ICICS 2008 :: Programme
Information on the pre-conference social event and the conference banquet is available at the end of this document.
A PDF version of the conference programme is available for download.
Programme
All conference talks take place in the Sonata Room, located on the ground floor of the Hyatt hotel. The ICICS registration desk is situated just inside this room and is open from 08:30 to 12:00 on Monday 20th October and Tuesday 21st October.
All delegates are provided with an Internet access card, which entitles them to 24 hours of wireless Internet access within the conference venue. Further access cards can be purchased from the Hyatt hotel's reception desk.
The ICICS Organising Committee would like to wish all delegates a productive and cheerful time at our conference. If you have any enquiries, we have a sticker on our badge which you can use to identify us.
Invited talks
 |
| Abstract:
I will discuss the
issue raised by moving cryptographic systems from the 80-bit security
level to the 128-bit security level and beyond. Despite AES
being
around for around eight years the asymmetric algorithm key sizes have
not yet caught up. I will explain why RSA is no longer viable at these
security levels, and will explain some recent deployments of elliptic
curve cryptography. |
|
 |
DoS-Resistant
Broadcast Authentication in Wireless Sensor Networks
Peng Ning |
Invited talk II |
| Abstract:
Recent technological
advances have made it possible to develop distributed sensor networks
consisting of a large number of low-cost, low-power, and
multi-functional sensor nodes that communicate in short distances
through wireless links. Such sensor networks are ideal candidates for a
wide range of applications such as monitoring of critical
infrastructures and military operations. In hostile
environments, the
security and resiliency of such sensor networks becomes a critical
issue. However, it is very challenging to build secure and
resilient
sensor networks due to several unique features of sensor networks, such
as the resource constraints on sensor nodes and exposure to node
captures and physical attacks. In this talk, I will present
some
recent results on mitigating Denial of Service (DoS) attacks against
broadcast authentication in wireless sensor networks, as well as secure
and DoS-resistant code dissemination, an application that requires
broadcast authentication. |
|
 |
| Abstract:
Attestation is the
activity of making a claim about properties of a target by supplying
evidence to an appraiser. An open-ended framework for attestation is
desirable for safe support to sensitive or high-value activities on
heterogeneous networks. We identify five central principles to guide
development of attestation systems. We argue that (i) attestation must
be able to deliver temporally fresh evidence; (ii) comprehensive
information about the target should be accessible; (iii) the target, or
its owner, should be able to constrain disclosure of in- formation
about the target; (iv) attestation claims should have explicit
semantics to allow decisions to depend on several claims; and (v) the
underlying attestation mechanism must be trustworthy. We propose an
architecture for attestation that is guided by these principles, as
well as an implementation that adheres to this architecture.
Virtualized platforms, which are increasingly well supported on stock
hardware, provide a natural basis for our attestation architecture. |
|
Paper session I :: Authentication
- A novel solution for end-to-end integrity protection in signed PGP mail
Lijun Liao and Joerg Schwenk
Ruhr-University Bochum, Germany
Abstract [+/-]
PGP mail has been widely used to provide the end-to-end authentication, integrity and non-repudiation. PGP mail has the significant drawback that header is unauthentic. DKIM protects specified header fields, but only between the sending server and the receiver. These lead to possible impersonation attacks and profiling of the email communication, and encourage spam and phishing activities. In this paper we propose an approach to extend PGP mail to support end-to-end integrity of whole email, namely the whole content and selected header fields. This approach is fully compatible with PGP mail. Under some reasonable assumption our approach can help reduce spam efficiently.
- Unclonable Lightweight Authentication Scheme
Ghaith Hammouri, Erdinc Ozturk, Berk Birand and Berk Sunar
WPI, USA
Abstract [+/-]
We propose a lightweight, tamper-resilient challenge-response authentication scheme. The scheme that we propose (HB+PUF) is a variant of the PUF-HB protocol \cite{PUF-HB} which utilizes Physically Unclonable Functions (PUFs). We reduce the security of (HB+PUF) in the active attacker model to solving the LPN problem, and show its resistance to known man-in-the-middle attacks. The proposed scheme enjoys strong tamper-resilience due to the PUF properties. We present a proof of concept implementation for the proposed protocol. To generate the random bits needed for the protocol, we reuse the PUF circuit as a Random Number Generator (RNG). This construction shows to be cost-effective since we will be using the same hardware for authentication as well as random number generation without incuring any significant overhead. The overall scheme including storage, tamper-resilience and RNG can be achieved with less than 1000 gates. The small footprint should be ideal for constrained environments such as RFID's, smart cards, and sensor node networks.
- Threat Modelling in User Performed Authentication
Xun Dong, John Clark and Jeremy Jacob
University of York, UK
Abstract [+/-]
Besides exploiting vulnerabilities within the system, user
authentication can also be compromised by attacking its users. While
there are many well developed tools and methods to identify the system
vulnerabilities in the design stage, there is a lack of reliable
methods to identify the vulnerabilities and weak assumptions
introduced by the system design from the user and social perspective.
To fill this gap, we have developed such a method. To further
elaborate our method, we also applied this method to analyse the
OpenID authentication solution provided by VeriSign.
- Access with Fast Batch Verifiable Anonymous Credentials
Ke Zeng
NEC Labs, China
Abstract [+/-]
An anonymous credential-based access control system allows the user to prove possession of credentials to a resource guard that enforce access policies on one or more resources, whereby interactions involving the same user are unlinkable by the resource guard. This paper proposes three fast batch verifiable anonymous credential schemes. With all three schemes, the user can arbitrarily choose a portion of his access rights to prove possession of credentials while the number of expensive cryptographic computations spent is independent of the number of access rights being chosen. Moreover, the third anonymous credential scheme is not only fast batch verifiable but also fast fine-grained revocable, which means that to verify whether an arbitrarily chosen subset of credentials is revoked entails constant computation cost.
Paper session II :: Side-channel analysis
- Quantifying Timing Leaks and Cost Optimisation
Alessandra Di Pierro (a), Chris Hankin (b) and Herbert Wiklicky (b)
a) University of Verona, Italy
b) Imperial College London, UK
Abstract [+/-]
We develop a new notion of security against timing attacks where the
attacker is able to simultaneously observe the execution time of a
(probabilistic) program and the probability of the values of low variables.
This notion is a non-trivial extension of similar ideas for deterministic
programs which also covers attacks based on the combined observation of time
and low variables. In order to determine and quantify the security of
systems and the effectiveness of potential counter-measures against timing
attacks we then discuss an approximate notion of timed bisimilarity which
allows us to compute a quantitative estimate of the vulnerability of a
system against timing attacks. Finally, we present a probabilistic
variation of Agat's padding algorithm which we use to illustrate -- via an
example -- a technique for formally analysing the trade-off between security
costs and protection.
- Method for Detecting Vulnerability to Doubling Attacks
Chong Hee Kim and Jean-Jacques Quisquater
UCL, Belgium
Abstract [+/-]
The doubling attack by Fouque and Valette and its analogue,
the relative doubling attack, by Yen et al. are a new kind of simple power
analysis that can be applied to a binary double-and-add algorithm in a
scalar multiplication (or a multiply-and-square algorithm in a modular
exponentiation). The doubling attack is very powerful because it requires
just two queries to the device to ¯nd the secret key. The original dou-
bling attack broke the binary double-and-add always algorithm and the
relative doubling attack succeeded in breaking the Montgomery ladder.
Fouque and Valette told that the doubling attack was applicable only
to downward algorithms, i.e., "left-to-right" implementations of a binary
modular exponentiation and recommended to use upward "right-to-left"
implementations. On the contrary, Yen et al. proposed a new downward
algorithm and asserted that it was secure against doubling attacks. This
kind of controversy comes from the lack of analysis of the fundamen-
tals of the doubling attacks. Therefore we analyze the characteristic of
the doubling attack and propose a method to easily test a given algo-
rithm's security against doubling attacks. Furthermore, we show Yen et
al.'s scheme is still vulnerable to the doubling attack.
- Side channel analysis of some hash based MACs: A response to SHA-3 requirements
Praveen Gauravaram and Katsuyuki Okeya
a) Technical University of Denmark, Denmark
b) Hitachi, Japan
Abstract [+/-]
The forthcoming NIST's Advanced Hash Standard (AHS) competition requires that each candidate hash function submission must have at least one construction to support FIPS 198 HMAC application. As part of its evaluation process, NIST is aiming to select either a candidate hash function which is more resistant to known side channel attacks when plugged into HMAC, or that has an alternative MAC mode which is more resistant to known side channel attacks than the other submitted alternatives.
In response to this, we perform differential power analysis (DPA) on the possible smart card implementations of some of the recently proposed MAC alternatives to NMAC (provably secure variant of HMAC) and HMAC algorithms and NMAC/HMAC versions of some recently proposed hash and compression function modes. We show that the recently proposed BNMAC and KMDP MAC schemes are even weaker than NMAC/HMAC against DPA attacks whereas multi-lane NMAC/HMAC, EMD MAC and the keyed setting of wide-pipe hash function have similar security as NMAC/HMAC against the DPA attacks. In addition, our DPA attacks do not work on the NMAC/HMAC setting of MDC-2, Grindahl and MAME compression functions.
Paper session III :: Cryptanalysis
- Algebraic Description and Simultaneous Linear Approximations of Addition in Snow 2.0
Nicolas Courtois and Blandine Debraize
University College London, UK
Abstract [+/-]
In this paper we analyse the algebraic properties over the field GF(2)
of the addition modulo 2^n. We look at implicit quadratic equations describing this operation, and at probabilistic conditional linear equations.
We show that the addition modulo 2^n can be partly or totally
linearized when the output is fixed, and this for a large
family of outputs. We apply these results to go further in the analysis
proposed in [BilletGilbert] of the resistance of the stream cipher Snow 2.0 against algebraic attacks. We propose an attack on KGSnow 2.0., the keystream generator part of Snow 2.0.
- Analysis of the Attacking Reduced-Round Versions of the SMS4
Deniz Toz and Orr Dunkelman
Middle East Technical University, Turkey
Katholieke Universiteit Leuven, Belgium
Abstract [+/-]
SMS4 is a 128-bit block cipher used in WAPI (the Chinese national
standard for wireless networks). The best attacks on SMS4 known up till now,
in terms of the number of rounds, are the rectangle attack on 14 rounds
and the impossible differential attack on 16 rounds (out of 32 rounds)
presented by Lu. While analyzing them, we noticed that these attacks have
flaws and that their complexity analysis is inaccurate. In this paper we
make a more comprehensive analysis of these attacks and further improve these
results, thus presenting the best known attacks against SMS4.
- Applying Time-Memory-Data Trade-Off to Meet-in-the-Middle Attack
Choy Valerie, Khoong Ming Khoo and Chuan Wen Loe
DSO National Laboratories, Singapore
Abstract [+/-]
In this paper, we present several new attacks on multiple encryption block ciphers based on the meet-in-the-middle attack. In the first attack (GDD-MTM), we guess a certain number of secret key bits and apply the meet-in-the-middle attack on multiple ciphertexts. The second attack (TMTO-MTM) is derived from applying the time-memory trade-off attack to the meet-in-the-middle attack on a single ciphertext. We may also use rainbow chains in the table construction to get the Rainbow-MTM attack. The fourth attack (BS-MTM) is defined by combining the time-memory-data trade-off attack proposed by Biryukov and Shamir to the meet-in-the-middle attack on multiple ciphertexts. Lastly, for the final attack (TMD-MTM), we apply the TMTO-Data curve, which demonstrates the general methodology for multiple data trade-offs, to the meet-in-the-middle attack. GDD-MTM requires no pre-processing, but the attack complexity is high while memory requirement is low. In the last four attacks, pre-processing is required but we can achieve lower (faster) online attack complexity at the expense of more memory in comparison with the GDD-MTM attack. To illustrate how the attacks may be used, we applied them in the cryptanalysis of triple DES. In particular, for the BS-MTM attack, we managed to achieve pre-computation and data complexity which are much lower while maintaining almost the same memory and online attack complexity, as compared to a time-memory-data trade-off attack by Biryukov et al. at SAC 2005. In all, our new methodologies offer viable alternatives and provide more flexibility in achieving time-memory-data trade-offs.
Paper session IV :: Access control
- Beyond User-to-User Access Control for Online Social Networks
Mohamed Shehab (a), Anna Squicciarini (b) and Gail-Joon Ahn (a)
University of North Carolina at Charlotte, USA
Penn State University, USA
Abstract [+/-]
With the development of Web 2.0 technologies, online social networks are able to provide open platforms to enable the seamless sharing of profile data to enable public developers to interface and extend the social network services as applications (or APIs). At the same time, these open interfaces pose serious privacy concerns as third party applications are usually given full read access to the user profiles. Current related research has focused on mainly user-to-user interactions in social networks, and seems to ignore the third party applications. In this paper, we present an access control framework to manage the third party to user interactions. Our framework is based on enabling the user to specify the data attributes to be shared with the application and at the same time be able to specify the degree of specificity of the shared attributes. We model applications as finite state machines, and use the required user profile attributes as conditions governing the application execution. We formulate the minimal attribute generalization problem and we propose a solution that maps the problem to the shortest path problem to find the minimum set of attribute generalization required to access the application services.
- Revocation Schemes for Delegation Licences
Meriam Ben Ghorbel Talbi (a,b), Frédéric Cuppens (a), Nora Cuppens (a), and Adel bouhoula (b)
a) Département RSM Telecom Bretagne, France
b) Ecole superieure des communications de Tunis, Tunisia
Abstract [+/-]
This paper presents revocation schemes in role-based access control models. We are particularly interested in two key issues: how to perform the revocation and how to manage the revocation policy. We show how to deal with these two aspects in the delegation model based on the OrBAC formalism and its administration licence concept. This model provides means to manage several types of of delegations, such as the delegation or the transfer of permissions and roles, multi-step delegation and temporary delegation. We state formally in this paper how to manage the revocation of these delegations schemes. Our model supports a wide spectrum of revocation dimensions such as propagation, dominance, dependency, automatic/user revocation, transfer revocation and role/permission revocation.
- Reusability of Functionality-Based Application Confinement Policy Abstractions
Z. Cliffe Schreuders and Christian Payne
Murdoch University, Australia
Abstract [+/-]
Traditional access control models and mechanisms struggle to contain the threats posed by malware and software vulnerabilities as these cannot differentiate between processes acting on behalf of users and those posing threats to users’ security since every process executes with the full set of the user's privileges. Existing application confinement schemes improve this situation by limiting the actions of particular processes. However, the management of these mechanisms requires security-specific expertise which users and administrators often do not possess. Further, these models do not scale well to confine the large number of applications found on functionality-rich contemporary systems. This research demonstrates how the principles of role-based access control (RBAC) can be applied to the problem of restricting an application's behaviour. This approach provides a more flexible, scalable and easier to manage confinement paradigm that requires far less in terms of user expertise than existing schemes. Known as functionality-based application confinement (FBAC), this model significantly mitigates the usability limitations of existing approaches. We present a case study of a Linux-based implementation of FBAC known as FBAC-LSM and demonstrate the flexibility and scalability of the FBAC model by developing policies for the confinement of four different web browsers.
- Towards Role based Trust Management without Distributed Searching of Credentials
Gang Yin, Huaimin Wang, JianQuan Ouyang, Ning Zhou, Dianxi Shi
National University of Defense Technology, China
Abstract [+/-]
Distributed searching of credentials from network meets a number of technical or non-technical problems. We argue that such distributed searching processes can be avoided by storing credentials redundantly with acceptable costs. We propose a scoped-role based trust management framework ScoRT, which uses a novel credential affiliation model to compute the credentials necessary for membership decisions of given roles. The algorithms for credential distribution and revocation are designed based on the model and their sound and complete properties are formally analyzed with respect to ScoRT semantics. The complexity analysis and experiments shows that, by redundantly storing acceptable amount of affiliated delegation credentials, ScoRT enables more practical and automatic authorization without searching credentials from remote entities, and thus help to overcome the deficiencies of existing approaches.
Paper session V :: Software security
- BinHunt: Automatically Finding Semantic Differences in Binary Programs
Debin Gao (a), Mike Reiter (b) and Dawn Song (c)
a) Singapore Management University, Singapore
b) University of North Carolina at Chapel Hill, USA
c) University of California, Berkeley, USA
Abstract [+/-]
We introduce BinHunt, a novel technique for finding semantic differences
in binary programs. Semantic differences between two binary files
contrast with syntactic differences in that semantic differences
correspond to changes in the program functionality. Semantic
differences are difficult to find because of the noise from syntactic
differences caused by, e.g., different register allocation and basic
block re-ordering. BinHunt bases its analysis on the control flow of
the programs using a new graph isomorphism technique, symbolic
execution, and theorem proving. In particular, it provides a
soundness guarantee that if two basic blocks are found to be
different, then they must not be functionally equivalent. We
implement a system based on BinHunt and demonstrate the application of
the system with three case studies in which BinHunt manages to
identify the semantic differences between an executable and its
patched version, revealing the vulnerability that the patch
eliminates.
- Enhancing Java ME Security Support with Resource Usage Monitoring
Paolo Mori, Fabio Martinelli, Alessandro Castrucci and Francesco Roperti
IIT-CNR, Italy
Abstract [+/-]
Both the spreading and the capabilities of mobile devices have dramatically
increased over the last years.
Nowadays, many mobile devices are able to run Java applications, that can create Internet connections,
send SMS messages, and perform other expensive or dangerous operations on the mobile device.
Hence, an adequate security support is required to meet the needs of this new and evolving scenario.
This paper proposes an approach to enhance the security support of the Java Micro Edition architecture,
based on the monitoring of the mobile device resource usage performed by MIDlets.
A process algebra based language is used to define the security policy
and a reference monitor based architecture is exploited to monitor the resource usage.
The paper also presents the implementation of a prototype running on a real mobile device,
along with some preliminary performance evaluation.
- Pseudo-randomness Inside Web Browsers
Guan Zhi, Zhang Long, Zhong Chen and Nan Xianghao
Peking University, China
Abstract [+/-]
With the increasing concerns over the security and privacy of Web based applications, many solutions based on strong cryptography have have been proposed to protect client side Web applications against attacks such as phishing, pharming and even server side attacks. While strong cryptography is utilized, one critical building block in cryptosystem, the random number generator, is often neglected. Considering this situation, in this paper we design and implement a pseudo-random number generator only rely on ubiquitous Web browser abilities - JavaScript, HTML and AJAX. We also provide a mechanism called Pseudo-cookie for JavaScript programs to access operating system services for retrieving random or entropy values without changing Web browser security policies. The security model, analysis and performance evaluation demonstrate that our method is secure and efficient.
Paper session VI :: System security
- Verifiable and Revocable Expression of Consent to Processing of Aggregated Personal Data
Henrich Christopher Poehls
University of Passau, Germany
Abstract [+/-]
We have identified the following three problems for the processing
of aggregated personal information with respect to privacy preferences:
Unverifiable proof of consent for third-parties, unverifiable proof
of consent for aggregated personal data, and no process for verification
of non-revocation of the consent. We constructed a solution based on
a tree structure and digitally signed a hash-tree’s root value. Thus, a
verifiable signature can be retained even if data items are omitted and a
valid signature serves as signal of consent. To re-assure that no change of
consent has taken place we propose the use of certificate revocation like
mechanisms. As a side-affect these allow to maintain a record of personal
data usage and thus creates a win-win situation.
- Embedding Renewable Cryptographic Keys into Continuous Noisy Data
Ileana Buhan, Jeroen Doumen, Pieter Hartel, Qiang Tang, and Raymond Veldhuis
University of Twente, Netherlands
Abstract [+/-]
Fuzzy extractor is a powerful but theoretical tool to extract
uniform strings from discrete noisy data. Before it can be used in
practice, many concerns need to be addressed in advance, such as
making the extracted strings renewable and dealing with continuous
noisy data. We propose a primitive \emph{fuzzy embedder} as a
practical replacement for fuzzy extractor. Fuzzy embedder naturally
supports renewability because it allows a randomly chosen string to
be embedded. Fuzzy embedder takes continuous noisy data as input and
its performance directly links to the property of the input data. We
give a general construction for fuzzy embedder based on the
technique of Quantization Index Modulation (\qim) and derive the
performance result in relation to that of the underlying \qim. In
addition, we show that quantization in 2-dimensional space is
optimal from the perspective of the length of the embedded string.
We also present a concrete construction for fuzzy embedder in
2-dimensional space and compare its performance with that obtained
by the 4-square tiling method of Linnartz, \emph{et
al.}
- Automated Device Pairing for Asymmetric Pairing Scenarios
Nitesh Saxena and Md. Borhan Uddin
Polytechnic University, New York, USA
Abstract [+/-]
Abstract—“Pairing” is referred to as the operation
of achieving authenticated key agreement between two
human-operated devices over a short-range wireless
communication channel (such as Bluetooth, WiFi). The
devices are ad hoc in nature, i.e., they can neither be
assumed to have a prior context with each other nor
do they share a common trusted authority. However,
the devices can generally be connected using auxiliary
physical channel(s) (such as audio, visual, etc.) that can
be authenticated by the device user(s), and thus form the
basis for pairing.
Recently proposed pairing protocols are based upon
bidirectional physical channels. However, various pairing
scenarios are asymmetric in nature, i.e., only a
unidirectional physical channel exists between two devices (such
as between a cell phone and an access point). In
this paper, we concentrate on pairing devices using a
unidirectional physical channel and analyze a recently
proposed protocol on this topic by Saxena et al.
Moreover, as an improvement to Saxena et al.'s, we present an
efficient implementation of a physical channel based on
LEDs as transmitter(s) and a video camera as a receiver.
Paper session VII :: Applied cryptography
- Key Recovery Attack on Stream Cipher Mir-1 Using a Key-dependent S-box
Yukiyasu Tsunoo (a), Teruo Saito (b), Hiroyasu Kubo (b) and Tomoyasu Suzaki (a)
a) NEC Corporation, Japan
b) NEC Software Hokuriku, Ltd, Japan
Abstract [+/-]
Mir-1 is a stream cipher proposed for Profile 1 at the ECRYPT Stream Cipher
Project (eSTREAM). The Mir-1 designer claims a security level of at least
$2^{128}$, meaning that the secret key cannot be recovered or that the Mir-1
output sequence cannot be distinguished from a truly random number sequence
more efficiently than an exhaustive search. At SASC 2006, however, a
distinguishing attack on Mir-1 was proposed making use of vulnerabilities
in Mir-1 initialization. This paper shows that unknown entries in the
key-dependent S-box used by Mir-1 can be classified into partially equivalent
pairs by extending the SASC 2006 technique. It also demonstrates an attack
that applies that information to recovering the Mir-1 secret key more
efficiently than an exhaustive search. To the best of the authors' knowledge,
the results described in this paper represent the first successful key
recovery attack on Mir-1.
- Towards an Information Theoretic Analysis of Searchable Encryption
Saeed Sedghi, Jeroen Doumen, Pieter Hartel and Willem Jonker
University of Twente, Netherlands
Abstract [+/-]
Searchable encryption is a technique that allows a client to store
data in encrypted form on a curious server, such that data can be
retrieved while leaking a minimal amount of information to the
server. Many searchable encryption schemes have been proposed and
proved secure in their own computational model. In this paper we
propose a generic model for the analysis of searchable
encryptions. We then identify the security parameters of
searchable encryption schemes and prove information theoretical
bounds on the security of the parameters. We argue that perfectly
secure and efficient searchable encryption does not exist. We
classify the seminal schemes in two categories: the schemes that
leak information upfront during the storage phase, and schemes
that leak some information at every search. This helps designers
to choose the right scheme for an application.
- A Bootstrap Attack on Digital Watermarks in the Frequency Domain
Sam Behseta (a), Charles Lam (b), and Robert L. Webb (c)
a) California State University, Fullerton, USA
b) California State University, Bakersfield, USA
c) California Polytechnic State University, USA
Abstract [+/-]
In this paper, we propose five simple algorithms to execute a collusion attack given several watermarked documents. Each document considered is a picture represented as a matrix of two dimensional Discrete Cosine Transform (DCT2) coefficients. Our algorithm is independent of media type. Bootstrap methods are used to construct confidence intervals for each DCT2 coefficient and determine its uncertainty. Using simulation studies we show that Bootstrap procedures are highly efficient with respect to the number of iterations and sample size per iteration while maintaining stellar probabilistic coverage, providing results at least as good as averaging of signals. Most importantly, a set of simulation studies suggest that the precision of our heuristic methodology increases quickly when the number of watermarked copies are increased, but good probabilistic coverage is achieved with a low number of independently watermarked copies. We conjecture that the Bootstrap methodology will be highly effective in reconstructing the original signal for documents with high redundancy.
- Improved Data Hiding Technique for Shares in Extended Visual Secret Sharing Schemes
Rabia Sirhindi, Saeed Murtaza, and Mehreen Afzal
National University of Sciences and Technology, Pakistan
Abstract [+/-]
A new data hiding technique is proposed in this paper to hide the shares of a secret image in an Extended Visual Secret Sharing (EVSS) scheme. It is based on Least Significant Bit (LSB) substitution with a little modification that the embedding capacity varies with each pixel of the host image and depends upon the surrounding pixels’ color difference. This not only increases the embedding capacity of the host image as compared to simple LSB substitution but also yields high Peak Signal to Noise Ratio (PSNR) values for host and stego images. Moreover, results indicate that the proposed data hiding process improves the security of camouflage images in EVSS schemes since shares are completely hidden in the cover images without any trace of their presence, unlike most of the previous share hiding approaches, thus preventing shares from alteration during transmission.
Paper session VIII :: Security protocols
- Efficient Multi-Authorizer Accredited Symmetrically Private Information Retrieval
Mohamed Layouni (a), Maki Yoshida (b), and Shingo Okamura (b)
a) McGill University, Montreal, Quebec, Canada
b) Osaka University, Japan
Abstract [+/-]
We consider a setting where records containing sensitive personal information are stored on a remote database managed by a storage provider. Each record in the database is co-owned by a fixed number of parties called data-subjects. The paper proposes a protocol that allows data-subjects to grant access to their records, to self-approved parties, without the DB manager being able to learn if and when their records are accessed. We provide constructions that allow a Receiver party to retrieve a DB record only if he has authorizations from all owners of the target record (respectively, from a subset of the owners of size greater than a threshold.) We also provide a construction where owners of the same record do not have equal ownership rights, and the record in question is retrieved using a set of authorizations consistent with a general access structure. The proposed constructions are efficient and use a pairing-based signature scheme. The presented protocol is proved secure under the Bilinear Diffie-Hellman assumption.
- Specification of Electronic Voting Protocols Properties using ADM Logic : FOO Case Study
Mehdi Talbi (a), Benjamin Morin (a), Valérie Viet Triem Tong (a), Adel bouhoula (b), and Mohamed Mejri (c)
a) Ecole Superieure d'Electricite de Rennes, France
b) Ecole Superieure des Communications de Tunis, Tunisia
c) Université Laval, Canada
Abstract [+/-]
It is a well known fact that only formal methods can provide a proof that a given system meets its requirements. For critical systems (e.g. nuclear reactors, aircraft), the use of these methods becomes mandatory. Electronic voting is also one of these critical systems since the stakes are important: democracy. In this context, we propose in this paper the use of the ADM logic in order to specify security properties (fairness, eligibility, individual verifiability and universal verifiability) of electronic voting protocols. These properties are first specified in a general form, and then adapted to the FOO protocol as a case study. Our goal is to verify these properties against a trace-based model (representing an execution of a protocol). The choice of the ADM logic is motivated by the fact that it offers several features that are useful for trace analysis. Moreover, the logic is endowed with a tableau-based proof system that leads to a local model checking which enables an efficient implementation.
- Publicly Verifiable Remote Data Integrity
Ke Zeng
NEC Labs, China
Abstract [+/-]
More and more customers are outsourcing data storage to remote archive service providers that are responsible for properly preserving the data. As such, it has become crucial for an archive service to be capable of providing evidence to demonstrate the integrity of data for which it is responsible, from the time it receives the data until the expiration of the archival period. Pairing-based provable data integrity (PDI) scheme is proposed that enables not only the customer but also a third-party verifier to check remote data integrity. This PDI scheme is provably secure and efficient. Compared to the best-known prior art, our experiments under defined conditions show that our PDI scheme works 50 times faster in fingerprinting the data, and the resulting fingerprints are 30 times smaller in size.
Pre-conference social event
The Organising Committee will be hosting an informal event for delegates arriving in Birmingham before 20 October. We will meet at James Brindley Pub (on the same street as Hyatt Regency) at 19:00 (BST) on 19 October. After meeting and having a drink, we'll have dinner a restaurant close by, such as Blue Mango. This event is not included in the registration fee and delegates are expected to pay for their food and drink.
Conference banquet
The ICICS banquet will take place on the evening of Monday 20th October, at La Bastille, starting at 19:30 (BST). La Bastille is Birmingham's premier French restaurant and has created a special menu for the ICICS banquet which consists of a wide range of starters, main courses and desserts. A glass of wine and coffee are included.
