Plaintext awareness in identity-based key encapsulation

The notion of plaintext awareness ( ${\mathsf{PA}}$ ) has many applications in public key cryptography: it offers unique, stand-alone security guarantees for public key encryption schemes, has been used as a sufficient condition for proving indistinguishability against adaptive chosen-ciphertext attacks ( ${\mathsf{IND}\hbox {-}{\mathsf{CCA}}}$ ), and can be used to construct privacy-preserving protocols such as deniable authentication. Unlike many other security notions, plaintext awareness is very fragile when it comes to differences between the random oracle and standard models; for example, many implications involving ${\mathsf{PA}}$ in the random oracle model are not valid in the standard model and vice versa. Similarly, strategies for proving ${\mathsf{PA}}$ of schemes in one model cannot be adapted to the other model. Existing research addresses ${\mathsf{PA}}$ in detail only in the public key setting. This paper gives the first formal exploration of plaintext awareness in the identity-based setting and, as initial work, proceeds in the random oracle model. The focus is laid mainly on identity-based key encapsulation mechanisms (IB-KEMs), for which the paper presents the first definitions of plaintext awareness, highlights the role of ${\mathsf{PA}}$ in proof strategies of ${\mathsf{IND}\hbox {-}{\mathsf{CCA}}}$ security, and explores relationships between ${\mathsf{PA}}$ and other security properties. On the practical side, our work offers the first, highly efficient, general approach for building IB-KEMs that are simultaneously plaintext-aware and ${\mathsf{IND}\hbox {-}{\mathsf{CCA}}}$ -secure. Our construction is inspired by the Fujisaki-Okamoto (FO) transform, but demands weaker and more natural properties of its building blocks. This result comes from a new look at the notion of $\gamma $ -uniformity that was inherent in the original FO transform. We show that for IB-KEMs (and PK-KEMs), this assumption can be replaced with a weaker computational notion, which is in fact implied by one-wayness. Finally, we give the first concrete IB-KEM scheme that is ${\mathsf{PA}}$ and ${\mathsf{IND}\hbox {-}{\mathsf{CCA}}}$ -secure by applying our construction to a popular IB-KEM and optimizing it for better performance.     

MGR Hash Functions

Abstract

GOST-R 34.11-94 is a Russian standard cryptographic hash function that was introduced in 1994 by the Russian Federal Agency for the purposes of information processing, information security, and digital signature. Mendel et al. (2008 Mendel, F., N. Pramstaller, C. Rechberger, M. Kontak, and J. Szmidt. 2008. Cryptanalysis of the GOST hash function, Advances in Cryptology – CRYPTO 2008, vol. 5157, 162–178. [Google Scholar]) and Courtois and Mourouzis (2011 Courtois, N., and T. Mourouzis. 2011. Black-box collision attacks on the compression function of the GOST hash function. SECRYPT. Proceedings of the International Conference on Security and Cryptography, 325–332, IEEE. [Google Scholar]) found attacks on the compression function of the GOST-R structure that were basically weaknesses of the GOST-R block cipher (GOST 28147–89, 1989 GOST 28147-89. 1989. Systems of the information treatment, cryptographic security, algorithms of the cryptographic transformation (in Russian). [Google Scholar]). Hence in 2012, it was updated to GOST-R 34.11-2012, which replaced the older one for all its applications from January 2013. GOST-R 34.11-2012 is based on a modified Merkle-Damgård construction. Here we present a modified version of GOST-R 34.11-2012 (Modified GOST-R (MGR) hash). The design of the MGR hash is based on wide-pipe construction, which is also a modified Merkle-Damgård construction. MGR is much more secure as well as three times faster than GOST-R 34.11-2012. Advanced Encryption Standard (AES)-like block ciphers have been used in designing the compression function of MGR because AES is one of the most efficient and secure block ciphers and has been evaluated for more than 14?years. A detailed statistical analysis with a few other attacks on MGR is incorporated into this paper.     

