Info
- Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.
Blockchain gaps : from myth to real life / / Shin'ichiro Matsuo, Nat Sakimura, editors
| Blockchain gaps : from myth to real life / / Shin'ichiro Matsuo, Nat Sakimura, editors |
| Pubbl/distr/stampa | Singapore : , : Springer, , [2021] |
| Descrizione fisica | 1 online resource (114 pages) |
| Disciplina | 005.74 |
| Collana | Future of business and finance |
| Soggetto topico |
Blockchains (Databases)
Bitcoin Database security |
| ISBN | 981-336-052-6 |
| Formato | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Record Nr. | UNINA-9910484308503321 |
| Singapore : , : Springer, , [2021] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Financial Cryptography and Data Security [[electronic resource] ] : FC 2020 International Workshops, AsiaUSEC, CoDeFi, VOTING, and WTSC, Kota Kinabalu, Malaysia, February 14, 2020, Revised Selected Papers / / edited by Matthew Bernhard, Andrea Bracciali, L. Jean Camp, Shin'ichiro Matsuo, Alana Maurushat, Peter B. Rønne, Massimiliano Sala
| Financial Cryptography and Data Security [[electronic resource] ] : FC 2020 International Workshops, AsiaUSEC, CoDeFi, VOTING, and WTSC, Kota Kinabalu, Malaysia, February 14, 2020, Revised Selected Papers / / edited by Matthew Bernhard, Andrea Bracciali, L. Jean Camp, Shin'ichiro Matsuo, Alana Maurushat, Peter B. Rønne, Massimiliano Sala |
| Edizione | [1st ed. 2020.] |
| Pubbl/distr/stampa | Cham : , : Springer International Publishing : , : Imprint : Springer, , 2020 |
| Descrizione fisica | 1 online resource (XXIV, 622 p. 838 illus., 81 illus. in color.) |
| Disciplina | 005.82 |
| Collana | Security and Cryptology |
| Soggetto topico |
Data encryption (Computer science)
Computer organization Data structures (Computer science) Computer security Cryptology Computer Systems Organization and Communication Networks Data Structures and Information Theory Systems and Data Security |
| ISBN | 3-030-54455-9 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Tale of Two Browsers: Understanding Users' Web Browser Choices in South Korea -- User-Centered Risk Communication for Safer Browsing -- The Effects of Cue Utilization and Cognitive Load in the Detection of Phishing Emails -- Cue Utilization, Phishing Feature and Phishing Email Detection -- Dis-Empowerment Online- An Investigation of Privacy & Sharing Perceptions & Method Preferences -- Security and Privacy Awareness in Smart Environments – A Cross-Country Investigation -- Understanding Perceptions of Smart Devices -- In Our Employer We Trust: Mental Models of Office Worker’s Privacy Perceptions -- Behaviour of Outsourced Employees as Sources of Information System Security Threats -- Exploring Effects of Auditory Stimuli on CAPTCHA Performance -- PassPage: Graphical Password Authentication Scheme Based on Web Browsing Records -- Empathy as a Response to Frustration in Password Choice -- Fixing the Fixes: Assessing the Solutions of SAST Tools for Securing Password Storage -- Incorporating Psychology into Cyber Security Education: A Pedagogical Approach -- Effectiveness of multi-stakeholder discussions for decentralized finance: a conference report of CoDeFi 2020 -- Multistakeholder Governance for the Internet -- Future of Finance: From G20 to practical implementation of multi-stakeholder governance on blockchain based finance -- Securing Cryptocurrency Exchange: Building up Standard from Huge Failures -- Origami voting: a non-cryptographic approach to transparent ballot verification -- Towards Improving the Efficacy of Code-Based Verification in Internet Voting -- Mechanized Proofs of Verifiability and Privacy in a paper-based e-voting Scheme -- Sets of Half-Average Nulls Generate Risk-Limiting Audits: SHANGRLA -- A Note on Risk-Limiting Bayesian Polling Audits for Two-Candidate Elections -- Vote selling resistant voting -- An Update on Marked Mix-Nets: An Attack, A Fix and PQ Possibilities -- Performance of Shuffling: Taking it to the Limits -- Characterizing Types of Smart Contracts in the Ethereum Landscape -- Smart Contract Development from the Perspective of Developers: Topics and Issues Discussed on Social Media -- Bypassing Non-Outsourceable Proof-of-Work Schemes Using Collateralized Smart Contracts -- Scalable Open-Vote Network on Ethereum -- How to Dynamically Incentivize Sufficient Level of IoT Securitx -- Confidential and auditable payments -- MAPPCN: Multi-hop Anonymous and Privacy-Preserving Payment Channel Network -- Marlowe: implementing and analysing financial contracts on blockchain -- Load Balancing for Sharded Blockchains -- The Extended UTXO Model -- Privacy-Preserving Cross-Chain Atomic Swaps -- A Blockchain Based Approach to Resource Sharing in Smart Neighbourhoods -- Enforcing Determinism of Java Smart Contracts -- Albert, an intermediate smart-contract language for the Tezos blockchain -- A Formally Verified Static Analysis Framework for Compositional Contracts. |
| Record Nr. | UNINA-9910416086503321 |
| Cham : , : Springer International Publishing : , : Imprint : Springer, , 2020 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Financial Cryptography and Data Security [[electronic resource] ] : FC 2020 International Workshops, AsiaUSEC, CoDeFi, VOTING, and WTSC, Kota Kinabalu, Malaysia, February 14, 2020, Revised Selected Papers / / edited by Matthew Bernhard, Andrea Bracciali, L. Jean Camp, Shin'ichiro Matsuo, Alana Maurushat, Peter B. Rønne, Massimiliano Sala
| Financial Cryptography and Data Security [[electronic resource] ] : FC 2020 International Workshops, AsiaUSEC, CoDeFi, VOTING, and WTSC, Kota Kinabalu, Malaysia, February 14, 2020, Revised Selected Papers / / edited by Matthew Bernhard, Andrea Bracciali, L. Jean Camp, Shin'ichiro Matsuo, Alana Maurushat, Peter B. Rønne, Massimiliano Sala |
| Edizione | [1st ed. 2020.] |
| Pubbl/distr/stampa | Cham : , : Springer International Publishing : , : Imprint : Springer, , 2020 |
| Descrizione fisica | 1 online resource (XXIV, 622 p. 838 illus., 81 illus. in color.) |
| Disciplina | 005.82 |
| Collana | Security and Cryptology |
| Soggetto topico |
Data encryption (Computer science)
Computer organization Data structures (Computer science) Computer security Cryptology Computer Systems Organization and Communication Networks Data Structures and Information Theory Systems and Data Security |
| ISBN | 3-030-54455-9 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Tale of Two Browsers: Understanding Users' Web Browser Choices in South Korea -- User-Centered Risk Communication for Safer Browsing -- The Effects of Cue Utilization and Cognitive Load in the Detection of Phishing Emails -- Cue Utilization, Phishing Feature and Phishing Email Detection -- Dis-Empowerment Online- An Investigation of Privacy & Sharing Perceptions & Method Preferences -- Security and Privacy Awareness in Smart Environments – A Cross-Country Investigation -- Understanding Perceptions of Smart Devices -- In Our Employer We Trust: Mental Models of Office Worker’s Privacy Perceptions -- Behaviour of Outsourced Employees as Sources of Information System Security Threats -- Exploring Effects of Auditory Stimuli on CAPTCHA Performance -- PassPage: Graphical Password Authentication Scheme Based on Web Browsing Records -- Empathy as a Response to Frustration in Password Choice -- Fixing the Fixes: Assessing the Solutions of SAST Tools for Securing Password Storage -- Incorporating Psychology into Cyber Security Education: A Pedagogical Approach -- Effectiveness of multi-stakeholder discussions for decentralized finance: a conference report of CoDeFi 2020 -- Multistakeholder Governance for the Internet -- Future of Finance: From G20 to practical implementation of multi-stakeholder governance on blockchain based finance -- Securing Cryptocurrency Exchange: Building up Standard from Huge Failures -- Origami voting: a non-cryptographic approach to transparent ballot verification -- Towards Improving the Efficacy of Code-Based Verification in Internet Voting -- Mechanized Proofs of Verifiability and Privacy in a paper-based e-voting Scheme -- Sets of Half-Average Nulls Generate Risk-Limiting Audits: SHANGRLA -- A Note on Risk-Limiting Bayesian Polling Audits for Two-Candidate Elections -- Vote selling resistant voting -- An Update on Marked Mix-Nets: An Attack, A Fix and PQ Possibilities -- Performance of Shuffling: Taking it to the Limits -- Characterizing Types of Smart Contracts in the Ethereum Landscape -- Smart Contract Development from the Perspective of Developers: Topics and Issues Discussed on Social Media -- Bypassing Non-Outsourceable Proof-of-Work Schemes Using Collateralized Smart Contracts -- Scalable Open-Vote Network on Ethereum -- How to Dynamically Incentivize Sufficient Level of IoT Securitx -- Confidential and auditable payments -- MAPPCN: Multi-hop Anonymous and Privacy-Preserving Payment Channel Network -- Marlowe: implementing and analysing financial contracts on blockchain -- Load Balancing for Sharded Blockchains -- The Extended UTXO Model -- Privacy-Preserving Cross-Chain Atomic Swaps -- A Blockchain Based Approach to Resource Sharing in Smart Neighbourhoods -- Enforcing Determinism of Java Smart Contracts -- Albert, an intermediate smart-contract language for the Tezos blockchain -- A Formally Verified Static Analysis Framework for Compositional Contracts. |
| Record Nr. | UNISA-996418306203316 |
| Cham : , : Springer International Publishing : , : Imprint : Springer, , 2020 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Financial Cryptography and Data Security. FC 2023 International Workshops [[electronic resource] ] : Voting, CoDecFin, DeFi, WTSC, Bol, Brač, Croatia, May 5, 2023, Revised Selected Papers / / edited by Aleksander Essex, Shin'ichiro Matsuo, Oksana Kulyk, Lewis Gudgeon, Ariah Klages-Mundt, Daniel Perez, Sam Werner, Andrea Bracciali, Geoff Goodell
| Financial Cryptography and Data Security. FC 2023 International Workshops [[electronic resource] ] : Voting, CoDecFin, DeFi, WTSC, Bol, Brač, Croatia, May 5, 2023, Revised Selected Papers / / edited by Aleksander Essex, Shin'ichiro Matsuo, Oksana Kulyk, Lewis Gudgeon, Ariah Klages-Mundt, Daniel Perez, Sam Werner, Andrea Bracciali, Geoff Goodell |
| Autore | Essex Aleksander |
| Edizione | [1st ed. 2024.] |
| Pubbl/distr/stampa | Cham : , : Springer Nature Switzerland : , : Imprint : Springer, , 2024 |
| Descrizione fisica | 1 online resource (516 pages) |
| Disciplina | 005.824 |
| Altri autori (Persone) |
MatsuoShin'ichiro
KulykOksana GudgeonLewis Klages-MundtAriah PerezDaniel WernerSam BraccialiAndrea GoodellGeoff |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Cryptography
Data encryption (Computer science) Cryptology |
| ISBN | 3-031-48806-7 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- VOTING 2023 Preface -- VOTING 2023 Organization -- CoDecFin 2023 4th Workshop on Coordination of Decentralized Finance -- CoDecFin 2023 Organization -- DeFi 2023 Preface -- DeFi 2023 Organization -- WTSC 2023 7th International Workshop on Trusted Smart Contracts -- WTSC 2023 Organization -- Contents -- Voting -- Belenios with Cast as Intended -- 1 Introduction -- 2 Protocol Description -- 2.1 Participants and Setup -- 2.2 Voting Phase -- 2.3 Tally Phase -- 2.4 Usability Considerations -- 3 Security Analysis -- 3.1 ProVerif -- 3.2 How to Overcome ProVerif's Limitations? -- 3.3 Security Analysis and Result -- 4 Efficiency Considerations -- References -- On the Auditability of the Estonian IVXV System -- 1 Introduction -- 1.1 E-Voting in Estonia -- 1.2 The IVXV System -- 2 Scope, Methodology, and Contributions -- 3 Flaw in Individual Verifiability -- 3.1 Attack 1: Discarding a Vote -- 3.2 Attack 2: Changing a Vote with Knowledge of the Private Key -- 3.3 Attack 3: Changing a Vote Without Knowledge of the Private Key -- 3.4 Computational Condition for Precision Attacks -- 3.5 Solution -- 3.6 Why wasn't This Already Noted? -- 4 Analysis with Regards to Haines and Roenne 2021 -- 5 Conclusion -- References -- Coercion-Resistant Cast-as-Intended Verifiability for Computationally Limited Voters -- 1 Introduction -- 1.1 On the Limitations of the Coercion and of Voters' Capabilities -- 1.2 Related Work -- 1.3 Contributions and Organization of the Paper -- 2 Definitions -- 2.1 Cast-as-Intended Verifiability -- 2.2 Coercion-Resistance -- 3 A Construction for Limited Voters -- 3.1 The Protocol (for ElGamal Ciphertexts) -- 3.2 Cast-as-Intended Verifiability of the Proposed Protocol -- 3.3 Coercion-Resistance of the Proposed Protocol -- 4 Discussion and Conclusions -- 4.1 Practical Considerations.
4.2 Comparison with Bingo Voting: On the Necessity of OED -- References -- Private Internet Voting on Untrusted Voting Devices -- 1 Introduction -- 1.1 Election Model and Voting Procedure -- 1.2 Contribution and Overview -- 2 Cryptographic Background -- 2.1 ElGamal Encryptions -- 2.2 BLS Signatures -- 2.3 Non-interactive Zero-Knowledge Proofs -- 2.4 Verifiable Mix-Nets -- 3 Protocol Description -- 3.1 Election Parameters -- 3.2 Protocol Parties and Communication -- 3.3 General Protocol Idea -- 3.4 Pre-election Phase -- 3.5 Election Phase -- 3.6 Post-election Phase -- 4 Security Discussion -- 5 Conclusion -- References -- Overstatement-Net-Equivalent Risk-Limiting Audit: ONEAudit -- 1 Introduction: Efficient Risk-Limiting Audits -- 2 Testing Net Overstatement Does Not Require CVRs Linked to Ballot Cards -- 2.1 Warmup: 2-Candidate Plurality Contest -- 2.2 Numerical Example -- 2.3 The General Case -- 3 Auditing Using Batch Subtotals -- 3.1 Numerical Case Studies -- 4 Auditing Heterogenous Voting Systems -- 5 Sample Sizes for Contest-Level ONE CLCA Vs. BPA -- 5.1 Theory -- 5.2 Numerical Comparison -- 6 Conclusions -- References -- Risk-Limiting Audits for Condorcet Elections -- 1 Introduction -- 2 Preliminaries -- 2.1 Instant-Runoff Voting (IRV) -- 3 Risk-Limiting Audits for Condorcet Winners -- 4 Risk-Limiting Audits for Ranked Pairs Elections -- 4.1 Assertions and Assorters for Transitive Inferences -- 4.2 Correctness of Audit Assertions -- 5 RLAs for Minimax Elections -- 6 Smith -- 7 Kemeny-Young -- 8 Other Condorcet Methods -- 9 Results -- 9.1 IRV vs Ranked Pairs -- 9.2 Elections Without a Condorcet Winner -- 10 Conclusion -- References -- COBRA: Comparison-Optimal Betting for Risk-Limiting Audits -- 1 Introduction -- 2 Notation -- 2.1 Population and Parameters -- 2.2 Audit Data -- 2.3 Risk Measurement via Betting Supermartingales -- 3 Oracle Betting. 3.1 Error-Free CVRs -- 3.2 Betting with CVR Error -- 3.3 Relation to ALPHA -- 4 Betting in Practice -- 4.1 Fixed Betting -- 4.2 Adaptive Betting -- 4.3 Diversified Betting -- 5 Numerical Evaluations -- 5.1 Oracle Simulations -- 5.2 Practical Simulations -- 6 Extensions -- 6.1 Betting While Sampling Without Replacement -- 6.2 Other Social Choice Functions -- 6.3 Batch-Level Comparison Audits -- 7 Conclusions -- References -- CoDecFin -- Shaping Cryptocurrency Gatekeepers with a Regulatory ``Trial and Error'' -- 1 Introduction -- 2 Background -- 2.1 Exchanges as Gatekeepers of Illicit Financial Proceeds -- 2.2 The Current Risks of Terrorist Financing -- 3 Regulation Beyond the ``Wait and See'' Approach -- 3.1 The Inconsistency in Terms and Definitions -- 3.2 International and European Approaches to AML/CFT -- 4 Repercussions of the Ongoing ``Trial and Error'' Phase -- 4.1 The Lack of Consensus and Legal Uniformity -- 4.2 Enforcement Issues with Texts and Actual Compliance -- 4.3 The Sunrise Issue -- 4.4 The Burden of Compliance on Small/Medium Exchanges -- 5 The Future of Policymaking -- 5.1 Common Regulatory Practices in Need of Change -- 5.2 The Markets in Crypto-Assets Regulation -- 5.3 The Transfer of Funds Regulation -- 5.4 The Role of Law Enforcement -- 6 Conclusion -- References -- A First Dive into OFAC in DeFi Space -- 1 Introduction -- 2 Scope of Jurisdiction -- 2.1 Towards Chain -- 2.2 Towards Cryptocurrency -- 2.3 Towards DApp -- 3 Discussion -- References -- Proposal of Principles of DeFi Disclosure and Regulation -- 1 Introduction -- 2 Benefits, Advantages, and Possibilities of DeFi -- 3 Challenges, Risks, and Questions Related to DeFi -- 3.1 Lack of AML/KYC -- 3.2 Hacking -- 3.3 Is It Really ``Decentralized''? -- 3.4 Is It Really ``Traceable''?, Is It ``Accessible to All''? -- 3.5 Market Manipulation and Difficulties in Investigation. 3.6 Does It Really Contribute to ``Financial Inclusion''? -- 3.7 Operational Risk in DeFi -- 3.8 Characteristics of Procyclicality and the Potential for Systemic Risk Associated with It -- 3.9 Lack of Ability to Address Risks Associated with Information Asymmetry -- 4 Implications for Regulatory Consideration -- 4.1 Innovation Trilemma -- 4.2 Perspectives on Whether Financial Regulations Should Be Applied -- 4.3 Need for Regulation for Providers of Financial Functions -- 4.4 How to Ensure AML/CFT -- 5 Proposal of Principles of DeFi Disclosure and Regulation -- 6 Conclusion -- References -- The Hidden Shortcomings of (D)AOs - An Empirical Study of On-Chain Governance -- 1 Introduction -- 2 Related Work -- 3 Methodology and Dataset -- 3.1 Data Collection -- 3.2 Dataset -- 4 Distribution of Voting Power -- 5 Structure of Voting Power Delegation -- 6 Governance Participation -- 7 Pointless Governance Transactions -- 8 Monetary Price of Governance -- 8.1 Price of Governance Transactions -- 8.2 Price of Transfer Overhead -- 9 Conclusion -- A Short Description of Analyzed DAOs -- B Computing the Cost of Governance -- C Computing the Overhead Cost of Governance -- References -- An Intrinsic Mechanism Deciding Hash Rates from Bitcoin Price -- 1 Introduction -- 2 Rational Choice of Hash Rates -- 2.1 Model of Blockchain Network -- 2.2 Single-Period Mining -- 2.3 Multi-period Mining and Dynamic Programming -- 2.4 Myopic Decision of Hash Rates with Isoelastic Utility Functions -- 2.5 Mean-Variance Approximation and Miners' Hash Rates -- 2.6 Rational Network Hash Rate in Blockchain Network -- 3 Conclusion -- References -- Stablecoins: Past, Present, and Future -- 1 Introduction -- 2 Where They Came from and Why -- 3 Current State of Stablecoins -- 4 Stablecoin Classification -- 5 The Collapse of Luna -- 6 Future Directions -- 7 Conclusion. FTX Collapse: A Ponzi Story -- 1 Introduction -- 2 What is Ponzi? -- 3 The FTX Collapse -- 4 Future Directions -- 5 Concluding Remarks -- References -- Policy Design of Retail Central Bank Digital Currencies: Embedding AML/CFT Compliance -- 1 Introduction -- 2 Proposed CBDC Model Structure and Associated AML/CFT Limitations -- 3 Total Cost Structure of CBDC -- 4 Current AML/CFT Mechanism -- 4.1 Stakeholders -- 4.2 Process -- 4.3 Cost Structures and Incentives -- 4.4 Professional Resources in AML/CFT Measures -- 5 AML/CFT Mechanisms in Retail CBDC Projects -- 6 Feasibility of the AML/CFT