Catálogo de publicaciones - libros

Compartir en
redes sociales


Advances in Information and Computer Security: 2nd International Workshop on Security, IWSEC 2007, Nara, Japan, October 29-31, 2007. Proceedings

Atsuko Miyaji ; Hiroaki Kikuchi ; Kai Rannenberg (eds.)

En conferencia: 2º International Workshop on Security (IWSEC) . Nara, Japan . October 29, 2007 - October 31, 2007

Resumen/Descripción – provisto por la editorial

No disponible.

Palabras clave – provistas por la editorial

Data Encryption; Systems and Data Security; Operating Systems; Management of Computing and Information Systems; Computers and Society; Computer Communication Networks

Disponibilidad
Institución detectada Año de publicación Navegá Descargá Solicitá
No detectada 2007 SpringerLink

Información

Tipo de recurso:

libros

ISBN impreso

978-3-540-75650-7

ISBN electrónico

978-3-540-75651-4

Editor responsable

Springer Nature

País de edición

Reino Unido

Fecha de publicación

Información sobre derechos de publicación

© Springer-Verlag Berlin Heidelberg 2007

Tabla de contenidos

A Note on the (Im)possibility of Using Obfuscators to Transform Private-Key Encryption into Public-Key Encryption

Satoshi Hada; Kouichi Sakurai

Transforming private-key encryption schemes into public-key encryption schemes is an interesting application of program obfuscation. The idea is that, given a private-key encryption scheme, an obfuscation of an encryption program with a private key embedded is used as a public key and the private key is used for decryption as it is. The security of the resulting public-key encryption scheme would be ensured because obfuscation is unintelligible and the public key is expected to leak no information on the private key. This paper investigates the possibility of general-purpose obfuscators for such a transformation, i.e., obfuscators that can transform an arbitrary private-key encryption scheme into a secure public-key encryption scheme. Barak et al. have shown a negative result, which says that there is a deterministic private-key encryption scheme that is unobfuscatable in the sense that, given any encryption program with a private key embedded, one can efficiently compute the private key. However, it is an open problem whether their result extends to probabilistic encryption schemes, where we should consider a relaxed notion of obfuscators, i.e., sampling obfuscators . Programs obfuscated by sampling obfuscators do not necessarily compute the same function as the original program, but produce the same distribution as the original program. In this paper, we show that there is a probabilistic private-key encryption scheme that can not be transformed into a secure public-key encryption scheme by sampling obfuscators which have a special property regarding input-output dependency of encryption programs. Our intention is not to claim that the required special property is reasonable. Rather, we claim that general-purpose obfuscators for the transformation, if they exist, must be a sampling obfuscator which does NOT have the special property.

Palabras clave: Encryption Scheme; Random Input; Pseudorandom Function; Oracle Access; Random Coin.

Pp. 1-12

Design Issues of an Isolated Sandbox Used to Analyze Malwares

Shinsuke Miwa; Toshiyuki Miyachi; Masashi Eto; Masashi Yoshizumi; Yoichi Shinoda

Recent viruses, worms, and bots, called malwares, often have anti-analysis functions such as mechanisms that confirm connectivity to certain Internet hosts and detect virtualized environments. We discuss how malwares can be kept alive in an analyzing environment by disabling their anti-analyzing mechanisms. To avoid any impacts to/from the Internet, we conclude that analyzing environments should be disconnected from the Internet but must be able to make malwares believe that they are connected to the real Internet. We also conclude that, for executing environments to analyze anti-virtualization malwares, they should not be virtualized but must be as easily reconstructable as a virtualized environment. To reconcile these cross-purposes, we propose an approach that consists of a mimetic Internet and a malware incubator with swappable actual nodes. We implemented a prototype system and conducted an experiment to test the adequacy of our approach.

Palabras clave: Virtual Machine; Virtualized Environment; Actual Node; Analyze Environment; Virtualization Technology.

Pp. 13-27

Collusion-Resistant Fingerprinting Scheme Based on the CDMA-Technique

Naoki Hayashi; Minoru Kuribayashi; Masakatu Morii

Digital fingerprinting is a scheme to insert user’s own ID information into digital contents in order to identify illegal users who distribute unauthorized copy. One of the important problems is a collusion attack such that several users combine their copies of a same content to modify/delete the embedded fingerprint. In this paper, we propose a collusion-resilient fingerprinting scheme based on the CDMA technique. By combining spread spectrum sequence with orthogonal transform, we allocate the combination of spectrum components to users as their fingerprints. At a detector side, a threshold for the detection of colluded users is determined considering the false positive probability. We then estimate the parameters in the scheme for both optimal embedding and detection, and improve the accuracy of the detection of colluders. Experimental results show the effectiveness of proposed scheme.

Palabras clave: Watermark Image; False Detection; Spectrum Component; False Positive Detection; Collusion Attack.

Pp. 28-43

Reduction Optimal Trinomials for Efficient Software Implementation of the η _ T Pairing

Toshiya Nakajima; Tetsuya Izu; Tsuyoshi Takagi

The η _ T pairing for supersingular elliptic curve over GF(3^ m ) has been paid attention because of its computational efficiency. Since most parts of computation of the η _ T pairing are multiplications over GF(3^ m ), it is important to improve the speed of the multiplication when implementing the η _ T pairing. In this paper we consider software implementation of multiplication over GF(3^ m ) and propose to use irreducible trinomials x ^ m  +  ax ^ k  +  b over GF(3) such that w , bit length of word of targeted CPU, divides k . We call the trinomials “reduction optimal trinomials (ROTs)”. ROTs actually exist for several m ’s and typical values of w = 16 and 32. We list them for extension degrees m = 97, 167, 193 and 239. These m ’s are derived from security considerations. Using ROT it is possible to implement efficient modulo operation (reduction) in multiplication over GF(3^ m ) comparing with the case using other type of trinomials (e.g., trinomials with minimum k for each m ). The reason of this is that for the cases of reduction by ROT the number of shift operations on multiple precision data reduces to less than half comparing with the cases by other trinomials. Implementation results show that reduction algorithm specialized for ROT is 20–30% faster on 32-bit CPU and around 40% faster on 16-bit CPU than algorithm for irreducible trinomials with general k .

Palabras clave: pairing; software implementation; irreducible polynomial; reduction optimal trinomial; characteristic three; finite field.

- Public-Key Cryptography (1) | Pp. 44-57

Experiments on the Linear Algebra Step in the Number Field Sieve

Kazumaro Aoki; Takeshi Shimoyama; Hiroki Ueda

This paper shows experimental results of the linear algebra step in the number field sieve on parallel environment with implementation techniques. We developed an efficient algorithm that shares the sum of vectors in each node, and the network structure among the nodes only requires to include a ring. We also investigated the construction of a network for the linear algebra step. The construction can be realized through switches and network interface cards, whose prices are not expensive. Moreover, we investigated the implementation of the linear algebra step using various parameters. The implementation described in this paper was used for the integer factoring of a 176 digit number by GNFS and a 274 digit number by SNFS.

Palabras clave: integer factoring; number field sieve; block Lanczos; parallel computation; ethernet.

Pp. 58-73

Batch Pairing Delegation

Patrick P. Tsang; Sherman S. M. Chow; Sean W. Smith

Pairing-based cryptography (PBC) has enabled the construction of many cryptographic protocols. However, there are scenarios when PBC is too heavyweight to use, such as when the computing devices are resource-constrained. Pairing delegation introduced in [19] provides a solution by offloading the computation to more powerful entities. In this paper, we introduce the concept of, and construct several protocols for, batch pairing delegation , which offers significantly improved efficiency over multiple runs of state-of-the-art (non-batch) delegation protocols. We prove the security of our proposed protocols in the model we formalized for batch pairing delegation. Also, we have implemented our protocols in software for experimentation. Moreover, we argue that the secure delegation of pairing computation, batched or not, requires different protocols depending on the semantic meaning of the pairings. We propose a taxonomy that classifies pairings into seven types to assist in choosing the right delegation protocol. Finally, we propose a novel application of pairing delegation in trusted computing – we show how pairing delegation can be leveraged to build a secure coprocessor for pairing computation more cost-effectively.