Information Assurance Metric for Assessing NIST's Monitoring Step in the Risk Management Framework

ABSTRACT

This paper proposes an information assurance (IA) metric that can be used to measure the security posture of an enterprise system in the “monitoring” step (Step 6) of the risk management framework (RMF), as required in the new certification and accreditation (C&A) process described in NIST SP 800-37, Rev. 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach. This metric was developed by adopting the Object Measurement (OM® ¹ 1. OM® - Registered trademark owned by Donaldson and Siegel, SAIC, (1997) Donaldson, S. E. and Siegel, S. G. 1997. Cultivating successful software development, 1st, Upper Saddle River, NJ: Prentice Hall.  [Google Scholar]. ) approach, created to evaluate system development life cycle (SDLC) processes, for use as an IA metric. This metric supports organizational management's decision-making processes by enabling an organization to determine how well a system is complying with its monitoring plan. The values obtained through use of this metric can be abstracted to roll up values from multiple systems, creating an aggregate measure usable by organizational management to assess the security posture of all, or a subset, of their accredited systems undergoing monitoring.     

Secure activity resource coordination: empirical evidence of enhanced security awareness in designing secure business processes

Systems development methodologies incorporate security requirements as an afterthought in the non-functional requirements of systems. The lack of appropriate access control on information exchange among business activities can leave organizations vulnerable to information assurance threats. The gap between systems development and systems security leads to software development efforts that lack an understanding of security risks. We address the research question: how can we incorporate security as a functional requirement in the analysis and modeling of business processes? This study extends the Semantic approach to Secure Collaborative Inter-Organizational eBusiness Processes in D'Aubeterre et al. (2008). In this study, we develop the secure activity resource coordination (SARC) artifact for a real-world business process. We show how SARC can be used to create business process models characterized by the secure exchange of information within and across organizational boundaries. We present an empirical evaluation of the SARC artifact against the Enriched-Use Case (Siponen et al., 2006) and standard UML-Activity Diagram to demonstrate the utility of the proposed design method.     

Managing Enterprise Risk in Today's World of Sophisticated Threats: A Framework for Developing Broad-Based,Cost-Effective Information Security Programs

Public and private sector enterprises today are almost completely dependent on their information technology infrastructures to accomplish their critical missions and carry out their corporate business strategies. In order to effectively compete in a fast-paced, highly complex, global economy, organizations are employing new, more powerful information technologies at an unprecedented rate, and in most instances, either ignoring or not fully understanding the increased exposure of their enterprise operations ¹ 1. Enterprise operations include mission, functions, and reputation. and assets due to the aggressive use of that technology.     

MOBILE AGENT SECURITY AGAINST MALICIOUS PLATFORMS

This article presents a review of security mechanisms that have been developed for mobile agent security against malicious platforms. It has been almost 10 years since a prominent review of security in agent systems was presented by Jansen (2000 Jansen , W. 2000 . Countermeasures for mobile agent security . Computer Communications 23 ( 17 ): 1667 – 1676 . [Google Scholar]). We present new developments that have been suggested over the years, evaluate limitations of these schemes, and highlight possible areas of improvement. This article further presents possible threats to the mobile agent paradigm and distinguishes between detection and prevention security mechanisms.     

Spatial pattern of a seismo-ionospheric signature using principal component analysis

This article uses principal component analysis (PCA) to determine the spatial pattern of total electron content (TEC) anomalies in the ionosphere corresponding to China's Wenchuan Earthquake of 12 May 2008 UTC (M_w?=?7.9). PCA is applied to global ionospheric maps (GIMs) with transforms conducted for the time period from 08:00 to 10:00 UT on 9 May 2008. The GIMs are subdivided into 100 smaller maps (36° longitude and 18° latitude). The smaller maps (71?×?71 pixels) form the transform matrices of corresponding dimensions (2?×?1) through image processing. The transform allows for extreme principal eigenvalues to be assigned to the seismo-ionospheric signature described by Zhao et al. [2008 Zhao, B., Yu, T., Wang, M., Wan, W., Lei, J., Liu, L. and Ning, B. 2008. Is an unusual large enhancement of ionospheric electron density linked with the 2008 great Wenchuan earthquake?. Journal of Geophysical Research, 113: A11304 doi:doi: 10.1029/2008JA013613[Crossref], [Web of Science ®] , [Google Scholar], Is an unusual large enhancement of ionospheric electron density linked with the 2008 great Wenchuan earthquake? Journal of Geophysical Research, 113, A11304, doi: 10.1029/2008JA013613.]. Results show that the range of the TEC anomaly declines with height; however, the anomaly becomes more localized and intense at higher altitudes (250–300 km), giving the anomaly the spatial pattern of a downward-facing trumpet.     