System Associated with CBDC -- 6.1 Tiered System Based on the Level of Assurance -- 6.2 Collective Customer Due Diligence -- 6.3 Automated Analysis and Evaluation -- 6.4 Judgment and Reporting -- 7 Conclusion -- Appendix A. Generalized AML/CFT Process -- Appendix B. High Performing FIU (Israel, Italy, and Spain) -- Appendix C. Compliance Cost of the Financial Institutions -- Appendix D. Compliance Cost of the Financial Institutions -- Appendix E. Number of Certified Anti-money Laundering Specialists Graduate List (Top 15 Countries/Regions) -- Appendix F. Current AML/CFT Measures in Two-Tiered Retail CBDC -- References -- DeFi -- Uniswap Liquidity Provision: An Online Learning Approach -- 1 Introduction -- 2 Uniswap Overview -- 2.1 Uniswap v3 - Concentrated Liquidity -- 3 Online Learning Model -- 3.1 Reward Function -- 4 Static Strategies -- 4.1 n= -- 4.2 n < -- -- 5 Adaptive Strategy -- 6 Conclusions -- A Reward Function Derivation -- A.1 Trading Fees -- A.2 Change in Value -- A.3 Total Reward -- B Proofs for Section4 -- B.1 Lemma 1 -- B.2 Lemma 2 -- B.3 Theorem 1 -- C Analysis of Algorithm 1 -- References -- Extended Abstract: The Effect of Trading Fees on Arbitrage Profits in Automated Market Makers -- 1 Introduction -- 2 Model -- 3 Results. 4 Conclusion. |
| Record Nr. | UNINA-9910767524503321 |
Essex Aleksander
|
||
| Cham : , : Springer Nature Switzerland : , : Imprint : Springer, , 2024 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Financial Cryptography and Data Security. FC 2023 International Workshops [[electronic resource] ] : Voting, CoDecFin, DeFi, WTSC, Bol, Brač, Croatia, May 5, 2023, Revised Selected Papers / / edited by Aleksander Essex, Shin'ichiro Matsuo, Oksana Kulyk, Lewis Gudgeon, Ariah Klages-Mundt, Daniel Perez, Sam Werner, Andrea Bracciali, Geoff Goodell
| Financial Cryptography and Data Security. FC 2023 International Workshops [[electronic resource] ] : Voting, CoDecFin, DeFi, WTSC, Bol, Brač, Croatia, May 5, 2023, Revised Selected Papers / / edited by Aleksander Essex, Shin'ichiro Matsuo, Oksana Kulyk, Lewis Gudgeon, Ariah Klages-Mundt, Daniel Perez, Sam Werner, Andrea Bracciali, Geoff Goodell |
| Autore | Essex Aleksander |
| Edizione | [1st ed. 2024.] |
| Pubbl/distr/stampa | Cham : , : Springer Nature Switzerland : , : Imprint : Springer, , 2024 |
| Descrizione fisica | 1 online resource (516 pages) |
| Disciplina | 005.824 |
| Altri autori (Persone) |
MatsuoShin'ichiro
KulykOksana GudgeonLewis Klages-MundtAriah PerezDaniel WernerSam BraccialiAndrea GoodellGeoff |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Cryptography
Data encryption (Computer science) Cryptology |
| ISBN | 3-031-48806-7 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- VOTING 2023 Preface -- VOTING 2023 Organization -- CoDecFin 2023 4th Workshop on Coordination of Decentralized Finance -- CoDecFin 2023 Organization -- DeFi 2023 Preface -- DeFi 2023 Organization -- WTSC 2023 7th International Workshop on Trusted Smart Contracts -- WTSC 2023 Organization -- Contents -- Voting -- Belenios with Cast as Intended -- 1 Introduction -- 2 Protocol Description -- 2.1 Participants and Setup -- 2.2 Voting Phase -- 2.3 Tally Phase -- 2.4 Usability Considerations -- 3 Security Analysis -- 3.1 ProVerif -- 3.2 How to Overcome ProVerif's Limitations? -- 3.3 Security Analysis and Result -- 4 Efficiency Considerations -- References -- On the Auditability of the Estonian IVXV System -- 1 Introduction -- 1.1 E-Voting in Estonia -- 1.2 The IVXV System -- 2 Scope, Methodology, and Contributions -- 3 Flaw in Individual Verifiability -- 3.1 Attack 1: Discarding a Vote -- 3.2 Attack 2: Changing a Vote with Knowledge of the Private Key -- 3.3 Attack 3: Changing a Vote Without Knowledge of the Private Key -- 3.4 Computational Condition for Precision Attacks -- 3.5 Solution -- 3.6 Why wasn't This Already Noted? -- 4 Analysis with Regards to Haines and Roenne 2021 -- 5 Conclusion -- References -- Coercion-Resistant Cast-as-Intended Verifiability for Computationally Limited Voters -- 1 Introduction -- 1.1 On the Limitations of the Coercion and of Voters' Capabilities -- 1.2 Related Work -- 1.3 Contributions and Organization of the Paper -- 2 Definitions -- 2.1 Cast-as-Intended Verifiability -- 2.2 Coercion-Resistance -- 3 A Construction for Limited Voters -- 3.1 The Protocol (for ElGamal Ciphertexts) -- 3.2 Cast-as-Intended Verifiability of the Proposed Protocol -- 3.3 Coercion-Resistance of the Proposed Protocol -- 4 Discussion and Conclusions -- 4.1 Practical Considerations.
4.2 Comparison with Bingo Voting: On the Necessity of OED -- References -- Private Internet Voting on Untrusted Voting Devices -- 1 Introduction -- 1.1 Election Model and Voting Procedure -- 1.2 Contribution and Overview -- 2 Cryptographic Background -- 2.1 ElGamal Encryptions -- 2.2 BLS Signatures -- 2.3 Non-interactive Zero-Knowledge Proofs -- 2.4 Verifiable Mix-Nets -- 3 Protocol Description -- 3.1 Election Parameters -- 3.2 Protocol Parties and Communication -- 3.3 General Protocol Idea -- 3.4 Pre-election Phase -- 3.5 Election Phase -- 3.6 Post-election Phase -- 4 Security Discussion -- 5 Conclusion -- References -- Overstatement-Net-Equivalent Risk-Limiting Audit: ONEAudit -- 1 Introduction: Efficient Risk-Limiting Audits -- 2 Testing Net Overstatement Does Not Require CVRs Linked to Ballot Cards -- 2.1 Warmup: 2-Candidate Plurality Contest -- 2.2 Numerical Example -- 2.3 The General Case -- 3 Auditing Using Batch Subtotals -- 3.1 Numerical Case Studies -- 4 Auditing Heterogenous Voting Systems -- 5 Sample Sizes for Contest-Level ONE CLCA Vs. BPA -- 5.1 Theory -- 5.2 Numerical Comparison -- 6 Conclusions -- References -- Risk-Limiting Audits for Condorcet Elections -- 1 Introduction -- 2 Preliminaries -- 2.1 Instant-Runoff Voting (IRV) -- 3 Risk-Limiting Audits for Condorcet Winners -- 4 Risk-Limiting Audits for Ranked Pairs Elections -- 4.1 Assertions and Assorters for Transitive Inferences -- 4.2 Correctness of Audit Assertions -- 5 RLAs for Minimax Elections -- 6 Smith -- 7 Kemeny-Young -- 8 Other Condorcet Methods -- 9 Results -- 9.1 IRV vs Ranked Pairs -- 9.2 Elections Without a Condorcet Winner -- 10 Conclusion -- References -- COBRA: Comparison-Optimal Betting for Risk-Limiting Audits -- 1 Introduction -- 2 Notation -- 2.1 Population and Parameters -- 2.2 Audit Data -- 2.3 Risk Measurement via Betting Supermartingales -- 3 Oracle Betting. 