SECRYPT 2008 Abstracts


Area 1 - Security in Information Systems

Full Papers
Paper Nr: 23
Title:

AN EVENT-DRIVEN, INCLUSIONARY AND SECURE APPROACH TO KERNEL INTEGRITY

Authors:

Satyajit Grover, Divya Naidu Kolar Sunder, Samuel Moffatt and Michael Kounavis

Abstract: In this paper we address the problem of protecting computer systems against stealth malware. The problem is important because the number of known types of stealth malware increases exponentially. Existing approaches have some advantages for ensuring system integrity but sophisticated techniques utilized by stealthy malware can thwart them. We propose Runtime Kernel Rootkit Detection (RKRD), a hardware-based, event-driven, secure and inclusionary approach to kernel integrity that addresses some of the limitations of the state of the art. Our solution is based on the principles of using virtualization hardware for isolation, verifying signatures coming from trusted code as opposed to malware for scalability and performing system checks driven by events. Our RKRD implementation is guided by our goals of strong isolation, no modifications to target guest OS kernels, easy deployment, minimal infrastructure impact, and minimal performance overhead. We developed a system prototype and conducted a number of experiments which show that the performance impact of our solution is negligible.
Download

Paper Nr: 50
Title:

THE SUBSTITUTION CIPHER CHAINING MODE

Authors:

Mohamed A. El-Fotouh and Klaus Diepold

Abstract: In this paper, we present a new tweakable narrow-block mode of operation, the Substitution Cipher Chaining mode (SCC), that can be efficiently deployed in disk encryption applications. SCC is characterized by its high throughout compared to the current solutions and it can be parallelized. We used this mode to modify Windows Vista’s disk encryption algorithm, to offer some parallelism in its original implementation and to improve its diffusion properties.
Download

Paper Nr: 107
Title:

A HEURISTIC POLYNOMIAL ALGORITHM FOR LOCAL INCONSISTENCY DIAGNOSIS IN FIREWALL RULE SETS

Authors:

Sergio Pozo Hidalgo, R. Ceballos and R. M. Gasca

Abstract: Firewall ACLs can contain inconsistencies. There is an inconsistency if different actions can be taken on the same flow of traffic, depending on the ordering of the rules. Inconsistent rules should be notified to the system administrator in order to remove them. Minimal diagnosis and characterization of inconsistencies is a combinatorial problem. Although many algorithms have been proposed to solve this problem, all reviewed ones work with the full ACL with no approximate heuristics, giving minimal and complete results, but making the problem intractable for large, real-life ACLs. In this paper we take a different approach. First, we deeply analyze the inconsistency diagnosis in firewall ACLs problem, and propose to split the process in several parts that can be solved sequentially: inconsistency detection, inconsistent rules identification, and inconsistency characterization. We present polynomial heuristic algorithms for the first two parts of the problem: detection and identification (diagnosis) of inconsistent rules. The algorithms return several independent clusters of inconsistent rules that can be characterized against a fault taxonomy. These clusters contains all inconsistent rules of the ACL (algorithms are complete), but the algorithms not necessarily give the minimum number of clusters. The main advantage of the proposed heuristic diagnosis process is that optimal characterization can be now applied to several smaller problems (the result of the diagnosis process) rather than to the whole ACL, resulting in an effective computational complexity reduction at the cost of not having the minimal diagnosis. Experimental results with real ACLs are given.
Download

Paper Nr: 128
Title:

SECURITY REQUIREMENTS IN SOFTWARE PRODUCT LINES

Authors:

Daniel Mellado, Eduardo Fernández-medina and Mario Piattini

Abstract: Proper analysis and understanding of security requirements are important because they help us to discover any security or requirement defects or mistakes in the early stages of development. Hence, security requirements engineering is both a central task and a critical success factor in product line development due to the complexity and extensive nature of product lines. However, most of the current product line practices in requirements engineering do not adequately address security requirements engineering. Therefore, in this paper we will propose a security quality requirements engineering process (SREPPLine) driven by security standards and based on a security requirements decision model along with a security variability model to manage the variability of the artefacts related to security requirements. The aim of this approach is to deal with security requirements from the early stages of the product line development in a systematic way, in order to facilitate conformance with the most relevant security standards with regard to the management of security requirements, such as ISO/IEC 27001 and ISO/IEC 15408.
Download

Short Papers
Paper Nr: 166
Title:

A 640 MBIT/S 32-BIT PIPELINED IMPLEMENTATION OF THE AES ALGORITHM

Authors:

Guido M. Bertoni, Luca Breveglieri, Roberto Farina and Francesco Regazzoni

Abstract: Due to the diffusion of cryptography in real time applications, performances in cipher and decipher operations are nowadays more important than in the past. On the other side, while facing the problem for embedded systems, additional constraints of area and power consumption must be considered. Many optimized software implementations, instruction set extensions and co-processors, were studied in the past with the aim to either increase performances or to keep the cost low. This paper presents a co-processor that aims to be an intermediate solution, suitable for such applications that require a throughput in the Megabit range and where the die size is a bit relaxed as constraint. To achieve this goal, the core is designed to operate at 32 bits and the throughput is guaranteed by a 2 stage pipeline with data forwarding. The obtained results synthesizing our coprocessor by means of the CMOS 0.18 µm standard cell library show that the throughput reaches 640 Mbit/s while the circuit size is of only 20 K equivalent gates.
Download

Paper Nr: 168
Title:

TOWARDS LANGUAGE-INDEPENDENT APPROACH FOR SECURITY CONCERNS WEAVING

Authors:

Azzam Mourad, Dima Alhadidi and Mourad Debbabi

Abstract: In this paper, we propose an approach for weaving security concerns in the Gimple representation of programs. Gimple is an intermediate, language-independent, and tree-based representation generated by GNU Compiler Collection (GCC) during the compilation process. This proposition constitutes the first attempt towards adopting the aspect-oriented concept on Gimple and exploiting this intermediate representation to allow advising an application written in a specific language with security code written in a different one. At the same time, injecting security is applied in a systematic way in order not to alter the original functionalities of the software. We explore the viability and the relevance of our proposition by: (1) implementing several Gimple weaving capabilities into the GCC compiler (2) developing a case study for securing the connections of a client application and (3) using the weaving features of the extended GCC to inject the security concerns into the application.
Download

Paper Nr: 21
Title:

SECURING THE EMAIL SERVICES - New System for Secure Managing the Organization’s Mail Service

Authors:

Raul Herbosa, Gabriel Diaz and Manuel Castro Gil

Abstract: In this paper new system is presented for securing the email service, minimizing the risks associated with spam and malicious software associated with the email messages, valid for any organization. To build it, several free software tools under GPL license are used, integrated over a generic hardware platform. The approach has been the typical of an integration project. The concrete needs have been identified, related to email threats, free software tools under GPL have been identified that meet our needs and the integration tasks have been made, suggesting hardware and software architecture to support our objectives. One crucial criterion for the selection has been that the tools must provide working information records, i.e. file logs and tools to treat them for the different covered subsystems. Several tools have been developed also to complete the original functionality of them. The resulting system, nowadays in use in a big company in Spain, is a flexible and effective one, that filters quickly and exhaustively every incoming and outgoing message, eliminating successfully more than 80% of the received messages, that result to be spam or malware.
Download

Paper Nr: 149
Title:

METRICS APPLICATION IN METROPOLITAN BROADBAND ACCESS NETWORK SECURITY ANALYSIS

Authors:

Rodrigo Miani, Bruno B. Zarpelão, Leonardo Mendes and Mario L. Proença Jr.

