Symmetric Cryptographic Protocols
|
|
- Corey Anderson
- 5 years ago
- Views:
Transcription
1 Symmetric Cryptographic Protocols
2 Mahalingam Ramkumar Symmetric Cryptographic Protocols 2123
3 Mahalingam Ramkumar Mississippi State University Mississippi State Mississippi USA ISBN ISBN (ebook) DOI / Springer Cham Heidelberg New York Dordrecht London Library of Congress Control Number: Springer International Publishing Switzerland 2014 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Exempted from this legal reservation are brief excerpts in connection with reviews or scholarly analysis or material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. Duplication of this publication or parts thereof is permitted only under the provisions of the Copyright Law of the Publisher s location, in its current version, and permission for use must always be obtained from Springer. Permissions for use may be obtained through RightsLink at the Copyright Clearance Center. Violations are liable to prosecution under the respective Copyright Law. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein. Printed on acid-free paper Springer is part of Springer Science+Business Media (
4 To my late mom, Rajalakshmi. v
5 Preface Symmetric cryptography deals with: 1. the construction of efficient pseudo random functions (PRF), which are the building blocks of symmetric cryptography, and 2. symmetric cryptographic protocols, which are strategies to utilize the building blocks to solve some of our our day-to-day problems. This book does not concern itself with the building blocks themselves; several well studied PRFs in the form of block ciphers and hash functions already exist. The focus of this book is instead on the (often under appreciated) range and utility of protocols and constructions that utilize symmetric PRFs. Lack of widespread appreciation of the scope of symmetric cryptography has led to the unwarranted use of more expensive asymmetric cryptography in situations where symmetric cryptography is adequate. Perhaps, it is the sheer elegance of asymmetric primitives that instills in us the desire to honor them by utilizing them even in situations where symmetric cryptography is adequate. This is one situation that this book aims to rectify. The specific topics addressed in this book include: 1. various key distribution strategies for unicast, broadcast, and multicast security associations, and 2. strategies for constructing compact and efficient digests of dynamic databases. A unified treatment of seemingly unrelated protocols is made possible by the fact that only three basic strategies, viz., hash chains, hash trees, and the surprising uniqueness of random subsets, are reused in a variety of different ways in different protocols. Ultimately, the utility a cryptographic algorithm stems from the ability to leverage well-deserved assumptions regarding the properties of such algorithms; that we can virtually guarantee the existence of specific relationships between various inputs and outputs of the algorithm; for example, that the preimage of a cryptographic hash was chosen before the image was computed, and not vice-versa. Cryptographic algorithms are building blocks for the construction of application-specific cryptographic protocols, to enable enforcement of application-specific requirements, between various (application-specific) inputs and outputs. vii
6 viii Preface By themselves, cryptographic protocols (unfortunately) do not provide the necessary (application-specific) context to the inputs and outputs. It is up to security protocols that utilize cryptographic protocols to do so. Consequently, practical security protocols will always need to make some additional noncryptographic assumptions regarding the environment in which the cryptographic protocol is executed, and the privacy of keys employed by the algorithms. Almost every security issue we face in our day-to-day lives stems from the simple fact that many such noncryptographic assumptions turn out to be unjustified. For example, while the secure socket layer (SSL) is perfectly safe as a cryptographic protocol, when used as a security protocol, many vulnerabilities can crop up like the recent Heart-bleed vulnerability, or the fact that SSL as a security protocol relies on the integrity of the public key infrastructure (PKI), which in turn relies on unverifiable assumptions regarding the integrity of PKI certificate authorities. Perhaps the only practical recourse is to invest in an infrastructure to realize sufficiently trustworthy hardware modules. Such modules should be capable of guaranteeing a safe environment in which a wide variety of cryptographic protocols necessary for a wide range of applications can run unmolested. Only the well-deserved trust in the assumed properties of cryptographic algorithms, and the integrity of such hardware modules, can then be bootstrapped to realize security protocols without the need to make unjustifiable assumptions like the integrity of software and hardware components in general purpose computers or the integrity of personnel/organizations with access to sensitive data processed in the computers. The versatility and low resource requirement for protocols based on symmetric PRFs make them very well suited for such an approach. Simple fixed functionality