Showing papers by "Chris J. Mitchell published in 2001"
TL;DR: In this article, Matkovich et al. showed that activation of PLC in neonatal rat cardiomyocytes (NCM) generates primarily inositol 1,4,5-trisphosphate (Ins(1, 4,5)P3) in response to rises in intracellular Ca2+, or inositolic 1, 4-bisphosphates (Ins (1,4)P2), and showed that PLC-δ1 overexpression selectively reduced NE-induced [3H]inositol phosphate (
51 citations
06 Dec 2001
TL;DR: Proposed user-controlled approaches and their implementations are presented and compared with a server-controlled approach, particularly the 'Secure Cookies' method, to illustrate the relative advantages and disadvantages of the two approaches.
Abstract: Cookies are pieces of information generated by a Web server to be stored in a user's machine. The information in cookies can range from selected items in a user's shopping cart to authentication information used for accessing restricted pages. While cookies are clearly very useful, they can also be abused. In this paper, security threats that cookies can pose to a user are identified, as are the security requirements necessary to defeat them. Various options to meet the security requirements are then examined. Proposed user-controlled approaches and their implementations are presented and compared with a server-controlled approach, particularly the 'Secure Cookies' method, to illustrate the relative advantages and disadvantages of the two approaches.
19 citations
TL;DR: The concept of an undetachable threshold signature scheme, which enables constrained signing power to be distributed across multiple agents, thus reducing the necessary trust in single agent platforms, is introduced.
Abstract: A major problem of mobile agents is their inability to authenticate transactions in a hostile environment. Users will not wish to equip agents with their private signature keys when the agents may execute on untrusted platforms. Undetachable signatures were introduced to solve this problem by allowing users to equip agents with the means to sign signatures for tightly constrained transactions, using information especially derived from the user private signature key. However, the problem remains that a platform can force an agent to commit to a sub-optimal transaction. In parallel with the work on undetachable signatures, much work has been performedon threshold signature schemes, which allow signing power to be distributed across multiple agents, thereby reducing the trust in a single entity. We combine these notions and introduce the concept of an undetachable threshold signature scheme, which enables constrained signing power to be distributed across multiple agents, thus reducing the necessary trust in single agent platforms. We also provide an RSA-based example of such a scheme basedon a combination of Shoup's threshold signature scheme, [1] and Kotzanikolaou et al's undetachable signature scheme, [2].
16 citations
11 Jul 2001
TL;DR: A family of new forgery attacks are described, which raise serious questions about the effectiveness of certain countermeasures against CBC-MACs.
Abstract: This paper is concerned with a particular type of attack against CBC-MACs, namely forgery attacks, i.e. attacks which enable an unauthorised party to obtain a MAC on a data string. Existing forgery attacks against CBC-MACs are briefly reviewed, together with the effectiveness of various countermeasures. This motivates the main part of the paper, where a family of new forgery attacks are described, which raise serious questions about the effectiveness of certain countermeasures.
15 citations
TL;DR: The results indicate that the hydrolysis of PtdIns and PtdinsP2 are independently regulated in pancreatic islets and that PLCγ1 selectively mediates the breakdown of PTDIns.
15 citations
Journal Article•
TL;DR: Evidence is provided that NE-stimulated InsP generation in NCM is primarily mediated by PLC-beta(1), despite the presence of both P LC- beta(1) and PLC -beta(3) isoforms.
15 citations
TL;DR: This note proposes two methods to improve the security and reliability of mobile agent based transactions in an environment which may contain some malicious hosts.
14 citations
01 Jan 2001
TL;DR: In this paper, an analysis of perceived and genuine risks associated with e-commerce is presented, and the differences between the two are considered, and methods of dealing with the differences are given.
Abstract: Most consumers perceive e-commerce as the riskiest shopping method in comparison with other methods of payment. Confidentiality of credit card numbers is an overriding issue restricting consumer participation in ecommerce. As a consequence, it is imperative to measure the levels of risk in e-commerce and other shopping methods. This study is an analysis of perceived and genuine risks associated with e-commerce. The levels of risks perceived by consumers in various shopping methods including Internet shopping are described, as are the levels of actual risk. The differences between the two are considered, and methods of dealing with the differences are given.
9 citations
TL;DR: Three main attacks are given, all of which operate whether or not truncation is applied to the MAC value, and each requires a large number of MAC verifications, but very few known MACs and no chosen MACs.
7 citations
TL;DR: This paper investigates interoperability problems arising from the use of dissimilar key recovery mechanisms in encrypted communications and a protocol is proposed where two communicating entities can negotiate the key recovery mechanism(s) to be used.
Abstract: This paper investigates interoperability problems arising from the use of dissimilar key recovery mechanisms in encrypted communications. The components that can cause interoperability problems are identified and a protocol is proposed where two communicating entities can negotiate the key recovery mechanism(s) to be used. The ultimate goal is to provide the entities a means to agree either on a mutually acceptable KRM or on different, yet interoperable, mechanisms of their choice.
3 citations
TL;DR: As it is necessary for the cryptographic API to offer the means to 'part-compute' a MAC, such chaining variables need very careful handling lest they increase the possibility of MAC key compromise.
Abstract: This paper is concerned with the design of cryptographic APIs (Application Program Interfaces), and in particular with the part of such APIs concerned with computing Message Authentication Codes (MACs). In some cases it is necessary for the cryptographic API to offer the means to 'part-compute' a MAC, i.e. perform the MAC calculation for a portion of a data string. In such cases it is necessary for the API to input and output 'chaining variables'. As we show in this paper, such chaining variables need very careful handling lest they increase the possibility of MAC key compromise. In particular, chaining variables should always be output in encrypted form; moreover the encryption should operate so that re-occurrence of the same chaining variable will not be evident from the ciphertext.