The motion planning problem and exponential stabilisation of a heavy chain. Part I†

A model of a heavy chain system with a punctual load (tip mass) in the form of a system of partial differential equations is interpreted as an abstract semigroup system on a Hilbert state space. Our aim is to solve the output motion planning problem of the same nature as in the case of an unloaded heavy chain (Grabowski, P. (2003 Grabowski, P. 2003. Abstract Semigroup Model of Heavy Chain System with Application to a Motion Planning Problem. Proceedings of 9th IEEE International Conference: Methods and Models in Automation and Robotics. 25–28 August2003, Mi?dzyzdroje, Poland. pp.77–86. (IS1-2-3.PDF) [Google Scholar]), ‘Abstract Semigroup Model of Heavy Chain System with Application to a Motion Planning Problem’, in Proceedings of 9th IEEE International Conference: Methods and Models in Automation and Robotics, 25–28 August, Mi?dzyzdroje, Poland, pp. 77–86 (IS1-2-3.PDF)). In order to solve this problem we first analyse its well-posedness and some basic properties. Next, we solve the output motion planning problem using a substitute of the inverse of the input–output operator represented in terms of the Laplace transforms. A problem of exponential stabilisation is also formulated and solved using a stabiliser of the colocated type. The exponential stabilisation is proved using the method of Lyapunov functionals combined with some frequency-domain tools. The method of Lyapunov functionals can be replaced by the spectral or exact controllability approach as shown in the second part (Grabowski, P. (2008 Grabowski, P. 2008. ‘The Motion Planning Problem and Exponential Stabilisation of a Heavy Chain. Part II’. Opuscula Mathematica, 28: 481–505. (2008) (Special issue dedicated to the memory of Professor Andrzej Lasota) [Google Scholar]), ‘The Motion Planning Problem and Exponential Stabilisation of a Heavy Chain. Part II’, Opuscula Mathematica, 28 (2008 Grabowski, P. 2008. ‘The Motion Planning Problem and Exponential Stabilisation of a Heavy Chain. Part II’. Opuscula Mathematica, 28: 481–505. (2008) (Special issue dedicated to the memory of Professor Andrzej Lasota) [Google Scholar]) (Special issue dedicated to the memory of Professor Andrzej Lasota), 481–505) of the present article. A laboratory setup which allows verification of the results in practice is described in detail. Its dynamical model is used as an example to illustrate the theoretical results.     

A Structuration Agency Approach to Security Policy Enforcement in Mobile Ad Hoc Networks

ABSTRACT

A mobile ad hoc network (MANET) is a self-organizing, self-configuring confederation of wireless systems. MANET devices join and leave the network asynchronously at will, and there are no predefined client or server roles – roles change based on the nature of a given communication. The dynamic topologies, mobile communications structure, decentralized control, and anonymity creates many challenges to the security of systems and network infrastructure in a MANET environment. Consequently, this extreme form of dynamic and distributed model requires a reevaluation of conventional approaches to security enforcements. Recent developments in agent frameworks have contributed to some potential solutions for security policy enforcements for MANETs. Building on these developments, and extending principles from structuration theory (Giddens, 1984 Giddens, A. 1984. The constitution of society: Outline of the theory of structuration, Cambridge, , UK: Polity Press.  [Google Scholar]), we formulated a socio-biologically inspired approach to MANET security we refer to as structuration agency theory.     

The Continued Practice of ‘Ethos’: How Nissan Enables Organizational Knowledge Creation

This article examines knowledge creation in relation to improvements on the production line in the manufacturing department of Nissan Motor Company and aims to clarify embodied knowledge observed in the actions of organisational members who enable knowledge creation will be clarified. For that purpose, this study adopts an approach that adds a first, second, and third-person's viewpoint to the theory of knowledge creation (Nonaka & Takeuchi, 1995 Nonaka, I. and Takeuchi, H. 1995. The Knowledge-creating Company, New York: Oxford University Press.  [Google Scholar]). Embodied knowledge, observed in the actions of organisational members who enable knowledge creation, is the continued practice of ‘ethos’ (in Greek) founded in Nissan Production Way as an ethical basis. Ethos is knowledge (intangible) assets for knowledge creating companies. Substantiated analysis classifies ethos into three categories: the individual, team and organisation. This indicates the precise actions of the organisational members in each category during the knowledge creation process. This research will be successful in its role of showing the indispensability of ethos—the new concept of knowledge assets, which enables knowledge creation—for future knowledge-based management in the knowledge society.     

