Showing papers in "arXiv: Cryptography and Security in 1999"

Multiparty computation unconditionally secure against Q^2 adversary structures

Abstract: We present here a generalization of the work done by Rabin and Ben-Or We give a protocol for multiparty computation which tolerates any Q^2 active adversary structure based on the existence of a broadcast channel, secure communication between each pair of participants, and a monotone span program with multiplication tolerating the structure The secrecy achieved is unconditional although we allow an exponentially small probability of error This is possible due to a protocol for computing the product of two values already shared by means of a homomorphic commitment scheme which appeared originally in a paper of Chaum, Evertse and van de Graaf

Safe Deals Between Strangers

Abstract: E-business, information serving, and ubiquitous computing will create heavy request traffic from strangers or even incognitos. Such requests must be managed automatically. Two ways of doing this are well known: giving every incognito consumer the same treatment, and rendering service in return for money. However, different behavior will be often wanted, e.g., for a university library with different access policies for undergraduates, graduate students, faculty, alumni, citizens of the same state, and everyone else. For a data or process server contacted by client machines on behalf of users not previously known, we show how to provide reliable automatic access administration conforming to service agreements. Implementations scale well from very small collections of consumers and producers to immense client/server networks. Servers can deliver information, effect state changes, and control external equipment. Consumer privacy is easily addressed by the same protocol. We support consumer privacy, but allow servers to deny their resources to incognitos. A protocol variant even protects against statistical attacks by consortia of service organizations. One e-commerce application would put the consumer's tokens on a smart card whose readers are in vending kiosks. In e-business we can simplify supply chain administration. Our method can also be used in sensitive networks without introducing new security loopholes.

Certificate Revocation Paradigms

Abstract: Research in the field of electronic signature confirmation has been active for some 20 years now. Unfortunately present certificate-based solutions also come from that age when no-one knew about online data transmission. The official standardized X.509 framework also depends heavily on offline operations, one of the most complicated ones being certificate revocation handling. This is done via huge Certificate Revocation Lists which are both inconvenient and expencive. Several improvements to these lists are proposed and in this report we try to analyze them briefly. We conclude that although it is possible to do better than in the original X.509 setting, none of the solutions presented this far is good enough.

Secure Multicast in a WAN

Abstract: A secure reliable multicast protocol enables a process to send a message to a group of recipients such that all correct destinations receive the same message, despite the malicious efforts of fewer than a third of the total number of processes, including the sender This has been sh own to be a useful tool in building secure distributed services, albeit with a cost that typically grows linearly with the size of the system For very large networks, for which this is prohibitive, we present two approaches for reducing the cost: First, we show a protocol whose cost is on the order of the number of tolerated failures Secondly, we show how relaxing the consistency requirement to a probabilistic guarantee can reduce the associated cost, effectively to a constant

Transport Level Security: a proof using the Gong-Needham-Yahalom Logic

Abstract: This paper provides a proof of the proposed Internet standard Transport Level Security protocol using the Gong-Needham-Yahalom logic. It is intended as a teaching aid and hopes to show to students: the potency of a formal method for protocol design; some of the subtleties of authenticating parties on a network where all messages can be intercepted; the design of what should be a widely accepted standard.

Secure Execution of Java Applets using a Remote Playground

Abstract: Mobile code presents a number of threats to machines that execute it. We introduce an approach for protecting machines and the resources they hold from mobile code, and describe a system based on our approach for protecting host machines from Java 1.1 applets. In our approach, each Java applet downloaded to the protected domain is rerouted to a dedicated machine (or set of machines), the {\em playground}, at which it is executed. Prior to execution the applet is transformed to use the downloading user's web browser as a graphics terminal for its input and output, and so the user has the illusion that the applet is running on her own machine. In reality, however, mobile code runs only in the sanitized environment of the playground, where user files cannot be mounted and from which only limited network connections are accepted by machines in the protected domain. Our playground thus provides a second level of defense against mobile code that circumvents language-based defenses. The paper presents the design and implementation of a playground for Java 1.1 applets, and discusses extensions of it for other forms of mobile code including Java 1.2.

Quantum Bit Commitment Expansion

Abstract: The paper was retracted.