Cryptography2010.Pdf

Total Page:16

File Type:pdf, Size:1020Kb

Cryptography2010.Pdf - A Bibliography of Publications on Cryptography: 2010{2019 Nelson H. F. Beebe University of Utah Department of Mathematics, 110 LCB 155 S 1400 E RM 233 Salt Lake City, UT 84112-0090 USA Tel: +1 801 581 5254 FAX: +1 801 581 4148 E-mail: [email protected], [email protected], [email protected] (Internet) WWW URL: http://www.math.utah.edu/~beebe/ 09 June 2021 Version 1.518 Title word cross-reference $9 [APPVP15]. = [JJUW10]. + [PYH+18]. 2 [YNX+16]. 3 [LHM14]. MT [HRB13]. α [TTL10]. c [KRDH13]. d [QD16]. d × d [KA17]. ` [ZTL15]. F + νF [WGF16]. γ (2; 2) [KSSY12, LTC+15b]. (K; N) p p [DWZ12]. GF(2)[x] [SF12]. GF(2m) [Bai10, YC11]. (n; t; n) [LHYZ12]. (t; n) [HJ19, SKH15]. GF(2n) [LBOX12]. K [QD16, ZPWY12]. 0 [XHX+17]. 1 [FXP12, FR16, CHX13, SG19a, XMY+17, [XHX+17]. 1; 2; 3 [SMDS11]. $100 [Sch16a]. XLP+18, ZZC17, ZHT16]. L(1=4+o(1)) 11 [LJ17]. 13 [Blo15]. 2 [Jou13]. M [MMSD13, O¸¨ S11]. F 6509 [AM19, DBPS12, EAA+16, ESS12, JR13, 3 [AMORH13]. F [SS13]. NP [HN10]. MCDB12, PGLL10, WK18, WY12]. 22 q GF(24)2 [GM16b]. GF(28) [GM16b]. GF(q) [MNP12]. 2k [Sun16]. 3 [LPdS10]. LWE [BV14]. µ [Jia14a]. N [AP10, Bro19, CG12b, DWWZ12, FWS13, [FR16]. n × k(k ≥ n=2) [MC11]. O(d13d) GZHD12, GH11a, KWS+12, LJ17, LJ15, [KA17]. O(n2) [KS11]. P [DG17, GT19]. π MKH+12, RS16, SS10b, SS12a, SGS14, [EHKSS19]. 1 [HZW+14]. q WSSO12, tWmC12, YT11a, YI14, YPRI17]. [CZCD18, GMS11]. S [LJ15]. t 32 × 32 [SA14]. 3 × 3[AMVZ12].´ 4 [HJM+11, Oba11]. w [Kre13]. [COP+14, DWZ12, HLYS14]. $49.00 [Sch15a]. 5 [YN19]. 8 [LPO+17, ZSH+19]. 2 3 -ary [CZCD18]. -band [MMSD13]. -Bit 384-bit [MMN12]. 3GPP [FPBG14]. [LPO+17, ZSH+19]. -boxes [LJ15]. -Cheater [Oba11]. -Cipher [EHKSS19]. -D 4 [Jac16, YYO15]. 42-step [AKY13]. 4765 [AM19, MCDB12]. -dimensional [ABC+12]. 4G [FMA+18]. 4th [Yan11]. [DWZ12, QD16]. -Diversity [ZTL15]. -Encoded [DG17]. -Encoding [XHX+17]. 5/3 [Ara13]. 512 [GV14b]. 512-bit -Means [KRDH13, SG19a]. -Multiple [APPVP15]. 51st [IEE10]. 52nd [IEE11b]. [LTC+15b]. -nearest [XMY+17]. -NN 5G [BBTC20, CML+18, FMA+18, GLL16, [ZZC17, ZHT16]. -Party [JR13]. -private PSM+18, SAM+18, YHSW19]. 5G-based [HJM+11]. -Round [COP+14, LJ17, Blo15]. [BBTC20]. 5th [BYL10, vDKS11]. -SDH [GMS11]. -Security [Jia14a]. -spotty [O¸¨ S11]. -trimmed [TTL10]. 6 [Ano17b, Bai12, Mur10]. 64/128 [LJ18]. 65th [Nac12]. 6LoWPAN [BNNH19]. .onion [Boy16]. 72 [HYS18]. 768-bit [KFL+10]. 795-bit 0.13um [KLM+12]. [BGG+19]. 1 [AAE+14, Ano15b, BH15, Bar16a, 8.8/11.2 [GLIC10]. 800 [MMKP16]. CGCS12, Con17, Ful10, MSas12, SKP15]. 800-160 [MMKP16]. 802.11 1-58488-551-3 [Ful10]. '10 [Ano10a]. 1024 [FLH13, ZBR11]. 802.11s [BOB13]. [Bro17, Win17]. 10Gbps [PRGBSAC19]. 802.15.4 [NBZP17]. 802.16e [CL11]. 10th [LTW11, Pie10, Sah13]. 11th 802.16m [FZZ+12]. 85 [WZM12a]. [GG10, Lin14b]. 128 [LJ18, LYD+18, TSLL11]. 128-Bit [GV14b]. 959 [ACZ16].´ 978 12th [BC11, LH10a]. 13-round [TSLL11]. [Ano15b, Ano17b, Bai12, Mur10]. 13th [Che11]. 15th [Dan12, FBM12]. 