Chris J. Mitchell

Bio: Chris J. Mitchell is an academic researcher from Royal Holloway, University of London. The author has contributed to research in topics: Authentication & Cryptography. The author has an hindex of 48, co-authored 397 publications receiving 10982 citations. Previous affiliations of Chris J. Mitchell include Johns Hopkins University & University of Portland.

Consumer risk perceptions in e-commerce

Abstract: Jarupunphol and Mitchell (2001) point out that there is a mismatch between the level of actual and perceived risks (the “risk perception gap”) associated with Internet e-commerce. This perception gap appears to be seriously restricting the growth of business-to-consumer (B2C) e-commerce since it deters many potential e-commerce participants. Although the emergence of e-commerce provides many benefits to consumers, e.g. convenience, greater choice, lower prices, and more information, consumers still have serious security concerns. The aim of this paper is to analyse the factors associated with consumer risk perceptions for Internet shopping. In addition, this paper also suggests guidelines for e-commerce merchants, which can be used to address negative consumer perceptions of Internet e-commerce.

Privacy-Preserving Biometric Matching Using Homomorphic Encryption.

Abstract: Biometric matching involves storing and processing sensitive user information. Maintaining the privacy of this data is thus a major challenge, and homomorphic encryption offers a possible solution. We propose a privacy-preserving biometrics-based authentication protocol based on fully homomorphic encryption, where the biometric sample for a user is gathered by a local device but matched against a biometric template by a remote server operating solely on encrypted data. The design ensures that 1) the user's sensitive biometric data remains private, and 2) the user and client device are securely authenticated to the server. A proof-of-concept implementation building on the TFHE library is also presented, which includes the underlying basic operations needed to execute the biometric matching. Performance results from the implementation show how complex it is to make FHE practical in this context, but it appears that, with implementation optimisations and improvements, the protocol could be used for real-world applications.

Post-quantum Certificates for Electronic Travel Documents

Abstract: Public key cryptosystems play a crucial role in the security of widely used communication protocols and in the protection of data. However, the foreseen emergence of quantum computers will break the security of most of the asymmetric cryptographic techniques used today, including those used to verify the authenticity of electronic travel documents. The security of international borders would thus be jeopardised in a quantum scenario. To overcome the threat to current asymmetric cryptography, post-quantum cryptography aims to provide practical mechanisms which are resilient to attacks using quantum computers. In this paper, we investigate the practicality of employing post-quantum digital signatures to ensure the authenticity of an electronic travel document. We created a special-purpose public key infrastructure based on these techniques, and give performance results for both creation and verification of certificates. This is the first important step towards specifying the next generation of electronic travel documents, as well as providing a valuable test use case for post-quantum techniques.

Retrofitting Mutual Authentication to GSM Using RAND Hijacking

Abstract: As has been widely discussed, the GSM mobile telephony system only offers unilateral authentication of the mobile phone to the network; this limitation permits a range of attacks. While adding support for mutual authentication would be highly beneficial, changing the way GSM serving networks operate is not practical. This paper proposes a novel modification to the relationship between a Subscriber Identity Module (SIM) and its home network which allows mutual authentication without changing any of the existing mobile infrastructure, including the phones; the only necessary changes are to the authentication centres and the SIMs. This enhancement, which could be deployed piecemeal in a completely transparent way, not only addresses a number of serious vulnerabilities in GSM but is also the first proposal explicitly designed to enhance GSM authentication that could be deployed without modifying any of the existing network infrastructure.

PKI implementation issues in B2B e-commerce

Abstract: The security of sensitive information transmitted and stored during ecommerce transactions is clearly an overriding issue of concern to organisations and individuals. Not only is there a need for the protection of the confidentiality and integrity of sensitive information, but verification of the identity of a communicating party is often also necessary. Public Key Infrastructures or PKIs have long been promoted as an important part of a solution to these concerns, since they support the wide scale use of public key cryptography to fulfil end-user security requirements. Although PKIs involving a single CA are effective when implemented within a well-defined population, the implementation of PKIs across multiple domains and hence involving multiple CAs, e.g. as required for e-commerce, has encountered serious problems. The intention of this paper is to discuss the main reasons for the PKI implementation issues in B2B e-commerce and to propose potential solutions.

I and i

Abstract: There is, I think, something ethereal about i —the square root of minus one. I remember first hearing about it at school. It seemed an odd beast at that time—an intruder hovering on the edge of reality. Usually familiarity dulls this sense of the bizarre, but in the case of i it was the reverse: over the years the sense of its surreal nature intensified. It seemed that it was impossible to write mathematics that described the real world in …

疟原虫var基因转换速率变化导致抗原变异[英]／Paul H, Robert P, Christodoulou Z, et al//Proc Natl Acad Sci U S A

Abstract: 抗原变异可使得多种致病微生物易于逃避宿主免疫应答。表达在感染红细胞表面的恶性疟原虫红细胞表面蛋白1（PfPMP1）与感染红细胞、内皮细胞、树突状细胞以及胎盘的单个或多个受体作用，在黏附及免疫逃避中起关键的作用。每个单倍体基因组var基因家族编码约60种成员，通过启动转录不同的var基因变异体为抗原变异提供了分子基础。

Handbook of Applied Cryptography

Abstract: From the Publisher: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols; more than 200 tables and figures; more than 1,000 numbered definitions, facts, examples, notes, and remarks; and over 1,250 significant references, including brief comments on each paper.

Tissue-based map of the human proteome

Abstract: Resolving the molecular details of proteome variation in the different tissues and organs of the human body will greatly increase our knowledge of human biology and disease. Here, we present a map of the human tissue proteome based on an integrated omics approach that involves quantitative transcriptomics at the tissue and organ level, combined with tissue microarray-based immunohistochemistry, to achieve spatial localization of proteins down to the single-cell level. Our tissue-based analysis detected more than 90% of the putative protein-coding genes. We used this approach to explore the human secretome, the membrane proteome, the druggable proteome, the cancer proteome, and the metabolic functions in 32 different tissues and organs. All the data are integrated in an interactive Web-based database that allows exploration of individual proteins, as well as navigation of global expression patterns, in all major tissues and organs in the human body.

Differential Power Analysis

Abstract: Cryptosystem designers frequently assume that secrets will be manipulated in closed, reliable computing environments. Unfortunately, actual computers and microchips leak information about the operations they process. This paper examines specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. We also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.