Abstract: This work proposes the development and application of specific security metrics for metropolitan broadband access networks that aim to measure the efficiency of security programs and support action planning against detected problems. The approach presented in this work show metrics developed for these networks and parameters for metrics definition. This paper also presents results achieved from application of the metrics reported here in the metropolitan broadband access network of Pedreira, a city located in São Paulo, Brazil.
Download

Paper Nr: 202
Title:

SECURITY AND AUTHENTICATION FOR NETWORKED STORAGE

Authors:

Kumar Murty and Guangwu Xu

Abstract: Authentication and access control are important measures for the security of a storage area network (SAN). In this paper, the current methods of authentication and access control in a SAN are reviewed and a new identity-based authentication scheme is proposed. This scheme has the advantage that it is lighter weight and more suited for the high speed switches that operate in a SAN fabric.
Download

Area 2 - Access Control and Intrusion Detection

Full Papers
Paper Nr: 94
Title:

DETECTION OF ILLICIT TRAFFIC USING NEURAL NETWORKS

Authors:

Paulo Salvador, António Nogueira, Ulisses França and Rui Valadas

Abstract: The detection of compromised hosts is currently performed at the network and host levels but any one of these options presents important security flaws: at the host level, antivirus, anti-spyware and personal firewalls are ineffective in the detection of hosts that are compromised via new or target-specific malicious software while at the network level network firewalls and Intrusion Detection Systems were developed to protect the network from external attacks but they were not designed to detect and protect against vulnerabilities that are already present inside the local area network. This paper presents a new approach for the identification of illicit traffic that tries to overcome some of the limitations of existing approaches, while being computationally efficient and easy to deploy. The approach is based on neural networks and is able to detect illicit traffic based on the historical traffic profiles presented by ”licit” and ”illicit” network applications. The evaluation of the proposed methodology relies on traffic traces obtained in a controlled environment and composed by licit traffic measured from normal activity of network applications and malicious traffic synthetically generated using the SubSeven backdoor. The results obtained show that the proposed methodology is able to achieve good identification results, being at the same time computationally efficient and easy to implement in real network scenarios.
Download

Paper Nr: 135
Title:

NOVEL AND ANOMALOUS BEHAVIOR DETECTION USING BAYESIAN NETWORK CLASSIFIERS

Authors:

Salem Benferhat and Karim TABIA

Abstract: Bayesian networks have been widely used in intrusion detection. However, most works showed that they are ineffective for anomaly detection since novel attacks and new behaviors are not efficiently detected. In this paper, we firstly analyze this problem due to inadequate treatment of novel and unusual behaviors and to insufficient decision rules which do not meet anomaly approach requirements. We accordingly propose to enhance the standard Bayesian classification rule in order to fit anomaly detection objectives and effectively detect novel attacks. We carried out experimental studies on recent and real htt p traffic and showed that Bayesian classifiers using enhanced decision rules allow detecting most novel attacks without triggering significantly higher false alarm rates.
Download

Paper Nr: 205
Title:

NEW SCHEMES FOR ANOMALY SCORE AGGREGATION AND THRESHOLDING

Authors:

Salem Benferhat and Karim TABIA

Abstract: Anomaly-based approaches often require multiple profiles and models in order to characterize different aspects of normal behaviors. In particular, anomaly scores of audit events are obtained by aggregating several local anomaly scores. Remarkably, most works focus on profile/model definition while critical issues of anomaly measuring, aggregating and thresholding are dealt with ”simplistically”. This paper addresses the issue of anomaly scoring and aggregating which is a recurring problem in anomaly-based approaches. We propose a Bayesian-based scheme for aggregating anomaly scores in a multi-model approach and propose a two-stage thresholding scheme in order to meet real-time detection requirements. The basic idea of our scheme is the fact that anomalous behaviors induce either intra-model anomalies or inter-model anomalies. Our experimental studies, carried out on recent and real htt p traffic, show for instance that most attacks induce only intra-model anomalies and can be effectively detected in real-time.
Download

Paper Nr: 241
Title:

APPLICATION TO A SHARED TERMINAL OF A ROAMING USER PROFILE SET UP THROUGH LDAP-SMART CARD AUTHENTICATION COOPERATION

Authors:

Kazuto Kuzuu, Yasushi Hirano, Kenji Mase and Toyohide Watanabe

Abstract: In this paper, we propose the way to set a roaming user profile without using Windows domain composition when building a shared terminal system for smart card users. This proposal aims at using a LDAP server as a user information data base, and enabling each terminal user to set his own work environment. In order to achieve this purpose, we related the user profile with the user ID extracted from smart card, and stored that profile on shared data storage. Furthermore, we built a shared file system besides the above data storage, and assigned the user work environment to that file system. Finally, applying the above system to the actual terminal on network, we confirmed that the target shared terminal environment was realized.
Download

Short Papers
Paper Nr: 47
Title:

IMPROVED FUZZY VAULT SCHEME FOR FINGERPRINT VERIFICATION

Authors:

Cengiz Orencik, Thomas B. Pedersen, Erkay Savas and Mehmet Keskinoz

Abstract: Fuzzy vault is a well-known technique to address the privacy concerns in biometric identification applications. We revisit the fuzzy vault scheme to address implementation, efficiency, and security issues encountered in its realization. We use the fingerprint data as a case study. We compare the performances of two different methods used in the implementation of fuzzy vault, namely brute force and Reed Solomon decoding. We show that the locations of fake (chaff) points in the vault leak information on the genuine points and propose a new chaff point placement technique that makes distinguishing genuine points impossible. We also propose a novel method for creation of chaff points that decreases the success rate of the brute force attack from 100% to less than 3.5%. While this paper lays out a complete guideline as to how the fuzzy vault is implemented in an efficient and secure way, it also points out that more research is needed to thwart the proposed attacks by presenting ideas for future research.
Download

Paper Nr: 109
Title:

ENSURING PRIVACY OF BIOMETRIC FACTORS IN MULTI-FACTOR AUTHENTICATION SYSTEMS

Authors:

Kikelomo M. Apampa, Tian Zhang, Gary Wills and David Argles

Abstract: One of the inherent properties of biometrics is the ability to use unique features for identification and verification of users. The usable biometric features in humans are limited in number and they must be kept secret; if a biometric factor is compromised it presents a challenge that may defy solution. In this paper we present a novel method to preserve privacy of users’ biometrics. Using an elastic matching algorithm, we produce a digest that can be substituted for the raw biometric factor. This will ensure that the users’ biometric data is never exposed during the authentication phase.
Download

Paper Nr: 146
Title:

ALERT CORRELATION BASED ON A LOGICAL HANDLING OF ADMINISTRATOR PREFERENCES AND KNOWLEDGE

Authors:

Salem Benferhat and Karima SEDKI

Abstract: Intrusion detection systems (IDSs) are important tools for infortation systems security. However, they generate a large number of alerts which complicate the task of network administrator to understand these triggered alerts and take appropriate actions. In this paper, we present a logic-based approach to alert correlation. This logic allows to integrate administrator’s preferences and knowledge. Our logic, called Extended Qualitative Choice Logic (E Q C L ), is an extension of a fragment of first order logic. It adds a new connector, denoted →X that allows to represent administrator preferences. The objective of our logic-based alert correlation approach is to rank-order alerts generated by IDS on the basis of administrator preferences and knowledge. Only alerts that fully fit administrator’s preferences and knowledge are first presented. Then if needed, less preferred alerts (which falsify less important preferences) will be presented, and so on.
Download

