LEADER 13714nam 22009255 450 001 996465656903316 005 20200705231322.0 010 $a3-642-21040-6 024 7 $a10.1007/978-3-642-21040-2 035 $a(CKB)2670000000083941 035 $a(SSID)ssj0000576714 035 $a(PQKBManifestationID)11374572 035 $a(PQKBTitleCode)TC0000576714 035 $a(PQKBWorkID)10558326 035 $a(PQKB)11402201 035 $a(DE-He213)978-3-642-21040-2 035 $a(MiAaPQ)EBC6286281 035 $a(MiAaPQ)EBC5577642 035 $a(Au-PeEL)EBL5577642 035 $a(OCoLC)1066176750 035 $a(PPN)153869291 035 $a(EXLCZ)992670000000083941 100 $a20110602d2011 u| 0 101 0 $aeng 135 $aurnn#008mamaa 181 $ctxt 182 $cc 183 $acr 200 10$aInformation Security Theory and Practice: Security and Privacy of Mobile Devices in Wireless Communication$b[electronic resource] $e5th IFIP WG 11.2 International Workshop, WISTP 2011, Heraklion, Crete, Greece, June 1-3, 2011, Proceedings /$fedited by Claudio Agostino Ardagna, Jianying Zhou 205 $a1st ed. 2011. 210 1$aBerlin, Heidelberg :$cSpringer Berlin Heidelberg :$cImprint: Springer,$d2011. 215 $a1 online resource (XIII, 392 p.) 225 1 $aSecurity and Cryptology ;$v6633 300 $aBibliographic Level Mode of Issuance: Monograph 311 $a3-642-21039-2 327 $aIntro -- Title Page -- Preface -- Organization -- Table of Contents -- Keynote Speech -- Can Code Polymorphism Limit Information Leakage? -- Introduction -- Algorithmic Description -- Bucket Types -- Rewriting Algorithms -- Concrete Implementation -- Experimental Evaluation -- Performance -- Attacking a Standard aes Implementation -- Attacking an Unrolled aes Implementation -- Attacking a Polymorphic aes Implementation -- Can Lisp-Like Languages Help? -- Structure -- Step by Step Explanations -- Rewriter -- Results -- Possible Extensions -- Avoiding Code Growth -- Separating H From F_i -- Randomizing Compilers: A Practical Approach -- References -- Mobile Authentication and Access Control -- Mobile Electronic Identity: Securing Payment on Mobile Phones -- Introduction -- Present-Day Payment Solutions -- NFC -- Bluetooth -- SMS -- Other Solutions -- Using a HISP: Mixing Context, Human Trust and Security -- Choosing a HISP -- Tailoring a HISP -- The Human Contribution -- Demonstrating a HISP -- Reverse Authentication -- Implementation -- Implementation of Approach A -- Implementation of Approach B -- Security Analysis -- Phishing/Credential Harvesting -- Malware -- Man in the Middle -- Conclusion -- References -- Role-Based Secure Inter-operation and Resource Usage Management in Mobile Grid Systems -- Introduction -- Relevant Work and Motivation -- The Proposed domRBAC Model for Modern Collaborative Systems -- domRBAC Elements -- domRBAC Definitions -- Use Cases -- Use Case 1: Resource Usage Management -- Use Case 2: Security Violation -- Conclusion -- References -- Lightweight Authentication -- SSL/TLS Session-Aware User Authentication Using a GAA Bootstrapped Key -- Introduction -- Background -- Man in the Middle Attacks -- Generic Authentication Architecture -- Related Work -- TLS-SA Using a GAA Bootstrapped Key -- The Basic Scheme. 327 $aVariants -- Analysis -- Informal Security Analysis -- Security-Efficiency Trade-Offs -- Conclusions -- References -- An Almost-Optimal Forward-Private RFID Mutual Authentication Protocol with Tag Control -- Introduction -- Security Model -- Tools -- Protocol Description -- Properties -- Security Reductions -- Conclusions -- References -- Affiliation-Hiding Authentication with Minimal Bandwidth Consumption -- Introduction -- Linkable vs. Unlinkable AHA -- The Challenge of Group Discovery -- Related Work -- Contributions and Organization -- Non-Interactive Key Distribution -- Definition and Security Model of NIKDS -- A Construction of NIKDS Based on Bilinear Maps (Pairings) -- Our Affiliation-Hiding Authentication Protocol -- Syntax of AHA -- Protocol Definition -- Correctness, Efficiency, and Parameter Selection -- Security Model for AHA -- Adversary Model -- Linkable Affiliation-Hiding Security -- Security Analysis of Our Protocol -- Conclusion -- References -- Algorithms -- Formal Framework for the Evaluation of Waveform Resynchronization Algorithms -- Introduction -- Resynchronization Algorithms -- Problem Statement -- AOC: Amplitude-Only Correlation -- POC: Phase-Only Correlation -- POC Flaw and Threshold-POC -- Complexity of AOC, POC and T-POC -- Evaluation of Resynchronization Algorithms -- Formal Framework -- Benchmarking of Representative Waveforms -- Conclusions and Perspectives -- References -- Solving DLP with Auxiliary Input over an Elliptic Curve Used in TinyTate Library -- Introduction -- Preliminaries -- Discrete Logarithm Problem with Auxiliary Input (DLPwAI) -- Cheon's Algorithm -- DLPwAI in Cryptographic Schemes -- Implementation -- BSGS Algorithm -- KKM Improvement -- Experimental Results -- Parameters -- Results -- Estimations -- Concluding Remarks -- References. 327 $aInformation Leakage Discovery Techniques to Enhance Secure Chip Design -- Introduction -- EMA Analysis as a Design Phase -- Electromagnetic Emission Analysis -- Information Finding Algorithm -- Complexity Analysis -- Experimental Validation -- Workbench -- Experimental Results -- Conclusion -- References -- Hardware Implementation -- A Cryptographic Processor for Low-Resource Devices: Canning ECDSA and AES Like Sardines -- Introduction -- Related Work -- System Overview -- Hardware Architecture -- Arithmetic-Level Implementation -- Algorithm-Level Implementation -- The SHA-1 Algorithm -- The AES Algorithm -- ECC Scalar Multiplication -- ECDSA Implementation -- Results -- Conclusions -- References -- An Evaluation of Hash Functions on a Power Analysis Resistant Processor Architecture -- Introduction -- Background -- Side-Channel Attacks on Hash Functions -- The Power-Trust Platform -- Our Variant of the Power-Trust Platform -- Implementation of Hash Functions on the Power-Trust Platform -- Results -- Instruction Set Agility -- Performance -- Conclusions -- References -- A Comparison of Post-Processing Techniques for Biased Random Number Generators -- Introduction -- Known Techniques for De-Biasing -- Compression with Cryptographic Hash -- Compression Using the Von Neumann Corrector -- Compression Based on Good Linear Codes -- Comparison of Random Bias of Different Post-Processing Functions -- Comparison of Adversary Bias of Different Post-Processing Functions -- Adversary Bias after Linear Compression -- Adversary Bias after Von Neumann Compression -- Linear Compression Outperforming the Von-Neumann Compression -- The Use of Linear Codes with Large d -- Implementation -- Construction of Linear Corrector Functions Based on Cyclic Codes -- Resource Utilization -- Conclusion -- References -- Security and Cryptography. 327 $aAES Variants Secure against Related-Key Differential and Boomerang Attacks -- Introduction -- Our Contribution -- Framework for Protection against Related Key Differential and Boomerang Attacks -- Some Definitions and Notation -- Protection against Related-Key Differential Attack of [4] -- Protection against Related-Key Boomerang Attack of [3] -- Security of Improved May et al.'s AES Key Schedule against Related-key Attack -- Equivalent Keys in May et al.'s Key Schedule -- An Improved May et al.'s Key Schedule -- Improved May et al.'s Key Schedule is Secure against Related-Key Differential Attack -- Improved May et al.'s Key Schedule is Secure against Related-Key Boomerang Attack -- A New On-the-fly Key Schedule for AES Secure against Related-Key Differential and Boomerang Attacks -- Hardware Implementation -- References -- Leakage Squeezing Countermeasure against High-Order Attacks -- Introduction -- State of the Art -- First Order Masking Overview -- Vulnerability of the Masking against 1O-Attacks -- Vulnerability of the Masking against 2O-Attacks -- Proposed Masking Method for ``Leakage Squeezing'' -- Masking Principle -- Formal Security Assessment and Motivation for Some Bijections -- Experiments on Masked DES Implementations -- ROM Implementation -- USM Implementation -- Complexity and Throughput Results -- Information-Theoretic Evaluation of the Proposed Solutions -- Evaluation of the Implementations against 2O-Attacks -- Conclusion and Perspectives -- References -- Security Attacks and Measures (Short Papers) -- Differential Fault Analysis of the Advanced Encryption Standard Using a Single Fault -- Introduction -- Background -- The Advanced Encryption Standard -- The Fault Model -- The Fault Analysis -- The First Step of the Fault Attack -- Analysis of the First Step of the Fault Attack -- The Second Step of the Fault Attack. 