Naomaru Itoi
itoi@eecs.umich.edu
7/17/2001
Pretty cool paper.
Differential Power Analysis, or DPA, is a huge threat to all smartcard projects. To run this attack, the attacker monitors the power consumption by the smartcard. The smartcard consumes different amount of electoricity depending on operations. For example, storing 11111111 to a register whose current value is 00000000 consumes a lot more energy than to store 00000000. This characteristic was used to figure out the DES key inside the card by Kocher et al.
This paper is an attempt to counter DPA. It reorders processor operations (LD, ST, ADD, etc.) randomly in hope of creating enough randomness so that the attacker cannot find the tendency. They run a simulation and conclude that it works against DPA.
Well, it's my paper. :)
With the majority of security breaches coming from inside of organizations, and with the number of public computing sites, where users do not know the system administrators, increasing, it is dangerous to blindly trust system administrators to manage computers appropriately. However, most current security systems are vulnerable to malicious software modification by administrators. To solve this problem, we have developed a system called sAEGIS, which embraces a smartcard as a personal secure storage of computer component hashes, and uses the hashes in a secure booting process to assure the integrity of the computer components.
People seem to like the idea - let users take control from sysadmins. It's not yet clear whether this is achievable with the proposed solution (smartcard for personal hash storage), but hey, it's one step forward.
To ease integration of security mechanisms (authentication and authorization) to applications, he proposes a one-function API, that is, "Can I do this?" function. Everything happens underneath is hidden from the API.
This can be pretty useful, I think. Things change in authentication and authorization, e.g., mechanisms change (NIS, Kerberos, certificate-based ...) and policies change (now you can't do this anymore). Therefore, it is a good idea to abstract all these things. I think it is a good idea to abstract it in this way, because "Can I do this?" is intuitive.
DH-EKE is a protocol to establish a strong shared key based on a weak shared key (e.g., a user-chosen password). They replace the RSA part of DH-EKE with Elliptic Curve operations. It's not as straightforward as it sounds, because just replacing RSA with EC makes the protocol insecure because it will be vulnerable to dictionary attack (adversary can tell the right password because the plaintext has some mathematical characteristics). So they use a curve called "twisted curve".
Pretty cool paper. This can be very useful on something like PDAs because EC is much faster than RSA (see the next presentation).
Optimize Elliptic Curve operations on low-end Handspring Visor. Signature takes blistering 0.9 sec, compared with RSA's 23 sec. (I cannot find the RSA number in the paper, but I think 23 is what they had in the presentation.)
Shamefully, ^^; I did not know why everyone was taking about steganography until the conference. (I knew Niels was working on it, but that's about all I knew.) So I thought I should share this knowledge with other people who wonder why everyone talks about it. You can hide information inside images with Steganography. The provider of the information hides something from the consumer. Then the provider uses it to prove that the consumer possessed it. For example, the provider, Nao, sells a movie to the consumer, Alok. Nao hides a message "Nao gave this to Alok on 7/16/2001" inside the movie. Then later, Alok, always nice to his friends, gives a copi of the movie to his friend, Arun, who enjoys the movie for free. Later Nao finds out Arun watched it and suspects that Alok gave him a copy. Nao checks the hidden message in Arun's copy, and finds out Alok did indeed copy it.
Obviously, this is big big big in the copyright protection business, so that's why everyone's talking about it, I guess.