involving only PRF and logical operations, executed within the confines of deliberately resource limited modules, can be more readily verified to be free of malicious functionality. Almost every security protocol outlined in this book pays extra attention to additional constraints that may be imposed due to the fact that the security protocols will need to be executed inside a trustworthy (and severely resource limited) boundary. Chapter 1 is a brief review of well-known properties of symmetric PRFs like hash functions and block ciphers. Chapter 2 outlines some useful constructions using PRFs that are reused throughout this book. Chapter 3 presents key predistribution schemes for pairwise authentication strategies that are traditionally considered as nonscalable. Two such schemes, the modified Leighton Micali scheme (MLS) and the identity tickets (IT) schemes are, however, shown to be scalable enough for most practical applications. Chapter 4 outlines a strategy for employing such schemes in conjunction with trustworthy hardware modules with trivial functionality to secure the domain name system (DNS). This approach is compared with the current security protocol, DNSSEC, for securing DNS. Chapters 5 and 6 present various scalable key predistribution schemes. Chapter 5 outlines many of the advantages of probabilistic schemes over deterministic schemes. Chapter 6 outlines three scalable schemes realized as extensions of nonscalable
7 Preface ix schemes discussed in Chap. 3. Chapter 7 highlights special considerations for protecting the integrity of secrets inside resource limited tamper-responsive boundaries. Such considerations are taken into account to reevaluate the strengths of various key distribution schemes, and the overhead associated with each approach. Chapter 8 reviews strategies for multicast security associations like one-to-many associations (or broadcast security) and group security associations facilitated using broadcast encryption. While most broadcast encryption schemes employ a treelike structure, flat schemes based on probabilistic key distribution have some compelling advantages. The utility of such schemes for practical deployments of publish subscribe systems is also discussed in this chapter. Chapter 9 presents a useful authenticated data structure, the ordered Merkle tree (OMT), and it s utility in assuring the integrity of a wide variety of dynamic databases maintained by untrusted entities. Two variations of the OMT, viz., the index ordered Merkle tree (IOMT), and the domain ordered Merkle tree (DOMT), are discussed. Simple algorithms intended to be executed by a trusted resource limited verifier, to assure the integrity of a database maintained by an untrusted prover, are presented. Chapter 10 discusses a new credential transaction model as a specification of application-specific security protocols. For any system with a desired set of assurances, the strategy is to identity different roles for participants in the system, and a set of permitted credential transactions for each role. The permitted credential transactions are chosen to guarantee that no desired assurance is violated. Thus, as long as we can assure the integrity of credential transactions, we can assure the integrity of the entire system (that all desired assurances are met). The credential transaction model permits the design of a universal trusted base as a hypothetical specification for trusted credential management modules (CMM). Irrespective of the specific nature of the system, CMMs are entrusted with the task of assuring the integrity of credential transactions. Only assumptions regarding the integrity of PRFs, and the integrity of simple algorithms executed inside CMMs to verify the integrity of credential transactions, are bootstrapped by the security protocol (the transaction model) to realize all desired assurances. Such an approach eliminates the need for unjustifiable trust in complex hardware/software components, and personnel with the ability to influence the operation of such computers. The core functional components of CMMs include functionality described in Chap. 7 for unicast security associations, and functionality for maintaining OMTs, described in Chap. 9. Starkville, MS April 2014 Mahalingam Ramkumar
8 Contents 1 Introduction Cryptographic Algorithms Symmetric Cryptographic Algorithms Asymmetric Algorithms Using Cryptographic Algorithms Block Cipher Modes Hash Function Hashed Message Authentication Code Asymmetric Encryption and Signatures Cryptographic Protocols and Security Protocols Security Protocols Symmetric Protocols Symmetric Security Protocols Some Useful Constructions Hash Chains Hash Accumulator Hash Tree Random Subsets S i S n (S i S j ) S n Nonscalable Key Distribution Schemes Online KDC NS Protocol Leighton Micali Protocol Offline KDC Basic KDS for Static Small-Scale Networks Key Distribution for Dynamic Networks MLS Key Distribution Identity Ticket (IT) Scheme Comparison xi
9 xii Contents MLS with Multiple KDCs MLS Applications MLS for Internet Security Protocols Domain Name System DNS Records Securing DNS Link-Security Approaches DNSSEC Authenticated Denial DNS-Walk MLS Based Alternative to DNSSEC Extending Link-Security Approaches Principle of TCB-DNS Computing Link Secrets The TCB-DNS Protocol The Atomic Relay Algorithm Preparation of TCB-DNS Master File Verification of RRSets Proof of Correctness Practical Considerations TCB-DNS vs. DNSSEC Authenticated Denial Overhead Replay Attacks DNSSEC with TSIG NSEC3 Opt-Out Alternative to IPSec IPSec Operation IPSec Issues IPSec Alternative Leveraging TCB-DNS Scalable Key Distribution Schemes Certificates Based Schemes Identity Based Schemes Identity-Based Key Predistribution Schemes Blom s Schemes Probabilistic KPSs (PKPS) Allocation of Subsets Random Preloaded Subsets Hash-Chain KPS Hashed Random Preloaded Subsets (HARPS) (n, p)-security of HARPS Probability of Winning a Round Optimization of Parameters... 73
10 Contents xiii 5.5 Deterministic Versus Probabilistic KPSs KPS Complexity Complexity Versus Desired Collusion Resistance n Using External Resources Low Complexity Hardware Multiple KDCs and Renewal Exploiting Multi-path Diversity Conclusions Scalable Extensions of Nonscalable Schemes Parallel Basic KPS Parallel Leighton Micali Scheme (PLM) (n, p)-security of PBK and PLM Optimal Choice of Parameters m and M Subset Keys and Identity Tickets (SKIT) (n, p)-security of SKIT Optimal Choice of Parameters Comparison of KPSs Beyond (n, p)-security (n, φ, p a )-Security of RPS (n, φ, p a )-Security of PBK/PLM (n, φ, p a )-Security of SKIT Addressing Message Injection Attacks PLM for Sensor Networks Classical Sensor Network Model Assumptions Key Distribution for Sensor Networks Key Establishment Performance and Overhead Conclusions Using PKPSs with Tamper-Responsive Modules Core Principles Active and Passive Shields State Transitions Single-Step Countermeasures The DOWN Policy DOWN-Enabled Modules DOWN with Other Asymmetric Schemes DOWN With ID-Based Schemes DOWN Assurance and Complexity DOWN with PKPSs A Second Look at Key Predistribution Scheme (KPS) Complexity Generic Device Model
11 xiv Contents 7.4 Comparison of KPSs Deployment Complexity Complexity During Regular Operation PLM PBK RPS and HARPS KPS Algorithms MLS Scalable KPSs Security Protocols Utilizing f pw () Atomic Relay Protocols Atomic Authentication Relay Algorithm Atomic Path Secret Relay Algorithm Accepting Relays Conclusions Broadcast Authentication and Broadcast Encryption Certificates-Based Broadcast Authentication (BA) One-Time Signatures (OTS) Timed Efficient Stream Loss Tolerant Authentication (TESLA) Identity-Based Broadcast Authentication (BA) Using Key Predistribution Reducing Signature Size Effect of Decrypt Only When Necessary (DOWN) Assurance Broadcast Encryption Tree-Based Broadcast Encryption (BE) Schemes Broadcast Encryption (BE) Using Probabilistic Key Distribution Broadcast Encryption (BE) by Sources Other Than Key Distribution Center (KDC) Performance of Probabilistic Key Predistribution Scheme Broadcast Encryption (PKPS BE) Performance Bounds Over-Provisioning Keys Hashed Random Preloaded Subsets (HARPS) vs. Random Preloaded Subsets (RPS) Models for Broadcast Encryption (BE) G = N Models N>>GModels Batch Sizes for External Sources Application of Probabilistic Key Predistribution Scheme Broadcast Encryption (PKPS BE) in Publish Subscribe Systems Desirable Features
12 Contents xv PKPS-BE vs. T-BE for Pub Sub Systems Pub Sub Operation Authenticated Data Structures Merkle Tree as an ADS Merkle Tree Protocols Ordered Merkle Tree OMT Leaves OMT Nodes Verification and Update Protocols Insertion of OMT Leaves Reordering OMT Leaves Index Ordered Merkle Tree Domain Ordered Merkle Tree Summary of OMT Properties OMT Algorithms in Trusted Resource Limited Boundaries Self-Certificates Core OMT Functions OMT Functions Exposed by T Root Equivalence Certificates Module T State Using Module Functions Context/Application Dependent Functions Infrastructural Requirements Universal Trusted Computing Bases Practical Systems Complexity and Ignorance System Security Model Trusted Platform Modules Realizing a TCG Trusted Platform Pitfalls of the TCG Approach Trinc Virtual Counters Credential Management Modules Credential Transaction Model Consequential Transactions Virtual Networks VN State Changes CMM State and VN State Changing VN State CMMs as ADS Constructors and Verifiers CMM System Architecture CMM Universe Creation of Virtual Networks
13 xvi Contents Intra-VN Key Distribution VN Links Credential Transaction Model of Representative Systems Credential Transaction Model for DNS DNS Transactions Transaction Models for Other Systems Conclusions References Index
14 Acronyms HMAC MAC KDC PKI OTS KDS KPS PKPS RPS HARPS BKP MLS IT PBK PLM SKIT ADS OMT IOMT DOMT VN DNS BGP AS Hashed Message Authentication Code Message Authentication Code Key Distribution Center Public Key Infrastructure One Time Signature Key Distribution Scheme Key Predistribution Scheme Probabilistic Key Predistribution Scheme Random Preloaded Subsets Hashed Random Preloaded Subsets Basic Key Predistribution Modified Leighton Micali Scheme Identity Tickets Parallel Basic Key Predistribution Scheme Parallel Leighton Micali Scheme Subset Key and Identity Tickets Authenticated Data Structures Ordered Merkle Tree Index Ordered Merkle Tree Domain Ordered Merkle Tree Virtual Network Domain Name System Border Gateway Protocol Autonomous System xvii
Guide to OSI and TCP/IP Models
SPRINGER BRIEFS IN COMPUTER SCIENCE Mohammed M. Alani Guide to OSI and TCP/IP Models SpringerBriefs in Computer Science Series editors Stan Zdonik Peng Ning Shashi Shekhar Jonathan Katz Xindong Wu Lakhmi
More informationResearch on Industrial Security Theory
Research on Industrial Security Theory Menggang Li Research on Industrial Security Theory Menggang Li China Centre for Industrial Security Research Beijing, People s Republic of China ISBN 978-3-642-36951-3
More informationSpringerBriefs in Computer Science
SpringerBriefs in Computer Science Series Editors Stan Zdonik Peng Ning Shashi Shekhar Jonathan Katz Xindong Wu Lakhmi C. Jain David Padua Xuemin (Sherman) Shen Borko Furht V.S. Subrahmanian Martial Hebert
More informationGeorge Grätzer. Practical L A TEX
Practical L A TEX George Grätzer Practical L A TEX 123 George Grätzer Toronto, ON, Canada Additional material to this book can be downloaded from http://extras.springer.com ISBN 978-3-319-06424-6 ISBN
More informationITIL 2011 At a Glance. John O. Long
ITIL 2011 At a Glance John O. Long SpringerBriefs in Computer Science Series Editors Stan Zdonik Peng Ning Shashi Shekhar Jonathan Katz Xindong Wu Lakhmi C. Jain David Padua Xuemin Shen Borko Furht VS
More informationStefan Waldmann. Topology. An Introduction
Topology Stefan Waldmann Topology An Introduction 123 Stefan Waldmann Julius Maximilian University of Würzburg Würzburg Germany ISBN 978-3-319-09679-7 ISBN 978-3-319-09680-3 (ebook) DOI 10.1007/978-3-319-09680-3
More informationPhilip Andrew Simpson. FPGA Design. Best Practices for Team-based Reuse. Second Edition
FPGA Design Philip Andrew Simpson FPGA Design Best Practices for Team-based Reuse Second Edition Philip Andrew Simpson San Jose, CA, USA ISBN 978-3-319-17923-0 DOI 10.1007/978-3-319-17924-7 ISBN 978-3-319-17924-7
More informationWindows 10 Revealed. The Universal Windows Operating System for PC, Tablets, and Windows Phone. Kinnary Jangla
Windows 10 Revealed The Universal Windows Operating System for PC, Tablets, and Windows Phone Kinnary Jangla Windows 10 Revealed Kinnary Jangla Bing Maps San Francisco, California, USA ISBN-13 (pbk): 978-1-4842-0687-4
More informationMobile Phone Security and Forensics
Mobile Phone Security and Forensics Iosif I. Androulidakis Mobile Phone Security and Forensics A Practical Approach Second Edition Iosif I. Androulidakis Pedini Ioannina Greece ISBN 978-3-319-29741-5
More informationFailure-Modes-Based Software Reading
SPRINGER BRIEFS IN COMPUTER SCIENCE Yang-Ming Zhu Failure-Modes-Based Software Reading SpringerBriefs in Computer Science More information about this series at http://www.springer.com/series/10028 Yang-Ming
More informationA Security Infrastructure for Trusted Devices
Infrastructure () A Security Infrastructure for Trusted Devices Mahalingam Ramkumar Mississippi State University, MS Nasir Memon Polytechnic University, Brooklyn, NY January 31, 2005 Infrastructure ()
More informationRobust SRAM Designs and Analysis
Robust SRAM Designs and Analysis Jawar Singh Saraju P. Mohanty Dhiraj K. Pradhan Robust SRAM Designs and Analysis 123 Jawar Singh Indian Institute of Information Technology Design and Manufacturing Dumna
More informationMultidimensional Queueing Models in Telecommunication Networks
Multidimensional Queueing Models in Telecommunication Networks ThiS is a FM Blank Page Agassi Melikov Leonid Ponomarenko Multidimensional Queueing Models in Telecommunication Networks Agassi Melikov Department
More informationWireless Networks. Series Editor Xuemin Sherman Shen University of Waterloo Waterloo, Ontario, Canada
Wireless Networks Series Editor Xuemin Sherman Shen University of Waterloo Waterloo, Ontario, Canada More information about this series at http://www.springer.com/series/14180 Sachin Shetty Xuebiao Yuchi
More informationLow Level X Window Programming
Low Level X Window Programming Ross J. Maloney Low Level X Window Programming An Introduction by Examples 123 Dr. Ross J. Maloney Yenolam Corporation Booragoon, WA Australia ISBN 978-3-319-74249-6 ISBN
More informationMATLAB Programming for Numerical Analysis. César Pérez López
MATLAB Programming for Numerical Analysis César Pérez López MATLAB Programming for Numerical Analysis Copyright 2014 by César Pérez López This work is subject to copyright. All rights are reserved by the
More informationEssential Angular for ASP.NET Core MVC
Essential Angular for ASP.NET Core MVC Adam Freeman Essential Angular for ASP.NET Core MVC Adam Freeman London, UK ISBN-13 (pbk): 978-1-4842-2915-6 ISBN-13 (electronic): 978-1-4842-2916-3 DOI 10.1007/978-1-4842-2916-3
More informationLEGITIMATE APPLICATIONS OF PEER-TO-PEER NETWORKS
LEGITIMATE APPLICATIONS OF PEER-TO-PEER NETWORKS DINESH C. VERMA IBM T. J. Watson Research Center A JOHN WILEY & SONS, INC., PUBLICATION LEGITIMATE APPLICATIONS OF PEER-TO-PEER NETWORKS LEGITIMATE APPLICATIONS
More informationJinkun Liu Xinhua Wang. Advanced Sliding Mode Control for Mechanical Systems. Design, Analysis and MATLAB Simulation
Jinkun Liu Xinhua Wang Advanced Sliding Mode Control for Mechanical Systems Design, Analysis and MATLAB Simulation Jinkun Liu Xinhua Wang Advanced Sliding Mode Control for Mechanical Systems Design, Analysis
More informationEfficient and Secure Source Authentication for Multicast
Efficient and Secure Source Authentication for Multicast Authors: Adrian Perrig, Ran Canetti Dawn Song J. D. Tygar Presenter: Nikhil Negandhi CSC774 Network Security Outline: Background Problem Related
