SECRYPT 2008 Abstracts CONFERENCE Area 1 - Access Control and Intrusion Detection Area 2 - Network Security and Protocols Area 3 - Cryptographic Techniques and Key Management Area 4 - Information Assurance Area 5 - Security in Information Systems SPECIAL SESSION Trust in Pervasive Systems and Networks Title: DETECTION OF ILLICIT TRAFFIC USING NEURAL NETWORKS Author(s): Paulo Salvador, António Nogueira, Ulisses França and Rui Valadas Abstract: The detection of compromised hosts is currently performed at the network and host levels but any one of these options presents important security flaws: at the host level, antivirus, anti-spyware and personal firewalls are ineffective in the detection of hosts that are compromised via new or target-specific malicious software while at the network level network firewalls and Intrusion Detection Systems were developed to protect the network from external attacks but they were not designed to detect and protect against vulnerabilities that are already present inside the local area network. This paper presents a new approach for the identification of illicit traffic that tries to overcome some of the limitations of existing approaches, while being computationally efficient and easy to deploy. The approach is based on neural networks and is able to detect illicit traffic based on the historical traffic profiles presented by "licit" and "illicit" network applications. The evaluation of the proposed methodology relies on traffic traces obtained in a controlled environment and composed by licit traffic measured from normal activity of network applications and malicious traffic synthetically generated using the SubSeven backdoor. The results obtained show that the proposed methodology is able to achieve good identification results, being at the same time computationally efficient and easy to implement in real network scenarios. Title: NOVEL AND ANOMALOUS BEHAVIOR DETECTION USING BAYESIAN NETWORK CLASSIFIERS Author(s): Salem Benferhat and Karim Tabia Abstract: Bayesian networks have been widely used in intrusion detection. However, most works showed that they are ineffective for anomaly detection since novel attacks and new behaviors are not efficiently detected. This paper first analyzes and explains this recurring problem due on one hand to inadequate handling of anomalous and unusual audit events and on other hand to insufficient decision rules which do not meet anomaly detection approach objectives. We then propose to enhance the standard Bayesian classification rule in order to fit anomaly detection requirements and effectively detect novel behaviors and attacks. Experimental studies carried out on recent real and simulated http traffic show that the enhanced decision rules allow to detect most novel behaviors and attacks without triggering significantly higher false alarm rates. Title: NEW SCHEMES FOR ANOMALY SCORE AGGREGATION AND THRESHOLDING Author(s): Salem Benferhat and Karim Tabia Abstract: Anomaly-based approaches often require multiple profiles and models in order to characterize different aspects of normal behaviors. In particular, anomaly scores of audit events are obtained by aggregating several local anomaly scores. Remarkably, most works focus on profile/model definition while critical issues of anomaly measuring, aggregating and thresholding are dealt with "simplistically". This paper addresses the issue of anomaly scoring and aggregating which is a recurring problem in anomaly-based approaches. We propose a Bayesian-based scheme for aggregating anomaly scores in a multi-model approach and propose a two-stage thresholding scheme in order to meet real-time detection requirements. The basic idea of our scheme is the fact that anomalous behaviors induce either intra-model anomalies or inter-model anomalies. Our experimental studies, carried out on recent and real http traffic, show for instance that most attacks induce only intra-model anomalies and can be effectively detected in real-time. Title: APPLICATION TO A SHARED TERMINAL OF A ROAMING USER PROFILE SET UP THROUGH LDAP-SMART CARD AUTHENTICATION COOPERATION Author(s): Kazuto Kuzuu, Yasushi Hirano, Kenji Mase and Toyohide Watanabe Abstract: In this paper, we propose the way to set a roaming user profile without using Windows domain composition when building a shared terminal system for smart card users. This proposal aims at using a LDAP server as a user information data base, and enabling each terminal user to set his own work environment. In order to achieve this purpose, we related the user profile with the user ID extracted from smart card, and stored that profile on shared data storage. Furthermore, we built a shared file system besides the above data storage, and assigned the user work environment to that file system. Finally, applying the above system to the actual terminal on network, we confirmed that the target shared terminal environment was realized. Title: IMPROVED FUZZY VAULT SCHEME FOR FINGERPRINT VERIFICATION Author(s): C. Örencik, T. B. Pedersen, E. Savaş and M. Keskinoz Abstract: Fuzzy vault is a well-known technique to address the privacy concerns in biometric identification applications. We revisit the fuzzy vault scheme to address implementation, efficiency, and security issues encountered in its realization. We use the fingerprint data as a case study. We compare the performances of two different methods used in the implementation of fuzzy vault, namely brute force and Reed Solomon decoding. We show that the locations of fake (chaff) points in the vault leak information on the genuine points and propose a new chaff point placement technique that makes distinguishing genuine points impossible. We also propose a novel method for creation of chaff points that decreases the success rate of the brute force attack from 100\% to less than 3.5\%. While this paper lays out a complete guideline as to how the fuzzy vault is implemented in an efficient and secure way, it also points out that more research is needed to thwart the proposed attacks by presenting ideas for future research. Title: ENSURING PRIVACY OF BIOMETRIC FACTORS IN MULTI-FACTOR AUTHENTICATION SYSTEMS Author(s): Kikelomo Maria Apampa, Tian Zhang, Gary B. Wills and David Argles Abstract: One of the inherent properties of biometrics is the ability to use unique features for identification and verification of users. The usable biometric features in humans are limited in number and they must be kept secret; if a biometric factor is compromised it presents a challenge that may defy solution. In this paper we present a novel method to preserve privacy of users’ biometrics. Using an invariant function based on an elastic matching algorithm, we produce a digest that can be substituted for the raw biometric factor. This will ensure that the users’ biometric data is never exposed during the authentication phase. Title: ALERT CORRELATION BASED ON A LOGICAL HANDLING OF ADMINISTRATOR PREFERENCES AND KNOWLEDGE Author(s): Salem Benferhat and Karima Sedki Abstract: Intrusion detection systems (IDSs) are important tools to detect abnormal and malicious activities performed by users or applications on the network. However, they generate a large number of alerts which complicate the task of network administrator to understand these triggered alerts and take appropriate actions. In this paper, we present a logic-based approach to alert correlation. This logic allows to integrate administrator’s preferences and knowledge. Our logic, called Extended Qualitative Choice Logic (EQ CL), is an extension of a fragment of first order logic. It adds a new connector, denoted ~×, that allows to represent administrator preferences. The objective of our logic-based alert correlation approach is to rank-order alerts generated by IDS on the basis of administrator preferences and knowledge. Only alerts that fully fit administrator’s preferences and knowledge are first presented. Then if needed, less preferred alerts (which falsify less important preferences) will be presented, and so on. Title: INTERACTIVITY FOR REACTIVE ACCESS CONTROL Author(s): Yehia ElRakaiby, Frederic Cuppens and Nora Cuppens-Boulahia Abstract: Technological advances enhanced the computing and communication capabilities of electronic and computing devices bringing us new pervasive environments where information is present everywhere and can be accessed from anywhere. These environments made way to new intelligent and context-aware applications which, naturally, have more sophisticated access control requirements. So far, there have been two main categories of access control systems: passive security systems which evaluate access requests according to static predefined permissions; and dynamic security systems which integrate the context in the evaluation of access requests. Both systems consider one-way control where only the resource provider controls access to the resource according to the {\it predefined} policy. In this paper, we present a formal context-aware access control system that supports {\it multi-way} control by allowing resource managers to actively participate in the access control decision-making; thus enabling them to specify several aspects of the access control policy when access requests are made. Title: HONEYD DETECTION VIA ABNORMAL BEHAVIORS GENERATED BY THE ARPD DAEMON Author(s): A. Boulaiche and K. Adi Abstract: In this paper we describe some serious flaws in the software Honeyd that is one of the most popular software of honeypots, these flaws allow an attacker to easily identify the presence and the scope of a deployed honeypot. Hence, we describe in details both the flaws and how they can