Subject: Electronic CIPHER, Issue 35, January 21, 2000 _/_/_/_/ _/_/_/ _/_/_/_/ _/ _/ _/_/_/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/_/ _/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/ _/ _/ _/ _/_/_/_/ _/ _/ ==================================================================== Newsletter of the IEEE Computer Society's TC on Security and Privacy Electronic Issue 35 January 21, 2000 Paul Syverson, Editor Bob Bruen, Book Review Editor Hilarie Orman, Assoc. Editor Mary Ellen Zurko, Assoc. Editor Anish Mathuria, Reader's Guide ==================================================================== http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/ Contents: [1855 lines total] Letter from the TC Chair Letter from the Editor 2000 IEEE Computer Security Foundations Workshop (CSFW 13) o Final Call for Papers 2000 IEEE Symposium on Security and Privacy (S&P 2000) o Preliminary Program Security and Privacy News Briefs: o LISTWATCH: Items from security-related lists, by Mary Ellen Zurko Highlights are from dcsb, risks, privacy, cypherpunks, and tbtf. Commentary and Opinion: Book Reviews by Bob Bruen o Inside Java 2 Platform Security. Architecture, API Design, and Implementation by Li Gong o Maximum Linux Security. A Hacker's Guide to Protecting Your Linux Server and Workstation. Anonymous. Conference Reports: o ACSAC '99 by Mahesh V. Tripunitara Who's Where: recent address changes Calls for Papers Reader's guide to recent security and privacy literature o Conference Papers o Journal and Newsletter articles o Books Calendar List of Computer Security Academic Positions, maintained by Cynthia Irvine Publications for Sale -- S&P and CSFW proceedings available TC officers Information for Subscribers and Contributors ____________________________________________________________________ Letter from the Technical Committee Chair ____________________________________________________________________ Dear Friends, You probably know by now that the IEEE Computer Society Technical Committee on Security and Privacy ("the TC" or "TCSP") is the body which sponsors our conferences, publishes our newsletter, pursues our standards activities, and develops our educational programs. This has been a busy season for TCSP. Here are some highlights: Gary Gronke of Intel represented us at the IEEE Computer Society meeting in Portland, Oregon. He, and we, stayed out of trouble by not taking any action items. My thanks to Gary, and to our Standards Chair, David Aucsmith, also of Intel, for flying the TC flag in Portland. The Program Committee for the Symposium on Security and Privacy met and chose a stellar program from among the many papers submitted. Competition was fierce. My thanks to all the authors who submitted work. It is your efforts that make Oakland the premier conference in its field. Thanks also to the Program Chairs, Mike Reiter of Bell Labs and Roger Needham of Microsoft Research, and to all the members of the Program Committee for your hard and difficult work. There is still time to send your proposal for a five-minute talk at Oakland. The Program Committee for the Computer Security Foundations Workshop will be meeting real soon now. The Foundations deadline is 31 January 2000. Send your paper. I am sad to report that Paul Syverson of the Naval Research Laboratories has decided to hang up his green eye shade after two years of serving us as the Editor of Cipher. This will be the last issue he edits. During Paul's tenure as Editor several other societies, including IACR, have used Cipher as a model of how an online newsletter ought to be done. It is mainly Cipher that keeps us together as a community during the long cold months between conferences. So, I tip my hat to Paul and add my thanks to the thanks he deserves from all his readers. Paul did not leave us in the lurch; he recruited his replacement. (What a guy!) I am happy to report that Jim Davis of Iowa State University has agreed to serve as Editor of Cipher starting with the next issue. Jim is an educator. You are already familiar with his work as he has been organizing the Calls for Papers section of Cipher. Welcome Jim. That's it for now. Feel free to email of phone to let me know what's on your mind about the TC. Best, --Tom Berson Chair IEEE Computer Society Technical Committee on Security and Privacy (and that's a mouthful) ____________________________________________________________________ Letter from the Editor ____________________________________________________________________ Dear Readers, We are pleased to bring you another issue of Cipher. If you have read Tom Berson's kind letter, then you know that I say this to you for the last time as editor of Cipher. It has been an educational and rewarding few years for me, but it is time for a new hand at the helm. The new editor will be Jim Davis. As Tom noted, he has ably maintained the call-for-papers page for several years. Readers may not be aware of that since he has modestly declined billing at the head of the newsletter up to now. I want to thank Jim and the rest of the "permanent staff", Bob Bruen, Anish Mathuria, Hilarie Orman, and Mary Ellen Zurko, for all their help over the last few years. Far more than I, they embody this newsletter. (Indeed, they are also more permanent than I; all but Anish were on board under Carl Landwehr, and all of them remain on board as I depart.) I also want to thank all the people who have written conference summaries. Some of them too are virtual regulars, and this is another core component of the newsletter. I thank Carl Landwehr for his continued help. I also thank Avi Rubin, my co-editor for the first year of my tenure, for sharing and thus easing my learning of the ropes. My farewell is a bit disingenuous. I will continue on, helping Jim Davis with transitions, just as Carl has continued to help me. I hope that you will continue to contribute as well. Finally, I hope everyone, including Hilarie, will find it appropriate if I close this letter by saying aloha, Paul ____________________________________________________________________ Thirteenth IEEE Computer Security Foundations Workshop Call for Papers ____________________________________________________________________ Call For Papers 13th IEEE Computer Security Foundations Workshop July 3-5, 2000 Cambridge, England Sponsored by the Technical Committee on Security and Privacy of the IEEE Computer Society This workshop series brings together researchers in computer science to examine foundational issues in computer security. For background information about the workshop, see the CSFW home page. This year the workshop will be in Cambridge, UK. We are interested both in new results in theories of computer security and also in more exploratory presentations that examine open questions and raise fundamental concerns about existing theories. Both papers and panel proposals are welcome. Possible topics include, but are not limited to: --------------- access control authentication data and system integrity database security network security distributed systems security anonymity privacy security for mobile computing security protocols security models formal methods for security information flow executable content The proceedings are published by the IEEE Computer Society and will be available at the workshop. Selected papers will be invited for submission to the Journal of Computer Security. Instructions for Participants Submission is open to anyone. Workshop attendance is limited to about 40 participants. Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with a proceedings. Papers should be at most 20 pages excluding the bibliography and well-marked appendices (using 11-point font, single column format, and reasonable margins on 8.5"x11" paper), and at most 25 pages total. Committee members are not required to read the appendices, and so the paper should be intelligible without them. Proposals for panels should be no longer than five pages in length and should include possible panelists and an indication of which of those panelists have confirmed participation. To submit a paper, send to syverson@itd.nrl.navy.mil a plain ASCII text email containing the title and abstract of your paper, the authors' names, email and postal addresses, phone and fax numbers, and identification of the contact author. To the same message, attach your submission (as a MIME attachment) in PDF or portable postscript format. Do not send files formatted for word processing packages (e.g., Microsoft Word or WordPerfect files). Submissions received after the submission deadline or failing to conform to the guidelines above risk rejection without consideration of their merits. Where possible all further communications to authors will be via email. If for some reason you cannot conform to these submission guidelines, please contact the program chair at syverson@itd.nrl.navy.mil. Important Dates Submission deadline: January 31, 2000 Notification of acceptance: March 13, 2000 Camera-ready papers: April 10, 2000 Program Committee ----------------- * Tuomas Aura, Helsinki University of Technology, Finland * Drew Dean, Xerox PARC, USA * Joan Feigenbaum, AT&T Labs--Research, USA * Simon Foley, University College Cork, Ireland * Matt Franklin, Xerox PARC, USA * Dieter Gollmann, Microsoft Research, UK * Roberto Gorrieri, University of Bologna, Italy * Pat Lincoln, SRI International, USA * Nancy Lynch, Massachusetts Institute of Technology, USA * Cathy Meadows, Naval Research Laboratory, USA * Sylvan Pinsky, National Security Agency, USA * Mike Reiter, Bell Labs, USA * Steve Schneider, Royal Holloway, University of London, UK * Geoff Smith, Florida International University, USA * Paul Syverson (chair), Naval Research Laboratory, USA Workshop Location ------------------ The workshop will be held at the University of Cambridge, UK. Cambridge is a world-renowned collegiate university about 100 kilometres (60 miles) north of London. Both the city and the university are small by modern standards; about 130 000 people live in Cambridge and the university has about 9000 undergraduate and 6000 postgraduate students. Some name dropping: a remarkable number of eminent people have worked at Cambridge, including Isaac Newton, Charles Babbage, James Clerk Maxwell, Ernest Rutherford, J. J. Thompson, James Watson and Francis Crick, J. M. Keynes and Stephen Hawking. Sixty-four people working at Cambridge have won Nobel prizes. The Cambridge colleges offer mediaeval architecture and a quiet, contemplative environment. Kings College is particularly notable. The accommodation and meals for the workshop will be in Pembroke College, founded in 1347. Accommodation will be in student rooms in a modern college block, just two years old. Meals will be in the Old Library, which was the College chapel before Christopher Wren designed the existing chapel, finished in 1665. The workshop meetings will be in the modern presentation room of Microsoft Research Limited, a five minute walk from the college. The countryside north of Cambridge is mostly the fens (swamps that were drained about 1750). In the fens, cities and towns are invariably on the top of occasional small hills to keep the feet of their inhabitants dry. One city, called the Isle of Ely, includes the historic, enormous and elegant Ely Cathedral, started in 1108 on the remains of an earlier Christian shrine. Nearby is the town of Newmarket, the centre of the horseracing industry in the UK. There is excellent train service to Cambridge from London's Kings Cross. The schedule is available on the web. Coaches operate frequently from London and from the airports. For further information contact: General Chair Program Chair Publications Chair Prof. E. Stewart Lee, Director, CCSR Paul Syverson Joshua Guttman University of Cambridge Naval Research Laboratory The MITRE Corporation 10 Downing Street Code 5543 202 Burlington Road Cambridge CB2 3DS Washington, DC 20375 Bedford, MA 01730-1420 United Kingdom USA USA +44 1223 740101 +1 202-404-7931 +1 781-271-2654 E.S.Lee@ccsr.cam.ac.uk syverson@itd.nrl.navy.mil guttman@mitre.org More online information at . ____________________________________________________________________ 2000 IEEE Symposium on Security and Privacy Preliminary Program ____________________________________________________________________ 2000 IEEE SYMPOSIUM ON SECURITY AND PRIVACY _/_/ _/ _/ _/ _/ May 14-17, 2000 _/_/ _/_/_/ The Claremont Resort _/ _/ Oakland, California _/ _/ _/_/ Sponsored by the _/_/_/ IEEE Technical Committee on Security and Privacy _/ _/ In cooperation with the _/ _/ International Association of Cryptologic Research _/_/_/ _/ Symposium Committee _/ Jonathan Millen, General Chair _/_/_/ _/_/_/ _/_/_/ _/_/_/ Li Gong, Vice Chair _/ _/ _/ _/ _/ _/ _/ _/ Michael Reiter, Program Co-Chair _/ _/ _/ _/ _/ _/ _/ Roger Needham, Program Co-Chair _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/ _/_/_/ _/_/_/ PRELIMINARY PROGRAM Subject to Change Sunday, 14 May 2000 ------------------- 4:00- 7:00 Registration and Reception Monday, 15 May 2000 -------------------- 8:45- 9:00 Opening remarks 9:00-10:30 Access Control I Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers Amir Herzberg, Joris Mihaeli, Yosi Mass, Dalit Naor, Yiftach Ravid (IBM, Israel) A Security Infrastructure for Distributed Java Applications Dirk Balfanz (Princeton University, USA) and Drew Dean (Xerox PARC, USA) A Practically Implementable and Tractable Delegation Logic Ninghui Li, Benjamin Grosof (IBM T.J. Watson Research Center, USA), Joan Feigenbaum (AT&T Research, USA) 10:30-11:00 Break 11:00-12:00 Applications of Cryptography Practical Techniques for Searches on Encrypted Data Dawn Song, David Wagner, Adrian Perrig (University of California, Berkeley, USA) Efficient Authentication and Signature of Multicast Streams over Lossy Channels Adrian Perrig, Dawn Song, Doug Tygar (University of California, Berkeley, USA), Ran Canetti (IBM T.J. Watson Research Center, USA) 12:00- 1:30 Lunch 1:30- 3:00 Panel: Is privacy too costly to implement? Moderator: Cynthia Irvine, Tim Levin 3:00- 3:30 Break 3:30- 5:00 Protocol Analysis and Design Searching for a Solution: Engineering Tradeoffs and the Evolution of Provably Secure Protocols John A Clark, Jeremy L Jacob (University of York, UK) Authentication Tests Joshua D. Guttman, F. Javier Thayer (MITRE, USA) Protocol-Independent Secrecy Jonathan Millen, Harald Ruess (SRI International, USA) Tuesday, 16 May 2000 -------------------- 9:00-10:30 Panel: Does open source really improve system security? Moderator: Lee Badger 10:30-11:00 Break 11:00-12:00 Intrusion Detection Using Conservation of Flow As a Security Mechanism in Network Protocols John R. Hughes, Tuomas Aura, Matt Bishop (University of California, Davis, USA) Logic Induction of Valid Behavior Specifications for Intrusion Detection Calvin Ko (NAI Labs) 12:00- 1:30 Lunch 1:30- 3:00 Assurance Using Model Checking to Analyze Network Vulnerabilities Ronald W. Ritchey (Booz Allen & Hamilton, USA), Paul Ammann (George Mason University, USA) Verifying the EROS Confinement Mechanism Jonathan S. Shapiro, Samuel Weber (IBM T.J. Watson Research Center) Fang: A Firewall Analysis Engine Alain Mayer, Avishai Wool, Elisha Ziskind (Bell Labs, Lucent, USA) 3:00- 3:30 Break 3:30- 5:00 5-minute presentations on developing research* Wednesday, 17 May 2000 ---------------------- 9:00-10:30 Key Management A More Efficient Use of Delta-CRLs David A. Cooper (National Institute of Standards and Technology, USA) An Efficient, Dynamic and Trust Preserving Public Key Infrastructure Albert Levi, M. Ufuk Caglayan (Oregon State University, USA) Kronos: A Scalable Group Re-keying approach for Secure Multicast Sanjeev Setia, Samir Koussih, Sushil Jajodia, Eric Harder (George Mason University, USA) 10:30-11:00 Break 11:00-12:00 Access Control II LOMAC: Low Water-Mark Integrity Protection for COTS Environments Timothy Fraser (NAI Labs) IRM Enforcement of Java Stack Inspection Ulfar Erlingsson, Fred B. Schneider (Cornell University, USA) ---------------- * 5-MINUTE TALKS A continuing feature of the symposium will be a session of 5-minute talks, where attendees can present preliminary research results or summaries of research published elsewhere. Commercial advertisements and marketing presentations are inappropriate. Printed abstracts of these talks will be distributed at the symposium. To propose a 5-minute talk, send an email with a MIME attachment containing your abstract in PDF or portable postscript format to reiter@research.bell-labs.com. Abstracts should fit on one 8.5"x11" page, including the title and all author names and affiliations. Do not send files formatted for word processing packages (e.g., Microsoft Word or WordPerfect files). This email should state that your abstract is for the session of 5-minute presentations at the 2000 IEEE Symposium on Security and Privacy, and should include the presenter's name, email and postal addresses, and phone and fax numbers. Authors will be informed of acceptance or rejection by March 31, 2000. Submissions for which the presenter has not registered to attend the conference will be rejected. ____________________________________________________________________ SECURITY AND PRIVACY NEWS BRIEFS ____________________________________________________________________ _______________________________________________________________________ LISTWATCH: items from security-related mailing lists (January 20, 2000) by Mary Ellen Zurko (mzurko@iris.com) _______________________________________________________________________ This issue's highlights are from dcsb, risks, privacy, cypherpunks, and tbtf. On 1/19 the DVD Copy Control Association and the EFF met in court to argue for and against the ordering of a Preliminary Injunction against the entire Internet, forbidding further dissemination of DeCSS, the source code module that decrypts DVD MPEG streams. Declan McCullagh has an excellent article at [The following URL is split over two lines. There should be no space between the last character of the first line and the first character of the second line. -ed.] . The event follows the first in-court meeting on 12/29 where DVD CCA asked for a Temporary Restraining Order (TRO) against named and unnamed operators of websites and other individuals distributing copies of DeCSS source code. There's a sense that if EFF and one of the defendants hadn't stepped up to the bar at the first court date, the TRO would have been issued. On 1/19, DVD CCA argued that the shrink wrap license forbade the extraction of the trade secrets that enabled DeCSS, and was in force from the time the software (Xing's DVD player) was installed and used. Early work on DeCSS was supposed to enable the building of a DVD player for Linux. Xing was used to reverse engineer a software DVD player, as it seems to have forgotten to decrypt it's key, but the keys are only 40 bits anyway. DVD CCA wants to enjoin both hosting of the DeCSS code and linking to copies of it. The EFF argued that there was only one defendant so that an injunction should not apply to the entire Internet (interestingly, the defendant is a 15 year old from Norway). An analogy with Coca cola was used by both sides; the plaintiff arguing that DeCSS had been created by a process akin to breaking into the offices and stealing the formula, the defense arguing it was created in a manner similar to taking Coke to a laboratory for analysis. Both sides made a number of other arguments, both legal and technical. [On 1/20 Federal Judge Lewis Kaplan granted a preliminary injunction against three of the defendants, firmly endorsing, point by point, the claims of MPAA made under provisions of the Digital Millennium Copyright Act (DMCA) for protecting intellectual property. -ed.] The new US crypto regulations are out [The following URL is split over two lines. There should be no space between the last character of the first line and the first character of the second line. -ed.] and the reactions are coming in. Retail products are exportable to all but the terrorist nations, regardless of strength, after a one-time technical review and subject to some reporting requirements. There are some restrictions on selling non-products to foreign governments, ISPs and telcos. You can't knowingly email freeware crypto code to someone in a terrorist nation (what this means to sending it to email lists remains murky) but you can post it to the web with no restrictions on downloading. You just have to sent the BXA the URL. They seem to want everyone exchanging crypto to register. There may be restrictions on source code for open cryptographic interfaces. The regulations are seen as complex (requiring lawyers to interpret) and don't address the first amendment issues (you wouldn't have to tell the BXA before shipping a book on crypto). John Young posted the PGP sources to the web and couldn't get an official response from the BXA on Friday, Jan 14 as to whether or not he was breaking the law, but by Tuesday the 18th, Jim Lewis of the BXA stated that all Young had to do was notify them of the URL to be in compliance. Kerberos is posted at (with appropriate BXA notification given). A free crypto archive is available at ; submissions can be sent to crypto@shmoo.com. NAI seems to have taken advantage of the coming change in mid-December by getting a license to export PGP everywhere (excepting the terrorist states). A secure, multi-platform, open-source chat system called Gale is available . They are making much of the authentication and confidentiality features. Gale uses public-key signatures and encryption of individual private messages and uses public-key signatures on public messages. A 19-year-old from NY has been sentenced to one year in jail for cracking into America Online computers and causing an estimated $50,000 in damages. He had been an AOL technical support volunteer. He replaced some AOL programs with his own . http://www.anybirthday.com/ reveals the birthday, city, zip code and gender information for what they claim is approaching 150 million U.S. adults. They claim that the majority of U.S. adults not under the age of 21 are listed. The privacy issues seem largely overlooked. Some people simply don't want their birthday and/or age known. For example, I've heard of problems with ageism on job searches. This site could also be used to find gender and age information from a list of names (many scams target the elderly). Attempts to get removed from the database have met with varying success. There's more and more about PKIs out there: The Australian Taxation Office plans to issue up to 2.1 million businesses with digital certificates that allow secure online dealings with the Tax Office and other government agencies. So far only Baltimore has gotten approval to issue certificates, but others are seeking accreditation. Carl Ellison and Bruce Schneier wrote a critique of PKIs, "Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure" . It seems targeted at the overselling of PKIs to fix all your security woes (and of course no security solution can do that). Their targeting causes them to underplay the utility of PKIs where only the server authenticates to the client (as with many SSL connections today), the utility of the certificate checks done today (DNS name in the certificate), and intranet PKIs. Peter Cassidy is looking for the killer PKI application, Nato is setting up a PKI (without full mutual trust, of course), and JCP E-commerce and Security Newsletter, Issue 15 discussed when not to use a PKI (for small value transactions, for example). VeriSign, Inc., the largest provider of digital certificates for PKI operations, is purchasing the second largest provider, Thawte, Inc. . A Dallas County judge signed a temporary restraining order that would have required Yahoo to notify users that its privacy policy was being retracted until a lawsuit was resolved between Yahoo and Universal Image Inc. of Dallas. A day later, a different county court-at-law judge had dissolved the order. Universal has a contract with Broadcast.com Inc., which was acquired by Yahoo. It gave Broadcast.com the right to distribute over the Internet certain instructional programs in exchange for providing registration data about the customers. Universal asserted that Yahoo has neglected to provide all of the customer information that is specified under the agreement. Yahoo's privacy policy promises not to disclose its customers' personally identifiable information without their permission. Advocates for stronger privacy regulations are using this as an example of why they're needed. CDNow has options to use either SSL or PGP for security of the transactions . A Children's Hospice in Wales also uses PGP as a security option for payments . There was discussion on Cypherpunks about DIRT, a program that monitors keystrokes and anonymously emails them every minute or so to the party conducting the surveillance. It also provides a server for making files available, running programs, and so on on the target host. DIRT actually surfaced about a year ago, and is meant to be used by Law Enforcement Agencies. If you have a few idle CPUs, you may want to participate in this: Robert Harley, a PhD student at INRIA is leading an effort to crack the 7th ECDL challenge of Certicom . The IETF has published a new Internet Draft on Use of HTTP State Management . It describes recommended uses of cookies and problematic uses of cookies and makes some recommendations about browser user interfaces. Freedom, from Zero Knowledge Systems (ZKS) , offers 5 pseudonyms for Internet activities (surfing, emailing) at one low price. One of their target customer bases is providing protection for children on the web. Extensive discussions on cypherpunks indicate that it's technically quite sound. The biggest question is what would happen if/when governmental pressure is brought to bear on ZKS (or on Canada, where they are). Freedom cannot run without ZKS (unlike Eternity services, which are designed to run even when host organizations are taken down). There's also the secondary issue that it currently only runs on Wintel configurations. Alex Biryukov and Adi Shamir announced that they have a practical cryptanalytic attack against the A5/1 algorithm (which is the "strong" GSM privacy cipher) . The Bubbleboy virus (not found in the wild) can be triggered by highlighting an email's title in Outlook if you're using its Preview Pane feature. Bubbleboy uses VBScript in an HTML page. And finally, two excellent articles from a December TBTF: ..Backflip and the limitations of privacy policies Two privacy clauses we need to start seeing more of A reader pointed me to a new Web service offered by the newly launched Backflip [7], which had been operating in stealth mode as The iTixs Project. Backflip's founders were early employees at Netscape. They offer a free service that personalizes Web searches. For them to do this you need to entrust Backflip with your entire browsing history and ongoing clickstream. It'll probably be popular. Not for me though. In my view a site that offers services whose price is extremely sensitive and personal data ought to offer the strongest possible guarantees of user privacy. (On Thanksgiving day the New York Times ran an article titled "Stor- ing your life in a Virtual Desktop" [8] at the top of their "Circuits" section. I was interviewed for this piece and the reporter quoted my extreme skepticism about the whole idea, on grounds of privacy and security.) I read through Backflip's privacy policy [9] and it's fine as far as it goes, but here are two promises I wanted to see that are nowhere to be found. 1. [The Poison Pill.] If we sell the company, it will only be on terms that bind the purchaser in perpetuity to apply the same or stronger privacy policies to Backflip's data. 2. [The Divorce.] You have the right, when cancelling your account with Backflip, to request that we destroy all data collected as part of our business relationship. We will email you a confirmation that we have done so. Our data-lifecycle policies and practices are audited by the Better Business Bureau. I have seen no discussion of the need for privacy policies that provide customers this level of assurance. Of all the privacy statements I've read, only that of Junkbusters [10] offers The Divorce. If a database ever exists that catalogs every page I've visited, it will be on my own hard disk, and nowhere else. [7] http://www.backflip.com/ [8] http://www.nytimes.com/library/tech/99/11/circuits/articles/25desk.html [9] http://www.backflip.com/help/gh_privacy_out.html [10] http://www.junkbusters.com/ht/en/aboutus.html ____________ ..A systematic model for selecting cryptographic key sizes How long a key will you need? Bruce Schneier's excellent newsletter CRYPTO-GRAM (see TBTF Sources [21]) alerted me to the work of Arjen Lenstra and Eric Verheul, who have produced a model [22] by which you can calculate how strong your cryptographic keys need to be. The authors claim that this is the first uniform, properly documented treatment of the subject. > The model, which formulates a series of explicit hypotheses about > future developments and applies these to existing data about the > cryptosystems, will enable organisations to arrive at a balanced > evaluation of key size aspects when purchasing or developing > cryptographic applications. The resulting key size recommendations > are thus unbiased and not influenced by non-scientific consider- > ations. The bulk of Lenstra and Verheul's conclusions are contained in a single table [23]. I've excerpted the most salient data into a graph [24] -- use it to read off the key length you'll need in 2015 to fend off an adversary who will devote $40M over a year's time to the task of breaking your key. [21] http://tbtf.com/sources.html [22] http://www.cryptosavvy.com/ [23] http://www.cryptosavvy.com/table.htm [24] http://tbtf.com/pics/lenstra-verheul.gif ____________________________________________________________________ COMMENTARY AND OPINION ____________________________________________________________________ ____________________________________________________________________ Inside Java 2 Platform Security. Architecture, API Design, and Implementation. by Li Gong. Addison-Wesley 1999. 262 pages. Index. Bibliography. $34.95 ISBN 0-201-31000-7 Reviewed by Robert Bruen, Cipher Book Review Editor bruen@mit.edu ____________________________________________________________________ The long awaited Java Security architecture description straight from the horse's mouth has been published. It is not the complete API specification and the JCE (Java Cryptography Extension) is not addressed (a companion book for JCE 1.2 is planned), but if you want to know how Java security is done and why it's done this way, this is the source. Like most good books about Java, there are Java code snippets on almost every page, so when methods are discussed, you get to see what they look like. Java 2 is an improvement in design and implementation over Java 1.1, in part due to the efforts of people at Oxford, Princeton, UWashington and the JavaSoft team, all acknowledged by the author. The book starts out with the requisite intro to computer and network security to set the stage for the remaining chapters. Brief though it is, it mentions crypto, threats, firewalls and access controls. It is too short to be considered a general introduction for the security novice, but it lays the groundwork for the Java security model. This model may be the most important contribution when all is said and done. Another short chapter follows which introduces a few Java language security features such as bytecode verification, type safety and signed applets. It is this chapter that provides the brief history of bugs and fixes to Java security. Chapter three is the reason you bought the book, the JDK 1.2 Security Architecture. A little bit of history with a few pages on the rationale for a new security architecture quickly give way to the sections on java.Security.GeneralSecurityException, Security Policy and CodeSource. A detailed look at the permission hierarchy gives the reader a worthwhile insight into the workings of Java security. It is a bit of eye-opener to see just how much effort can go into access to a single file when compared to, for example, general unix file permissions. Sections on loading classes securely, the Security Manager and the Access Controller round out this chapter. I particularly appreciated the "Lessons Learned" section at the end of the chapter. Security is an evolving area which benefits by constant review and improvements. As important as the architecture presentation is, chapters 4 (Deploying the architecture) and chapter 5 (Customizing the architecture) are critical in the practical sense. Deploying means configuring policy and looking at the tools provided by Java such as the jarsigner for adding digital signatures to java packages. Customizing means creating new permissions, enhancing security policy and migrating the JDK 1.1 security managers. Lots of examples and explanations are given. Chapter 6 delves into objects so that those who need to write code can do so securely. Three new interfaces are introduced for signing, encrypting and guarding java objects. Guard objects are objects used to control access to other objects. Chapter 7 provides a look at the Java Cryptographic Architecture (JCA). Besides standardizing APIs, the JCA attempts to enable users to use crypto without worrying about the underlying implementations. For example, you can write code that uses a digital signature choosing your favorite algorithm. If you need to change the algorithm, the change would be just the call making the code implementation independent. The architecture achieves this through a Cryptographic Service Provider (CSP) package. Code examples are given for such things as public&private keys generation, message digests, signatures and certificates. The last chapter discusses future directions. Since it is quite clear that all of this is just the early phases of secure computing, there are many possibilities to investigate and develop. Java enhancements can come from the class loader design, authentication and authorization, as well as areas not yet thought about. The future for Java Security looks interesting and this book is a required place to start getting ready for it. --------------------------------------------------------------------- I gratefully acknowledge Blackdown for making Java work on Linux over the years, enabling me to gain a few clues about Java, so this book would make sense. Dr.RDB --------------------------------------------------------------------- ____________________________________________________________________ Maximum Linux Security. A Hacker's Guide to Protecting Your Linux Server and Workstation. Anonymous. SAMS 2000. 743 pages. 5 appendices, glossary, index, cd-rom. $49.99. ISBN 0-672-31670-6. Reviewed by Robert Bruen, Cipher Book Review Editor bruen@mit.edu ____________________________________________________________________ Maximum Linux Security is mainly a resource book, not one you sit down and read cover to cover, but rather one in which you look up problems to find a solution. The number of pointers to software sources is overwhelming, with almost no stone left unturned. A practical book that belongs on your bookshelf if you have any concern for security. Although it is geared towards Linux, the information is usually applicable to any Unix system. For example, most sniffers that are mentioned will run on other versions of Unix, as will SSH. There are five parts, 1) Linux Security Basics; 2) Linux User Security; 3) Linux Network Security; 4) Linux Internet Security; and 5) Appendices. Part 1 is really about Linux for those who are new to Linux. One source states that at this time the majority of Linux users have less than a year of experience. These four chapters cover Linux, installation, physical security and basic sysadmin stuff as well as I have seen elsewhere. BIOS is covered, pointers to policy sources are given and a very good, simplified introduction to biometrics is presented as well. Part II is just two chapters covering password attacks and malicious code. The usual problem of password cracking and shadow passwords are explained in a readable fashion. The chapter on malicious code is about trojans and viruses, but there is good list of software for detecting these problems, like tripwire and the TAMU suite with URLs and instructions for downloading/installing. Part III has four very useful chapters covering spoofing, sniffing, scanners and ssh. The sniffer chapter lists the include files one needs for a sniffer and a brief description of the file. There is even a code fragment of linsniffer that sets a network card into promiscuous mode. Unfortunately the only ways presented to fight sniffers are a couple of unix commands, one program (NEPED) and the suggestion to use Secure Shell because sniffer detection is not easy. The scanner chapter details the standard set of programs such as SATAN, SAINT, ISS, COPS, NMAP, etc with a list of lesser know scanners. All in all a serious collection of software, but with some useful tools for dealing with them, like Portsentry from PSionic. Part IV covers applications (mail, ftp, telnet, the web), firewalls, logs/audits, intrusion detection and disaster recovery. For the most part, unless you can use some sort of encrypted telnet, you should use secure shell. The web security protocol section does a nice job on Apache-SSL and certificates. The intrusion detection chapter is another large helping of free software to help you monitor those pesky script kiddies with too much time on their hands. They all have the URL for obtaining the software with notes about what the software does, which is quite educational all by itself. The five appendices are about 100 pages of additional resources for Linux and Linux security as well as helpful commands within Linux. This book is a valuable resource list that is recommended. It is a practical, not theoretical, book. You do not need to know the math and there are no models to understand, but if you want to know what nmap is, what it does, where to get it and what it has to do with Linux (along with lots of other software), then you ought to read Maximum Linux Security. ______________________________________________________________________ Conference Reports ______________________________________________________________________ ______________________________________________________________________ Fifteenth Annual Computer Security Applications Conference ( ACSAC'99) Scottsdale, Arizona, USA December 6-10, 1999 by Mahesh V. Tripunitara (CERIAS, Purdue University) ______________________________________________________________________ The fifteenth Annual Computer Security Applications Conference (ACSAC'99) took place December 6-10 in Scottsdale, Arizona, USA. It was sponsored by the Applied Computer Security Associates, in cooperation with the ACM SIGSAC. The proceedings are published by the IEEE Computer Society. The location of the conference had been very well chosen, and the conference organizers did an excellent job with arranging facilities for the talks, extra-curricular activities after hours and "mingle time" for the participants. As suggested by the name of the conference, and as pointed out by Dee Akers, the conference chair, in her introductory talk, the conference focuses on applied information security, yet looks for far-reaching, and long-lasting solutions. The conference had three parallel tracks for the first two days, one of which was a track for product and service vendors, and the other two for research work. The last day had two research tracks only. There were about 200 attendees, of which about 20 were students. The organizers funded three students (one of which was this author), chosen based on answers to questions about their interests in information security, and recommendation letters from faculty, to attend the conference. The conference also awarded a "best student paper" award, apart from a "best paper" award. There was also an audience poll for the best presentation from the product/service vendor track, and there was some intense lobbying by some vendors during their presentations for that award, and the competition turned out be quite fierce. There were attendees from fifteen countries other than the USA, and such attendees comprised 25% of the total number. The remainder of this summary gives a sampling of some of the talks. Not all talks from the conference are summarized, partly to keep this summary short, and also because there were two or three parallel tracks. Prof. Ross Anderson from the Computer Laboratory at the University of Cambridge was the keynote speaker. He spoke on "How to Cheat at the Lottery," that summarized three pieces of recent research work of his. One of those, that this author found most interesting, was about the "resurrecting duckling" paradigm for instantiating keying material in devices that work together, such as a TV and its remote control. Prof. Anderson spoke about the need to tie such devices together "at birth," and in case of a compromise, to "resurrect" them (with respect to security context), and not simply try to roll back changes, or apply other heuristics. He received a rousing applause for his talk. On the first day, Andre dos Santos from the University of California at Santa Barbara spoke on "Safe Areas of Computing with Insecure Applications." He discussed such Safe Areas of Computing (SAC) in the context of smart cards, and discussed how smart cards can be used as "safe areas" for computation even though they are used in conjunction with unsafe areas such as the Internet. He spoke about the generic nature of the paradigm, and presented data structures, and a client-server configuration showing a client SAC, and a server SAC. He also spoke about how authentication and access control are achieved in such a setup. Aaron Temin demonstrated his work on "Automated Intrusion Detection Environment, Advanced Concept Technology." Dr. Temin spoke about the need to collect audit data from a large number of sensors, and the scalability problem of analyzing such data at a single place. He wondered about whether the nature of intrusions will allow us to push analysis engines closer to the source of the audit logs, and when questioned on this front, commented that this was an open problem. Nonetheless, he stressed the need for distributed audit logging and agglomeration of such data, as intrusions are increasingly coordinated, targeting multiple victims, and consist of several steps in a single attack. Carsten Benecke of the University of Hamburg presented his work on "A Parallel Packet Screen for High Speed Networks." This was an excellent presentation that showed empirically that a parallel packet filter implementation will scale well with increased network traffic. Mr. Benecke assumed a simple hash-function based decision function on whether a packet filter is qualified to process a packet for pass/drop. The implementation involved Ethernet broadcast, with hubs sending each packet to every packet filter. He showed both empirically and analytically that the speedup with 4 processors, as compared to a single processor, was by a factor of 3. He went on to discuss how the implementation can be improved using multicast instead of broadcast, or a switch instead of a hub. The best paper award of the conference went to the work by A. Arona, D. Bruschi and E. Rosti, from the Universita degli Studi di Milano, on "Adding Availability to Log Services of Untrusted Machines." Their work addressed the problem of potential corruption of audit logs, and the need to distribute the logs in a space and time efficient way, such that fault tolerance is achieved. Their solution used the Information Dispersal Algorithm (IDA) from Rabin, that consists of splitting the information into n parts, any m (m < n) of which are sufficient to reconstruct the original data. Their implementation shows that the encoding for IDA is efficient for their purposes. They also presented a "log availability filter" that transparently processes the log files and disperses the information. David A. Cooper from NIST spoke on his paper titled, "A Model of Certificate Revocation." Mr. Cooper analyzed efficiency issues with issuing Certificate Revocation Lists (CRLs). He showed that the traditional technique of issuing CRLs is highly inefficient because cached CRLs expire around the same time, leading to a rush to obtain CRLs all at once. He proposed two alternatives: over-issued CRLs and segmented CRLs. Over-issued CRLs involve issuing CRLs with different time-out values to sets of parties, so they do not all expire at the same time. Segmented CRLs involves splitting each CRL into segments and issuing each segment at a different. He analyzed the efficiency gains from each approach over the traditional method by deriving the request rate in the limit, given the number of CRLs that are valid at a given time, and the probability that a party will validate certificate in a given interval. Wenliang Du of Purdue University presented his work on, "Security Relevancy Analysis on the Registry of Windows NT 4.0." Mr. Du applied dependency analysis, which is a static analysis technique, to analyze whether keys in the Windows NT 4.0 registry are security-relevant or not. He asserted that the input to programs is crucial in determining security-relevancy. He then showed how dependency di-graphs are built with function names as labels for the nodes, starting with an "S node." Then, "I nodes" are added to the graph based on its association with an S node, or a previously added I node. Mr. Du then presented statistics on his analysis of a portion of the registry, and reported that about half of the keys were shown to be security relevant. This result was greeted with amazement by the audience. Following the talk, audience members expressed concern for the state of information security of a such a popular operating system. ACSAC'99 was well-organized, and well attended. This author also presented a paper there, enjoyed being at the conference, and plans on attending again next year. The applied flavor of the conference is particularly appealing, and there is a good confluence of industry and academia. ________________________________________________________________________ Who's Where: recent address changes ________________________________________________________________________ o Jeremy Epstein Principal Security Architect webMethods, Inc. 3877 Fairfax Ridge Road, 4th Floor Fairfax, Virginia 22030 Tel: 703.460.2500 Fax: 703.460.2599 Email: jepstein@acm.org o James W. Gray, III Director of Product Management, Confinity Inc. jim@confinity.com 165 University Ave. Palo Alto, CA 94301 o Anish Mathuria Department of Computer and Information Science University of Massachusetts Dartmouth 285 Old Westport Road North Dartmouth, MA 02747-2300 USA E-mail: amathuria@umassd.edu Phone: +1-508-999 6987 Fax: +1-508-999 9144 o Peter Ryan SRI International Cambridge Computer Science Research Centre 23 Millers Yard Mill Lane Cambridge CB2 1RQ UK Tel +44 1223 518236 Fax +44 1223 517417 e-mail: ryan@cam.sri.com o Pantelimon Stanica Auburn University Montgomery Department of Mathematics Montgomery, AL 36117 stanpan@strudel.aum.edu o Gene Tsudik Information and Computer Science Dept. University of California, Irvine 92697-3425 USA gts@ics.uci.edu o Ron Watro Senior Scientist, Information Security BBNT/GTE Mail Code 11/2c 70 Fawcett St Cambridge MA 02138 rwatro@bbn.com _______________________________________________________________________ Calls for Papers ________________________________________________________________________ CONFERENCES Listed earliest deadline first. See also Cipher Calendar. * CSFW, 13th IEEE Computer Security Foundations Workshop, Cambridge, UK, July 3-5, 2000. (Submissions due January 31, 2000) Details above. * USENIX, 9th USENIX Security Symposium, Denver, Colorado, USA, August 14-17, 2000. (Submissions due: February 10, 2000) The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in security and applications of cryptography. Please see the conference web site at www.usenix.org/events/sec2000 for more information on the symposium, a detailed list of topics of interest, and the procedure for submitting a paper. * CARDIS 2000. IFIP CARDIS 2000 FOURTH SMART CARD RESEARCH AND ADVANCED APPLICATION CONFERENCE HP Labs, Bristol, UK, September 20-22, 2000 (Submissions Due: February 14, 2000) Smart cards or IC cards offer a huge potential for information processing purposes. The portability and processing power of IC cards allow for highly secure conditional access and reliable distributed information systems. IC cards are already available that can perform highly sophisticated cryptographic computations. The applicability of IC cards is currently limited mainly by our imagination; the information processing power that can be gained by using IC cards remains as yet mostly untapped and is not well understood. Here lies a vast uncovered research area which we are only beginning to assess, and which will have great impact on the eventual success of the technology. The research challenges range from electrical engineering on the hardware side to tailor-made cryptographic applications on the software side, and their synergies. Many currently existing events are mainly devoted to commercial and application aspects of IC cards. In contrast, the CARDIS conferences aim to bring together researchers who are active in all aspects of design of IC cards and related devices and environment, such as to stimulate synergy between different research communities and to offer a platform for presenting the latest research advances. Additional information at www.cardis.org * ACISP'2000, Fifth Australasian Conference on Information Security and Privacy, Brisbane, Australia, July 10-12, 2000. (Submissions due: February 20, 2000) Papers pertaining to all aspects of information security and privacy are solicited. Papers may present theory, techniques, applications and practical experiences on any relevant topic including: authentication and identification, database security, mobile communications security, secure operating systems, security and cryptography policy, security management, commercial applications, key management and auditing, secure electronic commerce, security architectures and models, distributed system security, evaluation and certification, cryptology, access control, network security, smart cards, risk assessment and copyright protection. Please see the conference web page at www.isrc.qut.edu.au/acisp2K for details. * RBAC 2000. Fifth ACM Workshop on Role-Based Access Control July 26-28, 2000, Berlin, Germany Abstract due: February 23, 2000 Papers and Panel Proposals Due: March 1, 2000 Web page: http://www.acm.org/sigsac/rbac2000.html The ACM workshops on RBAC bring together researchers, developers, and practitioners to discuss the application of RBAC to both traditional and emerging systems and the development of new modeling paradigms for future applications. The workshop invites participation from the database, network, distributed systems, operating systems, security and application communities. Users, developers and researchers are invited to submit their papers (in English and limited to 6000 words), and the title and abstract of their papers to the Program Chair at the address given below by their respective due dates. Abstracts should be sent by email in plain ASCII format. Electronic submission of papers is encouraged. Please send the manuscript in Postscript or PDF format. Outstanding papers will be considered for publication in ACM TISSEC. Proposals for panels and group discussions should be sent, preferably by email, to the Panels Chair David Ferraiolo (at dferraiolo@nist.gov) with a copy to Klaus Rebensburg (at klaus@prz.tu-berlin.de). To send paper submissions contact: Vijay Atluri at (atluri@andromeda.rutgers.edu) * ESORICS 2000, 6th European Symposium on Research in Computer Security Toulouse, France, October 4-6, 2000. (Submissions due: March 15, 2000) The aim of the European Symposium on Research in Computer Security (ESORICS) is to further the progress of research in computer security by establishing a European forum for bringing together researchers in this area, by promoting the exchange of ideas with system developers and users and by encouraging links with researchers in related areas. We solicit papers describing original ideas and new results on the foundations and applications of computer security. The primary focus is on high-quality original unpublished research, case studies and implementation experiences. We encourage submissions of papers discussing industrial research and development. Suggested topics include but are not limited to: * Theoretical Foundations of Security: * Operating Systems Security: * Distributed Systems: * Network Security: * Telecommunications and High Speed Network Security: * Internet Security: * Security and mobile systems: * Security in Data and Knowledge Bases: * Development of Secure Systems: * Management of Secure Systems: * Electronic Commerce: * Security of small systems: * Intellectual Property Protection: * Multimedia and Digital Libraries: * New applications of Cryptography: * Security versus other Requirements: * Security Evaluation: Details on submissions of papers and panel proposals and other information available at www.cert.fr/esorics2000/ and from Frederic.Cuppens@cert.fr * NSPW'2000, 2000 New Security Paradigms Workshop, Ballycotton, Co. Cork, Ireland, September 18-21, 2000. (Submissions due: March 24, 2000) The 2000 New Security Paradigms Workshop will take place September 18-21, 2000 at the Bayview Hotel in Ballycotton, Co. Cork, Ireland. In order to preserve the small, intimate nature of the workshop, participation is necessarily by invitation only. However, anyone can obtain an invitation simply by having a research paper, discussion topic, or position paper accepted. New authors are welcomed. Over the last few years, 40% of the attendees have been first-time participants. Although the formal call for papers has not yet been released, any topic that represents a significant change in thinking about difficult security issues will be welcomed. We also encourage submissions that draw from fields other than those that have become part of traditional computer security. Paper submissions are due March 24, 2000. The formal Call For Papers will be posted at our web site at www.nspw.org. If you wish to be notified when the CFP is released, please send e-mail to our Publicity Chair, Crispin Cowan, at crispin@cse.ogi. * CCS-7, 7th ACM Conference on Computer and Communication Security, November 1-4, 2000, Athens, Greece. (Abstract of papers due April 30, 2000) Papers offering novel research contributions in any aspect of computer security are solicited for submission to the 7th ACM Conference on Computer and Communication Security. Papers may present theory, technique, applications, or practical experiences on topics including: *Database Security *Authentication and key management *New threats and attacks *Authorization, access control, audit *Privacy and anonymity *Cryptographic algorithms, protocols *Steganography, watermarking *New security architectures *Secure electronic commerce *Intrusion detection and response *Security evaluation *Licensing and intellectual property *Security education *Malicious code and countermeasures Details on instructions for papers and panel proposals can be obtained from www.ccs2000.org (USA Mirror site: cimic.rutgers.edu/~atluri/ccs.html) or from Sushil Jajodia (jajodia@gmu.edu). * AMOC 2000, Asian International Mobile Computing Conference, Penang, Malaysia, November 1-3, 2000. (Submissions due: May 30, 2000) This conference will provide a platform for researchers and experts primarily from the Asian region to meet and discuss current issues in this field. The focus on Asia is important because there are unique regional issues not given attention in typical international conferences, where technological issues in developed nations receive centre stage. These unique issues include different infrastructural and economic requirements; the effect of a more diverse socio-economic environment on technological specifications; the wider-ranging impact of wireless communication in rural areas and the great interest in the rapid deployment of cutting edge technology due to the high progress rate of technological implementation in many Asian countries. A complete list of topics and guidelines for submissions is given on the conference web site at www.fsktm.um.edu.my/amoc/, or send email to amoc-submission@fsktm.um.edu.my. JOURNALS Special Issues of Journals and Handbooks: listed earliest deadline first. * IEEE Software Call for Articles & Reviewers Malicious Information Technology: The Software vs. The People Publication: Sept./Oct. 2000 (Submissions due: April 1, 2000) Because of the increased danger that malicious software now poses, we seek original articles on the following specific issues: + Intrusion detection + Information survivability + Federal critical infrastructure protection plans + Federal laws prohibiting encryption exports vs. US corporations + State-of-the-practice in security testing + The Internet's "hacker underground" + Corporate information insurance + Penalties for those convicted of creating viruses + Case studies in information security and survivability Guest Editors: Nancy Mead Jeffrey Voas Carnegie Mellon University Reliable Software Technologies nrm@sei.cmu.edu jmvoas@rstcorp.com Authors: Submit one electronic copy in RTF interchange or MS-Word format and one PostScript or PDF version to the magazine assistant at software@computer.org. Articles must not exceed 5,400 words including tables and figures, which count for 200 words each. For detailed author guidelines, see www.computer.org/software/edguide.htm. Reviewers: Please e-mail your contact information and areas of interest to a guest editor. * IEEE Internet Computing Issue on Widely Deployed Internet Security Solutions (November/December 2000) Submissions due: Friday, April 28, 2000 Guest editors: Li Gong, Sun Microsystems Ravi Sandhu, George Mason University Computer security solutions were first researched and deployed when time-sharing and multi-user machines were built. For many years afterwards, security technology remained primarily an academic field and a government/military interest. While advances in computer technology such as high-speed networking continued to pose new technical challenges and advances in computer security research continued to be made, widely used commercial computer systems tended to have none or very rudimentary security solutions. Only in recent years have the mainstream research community and the computer industry shown real interest in computer security technology and products. The goal of this special issue is two-fold. One is to reflect on security technology that have made into mainstream products and have been widely deployed within the past decade. An interesting perspective is why these solutions were picked over other competing solutions and what made them more attractive and acceptable. The other part of the goal is to access the state of the art in security research and technology with the hope that these investigations point to what may be deployed in the next decade. Topics of Interest include (but are not limited to) descriptions of and perspectives (historic, legal, etc.) on: Security solutions that are widely deployed Security solutions that were once fashionable but no longer in use Prevailing security solutions that are becoming obsolete Emerging security solutions that are likely to be widely deployed We welcome submissions regarding security solutions covering all aspect of computing, including operating systems, networking, databases, distributed systems, human-computer interaction, the web, the Internet, information appliances, and wireless communication. However, we discourage abstract theory/idea papers, especially pure cryptography theory or crypto protocol papers. Our focus is on security solutions that were, are, or will be widely deployed. Authors who wish to submit to the special issue should send either PostScript or PDF versions of their paper by email to guest editor Li Gong (li.gong@sun.com), or else provide a URL for an online version of the paper. (For online submissions, authors should ensure that relevant servers are reliable, that links are kept live most of the time, and that the entire paper can be downloaded or printed with one click of the mouse.) Potential authors should consult and adhere to IC's author guidelines at ________________________________________________________________________ Reader's Guide to Current Technical Literature in Security and Privacy Part 1: Conference Papers by Anish Mathuria ________________________________________________________________________ _______________________________________________________________________ Reader's Guide to Current Technical Literature in Security and Privacy Part 2: Journal and Newsletter Articles, Book Chapters by Anish Mathuria _______________________________________________________________________ Anish Mathuria is in transition. Send any contributions to him at amathuria@umassd.edu. (His full contact information can be found above in the Who's where: recent address changes section.) The reader's guide will return in the next issue. -ed. _______________________________________________________________________ Reader's Guide to Current Technical Literature in Security and Privacy Part 3: Books _______________________________________________________________________ * Anonymous. Maximum Linux Security. A Hacker's Guide to Protecting Your Linux Server and Workstation. SAMS 2000. ISBN 0-672-31670-6. 