4,079 research outputs found
Predictable arguments of knowledge
We initiate a formal investigation on the power of predictability for argument of knowledge systems for NP. Specifically, we consider private-coin argument systems where the answer of the prover can be predicted, given the private randomness of the verifier; we call such protocols Predictable Arguments of Knowledge (PAoK).
Our study encompasses a full characterization of PAoK, showing that such arguments can be made extremely laconic, with the prover sending a single bit, and assumed to have only one round (i.e., two messages) of communication without loss of generality.
We additionally explore PAoK satisfying additional properties (including zero-knowledge and the possibility of re-using the same challenge across multiple executions with the prover), present several constructions of PAoK relying on different cryptographic tools, and discuss applications to cryptography
Do not trust me: Using malicious IdPs for analyzing and attacking Single Sign-On
Single Sign-On (SSO) systems simplify login procedures by using an an
Identity Provider (IdP) to issue authentication tokens which can be consumed by
Service Providers (SPs). Traditionally, IdPs are modeled as trusted third
parties. This is reasonable for SSO systems like Kerberos, MS Passport and
SAML, where each SP explicitely specifies which IdP he trusts. However, in open
systems like OpenID and OpenID Connect, each user may set up his own IdP, and a
discovery phase is added to the protocol flow. Thus it is easy for an attacker
to set up its own IdP. In this paper we use a novel approach for analyzing SSO
authentication schemes by introducing a malicious IdP. With this approach we
evaluate one of the most popular and widely deployed SSO protocols - OpenID. We
found four novel attack classes on OpenID, which were not covered by previous
research, and show their applicability to real-life implementations. As a
result, we were able to compromise 11 out of 16 existing OpenID implementations
like Sourceforge, Drupal and ownCloud. We automated discovery of these attacks
in a open source tool OpenID Attacker, which additionally allows fine-granular
testing of all parameters in OpenID implementations. Our research helps to
better understand the message flow in the OpenID protocol, trust assumptions in
the different components of the system, and implementation issues in OpenID
components. It is applicable to other SSO systems like OpenID Connect and SAML.
All OpenID implementations have been informed about their vulnerabilities and
we supported them in fixing the issues
Coordinated Multi-Agent Imitation Learning
We study the problem of imitation learning from demonstrations of multiple
coordinating agents. One key challenge in this setting is that learning a good
model of coordination can be difficult, since coordination is often implicit in
the demonstrations and must be inferred as a latent variable. We propose a
joint approach that simultaneously learns a latent coordination model along
with the individual policies. In particular, our method integrates unsupervised
structure learning with conventional imitation learning. We illustrate the
power of our approach on a difficult problem of learning multiple policies for
fine-grained behavior modeling in team sports, where different players occupy
different roles in the coordinated team strategy. We show that having a
coordination model to infer the roles of players yields substantially improved
imitation loss compared to conventional baselines.Comment: International Conference on Machine Learning 201
String Creation, D-branes and Effective Field Theory
This paper addresses several unsettled issues associated with string creation
in systems of orthogonal Dp-D(8-p) branes. The interaction between the branes
can be understood either from the closed string or open string picture. In the
closed string picture it has been noted that the DBI action fails to capture an
extra RR exchange between the branes. We demonstrate how this problem persists
upon lifting to M-theory. These D-brane systems are analysed in the closed
string picture by using gauge-fixed boundary states in a non-standard lightcone
gauge, in which RR exchange can be analysed precisely. The missing piece in the
DBI action also manifests itself in the open string picture as a mismatch
between the Coleman-Weinberg potential obtained from the effective field theory
and the corresponding open string calculation. We show that this difference can
be reconciled by taking into account the superghosts in the (0+1)effective
theory of the chiral fermion, that arises from gauge fixing the spontaneously
broken world-line local supersymmetries.Comment: 33 page
Light dynamical fermions on the lattice: toward the chiral regime of QCD
Algorithmic and technical progress achieved over the last few years makes QCD
simulations with light dynamical quarks much faster than before. As a result
lattices with pions as light as 250--300 MeV can be simulated with the present
generation of computers. I review recent conceptual and numerical progress in
this field, with particular emphasis on results obtained and difficulties
encountered in simulations with significantly smaller quark masses with respect
to previous computations. I also attempt to compare physical results for pion
masses and decay constants available to date in the two-flavour theory with
expectations from chiral perturbation theory.Comment: Plenary talk given at XXIVth International Symposium on Lattice Field
Theory Lattice2006(plenary), Tucson, Arizona, 23-28 July 2006. Submitted to
PoS in October 200
Superspace calculation of the four-loop spectrum in N=6 supersymmetric Chern-Simons theories
Using N=2 superspace techniques we compute the four-loop spectrum of single
trace operators in the SU(2) x SU(2) sector of ABJM and ABJ supersymmetric
Chern-Simons theories. Our computation yields a four-loop contribution to the
function h^2(\lambda) (and its ABJ generalization) in the magnon dispersion
relation which has fixed maximum transcendentality and coincides with the
findings in components given in the revised versions of arXiv:0908.2463 and
arXiv:0912.3460. We also discuss possible scenarios for an all-loop function
h^2(\lambda) that interpolates between weak and strong couplings.Comment: LaTeX, feynmp, 34 pages; v2: typos corrected, formulations improved,
references adde
Cross-VM Network Channel Attacks and Countermeasures within Cloud Computing Environments
Cloud providers attempt to maintain the highest levels of isolation between Virtual Machines (VMs) and inter-user processes to keep co-located VMs and processes separate. This logical isolation creates an internal virtual network to separate VMs co-residing within a shared physical network. However, as co-residing VMs share their underlying VMM (Virtual Machine Monitor), virtual network, and hardware are susceptible to cross VM attacks. It is possible for a malicious VM to potentially access or control other VMs through network connections, shared memory, other shared resources, or by gaining the privilege level of its non-root machine. This research presents a two novel zero-day cross-VM network channel attacks. In the first attack, a malicious VM can redirect the network traffic of target VMs to a specific destination by impersonating the Virtual Network Interface Controller (VNIC). The malicious VM can extract the decrypted information from target VMs by using open source decryption tools such as Aircrack. The second contribution of this research is a privilege escalation attack in a cross VM cloud environment with Xen hypervisor. An adversary having limited privileges rights may execute Return-Oriented Programming (ROP), establish a connection with the root domain by exploiting the network channel, and acquiring the tool stack (root domain) which it is not authorized to access directly. Countermeasures against this attacks are also presente
XSS-FP: Browser Fingerprinting using HTML Parser Quirks
There are many scenarios in which inferring the type of a client browser is
desirable, for instance to fight against session stealing. This is known as
browser fingerprinting. This paper presents and evaluates a novel
fingerprinting technique to determine the exact nature (browser type and
version, eg Firefox 15) of a web-browser, exploiting HTML parser quirks
exercised through XSS. Our experiments show that the exact version of a web
browser can be determined with 71% of accuracy, and that only 6 tests are
sufficient to quickly determine the exact family a web browser belongs to
- …