be used to attack the honeypot. Furthermore, we elaborate a set of possible solutions to fix each of these flaws. Our technique is mainly based on the detection of abnormal behaviors of the honeypot. Title: FUNCTIONALITY-BASED APPLICATION CONFINEMENT - Parameterised Hierarchical Application Restrictions Author(s): Z. Cliffe Schreuders and Christian Payne Abstract: Traditional user-oriented access control models such as Mandatory Access Control (MAC) and Discretionary Access Control (DAC) cannot differentiate between processes acting on behalf of users and those behaving maliciously. Consequently, these models are limited in their ability to protect users from the threats posed by vulnerabilities and malicious software as all code executes with full access to all of a user's permissions. Application-oriented schemes can further restrict applications thereby limiting the damage from malicious code. However, existing application-oriented access controls construct policy using complex and inflexible rules which are difficult to administer and do not scale well to confine the large number of feature-rich applications found on modern systems. Here a new model, Functionality-Based Application Confinement (FBAC), is presented which confines applications based on policy abstractions that can flexibly represent the functional requirements of applications. FBAC policies are parameterised allowing them to be easily adapted to the needs of individual applications. Policies are also hierarchical, improving scalability and reusability while conveniently abstracting policy detail where appropriate. Furthermore the layered nature of policies provides defence in depth allowing policies from both the user and administrator to provide both discretionary and mandatory security. An implementation FBAC-LSM and its architecture are also introduced. Title: SECURITY POLICY INSTANTIATION TO REACT TO NETWORK ATTACKS - An Ontology-based Approach using OWL and SWRL Author(s): Jorge E. López de Vergara, Enrique Vázquez and Javier Guerra Abstract: A quick and efficient reaction to an attack is important to address the evolution of security incidents in cur-rent communication networks. The ReD (Reaction after Detection) project’s aim is to design solutions that enhance the detection/reaction security process. This will improve the overall resilience of IP networks to attacks, helping telecommunication and service providers to maintain sufficient quality of service to comply with service level agreements. A main component within this project is in charge of instantiating new secu-rity policies that counteract the network attacks. This paper proposes an ontology-based methodology for the instantiation of these security policies. This approach provides a way to map alerts into attack contexts, which are later used to identify the policies to be applied in the network to solve the threat. For this, ontolo-gies to describe alerts and policies are defined, using inference rules to perform such mappings. Title: CRYPTONET: SECURE E–MAIL SYSTEM Author(s): Sead Muftic and Gernot Schmölzer Abstract: The paper describes new, innovative and highly secure E–mail system. The system, first, provides both standard security services for E-mail letters: signed and encrypted E–mail. In addition it has a number of special security features. Address book is encrypted, thus E-mail addresses can not be stolen for spamming. Each E–mail server is protected using SAML authorization policy, so E–mails are received only from authorized senders. All E–mail addresses are validated and certified by specially designed Secure E–mail Infrastructure (SEI) Authorities, organized in a federated hierarchy, equivalent to Certificate Authorities of the PKI. Thus CryptoNet Secure E–mail system completely eliminates spam, distribution of viruses, worms, and malware, and eliminates the possibility y to use fake E–mail addresses. Title: AN IMPROVEMENT OF STRONG PROXY SIGNATURE AND ITS APPLICATIONS Author(s): Min-Shiang Hwang, Shiang-Feng Tzeng and Shu-Fen Chiou Abstract: In 2001, Lee et al. proposed a strong non-designated proxy signature for the use of multi-proxy signatures at the presence of plural delegations of multiple original signers. In this paper, we shall analyze their schemes and offer some suggestions as to how to improve the security of those schemes. Title: A NOTE ON BIOMETRICS-BASED AUTHENTICATION WITH PORTABLE DEVICE Author(s): Shinsuke Ohtsuka, Satoshi Kawamoto, Shigeru Takano, Kensuke Baba and Hiroto Yasuura Abstract: Individual authentication technologies are essential for electronic systems as social infrastructures. Especially, biometrics-based authentication has been receiving increasing attention and is expected to be implemented on systems with portable devices such as mobile phones for realizing more useful services. The most important problem in biometric authentication is to prevent a leakage of biological information. This paper focuses on the leakage which enables a spoofing and consider two cases, a leakage from data stored in a server for verification of biological information and a leakage by a cheating detection. This paper proposes a solution by applying a function to biological information and shows the properties required for the function to solve the problem. Moreover, this paper proposes an idea of biometrics-based authentication system with mobile devices which is provided a function to capture biological information. Title: A POLYNOMIAL BASED HASHING ALGORITHM Author(s): V. Kumar Murty and Nikolajs Volkovs Abstract: The aim of this article is to describe a new hash algorithm using polynomials over finite fields. It runs at speeds comparable to SHA-3. Hardware implementations seem to run at significantly faster speeds, namely at 1.8 Gb/sec on an FPGA. Unlike most other existing hash algorithms, our construction does not follow the Damgaard-Merkle philosophy. The hash has several attractive features in terms of its flexibility. In particular, the length of the hash is a parameter that can be set at the outset. Moreover, the estimated degree of collision resistance is measured in terms of another parameter whose value can be varied. Title: INTRUSION DETECTION AND PREVENTION SYSTEM USING SECURE MOBILE AGENTS Author(s): Muhammad Awais Shibli and Sead Muftic Abstract: The paper describes design and architecture of the intrusion detection and prevention system based on secure mobile agents along with the analysis of commercial products and current research efforts in the area. Once system will be operational it will be the first comprehensive real–life application using mobile agents that will not only provide security to network resources but also provide security and protection to the mobile agents system itself. The system efficiently solves several problems with the existing IDS/IPS solutions: it can detect new vulnerabilities, it can process and filter large volumes of logs, it reacts to intrusions in real–time, provides protection against unknown attacks, supports and improves IDS/IPS commercial products by different vendors, and handles software patches. The system not only improves the existing IDS/IPS solutions, but it also eliminates several of their core problems. In addition, it is self–protected by full encryption, both mobile agents and their platforms, and therefore not vulnerable to attacks against its own components and resources. Title: A FAST ENCRYPTION SCHEME FOR NETWORKS APPLICATIONS Author(s): Mohamed Abo El-Fotouh and Klaus Diepold Abstract: In this paper we studied the two widely used encryption schemes to perform symmetric encryption for a huge number of concurrent clients in high-speed networks applications. The current schemes consume either plenty of memory to gain high throughput or low memory with low throughput. The need has aroused for a scheme that has low memory requirements and in the same time possesses high speed, as the number of the internet users increases each day. We used the SSM model, to construct an encryption scheme based on the AES. The proposed scheme possesses high throughput together with low memory requirements. We performed theoretical and practical analyses for the existing and proposed schemes. Title: QUANTIFYING MISBEHAVIOUR ATTACKS AGAINST THE SELF-ORGANIZED PUBLIC KEY MANAGEMENT ON MANETS Author(s): Eduardo da Silva, Aldri Luiz dos Santos, Luiz Carlos Pessoa Albini and Michele N. Lima Abstract: Among the key management schemes for MANETs, the Self-Organized Public Key Management System (PGP-Like) is the main chaining-based key management scheme. It is fully self-organized and does not require any certificate authority. Two kinds of misbehavior attacks are considered to be great threats to PGP-Like: the impersonating and the lack of cooperation attacks. This work quantifies the impact of such attacks on the PGP-Like. Simulation results show that PGP-Like was able to maintain its effectiveness when submitted to the lack of cooperation attack, contradicting previously theoretical results. It correctly works even in the presence of more than 60% of misbehaving nodes, although the convergence time was affected with only 20% of misbehaving nodes. On the other hand, PGP-Like was completely vulnerable to the impersonating attack. Its functionality is affected with just 5% of misbehaving nodes, confirming previously theoretical results. Title: MULTIPHASE DEPLOYMENT MODELS FOR FAST SELF HEALING IN WIRELESS SENSOR NETWORKS Author(s): Omer Zekvan Yilmaz, Albert Levi and Erkay Savas Abstract: The majority of studies on security in resource limited wireless sensor networks (WSN) focus on finding an efficient balance among energy consumption, speed and memory usage. Besides these resources, time is a relatively immature aspect that can be considered in system design and performance evaluations. In a recent study by Castelluccia and Spognardi (Castelluccia and Spognardi, 2007), the time dimension is used to lower the ratio of compromised links, thus, improving resiliency in key distribution in WSNs. This is achieved by making the old and possibly compromised keys useful only for a limited amount of time. In this way, the effect of compromised keys diminish in time, so the WSN selfheals. In this study we further manipulate the time dimension and propose a deployment model that speeds up the resilience improvement process. In our method, self healing speeds up by introducing nodes that belong to future generations in the time scale. In this way, the duration that the adversary can make use of compromised keys become smaller. Title: NOVEL NEUROCOMPUTING-BASED SCHEME TO AUTHENTICATE WLAN USERS EMPLOYING DISTANCE PROXIMITY THRESHOLD Author(s): Tarik Guelzim and Mohammad S. Obaidat Abstract: The IEEE 802.11 standard is considered one of the most popular and profitable network topology in use today. As with the growth of every other technology, the scalability of Wireless Local Area Networks (WLANs) comes with the burden of ensuring the integrity, confidentiality and trust in the network. By integrity we need to develop a mechanism by which only authorized users can gain access to the network resources. Confidentiality implies that every data transmitted by each user stays known only to the communication parties. The above two characteristics can then enforce a trust environment in which all wireless nodes and users are authorized and secure. In this paper, we propose a scheme to authenticate and authorize 802.11 wireless nodes within a network. Our proposed scheme relies on neural networks decision engine that restricts network access to mobile nodes whose physical location is within a threshold distance from the wireless access point or the controller of the network. We present a detailed description of the work done as well as a performance analysis of this scheme. Title: SAKE - Secure Authenticated Key Establishment in Sensor Networks Author(s): Muhammad Yasir, Mureed Hussain, Kahina Kabri and Dominique Seret Abstract: Master key schemes are a viable solution to establish pairwise shared secret keys in Wireless Sensor networks. In these schemes, a master key is preconfigured into each sensor node which is then used by each node to generate pairwise shared secret keys. In the literature so far, it is essential for each sensor node to keep master key in its memory during the entire phase of key setup. As soon as key setup completes, each node erases the master key from its memory. Although key setup phase of a node lasts for a small interval of time, it is not impossible for an adversary to compromise a node during this time. In this situation, the presence of master key can be disastrous. So the challenge is to protect a sensor network from the compromise of master key during its key setup phase. We propose Secure Authenticated Key Establishment (SAKE) protocol that meets the above challenge by introducing an idea that master key need not to be kept by a sensor node for the entire key setup phase thereby shortening the master key compromise window. With the help of our proposed scheme, other attacks during key setup phase can also be avoided. Title: KERBEROS IMPLEMENTATION IN MANETS Author(s): Atta-ur-Rahman, Mureed Hussain, Kahina Kabri and Dominique Seret Abstract: In this paper implementation of Kerberos is proposed for Mobile Ad-hoc Networks (MANETS) for user authentication and authorization. Kerberos uses symmetric cryptography with a trusted server to enable secure authentication and key exchange between client nodes. The Kerberos protocol is designed to provide reliable authentication over open and insecure networks where communications between the hosts belonging to it may be intercepted. So simply "Kerberos is an authentication protocol for trusted hosts on un- trusted networks". Basically there are two approaches used in MANETS such as proactive approach & reactive approach. In proactive approach protocols are also known as traditional distributed shortest-path protocols those are used to maintain the routes at all times based on periodic updates with high routing overhead. We have implemented Kerberos concept with proactive approach using Optimized Link State Routing Protocol (OLSR). This technique will be helpful to implement a secure and authentication trust model for authorized nodes. Title: SCFS: TOWARDS DESIGN AND IMPLEMENTATION OF A SECURE DISTRIBUTED FILESYSTEM Author(s): Juan Vera-del-Campo, Juan Hernández-Serrano and Josep Pegueroles Abstract: Our digital world creates lots of data than users desire to preserve from malfunctioning, local disasters or human errors. Current nodes in the internet has enough intelligence and processing power to allow the deployment of distributed services on common nodes. This is the case of peer-to-peer networks and services. There are several proposals in literature to deploy a distributed filesystem over the internet. This paper presents and analizes the security of a prototype based on Cooperative File System. Title: KEY MANAGEMENT OF QUANTUM GENERATED KEYS IN IPSEC Author(s): Andreas Neppach, Christian Pfaffel-Janser, Ilse Wimberger, Thomas Loruenser, Michael Meyenburg, Alexander Szekely and Johannes Wolkerstorfer Abstract: This paper presents a key management approach for quantum generated keys and its integration into the IPsec/IKE protocol. The solution is used in a security gateway that integrates quantum key distribution (QKD)and IPsec as a system-on-chip solution. The QKD part and the IPsec part of this prototype is implemented in hardware to enable high key-generation rates as well as high encryption throughput. To make use of these high encryption capabilities, a fast key management approach is necessary to provide keys just in time. Thus, the presented key management approach focuses on an efficient key update mechanism and minimizes the communication overhead. Furthermore, the presented approach is a first step to integrate QKD solutions into real-world commercial applications using standardized interfaces. Title: ENSURING THE CORRECTNESS OF CRYPTOGRAPHIC PROTOCOLS WITH RESPECT TO SECRECY Author(s): Hanane Houmani and Mohamed Mejri Abstract: This paper gives a novel approach to verify the secrecy property of cryptographic protocols without the perfect encryption assumption. A classical technic to not considering this assumption is to take into account certain algebraic properties of the cryptographic primitives in verification. By using the notion of interpretation functions, this paper presents some sufficient and practical conditions allowing to guarantee the secrecy property of cryptographic protocols under equational theories (sets of algebraic properties). An interpretation function is a safe way allowing an agent to appropriately estimate the security level of message components that he receives so that he can handle them correctly. Also, this paper gives a guideline on how to construct an interpretation function together with an example and how to use it to analyse a cryptographic protocol. Title: EFFICIENT LOCALIZATION SCHEMES IN SENSOR NETWORKS WITH MALICIOUS NODES Author(s): Kaiqi Xiong and David Thuente Abstract: The accuracy of location information is critical for many applications of wireless sensor networks (WSN), especially those used in hostile environments where malicious adversaries can present. It is impracticaldue to costs to have a GPS device on each sensor in WSN. Most of the existing location discovery schemes can only be used in the trusted environment. Recently, some advanced research has been addressed security issues in sensor network localization, but to the best of our knowledge, none of them has completely solved the secure localization problem. In this paper, we propose novel schemes for secure dynamic localization in sensor networks. These proposed schemes can tolerate up to 50\% of beacon nodes being malicious, and they have linear computation time with respect to the number of reference nodes. By combining with other localization schemes, our schemes can achieve secure localization, that is, they are resilient to attacks from adversaries. Our security analysis has showed that our schemes are applicable and resilient to attacks from adversaries. We have further conducted simulations to analyze the performance of these schemes. Title: NEW TECHNIQUES TO ENHANCE THE CAPABILITIES OF THE SOCKS NETWORK SECURITY PROTOCOL Author(s): Mukund Sundararajan and Mohammad S. Obaidat Abstract: SOCKS is an industry standard network security protocol used in private networks to allow secure traversal of application layer traffic through the boundaries of the network. Standardized by IETF in Request for Comments (RFC) 1928 [1] as SOCKS Version 5, this protocol has found widespread use in various security frameworks to allow a variety of application layer protocols to securely traverse a firewall. This paper is the result of research performed on the usability of the protocol in application domains such as multicast. We discuss some of the shortcomings of the SOCKS protocol and provide a framework and the methods for enhancing the capabilities of the protocol in areas such as multicast and advanced TCP and UDP capabilities not addressed by the current standard of the protocol. The methods proposed are being implemented in a reference implementation by the authors. Title: AN EFFICIENT METHODOLOGY TO LIMIT PATH LENGTH GUARANTEEING ANONYMITY IN OVERLAY NETWORKS Author(s): Juan Pedro Muñoz-Gea, Josemaria Malgosa-Sanahuja, Pilar Manzanares-Lopez, Juan Carlos Sanchez-Aarnoutse and Joan Garcia-Haro Abstract: An alternative to guarantee anonymity in overlay networks may be achieved by building a multi-hop path between the origin and the destination. However, one hop in the overlay network can consist of multiple Internet Protocol (IP) hops. Therefore, the length of the overlay multi-hop path must be reduced in order to maintain a good balance between the cost and the benefit provided by the anonymity facility. Unfortunately, the simple Time-To-Live (TTL) algorithm cannot be directly applied here since its use could reveal valuable information to break anonymity. In this paper, a new mechanism which reduces the length of the overlay multi-hop paths is presented. The anonymity level is evaluated by means of simulation and good results are reported. Title: PRICE TO PROVIDE RFID SECURITY AND PRIVACY? Author(s): Tim Good and Mohammed Benaissa Abstract: The applications for Radio frequency identification (RFID) systems are rapidly expanding and privacy concerns have been highlighted. Existing protocols fit into the challenge-response model and either fail in terms of privacy or have security vulnerabilities. A new symmetric key based protocol for RFID, named “PRICE: to Prevent RFID Insecurity Cryptography is Essential”, is presented. This provides tag and reader authentication together with secure transfer of the tag’s identifier whilst still remaining within the challenge-response model. A security analysis of the protocol is given together with discussion of areas of weakness. To support the protocol the tag-borne security measures comprise a single symmetric cipher encryption primitive. Title: AN E-VOTING PROTOCOL BASED ON PAIRING BLIND SIGNATURES Author(s): L. López-García, F. Rodríguez-Henríquez and M. A. León-Chávez Abstract: In this paper we present a fair e-voting protocol able to guarantee voter's anonymity and double vote detection. The main cryptographic building blocks used by our system are two, namely, pairing-based blind signatures and elliptic curve digital signatures. We give both, a security and a cryptographic cost analysis of our proposed protocol, showing that it has a computational cost similar to other e-voting schemes previously reported, and that, at the same time, it provides a good robustness against the potential attacks analyzed in this paper. Title: YET ANOTHER SECURE DISTANCE-BOUNDING PROTOCOL Author(s): Ventzislav Nikov and Marc Vauclair Abstract: Distance-bounding protocols have been proposed by Brands and Chaum in 1993 in order to detect relay attacks, also known as mafia fraud. Although the idea has been introduced fifteen years ago, only recently distance-bounding protocols attracted the attention of the researchers. Several new protocols have been proposed the last five years. In this paper, a new secure distance-bounding protocol is presented. It is self-contained and composable with other protocols for example for authentication or key-negotiation. It allows periodically execution and achieves better use of the communication channels by exchanging authenticated nonces. The proposed protocol becomes suitable for wider class of devices, since the resource requirements to the prover are relaxed. Title: SEC-SNMP: POLICY-BASED SECURITY MANAGEMENT FOR SENSOR NETWORKS Author(s): Qinghua Wang and Tingting Zhang Abstract: In this paper, we present a sensor network security management framework called Sec-SNMP, which organizes and manages security related behaviors in sensor networks based on security policies. There are three main components in Sec-SNMP: Sec-SNMP manager, Sec-SNMP agent and a policy control and deployment protocol. Sec-SNMP manager provides the interface between human administrator and the managed mesh network. Sec-SNMP agent represents Sec-SNMP manager to enforce security policies within the managed mesh network. The policy control and deployment protocol allows the communication between Sec-SNMP manager and Sec-SNMP agents. The security management for sensor networks is still in its germinal stage, and this paper provides a good guideline for future research. Title: APPLYING SRP ON SIP AUTHENTICATION Author(s): Celalettin Kilinc and A. Gokhan Yavuz Abstract: Session Initiation Protocol (SIP) is one of the most important protocols used in IP telephony today. By the increasing usage of IP telephony and also SIP, some features like quality of service and security becoming more important. Because of the simplicity of the protocol design, SIP does not have a highly secure authentication mechanism. For this reason, it is highly needed to enhance its security. In this paper we propose a new authentication scheme for SIP using Secure Remote Password (SRP) Protocol developed in Stanford University. We aim to enhance security in SIP authentication with least modification in current protocol. Title: A MULTIPLE BIRTHDAY ATTACK ON NTRU Author(s): Raphael Overbeck Abstract: In this paper we view the possibilities to lance a multiple (iterative) birthday attack on NTRU. Recently Wagner's algorithm for the generalized birthday problem allowed to speed-up several combinatorial attacks. However, in the case of NTRU we can not hope to to apply Wagner's algorithm directly, as the search space does not behave nicely. In this paper we show that we can nevertheless draw profit from a multiple birthday approach. Our approach allows us to attack {ees251ep6} parameter set on a computer with only $2^{52}$ Bits of memory and about $2^{9}$ times faster as with Odlyzko's combinatorial attack -- this is an improvement factor about $2^{43}$ in space complexity. We thus contradict the common believe, that storage requirements is by far the larger obstacle'' to attack NTRU by combinatorial attacks. Further, our attack is about $2^{7}$ times faster than the space-reduced variant from the CRYPTO 2007 attack employing the same amount of memory. Title: FORWARD-SECURE PROXY SIGNATURE AND REVOCATION SCHEME FOR A PROXY SIGNER WITH MULTIPLE ORIGINAL SIGNERS Author(s): B. B. Amberker and N. R. Sunitha Abstract: On many occasions it is required for a single person to take up the responsibilities of many persons for some duration and work on their behalf so that the regular work goes on smoothly. For example in a bank, when majority of the employees need to attend an important meeting during working hours, to avoid disrupting any of the regular activities, one employee may need to play the role of many employees. An accountant may need to play the role of a cashier, asst. manager and cheque clearing officer. In such situations the employee working on behalf of other employees need to be delegated with signing power from the employees who perform the activities regularly. Also, this delegation must be only for some specified time period T and after the elapse of that time period the signing capability must be revoked. The concept of proxy signatures is used here. A proxy signature scheme allows one user to delegate his/her signing capability to another user called a proxy signer in such a way that the latter can sign messages on behalf of the former. After verification the verifier is convinced of the original signer's agreement on the signed message. Forward-Secure signatures enable the signer to guarantee the security of messages signed in the past even if his secret key is exposed today. We have come up with a forward secure proxy signature and revocation scheme for a proxy signer who is delegated with signing power from multiple original signers. This scheme is based on the popular Bellare-Miner Forward-secure scheme. Title: ON THE (IN)SECURITY OF TWO BUYER-SELLER WATERMARKING PROTOCOLS Author(s): Geong Sen Poh and Keith M. Martin Abstract: A buyer-seller watermarking protocol deters dishonest buyers from illegally distributing bought content. This is achieved by giving the seller the capability to trace and identify these buyers, while also allows the seller to prove illegal acts to a third party. At the same time, an honest buyer is prevented from being falsely accused of illegal content distribution by the seller. Many protocols have been proposed, with two recent proposals being the protocols proposed by Ibrahim {\it et al.} in IAS 2007 and SECRYPT 2007. We will show that these protocols are not secure, especially for the seller. We further put forward our thoughts on how it is possible to avoid the security weaknesses found in them. Title: KEY DISTRIBUTION BASED ON QUANTUM FOURIER TRANSFORM Author(s): Marius Nagy, Selim G. Akl and Sean Kershaw Abstract: The data dependencies brought about by the Quantum Fourier Transform can be harnessed to design novel key distribution protocols with improved performance. Such a protocol maximizes an eavesdropper's uncertainty over the information transmitted, while amplifying the disturbance caused by the act of eavesdropping, thus offering better chances of detecting the intrusion. Title: FPGA-TARGETED HARDWARE IMPLEMENTATIONS OF K2 Author(s): Shinsaku Kiyomoto, Toshiaki Tanaka and Kouichi Sakurai Abstract: K2 is a new type of word oriented stream cipher that has dynamic feedback control. Existing research has shown that K2 v2.0 is a high performance stream cipher in software implementations and can be used in several applications. However, no evaluation results for its performance in hardware implementations have been published. In this paper, we presented two hardware implementations of K2 v2.0: a high speed implementation and a compact implementation. We then show the evaluation results on FPGA implementation simulations. The implementations of K2 demonstrated high efficiency compared with other stream ciphers, with K2 being 4-10 times higher than AES implementations. We think that the FPGA implementation of K2 is suitable for applications using high speed encryption/decryption. Title: MULTI-COLLISIONS ATTACK IN RING HASH STRUCTURE Author(s): Nasour Bagheri, Babak Sadeghiyan and Majid Naderi Abstract: In this paper, we will present a cryptanalysis of Ring hash structure, a new hash structure which has been introduced to strength the current hash structures against multi-collision attack, proposed by Joux. Our study will show that finding multi-collisions, i.e. 2k-way collision, at Ring hash structure is not much harder than finding such a multi-collisions in ordinary MD hash structure. In fact, the complexity of the attacks is approximately log(n) times harder than what has been found for MD structures. We use these large multi-collisions as a tool to find D-way preimage for this structure. The complexity of finding 2K-way multi-collision and 2k-way preimage are O((k+1)*(n/2)*(2^(n/2))) and O(k*(n/2)*(2^(n/2))+2*(2^(n/2))) respectively. Similar to what has been proved by Joux for MD, we will show that this structure could not being used to create a hash function with 2n-bite length by concatenating this structure with any other hash structure by hash’s output length of n-bite. We show that the time complexity of finding a collision for this concatenated structure is O((k+1)*(n/2)*(2^(n/2))) that much smaller than what expected from generic-birthday attack which should be Ω(2^n). Title: EFFICIENT IBE-PKE PROXY RE-ENCRYPTION Author(s): Takeo Mizuno and Hiroshi Doi Abstract: In proxy re-encryption schemes, a semi-trusted entity called proxy can convert a ciphertext encrypted for Alice into a new ciphertext for Bob without seeing the underlying plaintext.Several proxy re-encryption schemes have been proposed, however, only one scheme which enables the conversion of IBE ciphertexts to PKE ciphertexts has been proposed and it has some drawbacks. In that scheme, the size of the re-encrypted ciphertext increases and Bob must be aware of existence of the proxy, which means Bob cannot decrypt a re-encrypted ciphertext with same PKE decryption algorithm. We propose a new, efficient scheme that enables the conversion of IBE ciphertexts to PKE ciphertexts, and prove CPA security in the standard model. In our scheme, the size of the re-encrypted ciphertext is optimal and Bob does not aware of existence of the proxy. As far as we knows, this is the first scheme that holds the above properties. Title: A FAIR E-TENDERING PROTOCOL Author(s): Vijayakrishnan Pasupathinathan, Josef Pieprzyk and Huaxiong Wang Abstract: Implementation of an electronic tendering (e-tendering) systems requires careful attention to the needs of the system and its various participants. Fairness in an e-tendering is of utmost importance. Current proposals and implementations do not provide fairness and thus, are vulnerable to collusion and favourism. Dishonest participants, either the principal or tenderer may collude to alter or view competing tenders which would give the favoured tenderer a greater chance of winning the contract. This paper proposes an e-tendering system that is secure and fair to all participants. We employ the techniques of anonymous token system along with signed commitment approach to achieve a publicly verifiable fair e-tendering protocol. We also provide an analysis of the protocol that confirms the security of our proposal against security goals for an e-tendering system. Title: A GENERAL FRAMEWORK FOR GUESS-AND-DETERMINE AND TIME-MEMORY-DATA TRADE-OFF ATTACKS ON STREAM CIPHERS Author(s): Guanhan Chew and Khoongming Khoo Abstract: In this paper, we present a framework for guess-and-determine attack on stream ciphers that relies on guessing part of the internal state and solving for the remaining unknown cipher state based on known keystream bits. We show that this basic attack can always be extended to a Time-Memory-Data (TMD) Trade-Off attack. This allows us to easily extend any guess-and-determine attack to a guess-and-determine TMD attack, which improves the online attack at the expense of memory, pre-processing time, and data requirement. Lastly, we illustrate two applications of the attack framework. Title: SECURE COMMUNICATION IN MOBILE AD HOC NETWORK USING EFFICIENT CERTIFICATELESS ENCRYPTION Author(s): Peter Hyun-Jeen Lee, Shivaramakrishnan Narayan and Parampalli Udaya Abstract: Establishing secure communication in a wireless network such as Mobile Ad Hoc Network (MANET) is particularly challenging because: (i) the network is self-organizing; (ii) messages are broadcasted;(iii) messages travel in a hop-by-hop manner; (iv) nodes are constrained in terms of computation and battery power. We propose Hybrid Identifier-based Encryption (HIDE), a flexible and efficient Certificateless Encryption which is optimized for MANET environment. Further, we couple the idea of Resurrecting Duckling with HIDE to achieve efficient key establishment and demonstrate the use of the transparent policy encoder which facilitates the authentication. We also show the security of the scheme in random oracle model, establishing a reduction of our scheme to solving $k$-Bilinear Diffie-Hellman Inversion problem. Title: REBEL - Reconfigurable Block Encryption Logic Author(s): Mahadevan Gomathisankaran, Ka-Ming Keung and Akhilesh Tyagi Abstract: Shanon in his milestone paper defined two design principles for secret systems. The first is to make the security of the system reducible to some known difficult problem. This principle has been used widely in the design of public-key systems, but not in secret-key ciphers. Shannon’s second principle is to make the system secure against all known attacks, which is still the best known design principle for secret-key ciphers today. In this paper we propose a novel block encryption algorithm whose security can be reduced to the Boolean Matrix Square Root problem which has been proven to be NP-Complete. The novel design allows key size to be much larger than the block size, and is still able to maintain throughputs close to or better than the fastest AES implementations. Title: AN EFFICIENT MULTIPLICATION ALGORITHM USING BINOMIAL RESIDUE REPRESENTATION Author(s): Yin Li and Christophe Negre Abstract: In this paper, we propose an extension of the algorithm proposed by Bajard, Imbert and Negre in 2006 (, refered as BIN algorithm. We use binomial residue representation of field elements instead of the Lagrange representation of BIN. Specifically, every elements in GF(p^k) is represented by a set of residue modulo fixed binomials. We propose two versions of our algorithm, one in general form with a sub-quadratic complexity equal to O(k^{1.5}) operations in GF(p^k). The second one is optimized with the use of FFT. In this case the cost is O(klog(k)) operations in $\mathbb{F}_p$. For fields $GF(p^k)$ suitable for elliptic curve cryptography our algorithm roughly improves the time delay of BIN by $45\%$. Title: A NEW PROBABILISTIC REKEYING METHOD FOR SECURE DYNAMIC GROUPS Author(s): Shankar Joshi and Alwyn R. Pais Abstract: LKH (Logical Key Hierarchy) is a basic method in secure multicast group rekeying. LKH maintains a balanced tree which provide uniform cost of O(log N) for compromise recovery, where N is group size. However it does not distinguish the behavior of group members even though they have different probabilities of join or leave. When members have diverse changing probability or different changing mode, the gap between LKH and the optimal rekeying algorithm will become bigger. The PLKH (probabilistic optimization of LKH) scheme optimized rekey cost by organizing LKH tree by user rekey characteristic. In this paper, we use PLKH concept with different approach to join and leave the LKH tree to further reduce the rekey cost. Simulation results show that our scheme performs 21% to 44% better than PLKH and 38% to 52% better than LKH. Title: TRAITOR TRACING FOR ANONYMOUS ATTACK IN CONTENT PROTECTION Author(s): Hongxia Jin Abstract: In this paper we take a closer look at traitor tracing in the context of content protection, especially for anonymous attack where the attackers pirate the content and re-distribute the decrypted plain content. When the pirated copies are recovered, traitor tracing is a forensic technology that can identify the original users (called traitors) who have participated in the pirate attack and involved in the construction of the pirated copy of the content. In current state-of-art, traitor tracing scheme assumes a maximum coalition size of traitors in the system and is defined to detect one traitor, assuming the detected traitor can be disconnected and tracing just repeats with the remaining traitors. In this position paper we argue this definition does not sufficiently reflect the reality where a traitor tracing technology is used to defend against piracy especially in the context of content protection. We believe a traitor tracing scheme should deduce the active coalition size and should be defined to detect all active traitors even taking into consideration that found traitors need to be technically disabled. We believe the traditional definition misleads in the design of an efficient and practical traitor tracing schemes while our definition much better fits the reality and can lead to design of efficient traitor tracing schemes for real world use. Title: EXPERIMENTAL RESEARCH AND CAPABILITY VALUATION ON SECURITY OF SOA-SCA BASED SDO Author(s): Peng Xu, Zhiyi Fang, Hang Su and Chuyi Wei Abstract: By using technologies such as encryption, decryption, message digest, and digital signature and so on, this paper designed respective solutions for some security problems of SDO (Service Data Objects) data model, a concrete business processes based on SOA-SCA (Service Component Architecture) as well as security solutions for data confidentiality, integrity and non-repudiation of SDO data model based on the business processes. In addition, the design goals of security solution were analyzed in detail. Finally, the solution was achieved by using development tools WID (WebSphere Integration Developer) and WPS (WebSphere Process Server). The test and capability analysis for this realization was performed too. Title: IDENTITY-BASED SIGNCRYPTION WITHOUT RANDOM ORACLES Author(s): Shivaramakrishnan Narayan, Parampalli Udaya and Peter Hyun-Jeen Lee Abstract: The use of signcryption for secure and authenticated data communication was realized in $1997$, following which numerous signcryptions have been presented which are provably secure in the random oracle proof methodology. In this paper, we present an identity-based signcryption provably secure in the standard model. Our scheme relies on the intractability of two well studied problems, the decisional bilinear Diffie-Hellman and the computational Diffie-Hellman. We achieve the security reduction of our scheme for the properties message confidentiality and unforgeability without relying on random oracles. Title: ANONYMOUS MESSAGE AUTHENTICATION - Universally Composable Definition and Construction Author(s): Kazuki Yoneyama Abstract: Recently, various casual communication tools which are run by a certain group (e.g., social network service, blog and Wiki) are popularized. In such services, a member may want to inform some information to other group members without exposing his identity. For this perpose, message authentication schemes which guarantee anonymity of senders seem to be suitable. In this paper, we introduce a new anonymous message authentication scheme using ring signature with a special certification authority, called group-certification authority (gCA). Our scheme does not need any group manager to preserve the anonymity of the group member by the property of ring signature. Therefore, our scheme is suitable to casual services where a strict operation is not required by a system manager. Furthermore, we evaluate the security of our scheme in the universal composability (UC) framework. First, we propose a new ideal anonymous message authentication functionality and a new group-certification authority functionality. Next, by applying the ring signature functionality we show that our scheme securely realizes the anonymous message authentication functionality in ring signature functionality and group-certification authority functionality hybrid model. Title: AN EFFICIENT RECONFIGURABLE SOS MONTGOMERY MULTIPLIER IN GF (P) USING FPGA DSP SLICES Author(s): Muhammed Nauman Qureshi, Muhammad Nadeem Sial and Nassar Ikram Abstract: Fast computational methods of Montgomery modular multiplication in hardware are of great importance for the realisation of practical cryptographic system. For the public key cryptographic algorithms in particular, an efficient implementation of modular exponentiation in terms of speed and resource utilization is required. This paper focuses on implementation of Separated Operand Scanning (SOS) based Montgomery Multiplication algorithm in Virtex-5 FPGA using DSP slices. The control logic built on top has been designed to provide fully pipelined architecture. Our SOS based FPGA multiplier has resulted in improved area-speed trade off when compared with all the known SOS based Montgomery Modular multiplication solutions to date. Title: A SHORT NOTE ON SECRET SHARING USING ELLIPTIC CURVES Author(s): Volker Müller Abstract: In this short note we describe a variant of Shamir's $(n, t)$-threshold scheme based on elliptic curves. This variant reuses existing public and secret keys of an elliptic curve cryptosystem and does therefore not require the storage of any other secret information. Moreover, we show how pairings for elliptic curves can be used to provide verifiability for the new elliptic curve based threshold scheme. Title: LOW AREA SCALABLE MONTGOMERY INVERSION OVER GF(2m) Author(s): Mohamed N. Hassan and Mohammed Benaissa Abstract: In this work, we propose an improved algorithm for Montgomery modular inversion over GF(2m) to meet the requirements for cryptography primitives that are characterized by low hardware resource usage in addition to the scalability feature. Moreover, a novel hardware architecture for the proposed algorithm is presented. This new hardware architecture is parameterized and scalable. Additionally, it is amenable to be interfaced with special purpose processors e.g. microcontrollers and sustained many finite fields operands up to finite field lengths without the need to reconfigure the hardware where the proposed architecture does not depend on the operand size of the chosen field The results shows that, this work can be exploited to construct an elliptic curve cryptosystem (ECC) can not only significantly reduce the cost, but also contribute in the deployment of smart cards and RFID tags applications. Title: PROPER KEY GENERATION FOR THE IZOSIGN ALGORITHM Author(s): Loránd Szõllõsi, Gábor Fehér and Tamás Marosits Abstract: In the last decade using digital signatures in authentication and authorization protocols just as in e-business scenarios became more and more important and indispensable. New algorithms with different features for various applications are presented continuously. The IzoSign digital signature creation algorithm was introduced by the authors of this paper at [conference name deleted]. At that time, random key generation was proposed, which was later found vulnerable with high probability to a vertex matching attack. We hereby analyze and generalize this kind of attacks, build a key generation algorithm that withstands such attacks, and then give a (theoretic) construction for key generation which (under the P!=NP or NP=EXP assumptions) is hard to break. Title: POINT MULTIPLICATION ON SUPERSINGULAR ELLIPTIC CURVES DEFINED OVER FIELDS OF CHARACTERISTIC 2 AND 3 Author(s): Kwang Ho Kim and Christophe Negre Abstract: Elliptic curve cryptosystem protocols use two main operation, the scalar multiplication and the pairing computation. Both of them are done through a chain of basic operation on the curve. In this paper we present new formulas for supersingular elliptic curve in characteristic 2 and 3. We improve best known formulas by at least one multiplication in the field. The resulting scalar multiplication is thus also more efficient. Title: GEOGRAPHIC DATA AND STEGANOGRAPHY - Using Google Earth and KML Files for High-Capacity Steganography Author(s): Malte Diehl Abstract: Steganography is the art of hiding the existence of information, whereas cryptography only aims at hiding the content of a message. Most steganographic algorithms try to embed data into images, audio or video files that provide reasonable capacities. However, such systems are often vulnerable to simple statistical attacks. In this paper, in order to provide an appropriate alternative to the currently used algorithms, we examine the information hiding properties of vector data that is used by many geographic information systems in great quantities. Unlike watermarking, we focus on maximising embedding capacities rather than on robustness, while still providing security against statistical attacks. Our implementation that uses the KML format known from Google Earth and other map services can replace more than 20 % of the original data with hidden messages, provided that a lot of numerical geodata is present in the KML file. Thus, our algorithm can hide about twice as much as current algorithms for images. Yet, virtually no distortions are inflicted to the cover data. Title: PRACTICAL APPLICATION OF A SECURITY MANAGEMENT MATURITY MODEL FOR SMES BASED ON PREDEFINED SCHEMAS Author(s): Luís Enrique Sánchez, Daniel Villafranca, Eduardo Fernández-Medina and Mario Piattini Abstract: For enterprises to be able to use information technologies and communications with guarantees, it is necessary to have an adequate security management system and tools which allow them to manage it. In small and medium-sized enterprises, the application of security standards has an additional problem, which is the fact that they do not have enough resources to carry out an appropriate management. This security management system must have highly reduced costs for its implementation and maintenance in small and medium-sized enterprises (from here on refered to as SMEs) to be feasible. In this paper we show the practical application of our proposal for a maturity model with which to manage the security in SMEs, centring upon the phase which determines the state of the enterprise and some of the mechanisms which allow the security level to be kept up to date without the need for continuous audits. This focus is continuously refined through its application to real cases, the results of which are shown in this paper. Title: CSTEG: TALKING IN C CODE - Steganography of C Source Code in Text Author(s): Jorge Blasco Alís, Julio Cesar Hernandez-Castro, Juan M. E. Tapiador and Arturo Ribagorda Garnacho Abstract: Cryptographic software has suffered in many ocassions from export restrictions. Governments might claim that cryptographic algorithms are equivalent to military equipment to justify and maintain these restrictions. Sometimes, these laws are approved under dictatorial rules or even by democratric goverments which exploit and overstimate a terrorist menace to restrict civil rights. Citizens have evaded these restrictions in many ways: handwriting the program’s source code and then typing it again, printing the source code in a t-shirt, using some kind of steganographic technique, etc. In this paper, we present a system called CSteg that hides source code into plain text by using context-free grammars. This presents the additional advantage that under some laws plain text is protected (and its exportation allowed) by free-speech and/or intellectual property legislation. Title: AN EVENT-DRIVEN, INCLUSIONARY AND SECURE APPROACH TO KERNEL INTEGRITY Author(s): Satyajit Grover, Divya Naidu Kolar Sunder, Samuel O. Moffatt and Michael E. Kounavis Abstract: In this paper we address the problem of protecting computer systems against stealth malware. The problem is important because the number of known types of stealth malware increases exponentially. We believe that existing approaches have some advantages for ensuring system integrity but sophisticated techniques utilized by stealthy malware can thwart them. We propose RKRD (pronounced ‘record’) a hardware-based, effective, secure and scalable approach to kernel integrity that addresses some of the limitations of the state of the art. Our solution is based on the principles of using virtualization hardware for isolation, verifying signatures coming from trusted code as opposed to malware for scalability and performing system checks based on events for effectiveness. Our RKRD implementation is guided by our goals of strong isolation, no modifications to target guest OS kernels, easy deployment, minimal infrastructure impact, and minimal performance overhead. We developed a system prototype and conducted a number of experiments which show that the performance impact of our solution is negligible. Title: THE SUBSTITUTION CIPHER CHAINING MODE Author(s): Mohamed Abo El-Fotouh and Klaus Diepold Abstract: In this paper, we present a new tweakable narrow-block mode of operation, the Substitution Cipher Chaining mode (SCC), that can be efficiently deployed in disk encryption applications. SCC is characterized by its high throughout compared to the current solutions and it can be parallelized. We used this mode to modify Windows Vista's disk encryption algorithm, to offer some parallelism in its original implementation and to improve its diffusion property. Title: A HEURISTIC POLYNOMIAL ALGORITHM FOR LOCAL INCONSISTENCY DIAGNOSIS IN FIREWALL RULE SETS Author(s): S. Pozo, R. Ceballos and R. M. Gasca Abstract: Firewalls are very important elements for many enterprise networks. However, maintaining and designing firewall ACLs is a difficult task because as firewall ACLs are order dependent, it can be inconsistencies. There is an inconsistency if different actions can be taken on the same flow of traffic, depending on the ordering of the rules. This could result in a firewall accepting traffic that should be denied and vice versa. Therefore, inconsistent rules should be removed in order to get a consistent rule set. We present a novel polynomial technique and two algorithms to detect and identify (diagnose) inconsistencies in firewall rule sets. The process is based on a deep analysis of the consistency problem in firewall rule sets, and on results obtained in a previous work. From this analysis we isolated the inconsistency diagnosis step from the characterization one, as optimal consistency characterization is a combinatorial problem. The algorithms return several independent groups of inconsistent rules that can be characterized against a established fault taxonomy. The main advantage of the proposed diagnosis process is that optimal characterization can be now applied to several smaller problems (the result of the diagnosis process) rather than to the whole rule set, resulting in an effective computational complexity reduction. There are no constraints on how rule field ranges are expressed, and thus the diagnosis is given over the original, unmodified rule set. A theoretical complexity analysis and experimental results with real rule sets are also provided to show the feasibility of our proposal in real life environments. Although many algorithms have been proposed to address firewall rule set inconsistency diagnosis and characterization problem, the presented ones are a different way to solve the problem and can improve the effective computational complexity in memory and space, due to the reduction of the problem to several smaller ones. Title: SECURITY REQUIREMENTS IN SOFTWARE PRODUCT LINES Author(s): Daniel Mellado, Eduardo Fernández-Medina and Mario Piattini Abstract: Proper analysis and understanding of security requirements are important because they help us to discover any security or requirement defects or mistakes in the early stages of development. Hence, security requirements engineering is both a central task and a critical success factor in product line development due to the complexity and extensive nature of product lines. However, most of the current product line practices in requirements engineering do not adequately address security requirements engineering. Therefore, in this paper we will propose a security quality requirements engineering process (SREPPLine) driven by security standards and based on a security requirements decision model along with a security variability model to manage the variability of the artefacts related to security requirements. The aim of this approach is to deal with security requirements from the early stages of the product line development in a systematic way, in order to facilitate conformance with the most relevant security standards with regard to the management of security requirements, such as ISO/IEC 27001 and ISO/IEC 15408. Title: A 640 MBIT/S 32-BIT PIPELINED IMPLEMENTATION OF THE AES ALGORITHM Author(s): Guido Marco Bertoni, Luca Breveglieri, Roberto Farina and Francesco Regazzoni Abstract: Due to the diffusion of cryptography in real time applications, performances in cipher and decipher operations are nowadays more important than in the past. On the other side, while facing the problem for embedded systems, additional constraints of area and power consumption must be considered. Many optimized software implementations, instruction set extensions and co-processors, were studied in the past with the aim to either increase performances or to keep the cost low. This paper presents a co-processor that aims to be an intermediate solution, suitable for such applications that require a throughput in the Megabit range and where the die size is a bit relaxed as constraint. To achieve this goal, the core is designed to operate at $32$ bits and the throughput is guaranteed by a 2 stage pipeline with data forwarding. The obtained results synthesizing our coprocessor by means of the CMOS 0.18 standard cell library show that the throughput reaches 640 Mbit/s while the circuit size is of only 20 K equivalent gates. Title: TOWARDS LANGUAGE-INDEPENDENT APPROACH FOR SECURITY CONCERNS WEAVING Author(s): Azzam Mourad, Dima Alhadidi and Mourad Debbabi Abstract: In this paper, we propose an aspect-oriented approach based on the Gimple language for the systematic security hardening of software (Definition in Section 3). We also present a formal specification for Gimple weaving together with the implementation methodology of the proposed weaving semantics. The primary contribution of these propositions is providing the software architects with the capabilities to perform security hardening by applying well-defined solutions and without the need to have expertise in the security solution domain. At the same time, the security hardening is applied in an organized and systematic way in order not to alter the original functionalities of the software. Moreover, adopting aspect-orientation concept on the Gimple representation of a program constitutes a novel approach. Simultaneously, it addresses the limitation of our initial approach caused by the shortcomings of the current aspect-oriented technologies for several security hardening concerns. We explore the viability and relevance of our propositions by: (1) realizing the weaving semantics for Gimple by implementing it into the GCC compiler (2) applying our methodologies for systematic security hardening to develop a case study for securing the connections of client applications (3) using the weaving features of the extended GCC to harden the security solution into an application and presenting experimental results. Title: SECURING THE EMAIL SERVICES - New System for Secure Managing the Organization’s Mail Service Author(s): Raúl Herbosa, Gabriel Díaz and Manuel Castro Abstract: We have developed a new system for securing the email service, minimizing the risks associated with spam and malicious software associated with the email messages, valid for any organization. To build it, we have used several free software tools under GPL license, integrating them over a generic hardware platform. Our approach has been the typical of an integration project. We have identified our concrete needs, related to email threats, we have identified free software tools under GPL that meet our needs and we have made the integration tasks, suggesting hardware and software architecture to support our objectives. One crucial criterion for the selection has been that the tools must provide working information records, i.e. file logs and tools to treat them for the different covered subsystems. We have also developed several tools to complete the original functionality of them. The resulting system, nowadays in use in a big company in Spain, is a flexible and effective one, that filters quickly and exhaustively every incoming and outgoing message, eliminating successfully more than 80% of the received messages Title: METRICS APPLICATION IN METROPOLITAN BROADBAND ACCESS NETWORK SECURITY ANALYSIS Author(s): Rodrigo S. Miani, Bruno B. Zarpelão, Leonardo de Souza Mendes and Mario L. Proença Jr. Abstract: Information security has direct influence on any successful deployment of metropolitan broadband access networks. Efficient methods are required for security analysis of metropolitan networks in all levels: organization, structure and system. This work proposes the development and application of specific security metrics for metropolitan broadband access networks that aim to measure the efficiency of security programs and support action planning against detected problems. The approach presented in this work show metrics developed for these networks and parameters for metrics definition, such as a model for calculation of security indicator of a metric. This paper also presents results achieved from application of the metrics reported here to establish security policies in the metropolitan broadband access network of Pedreira, a city located in the state of São Paulo, Brazil. These results show that well formed security metrics can be efficient in vulnerability detection and solutions of security issues. Title: SECURITY AND AUTHENTICATION FOR NETWORKED STORAGE Author(s): V. Kumar Murty and Guangwu Xu Abstract: Authentication and access control are important measures for the security of a storage area network (SAN). In this paper, the current methods of authentication and access control in a SAN are reviewed and a new identity-based authentication scheme is proposed. This scheme has the advantage that it is ligher weight and more suited for the high speed switches that operate in a SAN fabric. Title: A REVIEW OF TRUST MANAGEMENT, SECURITY AND PRIVACY POLICY LANGUAGES Author(s): Juri Luca De Coi and Daniel Olmedilla Abstract: Policies are a well-known approach to protecting security and privacy of users as well as for flexible trust management in distributed environments. In the last years a number of policy languages were proposed to address different application scenarios. In order to help both developers and users in choosing the language best suiting her needs, policy language comparisons were proposed in the literature. Nevertheless available comparisons address only a small number of languages, are either out-of-date or too narrow in order to provide a broader picture of the research field. In this paper we consider twelve relevant policy languages and compare them on the strength of ten criteria which should be taken into account in designing every policy language. Some criteria are already known in the literature, others are introduced in our work for the first time.By comparing the choices designers made in addressing such criteria, useful conclusions can be drawn about strong points and weaknesses of each policy language. Title: AUTONOMIC TRUST MANAGEMENT FOR A PERVASIVE SYSTEM Author(s): Zheng Yan Abstract: A pervasive system allows seamless interactions among various portable and networked processing devices, distributed at all scales throughout everyday routine life. In such an open and dynamic environment, trust becomes a crucial issue to ensure effective collaborations among various devices in order to provide expected services. Many existing trust management solutions for the pervasive systems did not support autonomic control that automatically manages trust requested by a trustor device on a trustee device for the fulfillment of an intended service. This greatly influences the effectiveness of trust management. In this paper, we propose an autonomic trust management solution for the pervasive system on the basis of a trusted computing platform and an adaptive trust control model. We demonstrate how trust can be automatically managed and the effectiveness of our solution through applying it into an example pervasive system. Additional issues such as standardizing pervasive computing devices and implementation strategies are also discussed. Title: SELECTING TRUSTWORTHY CONTENT USING TAGS Author(s): Daniele Quercia, Licia Capra and Valentina Zanardi Abstract: Networked portable devices enable their users to easily create and share digital content (e.g., photos, videos). Hitherto, this serendipitous form of sharing has not happened. That may be because, for sharing content, mobile users have no choice but to go through the Internet. Users are thus in need of decentralised mechanisms for browsing location-based content. Title: DYNAMICS OF TRUST EVOLUTION - Auto-configuration of Dispositional Trust Dynamics Author(s): Christian Damsgaard Jensen and Thomas Rune Korsgaard Abstract: Trust management has been proposed as a convenient paradigm for security in pervasive computing. The part of a trust management system that deals with trust evolution normally requires configuration of system parameters to indicate the user’s propensity to trust other users. Such configurations are not intuitive to ordinary people and significantly reduce the usability of the system. In this paper, we propose a dynamic trust evolution function that requires no initial configuration, but automatically adapts the behaviour of the system based on the user’s experiences. This makes the proposed trust evolution function particularly suitable for embedding into mass produced consumer products. Title: TRUST MODEL FOR HIGH QUALITY RECOMMENDATION Author(s): G. Lenzini, N. Sahli and H. Eertink Abstract: Recommendations that members of a virtual community get about the trustworthiness of objects. In our system, and as in well-known solutions, members of the community evaluate (i) the functional trust in an item by the analysis of the object’s qualities, past experience, and recommendations and (ii) the referral trust in a recommender by the analysis of the recommender’s qualities and reputation (reputation based on personal experience). Moreover, in our trust model, each principal debates with its (more or less trustworthy) recommenders about the arguments given to support a recommendation. The usefulness and the reliability of a recommendation thus depend both on the referral trust that a member has in the recommender and on the strength of the arguments supporting the recommendation. A measure of this strength results after the member has played an argumentation game with the recommender. Therefore, the recommendations that are taken into account are those which better match the member’s profile and way of reasoning. Another benefit in using of argumentation is that the referral trust of a recommender (in the viewpoint of a member) is not affected by the past recommendations that did not match a member’s taste because of a divergence of opinions. The trustworthiness evaluation algorithm is also context dependent and able to collect both direct and indirect information about trustees. Our trust model is part of an agent-based architecture we propose for decentralised virtual communities. This architecture provides our system with autonomy, unobtrusiveness, user mobility, and context-awareness. Title: ENHANCED SECURE INTERFACE FOR A PORTABLE E-VOTING TERMINAL Author(s): André Zúquete Abstract: In this paper we present an enhanced interface for an e-voting client application that partially runs inside a small, portable terminal with reduced interaction capabilities. The interface was enhanced by cooperating, at the interface level, with the hosting computer where the terminal is connected to: the hosting computer shows a detailed image of the filled ballot. The displayed image does not convey any personal information, namely the voter's choices, to the hosting computer; voter's choices are solely presented at the terminal. Furthermore, the image contains visual authentication elements that can be validated by the voter using information presented at the terminal. This way, hosting computers are not able to gather voters' choices or to deceive voters, by presenting tampered ballots, without being noticed. Title: REPUTATION MANAGEMENT IN GRID-BASED VIRTUAL ORGANISATIONS Author(s): Alvaro Arenas, Benjamin Aziz and Gheorghe Cosmin Silaghi Abstract: Grid computing allows one to access, utilise and manage heterogeneous resources in Virtual Organisations (VOs) across multiple domains and institutions. This paper presents a reputation management system for Grid-based VOss based on utility computing. The model is used to keep reputation of both users, according to their resource usage, and resource providers, according to the quality of the service provided. Title: FORMALIZING END-TO-END CONTEXT-AWARE TRUST RELATIONSHIPS IN COLLABORATIVE ACTIVITIES Author(s): Ioanna Dionysiou, Dave Bakken, Carl Hauser and Deborah Frincke Abstract: The diversity of the kinds of interactions between principals in distributed computing systems, including critical infrastructures, has expanded rapidly in recent years. However, the state of the art in trust management is not yet sufﬁcient to support this diversity of interactions: it largely involves static, pairwise trust relationships. This paper introduces formalisms for a new trust model that overcomes these limitations. The novelty of the new model is its ability to specify and reason about trust dynamically and when composed beyond pairwise relationships: either many-to-one or a chain of processing. These capabilities are expected and observed during the collaboration of a group of interacting entities.