Dieter Gollmann

Bio: Dieter Gollmann is an academic researcher from Microsoft. The author has contributed to research in topics: Authentication protocol & Computer security model. The author has an hindex of 22, co-authored 55 publications receiving 1748 citations. Previous affiliations of Dieter Gollmann include University of London.

What do we mean by entity authentication

Abstract: The design of authentication protocols has proven to be surprisingly error-prone. We suggest that this is partly due to a language problem. The objectives of entity authentication are usually given in terms of human encounters while we actually implement message passing protocols. We propose various translations of the high-level objectives into a language appropriate for communication protocols. In addition, protocols are often specified at too low a level of abstraction. We argue that encryption should not be used as a general primitive as it does not capture the specific purpose for using a cryptographic function in aparticular protocol.

Certified Electronic Mail

Abstract: This paper examines certified mail delivery in postal systems and derives the essential requirements that may be met by a service called certified electronic mail. Protocols are presented to demonstrate how various flavours of certified electronic mail services may be implemented.

Computer Security ESORICS 2006: 11th European Symposium on Research in Computer Security, Hamburg, Germany, September 18-20, 2006, Proceedings (Lecture Notes in Computer Science)

Abstract: Finding Peer-to-Peer File-Sharing Using Coarse Network Behaviors.- Timing Analysis in Low-Latency Mix Networks: Attacks and Defenses.- TrustedPals: Secure Multiparty Computation Implemented with Smart Cards.- Private Information Retrieval Using Trusted Hardware.- Bridging the Gap Between Inter-communication Boundary and Internal Trusted Components.- License Transfer in OMA-DRM.- Enhanced Security Architecture for Music Distribution on Mobile.- A Formal Model of Access Control for Mobile Interactive Devices.- Discretionary Capability Confinement.- Minimal Threshold Closure.- Reducing the Dependence of SPKI/SDSI on PKI.- Delegation in Role-Based Access Control.- Applying a Security Requirements Engineering Process.- Modeling and Evaluating the Survivability of an Intrusion Tolerant Database System.- A Formal Framework for Confidentiality-Preserving Refinement.- Timing-Sensitive Information Flow Analysis for Synchronous Systems.- HBAC: A Model for History-Based Access Control and Its Model Checking.- From Coupling Relations to Mated Invariants for Checking Information Flow.- A Linear Logic of Authorization and Knowledge.- Pret a Voter with Re-encryption Mixes.- Secure Key-Updating for Lazy Revocation.- Key Derivation Algorithms for Monotone Access Structures in Cryptographic File Systems.- Cryptographically Sound Security Proofs for Basic and Public-Key Kerberos.- Deriving Secrecy in Key Establishment Protocols.- Limits of the BRSIM/UC Soundness of Dolev-Yao Models with Hashes.- Conditional Reactive Simulatability.- SessionSafe: Implementing XSS Immune Session Handling.- Policy-Driven Memory Protection for Reconfigurable Hardware.- Privacy-Preserving Queries on Encrypted Data.- Analysis of Policy Anomalies on Distributed Network Security Setups.- Assessment of a Vulnerability in Iterative Servers Enabling Low-Rate DoS Attacks.- Towards an Information-Theoretic Framework for Analyzing Intrusion Detection Systems.

Handbook of Applied Cryptography

Abstract: From the Publisher: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols; more than 200 tables and figures; more than 1,000 numbered definitions, facts, examples, notes, and remarks; and over 1,250 significant references, including brief comments on each paper.

Differential Power Analysis

Abstract: Cryptosystem designers frequently assume that secrets will be manipulated in closed, reliable computing environments. Unfortunately, actual computers and microchips leak information about the operations they process. This paper examines specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. We also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.

Information hiding-a survey

Abstract: Information-hiding techniques have recently become important in a number of application areas. Digital audio, video, and pictures are increasingly furnished with distinguishing but imperceptible marks, which may contain a hidden copyright notice or serial number or even help to prevent unauthorized copying directly. Military communications systems make increasing use of traffic security techniques which, rather than merely concealing the content of a message using encryption, seek to conceal its sender, its receiver, or its very existence. Similar techniques are used in some mobile phone systems and schemes proposed for digital elections. Criminals try to use whatever traffic security properties are provided intentionally or otherwise in the available communications systems, and police forces try to restrict their use. However, many of the techniques proposed in this young and rapidly evolving field can trace their history back to antiquity, and many of them are surprisingly easy to circumvent. In this article, we try to give an overview of the field, of what we know, what works, what does not, and what are the interesting topics for research.

System and method for secure three-party communications

Abstract: A system and method for communicating information between a first party and a second party, comprising the steps of receiving, by an intermediary, an identifier of desired information and accounting information for a transaction involving the information from the first party, transmitting an identifier of the first party to the second party, and negotiating, by the intermediary, a comprehension function for obscuring at least a portion of the information communicated between the first party and the second party. The data transmission may be made secure with respect to the intermediary by providing an asymmetric key or direct key exchange for encryption of the communication between the first and second party. The data transmission may be made secure with respect to the second party by maintaining the information in encrypted format at the second party, with the decryption key held only by the intermediary, and transmitting a secure composite of the decryption key and a new encryption key to the second party for transcoding of the data record, and providing the new decryption key to the first party, so that the information transmitted to the first party can be comprehended by it.

The inductive approach to verifying cryptographic protocols

Abstract: Informal arguments that cryptographic protocols are secure can be made rigorous using inductive definitions. The approach is based on ordinary predicate calculus and copes with infinite-state systems. Proofs are generated using Isabelle/HOL. The human effort required to analyze a protocol can be as little as a week or two, yielding a proof script that takes a few minutes to run. Protocols are inductively defined as sets of traces. A trace is a list of communication events, perhaps comprising many interleaved protocol runs. Protocol descriptions incorporate attacks and accidental losses. The model spy knows some private keys and can forge messages using components decrypted from previous traffic. Three protocols are analyzed below: Otway-Rees (which uses shared-key encryption), Needham-Schroeder (which uses public-key encryption), and a recursive protocol (Bull and Otway, 1997) (which is of variable length). One can prove that event ev always precedes event ev' or that property P holds provided X remains secret. Properties can be proved from the viewpoint of the various principals: say, if A receives a final message from B then the session key it conveys is good.