Paper Nr: 159
Title:

INTERACTIVITY FOR REACTIVE ACCESS CONTROL

Authors:

Yehia ElRakaiby, Frederic Cuppens and Nora Cuppens-Boulahia

Abstract: Technological advances enhanced the computing and communication capabilities of electronic devices bringing us new pervasive environments where information is present everywhere and can be accessed from anywhere. These environments made way to new intelligent and context-aware applications which have more sophisticated access control requirements. So far, there have been two main categories of access control systems: passive security systems which evaluate access requests according to static predefined permissions; and dynamic security systems which integrate the context in the evaluation of access requests. These models can thus be justly classified as anticipative models since all security rules have to be completely defined before an access request is made. In this paper, we present a formal access control model that extends context-based models to allow just-in-time specification of access control policies. The model relies on interactivity to support active participation of users in the evaluation of the security policy, thus enabling them to participate in the definition of the access policy at the time of the request.
Download

Paper Nr: 195
Title:

HONEYD DETECTION VIA ABNORMAL BEHAVIORS GENERATED BY THE ARPD DAEMON

Authors:

A. Boulaiche and Kamel Adi

Abstract: In this paper we describe some serious flaws in the software Honeyd that is one of the most popular software of honeypots, these flaws allow an attacker to easily identify the presence and the scope of a deployed honeypot. Hence, we describe in details both the flaws and how they can be used to attack the honeypot. Furthermore, we elaborate a set of possible solutions to fix each of these flaws. Our technique is mainly based on the detection of abnormal behaviors of the honeypot.
Download

Paper Nr: 227
Title:

FUNCTIONALITY-BASED APPLICATION CONFINEMENT - Parameterised Hierarchical Application Restrictions

Authors:

Z. C. Schreuders and Christian Payne

Abstract: Traditional user-oriented access control models such as Mandatory Access Control (MAC) and Discretionary Access Control (DAC) cannot differentiate between processes acting on behalf of users and those behaving maliciously. Consequently, these models are limited in their ability to protect users from the threats posed by vulnerabilities and malicious software as all code executes with full access to all of a user's permissions. Application-oriented schemes can further restrict applications thereby limiting the damage from malicious code. However, existing application-oriented access controls construct policy using complex and inflexible rules which are difficult to administer and do not scale well to confine the large number of feature-rich applications found on modern systems. Here a new model, Functionality-Based Application Confinement (FBAC), is presented which confines applications based on policy abstractions that can flexibly represent the functional requirements of applications. FBAC policies are parameterised allowing them to be easily adapted to the needs of individual applications. Policies are also hierarchical, improving scalability and reusability while conveniently abstracting policy detail where appropriate. Furthermore the layered nature of policies provides defence in depth allowing policies from both the user and administrator to provide both discretionary and mandatory security. An implementation FBAC-LSM and its architecture are also introduced.
Download

Paper Nr: 232
Title:

SECURITY POLICY INSTANTIATION TO REACT TO NETWORK ATTACKS - An Ontology-based Approach using OWL and SWRL

Authors:

Jorge E. López de Vergara, Enrique Vazquez and Javier Guerra

Abstract: A quick and efficient reaction to an attack is important to address the evolution of security incidents in current communication networks. The ReD (Reaction after Detection) project’s aim is to design solutions that enhance the detection/reaction security process. This will improve the overall resilience of IP networks to attacks, helping telecommunication and service providers to maintain sufficient quality of service to comply with service level agreements. A main component within this project is in charge of instantiating new security policies that counteract the network attacks. This paper proposes an ontology-based methodology for the instantiation of these security policies. This approach provides a way to map alerts into attack contexts, which are later used to identify the policies to be applied in the network to solve the threat. For this, ontologies to describe alerts and policies are defined, using inference rules to perform such mappings.
Download

Paper Nr: 238
Title:

CRYPTONET: SECURE E–MAIL SYSTEM

Authors:

Sead Muftic and Gernot Schmölzer

Abstract: The paper describes new, innovative and highly secure E–mail system. The system, first, provides both standard security services for E-mail letters: signed and encrypted E–mail. In addition, address book is encrypted, thus E-mail addresses can not be stolen for spamming. Each E–mail server is protected using SAML authorization policy, so E–mails are received only from authorized senders. Finally, all E–mail addresses are validated and certified by specially designed Secure E–mail Infrastructure (SEI) Authorities, organized in a federated hierarchy. Thus CryptoNet Secure E–mail system completely eliminates spam, distribution of viruses, worms, and malware, and eliminates the possibility to use fake E–mail addresses.
Download

Paper Nr: 74
Title:

AN IMPROVEMENT OF STRONG PROXY SIGNATURE AND ITS APPLICATIONS

Authors:

Min-Shiang Hwang, Shiang-Feng Tzeng and Shu-Fen Chiou

Abstract: In 2001, Lee et al. proposed a strong non-designated proxy signature for the use of multi-proxy signatures at the presence of plural delegations of multiple original signers. In this paper, we shall analyze their schemes and offer some suggestions as to how to improve the security of those schemes.
Download

Paper Nr: 196
Title:

A NOTE ON BIOMETRICS-BASED AUTHENTICATION WITH PORTABLE DEVICE

Authors:

Shinsuke Ohtsuka, Satoshi Kawamoto, Shigeru Takano, Kensuke Baba and Hiroto Yasuura

Abstract: Individual authentication technologies are essential for electronic systems as social infrastructures. Especially, biometrics-based authentication has been receiving increasing attention and is expected to be implemented on systems with portable devices such as mobile phones for realizing more useful services. The most important problem in biometrics-based authentication is to prevent a leakage of biological information. This paper focuses on the leakage which enables a spoofing and consider two cases, a leakage from data stored in a server for verification of biological information and a leakage by a cheating detection. This paper proposes a solution by applying a function to biological information and shows the properties required for the function to solve the problem. Moreover, this paper proposes an idea of biometrics-based authentication system with portable devices which is provided a function to capture biological information.
Download

Paper Nr: 234
Title:

A POLYNOMIAL BASED HASHING ALGORITHM

Authors:

V. K. Murty and Nikolajs Volkovs

Abstract: The aim of this article is to describe a new hash algorithm using polynomials over finite fields. It runs at speeds comparable to SHA-3. Hardware implementations seem to run at significantly faster speeds, namely at 1.8 Gb/sec on an FPGA. Unlike most other existing hash algorithms, our construction does not follow the Damgaard-Merkle philosophy. The hash has several attractive features in terms of its flexibility. In particular, the length of the hash is a parameter that can be set at the outset. Moreover, the estimated degree of collision resistance is measured in terms of another parameter whose value can be varied.
Download

Paper Nr: 242
Title:

INTRUSION DETECTION AND PREVENTION SYSTEM USING SECURE MOBILE AGENTS

Authors:

Muhammad A. Shibli and Sead Muftic

Abstract: The paper describes design and architecture of the intrusion detection and prevention system based on secure mobile agents along with the analysis of commercial products and current research efforts in the area. Once system will be operational it will be the first comprehensive real–life application using mobile agents that will not only provide security to network resources but also provide security and protection to the mobile agents system itself. The system efficiently solves several problems with the existing IDS/IPS solutions: it can detect new vulnerabilities, it can process and filter large volumes of logs, it reacts to intrusions in real–time, provides protection against unknown attacks, supports and improves IDS/IPS commercial products by different vendors, and handles software patches. The system not only improves the existing IDS/IPS solutions, but it also eliminates several of their core problems. In addition, it is self– protected by full encryption, both mobile agents and their platforms, and therefore not vulnerable to attacks against its own components and resources.
Download

Area 3 - Network Security and Protocols

Full Papers
Paper Nr: 63
Title:

A FAST ENCRYPTION SCHEME FOR NETWORKS APPLICATIONS

Authors:

Mohamed A. El-Fotouh and Klaus Diepold

Abstract: In this paper we studied the two widely used encryption schemes to perform symmetric encryption for a huge number of concurrent clients in high-speed networks applications. The current schemes consume either plenty of memory to gain high throughput or low memory with low throughput. The need has aroused for a scheme that has low memory requirements and in the same time possesses high speed, as the number of the internet users increases each day. We used the SSM model (El-Fotouh and Diepold, 2008), to construct an encryption scheme based on the AES. The proposed scheme possesses high throughput together with low memory requirements. We performed theoretical and practical analyses for the existing and proposed schemes.
Download

Paper Nr: 127
Title:

QUANTIFYING MISBEHAVIOUR ATTACKS AGAINST THE SELF-ORGANIZED PUBLIC KEY MANAGEMENT ON MANETS

Authors:

Eduardo da Silva, Aldri Santos, Luiz P. Albini and Michele N. Lima

Abstract: Among the key management schemes for MANETs, the Self-Organized Public Key Management System (PGP-Like) is the main chaining-based key management scheme. It is fully self-organized and does not require any certificate authority. Two kinds of misbehavior attacks are considered to be great threats to PGP-Like: the impersonating and the lack of cooperation attacks. This work quantifies the impact of such attacks on PGP-Like. Simulation results show that PGP-Like was able to maintain its effectiveness when submitted to the lack of cooperation attack, contradicting previously theoretical results. It correctly works even in the presence of more than 60% of misbehaving nodes, although the convergence time was affected with only 20% of misbehaving nodes. On the other hand, PGP-Like was completely vulnerable to the impersonating attack. Its functionality is affected with just 5% of misbehaving nodes, confirming previously theoretical results.
Download

Paper Nr: 150
Title:

MULTIPHASE DEPLOYMENT MODELS FOR FAST SELF HEALING IN WIRELESS SENSOR NETWORKS

Authors:

Omer Z. Yilmaz, Albert Levi and Erkay Savas

Abstract: The majority of studies on security in resource limited wireless sensor networks (WSN) focus on finding an efficient balance among energy consumption, computational speed and memory usage. Besides these resources, time is a relatively immature aspect that can be considered in system design and performance evaluations. In a recent study(Castelluccia and Spognardi, 2007), the time dimension is used to lower the ratio of compromised links, thus, improving resiliency in key distribution in WSNs. This is achieved by making the old and possibly compromised keys useful only for a limited amount of time. In this way, the effect of compromised keys diminish in time, so the WSN selfheals. In this study we further manipulate the time dimension and propose a deployment model that speeds up the resilience improvement process with a tradeoff between connectivity and resiliency. In our method, self healing speeds up by introducing nodes that belong to future generations in the time scale. In this way, the duration that the adversary can make use of compromised keys become smaller.
Download

Paper Nr: 239
Title:

NOVEL NEUROCOMPUTING-BASED SCHEME TO AUTHENTICATE WLAN USERS EMPLOYING DISTANCE PROXIMITY THRESHOLD

Authors:

Tarik Guelzim and Mohammad S. Obaidat

Abstract: The IEEE 802.11 standard is considered one of the most popular and profitable network topology in use today. As with the growth of every other technology, the scalability of Wireless Local Area Networks (WLANs) comes with the burden of ensuring the integrity, confidentiality and trust in the network. By integrity we need to develop a mechanism by which only authorized users can gain access to the network resources. Confidentiality implies that every data transmitted by each user stays known only to the communication parties. The above two characteristics can then enforce a trust environment in which all wireless nodes and users are authorized and secure. In this paper, we propose a scheme to authenticate and authorize 802.11 wireless nodes within a network. Our proposed scheme relies on neural networks decision engine that restricts network access to mobile nodes whose physical location is within a threshold distance from the wireless access point or the controller of the network. We present a detailed description of the work done as well as a performance analysis of this scheme.
Download

Paper Nr: 243
Title:

SAKE - Secure Authenticated Key Establishment in Sensor Networks

Authors:

Muhammad Yasir, Mureed Hussain, Kahina Kabri and Dominique Seret

Abstract: Master key schemes are a viable solution to establish pairwise shared secret keys in wireless sensor networks. In these schemes, a master key is preconfigured into each sensor node which is then used by each node to generate pairwise shared secret keys. In the literature so far, it is essential for each sensor node to keep master key in its memory during the entire phase of key setup. As soon as key setup completes, each node erases the master key from its memory. Although key setup phase of a node lasts for a small interval of time, it is not impossible for an adversary to compromise a node during this time. In this situation, the presence of master key can be disastrous. So the challenge is to protect a sensor network from compromise of master key during its key setup phase. We propose Secure Authenticated Key Establishment (SAKE) protocol that meets the above challenge by introducing an idea that master key need not to be kept by a sensor node for the entire key setup phase thereby shortening the master key compromise window. With the help of our proposed scheme, other attacks during key setup phase can also be avoided.
Download

Paper Nr: 244
Title:

KERBEROS IMPLEMENTATION IN MANETS

Authors:

Atta- ur-Rahman, Mureed Hussain, Kahina Kabri and Dominique Seret

Abstract: In this paper implementation of Kerberos is proposed for Mobile Ad-hoc Networks (MANETS) for user authentication and authorization. Kerberos uses symmetric cryptography with a trusted server to enable secure authentication and key exchange between client nodes. Kerberos protocol is designed to provide reliable authentication over open and insecure networks where communications between the hosts belonging to it may be intercepted. So simply Kerberos is an authentication protocol for trusted hosts on untrusted networks. There are two approaches used in MANETS: proactive approach & reactive approach. In proactive approach protocols are also known as traditional distributed shortest-path protocols which are used to maintain the routes at all times based on periodic updates with high routing overhead. We have implemented Kerberos concept with proactive approach using Optimized Link State Routing Protocol (OLSR).
Download

Short Papers
Paper Nr: 144
Title:

SCFS: TOWARDS DESIGN AND IMPLEMENTATION OF A SECURE DISTRIBUTED FILESYSTEM

Authors:

Juan Vera-del-Campo, Juan Hernández-Serrano and Josep Pegueroles

Abstract: Our digital world creates lots of data than users desire to preserve from malfunctioning, local disasters or human errors. Current nodes in the internet has enough intelligence and processing power to allow the deployment of distributed services on common nodes. This is the case of peer-to-peer networks and services. There are several proposals in literature to deploy a distributed filesystem over the internet. This paper presents and analyses the security of a prototype based on Cooperative File System.
Download

Paper Nr: 188
Title:

