In the recent years, wireless networks have experienced an enormous growth which has given rise to new research challenges. Ad hoc networks are composed of autonomous nodes that are independent of any fixed infrastructure. Mobile ad hoc networks have a fully decentralized topology and they are dynamically changing. Besides these challenges, the wireless transmission medium introduces limitations in communication. For these reasons, providing security guarantees is particularly difficult. In a mobile ad hoc network every node acts as a router for its neighbors. The routing protocols that have been proposed assume that the nodes will fully participate. Unfortunately, node misbehavior is a common phenomenon. Misbehavior is due to selfish or malicious reasons. Another reason, which is rarer, is a faulty link due to the wireless medium. Misbehavior can take place at all layers. At the Physical layer a misbehaving node can increase its transmitting power, adversely affecting the network performance. At the MAC (Medium Access Control) layer a node may choose to avoid waiting for its turn to access the medium, taking an unfair advantage of the shared medium. The basic threat at the Network layer is the non-cooperative behavior as far as packet forwarding is concerned. The proper execution of a routing protocol demands that the intermediate nodes in a path forward the packets correctly to the intended receivers. Misbehaving nodes do not forward these packets. A routing protocol for MANETs should give incentives for cooperative action or at least it should be able to detect misbehaving nodes and correct them.
{"title":"Overcoming misbehavior in mobile ad hoc networks: an overview","authors":"G. Athanasiou, L. Tassiulas, G. Yovanof","doi":"10.1145/1144389.1144394","DOIUrl":"https://doi.org/10.1145/1144389.1144394","url":null,"abstract":"In the recent years, wireless networks have experienced an enormous growth which has given rise to new research challenges. Ad hoc networks are composed of autonomous nodes that are independent of any fixed infrastructure. Mobile ad hoc networks have a fully decentralized topology and they are dynamically changing. Besides these challenges, the wireless transmission medium introduces limitations in communication. For these reasons, providing security guarantees is particularly difficult. In a mobile ad hoc network every node acts as a router for its neighbors. The routing protocols that have been proposed assume that the nodes will fully participate. Unfortunately, node misbehavior is a common phenomenon. Misbehavior is due to selfish or malicious reasons. Another reason, which is rarer, is a faulty link due to the wireless medium. Misbehavior can take place at all layers. At the Physical layer a misbehaving node can increase its transmitting power, adversely affecting the network performance. At the MAC (Medium Access Control) layer a node may choose to avoid waiting for its turn to access the medium, taking an unfair advantage of the shared medium. The basic threat at the Network layer is the non-cooperative behavior as far as packet forwarding is concerned. The proper execution of a routing protocol demands that the intermediate nodes in a path forward the packets correctly to the intended receivers. Misbehaving nodes do not forward these packets. A routing protocol for MANETs should give incentives for cooperative action or at least it should be able to detect misbehaving nodes and correct them.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"93 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121251206","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Introduction to automatic design of wireless networks","authors":"K. E. Oliver","doi":"10.1145/1144389.1144393","DOIUrl":"https://doi.org/10.1145/1144389.1144393","url":null,"abstract":"","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114366532","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
XOR Encryption is a popular encryption algorithm that is used in many browsers and it is blatantly simpleand fairly secure. The XOR Encryption algorithm is an example of a Symmetric Encryption algorithm. This means that the same key is used for both encryption and decryption [7]. In the case of XOR Encryption, this is true because XOR is a two-way function which means that the function can easily be undone [6]. In the following paper the standard XOR Encryption algorithm will be introduced along with a modification. The modification comes in the form of creating random permutations of the key.
{"title":"Obfuscation of the standard XOR Encryption algorithm","authors":"Zachary A. Kissel","doi":"10.1145/1144396.1144402","DOIUrl":"https://doi.org/10.1145/1144396.1144402","url":null,"abstract":"XOR Encryption is a popular encryption algorithm that is used in many browsers and it is blatantly simpleand fairly secure. The XOR Encryption algorithm is an example of a Symmetric Encryption algorithm. This means that the same key is used for both encryption and decryption [7]. In the case of XOR Encryption, this is true because XOR is a two-way function which means that the function can easily be undone [6]. In the following paper the standard XOR Encryption algorithm will be introduced along with a modification. The modification comes in the form of creating random permutations of the key.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120899416","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
It is widely believed that devising an "unbreakable" cryptographic method is an impossible task. We are still on an age-old quest to find such a method, because virtually all previous attempts have failed. Cryptography was the art of outsmarting a human enemy; today it is concerned more with resisting attack by very powerful computers. Cryptosystems in common use today (e.g., DES, RSA, AES; see [20] for details) are designed to withstand attacks from current generation computers as much as possible. However, the constant increase in available computational power will make these systems more vulnerable to attack.
{"title":"An introduction to quantum cryptography","authors":"N. Papanikolaou","doi":"10.1145/1144396.1144399","DOIUrl":"https://doi.org/10.1145/1144396.1144399","url":null,"abstract":"It is widely believed that devising an \"unbreakable\" cryptographic method is an impossible task. We are still on an age-old quest to find such a method, because virtually all previous attempts have failed. Cryptography was the art of outsmarting a human enemy; today it is concerned more with resisting attack by very powerful computers. Cryptosystems in common use today (e.g., DES, RSA, AES; see [20] for details) are designed to withstand attacks from current generation computers as much as possible. However, the constant increase in available computational power will make these systems more vulnerable to attack.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"260 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122208682","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Cryptology is the art and science of designing (cryptography) and breaking (cryptanalysis) ciphers based on mathematical tools and researcher creativity. In the middle of the 1990's a new cryptanalysis technique emerged: implementation cryptanalysis or sidechannel cryptanalysis. This technique does not directly attack the strong mathematical constructs of cryptographic algorithms, but rather focuses on implementation details of an algorithm on a physical system. Cryptographic algorithms that withstood years of mathematical cryptanalysis were proven by various researchers to be vulnerable to such attacks, especially in resource-constrained physical systems, such as embedded systems. This article provides an introduction to side-channel cryptanalysis and focuses on sidechannel attacks on two implementation variants of the RSA encryption algorithm.
{"title":"An introduction to side channel cryptanalysis of RSA","authors":"A. Voyiatzis","doi":"10.1145/1144396.1144400","DOIUrl":"https://doi.org/10.1145/1144396.1144400","url":null,"abstract":"Cryptology is the art and science of designing (cryptography) and breaking (cryptanalysis) ciphers based on mathematical tools and researcher creativity. In the middle of the 1990's a new cryptanalysis technique emerged: implementation cryptanalysis or sidechannel cryptanalysis. This technique does not directly attack the strong mathematical constructs of cryptographic algorithms, but rather focuses on implementation details of an algorithm on a physical system. Cryptographic algorithms that withstood years of mathematical cryptanalysis were proven by various researchers to be vulnerable to such attacks, especially in resource-constrained physical systems, such as embedded systems. This article provides an introduction to side-channel cryptanalysis and focuses on sidechannel attacks on two implementation variants of the RSA encryption algorithm.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126968265","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Do you think your computer system is secure because you use strong cryptography? Do you think your system is impenetrable because you use a long secret value in the cryptographic computation that attackers cannot guess by brute force? If so, you should know that attackers may be able to exploit your system in an unexpected manner by surreptitiously invading it rather than by directly attempting to break the cryptography.
{"title":"Timing attacks on RSA: revealing your secrets through the fourth dimension","authors":"W. H. Wong","doi":"10.1145/1144396.1144401","DOIUrl":"https://doi.org/10.1145/1144396.1144401","url":null,"abstract":"Do you think your computer system is secure because you use strong cryptography? Do you think your system is impenetrable because you use a long secret value in the cryptographic computation that attackers cannot guess by brute force? If so, you should know that attackers may be able to exploit your system in an unexpected manner by surreptitiously invading it rather than by directly attempting to break the cryptography.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120961443","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Auctioning items over the Internet is a popular and lucrative industry.There are now many companies that conduct auctions online such as eBay [5] and onSale [10]. Online auctions have geographical advantages over traditional auctions as buyers and sellers are not required to be physically present at a central location (such as a hall or open air venue). This allows online auctions to be much larger and more elaborate than traditional auctions.However, it also provides opportunities for the auction participants to cheat. � �A bidder can cheat by repudiating bids, failing to pay, or colluding with other bidders to affect the settlement price.Likewise, the seller of the item might fail to deliver the goods, or could be in collusion with some of the bidders.Someone could also forge a bid in an attempt to frame a bidder, or introduce fake bids in order to influence the auction proceedings. � �Furthermore, bidders are required to trust the auctioneer with their identity and bid information.A corrupt auctioneer could award the auction to someone other than the legitimate winner.A bidder's personal information could also be sold to marketing agencies, or used for malicious purposes. � �Commercial auction sites fail in many of the aforementioned circumstances. These sites only offer basic solutions that are designed to "clean up" after wrongdoing has taken place.However, cryptography can be used to solve some of these problems up-front.An "electronic auction" is a cryptographic scheme designed to securely conduct auctions while protecting the identities of the bidders. � �In this article we describe two popular types of electronic auctions. We discuss the security issues associated with conducting these auctions and contrast the differing anonymity requirements.We also identify four main strategies for reducing the trust that bidders must place in the auctioneer.Furthermore, we present a basic example of an electronic auction scheme.This is used to illustrate the complexity involved in designing a secure and anonymous auction scheme. Finally, we discuss some of our research with regard to using group signature schemes to constructelectronic auctions.
