Catálogo de publicaciones - libros

Exposure of secret keys can be the most devastating attack on a signature scheme since such that security is entirely lost. In a certificated based environment, the certification revocation list (CRL) can be used to minimize the damage caused by key exposure. In an identity based environment however, key exposure may means that the corresponding entity of the exposed key cannot use his identity information as his public key any more, and is in fact removed from the identity based system. In last few years the notion of and implementations of key insulated cryptosystems have been suggested for protecting the security of cryptosystems. In this work, we apply the method of key insulation to identity based signature, and solve the key exposure problem existing in the identity based schemes. We start by developing the formal model for identity based key insulated signature. We then use the fact to construct a identity based key insulated signature scheme.

Conventional access control schemes have supported confidentiality and integrity acknowledging the necessary organizational security policy in operating systems. However, many runtime attacks in operating systems involve behavioral semantics, indicating that attacks should be seen as a sequence of access operations. Ironically these attacks are legitimate under any access control policy. This is due to the lack of behavioral dimension in security enforcement. We propose an extended reference monitor to include this dimension. Our method is based on safety property specification on system call sequences. The reference monitor checks the trace at runtime for behavior control in Linux operating system.

Recently, the security threat on web application is increasing rapidly and especially open source web applications are becoming popular target of web server hacking. And more there was a worm which spread via web application vulnerabilities. Web application attack uses the vulnerability not in web server itself, but in structural, logical, and code errors. The majority of flaws in web applications are caused by absence of the user input validation. But, it is difficult to detect various abnormal user inputs by pattern matching method. In this paper, we propose the web application securing proxy based on profiling which can be constructed by learning usual normal activity. The proposed proxy system can detect and filter out attacker’s abnormal requests via anomaly detection mechanism.

Recently, Lee et al. proposed a fingerprint-based remote user authentication scheme using smart cards. We demonstrate that their scheme is vulnerable and susceptible to the attack and has some practical pitfalls. Their scheme performs only unilateral authentication (only client authentication) and there is no mutual authentication between user and remote system, so their scheme suscepts from the server spoofing attack. Furthermore, in their scheme, remote system generates and assigns the passwords, and users cannot choose and change their passwords. Moreover, passwords are long pseudorandom numbers and difficult to remember for a user. To solve these problems, we propose an efficient and practical fingerprint-based remote user authentication scheme using smart cards, which is based on one-way collision free hash functions. Proposed scheme not only overcomes all the drawbacks and problems of Lee et al.’s scheme, but also provides a secure and user-friendly fingerprint-based remote user authentication over insecure network. In addition, computational costs and efficiency of the proposed scheme are better than Lee et al.’s scheme.

Mobile agent technology is very useful in home network environments and ubiquitous environments. For several reasons, a particular mobile agent may fail to operate during its movement between various platforms. For mobile agent recovery, a checkpoint can be used. However, devices in home network environments generally have minimal or no secondary storage. Therefore, a checkpoint cannot be saved on the device within a home network. In this paper, a scheme that safely recovers a mobile agent using a checkpoint saved within the home gateway is presented. When the mobile agent enters the single home network environment, , it registers its recovery policy and saves its checkpoint on the home gateway. At the checkpoint saving instance, a symmetric key generated by the home gateway encrypts the checkpoint, this symmetric key is also encrypted and stored together with the checkpoint. When the mobile agent is abnormally terminated or the device suddenly turns off from battery exhaustion or failure, the home gateway recognizes the exception in the mobile agent or device, recovering the mobile agent with the checkpoint according to the previously registered recovery policy.

With the wide implementations of Role-based access control (RBAC) models in the information systems, the access control for RBAC itself, administration of RBAC, becomes more and more important. In this paper, we propose a Domain Administration of RBAC Model, DARBAC, which defines an administrative domain for each administrative role. The administrative role can execute administrative operations on the users, roles, objects and child administrative roles within its administrative domain. Then we use π -calculus to formalize the elements of DARBAC model and their interactions. Although π -calculus has been successfully used in many security areas such as protocol analysis and information flow analysis, as we have known, our approach is the first attempt to use π -calculus to formalize RBAC and its administrative model.

Protecting data confidentiality and integrity is important to ensure secure computing. Approach that integrates encryption and hash tree based verification is proposed here to protect disk data. Together with sector-level operation, it can provide protection with characters as online checking, high resistance against attacks, any data protection and unified low-level mechanism. To achieve satisfied performance, it adopts a special structure hash tree, and defines hash sub-trees corresponding to the frequently accessed disk regions as hot-access-windows. Utilizing hot-access-windows, simplifying the layout of tree structure and correctly buffering portion nodes of hash tree, it can reduce the cost of protection sufficiently. At the same time, it is convenient for fast recovery to maintain consistency effectively. Related model, approach and system realization are elaborated, as well as testing results. Theoretical analysis and experimental simulation show that it is a practical and available way to build secure disk.

In this paper we focus on the use of a traitor tracing scheme for distribution models that are one-to-many. It can be a networked broadcast system; It can be based on prerecorded or recordable physical media. In this type of system, it is infeasible to mark each copy differently for each receipt. Instead, the system broadcasts limited variations at certain points, and a recipient device has the cryptographic keys that allow it to decrypt only one of the variations at each point. Over time, when unauthorized copies of the protected content are observed, a traitor tracing scheme allows the detection of the devices that have participated in the construction of the pirated copies. The authors have been involved in what we believe is the first large-scale deployment of the tracing traitors approach in a content protection standard for the new generation of high-definition DVD optical discs. Along the way, we have had to solve both practical and theoretical problems that had not been apparent in the literature to date. In this paper we will mainly present this state of practice of the traitor tracing technology and show some of our experience in bringing this important technology to practice.

Modadugu, Boneh and Kim proposed two RSA key generation protocols (MBK Protocols) to generate the RSA keys efficiently on a low-power handheld device with the help of the untrusted servers, and the servers do not get any useful information about the keys they helped generation. The security of MBK Protocols is based on the assumption that the two servers are unable to share information with each other. To resists a ”collusion attack” ,namely the attack which the two servers collude to share information in MBK Protocols, Chen et al. proposed two improved protocols and claimed that their protocols are secure against such collusion attack. This paper shows that Chen et al. ’s standard RSA key generation protocol cannot resist collusion attack and then cannot be used in practice.

Cryptographic and information security applications often involve many time-consuming computations, which need to be completed over heterogenous and geographically distributed computers. However, there lacks a general-purpose cryptographic computing environment. Grid technology can play a significant role in providing an efficient computational support for cryptographic applications. In this paper, we describe a general-purpose software architecture called Crypto-Grid for distributed high-performance cryptographic computing, which is designed on the top level of computational grid mechanisms, supported by grid environments such as Globus. The prototype implementation of Crypto-Grid under GT4 and experiment evaluation are also revealed.