Palabras clave: Random Oracle; Blind Signature; Probabilistic Polynomial Time; Pairing Computation; Broadcast Encryption.

Pp. 74-90

Botnet Traffic Detection Techniques by C&C Session Classification Using SVM

Satoshi Kondo; Naoshi Sato

Bots, which are new malignant programs are hard to detect by signature based pattern matching techniques. In this research, we focused on a unique function of the bots the remote control channel (C&C session). We clarified that the C&C session has unique characteristics that come from the behavior of bot programs. Accordingly, we propose an alternative technique to identify computers compromised by the bot program for the classification of the C&C session from the traffic data using a machine learning algorithm support vector machine (SVM). Our evaluation resulted in 95% accuracy in the identification of the C&C session by using SVM. We evaluated that the packet histogram vector of the session is better than the other vector definitions for the classification of the bot C&C session.

Palabras clave: Support Vector Machine; Training Dataset; Packet Size; Session Data; Packet Payload.

Pp. 91-104

A Global Authentication Scheme for Mobile Ad-Hoc Networks

P. Caballero-Gil; C. Caballero-Gil

This work proposes a new global authentication system for Mobile Ad-hoc Networks. The component algorithms are designed in a self-organizing way so that most needs of this sort of networks are covered. In particular, characteristics such as adaptation to the varying topology of the network, open availability of broadcast transmissions, and strong access control have received special attention when defining the new scheme. The described protocol is based on the cryptographic paradigm of Zero-Knowledge Proofs. In this paper the design is thought for the Hamiltonian Cycle Problem, but it might be easily adapted to other NP-complete graph problems.

Palabras clave: Authentication; Access Control; MANETs.

Pp. 105-120

An Efficient Pre-authentication Scheme for IEEE 802.11-Based Vehicular Networks

Junbeom Hur; Chanil Park; Hyunsoo Yoon

In vehicular networks, supporting user mobility is one of the most challenging issues. Recently, as the desires for the high mobility and high-quality real-time services increase, fast handoff among base stations comes to a center of quality of connections. Therefore, minimizing re-authentication latency during handoff is crucial for revolutionizing the driving environment on public vehicular networks in terms of safety and convenience. In this study, we propose an efficient pre-authentication scheme for fast and secure handoff in IEEE 802.11-based vehicular networks. The proposed scheme reduces the handoff delay by reducing 4-way handshake to 2-way handshake between an access point and a mobile vehicle station during the re-authentication phase. Furthermore, the proposed scheme gives little burden over the proactive key pre-distribution scheme while satisfying 802.11i security requirements.

Palabras clave: proactive key distribution; fast handoff; pre-authentication; IEEE 802.11 network; vehicular network.

Pp. 121-136

Intrusion Detection and Identification System Using Data Mining and Forensic Techniques

Fang-Yie Leu; Kai-Wei Hu; Fuu-Cheng Jiang

Presently, most computers authenticate a user’s ID and password before the user can log in. However, if the two items are known to hackers, there is a risk of security breach. In this paper, we propose a system, named the Intrusion Detection and Identification System (IDIS), which builds a profile for each user in an intranet to keep track of his/her usage habits as forensic features. In this way the IDIS can identify who the underlying user in the intranet is by comparing the user’s current inputs with the features collected in the profiles established for all users. User habits are extracted from their usage histories by using data mining techniques. When an attack is discovered, the IDIS switches the user’s inputs to a honey pot not only to isolate the user from the underlying system, but also to collect many more attack features by using the honey pot to enrich attack patterns which will improve performance of future detection. Our experimental results show that the recognition accuracy of students in the computer science department of our university is nearly 99.16% since they are sophisticated users. The recognition accuracy of those other than computer science students is 94.43%.

Palabras clave: Forensic Features; Intrusion Detection; Data Mining; Identifying Users.

Pp. 137-152