SECRYPT 2012 Abstracts


Full Papers
Paper Nr: 7
Title:

Practical Applications of Homomorphic Encryption

Authors:

Michael Brenner, Henning Perl and Matthew Smith

Abstract: Homomorphic cryptography has been one of the most interesting topics of mathematics and computer security since Gentry presented the first construction of a fully homomorphic encryption (FHE) scheme in 2009. Since then, a number of different schemes have been found, that follow the approach of bootstrapping a fully homomorphic scheme from a somewhat homomorphic foundation. All existing implementations of these systems clearly proved, that fully homomorphic encryption is not yet practical, due to significant performance limitations. However, there are many applications in the area of secure methods for cloud computing, distributed computing and delegation of computation in general, that can be implemented with homomorphic encryption schemes of limited depth. We discuss a simple algebraically homomorphic scheme over the integers that is based on the factorization of an approximate semiprime integer. We analyze the properties of the scheme and provide a couple of known protocols that can be implemented with it. We also provide a detailed discussion on searching with encrypted search terms and present implementations and performance figures for the solutions discussed in this paper.

Paper Nr: 9
Title:

Reversible Steganographic Scheme with High Embedding Capacity using Dual Cover Images

Authors:

Nagaraj V. Dharwadkar and B. B. Amberker

Abstract: The advances in Internet technology and digital image representation helped the user to easily exchange the secret message. On Internet the transmission of the secret message is conducted using digital images which created new needs, issues and opportunities to the researcher. The basic objective of secret message communication is to transmit a message securely by embedding it into a cover-image such that unintended observers are unable to detect it. The image steganographic schemes are used in secret message communication. In this paper, we have proposed reversible steganographic scheme for gray-scale images. This scheme uses dual cover images to hide secret image and generates the perceptually similar dual stegoimages. Further, to extract the secret image the knowledge of dual stegoimages and stego-key are necessary which improved the security of this scheme. The experimental results show that the scheme provides a higher embedding capacity and robustness with un-noticeable distortions in the stegoimages. The performance of the scheme is analyzed for various types of image processing attacks on stegoimage. The proposed scheme was found rigid to the image processing attacks.

Paper Nr: 15
Title:

Improved “Partial Sums”-based Square Attack on AES

Authors:

Michael Tunstall

Abstract: The Square attack as a means of attacking reduced round variants of AES was described in the initial description of the Rijndael block cipher. This attack can be applied to AES, with a relatively small number of chosen plaintext-ciphertext pairs, reduced to less than six rounds in the case of AES-128 and seven rounds otherwise and several extensions to this attack have been described in the literature. In this paper we describe new variants of these attacks that have a smaller time complexity than those present in the literature. Specifically, we demonstrate that the quantity of chosen plaintext-ciphertext pairs can be halved producing the same reduction in the time complexity. We also demonstrate that the time complexity can be halved again for attacks applied to AES-128 and reduced by a smaller factor for attacks applied to AES-192. This is achieved by eliminating hypotheses on-the-fly when bytes in consecutive subkeys are related because of the key schedule.

Paper Nr: 18
Title:

Two Dragons - A Family of Fast Word-based Stream Ciphers

Authors:

Matt Henricksen

Abstract: The EU eSTREAMcompetition selected two portfolios of stream ciphers, from among thirty-four candidates, with members that were either fast in software or compact in hardware. Dragon was among the eight finalists in the software category. While meeting the performance requirement of being faster than the Advanced Encryption Standard (AES) on many platforms, it was less efficient than the four ciphers selected for the portfolio. Cryptanalysis revealed some less-than-ideal properties. In this paper, we provide some new insights into Dragon, and propose two modifications: Black Dragon, which is tailored for efficient implementation in modern SIMD architectures; and Yellow Dragon, which utilizes recent developments in Chinese block ciphers. We show the improved security and performance of these two variants.

Paper Nr: 20
Title:

Identity-based Password-Authenticated Key Exchange for Client/Server Model

Authors:

Xun Yi, Raylin Tso and Eiji Okamoto

Abstract: Password-Authenticated Key Exchange for Client/Server model (PAKE-CS) is where a client and a server, based only on their knowledge of a password, establish a cryptographic key for secure communication. In this paper, we propose a PAKE-CS protocol on the basis of identity-based encryption, where the client needs to remember a password only while the server keeps the password in addition to a private key related to his identity, where the private key is generated by multiple private key generators. Our protocol takes advantage of the features of client/server model and is more efficient than other PAKE-CS protocols in terms that it achieves explicit authentication with two-round communications only. In order to analyze the security of our protocol, we construct an ID-based formal model of security for PAKE-CS by embedding ID-based model into PAKE model. If the underlying identity-based encryption scheme has provable security without random oracle, we can provide a rigorous proof of security for our protocol without random oracles.

Paper Nr: 27
Title:

Tampering with Java Card Exceptions - The Exception Proves the Rule

Authors:

Guillaume Barbu, Philippe Hoogvorst and Guillaume Duc

Abstract: Many publications have studied the various issues concerning Java Cards security regarding software and/or hardware attacks. However, it is surprising to notice that the particular case of exception-related mechanisms has not been tackled yet in the literature. In this article, we fill this gap by proposing several attacks against Java Card platforms based on both exception handling and exception throwing. In addition, this study allows us to point out that a weakness known by the web-oriented Java community for more than a decade still passes the different steps of the state-of-the-art Java Card application deployment process (namely conversion and verification). This appears all the more important as the Java Card 3 Connected Edition specifications have started to bridge the gap between the two worlds that are Java Cards and Java web services.

Paper Nr: 34
Title:

Quantitative Assessment of Cloud Security Level Agreements - A Case Study

Authors:

Jesus Luna Garcia, Hamza Ghani, Tsvetoslava Vateva and Neeraj Suri

Abstract: The users of Cloud Service Providers (CSP) often motivate their choice of providers based on criteria such as the offered service level agreements (SLA) and costs, and also recently based on security aspects (i.e., due to regulatory compliance). Unfortunately, it is quite uncommon for a CSP to specify the security levels associated with their services, hence impeding users from making security relevant informed decisions. Consequently, while the many economic and technological advantages of Cloud computing are apparent, the migration of key sector applications has been limited, in part, due to the lack of security assurance on the CSP. In order to achieve this assurance and create trustworthy Cloud ecosystems, it is desirable to develop metrics and techniques to compare, aggregate, negotiate and predict the trade-offs (features, problems and the economics) of security. This paper contributes with a quantitative security assessment case study using the CSP information found on the Cloud Security Alliance’s Security, Trust & Assurance Registry (CSA STAR). Our security assessment rests on the notion of Cloud Security Level Agreements — SecLA — and, a novel set of security metrics used to quantitatively compare SecLAs.