{"title":"Security, anonymity and trust in electronic auctions","authors":"Jarrod Trevathan","doi":"10.1145/1144396.1144398","DOIUrl":"https://doi.org/10.1145/1144396.1144398","url":null,"abstract":"Auctioning items over the Internet is a popular and lucrative industry.There are now many companies that conduct auctions online such as eBay [5] and onSale [10]. Online auctions have geographical advantages over traditional auctions as buyers and sellers are not required to be physically present at a central location (such as a hall or open air venue). This allows online auctions to be much larger and more elaborate than traditional auctions.However, it also provides opportunities for the auction participants to cheat. \u0000 \u0000A bidder can cheat by repudiating bids, failing to pay, or colluding with other bidders to affect the settlement price.Likewise, the seller of the item might fail to deliver the goods, or could be in collusion with some of the bidders.Someone could also forge a bid in an attempt to frame a bidder, or introduce fake bids in order to influence the auction proceedings. \u0000 \u0000Furthermore, bidders are required to trust the auctioneer with their identity and bid information.A corrupt auctioneer could award the auction to someone other than the legitimate winner.A bidder's personal information could also be sold to marketing agencies, or used for malicious purposes. \u0000 \u0000Commercial auction sites fail in many of the aforementioned circumstances. These sites only offer basic solutions that are designed to \"clean up\" after wrongdoing has taken place.However, cryptography can be used to solve some of these problems up-front.An \"electronic auction\" is a cryptographic scheme designed to securely conduct auctions while protecting the identities of the bidders. \u0000 \u0000In this article we describe two popular types of electronic auctions. We discuss the security issues associated with conducting these auctions and contrast the differing anonymity requirements.We also identify four main strategies for reducing the trust that bidders must place in the auctioneer.Furthermore, we present a basic example of an electronic auction scheme.This is used to illustrate the complexity involved in designing a secure and anonymous auction scheme. Finally, we discuss some of our research with regard to using group signature schemes to constructelectronic auctions.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114330268","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Currently available solutions attempt to filter out spam based on analyzing the contents of the message and calculating a score to indicate the 'spami-ness' of the message. However, users can typically identify their junk email without having to open and read the contents of the specific message. In this article, we outline the general problem, review current options, and propose a new user-level behavior model to identify spam messages. We show the performance of this approach and discuss some applications and future directions.
{"title":"Identifying spam without peeking at the contents","authors":"Shlomo Hershkop, S. Stolfo","doi":"10.1145/1144403.1144406","DOIUrl":"https://doi.org/10.1145/1144403.1144406","url":null,"abstract":"Currently available solutions attempt to filter out spam based on analyzing the contents of the message and calculating a score to indicate the 'spami-ness' of the message. However, users can typically identify their junk email without having to open and read the contents of the specific message. In this article, we outline the general problem, review current options, and propose a new user-level behavior model to identify spam messages. We show the performance of this approach and discuss some applications and future directions.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2004-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132495607","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Although there are many potential solutions to spam, it oftenappears that filtering and blocking are the best. Unfortunately these techniques are inadequate, as evidencedby the continuing proliferation of spam. Here we describe a student project thatevolved collaborative filtering, previouslyimplemented using a centralized repository of spam information, intoa distributed, collaborative, peer-to-peer-based spam detection system.
{"title":"Peer-to-peer collaborative spam detection","authors":"N. Dimmock, I. Maddison","doi":"10.1145/1144403.1144407","DOIUrl":"https://doi.org/10.1145/1144403.1144407","url":null,"abstract":"Although there are many potential solutions to spam, it oftenappears that filtering and blocking are the best. Unfortunately these techniques are inadequate, as evidencedby the continuing proliferation of spam. Here we describe a student project thatevolved collaborative filtering, previouslyimplemented using a centralized repository of spam information, intoa distributed, collaborative, peer-to-peer-based spam detection system.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"155 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2004-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115817986","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Unsolicited Commercial Email (UCE), commonly known as spam, has evolved from a mere nuisance to a multi-billion dollar problem. The near zero cost of acquiring huge lists of email addresses and flooding them with advertising messages has affected individual users, small companies, and large institutions alike. Spam is forcing users to wade through their mailbox to find the relatively few emails specifically addressed to them, colloquially referred to as "ham." Spam also wastes bandwidth, intermediate storage space, CPU time of Internet Service Providers (ISPs), and is often insulting and unsuitable (e.g. having pornographic content), especially to minors. Indicative of spam's extent is the first Conference on Email and Anti-Spam (CEAS) that recently took place in Mountain View, CA, following several industrial conferences on the topic. The conference attracted over two hundred academics and practitioners, most of them actively working on the problem from different perspectives, such as machine learning, security, and law.
{"title":"Learning how to tell ham from spam","authors":"George Sakkis","doi":"10.1145/1144403.1144405","DOIUrl":"https://doi.org/10.1145/1144403.1144405","url":null,"abstract":"Unsolicited Commercial Email (UCE), commonly known as spam, has evolved from a mere nuisance to a multi-billion dollar problem. The near zero cost of acquiring huge lists of email addresses and flooding them with advertising messages has affected individual users, small companies, and large institutions alike. Spam is forcing users to wade through their mailbox to find the relatively few emails specifically addressed to them, colloquially referred to as \"ham.\" Spam also wastes bandwidth, intermediate storage space, CPU time of Internet Service Providers (ISPs), and is often insulting and unsuitable (e.g. having pornographic content), especially to minors. Indicative of spam's extent is the first Conference on Email and Anti-Spam (CEAS) that recently took place in Mountain View, CA, following several industrial conferences on the topic. The conference attracted over two hundred academics and practitioners, most of them actively working on the problem from different perspectives, such as machine learning, security, and law.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"144 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2004-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123280865","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: