加密
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004505300510061
T. Ishiguro, S. Kiyomoto, Yutaka Miyake
{"title":"A key-revocable attribute-based encryption for mobile cloud environments","authors":"T. Ishiguro, S. Kiyomoto, Yutaka Miyake","doi":"10.5220/0004505300510061","DOIUrl":"https://doi.org/10.5220/0004505300510061","url":null,"abstract":"In this paper, we propose a new Attribute-Based Encryption (ABE) scheme applicable to mobile cloud environments. A key issue in mobile cloud environments is how to reduce the computational cost on mobile devices and delegate the remaining computation to cloud environments. We also consider two additional issues: an efficient key revocation mechanism for ABE based on a concept of token-controlled public key encryption, and attribute hiding encryption from a cloud server. To reduce the computational cost on the client side, we propose an efficient ABE scheme jointly with secure computing on the server side. We analyze the security of our ABE scheme and evaluate the transaction time of primitive functions implemented on an Android mobile device and a PC. The transaction time of our encryption algorithm is within 150 msec for 89-bit security and about 600 msec for 128-bit security on the mobile device. Similarly, the transaction time of the decryption algorithm is within 50 msec for 89-bit security and 200 msec for 128-bit security.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123615930","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
iOS encryption systems: Deploying iOS devices in security-critical environments iOS加密系统:在安全要求较高的环境中部署iOS设备
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004526201700182
Peter Teufl, Thomas Zefferer, Christof Stromberger, Christoph Hechenblaikner
{"title":"iOS encryption systems: Deploying iOS devices in security-critical environments","authors":"Peter Teufl, Thomas Zefferer, Christof Stromberger, Christoph Hechenblaikner","doi":"10.5220/0004526201700182","DOIUrl":"https://doi.org/10.5220/0004526201700182","url":null,"abstract":"The high usability of smartphones and tablets is embraced by consumers as well as the private and public sector. However, especially in the non-consumer area the factor security plays a decisive role for the platform selection process. All of the current companies within the mobile device sector added a wide range of security features to the initially consumer-oriented devices (Apple, Google, Microsoft), or have dealt with security as a core feature from the beginning (RIM, now Blackerry). One of the key security features for protecting data on the device or in device backups are the encryption systems, which are deployed in most current devices. However, even under the assumption that the systems are implemented correctly, there is a wide range of parameters, specific use cases, and weaknesses that need to be considered by the security officer. As the first part in a series of papers, this work analyzes the deployment of the iOS platform and its encryption systems within a security-critical context from a security officer's perspective. Thereby, the different sub-systems, the influence of the developer, the applied configuration, and the susceptibility to various attacks are analyzed in detail. Based on these results we present a workflow that supports the security officer in analyzing the security of an iOS device and the installed applications within a security-critical context. This workflow is supported by various tools that were either developed by ourselves or are available from other sources.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122354003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
A preliminary application of generalized fault trees to security 广义故障树在安全中的初步应用
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004612606090614
D. Codetta-Raiteri
{"title":"A preliminary application of generalized fault trees to security","authors":"D. Codetta-Raiteri","doi":"10.5220/0004612606090614","DOIUrl":"https://doi.org/10.5220/0004612606090614","url":null,"abstract":"Fault trees (FT) are widespread models in the field of reliability, but they lack of modelling power. So, in the literature, several extensions have been proposed and introduced specific new modelling primitives. Attack trees (AT) have gained acceptance in the field of security. They follow the same notation of standard FT, but they represent the combinations of actions necessary for the success of an attack to a computing system. In this paper, we extend the AT formalism by exploiting the new primitives introduced in the FT extensions. This leads to more accurate models. The approach is applied to a case study: the AT is exploited to represent the attack mode and compute specific quantitative measures about the system security.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"76 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126159005","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Enhanced truncated differential cryptanalysis of GOST GOST的增强截断差分密码分析
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004532504110418
N. Courtois, Theodosis Mourouzis, M. Misztal
{"title":"Enhanced truncated differential cryptanalysis of GOST","authors":"N. Courtois, Theodosis Mourouzis, M. Misztal","doi":"10.5220/0004532504110418","DOIUrl":"https://doi.org/10.5220/0004532504110418","url":null,"abstract":"GOST is a well-known block cipher implemented in standard libraries such as OpenSSL, it has extremely low implementation cost and nothing seemed to threaten its high 256-bit security [CHES 2010]. In 2010 it was submitted to ISO to become a worldwide industrial standard. Then many new attacks on GOST have been found in particular some advanced differential attacks by Courtois and Misztal with complexity of 2179 which are based on distinguishers for 20 Rounds. In July 2012 Rudskoy et al claimed that these attacks fail when the S-boxes submitted to ISO 18033-3 are used. However, the authors failed to consider that these attacks need to be re-optimized again for this set of S-boxes. This is difficult because we have exponentially many sets of differentials. In this paper we present a basic heuristic methodology and a framework for constructing families of distinguishers and we introduce differential sets of a special new form dictated by the specific regular structure of GOST. We look at different major variants of GOST and we have been able to construct a distinguisher for 20 round for CryptoParamSetA and similar results for the new version of GOST submitted to ISO which is expected to be the strongest (!). Therefore there is absolutely no doubt that these versions of GOST are also broken by the same sort of attacks.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128873418","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信