49 research outputs found
Blown to Bits: Your Life, Liberty, and Happiness After the Digital Explosion
382 p.Libro ElectrĆ³nicoEach of us has been in the computing field for more than 40 years. The book is the product of a lifetime of observing and participating in the changes it has brought. Each of us has been both a teacher and a learner in the field.
This book emerged from a general education course we have taught at Harvard, but it is not a textbook. We wrote this book to share what wisdom we have with as many people as we can reach. We try to paint a big picture,
with dozens of illuminating anecdotes as the brushstrokes. We aim to entertain you at the same time as we provoke your thinking.Preface
Chapter 1 Digital Explosion
Why Is It Happening, and What Is at Stake?
The Explosion of Bits, and Everything Else
The Koans of Bits
Good and Ill, Promise and Peril
Chapter 2 Naked in the Sunlight
Privacy Lost, Privacy Abandoned
1984 Is Here, and We Like It
Footprints and Fingerprints
Why We Lost Our Privacy, or Gave It Away
Little Brother Is Watching
Big Brother, Abroad and in the U.S.
Technology Change and Lifestyle Change
Beyond Privacy
Chapter 3 Ghosts in the Machine
Secrets and Surprises of Electronic Documents
What You See Is Not What the Computer Knows
Representation, Reality, and Illusion
Hiding Information in Images
The Scary Secrets of Old Disks
Chapter 4 Needles in the Haystack
Google and Other Brokers in the Bits Bazaar
Found After Seventy Years
The Library and the Bazaar
The Fall of Hierarchy
It Matters How It Works
Who Pays, and for What?
Search Is Power
You Searched for WHAT? Tracking Searches
Regulating or Replacing the Brokers
Chapter 5 Secret Bits
How Codes Became Unbreakable
Encryption in the Hands of Terrorists, and Everyone Else
Historical Cryptography
Lessons for the Internet Age
Secrecy Changes Forever
Cryptography for Everyone
Cryptography Unsettled
Chapter 6 Balance Toppled
Who Owns the Bits?
Automated CrimesāAutomated Justice
NET Act Makes Sharing a Crime
The Peer-to-Peer Upheaval
Sharing Goes Decentralized
Authorized Use Only
Forbidden Technology
Copyright Koyaanisqatsi: Life Out of Balance
The Limits of Property
Chapter 7 You Canāt Say That on the Internet
Guarding the Frontiers of Digital Expression
Do You Know Where Your Child Is on the Web Tonight?
Metaphors for Something Unlike Anything Else
Publisher or Distributor?
Neither Liberty nor Security
The Nastiest Place on Earth
The Most Participatory Form of Mass Speech
Protecting Good Samaritansāand a Few Bad Ones
Laws of Unintended Consequences
Can the Internet Be Like a Magazine Store?
Let Your Fingers Do the Stalking
Like an Annoying Telephone Call?
Digital Protection, Digital Censorshipāand Self-Censorship
Chapter 8 Bits in the Air
Old Metaphors, New Technologies, and Free Speech
Censoring the President
How Broadcasting Became Regulated
The Path to Spectrum Deregulation
What Does the Future Hold for Radio?
