Filters








1,794 Hits in 5.3 sec

Out-Of-Band Authenticated Group Key Exchange: From Strong Authentication to Immediate Key Delivery

Moni Naor, Lior Rotem, Gil Segev, Daniel Wichs, Adam D. Smith, Yael Tauman Kalai
2020 Conference on Information-Theoretic Cryptography  
length of its out-of-band value and its security.  ...  Given the inherent ad-hoc nature of popular communication platforms, out-of-band authenticated key-exchange protocols are becoming widely deployed: Key exchange protocols that enable users to detect man-in-the-middle  ...  [44] , we consider in addition the security of out-of-band key-exchange protocols when executed by lazy users who may not consider the out-of-band value in its entirety (e.g., users who compare with  ... 
doi:10.4230/lipics.itc.2020.9 dblp:conf/icits/NaorR020 fatcat:lrumsmiydff2rgwg3uj7njyaie

Authentication and Key Management Automation in Decentralized Secure Email and Messaging via Low-Entropy Secrets [article]

Itzel Vazquez Sandoval, Arash Atashpendar, Gabriele Lenzini
2020 arXiv   pre-print
First, we study a few vulnerabilities in voice-based out-of-band authentication, in particular a combinatorial attack against lazy users, which we analyze in the context of a secure email solution.  ...  We revisit the problem of entity authentication in decentralized end-to-end encrypted email and secure messaging to propose a practical and self-sustaining cryptographic solution based on password-authenticated  ...  Ryan for his valuable feedback and pEp Security S.A./SnT for funding the project "Security Protocols for Private Communications".  ... 
arXiv:2005.10787v1 fatcat:kklmfbpwbjaatlry4flcimkh4m

Toward securing untrusted storage without public-key operations

Dalit Naor, Amir Shenhav, Avishai Wool
2005 Proceedings of the 2005 ACM workshop on Storage security and survivability - StorageSS '05  
We present the trade-offs and limitations that are introduced by these substitutions.  ...  Adding security capabilities to shared, remote and untrusted storage file systems leads to performance degradation that limits their use.  ...  This mechanism may be in-band, which means that the file system manages or participates in the distribution process, or out-of-band, assuming an existing key distribution infrastructure.  ... 
doi:10.1145/1103780.1103788 dblp:conf/storagess/NaorSW05 fatcat:dxfef423ybgltjyzy4r7cidnmq

Corslet: A shared storage system keeping your data private

Wei Xue, JiWu Shu, Yang Liu, Mao Xue
2011 Science China Information Sciences  
In such shared distributed storage systems, an ordinary user usually does not have the control permission over the whole system, and thus cannot secure data storage or data sharing of his own files.  ...  The Bonnie++ and IOzone benchmark results show that the throughput of Corslet over NFS can achieve more than 90% of native NFS throughput in most tests, proving that Corslet can provide enhanced security  ...  A user has to get the asymmetric key to access the enciphered file, and further the symmetric key to decrypt that file to get the data. This is a kind of out-band manner.  ... 
doi:10.1007/s11432-011-4259-y fatcat:zfys3kl4nvbw5hahnj2o5u63pi

PakeMail: authentication and key management in decentralized secure email and messaging via PAKE [article]

Itzel Vazquez Sandoval, Arash Atashpendar, Gabriele Lenzini, Peter Y.A. Ryan
2021 arXiv   pre-print
We first study a few vulnerabilities in voice-based OOB authentication, in particular a combinatorial attack against lazy users, which we analyze in the context of a secure email solution.  ...  a series of cryptographic enhancements and security properties, which are hard to achieve using out-of-band (OOB) authentication.  ...  Pitfalls in out-of-band authentication In OOB authentication, users typically compare some representation of a cryptographic hash (fingerprint) of their partners' public keys via a separate authenticated  ... 
arXiv:2107.06090v1 fatcat:52kswe5h4vh33m5xzsqdsvnq4a

Distributed security storage model for large-scale data

Ming Zhang, Wei Chen, Yunpeng Cao
2017 Journal of Mathematics and Computer Science  
However, the users can not control the data access rules. So the transparent security management of Large-scale data in distributed networks is a challenge.  ...  With the development of large-scale data, the increasingly users need to store the data in the distributed storage system due to the fact that the signal computer can not hold the massive data.  ...  security of user data.  ... 
doi:10.22436/jmcs.017.04.05 fatcat:2p4kgu4larg3fborijtn4zgxba

Analyzing the Secure Simple Pairing in Bluetooth v4.0

Raphael C.-W. Phan, Patrick Mingard
2010 Wireless personal communications  
What is interesting is that device authentication relies on humans to communicate verification information between devices via a human-aided out-of-band channel.  ...  We highlight some issues related to exchange of public keys and use of the passkey in its models and discuss how to treat them properly.  ...  In the latter case, the out-of-band authenticated channel is again a visual inspection by the user.  ... 
doi:10.1007/s11277-010-0215-1 fatcat:5g62fqibkncdzc3n4dsyu7alpm

Secure Sharing of Data for Dynamic Group in Cloud Storage Application

Dr. Dhanaraj Cheelu, K. V. Uma Maheswari
2021 International Journal of Scientific Research in Computer Science Engineering and Information Technology  
Sometimes change to user one group to another group, the group key to enable authenticated users to access the files securely and efficiently is still a challenging problem.  ...  To Key Generation method for user a time based dynamic group Key which capably to make stronger in cloud security.  ...  Key management and user revocation is simple with minimal out-of-band communication. File system are maintained by SiRiUS using hash tree constructions.  ... 
doi:10.32628/cseit217299 fatcat:yf5zdd4ulnh3fevj5qsa7pcqzy

Evaluation of Out-of-Band Channels for IoT Security

Sampsa Latvala, Mohit Sethi, Tuomas Aura
2019 SN Computer Science  
We then look at one candidate bootstrapping protocol: Nimble out-of-band authentication for EAP (EAP-NOOB).  ...  Therefore, several device bootstrapping protocols rely on an out-of-band (OOB) channel for initial device authentication and configuration.  ...  Generated using the QRcode Monkey tool https ://www.qrcod e-monke y.com/  ... 
doi:10.1007/s42979-019-0018-8 fatcat:xahmhvfaxjc37d5g7oxjicxphu

CRUST: Cryptographic Remote Untrusted Storage without Public Keys

Erel Geron, Avishai Wool
2007 Fourth International IEEE Security in Storage Workshop  
However, we chose not to rely on out-of-band mechanisms (unlike Plutus [KRS + 03]), and not to use a Kerberos-like key distribution center [SNS88] .  ...  As a generic and self-contained system, CRUST includes its own in-band key distribution mechanism and does not rely on any special capabilities of the server or the clients.  ...  In practice, we use the HMAC algorithm as the pseudo-random function. These keys are given to each user during system setup in a secure, out-of-band method.  ... 
doi:10.1109/sisw.2007.4389740 fatcat:qqsaq3wtczey3pk5otxuts5geq

CRUST: cryptographic remote untrusted storage without public keys

Erel Geron, Avishai Wool
2009 International Journal of Information Security  
However, we chose not to rely on out-of-band mechanisms (unlike Plutus [KRS + 03]), and not to use a Kerberos-like key distribution center [SNS88] .  ...  As a generic and self-contained system, CRUST includes its own in-band key distribution mechanism and does not rely on any special capabilities of the server or the clients.  ...  In practice, we use the HMAC algorithm as the pseudo-random function. These keys are given to each user during system setup in a secure, out-of-band method.  ... 
doi:10.1007/s10207-009-0081-6 fatcat:pkyfopqgingsffluutpq4x434y

CRUST: Cryptographic Remote Untrusted Storage without Public Keys

Erel Geron, Avishai Wool
2007 Fourth International IEEE Security in Storage Workshop  
However, we chose not to rely on out-of-band mechanisms (unlike Plutus [KRS + 03]), and not to use a Kerberos-like key distribution center [SNS88] .  ...  As a generic and self-contained system, CRUST includes its own in-band key distribution mechanism and does not rely on any special capabilities of the server or the clients.  ...  In practice, we use the HMAC algorithm as the pseudo-random function. These keys are given to each user during system setup in a secure, out-of-band method.  ... 
doi:10.1109/sisw.2007.9 dblp:conf/sisw/GeronW07 fatcat:uf3plrqaqveczkknxzny2i4p6u

SQL Injection Attacks Predictive Analytics Using Supervised Machine Learning Techniques

Akinsola Jide E. T., Awodele Oludele, Idowu Sunday A., Kuyoro Shade O.
2020 International Journal of Computer Applications Technology and Research  
On the other hand, in Cross Validation technique SMO, IBK and J48 had time to build model value of 10.15sec, 0.06sec, and 14.12sec respectively while in Hold-Out technique SMO, IBK and J48 had time to  ...  Hold-Out (70%) and 10-fold Cross Validation evaluation techniques were used to evaluate the performance of the supervised learning classification algorithms to choose the best algorithm.  ...  SQLI Based On Out-of-Band Out -of-band SQLI is not quite prevalent, mainly since it will depend on the functionality of the web application that is used on the database server.  ... 
doi:10.7753/ijcatr0904.1004 fatcat:irmkqktyvna5fet345xtzhxif4

Dependable and secure remote management in IaaS clouds

Tomohisa Egawa, Naoki Nishimura, Kenichi Kourai
2012 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings  
To solve this security issue, this paper proposes FBCrypt for preventing information leakage via the management VM in out-of-band remote management.  ...  For dependability, they often perform out-of-band remote management via the management VM. Even in the case of system failures inside their VMs, the users could directly access their systems.  ...  ACKNOWLEDGMENT This research was supported in part by JST, CREST.  ... 
doi:10.1109/cloudcom.2012.6427597 dblp:conf/cloudcom/EgawaNK12 fatcat:dmmmegh5d5c7femlvxwjgkz5me

Key-Aggregate Based Vulnerable Data Access Control in Cloud Computing

Sowmiya. S, Dr. T. Priyaradhikadevi
2018 International Journal of Trend in Scientific Research and Development  
Cloud based services not only provide users with convenience, but also bring many security issues. The user can store his data in the cloud service.  ...  In the developing technologies in the computers the cloud computing is one the way to provide services through the internet to the users in the efficient manner.  ...  Key management and revocation is simple with minimal out-of-band communication. File system freshness guarantees are supported by SiRiUS using hash tree constructions.  ... 
doi:10.31142/ijtsrd11633 fatcat:2pqjjzghonho5fqpsebsvv5flm
« Previous Showing results 1 — 15 out of 1,794 results