1,858 research outputs found
In-packet Bloom filters: Design and networking applications
The Bloom filter (BF) is a well-known space-efficient data structure that
answers set membership queries with some probability of false positives. In an
attempt to solve many of the limitations of current inter-networking
architectures, some recent proposals rely on including small BFs in packet
headers for routing, security, accountability or other purposes that move
application states into the packets themselves. In this paper, we consider the
design of such in-packet Bloom filters (iBF). Our main contributions are
exploring the design space and the evaluation of a series of extensions (1) to
increase the practicality and performance of iBFs, (2) to enable
false-negative-free element deletion, and (3) to provide security enhancements.
In addition to the theoretical estimates, extensive simulations of the multiple
design parameters and implementation alternatives validate the usefulness of
the extensions, providing for enhanced and novel iBF networking applications.Comment: 15 pages, 11 figures, preprint submitted to Elsevier COMNET Journa
Naturally Rehearsing Passwords
We introduce quantitative usability and security models to guide the design
of password management schemes --- systematic strategies to help users create
and remember multiple passwords. In the same way that security proofs in
cryptography are based on complexity-theoretic assumptions (e.g., hardness of
factoring and discrete logarithm), we quantify usability by introducing
usability assumptions. In particular, password management relies on assumptions
about human memory, e.g., that a user who follows a particular rehearsal
schedule will successfully maintain the corresponding memory. These assumptions
are informed by research in cognitive science and validated through empirical
studies. Given rehearsal requirements and a user's visitation schedule for each
account, we use the total number of extra rehearsals that the user would have
to do to remember all of his passwords as a measure of the usability of the
password scheme. Our usability model leads us to a key observation: password
reuse benefits users not only by reducing the number of passwords that the user
has to memorize, but more importantly by increasing the natural rehearsal rate
for each password. We also present a security model which accounts for the
complexity of password management with multiple accounts and associated
threats, including online, offline, and plaintext password leak attacks.
Observing that current password management schemes are either insecure or
unusable, we present Shared Cues--- a new scheme in which the underlying secret
is strategically shared across accounts to ensure that most rehearsal
requirements are satisfied naturally while simultaneously providing strong
security. The construction uses the Chinese Remainder Theorem to achieve these
competing goals
A Formula That Generates Hash Collisions
We present an explicit formula that produces hash collisions for the
Merkle-Damg{\aa}rd construction. The formula works for arbitrary choice of
message block and irrespective of the standardized constants used in hash
functions, although some padding schemes may cause the formula to fail. This
formula bears no obvious practical implications because at least one of any
pair of colliding messages will have length double exponential in the security
parameter. However, due to ambiguity in existing definitions of collision
resistance, this formula arguably breaks the collision resistance of some hash
functions.Comment: 10 page
- …