Conclusion After the Explosion
Bits Lighting Up the World
A Few Bits in Conclusion
Appendix The Internet as System and Spirit
The Internet as a Communication System
The Internet Spirit
Endnotes
Inde
Security of Ubiquitous Computing Systems
The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license
The Cryptographic Imagination
Originally published in 1996. In The Cryptographic Imagination, Shawn Rosenheim uses the writings of Edgar Allan Poe to pose a set of questions pertaining to literary genre, cultural modernity, and technology. Rosenheim argues that Poe's cryptographic writingāhis essays on cryptography and the short stories that grew out of themārequires that we rethink the relation of poststructural criticism to Poe's texts and, more generally, reconsider the relation of literature to communication. Cryptography serves not only as a template for the language, character, and themes of much of Poe's late fiction (including his creation, the detective story) but also as a "secret history" of literary modernity itself. "Both postwar fiction and literary criticism," the author writes, "are deeply indebted to the rise of cryptography in World War II." Still more surprising, in Rosenheim's view, Poe is not merely a source for such literary instances of cryptography as the codes in Conan Doyle's "The Dancing-Men" or in Jules Verne, but, through his effect on real cryptographers, Poe's writing influenced the outcome of World War II and the development of the Cold War. However unlikely such ideas sound, The Cryptographic Imagination offers compelling evidence that Poe's cryptographic writing clarifies one important avenue by which the twentieth century called itself into being. "The strength of Rosenheim's work extends to a revisionistic understanding of the entirety of literary history (as a repression of cryptography) and then, in a breathtaking shift of register, interlinks Poe's exercises in cryptography with the hyperreality of the CIA, the Cold War, and the Internet. What enables this extensive range of applications is the stipulated tension Rosenheim discerns in the relationship between the forms of the literary imagination and the condition of its mode of production. Cryptography, in this account, names the technology of literary productionāthe diacritical relationship between decoding and encodingāthat the literary imagination dissimulates as hieroglyphicsāthe hermeneutic relationship between a sign and its content."āDonald E. Pease, Dartmouth Colleg
Design and Analysis of Cryptographic Algorithms for Authentication
During the previous decades, the upcoming demand for security in the digital world, e.g., the Internet, lead to numerous groundbreaking research topics in the ļ¬eld of cryptography. This thesis focuses on the design and analysis of cryptographic primitives and schemes to be used for authentication of data and communication endpoints, i.e., users. It is structured into three parts, where we present the ļ¬rst freely scalable multi-block-length block-cipher-based compression function (Counter-bDM) in the ļ¬rst part. The presented design is accompanied by a thorough security analysis regarding its preimage and collision security. The second and major part is devoted to password hashing. It is motivated by the large amount of leaked password during the last years and our discovery of side-channel attacks on scrypt ā the ļ¬rst modern password scrambler that allowed to parameterize the amount of memory required to compute a password hash. After summarizing which properties we expect from a modern password scrambler, we (1) describe a cache-timing attack on scrypt based on its password-dependent memory-access pattern and (2) outline an additional attack vector ā garbage-collector attacks ā that exploits optimization which may disregard to overwrite the internally used memory. Based on our observations, we introduce Catena ā the ļ¬rst memory-demanding password-scrambling framework that allows a password-independent memory-access pattern for resistance to the aforementioned attacks. Catena was submitted to the Password Hashing Competition (PHC) and, after two years of rigorous analysis, ended up as a ļ¬nalist gaining special recognition for its agile framework approach and side-channel resistance. We provide six instances of Catena suitable for a variety of applications. We close the second part of this thesis with an overview of modern password scramblers regarding their functional, security, and general properties; supported by a brief