The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Password-based authenticated group key exchange protocols allow group users to jointly share a session key based on a human-memorizable password. In this paper, we present an undetectable online dictionary attack on N-EKE-D, a recent provably secure protocol designed to explicitly resist this type of attack. Thus, our result contradicts the design goal. We also give a simple attack on the key indistinguishability...
When humans interact with machines in their daily networks, it is important that security of the communications is offered, and where the involved shared secrets used to achieve this are easily remembered by humans. Password-based authenticated group key exchange (PAGKE) schemes allow group users to share a session key based on a human-memorizable password. In this paper, we consider two PAGKE schemes...
In peer-to-peer (P2P) systems, peers often must interact with unknown or unfamiliar peers without the benefit of trusted third authorities to mediate the interactions. A peer will need reputation mechanisms by self-experiencing and incorporating the knowledge of other peers to decide whether to trust another peer in P2P systems. On the basis of introduction on the trust properties and common problems...
In this paper we show how modular reduction for integers with Barrett and Montgomery algorithms can be implemented efficiently without using a precomputational phase. We propose four distinct sets of moduli for which this method is applicable. The proposed modifications of existing algorithms are very suitable for fast software and hardware implementations of some public-key cryptosystems and in particular...
The evaluation system is developed for network attack effect in this paper, and present the process from launching an attack to the result of evaluation being outputted. Based on an evaluation index system suitable for the system, we analyses some theories and methods respectively which are adopted to realize their functions by the main modules. Synthesis account of evaluated effect is conducted with...
The purpose of this paper is to evaluate the biomechanical properties of a novel arthroscopic knot, Pretzel knot to be used in shoulder surgeries and compare it with two knots taken as standard: Samsung Medical Center(SMC) and Nicky's knots. Two groups have been formed: unbacked group (Pretzel and SMC knots), backed group (Pretzel, SMC and Nicky's knots backed with 3 RHAPs). Both groups have been...
Automated trust negotiation (ATN) is a promising approach which establishes mutual trust between strangers through the iterative disclosure of digital credentials and access control policies of the two negotiation parties. Although many ATN systems are proposed, some issues still remain to be addressed: (1) their policy languages are coarse-grained; (2) they cannot generate all trust sequences and...
This paper presents a new method to assess usability, security, and e-commerce requirements of websites. Previous research works propose a list of primary requirements for human-computer interaction, security, and e-commerce in an independent way, but they do not integrate these three aspects into a single evaluation method. We present an overview of these basic requirements, which are subsequently...
Unlike other wireless technologies, the deployment of 802.11 networks is not limited to operators: access points can easily be installed by end-users for domestic use. This singular type of deployment is the reason why 802.11 networks are omnipresent in our urban landscapes. Indeed, in metropolitan areas, laptops frequently detect tens of 802.11 access points from the same location. In this work,...
Micali proposed a simple and practical optimistic fair exchange protocol, called ECS1, for contract signing. Bao et al. found some message replay attacks in both the original ECS1 and a modified ECS1 where the latter aims to solve an ambiguity in the former. Furthermore, Bao et al. proposed an improved ECS1 which aims to prevent all those attacks. In this paper, we present a systematic method to analyze...
The P2P system is an anonymous and dynamic system, which offers enormous opportunities, and also presents potential threats and risks. In order to restrain malicious behaviors in P2P system, previous studies try to establish efficient trust models on P2P system. However, most of the trust models use a single trust metric, which can not reflect the practical trust values of the peers effectively. In...
Security Policy specification and testing constitute two fundamental challenges in the development of secure communication systems since they can ensure that a security policy is correctly enforced. Model checking techniques can be used to do such task. Given a system modeling and a test criterion, the model checker can generate a counterexample from which test cases can be deduced. To address the...
Recently biometric fingerprint mobile template protection has attracted research attentions. One major challenge is finding reliable biometric features that are robust against distortion and registration error. It is also desirable that raw fingerprints are not easily recovered once the template has been compromised. In this paper, we propose a new dual layer structure check (DLSC) fingerprint verification...
In this paper we reinforce the benefits of a trust based approach in mobile multi-agent systems. Whilst we do not specify a trust model we provide a framework for property based trust, defining the observations which underpin many pre-existing trust models. This framework maintains subjectivity which should be the basis of any trust based system yet enables entities to communicate and collaborate...
As semantic Web grows, security concerns increase. One concern is controlling accesses to resources in this environment. In order to infer whether the access is allowed or not, different information of different entities including contextual information should be involved. From access control point of view, we divide the entities in semantic Web into three categories: resources (objects), requesters...
Broadcast encryption is an important cryptographical technique. It allows a center to deliver the encrypted data to a large set of users so that only a particular subset of privileged users can decrypt it. Most of previous broadcast encryption schemes only provide confidentiality, while they cannot provide authentication and non-repudiation. Recently,Li et.al proposed a broadcast signcryption scheme...
In 1998, Blaze, Bleumer and Strauss proposed two kinds of cryptographic primitives called proxy re-encryption and proxy re-signature [4]. In proxy re-encryption, a proxy can transform a ciphertext computed under Alice's public key into one that can be opened under Bob's decryption key. In proxy re-signature, a proxy can transform a signature computed under Alice's secret key into one that can be verified...
Low-level network traffic information is often times beyond the understanding of common system operators (byte counts, port numbers, packet data, etc.). However, anomaly based Intrusion Detection Systems (IDS) often provide such low-level, difficult to comprehend information. This paper details a Human Interface for Security Awareness (HISA) algorithm for interpreting cyber incident information to...
DRM (Digital Rights Management) and CAS (Conditional Access System) techniques have been used to cut off the illegal use of contents. These techniques, however, brought about much inconvenience as restricting the move or play of the contents of even legal users. In this paper, we propose a new technique for sharing DRM contents based on domain according to the increment of the demand about the pliant...
We present a static analysis framework for inference of security-related program properties. Within this framework we design and implement ownership, immutability and information flow inference analyses for Java. We perform empirical investigation on a set of Java components, and on a set of established security benchmarks. The results indicate that the analyses are practical and precise, and therefore...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.