1,518 research outputs found
Privacy on the Line
A penetrating and insightful study of privacy and security in telecommunications for a post-9/11, post-Patriot Act world. Telecommunication has never been perfectly secure. The Cold War culture of recording devices in telephone receivers and bugged embassy offices has been succeeded by a post-9/11 world of NSA wiretaps and demands for data retention. Although the 1990s battle for individual and commercial freedom to use cryptography was won, growth in the use of cryptography has been slow. Meanwhile, regulations requiring that the computer and communication industries build spying into their systems for government convenience have increased rapidly. The application of the 1994 Communications Assistance for Law Enforcement Act has expanded beyond the intent of Congress to apply to voice over Internet Protocol (VoIP) and other modern data services; attempts are being made to require ISPs to retain their data for years in case the government wants it; and data mining techniques developed for commercial marketing applications are being applied to widespread surveillance of the population. In Privacy on the Line, Whitfield Diffie and Susan Landau strip away the hype surrounding the policy debate over privacy to examine the national security, law enforcement, commercial, and civil liberties issues. They discuss the social function of privacy, how it underlies a democratic society, and what happens when it is lost. This updated and expanded edition revises their original—and prescient—discussions of both policy and technology in light of recent controversies over NSA spying and other government threats to communications privacy
Key exchange with the help of a public ledger
Blockchains and other public ledger structures promise a new way to create
globally consistent event logs and other records. We make use of this
consistency property to detect and prevent man-in-the-middle attacks in a key
exchange such as Diffie-Hellman or ECDH. Essentially, the MitM attack creates
an inconsistency in the world views of the two honest parties, and they can
detect it with the help of the ledger. Thus, there is no need for prior
knowledge or trusted third parties apart from the distributed ledger. To
prevent impersonation attacks, we require user interaction. It appears that, in
some applications, the required user interaction is reduced in comparison to
other user-assisted key-exchange protocols
DHWM: A scheme for managing watermarking keys in the Aquarelle multimedia distributed system
On the Design of Cryptographic Primitives
The main objective of this work is twofold. On the one hand, it gives a brief
overview of the area of two-party cryptographic protocols. On the other hand,
it proposes new schemes and guidelines for improving the practice of robust
protocol design. In order to achieve such a double goal, a tour through the
descriptions of the two main cryptographic primitives is carried out. Within
this survey, some of the most representative algorithms based on the Theory of
Finite Fields are provided and new general schemes and specific algorithms
based on Graph Theory are proposed
Experimentally realizable quantum comparison of coherent states and its applications
When comparing quantum states to each other, it is possible to obtain an
unambiguous answer, indicating that the states are definitely different,
already after a single measurement. In this paper we investigate comparison of
coherent states, which is the simplest example of quantum state comparison for
continuous variables. The method we present has a high success probability, and
is experimentally feasible to realize as the only required components are beam
splitters and photon detectors. An easily realizable method for quantum state
comparison could be important for real applications. As examples of such
applications we present a "lock and key" scheme and a simple scheme for quantum
public key distribution.Comment: 14 pages, 5 figures, version one submitted to PRA. Version two is the
final accepted versio
Security by Spatial Reference:Using Relative Positioning to Authenticate Devices for Spontaneous Interaction
Spontaneous interaction is a desirable characteristic associated with mobile and ubiquitous computing. The aim is to enable users to connect their personal devices with devices encountered in their environment in order to take advantage of interaction opportunities in accordance with their situation. However, it is difficult to secure spontaneous interaction as this requires authentication of the encountered device, in the absence of any prior knowledge of the device. In this paper we present a method for establishing and securing spontaneous interactions on the basis of emphspatial references that capture the spatial relationship of the involved devices. Spatial references are obtained by accurate sensing of relative device positions, presented to the user for initiation of interactions, and used in a peer authentication protocol that exploits a novel mechanism for message transfer over ultrasound to ensures spatial authenticity of the sender
- …