16 978-0-691-14175-6 [Ano17b]. [ZAG19]. 160 [MMKP16, WLC12]. 16th 978-0-8218-8321-1 [Sch15a]. [Abe10]. 17th [LW11a, Wes16, Ano10a]. 978-1-4200-4757-8 [Joh10]. 18th [MV12]. 192 [Blo15]. 1st [CGB+10]. 978-1-78548-004-1 [Ano15b]. 978-1-84832-615-6 [Bai12]. 2-Party [BBKL19]. 2-torsion [HR19]. 2.0 978-3-540-49243-6 [Mur10]. 9798 [NVM+17, PC16]. 2000 [ZC12]. 2003 [BCM12, BCM13]. 9th [Sha10]. 2008 [Mei10]. 2010 [Cra12, GLIC10, HWG10]. [Ano10a, Ano11b, CGB+10]. 2011 [Gre11, LCK11]. 2013 [IEE13]. 2015 AAA [BT18, MLM16]. AAA-based [IEE15]. 2016 [MSH+16, Wes16]. 2018 [MLM16]. AAoT [FQZF18]. Abandon [Ten18]. 2019 [TBL19]. 21st [IEE13, JY14]. [Loe15]. ABE 23nd [MSH+16]. 256 [FJHJ12, HQZH14, HLC+19, OSNZ19, [AKY13, App15, MAK+12]. 25th [TT18]. QZZ18, TY16a, YMC+17, ZSW+18b]. 26th [TBL19]. 29th [Gil10]. 2D abelian [HIDFGPC15]. [CDSLY14, HWS+19, LR15, Sch19b]. ability [WS12]. abnormal [AKM+15]. ABO 3 [ABM+12, BD15, jCPB+12, Ful10, LC17, [ZYY19]. ABO-LTFs [ZYY19]. Abort Mor19a, NIS15]. 30th [Rab10]. 31st [PJ12]. [EFGT18]. absence [AGH+17]. Abstract 4 [Bul10a, CFR11, MZ17b]. Abstraction [LLG15]. Across [HZS+19]. absurd [Fai19]. abuse [LQD+16, HWZP18, HFS+19, TYK+12]. [JSMG18a, QRW+18]. Abusing [VWC19]. activation [BCND19]. Active Academic [NSP+18, SDC+17]. Accelerate [LJ15, LHW18, WJ19, AGLW16, BAB+13]. [Roh19]. Accelerating [AVAH18, CMO+16, Activities [HWZZ19, DIMT12]. Activity DOS15, SKH15, XZL+19]. acceleration [NTKG17, uHAN+18]. Ad [LH12, PD14, [BYDC19]. Accelerator She14, SS15, XHC+12, BBB19, KM10b, [LLD19, MSR+17, MRL+18, ODSS17,¨ PC16, LXJ14, PY19, SGGCR+16, WXSH19]. WOLP15, PABC´ +19]. Accelerators Ad-Hoc [PD14, PY19]. Adam [Bar12]. [AW15, AW17, GP17, HKL+14, OSH16, adaptation [MCRB19]. adapted [IMB17]. BAB+13, KKJ+16]. accelerometers Adaptive [ACKB19, CT11a, zGXW12, [ZZL+18]. ACCENT [PP11]. Acceptance GLG12, HZW+14, HXHP17, HLAZ15, [SPM+13]. Access [AMSPL19, AWSS17, IAD10, Jin10, KD12a, Lin15, PWLL13, BFK+10, CO11, CGH11, DLZ+16b, FCM14, PMG+19b, SOS15, VFFHF19, CLP+13b, GRRZ18, HLC+18, HP12, LGLK17, LPL15, dCCSM+12, dCCSB+16, DRN16, EEAZ13, MSI18, MK12b, NA10b, PV17, PB12, FXP12, GKCK11, GLM+16, KS11, LHM14, QZL+16a, RSN14, SGC14, SC12, WS13, LWW +10, PC14, SH11, Wan13, WKH11]. XMLC13, XHZ+19, YTH17, YSS14, ARL13, Adaptively [HP14, OT12, LJY16]. ATKH+17, ACK+10, AMHJ10, BBTC20, adaptively-secure [LJY16]. adder BCGS16, CLH+16, Cra11, DFJ+10, [MS13a]. Adding [CFVP16, CSL+14]. FNWL18, FS18, HZL18, HK17, JAS+11, Additive [TM18, ZDL12, YJC18]. LCL+17a, LCL+15, LLH17, LHH+18, Additively [Mor19b, PKTK12]. Address MDHM18, MLM16, NZM10, NAL17, [Bel15, WLY17, PSJ+13]. addresses QCX18, RR17, Shy15, Tan12b, TODQ18, [AZH11, CBL10]. Addressing Wan18a, WS12, XHH12, XYML19, YWJ+19, [SVG16, SRB+12, VKK+19]. Adelson ZZ15, ZML17, ZDHZ18, ZVH14, ZDW+16, [BBB16b]. Adelson-Velskii [BBB16b]. ZWS+18, ZFH+18, ZZL+18]. adjacency [SA15]. adjacent [Kre13, Khl18]. Access-Control [LGLK17]. AccessAuth adjustable [BWR12b]. adjustments [TODQ18]. accessing [CSD18, KCS+18]. [GSGM16]. Administering [Pal16]. Account [Bro11]. Accountability [KS18a]. administration [ZVH14]. Adoption Accountable [SCGW+14, XHZ+19, [LKKL13, YWK10b]. Advance [KMJ18]. YMC+17, Wan18b, ZZ12]. Accumulable Advanced [B¨oh10, CSYY18, DR10, [SEXY18]. Accumulating [DGL19]. SXH+19, TC10, WRP70, YWF18, ALL+18, accumulator [KYH18, LZY+16]. DDFR13, GLIC10, Kra12, MKRM10, accumulator-based [LZY+16]. NdMMW16, SKK10]. Advances Accumulators [PTT16, JCL+18]. [LLK18, PHWM10, WP15, IAA+19, Abe10, Accuracy [CC14, Sar10a]. Accurate Gil10, LW11a, PJ12, Rab10]. Advantage [HD19, SM19a, VTY18, HQY+16, WYZ+17]. [WSSO12]. Adversarial ACE [YM19]. Achieve [BBC+13, Tan15a]. [BAG12, GA19, BCND19, BJR+14]. Achieved [YM16, Con17, Goo12]. Adversaries [BC14, XTK10]. Adversary Achieving [BN14, JLC18, KTUI16, LW12, [Yon12, KS11, LXLY12, OSNZ19, ZPWY12]. Pan14, PH12b, SLZ12, TK19]. ACIS Advert [MT17]. Advertisement [Ano11a]. ACM [ACM10, ACM11, Orm16]. [Ano16j, AMHJ10]. Advertises [AHS13]. Acoustic [DLMM+18, GST13]. ACPN AEP [LZD+19]. AEP-PPA [LZD+19]. 5 AES [ARG19, ABO+17, BW16, BBBP13, HEC+12, KMZS19, MNS11, TM12, WSS12, BKR11, BB10, DGP10, FAA+18, FLYL16a, XLM+12, XGLM14, XZLW15, YLSZ19, FLYL16b, GLMS18, GM16b, HMKG19, AAL19, AQRH+18, APK+18, AN15, HF14b, LB13, Mar10c, MM14b, PBCC14, BGAD12, CSD18, CTL13, DLK+16, RMTA18, SY15a, VGA19, WJ19, YWF18]. EBAC17, ¸ GH16, HPC12, HWB10, HWB12, AES-Like [BW16, WJ19]. AET [HTC+15]. ISC+16, IB11, IOV+18, KS11, KIH19, KP18, Affiliation [XLM+12, XGLM14, XZLW15]. KLW+16, KDW+17, LLLS13, LLY06, Affiliation-Hiding LIK+17, MHL18, NCL13, Nos11, Nos14, [XLM+12, XGLM14, XZLW15]. Affiliations ODK+17, OSANAM19, PY19, hSZZ15, [VKK+19]. Affine TLL12, WXK+17, XCL13, XXCY19, [BCEM15, LYL+18, GZHD12, ZWM14]. XMHD13, XHM14, YZZ+14, YY13, affine-transformation-invariant ZWQ+11, ZTZ16, ZGL+18a, ZZC15, OHJ10]. [GZHD12]. Afraid [Par12a]. Africa [BL10]. agriculture [APK+18]. Aided Africacrypt [BL10]. after [Sch18]. Against [BGK12, BCGK12, BGB12, Gop19, [Ano17e, BVS+13, BCHC19, BL15, BL16, GMSV14, LNWZ19, MV19, Vua10, ABBD13, CW12b, CMA14, DZS+18, DL17, FDY+19, LYL15, SGJ+18, SSAF11, WLFX17]. GDLL18, GDCC16, HCETPL+12, HLC+19, AIPISteg [AGLW16]. Air KMZS19, MSS+18, MWES19, Sch13, SGH15, [AUMT16, KTM+18, VOGB18, ZXW+18]. SLY+16, WSA15, AATM18, ASBdS16, aircraft [XWZW16]. Airflow [RSCX18]. AYSZ14, BBBP13, BD18, BVIB12, BPR14a, Airway [RSCX18]. AK [XHC+12]. BPR14b, BFK16, BSR+14, BK12b, Bud16, AK-PPM [XHC+12]. AKA [LLLS13]. BCFK15, CKHP19, Che15, CG14a, CGCS12, AKF [KDH15]. al [LLW16, LLSW16, CBJY16, CGH17, DHLAW10, DK17, Dya19, MWZ12, PLPW13, SBS+12, Mac14, Keb15]. EWS14, FTV+10, zGXW12, GSC17, al-Qaeda [Mac14, Keb15]. al. HLLG18, HYL+19, JSMG18a, JHHN12, [ABJ13, SPLHCB14]. Alan LDC13, LHM+10, LGL+12, LLY+12a, [CS12, Don14, Hel17, LCKBJ12]. Algebra LWCJ14, MCL+19, Maf16, MD12b, MNP12, [PWBJ17, Xie12a, Xie12b, BS15, Bul10b, NDNR13, OF11, OSNZ19, QRW+18, CFR11, DWZ12, FGPGP14, Nag19]. SBM15, SEY14, SY15b, SD12, TLL13, Algebraic [ACA+16, HIJ+19, HLC+19, WHN+12, Yon12, ZLQ15, ZHS+19, vV16]. LYK19, SK11, Tam15, Wat10, WCXZ17, Age [Bla12, SR14, Lan17, Sto12]. Aged Bul10a, CFR11, FMB+18, SA14, YTM+14]. [Ree15]. agency [Ald11, Kum10, ABJ13]. Algorithm agent [GPVCdBRO12]. Aggregate [AA19, ABCL17, Ano11b, AK14b, BGJT14, [CCT+14, PSM17, WCD19, GLB+18, LLY15, BKLS18, CNR14, CS10, jCPB+12, DCM18, LLL+18, ZQWZ10, ZDHZ18, CLW16]. ESS12, GKSB17, HZSL05, JLH12, JSZS12, Aggregated [NLY15]. Aggregated-Proof JHHN12, JL16, KB10, LL11, LT14a, LLL17a, [NLY15]. Aggregating [DP12]. LLLH18, LYL+18, MSR+17, MRL+18, Aggregation NdMMW16, NV10, RR11, RVRSCM12, [ARWK19, BJL16, EKOS19, LHKR10, WHZ12, WZCC18, YPRI17, YH16, SP15b, YM18, ZHW+16, DXWD16, DZC16, ZSW+12, ZWWW17, AIA+18b, Ang16, GLM+19, RR17, WMYR16]. Aging Ant14, ARG19, BYDC19, BGJT13, BMB16, [SKV12]. Agnes [Bur11, Joh15]. Agnostic CG12b, CJL16, Chm10, EEAZ13, GJ19, [HFW+19]. Agreement HZW19, JK13, Jou13, KY10, KHMB13, [ADSH18, BSBB19, Chi16, HCL+14, LC17, LR15, MS12a, MM14b, MNM+16, 6 MN14, PGLL10, PA10, PC14, SH11, SLM10, RZZ+15, Rao10, RBS+17, SK11, SY15a, SWW+17, jT12b, TTL10, WGZ+12, XTK10, SR12a, Shi11, SRRM18, SZDL14, SCGW+14, XWK+17, YWL+17, ZLW+12, ZL12, VKC15, WRP70, WDDW12, YZLC12, ZH15, sCR19a, ACZ16,´ ZOC10].
Recommended publications
  • Computationally Data-Independent Memory Hard Functions
    Computationally Data-Independent Memory Hard Functions Mohammad Hassan Ameri∗ Jeremiah Blocki† Samson Zhou‡ November 18, 2019 Abstract Memory hard functions (MHFs) are an important cryptographic primitive that are used to design egalitarian proofs of work and in the construction of moderately expensive key-derivation functions resistant to brute-force attacks. Broadly speaking, MHFs can be divided into two categories: data-dependent memory hard functions (dMHFs) and data-independent memory hard functions (iMHFs). iMHFs are resistant to certain side-channel attacks as the memory access pattern induced by the honest evaluation algorithm is independent of the potentially sensitive input e.g., password. While dMHFs are potentially vulnerable to side-channel attacks (the induced memory access pattern might leak useful information to a brute-force attacker), they can achieve higher cumulative memory complexity (CMC) in comparison than an iMHF. In particular, any iMHF that can be evaluated in N steps on a sequential machine has CMC at 2 most N log log N . By contrast, the dMHF scrypt achieves maximal CMC Ω(N 2) — though O log N the CMC of scrypt would be reduced to just (N) after a side-channel attack. In this paper, we introduce the notion ofO computationally data-independent memory hard functions (ciMHFs). Intuitively, we require that memory access pattern induced by the (ran- domized) ciMHF evaluation algorithm appears to be independent from the standpoint of a computationally bounded eavesdropping attacker — even if the attacker selects the initial in- put. We then ask whether it is possible to circumvent known upper bound for iMHFs and build a ciMHF with CMC Ω(N 2).