KEY MANAGEMENT OF QUANTUM GENERATED KEYS IN IPSEC

Authors:

Andreas Neppach, Christian Pfaffel-Janser, Ilse Wimberger, Thomas Loruenser, Michael Meyenburg, Alexander Szekely and Johannes Wolkerstorfer

Abstract: This paper presents a key management approach for quantum generated keys and its integration into the IPsec/IKE protocol. The solution is used in a security gateway that integrates quantum key distribution (QKD) and IPsec as a system-on-chip solution. The QKD acquisition module and the IPsec part of this prototype are implemented in hardware to provide a high level of integration as well as high encryption throughput. To make use of these fast encryption capabilities, a flexible key management approach is necessary to provide keys just in time. Thus, the presented key management approach focuses on an efficient key update mechanism and minimizes the communication overhead. Furthermore, the presented approach is a first step to integrate QKD solutions into real-world commercial applications using standardized interfaces.
Download

Paper Nr: 198
Title:

ENSURING THE CORRECTNESS OF CRYPTOGRAPHIC PROTOCOLS WITH RESPECT TO SECRECY

Authors:

Hanane Houmani and Mohamed Mejri

Abstract: This paper gives sufficient conditions to ensure secrecy property of cryptographic protocols that allow to share a session keys. Indeed, this paper proves that if within a protocol agents don’t decease or increase the security level of components, then this protocol respect the secrecy property. This sufficient condition holds even we change our context of verification (message algebra, intruder capacities or cryptographic assumptions). To verify this condition we use the notion of interpretation functions. An interpretation function is a safe way allowing an agent to appropriately estimate the security level of message components that he receives so that he can handle them correctly.
Download

Paper Nr: 199
Title:

EFFICIENT LOCALIZATION SCHEMES IN SENSOR NETWORKS WITH MALICIOUS NODES

Authors:

Kaiqi Xiong and David Thuente

Abstract: The accuracy of location information is critical for many applications of wireless sensor networks (WSN), especially those used in hostile environments where malicious adversaries can be present. It is impractical to have a GPS device on each sensor in WSN due to costs. Most of the existing location discovery schemes can only be used in the trusted environment. Recent research has addressed security issues in sensor network localization but, to the best of our knowledge, none has completely solved the secure localization problem. In this paper, we propose novel schemes for secure dynamic localization in sensor networks. The proposed algorithms tolerate up to 50% of beacon nodes being malicious and they have linear computation time with respect to the number of reference nodes. We have conducted simulations to analyze their performance.
Download

Paper Nr: 240
Title:

NEW TECHNIQUES TO ENHANCE THE CAPABILITIES OF THE SOCKS NETWORK SECURITY PROTOCOL

Authors:

Mukund Sundararajan and Mohammad S. Obaidat

Abstract: SOCKS is an industry standard network security protocol used in private networks to allow secure traversal of application layer traffic through the boundaries of the network. Standardized by IETF in Request for Comments (RFC) 1928 (Leech et al., 1996) as SOCKS Version 5, this protocol has found widespread use in various security frameworks to allow a variety of application layer protocols to securely traverse a firewall. This paper is the result of research performed on the usability of the protocol in application domains such as multicast. We discuss some of the shortcomings of the SOCKS protocol and provide a framework and the methods for enhancing the capabilities of the protocol in areas such as multicast and advanced TCP and UDP capabilities not addressed by the current standard of the protocol. The methods proposed are being implemented in a reference implementation by the authors.
Download

Paper Nr: 28
Title:

AN EFFICIENT METHODOLOGY TO LIMIT PATH LENGTH GUARANTEEING ANONYMITY IN OVERLAY NETWORKS

Authors:

Juan P. Muñoz-Gea, Josemaría Malgosa-sanahuja, Pilar Manzanares-Lopez, Juan Carlos Sánchez-aarnoutse and Joan Garcia-haro

Abstract: An alternative to guarantee anonymity in overlay networks may be achieved by building a multi-hop path between the origin and the destination. However, one hop in the overlay network can consist of multiple Internet Protocol (IP) hops. Therefore, the length of the overlay multi-hop path must be reduced in order to maintain a good balance between the cost and the benefit provided by the anonymity facility. Unfortunately, the simple Time-To-Live (TTL) algorithm cannot be directly applied here since its use could reveal valuable information to break anonymity. In this paper, a new mechanism which reduces the length of the overlay multi-hop paths is presented. The anonymity level is evaluated by means of simulation and good results are reported.
Download

Paper Nr: 160
Title:

PRICE TO PROVIDE RFID SECURITY AND PRIVACY?

Authors:

Tim Good and Mohammed Benaissa

Abstract: The applications for Radio frequency identification (RFID) systems are rapidly expanding and privacy concerns have been highlighted. Existing protocols fit into the challenge-response model and either fail in terms of privacy or have security vulnerabilities. A new symmetric key based protocol for RFID, named “PRICE: to Prevent RFID Insecurity Cryptography Essential”, is presented. This provides tag and reader authentication together with secure transfer of the tag’s identifier whilst still remaining within the challenge-response model. A security analysis of the protocol is given together with discussion of areas of weakness. The tag-borne security measures only require a single symmetric cipher encryption primitive.
Download

Paper Nr: 176
Title:

AN E-VOTING PROTOCOL BASED ON PAIRING BLIND SIGNATURES

Authors:

Lourdes López-García, Francisco Rodríguez-Henríquez and M. A. León-Chávez

Abstract: In this paper we present a fair e-voting protocol able to guarantee voter’s anonymity and double vote detection. The main cryptographic building blocks used by our system are two, namely, pairing-based blind signatures and elliptic curve digital signatures. We give both, a security and a cryptographic cost analysis of our proposed protocol, showing that it has a computational cost similar to other e-voting schemes previously reported, and the same time, it provides a good robustness against the potential attacks analyzed in this paper.
Download

Paper Nr: 186
Title:

YET ANOTHER SECURE DISTANCE-BOUNDING PROTOCOL

Authors:

Ventzislav Nikov and Marc Vauclair

Abstract: Distance-bounding protocols have been proposed by Brands and Chaum in 1993 in order to detect relay attacks, also known as mafia fraud. Although the idea has been introduced fifteen years ago, only recently distance-bounding protocols attracted the attention of the researchers. In this paper, a new secure distance-bounding protocol is presented. It is self-contained and composable with other protocols for example for authentication or key-negotiation. It allows periodically execution and achieves better use of the communication channels by exchanging authenticated nonces. The proposed protocol becomes suitable for wider class of devices, since the resource requirements to the prover are relaxed.
Download

Paper Nr: 220
Title:

SEC-SNMP: POLICY-BASED SECURITY MANAGEMENT FOR SENSOR NETWORKS

Authors:

Qinghua Wang and Tingting Zhang

Abstract: In this paper, we present a sensor network security management framework called Sec-SNMP, which organizes and manages security related behaviors in sensor networks based on security policies. There are three main components in Sec-SNMP: Sec-SNMP manager, Sec-SNMP agent and a policy control and deployment protocol. Sec-SNMP manager provides the interface between human administrator and the managed mesh network. Sec-SNMP agent represents Sec-SNMP manager to enforce security policies within the managed mesh network. The policy control and deployment protocol allows the communication between Sec-SNMP manager and Sec-SNMP agents. The security management for sensor networks is still in its germinal stage, and this paper provides a good guideline for future research.
Download

Paper Nr: 237
Title:

APPLYING SRP ON SIP AUTHENTICATION

Authors:

Celalettin KILINÇ and A. Gökhan Yavuz

Abstract: Session Initiation Protocol (SIP) is the leading protocol used in IP telephony today. By the increasing use of IP telephony and also SIP, features like QoS and security are becoming more and more important. Because of the its simple design, SIP does not have a highly secure authentication mechanism which needs to be enhanced in order to cope with today’s security threats of IP. In this paper we propose a new authentication scheme for SIP based on the Secure Remote Password (SRP) Protocol. Our proposed authentication scheme modifies two existing SIP messages and adds a new SIP message. The result is a verifier based authentication scheme for SIP in which client passwords do not need to be sent to the registrar service in any form.
Download

Area 4 - Cryptographic Techniques and Key Management

Full Papers
Paper Nr: 34
Title:

A MULTIPLE BIRTHDAY ATTACK ON NTRU

Authors:

Raphael Overbeck

Abstract: In this paper we view the possibilities to lance a multiple (iterative) birthday attack on NTRU. Recently Wagner’s algorithm for the generalized birthday problem (Wagner, 2002) allowed to speed-up several combinatorial attacks. However, in the case of NTRU we can not hope to to apply Wagner’s algorithm directly, as the search space does not behave nicely. In this paper we show that we can nevertheless draw profit from a multiple birthday approach. Our approach allows us to attack ees251ep6 parameter set on a computer with only 252 Bits of memory and about 29 times faster as with Odlyzko’s combinatorial attack – this is an improvement factor about 243 in space complexity. We thus contradict the common believe, that in comparison to computational requirements, the “storage requirement is by far the larger obstacle” (Howgrave-Graham, 2007) to attack NTRU by combinatorial attacks. Further, our attack is about 27 times faster than the space-reduced variant from (Howgrave-Graham, 2007) employing the same amount of memory.
Download

Paper Nr: 69
Title:

FORWARD-SECURE PROXY SIGNATURE AND REVOCATION SCHEME FOR A PROXY SIGNER WITH MULTIPLE ORIGINAL SIGNERS

Authors:

Bharat B. Amberker and Sunitha N.R.

Abstract: On many occasions it is required for a single person to take up the responsibilities of many persons for some duration and work on their behalf so that the regular work goes on smoothly. For example in a bank, when majority of the employees need to attend an important meeting during working hours, to avoid disrupting any of the regular activities, one employee may need to play the role of many employees. An accountant may need to play the role of a cashier, asst. manager and cheque clearing officer. In such situations the employee working on behalf of other employees need to be delegated with signing power from the employees who perform the activities regularly. Also, this delegation must be only for some specified time period T and after the elapse of that time period the signing capability must be revoked. The concept of proxy signatures is used here. A proxy signature scheme allows one user to delegate his/her signing capability to another user called a proxy signer in such a way that the latter can sign messages on behalf of the former. After verification the verifier is convinced of the original signer’s agreement on the signed message. Forward-Secure signatures enable the signer to guarantee the security of messages signed in the past even if his secret key is exposed today. We have come up with a forward secure proxy signature and revocation scheme for a proxy signer who is delegated with signing power from multiple original signers. This scheme is based on the popular Bellare-Miner Forward-secure scheme.
Download

Paper Nr: 73
Title:

ON THE (IN)SECURITY OF TWO BUYER-SELLER WATERMARKING PROTOCOLS

Authors:

Geong S. Poh and Keith M. Martin

Abstract: A buyer-seller watermarking protocol deters dishonest buyers from illegally distributing bought content. This is achieved by giving the seller the capability to trace and identify these buyers, while also allowing the seller to prove illegal acts to a third party. At the same time, an honest buyer is prevented from being falsely accused of illegal content distribution by the seller. Many protocols have been proposed, with two recent proposals being the protocols proposed by Ibrahim et al. in IAS 2007 and SECRYPT 2007. We will show that these protocols are not secure, especially for the seller. We further put forward our thoughts on how it is possible to avoid the security weaknesses found in them.
Download

Short Papers
Paper Nr: 37
Title:

KEY DISTRIBUTION BASED ON QUANTUM FOURIER TRANSFORM

Authors:

Marius Nagy, Selim G. Akl and Sean Kershaw

Abstract: The data dependencies brought about by the Quantum Fourier Transform can be harnessed to design novel key distribution protocols with improved performance. Such a protocol maximizes an eavesdropper’s uncertainty over the information transmitted, while amplifying the disturbance caused by the act of eavesdropping, thus offering better chances of detecting the intrusion. This is due to the fact that a tested qubit may reveal the presence of an eavesdropper even if that particular qubit was not ”touched” while in transit.
Download

Paper Nr: 39
Title:

FPGA-TARGETED HARDWARE IMPLEMENTATIONS OF K2

Authors:

Shinsaku Kiyomoto, Toshiaki Tanaka and Kouichi Sakurai

Abstract: K2 is a new type of word oriented stream cipher that has dynamic feedback control. Existing research has shown that K2 v2.0 is a high performance stream cipher in software implementations and can be used in several applications. However, no evaluation results for its performance in hardware implementations have been published. In this paper, we presented two hardware implementations of K2 v2.0: a high speed implementation and a compact implementation. We then show the evaluation results on FPGA implementation simulations. The implementations of K2 demonstrated high efficiency compared with other stream ciphers, with K2 being 4-10 times higher than AES implementations. We think that the FPGA implementation of K2 is suitable for applications using high speed encryption/decryption.
Download

Paper Nr: 40
Title:

MULTI-COLLISIONS ATTACK IN RING HASH STRUCTURE

Authors:

nasour bagheri, Babak Sadeghiyan and Majid Naderi

Abstract: Ring hash structure is a new hash structure which has been introduced by Joux to strengthen the current hash structures against multi-collision attacks. In this paper, we present a cryptanalysis on Ring hash structure. We show that finding multi-collisions, i.e. 2k-way collision, for a Ring hash structure is not much harder than finding such multi-collisions for ordinary MD hash structure. The complexity of our attack is approximately log (n) times harder than the complexity of attacks against MD structures. We employ these multi-collisions to find a D-way pre-image for this structure. We show the complexity of finding 2K-way multi-collision and 2k-way preimage are O((k+1)x(n / 2)x2n/2 ) and O(kx n / 2x2n/2+2x2n ) respectively. We also show that Ring structure should not be used to create a hash function of 2n-bit length, by concatenatingmthis structure to any other hash structure of n-bit output length. We show that the time complexity of finding a collision for this concatenated structure is O((k+1)x(n / 2)x 2n /2 )that is much smaller than Ω(2n ), which is expected for a generic-birthday attack.
Download

Paper Nr: 49
Title:

EFFICIENT IBE-PKE PROXY RE-ENCRYPTION

Authors:

Takeo Mizuno and Hiroshi Doi

Abstract: In proxy re-encryption schemes, a semi-trusted entity called proxy can convert a ciphertext encrypted for Alice into a new ciphertext for Bob without seeing the underlying plaintext. Several proxy re-encryption schemes have been proposed, however, only one scheme which enables the conversion of IBE ciphertexts to PKE ciphertexts has been proposed and it has some drawbacks. In that scheme, the size of the re-encrypted ciphertext increases and Bob must be aware of existence of the proxy, which means Bob cannot decrypt a re-encrypted ciphertext with same PKE decryption algorithm. We propose a new, efficient scheme that enables the conversion of IBE ciphertexts to PKE ciphertexts, and prove CPA security in the standard model. In our scheme, the size of the re-encrypted ciphertext is optimal and Bob does not aware of existence of the proxy. As far as we knows, this is the first IBE-PKE type scheme that holds the above properties.
Download

Paper Nr: 58
Title:

A FAIR E-TENDERING PROTOCOL

Authors:

Vijayakrishnan Pasupathinathan, Josef Pieprzyk and Huaxiong Wang

Abstract: Fairness in electronic tendering is of utmost importance. Current proposals and implementations do not provide fairness and are vulnerable to collusion and favouritism. Dishonest participants, either the principal or tenderer can collude to alter or view competing tenders which would give the favoured tenderer a greater chance of winning the contract. This paper proposes an e-tendering system that is secure and fair to all participants. We employ the techniques of anonymous token system along with signed commitment approach to achieve a publicly verifiable fair e-tendering protocol. We also provide a analysis that confirms that our e-tendering protocol achieves the claimed security goals.
Download

Paper Nr: 59
Title:

A GENERAL FRAMEWORK FOR GUESS-AND-DETERMINE AND TIME-MEMORY-DATA TRADE-OFF ATTACKS ON STREAM CIPHERS

Authors:

Guanhan Chew and Khoongming Khoo

Abstract: In this paper, we present a framework for guess-and-determine attack on stream ciphers that relies on guessing part of the internal state and solving for the remaining unknown cipher state based on known keystream bits. We show that this basic attack can always be extended to a Time-Memory-Data (TMD) Trade-Off attack. This allows us to easily extend any guess-and-determine attack to a guess-and-determine TMD attack, which improves the online attack at the expense of memory, pre-processing time, and data requirement. Lastly, we illustrate three applications of the attack framework.
Download

Paper Nr: 110
Title:

SECURE COMMUNICATION IN MOBILE AD HOC NETWORK USING EFFICIENT CERTIFICATELESS ENCRYPTION

Authors:

Peter H. Lee, Shivaramakrishnan Narayan and Udaya Pakjhkj

Abstract: Establishing secure communication in a wireless network such as Mobile Ad Hoc Network (MANET) is particularly challenging because: (i) the network is self-organizing; (ii) messages are broadcasted; (iii) messages travel in a hop-by-hop manner; (iv) nodes are constrained in terms of computation and battery power. We propose a flexible and efficient Certificateless Encryption scheme which is optimized for MANET environment. Further, we couple the idea of Resurrecting Duckling with the scheme to achieve efficient key establishment and demonstrate the use of the transparent policy encoder which facilitates the authentication. We also show the security of the scheme in random oracle model assuming k-Bilinear Diffie-Hellman Inversion problem is hard.
Download

Paper Nr: 115
Title:

REBEL - Reconfigurable Block Encryption Logic

Authors:

Mahadevan Gomathisankaran, Ka-Ming Keung and Akhilesh Tyagi

Abstract: REBEL is a fiestel network based block encryption function which uses reconfigurable gates instead of substituition boxes. This novel design approach has many advantages such as the key size can be much greater than the block size, security can be reduced to boolean square root problem (Kutz, 2004) and resitant to known cryptanalytic attacks. The implementation results show that our proposed design can better AES in every design parameter at the same time providing much higher security.
Download

Paper Nr: 153
Title:

AN EFFICIENT MULTIPLICATION ALGORITHM USING BINOMIAL RESIDUE REPRESENTATION

Authors:

Yin Li and Christophe Negre

Abstract: In this paper, we propose an extension of the algorithm proposed by Bajard, Imbert and Negre in (Bajar et al., 2006), refered as BIN algorithm. We use binomial residue representation of field elements instead of the Lagrange representation of (Bajar et al., 2006). Specifically, every elements in Fpk is represented by a set of residue modulo fixed binomials. We propose two versions of our algorithm, one in general form with a sub-quadratic complexity equal to O(k1.5 ) operations in Fp . The second one is optimized with the use of FFT. In this case the cost is O(k log(k)) operations in Fp . For fields GF ( pk ) suitable for elliptic curve cryptography our algorithm roughly improves the time delay of (Bajar et al., 2006) by 45%.
Download

Paper Nr: 222
Title:

A NEW PROBABILISTIC REKEYING METHOD FOR SECURE DYNAMIC GROUPS

Authors:

Shankar Joshi and Alwyn Pais

Abstract: Logical Key Hierarchy (LKH) is a basic method in secure multicast group rekeying. LKH maintains a balanced tree which provide uniform cost of O(log N) for compromise recovery, where N is group size. However, it does not distinguish the behavior of group members even though they have different probabilities of join or leave. When members have diverse changing probability the gap between LKH and the optimal rekeying algorithm will become bigger. The Probabilistic optimization of LKH (PLKH) scheme, optimized rekey cost by organizing LKH tree with user rekey characteristic. In this paper, we concentrate on further reducing the rekey cost by organizing LKH tree with respect to compromise probabilities of members using new join and leave operations. Simulation results show that our scheme performs 18% to 29% better than PLKH and 32% to 41% better than LKH.
Download

Paper Nr: 228
Title:

TRAITOR TRACING FOR ANONYMOUS ATTACK IN CONTENT PROTECTION

Authors:

Hongxia Jin

Abstract: In this paper we take a closer look at traitor tracing in the context of content protection, especially for anonymous attack where the attackers pirate the content and re-distribute the decrypted plain content. When the pirated copies are recovered, traitor tracing is a forensic technology that can identify the original users (called traitors) who have participated in the pirate attack and involved in the construction of the pirated copy of the content. In current state-of-art, traitor tracing scheme assumes a maximum coalition size of traitors in the system and is defined to detect one traitor, assuming the detected traitor can be disconnected and tracing just repeats with the remaining traitors. In this position paper we argue this definition does not sufficiently reflect the reality where a traitor tracing technology is used to defend against piracy especially in the context of content protection. We believe a traitor tracing scheme should deduce the active coalition size and should be defined to detect all active traitors even taking into consideration that found traitors need to be technically disabled. We believe the traditional definition misleads in the design of an efficient and practical traitor tracing schemes while our definition much better fits the reality and can lead to design of efficient traitor tracing schemes for real world use.
Download

Paper Nr: 230
Title:

EXPERIMENTAL RESEARCH AND CAPABILITY VALUATION ON SECURITY OF SOA-SCA BASED SDO

Authors:

Peng XU, Zhiyi FANG, Hang SU and Chuyi Wei

Abstract: By using technologies such as encryption, decryption, message digest, and digital signature and so on, this paper designed respective solutions for some security problems of SDO (Service Data Objects) data model, a concrete business processes based on SOA-SCA (Service Component Architecture) as well as security solutions for data confidentiality, integrity and non-repudiation of SDO data model based on the business processes. In addition, the design goals of security solution were analyzed in detail. Finally, the solution was achieved by using development tools WID (WebSphere Integration Developer) and WPS (WebSphere Process Server). The test and capability analysis for this realization was performed too.
Download

Paper Nr: 236
Title:

IDENTITY-BASED SIGNCRYPTION WITHOUT RANDOM ORACLES

Authors:

