No abstract available.
Proceeding Downloads
Efficient and effective buffer overflow protection on ARM processors
Although many countermeasures have been developed for desktop and server environments, buffer overflows still pose a big threat. The same approach can be used to target mobile devices. Unfortunately, they place more severe limitations on ...
Efficient entropy estimation for mutual information analysis using b-splines
The Correlation Power Analysis (CPA) is probably the most used side-channel attack because it seems to fit the power model of most standard CMOS devices and is very efficiently computed. However, the Pearson correlation coefficient used in the CPA ...
A probabilistic diffusion scheme for anomaly detection on smartphones
Widespread use and general purpose computing capabilities of next generation smartphones make them the next big targets of malicious software (malware) and security attacks. Given the battery, computing power, and bandwidth limitations inherent to such ...
A smart card implementation of the mceliece PKC
In this paper we present a smart card implementation of the quantum computer resistant McEliece Public Key Cryptosystem (PKC) on an Infineon SLE76 chip. We describe the main features of the implementation which focuses on performance optimization. We ...
Evaluation metrics of physical non-invasive security
Physical non-invasive security has become crucial for cryptographic modules, which are widely used in pervasive computing. International security evaluation standards, such as U.S. Federal Information Processing Standard (FIPS) 140-3 and Common Criteria ...
Trust in peer-to-peer content distribution protocols
The distribution of virtual goods like multimedia data relies on the trustworthiness of the distribution system. Recent concepts for the distribution based on peer to peer networks like BitTorrent require new approaches to establish the needed level of ...
Generic constructions of biometric identity based encryption systems
In this paper, we present a novel framework for the generic construction of biometric Identity Based Encryption (IBE) schemes, which do not require bilinear pairings and result in more efficient schemes than existing fuzzy IBE systems implemented for ...
Design and analysis of a generalized canvas protocol
The Canvas protocol was developed by Harald Vogt [10] and should provide data integrity in Wireless Sensor Networks. However, Dieter Gollmann published [5] an attack on the protocol. This example supports a widespread belief that design of security ...
Efficient mutual authentication for multi-domain RFID systems using distributed signatures
The use of RFID technology in complex and distributed environments often leads to a multi-domain RFID system in which security issues such as authentication of tags and readers, granting access to data, and revocation of readers turn into an ...
Practical schemes for privacy and security enhanced RFID
Proper privacy protection in RFID systems is important. However, many of the schemes known are impractical, either because they use hash functions instead of the more hardware efficient symmetric encryption schemes as a efficient cryptographic primitive,...
MoteAODV – an AODV implementation for TinyOS 2.0
Reliable, inexpensive, on-the-fly networks can be established using mobile ad-hoc network (MANET) technology. Such networks can be used in a wide variety of scenarios ranging from connecting powerful computers to connecting so-called “smart dust” ...
Random number generation based on fingerprints
Current research often focuses on the design of new methods that extend the well-established role of biometrics in authentication and identification into key management and cryptography. Methods have been proposed that involve biometric-governed access ...
Improvements of pan-european IDM architecture to enable identity delegation based on x.509 proxy certificates and SAML
To foster the secure use of telematic services provided by public institutions, most European countries – and others in the rest of the world – are promoting electronic identification systems among their citizens to enable fully reliable identification. ...
Fraud detection for voice over IP services on next-generation networks
The deployment of Next-Generation Networks (NGN) is a challenge that requires integrating heterogeneous services into a global system of All-IP telecommunications. These networks carry voice, data, and multimedia traffic over the Internet, providing ...
Proxy smart card systems
The established legal value of digital signatures and the growing availability of identity-based digital services are progressively extending the use of smart cards to all citizens, opening new challenging scenarios. Among them, motivated by concrete ...
Can we support applications' evolution in multi-application smart cards by security-by-contract?
Java card technology have progressed at the point of running web servers and web clients on a smart card. Yet concrete deployment of multi-applications smart cards have remained extremely rare because the business model of the asynchronous download and ...
Website credential storage and two-factor web authentication with a java SIM
In this paper two mobile website authentication schemes are proposed. The first enables authentication credentials (username and password) to be stored and retrieved securely from a mobile handset, and requires no changes to existing websites. The ...
Attribute-Based encryption with break-glass
Attribute-based Encryption (abe) allows for implementing fine-grained decentralized access control based on properties or attributes a user has. Thus, there is no need for writing detailed, user-based policies in advance. This makes abe in particular ...
On the security of a two-factor authentication scheme
In this paper we evaluate the security of a two-factor Graphical Password scheme proposed in [1]. As in the original paper, we model the attack of a passive adversary as a boolean formula whose truth assignment corresponds to the user secret. We show ...
The design of secure and efficient P2PSIP communication systems
Recently, both academia and industry have initiated research projects directed on integration of P2PSIP paradigm into communication systems. In this paradigm, P2P network stores most of the network information among participating peers without help of ...
Novel FPGA-Based signature matching for deep packet inspection
Deep packet inspection forms the backbone of any Network Intrusion Detection (NID) system. It involves matching known malicious patterns against the incoming traffic payload. Pattern matching in software is prohibitively slow in comparison to current ...
Towards electrical, integrated implementations of SIMPL systems
This paper discusses strategies for the electrical, integrated implementation of a novel security tool termed SIMPL system, which was introduced in [1]. SIMPL systems are a public key version of Physical Unclonable Functions (PUFs). Like a PUF, each ...
A very compact hardware implementation of the KASUMI block cipher
For mobile devices, this paper proposes a compact hardware (H/W) implementation for the KASUMI block cipher, which is the 3GPP standard encryption algorithm. In [4], Yamamoto et al. proposed the method of reducing temporary registers for the MISTY1 FO ...
Secure and usable out-of-band channels for ad hoc mobile device interactions
Protocols for bootstrapping security in ad hoc mobile device interactions rely on users' ability to perform specific tasks such as transferring or comparing fingerprints of information between devices. The size of fingerprints depends on the level of ...
Identification and verification of security relevant functions in embedded systems based on source code annotations and assertions
Most modern embedded systems include an operating system. Not all functions in the operating systems have to fulfill the same security requirements. In this work we propose a mechanism to identify and maintain functions that have to meet strict security ...
Security analysis of mobile phones used as OTP generators
The Norwegian company Encap has developed protocols enabling individuals to use their mobile phones as one-time password (OTP) generators. An initial analysis of the protocols reveals minor security flaws. System-level testing of an online bank ...
An energy-efficient symmetric cryptography based authentication scheme for wireless sensor networks
Sensor networks are ad-hoc mobile networks that include sensor nodes with limited computational and communication capabilities. They have become an economically viable monitoring solution for a wide variety of applications. Obviously, it is important to ...
The market failure of anonymity services
While technologies for anonymous communication have been thoroughly researched and despite the existence of several protection services, the deployment of such services has not yet reached the mass market of end users. So far only a very small fraction ...
Exploiting node mobility for coordinating data usage in crisis scenarios
Controlling data usage in a crisis scenario is a particularly acute issue due to the sensitive nature of the data being distributed. Typical access control mechanisms rely on a centralised architecture where access policies are stored and evaluated. ...
Predicting and preventing insider threat in relational database systems
This paper investigates the problem of insider threat in relational database systems. It defines various types of dependencies as well as constraints on dependencies that may be used by insiders to infer unauthorized information. Furthermore, it ...
Index Terms
- Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices