Author
Tuomas Aura
Other affiliations: Helsinki University of Technology, Helsinki Institute for Information Technology, University of California, Davis ...read more
Bio: Tuomas Aura is an academic researcher from Aalto University. The author has contributed to research in topics: Authentication & The Internet. The author has an hindex of 33, co-authored 113 publications receiving 4054 citations. Previous affiliations of Tuomas Aura include Helsinki University of Technology & Helsinki Institute for Information Technology.
Papers published on a yearly basis
Papers
More filters
01 Jan 2005
TL;DR: This document describes a method for binding a public signature key to an IPv6 address in the Secure Neighbor Discovery (SEND) protocol, where IPv6 addresses are cryptographically generated addresses for which the interface identifier is generated by computing a cryptographic one-way hash function from a public key and auxiliary parameters.
Abstract: This document describes a method for binding a public signature key to
an IPv6 address in the Secure Neighbor Discovery (SEND) protocol.
Cryptographically Generated Addresses (CGA) are IPv6 addresses for
which the interface identifier is generated by computing a
cryptographic one-way hash function from a public key and auxiliary
parameters. The binding between the public key and the address can be
verified by re-computing the hash value and by comparing the hash with
the interface identifier. Messages sent from an IPv6 address can be
protected by attaching the public key and auxiliary parameters and by
signing the message with the corresponding private key. The protection
works without a certification authority or any security
infrastructure. [STANDARDS-TRACK]
524 citations
••
03 Apr 2000TL;DR: In this paper, the authors show how stateless authentication protocols and the client puzzles of Juels and Brainard can be used to prevent denial of service by server resource exhaustion in open communications networks.
Abstract: Denial of service by server resource exhaustion has become a major security threat in open communications networks. Public-key authentication does not completely protect against the attacks because the authentication protocols often leave ways for an unauthenticated client to consume a server's memory space and computational resources by initiating a large number of protocol runs and inducing the server to perform expensive cryptographic computations. We show how stateless authentication protocols and the client puzzles of Juels and Brainard can be used to prevent such attacks.
409 citations
••
30 Oct 2006TL;DR: A novel defensive tool is implemented for detecting user and machine identifiers and other metadata embedded in documents only by a single piece of software, such as a word processor, but by various tools used at different stages of the document authoring process.
Abstract: Sometimes, it is necessary to remove author names and other personally identifiable information (PII) from documents before publication. We have implemented a novel defensive tool for detecting such data automatically. By using the detection tool, we have learned about where PII may be stored in documents and how it is put there. A key observation is that, contrary to common belief, user and machine identifiers and other metadata are not embedded in documents only by a single piece of software, such as a word processor, but by various tools used at different stages of the document authoring process.
263 citations
••
01 Mar 2005TL;DR: In this article, a method for binding a public signature key to an IPv6 address in the Secure Neighbor Discovery (SEND) protocol is described, and the binding between the public key and the address can be verified by re-computing the hash value and by comparing the hash with the interface identifier.
Abstract: This document describes a method for binding a public signature key to
an IPv6 address in the Secure Neighbor Discovery (SEND) protocol.
Cryptographically Generated Addresses (CGA) are IPv6 addresses for
which the interface identifier is generated by computing a
cryptographic one-way hash function from a public key and auxiliary
parameters. The binding between the public key and the address can be
verified by re-computing the hash value and by comparing the hash with
the interface identifier. Messages sent from an IPv6 address can be
protected by attaching the public key and auxiliary parameters and by
signing the message with the corresponding private key. The protection
works without a certification authority or any security
infrastructure. [STANDARDS-TRACK]
222 citations
01 Dec 2005
TL;DR: This document is an account of the rationale behind the Mobile IPv6 (MIPv6) Route Optimization security design, allowing people dealing with mobility or multi-homing to avoid a number of potential security pitfalls in their designs.
Abstract: This document is an account of the rationale behind the Mobile IPv6
(MIPv6) Route Optimization security design. The purpose of this
document is to present the thinking and to preserve the reasoning
behind the Mobile IPv6 security design in 2001 - 2002. The document
has two target audiences: (1) helping MIPv6 implementors to better
understand the design choices in MIPv6 security procedures, and (2)
allowing people dealing with mobility or multi-homing to avoid a
number of potential security pitfalls in their designs. This memo
provides information for the Internet community.
143 citations
Cited by
More filters
••
[...]
TL;DR: It is shown that, without a logically centralized authority, Sybil attacks are always possible except under extreme and unrealistic assumptions of resource parity and coordination among entities.
Abstract: Large-scale peer-to-peer systems face security threats from faulty or hostile remote computing elements. To resist these threats, many such systems employ redundancy. However, if a single faulty entity can present multiple identities, it can control a substantial fraction of the system, thereby undermining this redundancy. One approach to preventing these "Sybil attacks" is to have a trusted agency certify identities. This paper shows that, without a logically centralized authority, Sybil attacks are always possible except under extreme and unrealistic assumptions of resource parity and coordination among entities.
4,816 citations
••
20 May 2003TL;DR: An algorithm to decrease the number of downloads of inauthentic files in a peer-to-peer file-sharing network that assigns each peer a unique global trust value, based on the peer's history of uploads is described.
Abstract: Peer-to-peer file-sharing networks are currently receiving much attention as a means of sharing and distributing information. However, as recent experience shows, the anonymous, open nature of these networks offers an almost ideal environment for the spread of self-replicating inauthentic files.We describe an algorithm to decrease the number of downloads of inauthentic files in a peer-to-peer file-sharing network that assigns each peer a unique global trust value, based on the peer's history of uploads. We present a distributed and secure method to compute global trust values, based on Power iteration. By having peers use these global trust values to choose the peers from whom they download, the network effectively identifies malicious peers and isolates them from the network.In simulations, this reputation system, called EigenTrust, has been shown to significantly decrease the number of inauthentic files on the network, even under a variety of conditions where malicious peers cooperate in an attempt to deliberately subvert the system.
3,715 citations
••
2,687 citations
••
01 Apr 2004TL;DR: This paper presents two taxonomies for classifying attacks and defenses in distributed denial-of-service (DDoS) and provides researchers with a better understanding of the problem and the current solution space.
Abstract: Distributed denial-of-service (DDoS) is a rapidly growing problem. The multitude and variety of both the attacks and the defense approaches is overwhelming. This paper presents two taxonomies for classifying attacks and defenses, and thus provides researchers with a better understanding of the problem and the current solution space. The attack classification criteria was selected to highlight commonalities and important features of attack strategies, that define challenges and dictate the design of countermeasures. The defense taxonomy classifies the body of existing DDoS defenses based on their design decisions; it then shows how these decisions dictate the advantages and deficiencies of proposed solutions.
1,866 citations