Paper Nr: 38
Title:

Privacy-preserving Targeted Advertising Scheme for IPTV using the Cloud

Authors:

Leyli Javid Khayati, Erkay Savaş, Berkant Ustaoğlu and Cengiz Örencik

Abstract: In this paper, we present a privacy-preserving scheme for targeted advertising via the Internet Protocol TV (IPTV). The scheme uses a communication model involving a collection of viewers/subscribers, a content provider (IPTV), an advertiser, and a cloud server. To provide high quality directed advertising service, the advertiser can utilize not only demographic information of subscribers, but also their watching habits. The latter includes watching history, preferences for IPTV content and watching rate, which are published on the cloud server periodically (e.g. weekly) along with anonymized demographics. Since the published data may leak sensitive information about subscribers, it is safeguarded using cryptographic techniques in addition to the anonymization of demographics. The techniques used by the advertiser, which can be manifested in its queries to the cloud, are considered (trade) secrets and therefore are protected as well. The cloud is oblivious to the published data, the queries of the advertiser as well as its own responses to these queries. Only a legitimate advertiser, endorsed with a so-called {\em trapdoor} by the IPTV, can query the cloud and utilize the query results. The performance of the proposed scheme is evaluated with experiments, which show that the scheme is suitable for practical usage.

Paper Nr: 40
Title:

Constructing Secure-channel Free Searchable Encryption from Anonymous IBE with Partitioned Ciphertext Structure

Authors:

Keita Emura and Mohammad Shahriar Rahman

Abstract: As an extension of public key encryption with keyword search (PEKS), secure channel free PEKS (SCF-PEKS) has been considered. Generic construction of SCF-PEKS (with adaptive security) from strongly existentially unforgeable one-time signature, selective-tag CCA secure tag-based encryption (TBE) and anonymous identity-based encryption (IBE) has been proposed in ISC2011. Since this construction follows the double encryption, where a ciphertext of anonymous IBE is encrypted by TBE, hybrid encryption is applied because usually the ciphertext space of IBE is not equal to the plaintext space of TBE. In this paper, we show that hybrid encryption is not necessary as long as previously-known anonymous IBE schemes are used as a building tool of adaptive SCF-PEKS. Our result leads to a composability of IBE schemes whether they can be applied for constructing adaptive SCF-PEKS or not. Moreover, since we can exclude DEM part, our construction is efficient compared to the original one.

Paper Nr: 42
Title:

SIMD-based Implementations of Eta Pairing Over Finite Fields of Small Characteristics

Authors:

Anup Kr. Bhattacharya, Abhijit Das, Dipanwita Roychowdhury, Bhargav Bellur and Aravind Iyer

Abstract: Eta pairing on supersingular elliptic curves defined over fields of characteristics two and three is a popular and practical variant of pairing used in many cryptographic protocols. In this paper, we study SIMD-based implementations of eta pairing over these fields. Our implementations use standard SIMD-based vectorization techniques which we call horizontal and vertical vectorization. To the best of our knowledge, we are the first to study vertical vectorization in the context of curves over fields of small characteristics. Our experimentation using SSE2 intrinsics reveals that vertical vectorization outperforms horizontal vectorization.

Paper Nr: 58
Title:

Homomorphic Primitives for a Privacy-friendly Smart Metering Architecture

Authors:

Benjamin Vetter, Osman Ugus, Dirk Westhoff and Christoph Sorge

Abstract: We propose a privacy-friendly smart metering architecture which is yet flexible enough to serve various future third party energy services. Our secure architecture may be deployed as a cloud service and allows processing of SQL queries on encrypted measurements, providing aggregated results in a most flexible manner. A combination of homomorphic encryption and homomorphic MACs provides confidentiality of the users’ energy consumptions, allowing integrity checks and enhanced SQL-queries on encrypted data. Our extensive performance analysis shows that our approach is promising with respect to storage and computational overhead.

Paper Nr: 59
Title:

Flexible Redactable Signature Schemes for Trees - Extended Security Model and Construction

Authors:

Henrich C. Pöhls, Kai Samelin, Hermann de Meer and Joachim Posegga

Abstract: At ISPEC’12, Samelin et al. show that the redactable signature scheme introduced at VLDB’08 by Kundu and Bertino does not always preserve the structural integrity of the tree signed. In particular, they show how redaction of non-leaves promotes descendants and allows a third party to add new edges to the signed tree. This alters the semantic meaning of the tree and is not acceptable in certain scenarios. We generalize the model, such that it offers the signer the flexibility to sign trees where every node is transparently redactable. This includes intermediates nodes, i.e, to allow redacting a hierarchy, but also the tree’s root. We present a provably secure construction, where this possibility is given, while remaining under explicit control of the signer. Our security model is as strong as Brzuska et al.’s introduced at ACNS’10. We have implemented our secure construction and present a detailed performance analysis.

Paper Nr: 66
Title:

High-throughput Hardware Architectures of the JH Round-three SHA-3 Candidate - An FPGA Design and Implementation Approach

Authors:

George S. Athanasiou, Chara I. Chalkou, D. Bardis, Harris E. Michail, George Theodoridis and Costas E. Goutis

Abstract: Hash functions are exploited by many cryptographic primitives that are incorporated in crucial cryptographic schemes and commercial security protocols. Nowadays, there is an active international competition, launched by the National Institute of Standards and Technology (NIST), for establishing the new hash standard, SHA-3. One of the semi-finalists is the JH algorithm. In this paper, two high throughput hardware architectures of the complete JH algorithm are presented. The difference between them is the existence of 3 pipeline stages at the second one. They both are designed to support all the possible versions of the algorithm and are implemented in Xilinx Virtex-4, Virtex-5, and Virtex-6 FPGAs. Based on the experimental results, the proposed architectures outperform the existing ones in terms of Throughput/Area factor, regarding all FPGA platforms and JH algorithm’s versions.

Paper Nr: 72
Title:

Private Outsourcing of Matrix Multiplication over Closed Semi-rings

Authors:

Mikhail J. Atallah, Keith B Frikken and Shumiao Wang

Abstract: Many protocols exist for a client to outsource the multiplication of matrices to a remote server without revealing to the server the input matrices or the resulting product, and such that the server does all of the super-linear work whereas the client does only work proportional to the size of the input matrices. These existing techniques hinge on the existence of additive and multiplicative inverses for the familiar matrix multiplication over the (+,∗) ring, and they fail when one (or both) of these inverses do not exist, as happens for many practically important algebraic structures (including closed semi-rings) when one or both of the two operations in the matrix multiplication is the “min” or “max” operation. Such matrix multiplications are very common in optimization. We give protocols for the cases of (+,min) multiplication, (min,max) multiplication, and of (min,+) multiplication; the last two cases are particularly important primitives in many combinatorial optimization problems.