Shivaramakrishnan Narayan, Udaya Pakjhkj and Peter H. Lee

Abstract: The use of signcryption for secure and authenticated data communication was realized in 1997, following which numerous signcryptions have been presented which are provably secure in the random oracle proof methodology. In this paper, we present an identity-based signcryption provably secure in the standard model. Our scheme relies on the intractability of two well studied problems, the decisional bilinear Diffie-Hellman and the computational Diffie-Hellman. We achieve the security reduction of our scheme for the properties message confidentiality and unforgeability without relying on random oracles.
Download

Paper Nr: 33
Title:

ANONYMOUS MESSAGE AUTHENTICATION - Universally Composable Definition and Construction

Authors:

Kazuki Yoneyama

Abstract: Recently, various casual communication tools which are run by a certain group (e.g., social network service, blog and Wiki) are popularized. In such services, a member may want to inform some information to other group members without exposing his identity. For this perpose, message authentication schemes which guarantee anonymity of senders seem to be suitable. In this paper, we introduce a new anonymous message authentication scheme using ring signature with a special certification authority, called group-certification authority. Our scheme does not need any group manager to preserve the anonymity of the group member by the property of ring signature. Therefore, our scheme is suitable to casual services where a strict operation is not required by a system manager. Furthermore, we evaluate the security of our scheme in the universal composability framework.
Download

Paper Nr: 43
Title:

AN EFFICIENT RECONFIGURABLE SOS MONTGOMERY MULTIPLIER IN GF (P) USIGN FPGA DSP SLICES

Authors:

Muhammed Nauman, Muhammad N. Sial and Nassar Ikram

Abstract: Montgomery Modular Multiplication in hardware is of great importance for the realisation of practical public key systems. Hence, an efficient implementation of modular exponentiation in terms of speed and resources in hardware is essential. This paper focuses on implementation of fully pipelined SOS based Montgomery Multiplication algorithm in Virtex-5 FPGA using DSP slices to achieve best area-speed trade off. Our implementation results and comparison with other Multipliers show that our Multiplier is comparable to known Montgomery Multipliers in terms of area-speed trade off.
Download

Paper Nr: 55
Title:

A SHORT NOTE ON SECRET SHARING USING ELLIPTIC CURVES

Authors:

Volker Müller

Abstract: In this short note, we describe a variant of Shamir’s (n, t )-threshold scheme based on elliptic curves. Moreover, we show how pairings of elliptic curves can be used to also provide verifiability for the new elliptic curve based threshold scheme.
Download

Paper Nr: 139
Title:

LOW AREA SCALABLE MONTGOMERY INVERSION OVER GF(2m)

Authors:

Mohamed N. Hassan and Mohammed Benaissa

Abstract: In this work, an improved algorithm for Montgomery modular inversion over GF(2m) is proposed. Moreover, A novel scalable hardware architecture for the proposed algorithm is presented which is parameterizable and amenable to interfacing to special purpose processors such as microcontrollers. The architecture supports operations over finite fields GF(2m) up to m  571 without the need to reconfigure the hardware. The results show that, this work can be exploited to construct low resource elliptic curve cryptosystems (ECC).
Download

Paper Nr: 151
Title:

PROPER KEY GENERATION FOR THE IZOSIGN ALGORITHM

Authors:

Lorand Szollosi, Gábor Fehér and Tamás Marosits

Abstract: In the last decade using digital signatures in authentication and authorization protocols just as in e-business scenarios became more and more important and indispensable. New algorithms with different features for various applications are presented continuously. The IzoSign digital signature creation algorithm was intro- duced by the authors of this paper at CANS 2007. At that time, random key generation was proposed, which was later found vulnerable with high probability to a vertex matching attack (Kutylowski, 2007). We hereby analyze and generalize this kind of attacks, build a key generation algorithm that withstands such attacks, and then give a (theoretic) construction for key generation which (under the P ≠ NP or NP = E X P assumptions) is hard to break.
Download

Paper Nr: 182
Title:

POINT MULTIPLICATION ON SUPERSINGULAR ELLIPTIC CURVES DEFINED OVER FIELDS OF CHARACTERISTIC 2 AND 3

Authors:

Kwang Ho Kim and Christophe Negre

Abstract: Elliptic curve cryptosystem protocols use two main operations, the scalar multiplication and the pairing computation. Both of them are done through a chain of basic operation on the curve. In this paper we present new formulas for supersingular elliptic curve in characteristic 2 and 3. We improve best known formulas by at least one multiplication in the field.
Download

Area 5 - Information Assurance

Full Papers
Paper Nr: 62
Title:

GEOGRAPHIC DATA AND STEGANOGRAPHY - Using Google Earth and KML Files for High-Capacity Steganography

Authors:

Malte Diehl

Abstract: Steganography is the art of hiding the existence of information, whereas cryptography only aims at hiding the content of a message. Most steganographic algorithms try to embed data into images, audio or video files that provide reasonable capacities. However, such systems are often vulnerable to simple statistical attacks. In this paper, in order to provide an appropriate alternative to the currently used algorithms, we examine the information hiding properties of vector data that is used by many geographic information systems in great quantities. Unlike watermarking, we focus on maximising embedding capacities rather than on robustness, while still providing security against statistical attacks. Our implementation that uses the KML format known from Google Earth and other map services can replace more than 20 % of the original data with hidden messages, provided that a lot of numerical geodata is present in the KML file. Thus, our algorithm can hide about twice as much as current algorithms for images. Yet, virtually no distortions are inflicted to the cover data.
Download

Short Papers
Paper Nr: 143
Title:

PRACTICAL APPLICATION OF A SECURITY MANAGEMENT MATURITY MODEL FOR SMES BASED ON PREDEFINED SCHEMAS

Authors:

Luis Enrique Sánchez Crespo, Daniel Villafranca Alberca, Eduardo Fernández-medina and Mario Piattini

Abstract: For enterprises to be able to use information technologies and communications with guarantees, it is necessary to have an adequate security management system and tools which allow them to manage it. In small and medium-sized enterprises, the application of security standards has an additional problem, which is the fact that they do not have enough resources to carry out an appropriate management. This security management system must have highly reduced costs for its implementation and maintenance in small and medium-sized enterprises (from here on refered to as SMEs) to be feasible. In this paper we show the practical application of our proposal for a maturity model with which to manage the security in SMEs, centring upon the phase which determines the state of the enterprise and some of the mechanisms which allow the security level to be kept up to date without the need for continuous audits. This focus is continuously refined through its application to real cases, the results of which are shown in this paper.
Download

Paper Nr: 165
Title:

CSTEG: TALKING IN C CODE - Steganography of C Source Code in Text

Authors:

Jorge Blasco, Julio Hernandez, Juan Tapiador and Arturo Ribagorda Garnacho

Abstract: Cryptographic software has suffered in many ocassions from export restrictions. Governments might claim that cryptographic algorithms are equivalent to military equipment to justify and maintain these restrictions. Sometimes, these laws are approved under dictatorial rules or even by democratric goverments which exploit and overstimate a terrorist menace to restrict civil rights. Citizens have evaded these restrictions in many ways: handwriting the program’s source code and then typing it again, printing the source code in a t-shirt, using some kind of steganographic technique, etc. In this paper, we present a system called CSteg that hides source code into plain text by using context-free grammars. This presents the additional advantage that under some laws plain text is protected (and its exportation allowed) by free-speech and/or intellectual property legislation.
Download