    [Show full text]
  • PHC: Status Quo
    PHC: status quo JP Aumasson @veorq / http://aumasson.jp academic background principal cryptographer at Kudelski Security, .ch applied crypto research and outreach BLAKE, BLAKE2, SipHash, NORX Crypto Coding Standard Password Hashing Competition Open Crypto Audit Project board member do you use passwords? this talk might interest you! Oct 2013 "hash" = 3DES-ECB( static key, password ) users' hint made the guess game easy... (credit Jeremi Gosney / Stricture Group) May 2014; "encrypted passwords" (?) last week that's only the reported/published cases Lesson if Adobe, eBay, and Avast fail to protect their users' passwords, what about others? users using "weak passwords"? ITsec people using "weak defenses"? developers using "weak hashes"? cryptographers, who never bothered? agenda 1. how (not) to protect passwords 2. the Password Hashing Competition (PHC) 3. the 24-2 PHC candidates 4. next steps, and how to contribute WARNING this is NOT about bikeshed topics as: password policies password managers password-strength meters will-technology-X-replace-passwords? 1. how (not) to protect passwords solution of the 60's store "password" or the modern alternative: obviously a bad idea (assuming the server and its DB are compromised) solution of the early 70's store hash("password") "one-way": can't be efficiently inverted vulnerable to: ● efficient dictionary attacks and bruteforce ● time-memory tradeoffs (rainbow tables, etc.) solution of the late 70's store hash("password", salt) "one-way": can't be efficiently inverted immune to time-memory tradeoffs vulnerable to: ● dictionary attacks and bruteforce (but has to be repeated for different hashes) solution of the 2000's store hash("password", salt, cost) "one-way": can't be efficiently inverted immune to time-memory tradeoffs inefficient dictionary attacks and bruteforce main ideas: ● be "slow" ● especially on attackers' hardware (GPU, FPGA) => exploit fast CPU memory access/writes PBKDF2 (Kaliski, 2000) NIST and PKCS standard in Truecrypt, iOS, etc.
    [Show full text]
  • Optimizing a Password Hashing Function with Hardware-Accelerated Symmetric Encryption
    S S symmetry Article Optimizing a Password Hashing Function with Hardware-Accelerated Symmetric Encryption Rafael Álvarez 1,* , Alicia Andrade 2 and Antonio Zamora 3 1 Departamento de Ciencia de la Computación e Inteligencia Artificial (DCCIA), Universidad de Alicante, 03690 Alicante, Spain 2 Fac. Ingeniería, Ciencias Físicas y Matemática, Universidad Central, Quito 170129, Ecuador; [email protected] 3 Departamento de Ciencia de la Computación e Inteligencia Artificial (DCCIA), Universidad de Alicante, 03690 Alicante, Spain; [email protected] * Correspondence: [email protected] Received: 2 November 2018; Accepted: 22 November 2018; Published: 3 December 2018 Abstract: Password-based key derivation functions (PBKDFs) are commonly used to transform user passwords into keys for symmetric encryption, as well as for user authentication, password hashing, and preventing attacks based on custom hardware. We propose two optimized alternatives that enhance the performance of a previously published PBKDF. This design is based on (1) employing a symmetric cipher, the Advanced Encryption Standard (AES), as a pseudo-random generator and (2) taking advantage of the support for the hardware acceleration for AES that is available on many common platforms in order to mitigate common attacks to password-based user authentication systems. We also analyze their security characteristics, establishing that they are equivalent to the security of the core primitive (AES), and we compare their performance with well-known PBKDF algorithms, such as Scrypt and Argon2, with favorable results. Keywords: symmetric; encryption; password; hash; cryptography; PBKDF 1. Introduction Key derivation functions are employed to obtain one or more keys from a master secret. This is especially useful in the case of user passwords, which can be of arbitrary length and are unsuitable to be used directly as fixed-size cipher keys, so, there must be a process for converting passwords into secret keys.