Paper Nr: 73
Title:

Extension of de Weger’s Attack on RSA with Large Public Keys

Authors:

Nicolas T. Courtois, Theodosis Mourouzis and Pho V. Le

Abstract: RSA cryptosystem (Rivest et al., 1978) is the most widely deployed public-key cryptosystem for both encryption and digital signatures. Since its invention, lots of cryptanalytic efforts have been made which helped us to improve it, especially in the area of key selection. The security of RSA relies on the computational hardness of factoring large integers and most of the attacks exploit bad choice parameters or flaws in implementations. Two very important cryptanalytic efforts in this area have been made by Wiener (Wiener, 1990) and de Weger (Weger, 2002) who developed attacks based on small secret keys (Hinek, 2010).The main idea of Wiener’s attack is to approximate the fraction e j(N) by eN for large values of N and then make use of the continued fraction algorithm to recover the secret key d by computing the convergents of the fraction eN. He proved that the secret key d can be efficiently recovered if d < 1 3N 1 4 and e < j(N) and then de Weger extended this attack from d < 1 3N 1 4 to d < N 3 4−b, for any 1 4 < b < 1 2 such that |p−q| < Nb. The aim of this paper is to investigate for which values of the variables s and D = |p−q|, RSA which uses public keys of the special structure E = e+sj(N), where e < j(N), is insecure against cryptanalysis. Adding multiples of j(N) either to e or to d is called Exponent Blinding and it is widely used especially in case of encryption schemes or digital signatures implemented in portable devices such as smart cards (Schindler and Itoh, 2011). We show that an extension of de Weger’s attack from public keys e < j(N) to E > j(N) is possible if the security parameter s satisfies s ≤ N 12 .

Paper Nr: 74
Title:

On Securing Communication from Profilers

Authors:

Sandra Díaz-Santiago and Debrup Chakraborty

Abstract: A profiling adversary is an adversary which aims to classify messages into pre-defined profiles and thus gain useful information regarding the sender or receiver of such messages. Usual chosen-plaintext secure encryption schemes are capable of securing information from profilers, but these schemes provide more security than required for this purpose. In this paper we study the requirements for an encryption algorithm to be secure only against profilers and finally give a precise notion of security for such schemes. We also present a full protocol for secure (against profiling adversaries) communication, which neither requires a key exchange nor a public key infrastructure. Our protocol guarantees security against non-human profilers and is constructed using CAPTCHAs and secret sharing schemes.

Paper Nr: 81
Title:

Voice Passwords Revisited

Authors:

Chenguang Yang, Ghaith Hammouri and Berk Sunar

Abstract: We demonstrate an attack on basic voice authentication technologies. Specifically, we show how one member of a voice database can manipulate his voice in order to gain access to resources by impersonating another member in the same database. The attack targets a voice authentication system build around parallel and independent speech recognition and speaker verification modules and assumes that adapted Gaussian Mixture Model (GMM) is used to model basic Mel-frequency cepstral coefficients (MFCC) features of speakers. We experimentally verify our attack using the YOHO database. The experiments conclude that in a database of 138 users an attacker can impersonate anyone in the database with a 98% success probability after at most nine authorization attempts. The attack still succeeds, albeit at lower success rates, if fewer attempts are permitted. The attack is quite practical and highlights the limited amount of entropy that can be extracted from the human voice when using MFCC features.

Paper Nr: 91
Title:

DDoS Detection with Information Theory Metrics and Netflows - A Real Case

Authors:

Domenico Vitali, Antonio Villani, Angelo Spognardi, Roberto Battistoni and Luigi V. Mancini

Abstract: Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) constitute one of the main issues for critical Internet services. The widespread availability and simplicity of automated stressing tools has also promoted the voluntary participation to extensive attacks against known websites. Today the most effective (D)DoS detection schemes are based on information theory metrics, but their effectiveness is often evaluated with synthetic network traffic. In this work we present a comparison of the main metrics proposed in the literature carried on a huge dataset formed by real netflows. This comparison considers the ability of each metric to detect (D)DoS attacks at an early stage, in order to launch effective and timely countermeasures. The evaluation is based on a large dataset, collected from an Italian transit tier II Autonomous System (AS) located in Rome. This AS network is connected to all the three main network infrastructures present in Italy (Commercial, Research and Public Administration networks), and to several international providers (even for Internet transit purposes). Many attempted attacks to Italian critical IT infrastructures can be observed inside the network traffic of this AS. Several publicly declared attacks have been traced and many other malicious activities have been found by ex-post analysis.

Paper Nr: 124
Title:

Secure File Allocation and Caching in Large-scale Distributed Systems

Authors:

Alessio Di Mauro, Alessandro Mei and Sushil Jajodia

Abstract: In this paper, we present a file allocation and caching scheme that guarantees high assurance, availability, and load balancing in a large-scale distributed file system that can support dynamic updates of authorization policies. The scheme uses fragmentation and replication to store files with high security requirements in a system composed of a majority of low-security servers. We develop mechanisms to fragment files, to allocate them into multiple servers, and to cache them as close as possible to their readers while preserving the security requirement of the files, providing load-balancing, and reducing delay of read operations. The system offers a trade-off between performance and security that is dynamically tunable according to the current level of threat. We validate our mechanisms with extensive simulations in an Internet-like network.

Paper Nr: 128
Title:

Formal Analysis of the TLS Handshake Protocol

Authors:

Hanane Houmani and Mourad Debbabi

Abstract: Most applications in the Internet as e-banking, e-commerce, e-maling, etc., use the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol to protect the communication channel between the client and the server. That is why it is paramount to ensure the security objectives such as confidentiality, authentication and integrity of the SSL/TLS protocol. In this paper we prove the confidentiality (secrecy) property of the SSL/TLS handshake protocol which consititues the main core of the SSL/TLS protocol. To perform this analysis, we introduce a new funcion called DINEK function that safeltly estimates the security level of messages. More precisely, this function which shares a conceptual origin with the idea of a rank function, allows to estimate a security level of a message (including the unknown messages) according to the interaction between the protocol and the intruder. This function could not be used only to verify the TLS protocol as we will show in this paper, but also to verify the secrecy property for large class of protocols and in particular Key Agreement protocols. The verification using the DINEK function is proven in this paper for unbounded number of sessions and unbounded number of nouces.

Short Papers
Paper Nr: 16
Title:

Analysis of Some Natural Variants of the PKP Algorithm

Authors:

Rodolphe Lampe and Jacques Patarin

Abstract: In 1989, (Shamir, 1989) proposed a new zero-knowledge identification scheme based on a NP-complete problem called PKP for Permuted Kernel Problem. For a given prime p, a given matrix A and a given vector V, the problem is to find a permutation p such that the permuted vector Vp verifies A·Vp = 0 mod p. This scheme is still in 2011 known as one of the most efficient identification scheme based on a combinatorial problem. However, we will see in this paper that it is possible to improve this scheme significantly by combining new ideas in order to reduce the total number of computations to be performed and to improve very efficiently the security against side channel attacks using precomputations. We will obtain like this a new scheme that we have called SPKP. Moreover, if we use precomputed values in the scheme SPKP, then the prover will need to perform no computations (i.e. only selection and transmission of precomputed values). This is very interesting for security against side channel attacks because our scheme is zero-knowledge and we don’t perform any computations using the key during the identification so we prove that any attacker (even using side channel attacks) being successfully identified implies that he has a solution to the NP-complete problem PKP.

Paper Nr: 25
Title:

VLR Group Signatures - How to Achieve Both Backward Unlinkability and Efficient Revocation Checks

Authors:

Julien Bringer and Alain Patey

Abstract: Verifier-Local Revocation (VLR) group signatures are a particular case of dynamic group signature schemes where the revocation process does not influence the activity of the signers. The verifiers use a Revocation List and in all known schemes, checking a signature requires a computational time linear in the number of revoked members. Usually, it requires one pairing per revoked user. Recently, Chen and Li proposed a scheme where Revocation Check uses exponentiations instead of pairings. In this paper, we first propose a correction of their scheme to enable a full proof of the traceability property and we succeed with a constant additional cost only to extend this tweaked scheme to ensure Backward Unlinkability (BU). This important property prevents the loss of anonymity of past signatures when a user is revoked. We thus obtain the scheme with the most efficient Revocation Check among VLR schemes enabling BU.

Paper Nr: 45
Title:

Securing In-vehicle Communication and Redefining the Role of Automotive Immobilizer

Authors:

Constantinos Patsakis and Kleanthis Dellios

Abstract: Automotive conventional anti-theft devices fail to prevent from unauthorized actions against vehicles. Information technologies and evolved microelectronics are currently being developed and widely adopted in controlling many mechanical parts of the vehicles. One of the most common means of restricting access to unauthorized drivers is immobilizer. In current work we discuss some common vulnerability issues that vehicles and immobilizer technology confronts, leading us to propose a redefinition of its role in vehicle security and the physical vehicle environment. Our proposal meets current trends of IT and computer science in embedding systems in vehicles and if properly implemented, may provide more secure vehicles.

Paper Nr: 49
Title:

Building the Security Foundation to Embrace Public Software-as-a-Service (SaaS) - Security Policies for SaaS Data Protection

Authors:

Yuyu Chou, Jan Oetting and Olga Levina

Abstract: To mitigate the risk of confidentiality breaches when adapting public SaaS solutions, enterprises should build their security policies by setting up a system of security awareness. This paper presents a systematic approach to developing security policies, which includes the method and process used during the public SaaS system development life cycle. Hence, all employees will have the well-grounded concept to protect confidential data in the cloud.

Paper Nr: 50
Title:

Security Policies in Dynamic Service Compositions

Authors:

Julian Schütte, Hervais Simo Fhom and Mark Gall

Abstract: The paradigm of service composition emerged in the context of service oriented architectures, where it mainly referred to creating value-added services by combinitions of individual services. Nowadays, service composition is getting more and more dynamic and becomes part of pervasive systems. One of the major challenges in this context is to fulfill the security requirements of all involved parties without requiring human interaction to negotiate protection level agreements. In this paper, we propose an approach for composing access control decisions and obligations required by equitable policy domains on the fly. We show that our approach allows a policy-compliant collaboration without requiring the peers to reveal their individual rules and confirm its practicability by a prototype.

Paper Nr: 61
Title:

Towards Pervasive Cryptographic Access Control Models

Authors:

Mikko Kiviharju

Abstract: Access control lies at the heart of any technical information security and information assurance system. Access control is traditionally enforced by reference monitors, which are assumed to be able to reliably monitor and mediate all traffic from users to objects. An alternative view to enforcement is cryptography, referred to as cryptographic access control (CAC). CAC has gained popularity with the emergence of distributed computing, especially cloud computing and “everything as a service”. CAC is not a formal model, but an enforcement paradigm. In this paper we propose an extension to the current CAC framework and discuss the limits, where it is in general feasible to extend CAC as a paradigm over reference monitors.

Paper Nr: 62
Title:

Cryptographic Enforcement of Access Control while Mitigating Key Sharing

Authors:

Keith B. Frikken

Abstract: In this paper, we consider the well-studied problem of cryptographic enforcement of hierarchical-based access control. While this problem is well-studied, a significant drawback to prior approaches is that if a corrupt user shares his key, then any user can access the content of the corrupt user. This is particularly damaging since it is not possible to determine the identity of the corrupt user, and almost all previous schemes require some rekeying in order to revoke a key. To mitigate this key sharing attack, we propose a new model for cryptographic enforcement: Identity-based key management (IBKM). In this framework, each key is associated with an identity and this identity is required to access content. This allows the system to trace the source of key leakage and to revoke users without rekeying. The main disadvantage of this framework is the scheme does not have the ability to provide anonymous access, but it can be used to provide pseudonymous access. The main contributions of this paper are formal definitions for IBKM and schemes for achieving IBKM.

Paper Nr: 63
Title:

Verifying Privacy by Little Interaction and No Process Equivalence

Authors:

Denis Butin and Giampaolo Bella

Abstract: While machine-assisted verification of classical security goals such as confidentiality and authentication is well-established, it is less mature for recent ones. Electronic voting protocols claim properties such as voter privacy. The most common modelling involves indistinguishability, and is specified via trace equivalence in cryptographic extensions of process calculi. However, it has shown restrictions. We describe a novel model, based on unlinkability between two pieces of information. Specifying it as an extension to the Inductive Method allows us to establish voter privacy without the need for approximation or session bounding. The two models and their latest specifications are contrasted.

Paper Nr: 64
Title:

A Security Analysis of Emerging Web Standards - HTML5 and Friends, from Specification to Implementation

Authors:

Philippe De Ryck, Lieven Desmet, Frank Piessens and Wouter Joosen

Abstract: Over the past few years, a significant effort went into the development of a new generation of web standards, centered around the HTML5 specification. Given the importance of the web in our society, it is essential that these new standards are scrutinized for potential security problems. This paper reports on a systematic analysis of ten important, recent specifications with respect to two generic security goals: (1) new web mechanisms should not break the security of existing web applications, and (2) different newly proposed mechanisms should interact with each other gracefully. In total, we found 45 issues, of which 12 are violations of the security goals and 31 issues concern under-specified features. Additionally, we found that 6 out of 11 explicit security considerations have been overlooked/overruled in major browsers, leaving secure specifications vulnerable in the end. All details can be found in an extended version of this paper (De Ryck et al., 2012).

Paper Nr: 75
Title:

Biometric Identification in Virtual Worlds using Biometric Fusion Techniques

Authors:

Ahmed Al-Khazzar and Nick Savage

Abstract: The use of virtual worlds is becoming popular in many fields such as education, economy, space, and games. With the widespread use of virtual worlds, establishing the security of these systems becomes more important. In this paper a behavioural biometric system is implemented to identify users of a virtual environment. This research suggests the use of a score level fusion technique to improve the identification performance of the system. The identification is achieved by analysing user interactions within the virtual environments and comparing these interactions with the previously recorded interactions in the database. The results showed that using score level biometric fusion in behavioural biometric systems similar to the one presented in this research is a promising tool to improve the performance of these systems. The use of biometric fusion technique enhanced the performance of the implemented biometric system up to 7.5%. An average equal error rate of up to 22.7% was achieved in this work.