3.1 Error-Free CVRs -- 3.2 Betting with CVR Error -- 3.3 Relation to ALPHA -- 4 Betting in Practice -- 4.1 Fixed Betting -- 4.2 Adaptive Betting -- 4.3 Diversified Betting -- 5 Numerical Evaluations -- 5.1 Oracle Simulations -- 5.2 Practical Simulations -- 6 Extensions -- 6.1 Betting While Sampling Without Replacement -- 6.2 Other Social Choice Functions -- 6.3 Batch-Level Comparison Audits -- 7 Conclusions -- References -- CoDecFin -- Shaping Cryptocurrency Gatekeepers with a Regulatory ``Trial and Error'' -- 1 Introduction -- 2 Background -- 2.1 Exchanges as Gatekeepers of Illicit Financial Proceeds -- 2.2 The Current Risks of Terrorist Financing -- 3 Regulation Beyond the ``Wait and See'' Approach -- 3.1 The Inconsistency in Terms and Definitions -- 3.2 International and European Approaches to AML/CFT -- 4 Repercussions of the Ongoing ``Trial and Error'' Phase -- 4.1 The Lack of Consensus and Legal Uniformity -- 4.2 Enforcement Issues with Texts and Actual Compliance -- 4.3 The Sunrise Issue -- 4.4 The Burden of Compliance on Small/Medium Exchanges -- 5 The Future of Policymaking -- 5.1 Common Regulatory Practices in Need of Change -- 5.2 The Markets in Crypto-Assets Regulation -- 5.3 The Transfer of Funds Regulation -- 5.4 The Role of Law Enforcement -- 6 Conclusion -- References -- A First Dive into OFAC in DeFi Space -- 1 Introduction -- 2 Scope of Jurisdiction -- 2.1 Towards Chain -- 2.2 Towards Cryptocurrency -- 2.3 Towards DApp -- 3 Discussion -- References -- Proposal of Principles of DeFi Disclosure and Regulation -- 1 Introduction -- 2 Benefits, Advantages, and Possibilities of DeFi -- 3 Challenges, Risks, and Questions Related to DeFi -- 3.1 Lack of AML/KYC -- 3.2 Hacking -- 3.3 Is It Really ``Decentralized''? -- 3.4 Is It Really ``Traceable''?, Is It ``Accessible to All''? -- 3.5 Market Manipulation and Difficulties in Investigation. 3.6 Does It Really Contribute to ``Financial Inclusion''? -- 3.7 Operational Risk in DeFi -- 3.8 Characteristics of Procyclicality and the Potential for Systemic Risk Associated with It -- 3.9 Lack of Ability to Address Risks Associated with Information Asymmetry -- 4 Implications for Regulatory Consideration -- 4.1 Innovation Trilemma -- 4.2 Perspectives on Whether Financial Regulations Should Be Applied -- 4.3 Need for Regulation for Providers of Financial Functions -- 4.4 How to Ensure AML/CFT -- 5 Proposal of Principles of DeFi Disclosure and Regulation -- 6 Conclusion -- References -- The Hidden Shortcomings of (D)AOs - An Empirical Study of On-Chain Governance -- 1 Introduction -- 2 Related Work -- 3 Methodology and Dataset -- 3.1 Data Collection -- 3.2 Dataset -- 4 Distribution of Voting Power -- 5 Structure of Voting Power Delegation -- 6 Governance Participation -- 7 Pointless Governance Transactions -- 8 Monetary Price of Governance -- 8.1 Price of Governance Transactions -- 8.2 Price of Transfer Overhead -- 9 Conclusion -- A Short Description of Analyzed DAOs -- B Computing the Cost of Governance -- C Computing the Overhead Cost of Governance -- References -- An Intrinsic Mechanism Deciding Hash Rates from Bitcoin Price -- 1 Introduction -- 2 Rational Choice of Hash Rates -- 2.1 Model of Blockchain Network -- 2.2 Single-Period Mining -- 2.3 Multi-period Mining and Dynamic Programming -- 2.4 Myopic Decision of Hash Rates with Isoelastic Utility Functions -- 2.5 Mean-Variance Approximation and Miners' Hash Rates -- 2.6 Rational Network Hash Rate in Blockchain Network -- 3 Conclusion -- References -- Stablecoins: Past, Present, and Future -- 1 Introduction -- 2 Where They Came from and Why -- 3 Current State of Stablecoins -- 4 Stablecoin Classification -- 5 The Collapse of Luna -- 6 Future Directions -- 7 Conclusion. FTX Collapse: A Ponzi Story -- 1 Introduction -- 2 What is Ponzi? -- 3 The FTX Collapse -- 4 Future Directions -- 5 Concluding Remarks -- References -- Policy Design of Retail Central Bank Digital Currencies: Embedding AML/CFT Compliance -- 1 Introduction -- 2 Proposed CBDC Model Structure and Associated AML/CFT Limitations -- 3 Total Cost Structure of CBDC -- 4 Current AML/CFT Mechanism -- 4.1 Stakeholders -- 4.2 Process -- 4.3 Cost Structures and Incentives -- 4.4 Professional Resources in AML/CFT Measures -- 5 AML/CFT Mechanisms in Retail CBDC Projects -- 6 Feasibility of the AML/CFT System Associated with CBDC -- 6.1 Tiered System Based on the Level of Assurance -- 6.2 Collective Customer Due Diligence -- 6.3 Automated Analysis and Evaluation -- 6.4 Judgment and Reporting -- 7 Conclusion -- Appendix A. Generalized AML/CFT Process -- Appendix B. High Performing FIU (Israel, Italy, and Spain) -- Appendix C. Compliance Cost of the Financial Institutions -- Appendix D. Compliance Cost of the Financial Institutions -- Appendix E. Number of Certified Anti-money Laundering Specialists Graduate List (Top 15 Countries/Regions) -- Appendix F. Current AML/CFT Measures in Two-Tiered Retail CBDC -- References -- DeFi -- Uniswap Liquidity Provision: An Online Learning Approach -- 1 Introduction -- 2 Uniswap Overview -- 2.1 Uniswap v3 - Concentrated Liquidity -- 3 Online Learning Model -- 3.1 Reward Function -- 4 Static Strategies -- 4.1 n= -- 4.2 n < -- -- 5 Adaptive Strategy -- 6 Conclusions -- A Reward Function Derivation -- A.1 Trading Fees -- A.2 Change in Value -- A.3 Total Reward -- B Proofs for Section4 -- B.1 Lemma 1 -- B.2 Lemma 2 -- B.3 Theorem 1 -- C Analysis of Algorithm 1 -- References -- Extended Abstract: The Effect of Trading Fees on Arbitrage Profits in Automated Market Makers -- 1 Introduction -- 2 Model -- 3 Results. 4 Conclusion. |
| Record Nr. | UNISA-996587869803316 |
|
Essex Aleksander
|
||
| Cham : , : Springer Nature Switzerland : , : Imprint : Springer, , 2024 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Security Standardisation Research [[electronic resource] ] : Second International Conference, SSR 2015, Tokyo, Japan, December 15-16, 2015, Proceedings / / edited by Liqun Chen, Shin'ichiro Matsuo
| Security Standardisation Research [[electronic resource] ] : Second International Conference, SSR 2015, Tokyo, Japan, December 15-16, 2015, Proceedings / / edited by Liqun Chen, Shin'ichiro Matsuo |
| Edizione | [1st ed. 2015.] |
| Pubbl/distr/stampa | Cham : , : Springer International Publishing : , : Imprint : Springer, , 2015 |
| Descrizione fisica | 1 online resource (X, 267 p. 41 illus. in color.) |
| Disciplina | 005.8 |
| Collana | Security and Cryptology |
| Soggetto topico |
Computer security
Data encryption (Computer science) Computer communication systems Software engineering Data structures (Computer science) Computer science—Mathematics Systems and Data Security Cryptology Computer Communication Networks Software Engineering Data Structures Math Applications in Computer Science |
| ISBN | 3-319-27152-0 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Security Standardisation Research 2015 -- Contents -- Bitcoin and Payment -- Authenticated Key Exchange over Bitcoin -- 1 Introduction -- 2 Background -- 2.1 Bitcoin -- 2.2 Transaction Signature -- 3 Key Exchange Protocols -- 3.1 Setting the Stage -- 3.2 Authentication -- 3.3 Diffie-Hellman-over-Bitcoin Protocol -- 3.4 YAK-over-Bitcoin Protocol -- 4 Security Analysis -- 4.1 Security of Diffie-Hellman-over-Bitcoin -- 4.2 Security of YAK-over-Bitcoin -- 4.3 Security of ECDSA Signatures -- 5 Implementation -- 5.1 Time Analysis -- 5.2 Note About Domain Parameters -- 6 Conclusion -- References -- Tap-Tap and Pay (TTP): Preventing the Mafia Attack in NFC Payment -- 1 Introduction -- 2 Our Solution: Tap-Tap and Pay (TTP) -- 2.1 Threat Model -- 2.2 Overview of the Solution -- 2.3 Sensor Data Preprocessing -- 2.4 Similarity Comparison -- 3 System Evaluation -- 3.1 Experiment Setup and Data Collection -- 3.2 Results -- 3.3 Online and Offline Modes -- 4 Usability Study -- 4.1 Experiment Setup and Data Collection -- 4.2 Findings -- 5 Comparison with Previous Works -- 6 Further Related Works -- 7 Conclusion -- References -- Protocol and API -- Robust Authenticated Key Exchange Using Passwords and Identity-Based Signatures -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Related Work -- 1.3 Organization -- 2 Preliminaries -- 3 Security Model -- 4 Our Identity-Based Signature Scheme -- 5 Our IBS-PAKE Protocols -- 5.1 Generic Construction -- 5.2 Instances -- 5.3 Security Proofs -- 6 Performance Analysis -- 6.1 Performance Comparison -- 6.2 Experimental Results -- 7 Conclusion -- A Bilinear Maps -- B Computational Assumptions -- C Simplified IBS-PAKE Protocols -- References -- Non-repudiation Services for the MMS Protocol of IEC 61850 -- 1 Introduction -- 2 The State of the Art -- 2.1 The standard IEC 61850 -- 2.2 The Standard IEC 62351.
2.3 The Weak Point of IEC 62351 -- 2.4 Additional Security Requirements -- 3 A Security Solution for the A-Profile -- 3.1 Difference Between NROT and NRDT -- 3.2 Generation of NROT and NRDT -- 3.3 The Verification of the APDUs -- 3.4 Checking the NRDT -- 3.5 NRD Tokens for the Server -- 3.6 The Application Security Sublayer -- 3.7 Providing the APDUs with Tokens -- 3.8 Access Control Lists -- 3.9 Logging of Events -- 4 An Implementation Using XML Signatures -- 4.1 How the Process Works -- 4.2 The Modified Communication -- 4.3 Example -- 4.4 Advantages of XML Signatures and Tokens -- 4.5 Possible Disadvantages of XML Signatures -- 5 Conclusion -- References -- Analysis of the PKCS#11 API Using the Maude-NPA Tool -- 1 Introduction -- 2 Maude-NPA -- 2.1 Preliminaries on Unification and Narrowing -- 2.2 Maude-NPA Syntax and Semantics -- 2.3 Never Patterns in Maude-NPA -- 3 PKCS#11 -- 4 Specification of PKCS#11 in Maude-NPA -- 4.1 Formal Model of PKCS#11 in Maude-NPA -- 4.2 Specification of PKCS#11 in Maude-NPA's Syntax -- 5 Experiments -- 6 Related Work -- 7 Conclusions -- References -- Analysis on Cryptographic Algorithm -- How to Manipulate Curve Standards: A White Paper for the Black Hat http://bada55.cr.yp.to -- 1 Introduction -- 1.1 Elliptic-Curve Cryptography. -- 1.2 Organization. -- 1.3 Research Contributions of this Paper. -- 2 Public Security Analyses -- 2.1 Warning: Math Begins Here. -- 2.2 Review of Public ECDLP Security Criteria. -- 2.3 ECC Security vs. ECDLP Security. -- 2.4 The Probability of Passing Public Criteria. -- 2.5 The Probabilities for Various Feasible Attacks. -- 3 Manipulating Curves -- 3.1 Curves Without Public Justification. -- 3.2 The Attack. -- 3.3 Implementation. -- 4 Manipulating Seeds -- 4.1 Hash Verification Routine. -- 4.2 Acceptability Criteria. -- 4.3 The Attack. -- 4.4 Optimizing the Attack. -- 4.5 Implementation. 5 Manipulating Nothing-up-my-sleeve Numbers -- 5.1 The Brainpool Procedure. -- 5.2 The BADA55-VPR-224 Procedure. -- 5.3 How BADA55-VPR-224 Was Generated: Exploring the Space of Acceptable Procedures. -- 5.4 Manipulating Bit-Extraction Procedures. -- 5.5 Manipulating Choices of Hash Functions. -- 5.6 Manipulating Counter Sizes. -- 5.7 Manipulating Hash Input Sizes. -- 5.8 Manipulating the (a,b) Hash Pattern. -- 5.9 Manipulating Natural Constants. -- 5.10 Implementation. -- 6 Manipulating Minimality -- 6.1 NUMS Curves. -- 6.2 Choice of Security Level. -- 6.3 Choice of Prime. -- 6.4 Choice of Ordering of Field Elements. -- 6.5 Choice of Curve Shape and Cofactor Requirement. -- 6.6 Choice of Twist Security. -- 6.7 Choice of Global vs. Local Curves. -- 6.8 More Choices. -- 6.9 Overall Count. -- 7 Manipulating Security Criteria -- Security of the SM2 Signature Scheme Against Generalized Key Substitution Attacks -- 1 Introduction -- 1.1 Our Contributions -- 2 Preliminaries -- 2.1 Collision-Resistant Hash Functions -- 2.2 Uniform (Smooth) Hash Functions -- 2.3 Almost-Invertibility of Conversion Functions -- 3 Definitions -- 4 Generalized WKS Attacks Against a General Framework of ISO/IEC CD 14888-3 -- 5 Security of the SM2 Signature Scheme -- 5.1 SM2 Digital Signature Scheme -- 5.2 EUF-CMA Security of SM2 -- 5.3 Security of SM2 Against Generalized SKS Attacks -- References -- Side Channel Cryptanalysis of Streebog -- 1 Introduction -- 2 Description of Streebog -- 3 The Message Recovery Attack -- 3.1 Implications of Our Attack -- 4 Countermeasures -- 5 Conclusions -- References -- Privacy -- Improving Air Interface User Privacy in Mobile Telephony -- 1 Introduction -- 2 Background -- 2.1 Mobile Telephony Systems -- 2.2 Proactive UICC -- 2.3 The AKA Protocol -- 3 User Privacy Threats -- 4 Threat Model -- 5 A Pseudonymity Approach -- 6 Predefined Multiple IMSIs. 6.1 USIM-Initiated IMSI Change -- 6.2 Network-Initiated IMSI Change -- 7 Modifiable Multiple IMSIs -- 8 Experimental Validation -- 9 Analysis -- 9.1 User Privacy -- 9.2 IMSI Synchronisation -- 10 Related Work -- 11 Conclusions -- References -- Generating Unlinkable IPv6 Addresses -- 1 Introduction -- 2 Background -- 2.1 Stateless Address Autoconfiguration (SLAAC) -- 2.2 Privacy Extensions to SLAAC -- 2.3 The Gont Approach -- 2.4 The Rafiee-Meinel Scheme -- 2.5 Other Schemes -- 2.6 A Summary -- 3 Practical Limitations to Privacy -- 3.1 Use of Randomness -- 3.2 Privacy Goals -- 3.3 RFC 4941 Method 1 -- 3.4 RFC 4941 Method 2 and the Rafiee-Meinel Scheme -- 3.5 The Gont Scheme -- 4 Practical Measures to Improve Randomness Generation -- 4.1 Generating Randomness -- 4.2 A Simple Improvement to RFC 4941 Method 1 -- 4.3 Making the Gont Scheme More Robust -- 5 Summary and Conclusions -- References -- Trust and Formal Analysis -- A Practical Trust Framework: Assurance Levels Repackaged Through Analysis of Business Scenarios and Related Risks -- 1 Introduction -- 2 Related Work on Trust Framework -- 3 Assessment Criteria of Assurance Levels -- 3.1 Credential Issuance and Identity Proofing Process Requirements -- 3.2 Authentication Process Requirements -- 3.3 Requirements for Certification -- 4 Analysis of Business Scenarios in Terms of Assurance Levels -- 4.1 Design Objectives of Field Survey -- 4.2 Classification of Business Scenarios -- 4.3 Self-Regulation and Objectivity -- 4.4 Effectiveness of High Level Authentication Processes -- 5 Level of Assurance 1+ -- 6 Concluding Remarks -- References -- First Results of a Formal Analysis of the Network Time Security Specification -- 1 Introduction -- 2 Security for Packet-Based Time Synchronization -- 2.1 Time Synchronization Methods -- 2.2 Criteria for Different Stages of Analysis. 2.3 Choice of Tool for the Analysis -- 3 Basic Assumptions and Protocol Notation -- 4 The Protocol Steps Under Analysis -- 4.1 The Network Time Security Project -- 4.2 Overview of the Protocol Sequence -- 5 Performing the Analysis -- 6 Results of the First Analysis -- 7 Conclusion -- A ProVerif Source Code -- A.1 Cryptographic Primitives -- A.2 Global Variables and Constants -- A.3 Events -- A.4 The Trusted Authority Process -- A.5 The Server Side Processes -- A.6 The Client Side Processes -- A.7 The Environment Process -- A.8 ProVerif Queries -- References -- Formal Support for Standardizing Protocols with State -- 1 Introduction -- 2 The Envelope Protocol -- 3 State-Respecting Bundles -- 3.1 Enriching Bundles with State -- 3.2 Our Axioms of State -- 3.3 Enrich-by-need for Stateful Protocols -- 4 Analysis of the Envelope Protocol -- 4.1 The Importance of Observer Ordering -- 5 Related Work -- 6 Protocol Security Goals -- 7 Conclusion -- References -- Author Index. |
| Record Nr. | UNINA-9910483583603321 |
| Cham : , : Springer International Publishing : , : Imprint : Springer, , 2015 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Security Standardisation Research [[electronic resource] ] : Second International Conference, SSR 2015, Tokyo, Japan, December 15-16, 2015, Proceedings / / edited by Liqun Chen, Shin'ichiro Matsuo
| Security Standardisation Research [[electronic resource] ] : Second International Conference, SSR 2015, Tokyo, Japan, December 15-16, 2015, Proceedings / / edited by Liqun Chen, Shin'ichiro Matsuo |
| Edizione | [1st ed. 2015.] |
| Pubbl/distr/stampa | Cham : , : Springer International Publishing : , : Imprint : Springer, , 2015 |
| Descrizione fisica | 1 online resource (X, 267 p. 41 illus. in color.) |
| Disciplina | 005.8 |
| Collana | Security and Cryptology |
| Soggetto topico |
Computer security
Data encryption (Computer science) Computer communication systems Software engineering Data structures (Computer science) Computer science—Mathematics Systems and Data Security Cryptology Computer Communication Networks Software Engineering Data Structures Math Applications in Computer Science |
| ISBN | 3-319-27152-0 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Security Standardisation Research 2015 -- Contents -- Bitcoin and Payment -- Authenticated Key Exchange over Bitcoin -- 1 Introduction -- 2 Background -- 2.1 Bitcoin -- 2.2 Transaction Signature -- 3 Key Exchange Protocols -- 3.1 Setting the Stage -- 3.2 Authentication -- 3.3 Diffie-Hellman-over-Bitcoin Protocol -- 3.4 YAK-over-Bitcoin Protocol -- 4 Security Analysis -- 4.1 Security of Diffie-Hellman-over-Bitcoin -- 4.2 Security of YAK-over-Bitcoin -- 4.3 Security of ECDSA Signatures -- 5 Implementation -- 5.1 Time Analysis -- 5.2 Note About Domain Parameters -- 6 Conclusion -- References -- Tap-Tap and Pay (TTP): Preventing the Mafia Attack in NFC Payment -- 1 Introduction -- 2 Our Solution: Tap-Tap and Pay (TTP) -- 2.1 Threat Model -- 2.2 Overview of the Solution -- 2.3 Sensor Data Preprocessing -- 2.4 Similarity Comparison -- 3 System Evaluation -- 3.1 Experiment Setup and Data Collection -- 3.2 Results -- 3.3 Online and Offline Modes -- 4 Usability Study -- 4.1 Experiment Setup and Data Collection -- 4.2 Findings -- 5 Comparison with Previous Works -- 6 Further Related Works -- 7 Conclusion -- References -- Protocol and API -- Robust Authenticated Key Exchange Using Passwords and Identity-Based Signatures -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Related Work -- 1.3 Organization -- 2 Preliminaries -- 3 Security Model -- 4 Our Identity-Based Signature Scheme -- 5 Our IBS-PAKE Protocols -- 5.1 Generic Construction -- 5.2 Instances -- 5.3 Security Proofs -- 6 Performance Analysis -- 6.1 Performance Comparison -- 6.2 Experimental Results -- 7 Conclusion -- A Bilinear Maps -- B Computational Assumptions -- C Simplified IBS-PAKE Protocols -- References -- Non-repudiation Services for the MMS Protocol of IEC 61850 -- 1 Introduction -- 2 The State of the Art -- 2.1 The standard IEC 61850 -- 2.2 The Standard IEC 62351.
