Information security : 5th International Conference, ISC 2002, Sao Paulo, Brazil, September 30-October 2, 2002 : proceedings
معرفی کتاب «Information security : 5th International Conference, ISC 2002, Sao Paulo, Brazil, September 30-October 2, 2002 : proceedings» نوشتهٔ Agnes Hui Chan (editor), Virgil Gligor (editor)، منتشرشده توسط نشر Springer Berlin Heidelberg : Imprint: Springer. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
As distinct from other security and cryptography conferences, the Information Security Conference (ISC) 2002 brought together individuals involved in a wide variety of different disciplines of information security to foster the exchange of ideas. The conference is an outgrowth of the Information Security Workshop, first held in Ishikawa, Japan 1997. ISC 2002 was held in Sao Paulo, Brazil, on September 30– October 2, 2002. The Program Committee considered 81 submissions of which 38 papers were accepted for presentation. These proceedings contain revised versions of the accepted papers. The papers provide a representative sample of both the variety and the truly international scope of information security research conducted currently. The topics addressed range from e-commerce protocols to access control and trust management, and to cryptography and cryptographic algorithms. Many people deserve our gratitude for their contribution to the success of the conference. We would like to thank the General Chair, Routo Terada, for overseeing the local arrangements, including registration and maintaining the conference website, and for the smooth running of the conference. We are grateful to Robbie Ye for his expert help in processing the electronic submissions, reviews and acceptance notifications. Robbie’s enthusiasm and energy greatly simplified the Program Committee’s task of conducting the on-line evaluation of the submitted papers under tight time constraints. Cover Title page Copyright page Preface Information Security Conference 2002 Conference Chair Program Co-chair Program Committee Table of Contents Real-Time Intruder Tracing through Self-Replication 1 Introduction 2 Preliminaries 2.1 States, Events, and Logs 2.2 A Trusted Domain and a Security Domain 2.3 Real-Time Intruder Tracing 3 Self-Replication 4 Security Domain Extension for Real-Time Intruder Tracing 5 Implementation 5.1 HUNTER: Real-Time Intruder Tracing System 5.2 Intruder Tracing by the HUNTER 5.3 Implementation Example 6 Performance Evaluations 6.1 Intruder Tracing Rate by the Initial Location of a Security Domain 6.2 Intruder Tracing Rate by the Attack Range 7 Conclusions References On the Difficulty of Protecting Private Keys in Software 1 Introduction 2 Preliminaries 2.1 Notation 2.2 Basic Model 3 Protecting Private Keys in Software 3.1 Networked Cryptographic Device 3.2 Generic Key Retrieval Protocol Device Initialization Key Retrieval. 3.3 RSA Signature Protocol 4 On the Difficulties 4.1 Adversaries 4.2 Capturing vs. Attaching 4.3 Finding New Threats 4.4 Misunderstanding Adversaries 5 Augmentation 5.1 Augmented Password Verification 5.2 Augmented Initialization with a Trusted Server 5.3 Including Time Stamps 5.4 Augmented Key Retrieval Protocol 5.5 Augmented RSA Signature Protocol 6 Conclusion References Intrusion Detection with Support Vector Machines and Generative Models Introduction Models for Attacks Attack Trees Hidden Markov Models for Attack Trees Real Valued Feature Vectors from Traces The SVM Algorithm and Numerical Experiments SVM Classification Using Reduced HMMs SVM Classification Using Gappy-Bigram Count Feature Vectors Conclusions Acknowledgments References Small and High-Speed Hardware Architectures for the 3GPP Standard Cipher KASUMI Introduction KASUMI Algorithm Round Functions 2.2 Key Scheduling 2.3 f8 and f9 Algorithms Compact Data Path Architectures KASUMI Encryption Data Path Key Scheduler Data Path Sharing between f8 and f9 Hardware Performance Comparisons 4.1 ASIC Comparison 4.2 Comparison in FPGAs Conclusion References Fast Software Implementations of SC2000 Introduction Environment and State-of-the-Art Description of Target Processor Description of General Environment Overview of Related Results Main Contributions