743 pages. 5 appendices, glossary, index, cd-rom. $49.99. (Review by Bob Bruen Above.) * Li Gong. Inside Java 2 Platform Security. Architecture, API Design, and Implementation. Addison-Wesley 1999. ISBN 0-201-31000-7 262 pages. Index. Bibliography. $34.95 (This has appeared here in a previous issue. But there is a new review of it by Bob Bruen above.) * Kevin S. McCurley (Editor), Claus Dieter Ziegler (Editor) Advances in Cryptology, 1981-1997 : Electronic Proceedings of the Crypto and Eurocrypt Conferences, 1981-1997 Springer-Verlag 1999. (Lecture Notes in Computer Science 1440) ISBN 3540650695 Paperback Bk & CD-ROM edition $99.00 ________________________________________________________________________ Calendar ________________________________________________________________________ ==================================================================== See Calls for Papers section for details on many of these listings. ==================================================================== "Conf Web page" indicates there is a hyperlink to a conference web page on the Cipher Web pages. (In some cases there is such a link even though mention is not made of it here, to save space.) Dates Event, Location ----- --------------- * 1/31/00: CSFW 13; Cambridge, England. Conf Web page Submissions to syverson@itd.nrl.navy.mil; [*] * 2/ 2/00- 2/ 4/00: NDSS '00. San Diego, California; Conf Web page * 2/10/00: USENIX Sec Sym 9. Denver, ColoradoConf Web page; Submission due. [*] * 2/14/00: CARDIS 00. Bristol, UK; Conf Web page. Submissions due: submission@cardis.org; [*] * 2/20/00: ACISP 2000, Brisbane, Australia; submissions due; Conf web page. [*] * 2/21/00- 2/24/00: FC00. Anguilla, British West Indies Conf Web page * 2/23/00: RBAC 5, Berlin, Germany; Conf Web page Submissions to atluri@andromeda.rutgers.edu; [*] * 3/ 3/00: ASA-MA 2000; ETH Zurich, SwitzerlandConf Web page; Submissions due;[*] * 3/15/00: ESORICS 2000; Toulouse, France; Conf Web page Submissions due to Cuppens@cert.fr; [*] * 3/24/00: NSPW00, Cork, Ireland; Submissions due. Conf Web page; [*] * 3/24/00: ICECCS 2000, Tokyo, Japan; Conf Web page; submissions due yamamoto@i.hosei.ac.jp [*] * 3/26/00- 3/27/00: OPENARCH '00. Tel Aviv, Israel Conf Web page * 3/27/00- 3/31/00: IETF, Adelaide, Austraila * 4/ 1/00: IEEESW Special Issue; submissions due to nrm@sei.cmu.edu; [*] * 4/ 3/00: ISSE 2000, Barcelona, Spain Submissions to schulte@kryptokom.de; [*] * 4/ 4/00- 4/ 7/00: CFP '00,Toronto, Canada Conf Web page * 4/10/00- 4/12/00: FSE 2000, New York, NY Conf Web page * 4/11/00: DISC 2000, Toledo, Spain; Conf Web page; Submissions to herlihy@cs.brown.edu; [*] * 4/13/00- 4/16/00: MFPS 16; Hoboken, New Jersey * 4/13/00- 4/14/00: AES 3. New York, NY; Conf web page * 4/15/00: WITS '00, Geneva, Switzerland; Conf Web page; Submissions to degano@di.unipi.it; [*] * 4/25/00: DAMMCC 4, Boston, Massachusetts; Conf Web page Submissions to elloyd@udel.edu; [*] * 4/28/00: IEEE IC Special Issue; Submissions to li.gong@sun.com * 5/ 7/00: CCS 7, Athens, Greece; Conf Web page. Submissions due: jajodia@gmu.edu; [*] * 5/14/00- 5/17/00: IEEE S&P 00, Oakland, CA * 5/15/00- 5/19/00: WWW9. Conf Web page * 5/16/00- 5/19/00: 12th CITSS, Ottawa; no e-mail address available * 5/23/00- 5/25/00: ICCC, Baltimore, Maryland Conf Web page * 6/25/00- 6/30/00: 12th FIRST, Chicago, Illinois; Conf Web page * 7/ 3/00- 7/ 5/00: CSFW 13; Cambridge, England. Conf Web page * 7/ 7/00- 7/ 8/00: WITS '00, Geneva, Switzerland; Conf Web page * 7/10/00- 7/12/00: ACISP 2000. Brisbane, Australia; Conf web page * 7/26/00- 7/28/00: RBAC 5, Berlin, Germany Conf Web page * 8/11/00: DAMMCC4, Boston, Massachusetts Conf Web page * 8/14/00- 8/17/00: USENIX Sec Sym 9. Denver, Colorado Conf Web page * 9/11/00- 9/15/00: ICECCS 2000, Tokyo, Japan; Conf Web page * 9/13/00- 9/15/00: ASAMA2000. ETH Zurich, Switzerland Conf Web page * 9/18/00- 9/21/00: NSPW 2000, Cork, Ireland; Conf Web page * 9/20/00- 9/22/00: CARDIS 00, Bristol, UK. Conf web page * 9/27/00- 9/29/00: ISSE 2000 Barcelona, Spain * 10/ 4/00-10/ 6/00: ESORICS 2000; Toulouse, France, Conf Web page * 10/ 4/00-10/ 6/00: DISC 2000, Toledo, Spain; Conf Web page * 10/26/00-10/29/00: IPSEC 2000, Paris; conf web page * 11/ 1/00-11/ 4/00: CCS 7. Athens, Greece; Conf Web page * 12/11/00-12/15/00: ACSAC 2000, New Orleans, Louisiana * 5/14/01- 5/16/01: IEEE S&P 2001, Oakland, California * 5/13/02- 5/15/02: IEEE S&P 2002, Oakland, California Key: * ACISP = Australasian Conference on Information Security and Privacy * ACSAC = Annual Computer Security Applications Conference 15th ACSAC * AES = Advanced Encryption Standard Candidate Conference * ASA-MA = Symposium on Agent Systems and Applications; Symposium on Mobile Agents ASA-MA 2000 * CARDIS = Smart Card Research and Advanced Application Conference * CCS7 = ACM Conference on Computer and Communication Security CCS 7 * CCSS = Annual Canadian Computer Security Symposium (see CITSS) * CFP = Computers, Freedom, and Privacy CFP '00 * CITSS = Canadian Information Technology Security Symposium * CQRE = [Secure] Exhibition and Congress CQRE * CSFW = Computer Security Foundations Workshop * DAMMCC = International Workshop on Discrete Algorithms and Methods for Mobile Computing & Communications * ESORICS = European Symposium on Research in Computer Security * FC = IFCA Annual Financial Cryptography Conference * FC = Financial Cryptography FC '00 * FIRST = Computer Security Incident Handling and Response * FSE = Fast Software Encryption Workshop FSE 2000 * ICCC = International Common Criteria Conference ICCC * ICECCS = International Conference on Engineering of Complex Computer Systems ICECCS 2000 * IEEE IC = IEEE Internet Computing Issue on Widely Deployed Internet Security Solutions * IEEE S&P = IEEE Symposium on Security and Privacy IEEE S&P 00 * IEEESW-SI = IEEE Software Special Issue Malicious Information Technology: The Software vs. The People * IETF = Internet Engineering Task Force IETF * IICIS = IFIP WG 11.5 working conference on Integrity and Internal Control in Information Systems IICIS99 * ISSSTA = International Symposium on Spread Spectrum Techniques and Applications * ISW = Information Security Workshop ISW '99 * MFPS = Mathematical Foundations of Programming Semantics * NDSS = ISOC Network and Distributed System Security Symposium NDSS '00 * NSPW = New Security Paradigms Workshop NSPW '2000 * OPENARCH = Open Architectures and Network Programming OPENARCH '00 * PKC = Practice and Theory in Public Key Cryptography PKC 2000 * RBAC = ACM Workshop on Role-based Access Control * USENIX Sec Symp = USENIX Security Symposium * WITS = Workshop on Issues in the Theory of Security * WWW = World Wide Web Conference ________________________________________________________________________ Listing of Academic (Teaching and Research) Positions in Computer Security maintained by Cynthia Irvine (irvine@cs.nps.navy.mil) ________________________________________________________________________ Department of Computer Science, Renesselaer Polytechnic Institute, Troy, NY Tenure Track, Teaching, and Visiting Positions Areas of particular interest: Computer security, networking, parallel and distributed computing and theory. Positions beginning Fall 2000. http://www.cs.rpi.edu/faculty-opening.html Swiss Federal Institute of Technology, Lausanne (EPFL), Switzerland Professor of Telecommunications, Professor of Distributed Information Systems, Assistant Professor of Computer Science Areas of particular interest: Education and research in telecommunications, distributed and/or mobile information systems, and development of theories of distributed or concurrent systems. Closing Date for Applications: September 9, 1999. http://admwww.epfl.ch/pres/prof-telecom.html Swiss Federal Institute of Technology, Lausanne (EPFL), Switzerland/Eurecom/Telecom Paris General Director Areas of particular interest: Education and research in telecommunications. Applications begin immediately. http://admwww.epfl.ch/pres/dir_eurecom.html Department of Computer Science, Naval Postgraduate School, Monterey, CA Junior and Senior Tenure Track Positions in Professorship Areas of particular interest: Computer Security, but applicants from all areas of Computer Science will be considered. Applications begin immediately and are open until filled. http://www.cs.nps.navy.mil/people/faculty/chairman.html Department of Computer Science, Purdue University, West Lafayette, IN Assistant, Associate or Full Professor in Computer Science Areas of particular interest: Computer graphics and scientific visualization, database systems, information security, operating systems and networking, and software engineering. Positions beginning August 1999, interviews beginning October 1998; open until filled. http://www.cs.purdue.edu/facAnnounce/ Department of Computer Science, Florida State University, Talahassee, FL Tenure-track positions. (6/99) Areas of particular interest: Trusted Systems, software engineering, provability and verification, real-time and safety-critical systems, system software, databases, fault tolerance, and computaional/simulation-based design. Emphasis on issues of certainty, reliability, and security. http://www.cs.fsu.edu/~lacher/jobs.html