More informationWide Area 2D/3D Imaging
Wide Area 2D/3D Imaging Benjamin Langmann Wide Area 2D/3D Imaging Development, Analysis and Applications Benjamin Langmann Hannover, Germany Also PhD Thesis, University of Siegen, 2013 ISBN 978-3-658-06456-3
More informationI-HARPS: An Efficient Key Predistribution Scheme for Mobile Computing Applications
I-HARPS: An Efficient Key Predistribution Scheme for Mobile Computing Applications Mahalingam Ramkumar Department of Computer Science and Engineering Mississippi State University, Mississippi State, MS
More informationSCION: PKI Overview. Adrian Perrig Network Security Group, ETH Zürich
SCION: PKI Overview Adrian Perrig Network Security Group, ETH Zürich PKI Concepts: Brief Introduction PKI: Public-Key Infrastructure Purpose of PKI: enable authentication of an entity Various types of
More informationFunctional Programming in R
Functional Programming in R Advanced Statistical Programming for Data Science, Analysis and Finance Thomas Mailund Functional Programming in R: Advanced Statistical Programming for Data Science, Analysis
More informationComputer Communications and Networks. Editor A.J. Sammes Centre for Forensic Computing Cranfield University Shrivenham Campus Swindon, UK
Computer Communications and Networks Editor A.J. Sammes Centre for Forensic Computing Cranfield University Shrivenham Campus Swindon, UK The Computer Communications and Networks series is a range of textbooks,
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
More information(2½ hours) Total Marks: 75
(2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together.
More informationIntroduction to Computer Networking
Introduction to Computer Networking Thomas G. Robertazzi Introduction to Computer Networking 123 Thomas G. Robertazzi Department of Electrical and Computer Engineering Stony Brook University Stony Brook,
More informationDigital VLSI Design with Verilog
Digital VLSI Design with Verilog John Michael Williams Digital VLSI Design with Verilog A Textbook from Silicon Valley Polytechnic Institute Second Edition John Michael Williams Wilsonville, OR USA Additional
More informationSpringerBriefs in Computer Science
SpringerBriefs in Computer Science Series editors Stan Zdonik, Brown University, Providence, Rhode Island, USA Shashi Shekhar, University of Minnesota, Minneapolis, Minnesota, USA Xindong Wu, University
More informationLecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.
15-441 Lecture Nov. 21 st 2006 Dan Wendlandt Worms & Viruses Phishing End-host impersonation Denial-of-Service Route Hijacks Traffic modification Spyware Trojan Horse Password Cracking IP Spoofing DNS
More informationGrid Computing Security
Grid Computing Security Anirban Chakrabarti Grid Computing Security With 87 Figures and 12 Tables 123 Anirban Chakrabarti Infosys Technologies Limited Electronic City Hosur Road 560100 Bangalore India
More informationSecurity Digital Certificate Manager
System i Security Digital Certificate Manager Version 6 Release 1 System i Security Digital Certificate Manager Version 6 Release 1 Note Before using this information and the product it supports, be sure
More informationIBM. Security Digital Certificate Manager. IBM i 7.1
IBM IBM i Security Digital Certificate Manager 7.1 IBM IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in
More informationLearn PHP 7. Object-Oriented Modular Programming using HTML5, CSS3, JavaScript, XML, JSON, and MySQL. Steve Prettyman
THE EXPERT S VOICE IN WEB DEVELOPMENT Learn PHP 7 Object-Oriented Modular Programming using HTML5, CSS3, JavaScript, XML, JSON, and MySQL Steve Prettyman Learn PHP 7 Object-Oriented Modular Programming
More informationComputer Communications and Networks. Series editor A.J. Sammes Centre for Forensic Computing Cranfield University, Shrivenham campus Swindon, UK
Computer Communications and Networks Series editor A.J. Sammes Centre for Forensic Computing Cranfield University, Shrivenham campus Swindon, UK The Computer Communications and Networks series is a range
More informationAcronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector
Acronyms 3DES AES AH ANSI CBC CESG CFB CMAC CRT DoS DEA DES DoS DSA DSS ECB ECC ECDSA ESP FIPS IAB IETF IP IPsec ISO ITU ITU-T Triple DES Advanced Encryption Standard Authentication Header American National
More informationJava Quick Syntax Reference. Second Edition. Mikael Olsson
Java Quick Syntax Reference Second Edition Mikael Olsson Java Quick Syntax Reference Second Edition Mikael Olsson Java Quick Syntax Reference Mikael Olsson Hammarland, Länsi-Suomi, Finland ISBN-13 (pbk):
More informationKALASALINGAM UNIVERSITY
KALASALINGAM UNIVERSITY (Kalasalingam Academy of Research and Education) DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING CLASS NOTES CRYPTOGRAPHY AND NETWOTK SECURITY (CSE 405) Prepared by M.RAJA AP/CSE
More informationAdvanced Data Mining Techniques
Advanced Data Mining Techniques David L. Olson Dursun Delen Advanced Data Mining Techniques Dr. David L. Olson Department of Management Science University of Nebraska Lincoln, NE 68588-0491 USA dolson3@unl.edu
More informationGengsheng Lawrence Zeng. Medical Image Reconstruction. A Conceptual Tutorial
