Information Security 19th International Conference, ISC 2016, Honolulu, HI, USA, September 3-6, 2016. Proceedings

This book constitutes the refereed proceedings of the 19th International Conference on Information Security, ISC 2016, held in Honolulu, HI, USA, in September 2016. The 19 revised full papers presented together with 7 short papers were carefully reviewed and selected from 76 submissions. The confere...

Full description

Saved in:
Bibliographic Details
Main Authors Bishop, Matt, Nascimento, Anderson C. a
Format eBook Conference Proceeding
LanguageEnglish
Published Cham Springer Nature 2016
Springer International Publishing AG
Springer International Publishing
Springer
Edition1
SeriesLecture Notes in Computer Science
Subjects
Computer programming, programs, data
Computer Science
Computer security-Congresses
Computer Systems Organization and Communication Networks
Computers and Society
Cryptology
Math Applications in Computer Science
Systems and Data Security
Online AccessGet full text
ISBN331945871X
9783319458717
3319458701
9783319458700
ISSN0302-9743
1611-3349
DOI10.1007/978-3-319-45871-7

Cover

Table of Contents:
  • 4.1 Experimental Environment -- 4.2 Scalability -- 4.3 Resilience -- 4.4 Flexibility -- 5 Use Cases -- 5.1 Sharing Resources with Geographically Distributed Partners -- 5.2 Sharing Derived Information with Partners -- 6 Related Work -- 7 Conclusions -- References -- Privacy and Watermarking -- Leveraging Internet Services to Evade Censorship -- 1 Introduction -- 2 Threat Model -- 3 System Design -- 3.1 Abstract Architecture -- 3.2 Connector -- 3.3 Dispatcher -- 3.4 Plugins -- 4 Circumvention Systems -- 4.1 Email -- 4.2 VoIP and Instant Messaging -- 4.3 Online Gaming -- 4.4 File Sharing -- 5 Evaluation -- 5.1 Performance -- 5.2 Traffic Patterns -- 5.3 Real-World Deployment -- 6 Related Work -- 7 Conclusions -- References -- Analyzing Randomized Response Mechanisms Under Differential Privacy -- 1 Introduction -- 2 Background -- 2.1 Differential Privacy -- 2.2 Randomized Response Mechanisms -- 3 Analyzing the Randomized Response Mechanisms -- 4 Privacy Analysis -- 4.1 Analyzing the Variants -- 4.2 Analyzing Applications -- 5 Concluding Remarks -- References -- Models and Algorithms for Graph Watermarking -- 1 Introduction -- 2 Our Watermarking Framework -- 3 Identifying High- and Medium-Degree Vertices -- 4 Adversary Tolerance -- 5 Experiments -- References -- Software Security -- Policy-Based Implicit Attestation for Microkernel-Based Virtualized Systems -- 1 Introduction -- 2 Related Work -- 3 Scenario and Attacker Model -- 3.1 Data Integrity Protection and Attestation Scenario -- 3.2 Attacker Model -- 4 Microkernel-Based System Architecture with TPM 2.0 -- 5 Data Integrity Protection with Implicit Attestation -- 5.1 Notation -- 5.2 Cryptographic Keys -- 5.3 Phase 1: Setup -- 5.4 Phase 2: Data Integrity Protection with Implicit Attestation -- 6 Implementation -- 7 Security Discussion -- 8 Conclusion -- References
  • Generalized Dynamic Opaque Predicates: A New Control Flow Obfuscation Method