Applying Security within a Service-Oriented Architecture

ABSTRACT

To paraphrase Calvin Coolidge, the business of the Internet is business ^{1 1}Coolidge, C. (1925, January 17). The press under a free government. Given before the American Society of Newspaper Editors in Washington, DC, The quote is actually “After all, the chief business of the American people is business.” . The more business done on the Internet, the more need for regulation of that business. Many of the existing government and industry regulations deal with security measures, and for that reason it's more important than ever to secure your company's IT infrastructure, no matter how large or small your company. Even if for some reason you're not subject to regulations, it's still a very good idea to secure your assets as if you were. At some point, your status might change, and besides, nobody wants to be hacked.     

The XTS-AES Disk Encryption Algorithm and the Security of Ciphertext Stealing

Abstract

This paper describes the importance of the XTS-AES encryption mode of operation and concludes with a new proof for the security of ciphertext stealing as used by XTS-AES. The XTS-AES mode is designed for encrypting data stored on hard disks where there is not additional space for an integrity field. Given this lack of space for an integrity field, XTS-AES builds on the security of AES by protecting the storage device from many dictionary and copy/paste attacks. The operation of the XTS mode of AES is defined in the IEEE 1619-2007 standard [3 IEEE Std 1619–2007 . April 18, 2008 . The XTS-AES Tweakable Block Cipher. Institute of Electrical and Electronics Engineers, Inc.  [Google Scholar]], and has been adopted by the U.S. National Institute of Standards and Technology (NIST) as an approved mode of operation under FIPS 140-2 [2 Dworkin , M. December 2009 . NIST SP 800-38E, “Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices”.  [Google Scholar]]. XTS-AES builds on the XEX (Xor-Encrypt-Xor) mode originally proposed by Rogaway [8 Rogaway , P. 2004 . Efficient Instantiations of Tweakable Block ciphers and Refinements to Modes OCB and PMAC. Advances in Cryptology–Asiacrypt 2004, Lecture Notes in Computer Science, vol. 3329, Springer-Verlag, pp. 16–31. Available at http://www.cs.ucdavis.edu/rogaway/papers/offsets.pdf (Accessed 6 January 2012) . [Google Scholar]].     

Opaqueness Characteristic of a Context Honeypot System

The concept of context honeypot for privacy violation, based on relational databases, was introduced (S.K. Gupta, Damor, Goyal, A. Gupta, & Sabharwal, 2008 Gupta, S.K., Damor, R.G.S., Goyal, V., Gupta, A. and Sabharwal, S. 2008. Context honeypot: A framework for anticipatory privacy violation. Proceedings of the 1st ICETET, : 813–818. doi: 10.1109/ICETET.2008.26 [Google Scholar]). Its aim is to confirm or reject the suspicion cast on a user through external stimuli. Its various characteristics such as luring, opaqueness and confirmation of suspicion have not yet been explored. Here, we focus on one of its important characteristics, opaqueness; that is, it should remain invisible to attackers. This paper discusses ways to quantify effectiveness of a context honeypot system in upholding its opaqueness property to suspected attacker. We conducted an experiment by generating a context honeypot system with known suspected attackers and then quantified its effectiveness through the proposed methods. The results obtained validate the methods proposed by us as an effective tool to quantify the effectiveness of the context honeypot in maintaining its opaqueness property.     

Efficient parallelizable hashing using small non-compressing primitives

A well-established method of constructing hash functions is to base them on non-compressing primitives, such as one-way functions or permutations. In this work, we present \(S^r\), an \(rn\)-to-\(n\)-bit compression function (for \(r\ge 1\)) making \(2r-1\) calls to \(n\)-to-\(n\)-bit primitives (random functions or permutations). \(S^r\) compresses its inputs at a rate (the amount of message blocks per primitive call) up to almost 1/2, and it outperforms all existing schemes with respect to rate and/or the size of underlying primitives. For instance, instantiated with the \(1600\)-bit permutation of NIST’s SHA-3 hash function standard, it offers about \(800\)-bit security at a rate of almost 1/2, while SHA-3-512 itself achieves only \(512\)-bit security at a rate of about \(1/3\). We prove that \(S^r\) achieves asymptotically optimal collision security against semi-adaptive adversaries up to almost \(2^{n/2}\) queries and that it can be made preimage secure up to \(2^n\) queries using a simple tweak.     