Gengsheng Lawrence Zeng Medical Image Reconstruction A Conceptual Tutorial Gengsheng Lawrence Zeng Medical Image Reconstruction A Conceptual Tutorial With 163 Figures Author Prof. Dr. Gengsheng Lawrence
More informationChapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010
Cryptography Chapter 8 Network Security Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security An Introduction
More informationLEGITIMATE APPLICATIONS OF PEER-TO-PEER NETWORKS DINESH C. VERMA IBM T. J. Watson Research Center A JOHN WILEY & SONS, INC., PUBLICATION
LEGITIMATE APPLICATIONS OF PEER-TO-PEER NETWORKS DINESH C. VERMA IBM T. J. Watson Research Center A JOHN WILEY & SONS, INC., PUBLICATION LEGITIMATE APPLICATIONS OF PEER-TO-PEER NETWORKS LEGITIMATE APPLICATIONS
More informationComputing with Memory for Energy-Efficient Robust Systems
Computing with Memory for Energy-Efficient Robust Systems Somnath Paul Swarup Bhunia Computing with Memory for Energy-Efficient Robust Systems 123 Somnath Paul Intel Labs Hillsboro, OR, USA Swarup Bhunia
More informationData Security and Privacy. Topic 14: Authentication and Key Establishment
Data Security and Privacy Topic 14: Authentication and Key Establishment 1 Announcements Mid-term Exam Tuesday March 6, during class 2 Need for Key Establishment Encrypt K (M) C = Encrypt K (M) M = Decrypt
More informationLecture Embedded System Security Trusted Platform Module
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Germany Summer Term 2015 Roadmap: TPM Introduction to TPM TPM architecture
More informationObjective-C Quick Syntax Reference
Objective-C Quick Syntax Reference Matthew Campbell Objective-C Quick Syntax Reference Copyright 2014 by Matthew Campbell This work is subject to copyright. All rights are reserved by the Publisher, whether
More informationInformation Security: Principles and Practice Second Edition. Mark Stamp
Information Security: Principles and Practice Second Edition Mark Stamp August 10, 2009 Contents Preface Second Edition Preface About The Author Acknowledgments xvii xix xxiii xxv 1 Introduction 1 1.1
More informationDigital Functions and Data Reconstruction
Digital Functions and Data Reconstruction Li M. Chen Digital Functions and Data Reconstruction Digital-Discrete Methods 123 Li M. Chen University of the District of Columbia Washington, DC, USA ISBN 978-1-4614-5637-7
More informationRequest for Comments: 3007 Updates: 2535, 2136 November 2000 Obsoletes: 2137 Category: Standards Track. Secure Domain Name System (DNS) Dynamic Update
Network Working Group B. Wellington Request for Comments: 3007 Nominum Updates: 2535, 2136 November 2000 Obsoletes: 2137 Category: Standards Track Status of this Memo Secure Domain Name System (DNS) Dynamic
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationFISMAand the Risk Management Framework
FISMAand the Risk Management Framework The New Practice of Federal Cyber Security Stephen D. Gantz Daniel R. Phi I pott Darren Windham, Technical Editor ^jm* ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON
More informationReliable Broadcast Message Authentication in Wireless Sensor Networks
Reliable Broadcast Message Authentication in Wireless Sensor Networks Taketsugu Yao, Shigeru Fukunaga, and Toshihisa Nakai Ubiquitous System Laboratories, Corporate Research & Development Center, Oki Electric
More informationSome Lessons Learned from Designing the Resource PKI
Some Lessons Learned from Designing the Resource PKI Geoff Huston Chief Scientist, APNIC May 2007 Address and Routing Security The basic security questions that need to be answered are: Is this a valid
More informationBut where'd that extra "s" come from, and what does it mean?
SSL/TLS While browsing Internet, some URLs start with "http://" while others start with "https://"? Perhaps the extra "s" when browsing websites that require giving over sensitive information, like paying
More informationIBM i Version 7.2. Security Digital Certificate Manager IBM
IBM i Version 7.2 Security Digital Certificate Manager IBM IBM i Version 7.2 Security Digital Certificate Manager IBM Note Before using this information and the product it supports, read the information
More informationForeword by Katie Moussouris... Acknowledgments... xvii. Introduction...xix. Chapter 1: The Basics of Networking... 1
Brief Contents Foreword by Katie Moussouris.... xv Acknowledgments... xvii Introduction...xix Chapter 1: The Basics of Networking... 1 Chapter 2: Capturing Application Traffic... 11 Chapter 3: Network
More informationPKI-An Operational Perspective. NANOG 38 ARIN XVIII October 10, 2006
PKI-An Operational Perspective NANOG 38 ARIN XVIII October 10, 2006 Briefing Contents PKI Usage Benefits Constituency Acceptance Specific Discussion of Requirements Certificate Policy Certificate Policy
More informationChapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads
Cryptography p y Chapter 8 Network Security Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security An Introduction
More informationProf. Shervin Shirmohammadi SITE, University of Ottawa. Security Architecture. Lecture 13: Prof. Shervin Shirmohammadi CEG
Lecture 13: Security Architecture Prof. Shervin Shirmohammadi SITE, University of Ottawa Prof. Shervin Shirmohammadi CEG 4185 13-1 Network Assets and Security Threats Assets: Hardware (PC, workstation,
More informationIntroduction and Overview. Why CSCI 454/554?
