The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Both B2B bartering as well as bartering between individuals is increasingly facilitated through online platforms. However, these platforms lack automation and neglect the privacy of their users by leaking crucial information about their offers and demands. It is in this context that we introduce the first privacy-preserving two-party bartering protocol which is secure against active attackers. As...
Witness functions have recently been introduced in cryptographic protocols' literature as a new powerful way to prove protocol correctness with respect to secrecy. In this paper, we extend them to the property of authentication. We show how to use them safely and we run an analysis on a modified version of the Woo-Lam protocol. We show that it is correct with respect to authentication.
It is anticipated that constrained devices in the Internet of Things (IoT) will often operate in groups to achieve collective monitoring or management tasks. For sensitive and mission-critical sensing tasks, securing multicast applications is therefore highly desirable. To secure group communications, several group key management protocols have been introduced. However, the majority of the proposed...
LTE M2M device, base station and core network nodes exchange several protocol messages when a device tries to attach in an LTE network. LTE Attach procedure includes the following: mutual authentication of M2M device (UE) and network, computation of various security keys and session establishment. These procedures incur high processing overhead at LTE M2M devices and also create high control plane...
We present novel security requirements for second price auctions and a simple, efficient and practical protocol that provably maintains these requirements. Novel requirements are needed because commonly used requirements, such as the indistinguishability-based secrecy requirement of encryption schemes presented by (Goldwasser and Micali, 1982), do not fit properly in the second price auctions context...
In this paper, we use the witness-functions to analyze cryptographic protocols for secrecy under nonempty equational theories. The witness-functions are safe metrics used to compute security. An analysis with a witness-function consists in making sure that the security of every atomic message does not decrease during its lifecycle in the protocol. The analysis gets more difficult under nonempty equational...
Classical Fault Attacks often require the ability to encrypt twice the same plaintext, in order to get one or several pairs of correct and faulty cipher texts corresponding to the same message. This observation led some designers to think that a randomized mode of operation may be sufficient to protect block cipher encryption against this kind of threat. In this paper, we consider the case where the...
In general, network traffic is classified and marked at the edge- or ingress-routers of a transit network to permit different levels of QoS when using the DiffServ architecture. Thus, the core-nodes of a network are able to handle the traffic accordingly. Problems in the process of identification of traffic flows and their associated applications, for example because of encryption, avoid the classification...
We study the composition of security protocols when protocols share secrets such as keys. We show (in a Dolev-Yao model) that if two protocols use disjoint cryptographic primitives, their composition is secure if the individual protocols are secure, even if they share data. Our result holds for any cryptographic primitives that can be modeled using equational theories, such as encryption, signature,...
Security protocol design is a creative discipline where the solution space depends on the problem to be solved and the cryptographic operators available. In this paper, we examine the general question of when two agents can create a shared secret. Namely, given an equational theory describing the cryptographic operators available, is there a protocol that allows the agents to establish a shared secret?...
In this paper we deal with security and historical privacy in Location Based Service (LBS) applications where users submit accurate location samples to an LBS provider. Specifically we propose a distributed scheme that establishes access control while protecting the privacy of a user in both sporadic and continuous LBS queries. Our solution employs a hybrid network architecture where LBS users: (a)...
Traditional data protection schemes deployed in Enterprise Rights Management systems rely on centralised infrastructures where recipients must request authorisation for data access from remote evaluation authorities, trusted by the data originator to keep the data decryption keys and evaluate authorisation policies. During emergency situations when network connection is intermittent these solutions...
In this paper we present a new approach for identifying the crypto routines in different types of malware. In traditional malware analysis, like sandboxing, network data is examined as seen on the wire or data is collected as it is written to a file. The use of proprietary binary formats, obfuscation, or encryption hides important details, which are necessary for investigating malicious behavior....
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.