Choice of Implementation Strategy Summary of Results Implementations of Rijndael and RC6 Conclusions and Further Work Conclusions Further Work Acknowledgments References Timing Comparative Analysis of the Hardware Implementations of Hash Functions SHA-1 and SHA-512 1 Introduction 2 Functional Comparison 3 Design Methodology 4 Hardware Architectures 5 Testing Procedure 6 Results 7 Possible Extensions 8 Summary References Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG Introduction Overview The Attack Uncompressed Data Compressed Data PGP GnuPG OpenPGP Vulnerabilities Recommendations Acknowledgments References Role-Based Access Control for E-commerce Sea-of-Data Applications Introduction SPKI MARISM-A Static Agents Mobile Agents with Explicit Itinerary Access Control for SoD Applications Authorization Manager (AM) Role Manager (RM) Certificate Repository Manager (CRM) Resource Manager (DM) Example Application Access Control Management Roles Mobile Agent Authorization Distribution of Role Management Distribution of Authorization Management Distribution of the Certificate Repository Conclusions and Further Work Acknowledgments References An Access Control Model for Tree Data Structures 1 Introduction 2 Tree Data Structure 2.1 Definition 2.2 A Language for Addressing Nodes 3 Access Control Model 3.1 Subjects and Objects 3.2 Security Policy 3.3 Access Control Algorithms 3.4 Security Policy Control Language 4 An Access Control Model for XML Data Structures 5 Comparison with Related Works View-Based Access Control Model (VACM) for the SNMP Protocol Lightweight Directory Access Protocol (LDAP) Web Servers File Systems Security Models for Object-Oriented Databases Access Control Models for XML Documents 6 Conclusion References A New Design of Privilege Management Infrastructure for Organizations Using Outsourced PKI Introduction Previous Solutions for Authorization Management Authorization with Attribute Certificates: From PKI to PMI Mutual Independence of the Infrastructures Outsourcing the PKI A New Scheme of PMI System Operation Conclusions References Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks 1 Introduction 1.1 Related Results 1.2 Overview of Our Results The E-residue Attack and the Interactive Protocol E-residue Attack An Interactive Protocol Our Protocol Efficiency The Interactive Protocol Computational Complexity Network and Storage Efficiency Further Optimization -- Public Key Caching Conclusion Remarks References Quantifying Privacy Leakage through Answering Database Queries Introduction Data Representation and Query Language The Information States The Value of Information Privacy Protection by Pricing Mechanism Basic Scheme Usefulness of Information Related Works Conclusion References A New Offline Privacy Protecting E-cash System with Revokable Anonymity Introduction Notations and Building Blocks New Fair and Offline E-cash System System Parameters Registration Protocol at the Trusted Third Party Registration Protocol at the Bank The Withdrawal Protocol The Payment Protocol The Deposit Protocol The Tracing Protocol Security Analysis Revokabe anonymity Unforgeability Undeniability Unlinkability Double-spending Resistant Traceability Related Work Conclusion Acknowledgement References Receipt-Free Sealed-Bid Auction Introduction Related Works Sealed-Bid Auction and Bid-Rigging Sealed-Bid Auction Bid-Rigging Using Receipt Receipt-Free Sealed-Bid Auction Requirements Physical Assumptions Proposed Receipt-Free Sealed-Bid Auction Security Efficiency Conclusion References Exclusion-Freeness in Multi-party Exchange Protocols Introduction Definitions and Notations A Fair Exchange Protocol with an Online TTP The Protocol An Attack Aiming to Break the Fairness Property An Attack Aiming to Exclude Participants from the Exchange A Strongly Exclusion-Free Fair Exchange Protocol The Protocol Analysis Conclusion References A Realistic Protocol for Multi-party Certified Electronic Mail 1 Introduction 2 Previous Work: ASW, ZDB, and MK 3 An Efficient Multi-party Protocol 4 Dispute Resolution 5 Fairness and Verifiability 6 Conclusion References A Nyberg-Rueppel Signature for Multiple Messages and Its Batch Verification Introduction Related