analysis of their resistance to garbage-collector attacks. The third part of this thesis is dedicated to the integrity (authenticity of data) of nonce-based authenticated encryption schemes (NAE). We introduce the so-called j-IV-Collision Attack, allowing to obtain an upper bound for an adversary that is provided with a ļ¬rst successful forgery and tries to eļ¬ciently compute j additional forgeries for a particular NAE scheme (in short: reforgeability). Additionally, we introduce the corresponding security notion j-INT-CTXT and provide a comparative analysis (regarding j-INT-CTXT security) of the third-round submission to the CAESAR competition and the four classical and widely used NAE schemes CWC, CCM, EAX, and GCM.Die fortschreitende Digitalisierung in den letzten Jahrzehnten hat dazu gefĆ¼hrt, dass sich das Forschungsfeld der Kryptographie bedeutsam weiterentwickelt hat. Diese, im Wesentlichen aus drei Teilen bestehende Dissertation, widmet sich dem Design und der Analyse von kryptographischen Primitiven und Modi zur Authentiļ¬zierung von Daten und Kommunikationspartnern. Der erste Teil beschƤftigt sich dabei mit blockchiļ¬renbasierten Kompressionsfunktionen, die in ressourcenbeschrƤnkten Anwendungsbereichen eine wichtige Rolle spielen. Im Rahmen dieser Arbeit prƤsentieren wir die erste frei skalierbare und sichere blockchiļ¬renbasierte Kompressionsfunktion Counter-bDM und erweitern somit ļ¬exibel die erreichbare Sicherheit solcher Konstruktionen. Der zweite Teil und wichtigste Teil dieser Dissertation widmet sich Passwort-Hashing-Verfahren. Zum einen ist dieser motiviert durch die groĆe Anzahl von Angriļ¬en auf Passwortdatenbanken groĆer Internet-Unternehmen. Zum anderen bot die Password Hashing Competition (PHC) die Mƶglichkeit, unter Aufmerksamkeit der Expertengemeinschaft die Sicherheit bestehender Verfahren zu hinterfragen, sowie neue sichere Verfahren zu entwerfen. Im Rahmen des zweiten Teils entwarfen wir Anforderungen an moderne Passwort-Hashing-Verfahren und beschreiben drei Arten von Seitenkanal-Angriļ¬en (Cache-Timing-, Weak Garbage-Collector- und Garbage-Collector-Angriļ¬e) auf scrypt ā das erste moderne Password-Hashing-Verfahren welches erlaubte, den benƶtigten Speicheraufwand zur Berechnung eines Passworthashes frei zu wƤhlen. Basierend auf unseren Beobachtungen und Angriļ¬en, stellen wir das erste moderne PasswordHashing-Framework Catena vor, welches fĆ¼r gewƤhlte Instanzen passwortunabhƤngige Speicherzugriļ¬e und somit Sicherheit gegen oben genannte Angriļ¬e garantiert. Catena erlangte im Rahmen des PHC-Wettbewerbs besondere Anerkennung fĆ¼r seine AgilitƤt und Resistenz gegen SeitenkanalAngriļ¬e. Wir prƤsentieren sechs Instanzen des Frameworks, welche fĆ¼r eine Vielzahl von Anwendungen geeignet sind. Abgerundet wird der zweite Teil dieser Arbeit mit einem vergleichenden Ćberblick von modernen Passwort-Hashing-Verfahren hinsichtlich ihrer funktionalen, sicherheitstechnischen und allgemeinen Eigenschaften. Dieser Vergleich wird unterstĆ¼tzt durch eine kurze Analyse bezĆ¼glich ihrer Resistenz gegen (Weak) Garbage-Collector-Angriļ¬e. Der dritte teil dieser Arbeit widmet sich der IntegritƤt von Daten, genauer, der Sicherheit sogenannter Nonce-basierten authentisierten VerschlĆ¼sselungsverfahren (NAE-Verfahren), welche ebenso wie Passwort-Hashing-Verfahren in der heutigen Sicherheitsinfrastruktur des Internets eine wichtige Rolle spielen. WƤhrend Standard-Deļ¬nitionen keine Sicherheit nach dem Fund einer ersten erfolgreich gefƤlschten Nachricht betrachten, erweitern wir die Sicherheitsanforderungen dahingehend wie schwer es ist, weitere FƤlschungen zu ermitteln. Wir abstrahieren die Funktionsweise von NAEVerfahren in Klassen, analysieren diese systematisch und klassiļ¬zieren die Dritt-Runden-Kandidaten des CAESAR-Wettbewerbs, sowie vier weit verbreitete NAE-Verfahren CWC, CCM, EAX und GCM
Security of Ubiquitous Computing Systems
The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license
End-to-end security in active networks
