Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- ArticleMay 2007
Attacking the IPsec Standards in Encryption-only Configurations
SP '07: Proceedings of the 2007 IEEE Symposium on Security and PrivacyMay 2007, Pages 335–349https://doi.org/10.1109/SP.2007.8We describe new attacks which break any RFCcompliant implementation of IPsec making use of encryption-only ESP in tunnel mode. The new attacks are both efficient and realistic: they are ciphertext-only and need only the capability to eavesdrop on ESP-...
- ArticleMay 2007
A Cryptographic Decentralized Label Model
SP '07: Proceedings of the 2007 IEEE Symposium on Security and PrivacyMay 2007, Pages 192–206https://doi.org/10.1109/SP.2007.5Information-flow security policies are an appealing way of specifying confidentiality and integrity policies in information systems. Most previous work on language-based security has assumed that programs run in a closed, managed environment and that ...
- ArticleMay 2007
Multi-Dimensional Range Query over Encrypted Data
SP '07: Proceedings of the 2007 IEEE Symposium on Security and PrivacyMay 2007, Pages 350–364https://doi.org/10.1109/SP.2007.29We design an encryption scheme called Multi-dimensional Range Query over Encrypted Data (MRQED), to address the privacy concerns related to the sharing of network audit logs and various other applications. Our scheme allows a network gateway to encrypt ...
- ArticleMay 2007
Gradual Release: Unifying Declassification, Encryption and Key Release Policies
SP '07: Proceedings of the 2007 IEEE Symposium on Security and PrivacyMay 2007, Pages 207–221https://doi.org/10.1109/SP.2007.22Information security has a challenge to address: enabling information-flow controls with expressive information release (or declassification) policies. Existing approaches tend to address some aspects of information release, exposing the other aspects ...
- ArticleMay 2007
Extended Abstract: Provable-Security Analysis of Authenticated Encryption in Kerberos
SP '07: Proceedings of the 2007 IEEE Symposium on Security and PrivacyMay 2007, Pages 92–100https://doi.org/10.1109/SP.2007.19Kerberos is a widely-deployed network authentication protocol that is being considered for standardization. Many works have analyzed its security, identifying flaws and often suggesting fixes, thus helping the protocol's evolution. Several recent ...
- ArticleMay 2007
Cryptanalysis of a Cognitive Authentication Scheme (Extended Abstract)
SP '07: Proceedings of the 2007 IEEE Symposium on Security and PrivacyMay 2007, Pages 66–70https://doi.org/10.1109/SP.2007.13We present attacks against two cognitive authentication schemes [9] proposed at the 2006 IEEE Symposium on Security and Privacy. These authentication schemes are designed to be secure against eavesdropping attacks while relying only on human cognitive ...
- ArticleMay 2007
Ciphertext-Policy Attribute-Based Encryption
SP '07: Proceedings of the 2007 IEEE Symposium on Security and PrivacyMay 2007, Pages 321–334https://doi.org/10.1109/SP.2007.11In several distributed systems a user should only be able to access data if a user posses a certain set of credentials or attributes. Currently, the only method for enforcing such policies is to employ a trusted server to store the data and mediate ...