Related papers: Effective Security by Obscurity
Motivated by the problem of simultaneously preserving confidentiality and usability of data outsourced to third-party clouds, we present two different database encryption schemes that largely hide data but reveal enough information to…
A blind decryption scheme enables a user to query decryptions from a decryption server without revealing information about the plaintext message. Such schemes are useful, for example, for the implementation of privacy preserving encrypted…
"What Should be Hidden and Open in Computer Security: Lessons from Deception, the Art of War, Law, and Economic Theory" Peter P. Swire, George Washington University. Imagine a military base. It is defended against possible attack. Do we…
This paper investigates an important class of information-flow security property called opacity for stochastic control systems. Opacity captures whether a system's secret behavior (a subset of the system's behavior that is considered to be…
Information systems and data are necessary resources for several companies and individuals; but they likewise encounter numerous risks and dangers that can threaten their protection and value. Information security and information assurance…
Opacity is a confidentiality property that holds when certain secret strings of a given system cannot be revealed to an outside observer under any system activity. Opacity violations stimulate the study of opacity enforcement strategies.…
Methods of quantum mechanics promise information-theoretic security for various protocols in cryptography. However, impossibility of some cryptographic applications such as standard bit commitment, oblivious transfer, multiparty secure…
Many reports regarding online fraud in varieties media create skepticism for conducting transactions online, especially through an open network such as the Internet, which offers no security whatsoever. Therefore, encryption technology is…
With the increasing use of online services, the protection of the privacy of users becomes more and more important. This is particularly critical as authentication and authorization as realized on the Internet nowadays, typically relies on…
This paper investigates an important informationflow security property called opacity in partially-observed discrete-event systems. We consider the presence of a passive intruder (eavesdropper) that knows the dynamic model of the system and…
Malware authors often use cryptographic tools such as XOR encryption and block ciphers like AES to obfuscate part of the malware to evade detection. Use of cryptography may give the impression that these obfuscation techniques have some…
The primary objective of an anonymity tool is to protect the anonymity of its users through the implementation of strong encryption and obfuscation techniques. As a result, it becomes very difficult to monitor and identify users activities…
Information-theoretic secrecy, in particular the wiretap channel formulation, provides protection against interception of a message by adversary Eve and has been widely studied in the last two decades. In contrast, covert communications…
Despite exciting progress on cryptography, secure and efficient query processing over outsourced data remains an open challenge. We develop a communication-efficient and information-theoretically secure system, entitled Obscure for…
We introduce a framework for reasoning about the security of computer systems using modal logic. This framework is sufficiently expressive to capture a variety of known security properties, while also being intuitive and independent of…
Verifiable credentials are a digital analogue of physical credentials. Their authenticity and integrity are protected by means of cryptographic techniques, and they can be presented to verifiers to reveal attributes or even predicates about…
Protecting source code against reverse engineering and theft is an important problem. The goal is to carry out computations using confidential algorithms on an untrusted party while ensuring confidentiality of algorithms. This problem has…
Blind signature schemes enable a useful protocol that guarantee the anonymity of the participants while Signcryption offers authentication of message and confidentiality of messages at the same time and more efficiently. In this paper, we…
Due to successful applications of data analysis technologies in many fields, various institutions have accumulated a large amount of data to improve their services. As the speed of data collection has increased dramatically over the last…
Despite numerous countermeasures proposed by practitioners and researchers, remote control-flow alteration of programs with memory-safety vulnerabilities continues to be a realistic threat. Guaranteeing that complex software is completely…