Active network solutions have been proposed to many of the problems caused by the increasing heterogeneity of the Internet. These ystems allow nodes within the network to process data passing through in several ways. Allowing code from various sources to run on routers introduces numerous security concerns that have been addressed by research into safe languages, restricted execution environments, and other related areas. But little attention has been paid to an even more critical question: the effect on end-to-end security of active flow manipulation. This thesis first examines the threat model implicit in active networks. It develops a framework of security protocols in use at various layers of the networking stack, and their utility to multimedia transport and flow processing, and asks if it is reasonable to give active routers access to the plaintext of these flows. After considering the various security problem introduced, such as vulnerability to attacks on intermediaries or coercion, it concludes not. We then ask if active network systems can be built that maintain end-to-end security without seriously degrading the functionality they provide. We describe the design and analysis of three such protocols: a distributed packet filtering system that can be used to adjust multimedia bandwidth requirements and defend against denial-of-service attacks; an efficient composition of link and transport-layer reliability mechanisms that increases the performance of TCP over lossy wireless links; and a distributed watermarking servicethat can efficiently deliver media flows marked with the identity of their recipients. In all three cases, similar functionality is provided to designs that do not maintain end-to-end security. Finally, we reconsider traditional end-to-end arguments in both networking and security, and show that they have continuing importance for Internet design. Our watermarking work adds the concept of splitting trust throughout a network to that model; we suggest further applications of this idea
Design and Analysis of Cryptographic Algorithms for Authentication
During the previous decades, the upcoming demand for security in the digital world, e.g., the Internet, lead to numerous groundbreaking research topics in the ļ¬eld of cryptography. This thesis focuses on the design and analysis of cryptographic primitives and schemes to be used for authentication of data and communication endpoints, i.e., users. It is structured into three parts, where we present the ļ¬rst freely scalable multi-block-length block-cipher-based compression function (Counter-bDM) in the ļ¬rst part. The presented design is accompanied by a thorough security analysis regarding its preimage and collision security. The second and major part is devoted to password hashing. It is motivated by the large amount of leaked password during the last years and our discovery of side-channel attacks on scrypt ā the ļ¬rst modern password scrambler that allowed to parameterize the amount of memory required to compute a password hash. After summarizing which properties we expect from a modern password scrambler, we (1) describe a cache-timing attack on scrypt based on its password-dependent memory-access pattern and (2) outline an additional attack vector ā garbage-collector attacks ā that exploits optimization which may disregard to overwrite the internally used memory. Based on our observations, we introduce Catena ā the ļ¬rst memory-demanding password-scrambling framework that allows a password-independent memory-access pattern for resistance to the aforementioned attacks. Catena was submitted to the Password Hashing Competition (PHC) and, after two years of rigorous analysis, ended up as a ļ¬nalist gaining special recognition for its agile framework approach and side-channel resistance. We provide six instances of Catena suitable for a variety of applications. We close the second part of this thesis with an overview of modern password scramblers regarding their functional, security, and general properties; supported by a brief analysis of their resistance to garbage-collector attacks. The third part of this thesis is dedicated to the integrity (authenticity of data) of nonce-based authenticated encryption schemes (NAE). We introduce the so-called j-IV-Collision Attack, allowing to obtain an upper bound for an adversary that is provided with a ļ¬rst successful forgery and tries to eļ¬ciently compute j additional forgeries for a particular NAE scheme (in short: reforgeability). Additionally, we introduce the corresponding security notion j-INT-CTXT and provide a comparative analysis (regarding j-INT-CTXT security) of the third-round submission to the CAESAR competition and the four classical and widely used NAE schemes CWC, CCM, EAX, and GCM.Die fortschreitende Digitalisierung in den letzten Jahrzehnten hat dazu gefĆ¼hrt, dass sich das Forschungsfeld der Kryptographie bedeutsam weiterentwickelt hat. Diese, im Wesentlichen aus drei Teilen bestehende Dissertation, widmet sich dem Design und der