327 $aAnalysis of the Second Step of the Fault Attack -- Attacking other Bytes -- Comparison with Previous Work -- Conclusion -- References -- Entropy of Selectively Encrypted Strings -- Introduction -- Terminology and Definitions -- Languages -- Entropy -- Selective Encryption -- Confidentiality of Selective Encryption -- Zero- and First-Order Languages -- Second-Order Languages -- Third-Order Languages -- n-Order Languages -- Concluding Remarks -- References -- Practical Attacks on HB and HB+ Protocols -- Introduction -- Description of the HB and HB+ Protocols -- Passive Attacks on HB Protocol -- Simple Walker Algorithm -- k-Basis Walker Algorithm -- Algorithm Analysis -- Experimental Results -- Conclusions -- References -- Attacks on a Lightweight Mutual Authentication Protocol under EPC C-1 G-2 Standard -- Introduction -- Review SRP -- Initialization Phase -- The (i+1)th Authentication Round -- Vulnerabilities of SRP -- Reveal EPC_s -- Privacy Analysis -- Revised Protocol -- Security Analysis -- Conclusion -- References -- Security Attacks -- A SMS-Based Mobile Botnet Using Flooding Algorithm -- Introduction -- Background and Motivation -- Related Works -- Challenging Issues -- Our Works and Contributions -- The Overview of the Proposed SMS-Based Botnet -- Stealthiness Study -- Topology Study Based on Simulation -- Simulation Setup -- Simulation Results -- Botnet Construction -- Botnet Maintaining -- Defense Strategies -- Conclusion -- References -- FIRE: Fault Injection for Reverse Engineering -- Introduction -- State of the Art -- Physical Attacks on Cryptographic Systems -- Solving Linear Boolean Systems -- The Case of DES -- The Case of AES -- Fault Injection -- Translation of the FI into Equations -- Random and unknown Faults -- SCARE Conclusion of a FIRE Attack -- Results with Various Fault Models and Contexts -- Conclusion -- References. 327 $aHardware Trojan Side-Channels Based on Physical Unclonable Functions. 330 $aThis volume constitutes the refereed proceedings of the 5th IFIP WG 11.2 International Workshop on Information Security Theory and Practices: Security and Privacy of Mobile Devices in Wireless Communication, WISTP 2011, held in Heraklion, Crete, Greece, in June 2011. The 19 revised full papers and 8 short papers presented together with a keynote speech were carefully reviewed and selected from 80 submissions. They are organized in topical sections on mobile authentication and access control, lightweight authentication, algorithms, hardware implementation, security and cryptography, security attacks and measures, security attacks, security and trust, and mobile application security and privacy. 410 0$aSecurity and Cryptology ;$v6633 606 $aComputer communication systems 606 $aManagement information systems 606 $aComputer science 606 $aData encryption (Computer science) 606 $aAlgorithms 606 $aComputer security 606 $aComputers and civilization 606 $aComputer Communication Networks$3https://scigraph.springernature.com/ontologies/product-market-codes/I13022 606 $aManagement of Computing and Information Systems$3https://scigraph.springernature.com/ontologies/product-market-codes/I24067 606 $aCryptology$3https://scigraph.springernature.com/ontologies/product-market-codes/I28020 606 $aAlgorithm Analysis and Problem Complexity$3https://scigraph.springernature.com/ontologies/product-market-codes/I16021 606 $aSystems and Data Security$3https://scigraph.springernature.com/ontologies/product-market-codes/I28060 606 $aComputers and Society$3https://scigraph.springernature.com/ontologies/product-market-codes/I24040 615 0$aComputer communication systems. 615 0$aManagement information systems. 615 0$aComputer science. 615 0$aData encryption (Computer science). 615 0$aAlgorithms. 615 0$aComputer security. 615 0$aComputers and civilization. 615 14$aComputer Communication Networks. 615 24$aManagement of Computing and Information Systems. 615 24$aCryptology. 615 24$aAlgorithm Analysis and Problem Complexity. 615 24$aSystems and Data Security. 615 24$aComputers and Society. 676 $a621 702 $aArdagna$b Claudio Agostino$4edt$4http://id.loc.gov/vocabulary/relators/edt 702 $aZhou$b Jianying$4edt$4http://id.loc.gov/vocabulary/relators/edt 712 12$aWISTP (Conference) 801 0$bMiAaPQ 801 1$bMiAaPQ 801 2$bMiAaPQ 906 $aBOOK 912 $a996465656903316 996 $aInformation Security Theory and Practice: Security and Privacy of Mobile Devices in Wireless Communication$92830293 997 $aUNISA