Anonymous reputation based reservations in e-commerce (AMNESIC)

Online reservation systems have grown over the last recent years to facilitate the purchase of goods and services. Generally, reservation systems require that customers provide some personal data to make a reservation effective. With this data, service providers can check the consumer history and decide if the user is trustable enough to get the reserve. Although the reputation of a user is a good metric to implement the access control of the system, providing personal and sensitive data to the system presents high privacy risks, since the interests of a user are totally known and tracked by an external entity. In this paper we design an anonymous reservation protocol that uses reputations to profile the users and control their access to the offered services, but at the same time it preserves their privacy not only from the seller but the service provider

A Secure Mobile-based Authentication System

Financial information is extremely sensitive. Hence, electronic banking must provide a robust system to authenticate its customers and let them access their data remotely. On the other hand, such system must be usable, affordable, and portable.We propose a challengeresponse based one-time password (OTP) scheme that uses symmetric cryptography in combination with a hardware security module. The proposed protocol safeguards passwords from keyloggers and phishing attacks. Besides, this solution provides convenient mobility for users who want to bank online anytime and anywhere, not just from their own trusted computers.La informació financera és extremadament sensible. Per tant, la banca electrònica ha de proporcionar un sistema robust per autenticar als seus clients i fer-los accedir a les dades de forma remota. D'altra banda, aquest sistema ha de ser usable, accessible, i portàtil. Es proposa una resposta al desafiament basat en una contrasenya única (OTP), esquema que utilitza la criptografia simètrica en combinació amb un mòdul de maquinari de seguretat. Amés, aquesta solució ofereix mobilitat convenient per als usuaris que volen bancària en línia en qualsevol moment i en qualsevol lloc, no només des dels seus propis equips de confiança.La información financiera es extremadamente sensible. Por lo tanto, la banca electrónica debe proporcionar un sistema robusto para autenticar a sus clientes y hacerles acceder a sus datos de forma remota. Por otra parte, dicho sistema debe ser usable, accesible, y portátil. Se propone una respuesta al desafío basado en una contraseña única (OTP), esquema que utiliza la criptografía simétrica en combinación con un módulo hardware de seguridad hardware. Además, esta solución ofrece una movilidad conveniente para los usuarios que quieren la entidad bancaria en línea en cualquier momento y en cualquier lugar, no sólo des de sus propios equipos de confianza

A Distribution Law for CCS and a New Congruence Result for the pi-calculus

We give an axiomatisation of strong bisimilarity on a small fragment of CCS that does not feature the sum operator. This axiomatisation is then used to derive congruence of strong bisimilarity in the finite pi-calculus in absence of sum. To our knowledge, this is the only nontrivial subcalculus of the pi-calculus that includes the full output prefix and for which strong bisimilarity is a congruence.Comment: 20 page

Computational and Energy Costs of Cryptographic Algorithms on Handheld Devices

Networks are evolving toward a ubiquitous model in which heterogeneous devices are interconnected. Cryptographic algorithms are required for developing security solutions that protect network activity. However, the computational and energy limitations of network devices jeopardize the actual implementation of such mechanisms. In this paper, we perform a wide analysis on the expenses of launching symmetric and asymmetric cryptographic algorithms, hash chain functions, elliptic curves cryptography and pairing based cryptography on personal agendas, and compare them with the costs of basic operating system functions. Results show that although cryptographic power costs are high and such operations shall be restricted in time, they are not the main limiting factor of the autonomy of a device

Product Perfect Codes and Steganography

A new coding technique to be used in steganography is evaluated. The performance of this new technique is computed and comparisons with the well-known theoretical upper bound, Hamming upper bound and basic LSB are established

Cryptographic Energy Costs are Assumable in Ad Hoc Networks

Performance of symmetric and asymmetric cryptography algorithms in small devices is presented. Both temporal and energy costs are measured and compared with the basic functional costs of a device. We demonstrate that cryptographic power costs are not a limiting factor of the autonomy of a device and explain how processing delays can be conveniently managed to minimize their impact