Works Nyberg-Rueppel Message Recovery Signature Bellare-Garay-Rabin Batch Verification A Nyberg-Rueppel Signature for Multiple Messages and Its Batch Verification Scheme Security Efficiency Conclusion References Comments to the UNCITRAL Model Law on Electronic Signatures 1 Introduction 2 Sphere of Application 3 Definitions. Basic Notions: Subjective and Objective Elements 3.1 Objective Notions 3.2 Subjective Notions Legal Effects of Electronic Signatures Rule of Equivalent Function for Reliable Signatures Art 6, Paragraph1 and 2 4.2 Requirements for a Reliable Signature (Art. 6, Paragraph 3) Predetermination of Status of Electronic Signature: Satisfaction of Requirements of Art. 6 (Art.7) 5 Basic Rules of Conduct for the Parties Involved 5.1 Conduct of the Signatory 5.2 Conduct of the Certification Service Provider 5.3 Conduct of the Relying Party (Art. 11) 6 Conclusions References An Anonymous Loan System Based on Group Signature Scheme Introduction Related Work Preliminaries Group Signature Scheme Timed-Release Encryption An Anonymous Loan System Notation Definition Construction Definition of Players Proposed Protocol Theorem and Proof Theorem 1 Proof Conclusion References Traceability Schemes for Signed Documents Introduction Related Works Our Contribution Applications Preliminaries Group Signatures Partially Blind Signatures Model Models for Traceability Signature Schemes Models for Tracing Proposed Schemes Basic Scheme Asymmetric Scheme (1) Asymmetric Scheme (2) Conclusion References Proofs of Knowledge for Non-monotone Discrete-Log Formulae and Applications Introduction Proof of Knowledge Contributions A General Class of Exponentiation-Based Formulae Preliminaries Knowledge of Representations Case Where #(G) Is Unknown Case of Monotone Formulae Proving Linear Relations Extension to Quadratic Relations Application to Efficient Protocols A Generic Bit-by-Bit Solution cite {Sta96} An Alternative Solution for Small e Only Our Solution in O(log e) Size How to Deny a Predicate Motivation Equivalent Formulation of a Negation Applications Group Signatures A Class of Group Signature Schemes Member Revocation Our Method Multi-signer Group Signatures Conclusion References Inversion/Division Systolic Architecture for Public-Key Cryptosystems in GF(2m) Introduction Algorithm Systolic Architectures in GF(2unskip $^{m}$) AB^2 Multiplier Inversion/Division Architecture Analysis Conclusion References Efficient Bit Serial Multiplication Using OptimalNormal Bases of Type II in GF(2m) Introduction Normal Basis and Optimal Normal Basis of Type II Multiplication Algorithm Bit Serial Arrangement Using an Optimal Normal Basis of Type II Conclusions References Conditional Cryptographic Delegation for P2P Data Sharing Introduction Background Related Work Preliminaries Protocol Basic Scheme Extended Scheme Application Delegation Check Service Provider PIN Control for Mobile Devices Conclusion References Certification of Public Keys within an Identity Based System Introduction Notation and Pairing Based Schemes The Tate Pairing Types of Public/Private Key Pairs Cryptographic Primitives A Hybrid PKI/IBE Combining a Traditional PKI with IBE Certificates Using Short Signatures Hierarchies of Linked Trust Authorities Transferring Trust at the Upper Level Transferring Trust at the Lower Level Balanced Trust Transferal Applications of Pairing Based Systems Delegation of Rights Creating Groups Addition of Multiple Short Signatures Conclusion References ANew Public Key Cryptosystem for Constrained Hardware Introduction The Basic Method Security Analyses Reduction of Key Size Implementation with Constrained Hardware Further Discussions References A Distributed and Computationally Secure Key Distribution Scheme Introduction Preliminaries ElGamal Encryption Zero-Knowledge Proofs of Knowledge Previous Computational Distributed Key Distribution Schemes Joint Generation of a Random Shared Secret Value Secret Sharing Schemes The Passive Adversary Case The Active Adversary Case: Verifiable Secret Sharing Our Computationally Secure Distributed Key Distribution Scheme Setting up the Model Our Proposal for the Passive Adversary Case Achieving Robustness Against an Active Adversary