Paper Nr: 79
Title:

On the Development of Totally Self-checking Hardware Design for the SHA-1 Hash Function

Authors:

Harris E. Michail, George S. Athanasiou, Andreas Gregoriades, George Theodoridis and Costas E. Goutis

Abstract: Hash functions are among the major blocks of modern security schemes, used in many applications to provide authentication services. To meet the applications’ real-time constraints, they are implemented in hardware offering high-performance and increased security solutions. However, faults occurred during their operation result in the collapse of the authentication procedure, especially when they are used in security-critical applications such as military or space ones. In this paper, a Totally Self-Checking (TSC) design is introduced for the currently most-used hash function, namely the SHA-1. A detailed description concerning the TSC development of the data- and control-path is provided. To the best of authors’ knowledge, it is the first time that a TSC hashing core is presented. The proposed design has been implemented in 0.18μm CMOS technology and experiments on fault caverage, performance, and area have been performed. It achieves 100% coverage in the case of odd erroneous bits. The same coverage is also achieved for even erroneous bits, if they are appropriately spread. Compared to the corresponding Duplicated-with-Checking (DWC) design, the proposed one is more area-efficient by almost 15% keeping the same frequency.

Paper Nr: 110
Title:

Key Management as a Service

Authors:

Liran Lerman, Olivier Markowitch and Jorge Nakahara Jr

Abstract: In this paper we consider the security issues related to the key management in cloud computing. We focus on the difficulty of managing cryptographic keys necessary to maintain for example the confidentiality of information stored in the clouds. In this framework, we present a threshold cryptosystem as well as three protocols, based on cooperation between cloud providers and a random number generator which is a trusted third party, that covers the issue of key management.

Paper Nr: 112
Title:

Secure and Seamless Session Management in Mobile and Heterogeneous Environment

Authors:

Ali Hammami and Noëmie Simoni

Abstract: The Next Generation Network and Services (NGN/NGS) environment becomes more and more heterogeneous and mobile. Furthermore, today user seeks to access his services within a secured session ensuring the continuity and the quality of service. This rapid evolution and requirements raise the issue of guarantying the continuity of user-centric session in an advanced mobility context. This work targets particularly access control and security aspects based on Service Oriented Architecture in mobile and heterogeneous environments. To address the aforementioned challenges, we propose a secure and seamless session management solution that is based on several concepts and mechanisms. First, this solution ensures security management that overcomes session security and uniqueness challenges by gathering ubiquitous, mutualisable, autonomous and stateless service components. Second, we present a multiple and heterogeneous terminal composition by proposing a Virtual Private Device Network (VPDN) concept that is based on secure and auto-managed components. Finally, in addition to these proposed architecture components and concepts, we introduce SIP+ in order to ensure the security continuity within a seamless session during user mobility.

Paper Nr: 113
Title:

A Collaborative Firewall for Wireless Ad-Hoc Social Networks

Authors:

Leonardo Maccari

Abstract: A collaborative firewall can be realized in a multi-hop distributed wireless network when all or some of the nodes in the network agree on a filtering policy and enforce it when routing a packet. Cooperative firewalling introduces many challenges, how to distribute the rules, how to enforce them, how to reduce the global rule-set in order to limit the impact on the network performance. This paper studies the performance of a collaborative firewall when only a subset of the nodes of the ad-hoc network filter the packets. In order to achieve higher performances the integration with OLSR protocol is proposed. Simulations on realistic scenarios are performed and the source code of the simulator is released.

Paper Nr: 116
Title:

Some Remarks on Keystroke Dynamics - Global Surveillance, Retrieving Information and Simple Countermeasures

Authors:

Marek Klonowski, Piotr Syga and Wojciech Wodo

Abstract: In this paper we discuss some security issues related to keystroke dynamics. Up to now these methods have been used mainly for supporting authentication protocols. We point out that they can be also used against privacy and potentially lead to some other malicious behavior like for example impersonation. We also present some simple fairly realistic and usable countermeasures. We discuss fundamental issues about efficient and accurate representation of user’s profile in keystroke dynamic methods. More precisely, we discuss statistics of so–called timings used for building user’s profile. We give some observations about distributions of timings that substantially differ from assumptions used in numerous papers. Some of our theories are supported by experimental results.

Paper Nr: 123
Title:

An Improved Public-key Tracing Scheme with Sublinear Ciphertext Size

Authors:

Chiara Valentina Schiavo and Andrea Visconti

Abstract: To overcome the piracy problem in digital content distribution systems, a number of traitor tracing schemes have been suggested by researchers. The goal of these schemes is to enable the tracer to identify at least one of the traitors. In this context, Matsushita and Imai (2004) proposed a black-box tracing scheme with sublinear header size that is able to perform tracing of self-defensive pirate decoders. Kiayias and Pehlivanoglu (2009) proved that this scheme is vulnerable to an attack which allows an illicit decoder to recognize normal ciphertext to tracing ones and distinguish two consecutive tracing ciphertexts. For making the scheme no more susceptible to such attack, authors modified the encryption phase and assumed that traitors belong to the same user group. In this paper, we present a solution that has no traitors restrictions, repairing the scheme totally. In particular, we modified the tracing scheme proving that (a) a pirate decoder is not able to recognize normal ciphertext to tracing ones with sufficiently high probability, and (b) the statistical distance between two consecutive tracing operations is negligible under Decision Diffie Hellman assumption.

Paper Nr: 129
Title:

Data Repository for Security Information and Event Management in Service Infrastructures

Authors:

Igor Kotenko, Olga Polubelova and Igor Saenko

Abstract: Design and implementation of the repository is a critical problem in advanced security information and event management (SIEM) systems, which are SIEM systems of service infrastructures. The paper discusses several innovations which are realized to address this challenge. These include the application of an ontological approach for repository data modeling and a hybrid approach to its development, meaning the combined use of relational databases, XML databases and storage of triplets.

Paper Nr: 130
Title:

Distributed Threshold Certificate based Encryption Scheme with No Trusted Dealer

Authors:

Apostolos P. Fournaris

Abstract: Generating certified keys and managing certification information in a fully distributed manner can find a wide range of applications in the increasingly distributed IT environment. However, the prohibition of trusted entities within the distributed system and the high complexity certificate management and revocation mechanism, hinder the adoption of this approach in a large scale. Threshold cryptography offers an elegant solution to these issues through Shamir’s secret sharing scheme, where a secret (the Certificate Authority’s (CA) master key) is split and shared among all participants. Combining this approach with the reasonable certificate service requirements of Certificate based encryption (CBE) schemes could result in a functional and efficient distributed security scheme. However, centralized entities, denoted as trusted dealers, are needed in most threshold cryptography schemes even those few that support CBE, while the static way in which the system’s functionality is viewed, considerably limits possible applications (i.e. dynamic environments like p2p, Ad- Hoc networks, MANETS). In this paper, we explore the potentials of combining the latest developments in distributed key generation threshold cryptography schemes with efficient yet highly secure certificate based encryption schemes in order to provide a solution that matches the above concerns. We draft a fully distributed Threshold Certificate Based Encryption Scheme that has no need for any centralized entity at any point during its operating cycle, has few requirements concerning certificate management due to CBE and does not need any trusted dealer to create, and split secrets or distribute certificates. The proposed scheme has an easy participant addition-removal procedure to support dynamic environments.

Paper Nr: 131
Title:

Improving Cloud Survivability through Dependency based Virtual Machine Placement

Authors:

Min Li, Yulong Zhang, Kun Bai, Wanyu Zang, Meng Yu and Xubin He

Abstract: Cloud computing is becoming more and more popular in computing infrastructure and it also introduces new security problems. For example, a physical server shared by many virtual machines can be taken over by an attacker if the virtual machine monitor is compromised through one of the virtual machines. Thus, collocating with vulnerable virtual machines, or “bad neighbours”, on the same physical server introduces additional security risks. Moreover, the connections between virtual machines, such as the network connection between a web server and its back end database server, are natural paths of attacks. Therefore, both virtual machine placement and connections among virtual machines in the cloud have great impact over the overall security of cloud. In this paper, we quantify the security risks of cloud environments based on virtual machine vulnerabilities and placement schemes. Based on our security evaluation, we develop techniques to generate virtual machine placement that can minimize the security risks considering the connections among virtual machines. According to the experimental results, our approach can greatly improve the survivability of most virtual machines and the whole cloud. The computing costs and deployment costs of our techniques are also practical.

Paper Nr: 132
Title:

PPiTTA - Preserving Privacy in TV Targeted Advertising

Authors:

Tzachy Reinman and Erez Waisbard

Abstract: Targeted advertising involves using a person’s personal data to determine the most promising commercials to show that person. While the benefits are clear, the price paid in terms of loss of privacy may be high. In this work we bridge what seems at first to be contradicting requirements – the ability to personalize data and the need to maintain privacy, especially while reporting back the impressions to the advertiser. We provide two schemes that achieve this, each in its own adversarial model. We put an emphasis on modern TV systems and describe the architecture for supporting it.

Paper Nr: 137
Title:

Quantifying the Benefits of File Size Information for Forensic Hash Matching

Authors:

Johan Garcia

Abstract: Hashing is a widely used technique in the digital forensic practice. By using file size information in addition to hashes, hash matching can potentially be made more effective since there is no need to calculate a hash value if there is no file in the hash set that has the same file size as the file being examined. Based on an examination of 36 million file sizes from five different data sets, this paper provides a quantification of the obtainable improvements. For the evaluated data sets the file reduction, i.e the fraction of files that can be skipped without hash calculations, ranged from 0.009 to 0.525. The byte reduction, i.e. the fraction of bytes that can be skipped, ranged from 0.514 to 0.992. Simulation results showed that these reductions in many cases could decrease the time necessary for hash scanning by 50% or more.

Paper Nr: 139
Title:

Inverting Thanks to SAT Solving - An Application on Reduced-step MD*

Authors:

Florian Legendre, Gilles Dequen and Michaël Krajecki

Abstract: The SATisfiability Problem is a core problem in mathematical logic and computing theory. The last decade progresses have led it to be a great and competitive approach to practically solve a wide range of industrial and academic problems. Thus, the current SAT solving capacity allows the propositional formalism to be an interesting alternative to tackle cryptanalysis problems. This paper deals with an original application of the SAT problem to cryptanalysis. We thus present a principle, based on a propositional modeling and solving, and provide details on logical inferences, simplifications, learning and pruning techniques used as a preprocessor with the aim of reducing the computational complexity of the SAT solving and hence weakening the associated cryptanalysis. As cryptographic hash functions are central elements in modern cryptography we choose to illustrate our approach with a dedicated attack on the second preimage of the well-known MD⋆ hash functions. We finally validate this reverse-engineering process, thanks to a generic SAT solver achieving a weakening of the inversion of MD⋆. As a result, we present an improvement of the current limit of best practical attacks on step-reduced MD4 and MD5 second preimage, respectively up to 39 and 28 inverted rounds.

Paper Nr: 140
Title:

Improved Detection of Probe Request Attacks - Using Neural Networks and Genetic Algorithm

Authors:

Deepthi N. Ratnayake, Hassan B. Kazemian and Syed A. Yusuf

Abstract: The Media Access Control (MAC) layer of the wireless protocol, Institute of Electrical and Electronics Engineers (IEEE) 802.11, is based on the exchange of request and response messages. Probe Request Flooding Attacks (PRFA) are devised based on this design flaw to reduce network performance or prevent legitimate users from accessing network resources. The vulnerability is amplified due to clear beacon, probe request and probe response frames. The research is to detect PRFA of Wireless Local Area Networks (WLAN) using a Supervised Feedforward Neural Network (NN). The NN converged outstandingly with train, valid, test sample percentages 70, 15, 15 and hidden neurons 20. The effectiveness of an Intruder Detection System depends on its prediction accuracy. This paper presents optimisation of the NN using Genetic Algorithms (GA). GAs sought to maximise the performance of the model based on Linear Regression (R) and generated R > 0.95. Novelty of this research lies in the fact that the NN accepts user and attacker training data captured separately. Hence, security administrators do not have to perform the painstaking task of manually identifying individual frames for labelling prior training. The GA provides a reliable NN model and recognises the behaviour of the NN for diverse configurations.

Posters
Paper Nr: 12
Title:

Flexible Group Key Exchange with On-demand Computation of Subgroup Keys Supporting Subgroup Key Randomization

Authors:

Keita Emura and Takashi Sato

Abstract: In AFRICACRYPT2010, Abdalla, Chevalier, Manulis, and Pointcheval proposed an improvement of group key exchange (GKE), denoted by GKE+S, which enables on-demand derivation of independent secret subgroup key for all potential subsets. On-demand derivation is efficient (actually, it requires only one round) compared with GKE for subgroup (which requires two or more rounds, usually) by re-using values which was used for the initial GKE session for superior group. In this paper, we improve the Abdalla et al. GKE+S protocol to support key randomization. In our GKE+S protocol, the subgroup key derivation algorithm is probabilistic, whereas it is deterministic in the original Abdalla et al. GKE+S protocol. All subgroup member can compute the new subgroup key (e.g., for countermeasure of subgroup key leakage) with just one-round additional complexity. Our subgroup key establishment methodology is inspired by the “essential idea” of the NAXOS technique. Our GKE+S protocol is authenticated key exchange (AKE) secure under the Gap Diffie-Hellman assumption in the random oracle model.

