ebook img

Provable Security: 7th International Conference, ProvSec 2013, Melaka, Malaysia, October 23-25, 2013. Proceedings PDF

356 Pages·2013·3.835 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Provable Security: 7th International Conference, ProvSec 2013, Melaka, Malaysia, October 23-25, 2013. Proceedings

Willy Susilo Reza Reyhanitabar (Eds.) 9 0 2 8 S Provable Security C N L 7th International Conference, ProvSec 2013 Melaka, Malaysia, October 2013 Proceedings 123 Lecture Notes in Computer Science 8209 CommencedPublicationin1973 FoundingandFormerSeriesEditors: GerhardGoos,JurisHartmanis,andJanvanLeeuwen EditorialBoard DavidHutchison LancasterUniversity,UK TakeoKanade CarnegieMellonUniversity,Pittsburgh,PA,USA JosefKittler UniversityofSurrey,Guildford,UK JonM.Kleinberg CornellUniversity,Ithaca,NY,USA AlfredKobsa UniversityofCalifornia,Irvine,CA,USA FriedemannMattern ETHZurich,Switzerland JohnC.Mitchell StanfordUniversity,CA,USA MoniNaor WeizmannInstituteofScience,Rehovot,Israel OscarNierstrasz UniversityofBern,Switzerland C.PanduRangan IndianInstituteofTechnology,Madras,India BernhardSteffen TUDortmundUniversity,Germany MadhuSudan MicrosoftResearch,Cambridge,MA,USA DemetriTerzopoulos UniversityofCalifornia,LosAngeles,CA,USA DougTygar UniversityofCalifornia,Berkeley,CA,USA GerhardWeikum MaxPlanckInstituteforInformatics,Saarbruecken,Germany Willy Susilo Reza Reyhanitabar (Eds.) Provable Security 7th International Conference, ProvSec 2013 Melaka, Malaysia, October 23-25, 2013 Proceedings 1 3 VolumeEditors WillySusilo UniversityofWollongong CentreforComputerandInformationSecurityResearch SchoolofComputerScienceandSoftwareEngineering NorthfieldsAve Wollongong,NSW2522,Australia E-mail:[email protected] RezaReyhanitabar ÉcolePolytechniqueFédéraledeLausanne,ICLASEC BâtimentINF,Station14 1015Lausanne,Switzerland E-mail:reza.reyhanitabar@epfl.ch ISSN0302-9743 e-ISSN1611-3349 ISBN978-3-642-41226-4 e-ISBN978-3-642-41227-1 DOI10.1007/978-3-642-41227-1 SpringerHeidelbergNewYorkDordrechtLondon LibraryofCongressControlNumber:2013948620 CRSubjectClassification(1998):E.3,K.6.5,K.4.4,D.4.6,C.2.0,J.1 LNCSSublibrary:SL4–SecurityandCryptology ©Springer-VerlagBerlinHeidelberg2013 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartof thematerialisconcerned,specificallytherightsoftranslation,reprinting,reuseofillustrations,recitation, broadcasting,reproductiononmicrofilmsorinanyotherphysicalway,andtransmissionorinformation storageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilarmethodology nowknownorhereafterdeveloped.Exemptedfromthislegalreservationarebriefexcerptsinconnection withreviewsorscholarlyanalysisormaterialsuppliedspecificallyforthepurposeofbeingenteredand executedonacomputersystem,forexclusiveusebythepurchaserofthework.Duplicationofthispublication orpartsthereofispermittedonlyundertheprovisionsoftheCopyrightLawofthePublisher’slocation, initscurrentversion,andpermissionforusemustalwaysbeobtainedfromSpringer.Permissionsforuse maybeobtainedthroughRightsLinkattheCopyrightClearanceCenter.Violationsareliabletoprosecution undertherespectiveCopyrightLaw. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. Whiletheadviceandinformationinthisbookarebelievedtobetrueandaccurateatthedateofpublication, neithertheauthorsnortheeditorsnorthepublishercanacceptanylegalresponsibilityforanyerrorsor omissionsthatmaybemade.Thepublishermakesnowarranty,expressorimplied,withrespecttothe materialcontainedherein. Typesetting:Camera-readybyauthor,dataconversionbyScientificPublishingServices,Chennai,India Printedonacid-freepaper SpringerispartofSpringerScience+BusinessMedia(www.springer.com) Preface The7thInternationalConferenceonProvableSecurity(ProvSec2013)washeld in Melaka, Malaysia, October 23–25, 2013. The conference was organized by Universiti Teknikal Malaysia Melaka. ProvSec2013received44submissionsfrom15differentcountriesalloverthe world. The review process was a challenging task. Almost all submissions were carefully evaluated by three reviewers, and then discussed among the Program Committee. Moreover, 30 external subreviewers gave review comments on their area of expertise. The Program Committee selected 18 papers for the program out of 44 submissions. Further, the program featured an excellent invited talk given by Serge Vaudenay (EPFL, Lausanne, Switzerland) titled “On Modeling Terrorist Frauds”. ManypeoplecontributedtothesuccessofProvSec2013.First,wewouldlike tothankalloftheauthorsforsubmittingtheirworkstoProvSec2013.Wedeeply thank the 25ProgramCommittee members aswell as the externalreviewersfor theirvolunteerworkofreadinganddiscussingthesubmissions.Theirnamesmay befoundoverleaf.WethanktheGeneralCo-chairs,ShekhFaisalAbdulLatipand Jennifer Seberry, for their excellent management and dedication in organizing andrunningtheconference.WewouldalsoliketothanktheSteeringCommittee and Local Organizing Committee. We also want to express our gratitude to ourgeneroussponsors:PRESTARIANGandSKMM/MCMC.Finally,wewould like to express our thanks to Springer for continuing to support the ProvSec conference and for help in the conference proceedings production. October 2013 Willy Susilo Reza Reyhanitabar Organization General Co-chairs Shekh Faisal Abdul Latip Universiti Teknikal Malaysia Melaka, Malaysia Jennifer Seberry University of Wollongong, Australia Program Co-chairs Willy Susilo University of Wollongong, Australia Reza Reyhanitabar EPFL, Switzerland Program Committee Elena Andreeva KU Leuven, Belgium Man Ho Au University of Wollongong, Australia Joonsang Baek Khalifa University of Science, Technology and Research, UAE Feng Bao Huawei, China Ioana Boureanu EPFL, Switzerland Xiaofeng Chen Xidian University, China Sherman S.M. Chow Chinese University of Hong Kong, China Shoichi Hirose University of Fukui, Japan Qiong Huang South China Agricultural University, China Kauro Kurosawa Ibaraki University, Japan Fabien Laguillaumie UCBL, France Dong Hoon Lee Korea University, South Korea Jin Li Guangzhou University, China Joseph K. Liu Institute for Infocomm Research, Singapore Masahiro Mambo Kanazawa University, Japan Kazuhiko Minematsu NEC Corporation, Japan Miyako Ohkubo NICT, Japan Tatsuaki Okamoto NTT, Japan Josef Pieprzyk Macquarie University, Australia Reihaneh Safavi-Naini University of Calgary, Canada Tsuyoshi Takagi Kyushu University, Japan Duncan S. Wong City University of Hong Kong, China Guomin Yang University of Wollongong, Australia Kan Yasuda NTT, Japan Tsz Hon Yuen University of Hong Kong, China VIII Organization Steering Committee Feng Bao Huawei, China Xavier Boyen QueenslandUniversityofTechnology,Australia Yi Mu University of Wollongong, Australia Josef Pieprzyk Macquarie University, Australia Willy Susilo University of Wollongong, Australia External Reviewers Ji-Eun Eom Bart Mennink Minhye Seo Lihua Wang Sebastian Faust Nele Mentens Jun Shao Yanjiang Yang Hyoseung Kim Kirill Morozov Petr Susil Kazuki Yoneyama Kitak Kim Mridul Nandi Koutarou Suzuki Bingsheng Zhang Hidenori Kuwakado Ryo Nojima Haibo Tian Cong Zhang Liang Liu Seunghwan Park Kerem Varici Yinghui Zhang Jhawar Mahavir Le Trieu Phong Serge Vaudenay Youwen Zhu Takahiro Matsuda Cong Wang Local Organizing Committee (UTeM, Malaysia) Mohd Faizal bin Abdollah Zakiah bt. Ayop Khuzaipah binti Khamis Sharifah Intan binti Osman Mohd Khanapi bin Abd. Ghani Nur Ain Zakirah binti Bahari Sharudin bin Majid Mohd Kamal Tarmizi bin Razak Ahmad F. Nizam bin Abdul Rahman Muhamad Sopian bin Baharom Zulisman Maksom Mohd Fahrulrazi bin Saji Shahrizan bin Abdullah Norasiken binti Bakar Mohd Zaki Masud Muhamad Syahrul Azhar bin Sani Nor Azman bin Abu Nor Hafizah Hamyadi Othman bin Mohd Siti Rahayu binti Selamat Affindi bin Abu Bakar Burairah bin Hussin Burhanuddin bin Mohd Aboobaider Robiah binti Yusof Rabiah binti Ahmad Emaliana binti Kasmuri Norhidayahbinti Mohd Zainudin Muhammad Shazuan bin Zainal Syarulnaziah bt. Anawar Abidin Mohammad Radzi bin Motsidi Table of Contents Invited Talk On Modeling Terrorist Frauds: Addressing Collusion in Distance Bounding Protocols .............................................. 1 Serge Vaudenay Key Exchange Protocols Authenticated Key Exchange Protocols Based on Factoring Assumption ..................................................... 21 Hai Huang Efficient, Pairing-Free, Authenticated Identity Based Key Agreement in a Single Round................................................ 38 S. Sree Vivek, S. Sharmila Deva Selvi, Layamrudhaa Renganathan Venkatesan, and C. Pandu Rangan CIL Security Proof for a Password-BasedKey Exchange .............. 59 Cristian Ene, Cl´ementine Gritti, and Yassine Lakhnech Security Models Non Observability in the Random Oracle Model ..................... 86 Prabhanjan Ananth and Raghav Bhaskar Indistinguishability against Chosen Ciphertext Verification Attack Revisited: The Complete Picture................................... 104 Angsuman Das, Sabyasachi Dutta, and Avishek Adhikari Input-Aware Equivocable Commitments and UC-secure Commitments with Atomic Exchanges........................................... 