  • 2.2 Correlation Between SNR and Power Consumption of an Interesting Point -- 3 Our Methods to Bias Power Traces -- 3.1 Biasing Power Traces by Using Minkowski Distance -- 3.2 Biasing Power Traces by Using the Sum of Probability Density Function Values of Power Consumption of Interesting Points -- 3.3 Biasing Power Traces by Directly Using Power Consumption of Interesting Points -- 3.4 How to Bias Power Traces Using the Above 4 Schemes -- 4 Experimental Results -- 4.1 Interesting Points Extraction -- 4.2 Comparison of Screening Accuracy -- 4.3 Comparison of Success Rates -- 5 Conclusion -- References -- Damaging, Simplifying, and Salvaging p-OMD -- 1 Introduction -- 1.1 Nonce-Misuse Forgery on p-OMD (Damaging) -- 1.2 Spoed (Simplifying) -- 1.3 Spoednic (Salvaging) -- 2 Security Model -- 2.1 Authenticated Encryption -- 2.2 (Tweakable) Keyed Compression Function -- 3 p-OMD -- 3.1 Preliminary Security Claims of p-OMD -- 3.2 Nonce-Misusing Attack on p-OMD -- 4 Spoed -- 4.1 Syntax -- 4.2 Generalized Padding -- 4.3 Data Processing -- 4.4 Security of Spoed -- 5 Spoednic -- 5.1 Security of Spoednic -- 6 Security of Spoed (Theorem 2) -- 6.1 Security of Tweakable Keyed Compression Function -- 6.2 Proof of Theorem 2 -- 7 Security of Spoednic (Theorem 3) -- 7.1 Security of Tweakable Keyed Compression Function -- 7.2 Proof of Theorem 3 -- References -- Cryptographic Protocols -- Blind Password Registration for Two-Server Password Authenticated Key Exchange and Secret Sharing Protocols -- 1 Introduction -- 2 Preliminaries -- 2.1 Commitments -- 2.2 Zero Knowledge Proofs -- 3 Two-Server Blind Password Registration -- 3.1 Security Model for 2BPR Protocols -- 4 An Efficient Two-Server BPR Protocol -- 4.1 Protocol Overview -- 4.2 Two-Server BPR Specification -- 4.3 Security Analysis -- 5 Performance and Use with 2PAKE/2PASS Protocols -- 6 Conclusion -- References
  • Intro -- Preface -- Organization -- Contents -- Cryptanalysis -- Truncated and Multiple Differential Cryptanalysis of Reduced Round Midori128 -- 1 Introduction -- 2 Specifications of Midori128 -- 2.1 Notations -- 2.2 Specifications -- 3 A 10-round Differential of Midori128 -- 4 13-round Truncated Differential Cryptanalysis of Midori128 -- 5 Multiple Differential Cryptanalysis of Midori128 -- 6 Conclusion -- References -- Improved Linear Cryptanalysis of Round-Reduced ARIA -- 1 Introduction -- 2 Specification of ARIA -- 2.1 Notations -- 3 Linear Cryptanalysis -- 4 Linear Cryptanalysis of ARIA -- 4.1 Key Recovery Attacks on ARIA -- 4.2 Recovering the Master Key -- 5 Conclusion -- References -- Partial Key Exposure Attacks on CRT-RSA: General Improvement for the Exposed Least Significant Bits -- 1 Introduction -- 1.1 Background -- 1.2 Our Contributions -- 1.3 Organization -- 2 Preliminaries -- 3 Lattice Construction of the Takayasu-Kunihiro -- 4 Our Proposed Attack -- 4.1 An Observation of the Previous Lattice -- 4.2 Our Lattice Construction -- 5 Concluding Remarks -- References -- Cryptanalysis and Improved Construction of a Group Key Agreement for Secure Group Communication -- 1 Introduction -- 2 Preliminary -- 2.1 NTRU Public Key Cryptosystem -- 3 Description of an NTRU-Based Group Key Agreement -- 3.1 An NTRU-Based Group Key Agreement -- 4 Attack on NTRU-Based Group Key Agreement -- 4.1 Ciphertext-Only Attack -- 4.2 Further Analysis -- 4.3 Experiment Results -- 5 An Improved NTRU-Based Group Key Agreement -- 5.1 The Improved Group Key Agreement -- 5.2 Security Analysis -- 6 Conclusion -- References -- Enhanced Correlation Power Analysis by Biasing Power Traces -- 1 Introduction -- 1.1 Related Works -- 1.2 Our Contributions -- 1.3 Organization -- 2 The Statistical Characteristics of Power Traces -- 2.1 Composition of Power Consumption