Introduction and Overview CSCI 454/554 Why CSCI 454/554? Get Credits and Graduate Security is important More job opportunities More research funds 1 Workload Five homework assignments Two exams (open book
More informationWireless Network Security Spring 2016
Wireless Network Security Spring 2016 Patrick Tague Class #12 Routing Security; Forwarding Security 2016 Patrick Tague 1 SoW Presentation SoW Thursday in class I'll post a template Each team gets ~5 minutes
More informationJulien Masanès. Web Archiving. With 28 Figures and 6 Tables ABC
Web Archiving Julien Masanès Web Archiving With 28 Figures and 6 Tables ABC Author Julien Masanès European Web Archive 25 rue des envierges 75020 Paris, France julien.masanes@bnf.fr ACM Computing Classification
More informationImplementing Security and Tokens: Current Standards, Tools, and Practices
Implementing Email Security and Tokens: Current Standards, Tools, and Practices Sean Turner Russ Housley Wiley Publishing, Inc. Implementing Email Security and Tokens: Current Standards, Tools, and Practices
More informationJavaScript Quick Syntax Reference
JavaScript Quick Syntax Reference Mikael Olsson JavaScript Quick Syntax Reference Copyright 2015 by Mikael Olsson This work is subject to copyright. All rights are reserved by the Publisher, whether the
More informationEnglish for Academic Research. Series editor Adrian Wallwork Pisa Italy
English for Academic Research Series editor Adrian Wallwork Pisa Italy This series aims to help non-native, English-speaking researchers communicate in English. The books in this series are designed like
More informationThe Information Retrieval Series. Series Editor W. Bruce Croft
The Information Retrieval Series Series Editor W. Bruce Croft Sándor Dominich The Modern Algebra of Information Retrieval 123 Sándor Dominich Computer Science Department University of Pannonia Egyetem
More informationSecurity in ECE Systems
Lecture 11 Information Security ECE 197SA Systems Appreciation Security in ECE Systems Information security Information can be very valuable Secure communication important to protect information Today
More informationReal-Time Graphics Rendering Engine
Hujun Bao Wei Hua Real-Time Graphics Rendering Engine With 66 figures, 11 of them in color ADVANCED TOPICS IN SCIENCE AND TECHNOLOGY IN CHINA ADVANCED TOPICS IN SCIENCE AND TECHNOLOGY IN CHINA Zhejiang
More informationIterative Design of Teaching-Learning Sequences
Iterative Design of Teaching-Learning Sequences Dimitris Psillos Petros Kariotoglou Editors Iterative Design of Teaching- Learning Sequences Introducing the Science of Materials in European Schools Editors
More informationCryptographic Concepts
Outline Identify the different types of cryptography Learn about current cryptographic methods Chapter #23: Cryptography Understand how cryptography is applied for security Given a scenario, utilize general
More informationThese patterns include: The use of proprietary software
Strategic Planning, F. Kenney, J. Thompson Research Note 7 August 2003 B2B Security Patterns: Finding the Perfect Combination Achieving business-to-business security is a combination of examining internal
More informationCristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.
CS355: Cryptography Lecture 17: X509. PGP. Authentication protocols. Key establishment. Public Keys and Trust Public Key:P A Secret key: S A Public Key:P B Secret key: S B How are public keys stored How
More informationC Quick Syntax Reference
C Quick Syntax Reference Mikael Olsson C Quick Syntax Reference Copyright 2015 by Mikael Olsson This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of
More informationMicrosoft Computer Vision APIs Distilled
Microsoft Computer Vision APIs Distilled Getting Started with Cognitive Services Alessandro Del Sole Microsoft Computer Vision APIs Distilled Alessandro Del Sole Cremona, Italy ISBN-13 (pbk): 978-1-4842-3341-2
More informationConfiguring the Cisco APIC-EM Settings
Logging into the Cisco APIC-EM, page 1 Quick Tour of the APIC-EM Graphical User Interface (GUI), page 2 Configuring the Prime Infrastructure Settings, page 3 Discovery Credentials, page 4 Security, page
More informationThreat Modeling. Bart De Win Secure Application Development Course, Credits to
Threat Modeling Bart De Win bart.dewin@ascure.com Secure Application Development Course, 2009 Credits to Frank Piessens (KUL) for the slides 2 1 Overview Introduction Key Concepts Threats, Vulnerabilities,
More informationLecture Secure, Trusted and Trustworthy Computing Trusted Platform Module
1 Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Winter Term 2016/17 Roadmap: TPM
More informationCryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea
Cryptography SSL/TLS Network Security Workshop 3-5 October 2017 Port Moresby, Papua New Guinea 1 History Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationX.509. CPSC 457/557 10/17/13 Jeffrey Zhu
X.509 CPSC 457/557 10/17/13 Jeffrey Zhu 2 3 X.509 Outline X.509 Overview Certificate Lifecycle Alternative Certification Models 4 What is X.509? The most commonly used Public Key Infrastructure (PKI) on
More informationHP Instant Support Enterprise Edition (ISEE) Security overview
HP Instant Support Enterprise Edition (ISEE) Security overview Advanced Configuration A.03.50 Mike Brandon Interex 03 / 30, 2004 2003 Hewlett-Packard Development Company, L.P. The information contained
More informationCS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?