2.3 The Weak Point of IEC 62351 -- 2.4 Additional Security Requirements -- 3 A Security Solution for the A-Profile -- 3.1 Difference Between NROT and NRDT -- 3.2 Generation of NROT and NRDT -- 3.3 The Verification of the APDUs -- 3.4 Checking the NRDT -- 3.5 NRD Tokens for the Server -- 3.6 The Application Security Sublayer -- 3.7 Providing the APDUs with Tokens -- 3.8 Access Control Lists -- 3.9 Logging of Events -- 4 An Implementation Using XML Signatures -- 4.1 How the Process Works -- 4.2 The Modified Communication -- 4.3 Example -- 4.4 Advantages of XML Signatures and Tokens -- 4.5 Possible Disadvantages of XML Signatures -- 5 Conclusion -- References -- Analysis of the PKCS#11 API Using the Maude-NPA Tool -- 1 Introduction -- 2 Maude-NPA -- 2.1 Preliminaries on Unification and Narrowing -- 2.2 Maude-NPA Syntax and Semantics -- 2.3 Never Patterns in Maude-NPA -- 3 PKCS#11 -- 4 Specification of PKCS#11 in Maude-NPA -- 4.1 Formal Model of PKCS#11 in Maude-NPA -- 4.2 Specification of PKCS#11 in Maude-NPA's Syntax -- 5 Experiments -- 6 Related Work -- 7 Conclusions -- References -- Analysis on Cryptographic Algorithm -- How to Manipulate Curve Standards: A White Paper for the Black Hat http://bada55.cr.yp.to -- 1 Introduction -- 1.1 Elliptic-Curve Cryptography. -- 1.2 Organization. -- 1.3 Research Contributions of this Paper. -- 2 Public Security Analyses -- 2.1 Warning: Math Begins Here. -- 2.2 Review of Public ECDLP Security Criteria. -- 2.3 ECC Security vs. ECDLP Security. -- 2.4 The Probability of Passing Public Criteria. -- 2.5 The Probabilities for Various Feasible Attacks. -- 3 Manipulating Curves -- 3.1 Curves Without Public Justification. -- 3.2 The Attack. -- 3.3 Implementation. -- 4 Manipulating Seeds -- 4.1 Hash Verification Routine. -- 4.2 Acceptability Criteria. -- 4.3 The Attack. -- 4.4 Optimizing the Attack. -- 4.5 Implementation. 5 Manipulating Nothing-up-my-sleeve Numbers -- 5.1 The Brainpool Procedure. -- 5.2 The BADA55-VPR-224 Procedure. -- 5.3 How BADA55-VPR-224 Was Generated: Exploring the Space of Acceptable Procedures. -- 5.4 Manipulating Bit-Extraction Procedures. -- 5.5 Manipulating Choices of Hash Functions. -- 5.6 Manipulating Counter Sizes. -- 5.7 Manipulating Hash Input Sizes. -- 5.8 Manipulating the (a,b) Hash Pattern. -- 5.9 Manipulating Natural Constants. -- 5.10 Implementation. -- 6 Manipulating Minimality -- 6.1 NUMS Curves. -- 6.2 Choice of Security Level. -- 6.3 Choice of Prime. -- 6.4 Choice of Ordering of Field Elements. -- 6.5 Choice of Curve Shape and Cofactor Requirement. -- 6.6 Choice of Twist Security. -- 6.7 Choice of Global vs. Local Curves. -- 6.8 More Choices. -- 6.9 Overall Count. -- 7 Manipulating Security Criteria -- Security of the SM2 Signature Scheme Against Generalized Key Substitution Attacks -- 1 Introduction -- 1.1 Our Contributions -- 2 Preliminaries -- 2.1 Collision-Resistant Hash Functions -- 2.2 Uniform (Smooth) Hash Functions -- 2.3 Almost-Invertibility of Conversion Functions -- 3 Definitions -- 4 Generalized WKS Attacks Against a General Framework of ISO/IEC CD 14888-3 -- 5 Security of the SM2 Signature Scheme -- 5.1 SM2 Digital Signature Scheme -- 5.2 EUF-CMA Security of SM2 -- 5.3 Security of SM2 Against Generalized SKS Attacks -- References -- Side Channel Cryptanalysis of Streebog -- 1 Introduction -- 2 Description of Streebog -- 3 The Message Recovery Attack -- 3.1 Implications of Our Attack -- 4 Countermeasures -- 5 Conclusions -- References -- Privacy -- Improving Air Interface User Privacy in Mobile Telephony -- 1 Introduction -- 2 Background -- 2.1 Mobile Telephony Systems -- 2.2 Proactive UICC -- 2.3 The AKA Protocol -- 3 User Privacy Threats -- 4 Threat Model -- 5 A Pseudonymity Approach -- 6 Predefined Multiple IMSIs. 6.1 USIM-Initiated IMSI Change -- 6.2 Network-Initiated IMSI Change -- 7 Modifiable Multiple IMSIs -- 8 Experimental Validation -- 9 Analysis -- 9.1 User Privacy -- 9.2 IMSI Synchronisation -- 10 Related Work -- 11 Conclusions -- References -- Generating Unlinkable IPv6 Addresses -- 1 Introduction -- 2 Background -- 2.1 Stateless Address Autoconfiguration (SLAAC) -- 2.2 Privacy Extensions to SLAAC -- 2.3 The Gont Approach -- 2.4 The Rafiee-Meinel Scheme -- 2.5 Other Schemes -- 2.6 A Summary -- 3 Practical Limitations to Privacy -- 3.1 Use of Randomness -- 3.2 Privacy Goals -- 3.3 RFC 4941 Method 1 -- 3.4 RFC 4941 Method 2 and the Rafiee-Meinel Scheme -- 3.5 The Gont Scheme -- 4 Practical Measures to Improve Randomness Generation -- 4.1 Generating Randomness -- 4.2 A Simple Improvement to RFC 4941 Method 1 -- 4.3 Making the Gont Scheme More Robust -- 5 Summary and Conclusions -- References -- Trust and Formal Analysis -- A Practical Trust Framework: Assurance Levels Repackaged Through Analysis of Business Scenarios and Related Risks -- 1 Introduction -- 2 Related Work on Trust Framework -- 3 Assessment Criteria of Assurance Levels -- 3.1 Credential Issuance and Identity Proofing Process Requirements -- 3.2 Authentication Process Requirements -- 3.3 Requirements for Certification -- 4 Analysis of Business Scenarios in Terms of Assurance Levels -- 4.1 Design Objectives of Field Survey -- 4.2 Classification of Business Scenarios -- 4.3 Self-Regulation and Objectivity -- 4.4 Effectiveness of High Level Authentication Processes -- 5 Level of Assurance 1+ -- 6 Concluding Remarks -- References -- First Results of a Formal Analysis of the Network Time Security Specification -- 1 Introduction -- 2 Security for Packet-Based Time Synchronization -- 2.1 Time Synchronization Methods -- 2.2 Criteria for Different Stages of Analysis. 2.3 Choice of Tool for the Analysis -- 3 Basic Assumptions and Protocol Notation -- 4 The Protocol Steps Under Analysis -- 4.1 The Network Time Security Project -- 4.2 Overview of the Protocol Sequence -- 5 Performing the Analysis -- 6 Results of the First Analysis -- 7 Conclusion -- A ProVerif Source Code -- A.1 Cryptographic Primitives -- A.2 Global Variables and Constants -- A.3 Events -- A.4 The Trusted Authority Process -- A.5 The Server Side Processes -- A.6 The Client Side Processes -- A.7 The Environment Process -- A.8 ProVerif Queries -- References -- Formal Support for Standardizing Protocols with State -- 1 Introduction -- 2 The Envelope Protocol -- 3 State-Respecting Bundles -- 3.1 Enriching Bundles with State -- 3.2 Our Axioms of State -- 3.3 Enrich-by-need for Stateful Protocols -- 4 Analysis of the Envelope Protocol -- 4.1 The Importance of Observer Ordering -- 5 Related Work -- 6 Protocol Security Goals -- 7 Conclusion -- References -- Author Index. |
| Record Nr. | UNISA-996466226903316 |
| Cham : , : Springer International Publishing : , : Imprint : Springer, , 2015 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||