Analyse von kryptographischen Primitiven und Modi zur Authentiļ¬zierung von Daten und Kommunikationspartnern. Der erste Teil beschƤftigt sich dabei mit blockchiļ¬renbasierten Kompressionsfunktionen, die in ressourcenbeschrƤnkten Anwendungsbereichen eine wichtige Rolle spielen. Im Rahmen dieser Arbeit prƤsentieren wir die erste frei skalierbare und sichere blockchiļ¬renbasierte Kompressionsfunktion Counter-bDM und erweitern somit ļ¬exibel die erreichbare Sicherheit solcher Konstruktionen. Der zweite Teil und wichtigste Teil dieser Dissertation widmet sich Passwort-Hashing-Verfahren. Zum einen ist dieser motiviert durch die groĆe Anzahl von Angriļ¬en auf Passwortdatenbanken groĆer Internet-Unternehmen. Zum anderen bot die Password Hashing Competition (PHC) die Mƶglichkeit, unter Aufmerksamkeit der Expertengemeinschaft die Sicherheit bestehender Verfahren zu hinterfragen, sowie neue sichere Verfahren zu entwerfen. Im Rahmen des zweiten Teils entwarfen wir Anforderungen an moderne Passwort-Hashing-Verfahren und beschreiben drei Arten von Seitenkanal-Angriļ¬en (Cache-Timing-, Weak Garbage-Collector- und Garbage-Collector-Angriļ¬e) auf scrypt ā das erste moderne Password-Hashing-Verfahren welches erlaubte, den benƶtigten Speicheraufwand zur Berechnung eines Passworthashes frei zu wƤhlen. Basierend auf unseren Beobachtungen und Angriļ¬en, stellen wir das erste moderne PasswordHashing-Framework Catena vor, welches fĆ¼r gewƤhlte Instanzen passwortunabhƤngige Speicherzugriļ¬e und somit Sicherheit gegen oben genannte Angriļ¬e garantiert. Catena erlangte im Rahmen des PHC-Wettbewerbs besondere Anerkennung fĆ¼r seine AgilitƤt und Resistenz gegen SeitenkanalAngriļ¬e. Wir prƤsentieren sechs Instanzen des Frameworks, welche fĆ¼r eine Vielzahl von Anwendungen geeignet sind. Abgerundet wird der zweite Teil dieser Arbeit mit einem vergleichenden Ćberblick von modernen Passwort-Hashing-Verfahren hinsichtlich ihrer funktionalen, sicherheitstechnischen und allgemeinen Eigenschaften. Dieser Vergleich wird unterstĆ¼tzt durch eine kurze Analyse bezĆ¼glich ihrer Resistenz gegen (Weak) Garbage-Collector-Angriļ¬e. Der dritte teil dieser Arbeit widmet sich der IntegritƤt von Daten, genauer, der Sicherheit sogenannter Nonce-basierten authentisierten VerschlĆ¼sselungsverfahren (NAE-Verfahren), welche ebenso wie Passwort-Hashing-Verfahren in der heutigen Sicherheitsinfrastruktur des Internets eine wichtige Rolle spielen. WƤhrend Standard-Deļ¬nitionen keine Sicherheit nach dem Fund einer ersten erfolgreich gefƤlschten Nachricht betrachten, erweitern wir die Sicherheitsanforderungen dahingehend wie schwer es ist, weitere FƤlschungen zu ermitteln. Wir abstrahieren die Funktionsweise von NAEVerfahren in Klassen, analysieren diese systematisch und klassiļ¬zieren die Dritt-Runden-Kandidaten des CAESAR-Wettbewerbs, sowie vier weit verbreitete NAE-Verfahren CWC, CCM, EAX und GCM
Password
This book is available as open access through the Bloomsbury Open Access programme and is available on www.bloomsburycollections.com. The open-access edition of this text was made possible by a Philip Leverhulme Prize from The Leverhulme Trust. Object Lessons is a series of short, beautifully designed books about the hidden lives of ordinary things. Where does a password end and an identity begin? A person might be more than his chosen ten-character combination, but does a bank know that? Or an email provider? Whatās an āidentity theftā in the digital age if not the unauthorized use of a password? In untangling the histories, cultural contexts and philosophies of the password, Martin Paul Eve explores how āwhat we knowā became āwho we areā, revealing how the modern notion of identity has been shaped by the password. Ranging from ancient Rome and the āwatchwordsā of military encampments, through the three-factor authentication systems of Harry Potter and up to the biometric scanner in the iPhone, Password makes a timely and important contribution to our understanding of the words, phrases and special characters that determine our belonging and, often, our being. Object Lessons is published in partnership with an essay series in The Atlantic
Law and Policy for the Quantum Age
Law and Policy for the Quantum Age is for readers interested in the political and business strategies underlying quantum sensing, computing, and communication. This work explains how these quantum technologies work, future national defense and legal landscapes for nations interested in strategic advantage, and paths to profit for companies