ALBERT — All Library Books, journals and Electronic Records Telegrafenberg

1

Unknown

A Generic Method for the Analysis of a Class of Cache Attacks: A Case Study for AES (2015)

Sava F;, E., Yılmaz, C.

Oxford University Press

In: Computer Journal

add to mindlist on the mindlist

Details

Publication Date: 2015-09-29

Description: In this paper, we present a methodology to evaluate the feasibility, effectiveness and complexity of a class of cache-based side-channel attacks. The methodology provides estimates on the lower bound of the required number of observations on the side channel and the number of trials for a successful attack. As a case study, a weak implementation of the Advanced Encryption Standard algorithm is selected to apply the proposed methodology to three different categories of cache-based attacks; namely, access-driven, trace-driven and time-driven attacks. The approach, however, is generic in the sense that it can be utilized in other algorithms that are subject to the micro-architectural side-channel attacks. The adopted approach bases its analysis method partially on the conditional entropy of secret keys given the observations of the intermediate variables in software implementations of cryptographic algorithms via the side channel and explores the extent to which the observations can be exploited in a successful attack. Provided that the intermediate variables are relatively simple functions of the key material and the known inputs or outputs of cryptographic algorithms, a successful attack is theoretically feasible. Our methodology emphasizes the need for an analysis of this leakage through such intermediate variables and demonstrates a systematic way to measure it. The method allows us to explore every attack possibility, estimate the feasibility of an attack, and compare the efficiency and the costs of different attack strategies to determine an optimal level of effective countermeasures.

Print ISSN: 0010-4620

Electronic ISSN: 1460-2067

Topics: Computer Science

Published by Oxford University Press

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

PAPER CURRENT

S·F·X

Fulltext

2

Unknown

Public-Key Encryption Schemes with Bounded CCA Security and Optimal Ciphertext Length Based on the CDH and HDH Assumptions (2015)

Pereira, M., Dowsley, R., Nascimento, A. C. A., Hanaoka, G.

Oxford University Press

In: Computer Journal

add to mindlist on the mindlist

Details

Publication Date: 2015-09-29

Description: In Cramer et al. (2007, Bounded CCA2-Secure Encryption. In Kurosawa, K. (ed.), Advances in Cryptology – ASIACRYPT 2007 , Kuching, Malaysia, December 2–6, Lecture Notes in Computer Science, Vol. 4833, pp. 502–518. Springer, Berlin, Germany) proposed a public-key encryption scheme secure against adversaries with a bounded number of decryption queries based on the decisional Diffie–Hellman problem. In this paper, we show that the same result can be obtained based on weaker computational assumptions, namely: the computational Diffie–Hellman and the hashed Diffie–Hellman assumptions.

Print ISSN: 0010-4620

Electronic ISSN: 1460-2067

Topics: Computer Science

Published by Oxford University Press

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

PAPER CURRENT

S·F·X

Fulltext

3

Unknown

Generic Construction of Certificate-Based Encryption from Certificateless Encryption Revisited (2015)

Gao, W., Wang, G., Wang, X., Chen, K.

Oxford University Press

In: Computer Journal

add to mindlist on the mindlist

Details

Publication Date: 2015-09-29

Description: Certificateless public key encryption (CLE) and certificate-based encryption (CBE) are motivated to simultaneously solve the heavy certificate management problem inherent in the traditional public key encryption (PKE) and the key escrow problem inherent in the identity-based encryption (IBE). Al-Riyami and Paterson proposed a general conversion from CLE to CBE, which is neat and natural. Kang and Park pointed out a flaw in their security proof. Wu et al. proposed another generic conversion from CLE to CBE which additionally involves collision resistant hash functions. It remains an open problem whether the generic conversion due to Al-Riyami and Paterson is provably secure or not. We are motivated to solve this open problem. Our basic idea is to enhance Type II adversary's power a little by allowing it to conditionally replace a user's public key. We first formalize a new security model of CLE in this way. Then, we succeed in proving that the Al-Riyami–Paterson generic conversion from CLE to CBE is secure, if the CLE scheme is secure in our new security model. Finally, a concrete provably secure CBE scheme is presented to demonstrate the applicability of our result.

Print ISSN: 0010-4620

Electronic ISSN: 1460-2067

Topics: Computer Science

Published by Oxford University Press

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

PAPER CURRENT

S·F·X

Fulltext

4

Unknown

Model-based Alignment of Heartbeat Morphology for Enhancing Human Recognition Capability (2015)

Islam, M. S., Alajlan, N.

