Information Security, Practice and Experience: 6th International Conference, ISPEC 2010, Seoul, Korea, May 12-13, 2010, Proceedings (Lecture Notes in Computer Science, 6047)
معرفی کتاب «Information Security, Practice and Experience: 6th International Conference, ISPEC 2010, Seoul, Korea, May 12-13, 2010, Proceedings (Lecture Notes in Computer Science, 6047)» نوشتهٔ Jin Kwak (editor), Robert H. Deng (editor), Guilin Wang (editor), Yoojae Won (editor) در سال 2010. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
The 6th International Conference on Information Security Practice and Expe- ence (ISPEC 2010) was held in Seoul, Korea, May 12-13, 2010. The ISPEC conference series is an established forum that brings together - searchers and practitioners to provide a con?uence of new information security technologies, including their applications and their integration with IT systems invariousverticalsectors.Inpreviousyears, ISPEChastakenplaceinSingapore (2005), Hangzhou, China (2006), Hong Kong, China (2007), Sydney, Australia (2008), andXi'an, China (2009).For all sessions, as this one, the conferencep- ceedings were published by Springer in the Lecture Notes in Computer Science series. In total, 91 papers from 18 countries were submitted to ISPEC 2010, and 28 were selected for inclusion in the proceedings (acceptance rate 30%). The accepted papers cover multiple topics of information security and applied cr- tography. Each submission was anonymously reviewed by at least three revi- ers. We are grateful to the Program Committee, which was composed of more than 56 well-known security experts from 16 countries; we heartily thank them as well as all external reviewers for their time and valued contributions to the tough and time-consuming reviewing process. The conference was hosted by Soonchunhyang University, Korea, supported by Korea Internet & Security Agency (KISA), Korea; Electronics and Telec- munications Research Institute (ETRI), Korea, in Corporation with Korea - stitute of Information Security & Cryptography (KIISC), Korea, and sponsored by Korea Communications Commission (KCC), Korea. We sincerely thank the HonoraryChair and the General Chairs of ISPEC 2010 for their strong support. 6047 Preface ISPEC 2010 Table of Contents Cryptanalysis Improved Related-Key Boomerang Attacks on Round-Reduced Threefish-512 Introduction Preliminaries and Notations Notations Brief Description of Threefish Related-Key Boomerang Attack Improved Related-Key Boomerang Key Recovery Attack on 32-Round Threefish-512 The Modular Differential The 32-Round Boomerang Distinguisher with 4 Related Keys The Key Recovery Attack on 32-Round Threefish-512 Related-Key Boomerang Key Recovery Attack on Threefish-512 Reduced to 33 and 34 Rounds Related-Key Boomerang Key Recovery Attack on 33-Round Threefish-512 Related-Key Boomerang Key Recovery Attack on 34-Round Threefish-512 Conclusion References Integral Attacks on Reduced-Round ARIA Block Cipher Introduction Preliminaries Description of ARIA Notations 4-Round Integral Distinguishers Integral Attack 4-Round Integral Distinguishers Attacks on Reduced-Round ARIA Integral Attack on 6-Round ARIA Integral Attack on 7-Round ARIA Conclusion References A New Class of RC4 Colliding Key Pairs with Greater Hamming Distance Introduction Preparation Description of RC4 Previous Research on RC4 Key Collisions New Transition Pattern Notations and Intuitions Example 1 $(d = 2, t = 2, n = 1(k = 256))$ Example 2 $(d = 3, t = 3, n = 1(k = 256))$ Example 3 $(d = 4, t = 2, n = 2(k = 128))$ Probability Analysis An Efficient Search Technique Conclusion References On the Security of NOEKEON against Side Channel Cube Attacks Introduction A Review on the Cube Attack A Brief Description of the NOEKEON Block Cipher The Side Channel Cube Attack on NOEKEON Finding the Efficient Round for Side Channel Attacks Finding Maxterm Equations Conclusions References Algorithms and Implementations (I) On Fast and Approximate Attack Tree Computations Introduction Attack Trees Efficient Attack Tree Computations Performance Analysis Approximation Conclusions and Further Work References Width-3 Joint Sparse Form Elliptic Curve Cryptosystems and Representations of Integers Integer Representations in Scalar Multiplication Representations of a Pair of Integers in Multi-scalar Multiplication Joint Sparse Form Width-3 Joint Sparse Form Existence Efficiency Optimality Conclusion References Accelerating Inverse of $GF$($2^n$) with Precomputation Introduction Polynomial Basis Previous Reduction Methods for Almost/Montgomery Inverse Our Refinement of Reduction Algorithm Construction of the Precomputed Table Accelerating the Inverse of GF($2^n$) with Precomputed Table Further Improvements for Special Irreducible Polynomials Analysis and Comparisons Conclusion References Algorithms and Implementations (II) Concurrent Error Detection Architectures for Field Multiplication Using Gaussian Normal Basis Introduction Preliminaries Gaussian Normal Basis Representation Gaussian Normal Basis with Even Type RESO Method Proposed Semisystolic Even Type GNB Multiplier Comparison of Bit Parallel Systolic GNB Multipliers Proposed Semisystolic GNB Multiplier with CED Type-t GNB Multiplier with CED for All Even t Better Error Detection Strategy for GNB Multiplier with Typet $\geq$ 4 Comparison of Various Systolic GNB Multipliers with CED Conclusion References The Elliptic Curve Discrete Logarithm Problems over the $p$-adic Field and Formal Groups Introduction Mathematical Foundations Introduction to Elliptic Curves The Definition of the Formal Group Law Associated to an Elliptic Curve The Formal Group Associated to an Elliptic Curve The ECDLP on Qp The $p$-adic Elliptic Logarithm Our Method Our Algorithm Conclusion and Future Work The ECDLP on IFp and the ECDLP on Q References A New Efficient Algorithm for Computing All Low Degree Annihilators of Sparse Polynomials with a High Number of Variables Introduction Preliminary Characters $w.r.t.$ a Boolean Polynomial Critical Characters and Bounded Bases Description of the Algorithm Complexity Issues and Benchmarks Conclusion References Network Security Host-Based Security Sensor Integrity in Multiprocessing Environments Introduction Related Work Problem Approach Model Observer Definition Messaging, Synchronisation and Time Keeping Dataset Analysis Observational Probabilities Resilience to Attack Experimental Results Cross-Sectional Observation Cross-System Observation Self-observation Conclusions and Future Work References Using Purpose Capturing Signatures to Defeat Computer Virus Mutating Introduction Purpose Capturing Signatures Execution Value Sequence Execution Control Sequence Generating Purpose-Capturing Signatures for Viruses and Execution Sequence Blocks for Suspects Refining Techniques in Purpose-Capturing Signature Generation Matching Purpose-Capturing Signatures against Virus Suspects Design and Implementation Purpose-Capturing Signature Generator Signature Matcher Evaluation Virus Mutation Detection Results Discussion Related Work Conclusions References Rate-Based Watermark Traceback: A New Approach Introduction Related Work Rate-Based Watermark Data Source Mode Channel Model Watermark Detection Model Evaluation by Simulation Signal Source Model Channel Model Simulation Result Analysis Resilience against Time Perturbation and Packet Perturbation Defense against the “Visible” Attack Conclusion References Locally Multipath Adaptive Routing Protocol Resilient to Selfishness and Wormholes Introduction Fundamental Concepts On-Demand Distance Vector Routing Multipath Routing Selfishness and Wormholes Overview of the Approach Network Model Attack Scenario Model Problem Definition Solution Strategy LMAR Protocol Structure Route Discovery and Maintenance Data Forwarding Simulation Results Selfishness Resilience Wormhole Attack Resilience Conclusion References Access Control Security Analysis and Validation for Access Control in Multi-domain Environment Based on Risk Introduction Related Works Formal Definition of Model Security in MD{$R^2$}BAC Security Analysis in the Context of Access-Control Strategy in MD{$R^2$}BAC The Definition of State for Security Analysis The Definition of Query and Entailment Types of Security Analysis and Main Results in MD$R^2$BAC Initial Permissions Assignment $(IPA)$ Risk Rank Counting $(RRC)$ Dynamic Permissions Regulating $(DPR)$ Reductions Algorithm for Security Analysis in MD$R^2$BAC Syntax of RT[←,∩] Reduction Algorithm in MD$R^2$BAC Conclusion References A Proposal of Appropriate Evaluation Scheme for Exchangeable CAS (XCAS) Introduction Related Works CAS XCAS Analysis of Existing Evaluation Schemes Proposed Evaluation Scheme for XCAS Evaluation Purpose and Target Evaluation Process Evaluation Subject Evaluation Deliverable Evaluation Cost Conclusion References Identity Management A Trustworthy ID Management Mechanism in