    [Show full text]
  • Kalyna Country Tourism Development Strategy
    KALYNA COUNTRY TOURISM DEVELOPMENT STRATEGY Table of Contents EXECUTIVE SUMMARY ..............................................................................................................5 INTRODUCTION ........................................................................................................................10 Background..........................................................................................................................10 Project Objectives................................................................................................................11 Process Overview................................................................................................................11 SITUATION ASSESSMENT: Where are we now? ....................................................................16 Study Area...............................................................................................................................17 Themes ...................................................................................................................................18 Lures and Clusters: Kalyna’s Tourism Resource ....................................................................19 Key Attractions and Clusters ...............................................................................................19 Market Analysis .......................................................................................................................27 Trends in Alberta Tourism ...................................................................................................27
    [Show full text]
  • Lyra2 Password Hashing Scheme with Improved Security Against Time-Memory Trade-Offs (TMTO)
    Lyra2 Password Hashing Scheme with improved security against time-memory trade-offs (TMTO) Ewerton Rodrigues Andrade [email protected] Escola Polit´ecnicada Universidade de S~aoPaulo { EP/USP Ag^enciasde fomento: CAPES, FDTE e Erasmus Mundus Defesa de Tese de Doutorado 07 de junho de 2016 Banca Examinadora: Prof Dr Marcos Antonio Simplicio Junior { EP/USP (presidente) Prof Dr Wilson Vicente Ruggiero { EP/USP Profª Drª Denise Hideko Goya { CMCC/UFABC Prof Dr Diego de Freitas Aranha { IC/UNICAMP Dr Rafael Misoczki { Intel Labs Introdu¸c~ao Lyra2 Compara¸c~oes BlaMka Consider. Finais Refer^encias Sum´ario 1 Introdu¸c~ao Motiva¸c~ao Objetivos Metodologia 2 Lyra2 The Bootstrapping phase The Setup phase The Wandering phase The Wrap-up phase 3 Lyra2 x scrypt x finalistas do PHC Seguran¸ca Desempenho 4 BlaMka Resultados Parciais 5 Considera¸c~oesFinais Principais Resultados Trabalhos Futuros 2 / 51 Ewerton Rodrigues Andrade Lyra2 - Defesa de Doutorado Introdu¸c~ao Lyra2 Compara¸c~oes BlaMka Consider. Finais Motiva¸c~aoRefer^encias Objetivos Metodologia Sum´ario 1 Introdu¸c~ao Motiva¸c~ao Objetivos Metodologia 2 Lyra2 The Bootstrapping phase The Setup phase The Wandering phase The Wrap-up phase 3 Lyra2 x scrypt x finalistas do PHC Seguran¸ca Desempenho 4 BlaMka Resultados Parciais 5 Considera¸c~oesFinais Principais Resultados Trabalhos Futuros 3 / 51 Ewerton Rodrigues Andrade Lyra2 - Defesa de Doutorado Introdu¸c~ao Lyra2 Compara¸c~oes BlaMka Consider. Finais Motiva¸c~aoRefer^encias Objetivos Metodologia Motiva¸c~ao A autentica¸c~ao´evital para a seguran¸cados sistemas computacionais modernos 4 / 51 Ewerton Rodrigues Andrade Lyra2 - Defesa de Doutorado Introdu¸c~ao Lyra2 Compara¸c~oes BlaMka Consider.
    [Show full text]
  • The Password Hashing Competition Prehistory of Password Protection
    The Password Hashing Competition Peter Gutmann University of Auckland Prehistory of Password Protection Before timesharing • Whoever submitted the card deck owned it Prehistory of Password Protection (ctd) Compatible Time-Sharing System (CTSS), 1963 • Introduced the use of a “private code” to protect access to users’ data Prehistory of Password Protection (ctd) Famously failed in 1966 • CTSS editor used a fixed temporary filename • Admin edited the password file and login message file at the same time… Problem occurred at 5pm on a Friday • User noticed it and deliberately executed an HCF instruction in the debugger • When machine was rebooted, users were told to change their passwords – (And given free credit monitoring) History of Password Protection Cambridge Uni Titan timesharing system, 1967, used a one-way cipher to protect the password Spread to CTSS’ successor Multics in the 1970s • And from there to a Multics successor, Unics^H^Hx History of Password Protection (ctd) Unix originally stored passwords in the clear • More problems with editor temp files Encrypt the passwords like Multics had done • Protect against brute-force by iterating the encryption • Protect against comparing encrypted passwords by adding a random quantity (salt) to the password Originally based on a software analogue of the M-209 cipher machine • Encrypt the password using itself as the key • Found to be too fast, vulnerable to brute-forcing History of Password Protection (ctd) Later Unix crypt used 25 iterations of DES encryption • Salt+password used as a
    [Show full text]
  • Expert Password Management
    Expert Password Management Elizabeth Stobert1 and Robert Biddle2 1 ETH Z¨urich Z¨urich, Switzerland [email protected] 2 Carleton University Ottawa, Canada [email protected] Abstract. Experts are often asked for advice about password manage- ment, but how do they manage their own passwords? We conducted interviews with researchers and practitioners in computer security, ask- ing them about their password management behaviour. We conducted a thematic analysis of our data, and found that experts described a di- chotomy of behaviour where they employed more secure behaviour on important accounts, but had similar practices to non-expert users on re- maining accounts. Experts’ greater situation awareness allowed them to more easily make informed decisions about security, and expert practices can suggest ways for non-experts to better manage passwords. 1 Introduction Security experts are often turned to for advice about password management, but what do experts themselves do to manage their passwords? How are the practices of those who are knowledgeable about computer security different from or similar to those of non-experts? Little work exists on the password habits of experts, who must be affected by the same problems that affect all users: difficulties choosing random passwords, difficulties remembering passwords, and multitudinous accounts. If remembering large numbers of random passwords is difficult or near-impossible for non-expert users, it should be similarly difficult for experts. We conducted a series of interviews with researchers and practitioners in com- puter security, asking them about their password management behaviour. We found that these knowledgeable users described a dichotomy of behaviour where they employed more secure behaviour on important accounts that they deemed more worthy, but employed similar practices to non-expert users on their remain- ing accounts.
    [Show full text]
  • The Sword, November 2020
    NOVEMBER 2020 VOLUME 59 | ISSUE 3 2 Marginalized Students at Concordia Share Grievances: Recent Sit-In BY MARYKATE FENSTERMAKER 6 Milestone in Catholic History with First African American Cardinal BY ERIKA SOUKUP 8 How to Enjoy Thanksgiving Without Killing Grandma BY RYAN SKILLE 11 CSP Baseball Team Sends Uniforms to Nicaragua BY DAVINA BELLINGER 20 Criminal Justice & Sociology Club holds Open Conversation BY REBECCA BEASLEY Photo Credit: Rene Elias *THIS IS NOT AN OFFICIAL CSP PUBLICATION AND DOES NOT NECESSARILY REFLECT THE VIEWS OF THE ADMINISTRATION, FACULTY, OR STAFF. SPECIAL THANKS TO THE CONTRIBUTING SPONSORS. 1 THE SWORD NEWSPAPER NOVEMBER 2020 VOLUME 59 | ISSUE 3 NEWS CONCORDIA ST. PAUL’S OFFICIAL STUDENT NEWSPAPER SINCE 1966 EDITOR IN CHIEF Anna Fritze Letter from the Editor Marginalized Students at Concordia ART DIRECTOR BY ANNA FRITZE Share Grievances: Recent Sit-In Carli Bruckmueller alloween has come and gone, the u.s. NEWS EDITOR is in its second wave of the coronavirus, and our Organized by Black Students Harry Lien H nation will have a new president in January. What a roller coaster this month has been. So, it’s pretty Challenges Administration SPORTS EDITOR much been like every other month since March! Crazy Jaid Perry BY MARYKATE FENSTERMAKER what America can throw at you. ARTS & VARIETY EDITOR Before I released last month’s issue, I was most expectant group of around 30 students staged a sit-on in the Tunnel on Friday Oct. Davina Bellinger of receiving negative feedback due to the majority of the 30th to express their dissatisfaction with Concordia’s response to Black students paper taking the liberal side of the election.
    [Show full text]
  • International Journal of Computer Engineering and Applications, Volume XII, Special Issue, May 18, ISSN 2321-3469
    International Journal of Computer Engineering and Applications, Volume XII, Special Issue, May 18, www.ijcea.com ISSN 2321-3469 PROVIDING RESTRICTIONS AGAINST ATTACK AND CONGESTION CONTROL IN PUBLICINFRASTRUCTURE CLOUD Nousheen R1, Shanmugapriya M2, Sujatha P3,Dhinakaran D4 Student, Computer Science and Engineering, Peri Institute of Technology, Chennai, India 1,2,3 Assistant professor, Computer Science and Engineering, Peri Institute of Technology, Chennai, India 4 ABSTRACT: Cloud computing is current trend in market .It reduce the cost and complexity of service providers by the means of capital and operational cost.It allows users to access application remotely. This construct directs cloud service provider to handle cost of servers, software updates,etc. If the session tokens are not properly protected, an attacker can hijack an active session and assume the identity of a user. To focusing on session hijacking and broken authenticationOTP is generated it will send user mail.Once the user is authenticatedthey will be split into virtual machine it is initiate to the upload process into the cloud.Thecloud user files are uploaded and stored in domain based .Also in our proposed system encryption keys are maintained outside of the IaaS domain.For encryption, we proposed RSA algorithm .For data owner file encryption, we use camellia algorithm. Finally the files are stored in the public cloud named CloudMe. Keywords: Cloud computing, session hijacking, OTP, Virtual machine, Iaas, CloudMe [1] INTRODUCTION Cloud computing is an information technology(IT) standard that enables universal access to share group of configurable system resource and higher-level services that can be quickly provisioned with minimal management effort, often over the internet.