Oxford University Press

In: Computer Journal

add to mindlist on the mindlist

Details

Publication Date: 2015-09-29

Description: Human recognition with heartbeat signal is useful for different applications such as information security, user identification and remote patient monitoring. In this paper, we propose a model-based method for the alignment of heartbeat morphology to enhance the recognition capability. The scale change of different heartbeats of the same individual due to heart rate variability is estimated and inversed to yield better alignment. Recognition capabilities of different alignment methods are analyzed and measured by intra-individual and inter-individual distances of aligned heartbeats. A framework for heartbeat recognition incorporating the model-based alignment method is also presented. We tested the recognition capability of heartbeat morphology by using two different databases. It was found that model-based alignment method was useful to boost the recognition capability of heartbeat morphology. A statistical t -test revealed that the improvement was significant with respect to recognition capabilities of other existing alignment methods. We also used the aligned morphology as a feature, tested the recognition accuracy on both databases and compared the recognition performance to those of four other state-of-the-art features. A large increase in recognition accuracy was obtained especially for a multisession database of heartbeat signals captured from fingers using a handheld ECG device.

Print ISSN: 0010-4620

Electronic ISSN: 1460-2067

Topics: Computer Science

Published by Oxford University Press

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

PAPER CURRENT

S·F·X

Fulltext

5

Unknown

Toward a Taxonomy of Malware Behaviors (2015)

Gregio, A. R. A., Afonso, V. M., Filho, D. S. F., Geus, P. L. d., Jino, M.

Oxford University Press

In: Computer Journal

add to mindlist on the mindlist

Details

Publication Date: 2015-09-29

Description: Malicious code attacks pose a serious threat to the security of information systems, as malware evolved from innocuous conceptual software to advanced and destructive cyber weapons. However, there is still the lack of a comprehensive and useful taxonomy to classify malware according to their behavior, since commonly used names are obsolete and unable to handle the complex and multipurpose currently observed samples. In this article, we present a brief survey on available malware taxonomies, discuss about issues on existing naming schemes and introduce an extensible taxonomy consisting of an initial set of behaviors usually exhibited by malware during an infection. The main goal of our proposed taxonomy is to address the menace of potentially malicious programs based on their observed behaviors, thus aiding in incident response procedures. Finally, we present a case study to evaluate our behavior-centric taxonomy, in which we apply identification patterns extracted from the proposed taxonomy to over 12 thousand known malware samples. The leveraged results show that it is possible to screen malicious programs that exhibit suspicious behaviors, even when they remain undetected by antivirus tools.

Print ISSN: 0010-4620

Electronic ISSN: 1460-2067

Topics: Computer Science

Published by Oxford University Press

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

PAPER CURRENT

S·F·X

Fulltext

6

Unknown

Annotated Control Flow Graph for Metamorphic Malware Detection (2015)

Alam, S., Traore, I., Sogukpinar, I.

Oxford University Press

In: Computer Journal

add to mindlist on the mindlist

Details

Publication Date: 2015-09-29

Description: Metamorphism is a technique that mutates the binary code using different obfuscations and never keeps the same sequence of opcodes in the memory. This stealth technique provides the capability to a malware for evading detection by simple signature-based (such as instruction sequences, byte sequences and string signatures) anti-malware programs. In this paper, we present a new scheme named Annotated Control Flow Graph (ACFG) to efficiently detect such kinds of malware. ACFG is built by annotating CFG of a binary program and is used for graph and pattern matching to analyse and detect metamorphic malware. We also optimize the runtime of malware detection through parallelization and ACFG reduction, maintaining the same accuracy (without ACFG reduction) for malware detection. ACFG proposed in this paper: (i) captures the control flow semantics of a program; (ii) provides a faster matching of ACFGs and can handle malware with smaller CFGs, compared with other such techniques, without compromising the accuracy; (iii) contains more information and hence provides more accuracy than a CFG. Experimental evaluation of the proposed scheme using an existing dataset yields malware detection rate of 98.9% and false positive rate of 4.5%.

Print ISSN: 0010-4620

Electronic ISSN: 1460-2067

Topics: Computer Science

Published by Oxford University Press

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

PAPER CURRENT

S·F·X

Fulltext

7

Unknown

On Designing Resilient Location-Privacy Obfuscators (2015)

Perazzo, P., Skvortsov, P., Dini, G.

Oxford University Press

In: Computer Journal

add to mindlist on the mindlist

Details

Publication Date: 2015-09-29

Description: The success of location-based services is growing together with the diffusion of GPS-equipped smart devices. As a consequence, privacy concerns are raising year by year. Location privacy is becoming a major interest in research and industry world, and many solutions have been proposed for it. One of the simplest and most flexible approaches is obfuscation, in which the precision of location data is artificially degraded before disclosing it. In this paper, we present an obfuscation approach capable of dealing with measurement imprecision, multiple levels of privacy, untrusted servers and adversarial knowledge of the map. We estimate its resistance against statistical-based deobfuscation attacks, and we improve it by means of three techniques, namely extreme vectors , enlarge-and-scale and hybrid vectors .

Print ISSN: 0010-4620

Electronic ISSN: 1460-2067

Topics: Computer Science

Published by Oxford University Press

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

PAPER CURRENT

S·F·X

Fulltext

8

Unknown

Password Management: Distribution, Review and Revocation (2015)

Lopriore, L.

Oxford University Press

In: Computer Journal

add to mindlist on the mindlist

Details

Publication Date: 2015-09-29

Description: We consider the problem of access privilege management in a classical protection environment featuring subjects attempting to access the protected objects. We express an access privilege in terms of an access right and a privilege level. The privilege level and a protection diagram associated with each given object determine whether a nominal access privilege for this object corresponds to an effective, possibly weaker access privilege, or is revoked. We associate a password system with each object; the password system takes the form of a hierarchical bidimensional one-way chain. A subject possesses a nominal access privilege for a given object if it holds a key that matches one of the passwords in the password system of this object; the protection diagram determines the extent of the corresponding effective access privilege. The resulting protection environment has several interesting properties. A key reduction mechanism allows a subject that holds a key for a given object to distribute keys for weaker access rights at lower privilege levels. A subject that owns a given object can review or revoke the passwords for this object by simply modifying the protection diagram. The memory requirements to represent a protection diagram are negligible; as far as password storage is concerned, space–time trade-offs are possible.

Print ISSN: 0010-4620

Electronic ISSN: 1460-2067

Topics: Computer Science

Published by Oxford University Press

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

PAPER CURRENT

S·F·X

Fulltext

9

Unknown

Efficient and Fully CCA Secure Conditional Proxy Re-Encryption from Hierarchical Identity-Based Encryption (2015)

Liang, K., Susilo, W., Liu, J. K., Wong, D. S.

Oxford University Press

In: Computer Journal

add to mindlist on the mindlist

Details

Publication Date: 2015-09-29

Description: A proxy re-encryption (PRE) allows a data owner to delegate the decryption rights of some encrypted data stored on the cloud without revealing the data to an honest-but-curious cloud service provider (i.e. the PRE proxy). Furthermore, the data owner can offload most of the computational operations to the cloud service provider and hence, using PRE for encrypted cloud data sharing can be very effective even for data owners using limited resource devices (e.g. mobile devices). However, PRE schemes only enables data owners to delegate the decryption rights of all their encrypted data. A more practical notion is a conditional PRE (CPRE) that allows us to specify under what condition the decryption of an encrypted data can be delegated, for example, only sharing all the encrypted files under a directory called ‘public’. In this paper, we provide an affirmative result on the long-standing question of building a full chosen-ciphertext attacks (CCA)-secure CPRE system in the standard model and for the first time, we show that a class of Hierarchical Identity-Based Encryption (HIBE) schemes can be transferred to building a CCA-secure CPRE in the standard model. We also list out some concrete HIBE schemes which fall into this class, e.g., Lewko-Waters HIBE. All existing CCA-secure PRE schemes in the standard model are not conditional while all existing CPRE schemes are either not CCA secure or not in the standard model. By instantiating our generic HIBE-based transformation, we show that an efficient and concrete CPRE scheme which is both CCA secure in the standard model and conditional can be built.

Print ISSN: 0010-4620

Electronic ISSN: 1460-2067

Topics: Computer Science

Published by Oxford University Press

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

PAPER CURRENT

S·F·X

Fulltext

10

Unknown

Mining Large-Scale GPS Streams for Connectivity Refinement of Road Maps (2015)

Zhu, Y., Wang, Y., Forman, G., Wei, H.

Oxford University Press

In: Computer Journal

add to mindlist on the mindlist

Details

Publication Date: 2015-08-28

Description: As people increasingly rely on road maps in the digital age, manually maintained maps cannot keep up with the demand for accuracy and freshness, evidenced by the recent iOS map incident and the bidding war for Waze. There are many research works on automatic map inference using GPS data, and some have suggested that Google and Waze automate their map update processes to some degree with user data. However, existing published work focuses on refining road geometry. In reality, connectivity issues at intersections, including missing connections and unmarked turn restrictions, are much more prevalent and also more difficult to infer. In this paper, we report our study on the connectivity issues in the OSM Shanghai map using 21 months of GPS data from over $10\,000$ taxis. We first adapt a robust map matching algorithm. Then, we propose simple algorithms for detecting missing intersections, turn restrictions and road closures. Empirical results show that our algorithms of connectivity refinement for road maps are effective.

Print ISSN: 0010-4620

Electronic ISSN: 1460-2067

Topics: Computer Science

Published by Oxford University Press

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

PAPER CURRENT

S·F·X

Fulltext