Catálogo de publicaciones - libros

In Eurocrypt’05, Wang et al. presented new techniques to find collisions of Hash function MD4. The techniques are not only efficient to search for collisions, but also applicable to explore the second- preimage of MD4. About the second-preimage attack, they showed that a random message was a weak message with probability 2 and it only needed a one-time MD4 computation to find the second-preimage corresponding to the weak message. A weak message means that there exits a more efficient attack than the brute force attack to find its second-preimage. In this paper, we find another new collision differential path which can be used to find the second-preimage for more weak messages. For any random message, it is a weak message with probability 2, and it can be converted into a weak message by message modification techniques with about 2 MD4 computations. Furthermore, the original message is close to the resulting message (weak message), i.e, the Hamming weight of the difference for two messages is about 44.

In traditional digital signature schemes, certificates signed by a trusted party are required to ensure the authenticity of the public key. In Asiacrypt 2003, the concept of certificateless signature scheme was introduced. In the new paradigm, the necessity of certificates has been successfully removed. The security model for certificateless cryptography was also introduced in the same paper. However, as we shall show in this paper, the proposed certificateless signature is insecure in their defined model. We provide an attack that a certificateless signature in their model. We also fix this problem by proposing a new scheme.

Signcryption denotes a cryptographic method, which can process encryption and digital signature simultaneously. So, adopting such schemes, computational cost of encryption and signature compared to traditional signature-then-encryption can be reduced to a great extent. Based on the existing distributed signcryption schemes, Kwak and Moon proposed a new distributed signcryption scheme with sender ID confidentiality and extended it to a group signcryption. Their scheme is more efficient in both communication and computation aspects. Unfortunately we will demonstrate that their scheme is insecure by identifying some security flaws. Exploring these flaws, an attacker without any secret can mount universal forging attacks. That is, anyone (not necessary the group member) can forge valid group signatures on arbitrary messages of his/her choice.

Many emerging network applications are based upon group communication models and are implemented as either one-to-many or many-to-many multicast. As a result, providing multicast confidentiality is a critical networking issue and multicast security has become an active research area. To secure the sessions, a common group key is maintained to encrypt the traffic, and the key is updated whenever a new member joins the group or an existing member leaves. In this paper we analyze the security of a centralized key distribution protocol for one-to-many multicast and a decentralized key agreement protocol for many-to-many multicast. We show that they both fail to provide forward and backward security. The first protocol is revealed to be vulnerable to a single adversary due to an algorithmic issue. The second protocol, however, is subject to sophisticated collusion. Remedial approaches are proposed for both key management schemes to effectively resist relevant attacks.

Recently, there have been proposed a number of password-authenticated key agreement protocols for two-party setting or three-party setting. In this paper, we show that recently proposed three password-authenticated key agreement protocols in [11,12,10] are insecure against several active attacks including a stolen-verifier attack, an off-line password guessing attack and impersonation attacks.

Inspired by biological immune systems, a new immune-based model for computer virus detection is proposed in this paper. Quantitative description of the model is given. A dynamic evolution model for self/nonself description is presented, which reduces the size of self set. Furthermore, an evolutive gene library is introduced to improve the generating efficiency of mature detectors, reducing the system time spending, false-negative and false-positive rates. Experiments show that this model has better time efficiency and detecting ability than the classical model ARTIS.

Building on the concepts and the formal definitions of self, nonself, antigen, and detector introduced in the research of network intrusion detection, the dynamic evolution models and the corresponding recursive equations of self, antigen, immune-tolerance, lifecycle of mature detectors, and immune memory are presented. Following that, an immune-based model, referred to as AIBM, for dynamic intrusion detection is developed. Simulation results show that the proposed model has several desirable features including self-learning, self-adaption and diversity, thus providing a effective solution for network intrusion detection.

The rapid increase of software vulnerabilities shows us the limitation of patch-dependent countermeasures for malicious code. We propose a patch-independent protection technique of remote infection which enables each process to identify itself with ”being infected” and nullify itself spontaneously. Our system is operating system independent and therefore does not need software rebuilding. Previously, no method for stopping malicious process without recompiling source code or rebuilding software has been proposed. In proposal system, target process is running under self debugging mode which is activated by enhancing debug() exception handler and utilizing MSR debug register. In this paper we show the effectiveness of proposal method by protecting the remote process infection without patching security holes. Implemention of device driver call back function and BranchIP recorder provides the real-time prevention of unregistered worm attack through Internet. In experiment, function test of stack buffer overflow of Win32.SQLExp.Worm is presented. Also CPU utilization corresponding to the number of calling function and some database operations is showed.

In this paper, we propose a new unsupervised anomaly detection framework for detecting network intrusions online. The framework consists of new anomalousness metrics named IP Weight and an outlier detection algorithm based on Gaussian mixture model (GMM). IP Weights convert the features of IP packets into a four-dimensional numerical feature space, in which the outlier detection takes place. Intrusion decisions are made based on the outcome of outlier detections. Two sets of experiments are conducted to evaluate our framework. In the first experiment, we conduct an offline evaluation based on the 1998 DARPA intrusion detection dataset, which detects 16 types of attacks out of a total of 19 network attack types. In the second experiment, an online evaluation is performed in a live networking environment. The evaluation result not only confirms the detection effectiveness with DARPA dataset, but also shows a strong runtime efficiency, with response times falling within seconds.

Aggregate signature scheme was recently proposed by Boneh, Gentry, Lynn and Shacham, which presented a method for combining signatures from different signers on different messages into one signature. In this paper, we propose an identity-based aggregate signature scheme based on the bilinear pairings. This enhances the efficiency of communication and signature verification process. We show that the security of our scheme is tightly related to the computational Diffie-Hellman assumption in the random oracle model.