Paper Nr: 22
Title:

lmRNG: A Lightweight Pseudorandom Number Generator for Wireless Sensor Networks

Authors:

Anna Sojka and Krzysztof Piotrowski

Abstract: Wireless sensor networks (WSN) are often used in the areas where the data security is very important. The cryptographic protocols developed for WSN need to be as computationally inexpensive as possible due to the energy and computational constraints of WSN. The same requirements concern also the elements of these protocols, e.g. the random number generator. In this paper we present our work on a pseudorandom number generator for wireless sensor networks. It uses a modification of the LogisticMap, which is adapted to be used in the constrained environment of the WSN. In our approach we combine a non-deterministic seed source with the deterministic function to get the pseudorandom number generator. We present the results of the tests confirming that our approach fulfils the requirements of randomness and is a candidate to be used for cryptographic purposes.

Paper Nr: 26
Title:

On Secure Communication over Wireless Sensor Networks

Authors:

Stefan Rass and Michał Koza

Abstract: This paper investigates (perfectly) secure message transmission over a wireless sensor network. Using a layered network architecture and a very simple form of routing, we show how to construct an arbitrarily secure communication channel over a given infrastructure of wireless devices. Our construction is computationally cheap and requires no cryptographic primitive beyond symmetric encryption on the channels. The security of the transmission can be made arbitrarily strong (in an information-theoretic sense).

Paper Nr: 28
Title:

Privacy Preserving Approaches for Global Cycle Detections for Cyclic Association Rules in Distributed Databases

Authors:

Nirali R. Nanavati and Devesh C. Jinwala

Abstract: The current massive proliferation of data has led to collaborative data mining that requires preservation of individual privacy of the participants. A number of algorithms proposed till date in this scenario are limited to mining association rules and do not consider their cyclic nature that finds associations with respect to the time segment. Hence catering to this challenge, we propose techniques for privacy preservation while finding global cycles when mining cyclic association rules in a distributed setup. The proposed techniques are based on homomorphic encryption and Shamir’s secret sharing that can help us decipher partial and total global cycles along with maintaining privacy in a distributed setup. Additionally security, efficiency and correctness analysis of the proposed algorithms are also given.

Paper Nr: 41
Title:

Self-ad-MCNHA-SLOS - A Self-adaptive Minimum-Cost Network Hardening Algorithm based on Stochastic Loose Optimize Strategy

Authors:

Yonglin Sun, Yongjun Wang and Yi Zhang

Abstract: Given a network, it inevitable contains various vulnerabilities, which could be exploited by malicious attackers. It is an effective way to harden a network by searching and remedying those critical vulnerabilities. That is the so-called Minimum-Cost Network Hardening (MCNH) problem, but there haven’t any effective enough method to address this problem yet, especially, when facing large-scale network. We proposed Self-ad-MCNHA-SLOS, an algorithm using Stochastic Loose Optimize Strategy (SLOS) and self-adaptive parameter adjustment method ingeniously, to meet the problem. Experiment results show that it has the merits of high-efficiency, controllable, asymptotically optimal, and suitable for large-scale network.

Paper Nr: 44
Title:

ADQL: A Flexible Access Definition and Query Language to Define Access Control Models

Authors:

Andreas Sonnenbichler and Andreas Geyer-Schulz

Abstract: We suggest a full specified formal language, the Access Definition and Query Language (ADQL). It has been designed to define access control models, facts, policies, and queries. ADQL, therefore, has the features of a meta language: It can be configured to act like known access control models e.g. as Bell-LaPadula, RBAC and its extensions and applications (e.g. SAP R/3), but also it can implement new models. Because of this, ADQL is highly flexible. Nevertheless, ADQL is not only a meta-language, but also allows to define facts, policies and queries. It has been implemented as a software service. It can be used as external authorization component for other applications and services. Through its flexibility many access control models can be supported.

Paper Nr: 68
Title:

Non-repudiation of Forwarding - Traceability of Confidential Data Via Multiple Recipients

Authors:

Rainer Schick and Christoph Ruland

Abstract: Nowadays, it can be assumed that valuable private data can be securely transmitted from one sender to one (or more) recipients. An unsolved problem following the transmission is addressed by this paper. The sender of some confidential information does not know what happens with the data after the transmission. If the message appears in a place it should not, the originator does not know who published it unauthorized. In order to solve this problem, this paper introduces a new non-repudiation service that allows tracking the way of protected data via several recipients.

Paper Nr: 87
Title:

Attack Modelling and Security Evaluation for Security Information and Event Management

Authors:

Igor Kotenko, Andrey Chechulin and Evgenia Novikova

Abstract: The paper considers an approach to attack modelling in Security Information and Event Management (SIEM) systems. The suggested approach incorporates usage of service dependency graphs and zero-day vulnerabilities to produce attack graph, calculation of security metrics based on attack graph and service dependencies and advanced any-time techniques for attack graph generation and security evaluation, etc.

Paper Nr: 106
Title:

Sevigator: Network Confinement of Malware Applications and Untrusted Operating Systems

Authors:

Denis Efremov and Nikolay Pakulin

Abstract: This project is an attempt to combine the advantages of software flexibility and security of hardware firewalls. It aims at the implementation of these advantages in the hypervisor source code for the purpose of creating user data confidentiality protection against its leakage from the personal computer through the network. The hypervisor implementation is based on the hardware virtualization extensions of both processors and motherboards. This constitutes a key feature, which enables hypervisor to combine the following advantages: the advantages of access to the OS environment and hardware protection against various intruders’ methods of compromise, including those capable of exploiting OS kernel resources for performing the malicious actions.

Paper Nr: 120
Title:

Development of a Snort IPv6 Plugin - Detection of Attacks on the Neighbor Discovery Protocol

Authors:

Martin Schütte, Thomas Scheffler and Bettina Schnor

Abstract: This paper describes the implementation and use of a preprocessor module for the open source Intrusion Detection System Snort. Our implementation utilizes preprocessor APIs for the extension of Snort and provides several new IPv6-specific rule options that make the definition of IPv6-specific attack signatures possible. The preprocessor detects attacks against the IPv6 Neighbor Discovery Protocol and can identify suspicious activity in local IPv6 networks. This includes misconfigured network elements, as well as malicious activities from attackers on the network. To our knowledge this is the first such implementation in an Open Source IDS.

Paper Nr: 135
Title:

The Concept of Compatibility between Identity-based and Certificateless Encryption Schemes

Authors:

Antigoni Polychroniadou, Konstantinos Chalkias and George Stephanides

Abstract: This paper introduces the concept of compatibility and presents an extended classification of two IBE-related schemes, the Identity-Based Encryption (IBE) and the Certificate-Less Encryption (CLE) in order to implement compatible systems. It cannot be denied that IBE, which can be extended to support a plethora of encryption models, gains widespread adoption day by day as it solves problems within conventional public key schemes and it results in a simplified key management, making it much more lightweight to deploy. Based on the fact that a number of different encryption schemes stemmed from IBE, an implementation of an IBE-related compatible system enables a number of different encryptions on-the-fly based on the user’s needs at a specific moment. Our approach categorizes known concrete constructions from two IBE-related types into classes and analyzes similarities concerning public settings, used keys, protocol structures and provided model of provable security. Therefore, we consider compatibility issues between CLE and IBE and we conclude that a significant number of them are closely related. Therefore, the concept of compatibility can be put into practice.

Paper Nr: 143
Title:

iSATS: Leveraging Identity based Sender Authentication for Spam Mitigation

Authors:

Sufian Hameed, Tobias Kloht and Xiaoming Fu

Abstract: A vast majority of spam emails today are sent from botnets with forged sender addresses. This has attracted researchers over the years to develop email sender authentication mechanism as a promising way to verify identity of the senders. In this paper we introduce iSATS, a new email sender authentication system based on Identity-based public key cryptography. iSATS leverages an identity based signature scheme to provide a reliable and easy way to bind the identity of legitimate sender to an email. Unlike the popular existing solutions like SPF and DKIM, it is hard for the spammer to adopt iSATS.

Paper Nr: 153
Title:

Adaptive Speech Watermarking in Wavelet Domain based on Logarithm

Authors:

Mehdi Fallahpour, David Megias and Hossein Najaf-Zadeh

Abstract: Considering the fact that the human auditory system requires more precision at low amplitudes, the use of a logarithmic quantization algorithm is an appropriate design strategy. Logarithmic quantization is used for the approximation coefficients of a wavelet transform to embed the secret bits. To improve robustness, the approximation coefficients are packed into frames and each secret bit is embedded into a frame. The experimental results show that the distortion caused by the embedding algorithm is adjustable and lower than that introduced by a standard ITU-T G.723.1 codec. Therefore, the marked signal has high quality (PESQ-MOS score around 4.0) and the watermarking scheme is transparent. The capacity is adjustable and ranges from very low bit-rates to 4000 bits per second. The scheme is shown to be robust against different attacks such as ITU-T G.711 (a-law and u-law companding), amplification and low-pass RC filters.

Paper Nr: 160
Title:

Defense Against TCP Flooding Attack

Authors:

Seungyong Yoon, Jintae Oh, Ikkyun Kim and Jongsoo Jang

Abstract: This paper generally relates to a DDoS attack prevention method, more particularly, to a Transmission Control Protocol (TCP) flooding attack prevention method which defines several session states based on the type and direction of a packet, tracks the session state for each flow, and detects and responds to a flooding attack. An anti-DDoS system with a capacity of 20Gbps throughput, we call ‘ALADDIN’ system, was implemented in FPGA based reconfigurable hardware. The possibility of high-speed hardware implementation was shown in this paper. The system was tested using existing DDoS attack tools in 8Gbps of background traffic. According to the test results, TCP flooding attacks could be defended through our proposed method rapidly and accurately.

Paper Nr: 163
Title:

An Application of a Group Signature Scheme with Backward Unlinkability to Biometric Identity Management

Authors:

Julien Bringer, Hervé Chabanne and Alain Patey

Abstract: We introduce a new identity management process in a setting where users’ identities are credentials for anonymous authentications. Considering identity domains organized in a tree structure, where applying for a new identity requires to previously own the parent identity, we enable a cascade revocation process that takes into account this structure while ensuring anonymity for non-revoked users, in particular, towards the providers of other identity domains. Our construction is based on the group signature scheme of (Bringer and Patey, 2012).

Paper Nr: 164
Title:

A Novel Fuzzy Vault Scheme for Secret Key Exchange

Authors:

Lin You and Jie Lu

Abstract: Based on the classical fuzzy vault and the Diffie-Hellman key exchange scheme, a novel fuzzy vault scheme for the secret key exchange is proposed. In this fuzzy vault scheme, the two users can respectively use their biometric features to unlock the fuzzy vault to get their shared secret key without running the risk of disclosure of their biometric features. The security of our scheme is based on the polynomial reconstruction problem and the discrete logarithm problem in a given finite group.

Paper Nr: 167
Title:

Network-based Executable File Extraction and Analysis for Malware Detection

Authors:

Byoungkoo Kim, Ikkyun Kim and Tai-Myoung Chung

Abstract: The injury by various computer viruses is over the time comprised of the tendency to increase. Therefore, various methodologies for protecting the computer system from the threats of new malicious software are actively studied. In this paper, we present a network-based executable file extraction and analysis technique for malware detection. Here, an executable file extraction is processed by executable file specific session and pattern matching in reconfiguring hardware. Next, malware detection is processed by clustering analysis technique about an executable file which is divided into many regions. In other words, it detects a malware by measuring the byte distribution similarity between malicious executable files and normal executable files. The proposed technique can detect not only the known malicious software but also the unknown malicious software. Most of all, it uses network packets as analysis source unlike the existing host anti-virus techniques. Besides, the proposed detection technique easily can detect malicious software without complicated command analysis. Therefore, our approach can minimize the load on the system execution despite the load on the additional network packet processing.

Paper Nr: 173
Title:

HoneyCloud: Elastic Honeypots - On-attack Provisioning of High-interaction Honeypots

Authors:

Patrice Clemente, Jean-Francois Lalande and Jonathan Rouzaud-Cornabas

Abstract: This paper presents HoneyCloud: a large-scale high-interaction honeypots architecture based on a cloud infrastructure. The paper shows how to setup and deploy on-demand virtualized honeypot hosts on a private cloud. Each attacker is elastically assigned to a new virtual honeypot instance. HoneyCloud offers a high scalability. With a small number of public IP addresses, HoneyCloud can multiplex thousands of attackers. The attacker can perform malicious activities on the honeypot and launch new attacks from the compromised host. The HoneyCloud architecture is designed to collect operating system logs about attacks, from various IDS, tools and sensors. Each virtual honeypot instance includes network and especially system sensors that gather more useful information than traditional network oriented honeypots. The paper shows how are collected the activities of attackers into the cloud storage mechanism for further forensics. HoneyCloud also addresses efficient attacker’s session storage, long term session management, isolation between attackers and fidelity of hosts.

Paper Nr: 174
Title:

A Proposed Framework for Analysing Security Ceremonies

Authors:

Marcelo Carlomagno Carlos, Jean Everson Martina, Geraint Price and Ricardo Felipe Custódio

Abstract: The concept of a ceremony as an extension of network and security protocols was introduced by Ellison. There are no currently available methods or tools to check correctness of the properties in such ceremonies. The potential application for security ceremonies are vast and fill gaps left by strong assumptions in security protocols. Assumptions include the provision of cryptographic keys and correct human interaction. Moreover, no tools are available to check how knowledge is distributed among human peers nor their interaction with other humans and computers in these scenarios. The key component of this position paper is the formalisation of human knowledge distribution in security ceremonies. By properly enlisting human expectations and interactions in security protocols, we can minimise the ill-described assumptions we usually see failing. Taking such issues into account when designing or verifying protocols can help us to better understand where protocols are more prone to break due to human constraints.