Selected Synopses of Paper Presentations at the IEEE Security and Privacy Symposium, May 12-14, 2003

From Jason Holt, BYU CS grad student:

Using Replication and Partitioning to Build Secure Distributed Systems
Lantian Zheng, Stephen Chong and Andrew C. Myers from Cornell University, and Steve Zdancewic from UPenn.

Paper available at
Jif compiler available at:

Andrew Myers gave a presentation about their Java extension called "Jif". Jif provides integrity and confidentiality for data in programs run on distributed systems of untrusting hosts. Data can be given "confidential" or "integrity" labels with respect to specific principals, and the compiler does the rest. "Confidential" means that the object should never be revealed to the specified host (unless an explicit "downgrade" is made to the policy). "Integrity" means that the specified host (automagically) provides a commitment to a value which is (again, automagically) verified when the value is later used. Jif provides a sort of formal verification for checking assumptions and catching errors during development, as well as code to catch misbehaving hosts during execution.

Using Memory Errors to Attack a Virtual Machine
Sudhakar Govindavajhala, Andrew W. Appel, (Princeton)

Sudhakar Govindarajhala gave an enjoyable and well-received presentation (and demonstration) of how to break a Java VM's type checking mechanism in the presence of hardware memory errors. An array of a carefully constructed objects of type A is created to use up as much memory as possible. All the A objects contain pointers to a single instance of a slightly different object of type B. If a memory error flips a bit in any of the pointers, then with high probability it will instead point to another type A object - even though the VM thinks it's pointing at the B object. This creates a sort of union in which a pointer can be modified as if it were an int. The VM's security settings for the program can then be manipulated at will. The attack is even portable, working on both IBM and Sun's Java VMs, and Sudhakar pointed out that C# VMs should be just as vulnerable.

He followed the talk with a demonstration, shining a bright light on the DIMMs in a PC for a few minutes; the attack worked perfectly. ECC memory was mentioned as a good candidate for protecting against this kind of attack, as long as the machine takes action when a suspicious number of detectable faults occur. Sudhakar also touched briefly on the possibility that an exploit might be found which could take advantage of memory faults to compromise OS security instead of just VM constraints, and that memory faults may be possible to create (or simply exploit when they occur naturally) without close-range attacks on the hardware itself.

Secret Handshakes from Pairing-Based Key Agreements
D. Balfanz, G. Durfee (PARC), N. Shankar (U. Maryland), D.K. Smetters, J. Staddon, H.C. Wong (PARC)

Paper available at:

Secret handshakes add new capabilities to credential systems and secure service discovery mechanisms. Alice can send Bob a message which reveals that she has credential A if and only if Bob possesses credential B. Eavesdroppers and uncredentialed imposters learn nothing about what credentials are required and used. This can be used to resolve circular dependencies between Alice and Bob's policies (eg., where each reveals their Secret Agent credential only to other Secret Agents). Balfanz et al provide a specification for using secret handshakes in TLS, and have created a Java implementation.

From Hilarie Orman, Purple Streak, Inc.:

Invited Talk, Matt Blaze, ATT Research

Blaze's work on understanding the security of metal keys is entertaining to the cryptographic community because of its analogies to "breaking" a mathematical or software system based on security through obscurity. In his invited talk he gave some of the history of metal key and lock designs, including some interesting commentary from over a hundred years ago about the advantages of public discussion of security. By the 1950's the discourse seems to have changed in favor of a viewing locksmiths as a secret guild, protecting the public through its obscure information. Blaze showed how easy it was to burst through the secrecy of a particular lock and key design and to produce a master key by analyzing the simple combinatorics and chipping away at a test key.

A novel twist to the talk was seeing Blaze exhibit a portable device for cutting keys, and during the coffee break he demonstrated its use, producing a master key for an example lock system starting from a key blank a key instance.

Another interesting piece of information came from Steve Bellovin's short remarks about the simplistic nature of the rekeying system used for electronic locks in hotels.

Invited Talk, Michael Howard, Microsoft

Howard is part of group with Microsoft, headed by Steve Lipner, that shows developers how to produce more secure software. Showing a bit of attitude even before speaking, he displayed his Powerpoint slides from a laptop machine bearing a bumper sticker in highly visible lettering asserting "My other machine is your Linux box".

Howard takes a down-to-earth, practical approach to the problem. He makes developers aware of the dangers of leaving opportunities for exploits by system security underminers. His goal is to have Microsoft's products free from bonehead errors like buffer overflows, gratuitously high privilege levels, unnecessary features, and a host of other evils.

A questioner revealed some skepticism in asking about Microsoft's notorious "Easter Eggs." Howard showed his belief that his organization has some bite behind its bark in replying that Easter Egg hiders would be fired.

The Five Minute Talks at the IEEE Symposium on Security and Privacy May 12, 2003

Towards Litigation Risk Management in Information Security and Privacy
John W. Bagby, Pennsylvania State University

Listen and Whisper: Security Mechanisms for BGP
L. Subramanain, V. Roth, I. Stoica, UC Berkely, and S. Shenker, ICSI Berkeley

ForNet: A Distributed Network Forensics System
K. Shanmugasundaram and N. Memon, Polytechnic University, NY

Anonymous Usage of Location-Based Services Through Spatial and Temporal Cloaking
M. Gruteser and D. Grunwald, University of Colorado at Boulder

Scrash: Privacy-Preserving Crash Reports
P. Braodwell, M. Harren, N. Sastry, University of California at Berkeley

Verifying Secure Data-flow using Type Qualifiers
R. Johnson

Trusted Computing Exemplar Project
C. Irvine, T. Levin, T. Nguyen, G. Dinolt, Naval Post Graduate School

The SimSecurity Information Assurance Virtual Laboratory
C. Irvine, Naval Post Graduate School

A Logic for the Exclusion Basis System
S. Redwine, Jr., James Madison University

The Difference in Knowledge is Key
S. Redwine, Jr., James Madison University

Context Free Grammar (CFG) based Cryptosytems
A. Singh, Georgia Institute of Technology

ESIMS - An Efficient Key Predistribution Scheme
M. Ramkumar, N. Memon, Polytechnic University, NY

Design of New Office Security System - Aiming at stricter access control and improved operational efficiency
M. Fujikawa, H. Doi, S. Tsuji, SOHGO Security Services, Chuo University, Research and Development Initiative, Chuo University

NSF Activities in Cyber Trust
Carl Landwehr, National Science Foundation

A Note on the Fragility of the "Michael" Message Integrity Code
Avishai Wool, Tel Aviv University.