Key Request and Computational Phase Key Delivery Phase Some Remarks Conclusion References On Optimal Hash Tree Traversal for Interval Time-Stamping Introduction Preliminaries Tree Traversal Interval Time-Stamping Definition of the Skewed Trees Algorithm for Traversing the Tree Family Notation Variables Correctness Proof Complexity Analysis Acknowledgments References An Efficient Dynamic and Distributed Cryptographic Accumulator Introduction Preliminaries Precomputed Accumulations Parameterized Accumulations Hierarchical Accumulations Security Experimental Results Acknowledgments References A Second-Order DPA Attack Breaks a Window-Method Based Countermeasure against Side Channel Attacks Introduction Side Channel Attacks 1.2 M ̈oller’s Countermeasure Our Contributions Side Channel Attacks Moller's Countermeasure DPA Attack Versus M{accent 127 o}ller's Countermeasure Power Leakage Model Proposed Attack Phase I Phase II Phase III Countermeasures Acknowledgements References Parallelizable Elliptic Curve Point Multiplication Method with Resistance against Side-Channel Attacks 1 Introduction 2 Description of the Point Multiplication Method 2.1 Initialization Stage 2.2 Right-to-Left Stage 2.3 Result Stage 3 Efficiency 4 Variants 4.1 Projective Randomization of P 4.2 Scalar Randomization 4.3 Avoiding Digit 0 4.4 Variant for w =1 4.5 Application to Modular Exponentiation 5 Conclusion References Automated Analysis of Some Security Mechanisms of SCEP Introduction Contributions Analysis Approach Notation A Simple Example The SCEP Enrollment Phase User Certificate Request Modeling the Enrollment Procedure Analysis Relevance of User Authentication How to Avoid the Issuance of Two Identical Certificates Concluding Remarks Acknowledgements References An Attack on a Protocol for Certified Delivery Introduction Notation The FPH Protocol Dispute Handling Our Attack on the FPH Protocol Description of the Attack Dispute Resolution Strengthening the Protocol Analysis of the Strengthening Conclusions References Oblivious Counter and Majority Protocol Introduction Preliminaries and Building Blocks Models and Assumptions Building Blocks Oblivious Counter 1-Bit Counter (Half Adder) 2-Bit Counter k-Bit Counter Conclusion References Efficient Mental Card Shuffling via Optimised Arbitrary-Sized Benes Permutation Network 1 Introduction 2 Arbitrary Size (AS) Benes 3 Optimised Arbitrary Size (OAS) Benes 4 Card Gaming Model and Building Blocks 4.1 The Model 4.2 Building Blocks 5 Card Shuffling Protocol 6 Analysis 6.1 Security 6.2 Performance 7 Concluding Remarks Acknowledgements References Fingerprinting Concatenated Codes with Efficient Identification Introduction IPP Codes, Separating Codes, C-secure Codes, and Fingerprinting Codes IPP Codes Fingerprinting Codes and C-secure Codes (2,2)-Separating Codes Algorithms That Decode Beyond the Error Correction Bound Chase Algorithms The Koetter-Vardy Soft-Decision Decoding Algorithm Construction of a Concatenated Fingerprinting Code Simplified Chase Algorithm Decoding of the Fingerprinting Concatenated Code Overview of the Algorithm Decoding Algorithm for the Fingerprinting Concatenated Code Analysis of the Algorithm Conclusions References A Provably Secure Additive and Multiplicative Privacy Homomorphism Introduction Our Contribution Specification of the New PH Numerical Example Security of the New Privacy Homomorphism Applications to Delegation of Computing and Data and to E-gambling Conclusion Acknowledgments References Algorithms for Efficient Simultaneous Elliptic Scalar Multiplication with Reduced Joint Hamming Weight Representation of Scalars Introduction Notations and Assumptions Elliptic Curve and Scalar Multiplication Simultaneous Scalar Multiplication Representation of an Integer Reducing the Joint Hamming Weight of Two Integers Simultaneous Scalar Multiplication with Reduced Joint Hamming Weight Selecting the Optimal Pair of Two Scalar Values Multi-block Computational Efficiency Upper Bound of the Shift Length Shorter Shift Length Scalar Multiplication References Author Index
دانلود کتاب Information security : 5th International Conference, ISC 2002, Sao Paulo, Brazil, September 30-October 2, 2002 : proceedings