9,322 research outputs found
Securing The Root: A Proposal For Distributing Signing Authority
Management of the Domain Name System (DNS) root zone file is a uniquely global policy problem. For the Internet to connect everyone, the root must be coordinated and compatible. While authority over the legacy root zone file has been contentious and divisive at times, everyone agrees that the Internet should be made more secure. A newly standardized protocol, DNS Security Extensions (DNSSEC), would make the Internet's infrastructure more secure. In order to fully implement DNSSEC, the procedures for managing the DNS root must be revised. Therein lies an opportunity. In revising the root zone management procedures, we can develop a new solution that diminishes the impact of the legacy monopoly held by the U.S. government and avoids another contentious debate over unilateral U.S. control. In this paper we describe the outlines of a new system for the management of a DNSSEC-enabled root. Our proposal distributes authority over securing the root, unlike another recently suggested method, while avoiding the risks and pitfalls of an intergovernmental power sharing scheme
A Security Framework for JXTA-Overlay
En l'actualitat, la maduresa del camp de la investigació P2P empès a través de nous problemes, relacionats amb la seguretat. Per aquesta raó, la seguretat comença a convertir-se en una de les qüestions clau en l'avaluació d'un sistema P2P, i és important proporcionar mecanismes de seguretat per a sistemes P2P. El projecte JXTAOverlay fa un esforç per utilitzar la tecnologia JXTA per proporcionar un conjunt genèric de funcions que poden ser utilitzades pels desenvolupadors per desplegar aplicacions P2P. No obstant això, encara que el seu disseny es va centrar en qüestions com ara l'escalabilitat o el rendiment general, no va tenir en compte la seguretat. Aquest treball proposa un marc de seguretat, adaptat específicament a la idiosincràsia del JXTAOverlay.At present time, the maturity of P2P research field has pushed through new problems such us those related with security. For that reason, security starts to become one of the key issues when evaluating a P2P system and it is important to provide security mechanisms to P2P systems. The JXTAOverlay project is an effort to use JXTA technology to provide a generic set of functionalities that can be used by developers to deploy P2P applications. However, since its design focused on issues such as scalability or overall performance, it did not take security into account. This work proposes a security framework specifically suited to JXTAOverlay¿s idiosyncrasies.En la actualidad, la madurez del campo de la investigación P2P empujado a través de nuevos problemas, relacionados con la seguridad. Por esta razón, la seguridad comienza a convertirse en una de las cuestiones clave en la evaluación de un sistema P2P, y es importante proporcionar mecanismos de seguridad para sistemas P2P. El proyecto JXTAOverlay hace un esfuerzo por utilizar la tecnología JXTA para proporcionar un conjunto genérico de funciones que pueden ser utilizadas por los desarrolladores para desplegar aplicaciones P2P. Sin embargo, aunque su diseño se centró en cuestiones como la escalabilidad o el rendimiento general, no tuvo en cuenta la seguridad. Este trabajo propone un marco de seguridad, adaptado específicamente a la idiosincrasia del JXTAOverlay
Portable Tor Router: Easily Enabling Web Privacy for Consumers
On-line privacy is of major public concern. Unfortunately, for the average
consumer, there is no simple mechanism to browse the Internet privately on
multiple devices. Most available Internet privacy mechanisms are either
expensive, not readily available, untrusted, or simply provide trivial
information masking. We propose that the simplest, most effective and
inexpensive way of gaining privacy, without sacrificing unnecessary amounts of
functionality and speed, is to mask the user's IP address while also encrypting
all data. We hypothesized that the Tor protocol is aptly suited to address
these needs. With this in mind we implemented a Tor router using a single board
computer and the open-source Tor protocol code. We found that our proposed
solution was able to meet five of our six goals soon after its implementation:
cost effectiveness, immediacy of privacy, simplicity of use, ease of execution,
and unimpaired functionality. Our final criterion of speed was sacrificed for
greater privacy but it did not fall so low as to impair day-to-day
functionality. With a total cost of roughly $100.00 USD and a speed cap of
around 2 Megabits per second we were able to meet our goal of an affordable,
convenient, and usable solution to increased on-line privacy for the average
consumer.Comment: 6 pages, 5 figures, IEEE ICCE Conferenc
Unforgeable Quantum Encryption
We study the problem of encrypting and authenticating quantum data in the
presence of adversaries making adaptive chosen plaintext and chosen ciphertext
queries. Classically, security games use string copying and comparison to
detect adversarial cheating in such scenarios. Quantumly, this approach would
violate no-cloning. We develop new techniques to overcome this problem: we use
entanglement to detect cheating, and rely on recent results for characterizing
quantum encryption schemes. We give definitions for (i.) ciphertext
unforgeability , (ii.) indistinguishability under adaptive chosen-ciphertext
attack, and (iii.) authenticated encryption. The restriction of each definition
to the classical setting is at least as strong as the corresponding classical
notion: (i) implies INT-CTXT, (ii) implies IND-CCA2, and (iii) implies AE. All
of our new notions also imply QIND-CPA privacy. Combining one-time
authentication and classical pseudorandomness, we construct schemes for each of
these new quantum security notions, and provide several separation examples.
Along the way, we also give a new definition of one-time quantum authentication
which, unlike all previous approaches, authenticates ciphertexts rather than
plaintexts.Comment: 22+2 pages, 1 figure. v3: error in the definition of QIND-CCA2 fixed,
some proofs related to QIND-CCA2 clarifie
- …