121 Ioana Boureanu and Serge Vaudenay Towards Anonymous Ciphertext Indistinguishability with Identity Leakage......................................................... 139 Tsz Hon Yuen, Cong Zhang, Sherman S.M. Chow, and Joseph K. Liu Signature and Signcryption Schemes k-Time Proxy Signature: Formal Definition and Efficient Construction .................................................... 154 Weiwei Liu, Guomin Yang, Yi Mu, and Jiannan Wei X Table of Contents Anonymous Signcryption against Linear Related-Key Attacks ......... 165 Hui Cui, Yi Mu, and Man Ho Au Authenticated Encryption Improved Authenticity Bound of EAX, and Refinements .............. 184 Kazuhiko Minematsu, Stefan Lucks, and Tetsu Iwata The Security of the OCB Mode of Operation without the SPRP Assumption ..................................................... 202 Kazumaro Aoki and Kan Yasuda A Short Universal Hash Function from Bit Rotation, and Applications to Blockcipher Modes............................................. 221 Kazuhiko Minematsu Theory How to Remove the Exponent GCD in HK09........................ 239 Xianhui Lu, Bao Li, and Yamin Liu Translation-Randomizable Distributions via Random Walks ........... 249 Nirattaya Khamsemanan and William E. Skeith III Public Key Encryption RKA Secure PKE Based on the DDH and HR Assumptions ........... 271 Dingding Jia, Xianhui Lu, Bao Li, and Qixiang Mei Computationally Efficient Dual-Policy Attribute Based Encryption with Short Ciphertext ............................................ 288 Y. Sreenivasa Rao and Ratna Dutta Factoring-BasedProxy Re-Encryption Schemes ...................... 309 Toshiyuki Isshiki, Manh Ha Nguyen, and Keisuke Tanaka Towards a Secure Certificateless Proxy Re-Encryption Scheme ......... 330 Hui Guo, Zhenfeng Zhang, Jiang Zhang, and Cheng Chen Author Index.................................................. 347 On Modeling Terrorist Frauds Addressing Collusion in Distance Bounding Protocols Serge Vaudenay EPFL, Lausanne, Switzerland http://lasec.epfl.ch Abstract. Quiterecently,distance-boundingprotocolsreceivedalotof attention as they offer a good solution to thwart relay attacks. Their security models at still unstable, especially when considering terrorist fraud. This considers the case where a malicious prover would try to bypass the protocol by colluding with an adversary without leaking his credentials. Two formal models appeared recently: one due to Fischlin and Onete and another one by Boureanu, Mitrokotsa, and Vaudenay. Bothwereproposedwith aprovablysecuredistance-boundingprotocols (FOandSKI,respectively)providingsecurityagainstallstate-of-the-art threat models. Sofar, these two protocols are the only such ones. In this paper we compare both notions and protocols. We identify some errors in the Fischlin-Onete results. We also show that the design of the FO protocol lowers security against mafia frauds while the SKI protocol makes non-standard PRF assumptions and has lower security due to not using post-authentication. None of these protocols provide reasonable parameters to be used in practice with a good security. The nextopenchallenge consistsinprovidingaprotocol combiningbothap- proaches and good practical parameters. Finally, we provide a new security definition against terrorist frauds whichnaturallyinspiresfromthesoundnessnotionforproof-of-knowledge protocols. 1 Introduction Relay attacks and distance-bounding. Many access control protocols are vul- nerable to relay attacks. This is the case of most of RFID-based protocols. To defeat this, distance-bounding protocols offer a practical solution. These pro- tocols, originally proposed by Brands and Chaum [6], consist of proving that a prover is within a close distance to a verifier by using an interactive pro- tocol. The protocol is based on the physical limits of communication. Namely, transmission cannot go faster than the speed of light. So, these protocols use a rapid-bit exchange phase in which the prover must respond extremely fast and messagesareveryshort(typically: single bits), inorderto provethat he is close enough. Threat models. Clearly, distance-bounding shall resist to distance fraud, where a malicious prover tries to defeat the protocol by passing even though he is far W.SusiloandR.Reyhanitabar(Eds.):ProvSec2013,LNCS8209,pp.1–20,2013. (cid:2)c Springer-VerlagBerlinHeidelberg2013

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.