50fb6be35f4c3105 9d4ed08fb86d8887 b746c452a9c9443b 15b22f450c76218e CS 470 Spring 2018 9df7031cdbff9d10 b700a92855f16328 5b757e66d2131841 62fedd7d9131e42e Mike Lam, Professor Security a.k.a. Why on earth
More informationPro MERN Stack. Full Stack Web App Development with Mongo, Express, React, and Node. Vasan Subramanian
Pro MERN Stack Full Stack Web App Development with Mongo, Express, React, and Node Vasan Subramanian Pro MERN Stack Vasan Subramanian Bangalore, Karnataka, India ISBN-13 (pbk): 978-1-4842-2652-0 ISBN-13
More information6.857 L17. Secure Processors. Srini Devadas
6.857 L17 Secure Processors Srini Devadas 1 Distributed Computation Example: Distributed Computation on the Internet (SETI@home, etc.) Job Dispatcher Internet DistComp() { x = Receive(); result = Func(x);
More informationKey establishment in sensor networks
Security and Cooperation in Wireless Networks http://secowinet.epfl.ch/ key types; establishment of link keys using a shortterm master key; random key predistribution: - the basic scheme, and - some improvements;
More informationOverview. Cryptographic key infrastructure Certificates. May 13, 2004 ECS 235 Slide #1. Notation
Overview Key exchange Session vs. interchange keys Classical, public key methods Key generation Cryptographic key infrastructure Certificates Key storage Key escrow Key revocation Digital signatures May
More informationA Two-Fold Authentication Mechanism for Network Security
Asian Journal of Engineering and Applied Technology ISSN 2249-068X Vol. 7 No. 2, 2018, pp. 86-90 The Research Publication, www.trp.org.in A Two-Fold for Network Security D. Selvamani 1 and V Selvi 2 1
More informationDefenses against Wormhole Attack
Defenses against Wormhole Attack Presented by: Kadhim Hayawi, ID: 20364216 COURSE PRESENTATION FOR ECE750 - INTELLIGENT SENSORS AND SENSOR NETWORKS Prof. Otman A. Basir Outline Introduction Packet Leashes
More informationInterfacing with C++
Interfacing with C++ Jayantha Katupitiya Kim Bentley Interfacing with C++ Programming Real-World Applications ABC Dr. Jayantha Katupitiya Senior Lecturer School of Mechanical and Manufacturing Engineering
More informationHow to Break and Repair Leighton and Micali s Key Agreement Protocol
How to Break and Repair Leighton and Micali s Key Agreement Protocol Yuliang Zheng Department of Computer Science, University of Wollongong Wollongong, NSW 2522, AUSTRALIA yuliang@cs.uow.edu.au Abstract.
More informationQUANTUM SAFE PKI TRANSITIONS
QUANTUM SAFE PKI TRANSITIONS Quantum Valley Investments Headquarters We offer quantum readiness assessments to help you identify your organization s quantum risks, develop an upgrade path, and deliver
More informationBuilding Custom Tasks for SQL Server Integration Services
Building Custom Tasks for SQL Server Integration Services Andy Leonard Building Custom Tasks for SQL Server Integration Services Andy Leonard Farmville, Virginia, USA ISBN-13 (pbk): 978-1-4842-2939-2 ISBN-13
More informationApple Inc. Certification Authority Certification Practice Statement
Apple Inc. Certification Authority Certification Practice Statement Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA Apple Application Integration - G3 Sub-CA Version 6.2 Effective
More informationDesigning Security Architecture Solutions Jay Ramachandran Wiley Computer Publishing John Wiley & Sons, Inc. Designing Security Architecture Solutions Designing Security Architecture Solutions Jay Ramachandran
More informationSoftware Development for SAP R/3
Software Development for SAP R/3 Springer-Verlag Berlin Heidelberg GmbH Ulrich Mende Software Development for SAP R/3 Data Dictionary, ABAP/4, Interfaces With Diskette With 124 Figures and Many Example
More informationEasy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications
Infineon Network Use Case Easy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications Providing Infineon customers with an easy path to integrating TPM support into their products and systems
More informationSecuring Network Communications
Securing Network Communications Demonstration: Securing network access with Whitenoise Labs identity management, one-time-pad dynamic authentication, and onetime-pad authenticated encryption. Use of Whitenoise
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationSecuring BGP. Geoff Huston November 2007
Securing BGP Geoff Huston November 2007 Agenda An Introduction to BGP BGP Security Questions Current Work Research Questions An Introduction to BGP Background to Internet Routing The routing architecture
More information