An Ontological Approach to Computer System Security

ABSTRACT

Computer system security relies on different aspects of a computer system such as security policies, security mechanisms, threat analysis, and countermeasures. This paper provides an ontological approach to capturing and utilizing the fundamental attributes of those key components to determine the effects of vulnerabilities on a system's security. Our ontology for vulnerability management (OVM) has been populated with all vulnerabilities in NVD (see http://nvd.nist.gov/scap.cfm) with additional inference rules and knowledge discovery mechanisms so that it may provide a promising pathway to make security automation program (NIST Version 1.0, 2007 NIST. 2007. Information Security Automation Program, Automating Vulnerability Management, Security Measurement, and Compliance, Version 1.0 Beta revised May 22 [Google Scholar]) more effective and reliable.     

A BSP algorithm for on-the-fly checking CTL* formulas on security protocols

This paper presents a distributed (Bulk-Synchronous Parallel or bsp) algorithm to compute on-the-fly whether a structured model of a security protocol satisfies a ctl \(^*\) formula. Using the structured nature of the security protocols allows us to design a simple method to distribute the state space under consideration in a need-driven fashion. Based on this distribution of the states, the algorithm for logical checking of a ltl formula can be simplified and optimised allowing, with few tricky modifications, the design of an efficient algorithm for ctl \(^*\) checking. Some prototype implementations have been developed, allowing to run benchmarks to investigate the parallel behaviour of our algorithms.     

A Usable and Secure Two-Factor Authentication Scheme

ABSTRACT

There are many secure authentication schemes that are secure but difficult to use. Most existing network applications authenticate users with a username and password pair. Such systems using the reusable passwords are susceptible to attacks based on the theft of password. Each scheme has its merits and drawbacks (Misbahuddin, Aijaz Ahmed, & Shastri, 2006 Misbahuddin, M., Aijaz Ahmed, M. and Shastri, M. H. 2006. A simple and efficient solution to remote user authentication using smart cards. Proceedings of IEEE Conference on Innovations in Information Technology, : 1–5.  [Google Scholar]). To overcome the susceptibility in the existing applications, there is an authentication mechanism known as Two-Factor Authentication. Two-Factor Authentication is a process used to authenticate or verify the identity of a person or other entity requesting access under security constraints. It is a system wherein two different factors are used in conjunction to authenticate. Using two factors as opposed to one factor generally delivers a higher level of authentication assurance. The proposed scheme allows users to freely choose their PassFile (file password) instead of remembering the password, eliminating the problem of entering the reusable password and remembering the password. In this scheme, we proposed an efficient scheme for remote user authentication. It does not maintain verifier table and allows the user to freely choose and change their passwords. The proposed scheme provides best usability for the user in terms of PassFile without changing the existing protocol. This approach uses a smart card and is secure against identity theft, guessing attack, insider attack, stolen verifier attack, replay attack, impersonation attack, and reflection attack. The proposed achieves the mutual authentication essential for many applications.     

Comment on ‘Optimal inventory replenishment policy for the EPQ model under trade credit derived without derivatives’

In this article, we complement the shortcoming of the inventory economic production quantity (EPQ) model developed by Huang and Huang (2008 Huang, YF and Huang, HF. 2008. Optimal Inventory Replenishment Policy for the EPQ Model Under Trade Credit Derived Without Derivatives. International Journal of Systems Science, 39: 539–546. [Taylor &; Francis Online], [Web of Science ®] , [Google Scholar]), ‘Optimal Inventory Replenishment Policy for the EPQ Model Under Trade Credit Derived Without Derivatives’, International Journal of Systems Science, 39, 539–546), and propose an arithmetic–geometric inequality method to obtain the global optimal solution without taking complex differential calculus or using tedious algebraic manipulations. Finally, we provide an economical interpretation of the theoretical result so that the reader can understand the insight of the result.