Department of Electrical and Computer Engineering, Iowa State University, Ames, Iowa Assistant, Associate, or Full Professor in Computer Engineering Areas of paricular interest: Distributed and parallel computing, computer netwroking, security, software engineering, computer architecture, VLSI CAD, computer graphics, and human/computer interface design. Date closed: December 19, 1998, or until filled. http://vulcan.ee.iastate.edu/~davis/job-ad.html Naval Postgraduate School Center for INFOSEC Studies and Research, Monterey, CA, Visiting Professor (Assistant, Associate, or Full Professor levels) (9/98) Areas of particular interest: Computer and information systems security. http://cisr.nps.navy.mil/jobs/npscisr_prof_ad.html This job listing is maintained as a service to the academic community. If you have an academic position in computer security and would like to have in it included on the Cipher web page and e-mail issues, send the following information : Institution, City, State, Position title, date position announcement closes, and URL of position description to: irvine@cs.nps.navy.mil ________________________________________________________________________ How to become <> a member of the IEEE Computer Society's TC on Security and Privacy ________________________________________________________________________ You do NOT have to join either IEEE or the IEEE Computer Society to join the TC, and there is no cost to join the TC. All you need to do is fill out an application form and mail or fax it to the IEEE Computer Society. A copy of the form is included below (to simplify things, only the TC on Security and Privacy is included, and is marked for you) Members of the IEEE Computer Society may join the TC via an https link. The full and complete form is available on the IEEE Computer Society's Web Server by following the application form hyperlink at the URL: http://computer.org/tcsignup/ IF YOU USE THE FORM BELOW, PLEASE NOTE THAT THE IT IS TO BE RETURNED (BY MAIL OR FAX) TO THE IEEE COMPUTER SOCIETY, >>NOT<< TO CIPHER. --------- IEEE Computer Society Technical Committee Membership Application ----------------------------------------------------------- Please print clearly or type. ----------------------------------------------------------- Last Name First Name Middle Initial ___________________________________________________________ Company/Organization ___________________________________________________________ Office Street Address (Please use street addresses over P.O.) ___________________________________________________________ City State ___________________________________________________________ Country Postal Code ___________________________________________________________ Office Phone Fax ___________________________________________________________ Email Address (Internet accessible) ___________________________________________________________ Home Address (optional) ___________________________________________________________ Home Phone ___________________________________________________________ [ ] I am a member of the Computer Society IMPORTANT: IEEE Member/Affiliate/Computer Society Number: ____________________ [ ] I am not a member of the Computer Society* Please Note: In some TCs only current Computer Society members are eligible to receive Technical Committee newsletters. Please select up to four Technical Committees/Technical Councils of interest. TECHNICAL COMMITTEES [ X ] T27 Security and Privacy Please Return Form To: IEEE Computer Society 1730 Massachusetts Ave, NW Washington, DC 20036-1992 Phone: (202) 371-0101 FAX: (202) 728-9614 ________________________________________________________________________ TC Publications for Sale ________________________________________________________________________ 1. Proceedings of the IEEE CS Symposium on Security and Privacy The Technical Committee on Security and Privacy has copies of its publications available for sale directly to you. Proceedings of the IEEE Symposium on Security and Privacy -------------------------------------- 1999 $25.00 1998 $20.00 (Sorry, the TCSP has sold out of the 20 year CD. It may be available from the Computer Society. Check the URL below.) For domestic shipping and handling, add $3.00. For overseas delivery: -- by surface mail, please add $5 per order (3 volumes or fewer) -- by air mail, please add $10 per volume If you would like to place an order, please specify * how many issues you would like, and * where to send them, and * the shipping method (air or surface) for overseas orders. For mail orders, please send a check in US dollars, payable to the IEEE Symposium on Security and Privacy to: Brian J. Loe Treasurer, IEEE TC on Security and Privacy Secure Computing Corp. 2675 Long Lake Rd. Roseville, MN 55113 U S A For electronic orders, in addition to the information above, please send the following credit card information to loe@securecomputing.com: - the name of the cardholder, - type of card (VISA, Mastercard, American Express, and Diner's Club are accepted) - credit card number, and - the expiration date. You may use the following PGP public key to encrypt any information that you're not comfortable sending as cleartext. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 4.0 Business Edition mQCNAy+T6TkAAAEEAN/fnVu7VCPtcmBQhXFhJbejSoZJkEmWNUYvx13yRwl/gyir 61ae+GUjgWjWs9O06C6dugRGrjFZpBhMosu7sgGJMz54hvKbBNrYBSHpH0yex6e/ +c2mzbCbh40naARgPAaAki2rCkV2ryETj2Z6w98/k5fMgOZDnEy6WVOs56vlAAUR tBtCcmlhbiBKLiBMb2UgPGxvZUBzY3RjLmNvbT6JAHUDBRAvlQ8qNU4dUKmt/G0B Aba2AwCu48Oq1DPElV16DNQb7SvQAwQPGYYM3zg9RT0AyFeXajBHb9O2GkOmai8y ryJt4t3Q8aQ2BckWUsck29TT2M/U7hOrC+hJPMbziqbw5juR906pjs9OzPSR5Pta AW66CUqJAJUDBRAvlQ56enbk/HH5npkBAfkwA/9zVKeAJh/X4qzUzYJt/w9Hi3mF AAzm0YUcDwnNLkv/c1k3Kg0APh+BGbrbGvy2sVa1PgFKZluheCqSVO/BtApaf3QS ygoS118k20mzBU2QsX9KMvJ6z8nocSCWU9RopUirk8zwAisqwAq8dmgNwNsMfxDK mdCx3FiE46FrSnEKlokAlQMFEC+UKJdMullTrOer5QEB2aID/16rqeJkcfKRH/bs /1yGSqFgu6r8TUKKsD5pg/vc51t9d5X6/APGv1nO/aJOtr8NQ3InNTsl6VZEWWi/ 6TvKI7o+vuNtZ6qazRZixBXfSMh6UGzrDfgDgILVue4fG3qArF3rcRkKqFWxlX4Y 3ekZ8vYJAFyatphhFvhDX6BKhywAtCVCcmlhbiBKLiBMb2UgPGJyaWFuLmxvZUBj b21wdXRlci5vcmc+tCZCcmlhbiBKLiBMb2UgPGxvZUBzZWN1cmVjb21wdXRpbmcu Y29tPg== =jEJA -----END PGP PUBLIC KEY BLOCK----- You may also order some back issues from IEEE CS Press at http://www.computer.org/cspress/catalog/proc9.htm. 2. Proceedings of the IEEE CS Computer Security Foundations Workshop (CSFW 1, 5 through 12) The most recent Computer Security Foundation Workshop (CSFW12) took place the 28th through 30th of June in Mordano, Italy. Topics included formal specification of security protocols, protocol engineering, distributed systems, information flow, and security policies. Copies of the proceedings are available from the publications chair for $25. Copies of earlier proceedings starting with year 5 are available at $10. Photocopy versions of year 1 are also $10. Checks payable to "Joshua Guttman for CSFW" may be sent to: Joshua Guttman, MS A150 The MITRE Corporation 202 Burlington Rd. Bedford, MA 01730-1420 USA guttman@mitre.org ________________________________________________________________________ TC Officer Roster ________________________________________________________________________ Chair: Past Chair: Thomas A. Berson Charles P. Pfleeger Anagram Laboratories Arca Systems, Inc. P.O. Box 791 8229 Boone Blvd, Suite 750 Palo Alto, CA 94301 Vienna VA 22182-2623 (650) 324-0100 (voice) (703) 734-5611 (voice) berson@anagram.com (703) 790-0385 (fax) c.pfleeger@computer.org Vice Chair: Chair, Subcommittee on Academic Affairs: Michael Reiter Prof. Cynthia Irvine Bell Laboratories U.S. Naval Postgraduate School 600 Mountain Ave., Room 2A-342 Computer Science Department Murray Hill, NJ 07974 USA Code CS/IC Monterey CA 93943-5118 (908) 582-4328 (voice) (408) 656-2461 (voice) (908) 582-1239 (fax) irvine@cs.nps.navy.mil reiter@research.bell-labs.com Newsletter Editor: Paul Syverson Code 5543 Naval Research Laboratory Washington, DC 20375-5337 (202) 404-7931 (voice) (202) 404-7942 (fax) syverson@itd.nrl.navy.mil Chair, Subcommittee on Standards: Chair, Subcomm. on Security Conferences: David Aucsmith Jonathan Millen Intel Corporation SRI International EL233 JF2-74 Computer Science Laboratory 2111 N.E. 25th Ave 333 Ravenswood Ave. Hillsboro OR 97124 Menlo Park, CA 94025 (503) 264-5562 (voice) (650) 859-2358 (voice) (503) 264-6225 (fax) (650) 859-2844 (fax) awk@ibeam.intel.com millen@csl.sri.com ________________________________________________________________________ Information for Subscribers and Contributors ________________________________________________________________________ SUBSCRIPTIONS: Two options: 1. To receive the full ascii CIPHER issues as e-mail, send e-mail to (which is NOT automated) with subject line "subscribe". 2. To receive a short e-mail note announcing when a new issue of CIPHER is available for Web browsing send e-mail to (which is NOT automated) with subject line "subscribe postcard". To remove yourself from the subscription list, send e-mail to cipher-request@itd.nrl.navy.mil with subject line "unsubscribe". Those with access to hypertext browsers may prefer to read Cipher that way. It can be found at URL http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher CONTRIBUTIONS: to are invited. Cipher is a NEWSletter, not a bulletin board or forum. It has a fixed set of departments, defined by the Table of Contents. Please indicate in the subject line for which department your contribution is intended. For Calendar entries, please include a URL and/or e-mail address for the point-of-contact. For Calls for Papers, please submit a one paragraph summary. See this and past issues for examples. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. All reuses of Cipher material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy, publications using Cipher material should obtain permission from the contributors. BACK ISSUES: There is an archive that includes each copy distributed so far, in ascii, in files you can download at URL http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/cipher-archive.html ========end of Electronic Cipher Issue #35, 21 January 2000============