  • Chip Authentication for E-Passports: PACE with Chip Authentication Mapping v2 -- 1 Introduction -- 2 Preliminaries -- 2.1 Bilinear Maps -- 2.2 Assumptions and Cryptographic Primitives -- 2.3 Security Model -- 3 Generic Version of the Chip Authentication Mapping -- 4 Conclusion -- References -- AEP-M: Practical Anonymous E-Payment for Mobile Devices Using ARM TrustZone and Divisible E-Cash -- 1 Introduction -- 1.1 Our Contribution -- 1.2 Related Work -- 2 Preliminaries -- 2.1 Notation -- 2.2 ARM TrustZone -- 2.3 Physical Unclonable Functions -- 3 System Model and Assumptions -- 3.1 System Model -- 3.2 Assumptions and Threat Model -- 4 AEP-M Scheme for Mobile Devices -- 4.1 The Architecture of Trusted Mobile Device -- 4.2 Key Derivation and Sensitive Data Management -- 4.3 The Details of AEP-M Scheme -- 4.4 Optional Defense Mechanisms and Security Analysis -- 5 Implementation and Evaluation -- 5.1 Implementation -- 5.2 Efficiency and Performance Evaluation -- 6 Conclusion -- References -- Universally Composable Two-Server PAKE -- 1 Introduction -- 2 Preliminaries and Building Blocks -- 2.1 Smooth Projective Hashing (SPHF) -- 2.2 Trapdoor Smooth Projective Hashing -- 2.3 Distributed Smooth Projective Hashing -- 2.4 Ideal Functionalities -- 3 Trapdoor Distributed Smooth Projective Hashing -- 3.1 Cramer-Shoup TD-SPHF -- 4 Universally Composable Two-Server PAKE -- 4.1 The Protocol -- 4.2 Ideal Functionality for 2PAKE -- 4.3 Security -- 5 F2PAKE Discussion -- 6 Conclusion -- References -- Yet Another Note on Block Withholding Attack on Bitcoin Mining Pools -- 1 Introduction -- 1.1 Contribution -- 2 Related Work -- 3 Preliminaries -- 3.1 Bitcoin Mining and Block Withholding Attack -- 3.2 Notations and Terminologies -- 4 Analysis of BWH Attack -- 5 Proposed Remedy to BWH Attack -- 6 Conclusion -- References -- Network and Systems Security and Access Control
  • Cyber Security Risk Assessment of a DDoS Attack -- 1 Introduction to InfoSec Risk Assessment -- 1.1 Distributed Denial of Service Attacks -- 1.2 Related Work in ISRA -- 2 Choice of Methods -- 2.1 Fundamentals of Risk Analysis -- 2.2 Proposed Methodology for Qualitative Risk Analysis -- 2.3 Methodology for Statistical Risk Analysis -- 3 Case Study: Qualitative Risk Assessment of a DDoS Attack -- 3.1 Events and Results -- 4 Quantitative Risk Analysis -- 4.1 Risk Calculations -- 4.2 Probabilistic Modeling for Risk Estimation -- 5 Discussion and Conclusion -- 5.1 Adjusting for Knowledge-Based Probability Estimations -- 5.2 Limitations and Future Work -- 5.3 Conclusion -- References -- Moving Target Defense Against Network Reconnaissance with Software Defined Networking -- 1 Introduction -- 2 Background -- 2.1 Moving Target Defense -- 2.2 Network Scan -- 2.3 Software-Defined Networking -- 3 System Architecture -- 3.1 Scan Sensor -- 3.2 Reflector -- 3.3 Shadow Network -- 4 Design and Implementation -- 4.1 Design Principles -- 4.2 Prototype Implementation -- 5 Evaluation -- 6 Related Work -- 7 Conclusion -- References -- Uni-ARBAC: A Unified Administrative Model for Role-Based Access Control -- 1 Introduction -- 2 Background and Related Work -- 3 The Uni-ARBAC Model -- 3.1 Uni-ARBAC Operational Model -- 3.2 Uni-ARBAC Administrative Model -- 3.3 Uni-ARBAC Invariants -- 4 Variations of Uni-ARBAC -- 4.1 Aggressive Inheritance Model -- 4.2 No Self-administration Model -- 5 Engineering Administrative Units -- 6 Conclusion -- References -- SKALD: A Scalable Architecture for Feature Extraction, Multi-user Analysis, and Real-Time Information Sharing -- 1 Introduction -- 2 System Overview -- 2.1 Planner -- 2.2 Planner Themes -- 2.3 Service -- 2.4 Transport -- 3 System Wide Aspects -- 3.1 Quality of Service -- 3.2 Access Control Layer -- 4 Evaluation