Open Market Introduction Related Works Reviews of P2P System ID-Related Threats in P2P Open Market Targeted Requirements ID Management Model in the P2P Open Market Service Model Notaion Assumption Service Scenario Personal Information Registration Process Item Selling and Purchase Process Duplicated Joining Verification Process Using $DI$ Analysis System Implementation and Evaluation Satisfaction of Requirements Conclusion References BioID: Biometric-Based Identity Management Introduction Backgrounds OpenID OpenID Security Issue Biometric System Cancellable Biometrics Biometric-Based Identity Management Mechanism Strategies for BioID Scenarios Discussion Conclusion References Trust Management Privacy Preserving of Trust Management Credentials Based on Trusted Computing Introduction Related Work Basic Elements Entity Attribute Credential Deduced Composite Credential Architecture of Participant Platform Implementation Goal Credential Search Based on DCC Algorithm Conclusion References Mitigating the Malicious Trust Expansion in Social Network Service Introduction Related Works Malicious Trust Expansion Features of MTE Real Experimentation Simulation Delimma Strategy to Restrict MTE Trust Evaluation Clustering-CoeÆcient-Based Access Control Trust Restriction and Reduction Conclusion References Public Key Cryptography An Efficient Convertible Undeniable Signature Scheme with Delegatable Verification Introduction Preliminaries Convertible Undeniable Signatures Security Model Token Soundness Unforgeability Invisibility Non-impersonation A Concrete Convertible Undeniable Signature Scheme Security Comparison Conclusion References Certificateless KEM and Hybrid Signcryption Schemes Revisited Introduction Preliminaries Certificateless Signcryption Tag-KEM (CLSC-TKEM) Security Model for CLSC-TKEM Review and Attack of Lippold et al.’s CL-KEM Review of the Scheme Attack of Lippold et al.’s CL-KEM Review and Attack of Fagen Li et al.’s CLSC-TKEM Review of the Scheme Attack of Fagen Li et al.’s CLSC-TKEM Improved CLSC-TKEM Scheme (ICLSC-TKEM) Security of the Improved CLSC-TKEM Scheme Conclusion References A Deniable Group Key Establishment Protocol in the Standard Model Introduction Group Key Establishment: Modeling Security and Modeling Deniability Modeling Security of the Group Key Establishment Protocol Modeling Deniability of the Group Key Establishment Protocol A Deniable Group Key Establishment Protocol Protocol Description and Design Rationale Deniability Analysis Security Analysis Conclusion References Threshold Password-Based Authenticated Group Key Exchange in Gateway-Oriented Setting Introduction Preliminaries Security Model Our TPAGKE Protocol Security Results Conclusion References Security Applications Binary Image Steganographic Techniques Classification Based on Multi-class Steganalysis Introduction Comparison of the Steganography Techniques under Analysis Proposed Steganalysis Increasing Gray Level via Pixel Difference Gray Level Run Length Matrix Gray Level Co-occurrence Matrix Cover Image Estimation Final Feature Sets Multi-class Classification Experimental Results Experiment Setup Results Comparison Conclusion References Game Theoretic Resistance to Denial of Service Attacks Using Hidden Difficulty Puzzles Introduction Hidden Difficulty Puzzle (HDP) Game Theoretic Analysis of HDP Model Analysis of Attacker Payoff Defense Mechanisms Strategic Game Infinitely Repeated Game Comparison with Previous Work Client-Puzzles Conclusions References Attacking and Improving on Lee and Chiu’s Authentication Scheme Using Smart Cards Introduction Review of Lee and Chiu’s Authentication Scheme Registration Phase Authentication Phase Weakness in Lee and Chiu’s Authentication Scheme Security Enhancement Description of the Proposed Scheme Security Analysis Conclusion References Protection Profile for Secure E-Voting Systems Introduction Overview of E-Voting and Protection Profile General Electoral Process General Security Requirements of an E-Voting System Overview of Common Criteria and Protection Profile Related Works Proposed E-Voting System and Protection Profile Protection Profile Introduction Security Problem Definition Security Objectives Security Requirements Comparison Conclusion References Author Index
دانلود کتاب Information Security, Practice and Experience: 6th International Conference, ISPEC 2010, Seoul, Korea, May 12-13, 2010, Proceedings (Lecture Notes in Computer Science, 6047)