A Secure Cooperative Sensing Protocol for Cognitive Radio Networks

Cognitive radio networks sense spectrum occupancy and manage themselves to operate in unused bands without disturbing licensed users. Spectrum sensing is more accurate if jointly performed by several reliable nodes. Even though cooperative sensing is an active area of research, the secure authentication of local sensing reports remains unsolved, thus empowering false results. This paper presents a distributed protocol based on digital signatures and hash functions, and an analysis of its security features. The system allows determining a final sensing decision from multiple sources in a quick and secure way.Las redes de radio cognitiva detectora de espectro se las arreglan para operar en las nuevas bandas sin molestar a los usuarios con licencia. La detección de espectro es más precisa si el conjunto está realizado por varios nodos fiables. Aunque la detección cooperativa es un área activa de investigación, la autenticación segura de informes locales de detección no ha sido resuelta, por lo tanto se pueden dar resultados falsos. Este trabajo presenta un protocolo distribuido basado en firmas digitales y en funciones hash, y un análisis de sus características de seguridad. El sistema permite determinar una decisión final de detección de múltiples fuentes de una manera rápida y segura.Les xarxes de ràdio cognitiva detectora d'espectre se les arreglen per operar en les noves bandes sense destorbar els usuaris amb llicència. La detecció d'espectre és més precisa si el conjunt està realitzat per diversos nodes fiables. Encara que la detecció cooperativa és una àrea activa d'investigació, l'autenticació segura d'informes locals de detecció no ha estat resolta, per tant es poden donar resultats falsos. Aquest treball presenta un protocol distribuït basat en signatures digitals i en funcions hash, i una anàlisi de les seves característiques de seguretat. El sistema permet determinar una decisió final de detecció de múltiples fonts d'una manera ràpida i segura

Spectrum sharing models in cognitive radio networks

Spectrum scarcity demands thinking new ways to manage the distribution of radio frequency bands so that its use is more effective. The emerging technology that can enable this paradigm shift is the cognitive radio. Different models for organizing and managing cognitive radios have emerged, all with specific strategic purposes. In this article we review the allocation spectrum patterns of cognitive radio networks and analyse which are the common basis of each model.We expose the vulnerabilities and open challenges that still threaten the adoption and exploitation of cognitive radios for open civil networks.L'escassetat de demandes d'espectre fan pensar en noves formes de gestionar la distribució de les bandes de freqüència de ràdio perquè el seu ús sigui més efectiu. La tecnologia emergent que pot permetre aquest canvi de paradigma és la ràdio cognitiva. Han sorgit diferents models d'organització i gestió de les ràdios cognitives, tots amb determinats fins estratègics. En aquest article es revisen els patrons d'assignació de l'espectre de les xarxes de ràdio cognitiva i s'analitzen quals són la base comuna de cada model. S'exposen les vulnerabilitats i els desafiaments oberts que segueixen amenaçant l'adopció i l'explotació de les ràdios cognitives per obrir les xarxes civils.La escasez de demandas de espectro hacen pensar en nuevas formas de gestionar la distribución de las bandas de frecuencia de radio para que su uso sea más efectivo. La tecnología emergente que puede permitir este cambio de paradigma es la radio cognitiva. Han surgido diferentes modelos de organización y gestión de las radios cognitivas, todos con determinados fines estratégicos. En este artículo se revisan los patrones de asignación del espectro de las redes de radio cognitiva y se analizan cuales son la base común de cada modelo. Se exponen las vulnerabilidades y los desafíos abiertos que siguen amenazando la adopción y la explotación de las radios cognitivas para abrir las redes civiles

Application of the measured equation of invariance to radiation and scattering by flat surfaces

Because on flat surfaces the electric currents are confined to two dimensions, a simple vector potential formulation can be used. The problem of radiation and scattering by rectangular strip dipoles is solved, including the transversal variation of the current across the dipole width. Also of interest are the currents induced on antennas with step variations in width, and with bends and T-junctions.Peer ReviewedPostprint (published version

The measured equation of invariance and its application to transmission line modelling

The Measured Equation of Invariance (MEI) is a geometry-dependent Finite Difference equation that can be used to terminate a mesh extremely close to the object of interest. The mesh can be terminated much closer than what absorbing boundary conditions would allow, but still keeping the locality of the equations. In this paper, this new concept is applied to the numerical simulation of transmission lines and their discontinuities.Peer ReviewedPostprint (published version