Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- ArticleDecember 1993
Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 244–250https://doi.org/10.1145/168588.168618The encrypted key exchange (EKE) protocol is augmented so that hosts do not store cleartext passwords. Consequently, adversaries who obtain the one-way encrypted password file may (i) successfully mimic (spoof) the host to the user, and (ii) mount ...
- ArticleDecember 1993
Extending cryptographic logics of belief to key agreement protocols
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 232–243https://doi.org/10.1145/168588.168617The authentication logic of Burrows, Abadi and Needham (BAN) provided an important step towards rigourous analysis of authentication protocols, and has motivated several subsequent refinements. We propose extensions to BAN-like logics which facilitate, ...
- ArticleDecember 1993
Towards practical “proven secure” authenticated key distribution
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 228–231https://doi.org/10.1145/168588.168616Secure key distribution is a critical component in secure communications. Finding 'proven secure' practical key distribution systems is one of the major goals in cryptography. The Diffie-Hellman variants, a family of key distribution systems, achieve ...
- ArticleDecember 1993
Why cryptosystems fail
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 215–227https://doi.org/10.1145/168588.168615Designers of cryptographic systems are at a disadvantage to most other engineers, in that information on how their systems fail is hard to get: their major users have traditionally been government agencies, which are very secretive about their mistakes.
...
- ArticleDecember 1993
Cryptanalysis and protocol failures (abstract)
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 213–214https://doi.org/10.1145/168588.168614In this lecture examples will be given of key distribution protocols that distribute keys to unintended recipients, secrecy protocols that publicly reveal the contents of (supposedly) secret communications, digital signature protocols that make forgery ...
- ArticleDecember 1993
Differential cryptanalysis of hash functions based on block ciphers
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 183–188https://doi.org/10.1145/168588.168611This paper describes a differential attack on several hash functions based on a block cipher. The emphasis will be on the results for cases where DES [8] is the underlying block cipher. It will briefly discuss the case of FEAL-N [19, 21].
- ArticleDecember 1993
Systematic generation of cryptographically robust S-boxes
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 171–182https://doi.org/10.1145/168588.168610Substitution boxes (S-boxes) are a crucial component of DES-like block ciphers. This research addresses problems with previous approaches towards constructing S-boxes, and proposes a new definition for the robustness of S-boxes to differential ...
- ArticleDecember 1993
Design of the commercial data masking facility data privacy algorithm
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 93–96https://doi.org/10.1145/168588.168599This paper presents the details of the new Commercial Data Masking Facility (CDMF) data privacy algorithm1. When implemented appropriately, products containing the CDMF algorithm can, in general, be freely exported from the United States. A short ...
- ArticleDecember 1993
Digital signatures: can they be accepted as legal signatures in EDI?
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 86–92https://doi.org/10.1145/168588.168598Digital Signature (DS) technology may be employed to produce legally enforceable signatures in Electronic Data Interchange (EDI) among computer users within the same general guidelines and requirements as those developed for handwritten signatures on ...
- ArticleDecember 1993
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 62–73https://doi.org/10.1145/168588.168596We argue that the random oracle model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice. In the paradigm we suggest, a practical protocol P is produced by first devising and ...
- ArticleDecember 1993
A new signature scheme based on the DSA giving message recovery
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 58–61https://doi.org/10.1145/168588.168595In this paper we present a modification of the DSA which allows signatures with message recovery. The new public key signature scheme is then applied to create (a) an identity-based public key system without restrictions in trust and (b) a one-pass key ...
- ArticleDecember 1993
On simple and secure key distribution
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 49–57https://doi.org/10.1145/168588.168594The encrypted key exchange (EKE) protocol is augmented so that hosts do not store cleartext passwords. Consequently, adversaries who obtain the one-way encrypted password file may (i) successfully mimic (spoof) the host to the user, and (ii) mount ...
- ArticleDecember 1993
Optimality of multi-domain protocols
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 38–48https://doi.org/10.1145/168588.168593Protocols which include key-distribution and data exchange phases in an asynchronous, shared key, multidomain environment are examined. A model of a distributed system is presented and the goals of the multidomain protocols are formulated. The minimal ...
- ArticleDecember 1993
Lower bounds on messages and rounds for network authentication protocols
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 26–37https://doi.org/10.1145/168588.168592The encrypted key exchange (EKE) protocol is augmented so that hosts do not store cleartext passwords. Consequently, adversaries who obtain the one-way encrypted password file may (i) successfully mimic (spoof) the host to the user, and (ii) mount ...
- ArticleDecember 1993
A particular solution to provide secure communications in an Ethernet environment
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 17–25https://doi.org/10.1145/168588.168591In this paper we describe the adopted and implemented solution to provide secure communications over the extended area Ethernet network of the Polytechnic University of Catalonia (U.P.C.). The developed solution is not adapted to the current standards ...
- ArticleDecember 1993
A cryptographic file system for UNIX
CCS '93: Proceedings of the 1st ACM conference on Computer and communications securityPages 9–16https://doi.org/10.1145/168588.168590Although cryptographic techniques are playing an increasingly important role in modern computing system security, user-level tools for encrypting file data are cumbersome and suffer from a number of inherent vulnerabilities. The Cryptographic File ...