    [Show full text]
  • Ethical Hacking
    Official Certified Ethical Hacker Review Guide Steven DeFino Intense School, Senior Security Instructor and Consultant Contributing Authors Barry Kaufman, Director of Intense School Nick Valenteen, Intense School, Senior Security Instructor Larry Greenblatt, Intense School, Senior Security Instructor Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States Official Certified Ethical Hacker © 2010 Course Technology, Cengage Learning Review Guide ALL RIGHTS RESERVED. No part of this work covered by the copyright herein Steven DeFino may be reproduced, transmitted, stored or used in any form or by any means Barry Kaufman graphic, electronic, or mechanical, including but not limited to photocopying, Nick Valenteen recording, scanning, digitizing, taping, Web distribution, information networks, Larry Greenblatt or information storage and retrieval systems, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without the prior Vice President, Career and written permission of the publisher. Professional Editorial: Dave Garza Executive Editor: Stephen Helba For product information and technology assistance, contact us at Managing Editor: Marah Bellegarde Cengage Learning Customer & Sales Support, 1-800-354-9706 For permission to use material from this text or product, Senior Product Manager: submit all requests online at www.cengage.com/permissions Michelle Ruelos Cannistraci Further permissions questions can be e-mailed to Editorial Assistant: Meghan Orvis [email protected]
    [Show full text]
  • Um Esquema De Hash De Senhas Com Maior Segurança Contra Trade-Offs Entre Processamento E Memória
    EWERTON RODRIGUES ANDRADE LYRA2: PASSWORD HASHING SCHEME WITH IMPROVED SECURITY AGAINST TIME-MEMORY TRADE-OFFS LYRA2: UM ESQUEMA DE HASH DE SENHAS COM MAIOR SEGURANÇA CONTRA TRADE-OFFS ENTRE PROCESSAMENTO E MEMÓRIA Tese apresentada à Escola Politécnica da Universidade de São Paulo para obtenção do Título de Doutor em Ciências. São Paulo 2016 EWERTON RODRIGUES ANDRADE LYRA2: PASSWORD HASHING SCHEME WITH IMPROVED SECURITY AGAINST TIME-MEMORY TRADE-OFFS LYRA2: UM ESQUEMA DE HASH DE SENHAS COM MAIOR SEGURANÇA CONTRA TRADE-OFFS ENTRE PROCESSAMENTO E MEMÓRIA Tese apresentada à Escola Politécnica da Universidade de São Paulo para obtenção do Título de Doutor em Ciências. Área de Concentração: Engenharia de Computação Orientador: Prof. Dr. Marcos A. Simplicio Junior São Paulo 2016 Catalogação-na-publicação Andrade, Ewerton Rodrigues Lyra2: Password Hashing Scheme with improved security against time memory trade-offs (Lyra2: Um Esquema de Hash de Senhas com maior segurança contra trade-offs entre processamento e memória) / E. R. Andrade -- São Paulo, 2016. 135 p. Tese (Doutorado) - Escola Politécnica da Universidade de São Paulo. Departamento de Engenharia de Computação e Sistemas Digitais. 1.Metodologia e técnicas de computação 2.Segurança de computadores 3.Criptologia 4.Algoritmos 5.Esquemas de Hash de Senhas I.Universidade de São Paulo. Escola Politécnica. Departamento de Engenharia de Computação e Sistemas Digitais II.t. RESUMO Para proteger-se de ataques de força bruta, sistemas modernos de autentica- ção baseados em senhas geralmente empregam algum Esquema de Hash de Senhas (Password Hashing Scheme - PHS). Basicamente, um PHS é um algoritmo crip- tográfico que gera uma sequência de bits pseudo-aleatórios a partir de uma senha provida pelo usuário, permitindo a este último configurar o custo computacional envolvido no processo e, assim, potencialmente elevar os custos de atacantes tes- tando múltiplas senhas em paralelo.
    [Show full text]
  • A Lyra2 FPGA Core for Lyra2rev2-Based Cryptocurrencies
    A Lyra2 FPGA Core for Lyra2REv2-Based Cryptocurrencies Michiel van Beirendonck∗, Louis-Charles Trudeauy, Pascal Giardy, and Alexios Balatsoukas-Stimming∗ ∗Telecommunications Circuits Laboratory, Ecole´ polytechnique fed´ erale´ de Lausanne (EPFL), Lausanne, Switzerland yElectrical Engineering Department, Ecole´ de technologie superieure´ (ETS),´ Montreal,´ Canada Abstract—Lyra2REv2 is a hashing algorithm that consists of a BLAKE-256 Keccak-256 CubeHash-256 chain of individual hashing algorithms and it is used as a proof- of-work function in several cryptocurrencies that aim to be ASIC- resistant. The most crucial hashing algorithm in the Lyra2REv2 Lyra2 chain is a specific instance of the general Lyra2 algorithm. In this work we present the first FPGA implementation of the BMW-256 CubeHash-256 Skein-256 aforementioned instance of Lyra2 and we explain how several properties of the algorithm can be exploited in order to optimize Fig. 1. The Lyra2REv2 chained hashing algorithm. the design. much more cost-effective. However, since GPUs are generally I. INTRODUCTION much less energy-efficient than ASICs, a massive adoption of Recently, there has been a surge in the popularity of ASIC-resistant cryptocurrencies would significantly increase cryptocurrencies, which are digital currencies that enable the (already very high) energy consumption of cryptocurrency transactions through a decentralized consensus mechanism. mining. FPGA-based miners, on the other hand, are flexible, Most cryptocurrencies are based on a blockchain, which is an energy efficient, and readily available to the general public ever-growing list of transactions that are grouped in blocks. at reasonable prices. Thus, they are an attractive platform for Individual blocks in the chain are linked together using a ASIC-resistant cryptocurrencies.
    [Show full text]