Subject: Electronic CIPHER, Issue 13, March 31, 1996 _/_/_/_/ _/_/_/ _/_/_/_/ _/ _/ _/_/_/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/_/ _/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/ _/ _/ _/ _/_/_/_/ _/ _/ ==================================================================== Newsletter of the IEEE Computer Society's TC on Security and Privacy Electronic Issue 13 March 31, 1995 Carl Landwehr, Editor Hilarie Orman, Assoc. Editor ==================================================================== Contents: [1486 lines total] Letter from the General Chair of the Symposium on Security and Privacy Letter from the Editor Security and Privacy News Briefs: o LISTWATCH by Mary Ellen Zurko o Kerberos 4 flaw uncovered at Purdue o Java bugs identified at Princeton o JavaScript not ready for prime time o Microsoft IIS Web server security flaw documented o Common Criteria version 1.0 available for comment: no paper! o German EPL now available on WWW o ITAR crypto export window opens a crack Articles and Conference Reports: o NDSS '96 Report by Christoph Schuba New Reports available via FTP and WWW: Interesting Links Who's Where: recent address changes Calls for Papers: Reader's guide to recent security and privacy literature o Conference Papers: includes o Journal and Newsletter articles Calendar >>>>>>>>>>>>>>Data Security Letter subscription offer<<<<<<<<<<< How to join the TC on Security and Privacy Publications for sale TC officers Information for Subscribers and Contributors ____________________________________________________________________ Letter from the General Chair of the IEEE CS Symposium on Security and Privacy ____________________________________________________________________ Dear Cipher Readers, The 1996 IEEE Symposium on Security and Privacy is the premier conference covering current issues and topics in computer and network security and privacy. It is being held 6-8 May 1996 at the Clarement Resort, Oakland, California. For further details and a registration form see http://www.cs.pdx.edu/SP96/. The main program has been finalized. However, there are three other opportunities for active participation. 1. Five-Minute Talks Present your latest work or research as a five-minute presentation. If you are interested in presenting a five-minute talk, please submit a one-page abstract in ASCII format by email to mchugh@cs.pdx.edu no later than 2 April 1996. 2. Evening Discussion Sessions Hold a discussion on a security topic of interest. Rooms for discussions can be arranged at the Claremont Resort. Please fill in the appropriate place on the registration form or contact me by email at dmj@mitre.org. 3. Evening Poster Sessions Present your latest work or research in an informal session during the evening. Please fill in the appropriate place on the registration form or contact me by email at dmj@mitre.org. Related Meetings Meetings of related interest can be held on the days just following the Symposium. For example, the IEEE 802.10 Working Group on Standard for Interoperable LAN/MAN Security will meet 8-10 May after the Symposium. If you wish to hold a (non-commercial) meeting related to the Symposium, please contact me by email at dmj@mitre.org. Dale Johnson General Chair 1996 IEEE Symposium on Security and Privacy dmj@mitre.org ____________________________________________________________________ Letter from the Editor ____________________________________________________________________ Dear Readers, Since our Valentine's Day issue, serious security flaws have been reported in Kerberos 4, Java, JavaScript, and Microsoft's Internet Information Server. Los Alamos National Laboratory suffered an(other) embarrassing intrusion when a hacker penetrated a firewall there. But Los Alamos was not alone; the Justice Department identified an Argentinian youth as the intruder in a variety of U.S. systems in the last half of 1995 (his equipment had been confiscated at the end of December). The significance of this case seems to be that it is the first time a wiretap warrant has been obtained on a telephone line connected to a computer. The warrant was needed because the system being monitored did not provide a warning banner that its communications might be monitored. On the legislative front, while a legal challenge to the Communications Decency Act (CDA) is underway in Philadelphia courtroom, a router vendor is planning to market a product that would give Internet service providers a tool for filtering all traffic sent to a given connection. The White House has evidently received lots of e-mail, both legitimate and spam, in the wake of the CDA. Some anti-spamming software installed on the White House mail system has evidently been put to good use. Time Magazine technology writer Philip Elmer-Dewitt could use a copy of it, as he fell victim to a similar assault. New legislation to address the content of Internet communications, cryptography use and export rules, and copyright are in various stages of consideration in the U.S. Most recently, Senator Burns of Montana announced at the Computers, Freedom and Privacy conference that he will introduce legislation to allow unrestricted export of mass market or public domain encryption programs such as PGP and to prohibit the imposition of mandatory key-escrow encryption policies on the domestic market. From Europe, reports are that Belgium may assume France's role as the country most strictly controlling the use of encryption. As France seems ready to trade its policy permitting the use only of authorized encryption schemes, for one that might only require that keys be deposited with a to-be-specified trusted third party, Belgium turns out to have passed a law over a year ago that includes constraints similar to the former French ones. On the electronic commerce front, American Express has joined Visa and Mastercard in endorsing the SET specifications, which are now available for downloading at . Digicash teamed with European Internet service provider EUnet and Finland's largest bank, Merita, to launch their ecash system. Half a dozen organizations, primarily media-related services, are reported willing to accept ecash as payment. Oracle announced it will collaborate with Verisign, incorporating Verisign Digital IDs in its WebServer release 2.0 in order to provide cryptographically- based authentication of parties to electronic transactions. Cybercash announced several new agreements as well. Any questions? Carl Landwehr Editor, Cipher ______________________________________________________________________ SECURITY AND PRIVACY NEWS BRIEFS ______________________________________________________________________ ______________________________________________________________________ LISTWATCH: items from security-related mailing lists by Mary Ellen Zurko ______________________________________________________________________ Here are this month's highlights from www-security, libernet, tbtf, risks, sig-security and e$pam. There are guidelines around on how to write CGI programs so that they don't allow a client to invoke arbitrary OS calls on the server side. Adam Shostack has pointed out several times on www-security that programs should check that only legal characters are used in user input. However, another example of a CGI script that checks that no _illegal_ characters were input has caused a CERT advisory. It's a CGI example found in recent version of NCSA and APACHE httpd servers. The Communications Decency Act is already having a chilling effect on even the medium of print. Jim Warren, a journalist for BoardWatch (a print and online magazine) has resigned over it. His editor excised an intentionally crude reference from his column in both media. The editor sent e-mail to Warren saying the change was made because it could "deliberately implicate" the publisher in a felony. It's been a big month for bugs in Java and Javascript. Javascript is only related to Java by some syntactical overlap. It's not an open, scrutinized standard, and it can be placed directly in an HTML page. A Java bug that caused a lot of discussion this month involved using DNS to subvert the restriction that an applet can only connect to its originating host. The browser verifies this by doing a DNS lookup on the name of the originating host to get the TCP address, and comparing that address to a requested connection. However, a DNS name can refer to more than one TCP address. There is no strong security on DNS to make sure that a name only points to the "right" TCP address. Javascript bugs were reported that allow script to monitor and transmit the URLs that a browser visits and transmit the directory listings of the local host file system. A Javascript feature that has raised some eyebrows is the ability to send mail under a user's name when a form is submitted. The user can have no knowledge of the content of the mail, or even that it was sent. On 3/5/96 Senator Patrick Leahy (D-VT) introduced the Encrypted Communications Privacy Act of 1996 in the Senate. The bills would waive export restrictions on "generally available" encrypting software. They would impose criminal penalties for the use of encryption in the commission of a crime or to hide evidence of a crime. An article in the Denver Post claims that CellPort Labs, Inc., has come up with a device called MobileWeb that would allow users to browse the web from their cars. From the article: Basically, MobileWeb links your vehicle's electronic devices via a wireless cellular or personal communications service network to the Web, [...] "In essence, we're marrying the wireless service to the automotive electronic system," Kennedy said. I find the idea of hooking my car up to the Internet pretty darn scary. A report on a location-based authentication method by Dorothy E. Denning and Peter F. MacDoran outlines an authentication mechanism that "utilizes space geodetic methods to form a time-dependent location signature that is virtually impossible to forge." Another public-key infrastructure working group has started in the IETF (SPKI). This group has formed to explore public-key certificates that are attribute-based instead of name-based, for use in a variety of Internet applications. The COAST Laboratory at Purdue discovered a vulnerability in the pseudo-random number generating code of Kerberos V4 that allowed an unprivileged user to impersonate another user. The Department of State now allows encryption software to be temporarily exported for certain personal uses. China ordered all users of international computer networks to register with the police. ______________________________________________________________________ Kerberos 4 flaw uncovered at Purdue ______________________________________________________________________ Researchers at Purdue's COAST laboratory uncovered a significant weakness in the Kerberos Version 4 key server, according to reports circulated on 16 February. CERT advisory CA-96.03, distributed 21 February, confirmed the problem, which concerns only key distribution centers, not clients or servers, and provided patch information. According to the COAST announcement, Steve Lodin and Bryn Dole, graduate students working with Prof. Gene Spafford,
discovered a method whereby someone without privileged access to most implementations of a Kerberos 4 server can nonetheless break secret session keys issued to users. This means that it is possible to gain unauthorized access to distributed services available to a user without knowing that user's password. This method has been demonstrated to work in under 5 minutes, on average, using a typical workstation, and sometimes as quickly as 12 seconds.
The researchers also found that Kerberos Version 5 exhibited a "small, theoretical weakness in Kerberos version 5 that would allow similar access, given some additional information and considerable preliminary computation. Kerberos version 5 does not exhibit the same weakness as described above for Kerberos version 4." Later reports gave the following timings for cracking session keys: SPARC 5: average time to crack session key = 26.2 seconds (std dev 14.7 over 223 trials); longest = 48.7 seconds; shortest = .3 seconds. DEC Alpha: average time = 5.8 seconds with std dev of 3.3; longest = 10.9 seconds; shortest = .2 seconds. ______________________________________________________________________ Java bugs identified at Princeton ______________________________________________________________________ Two security flaws in recently released Java support were circulated on 18 February by Drew Dean, Ed Felten, and Dan Wallach of Princeton University. A flaw in Netscape Navigator 2.0 and the 1.0 release of the Java Development Kit from Sun permits a malicious applet to open a connection to arbitrary Internet hosts; potentially permitting exploitation of bugs in any TCP/IP-based network service (e.g. sendmail). If the applet is executed on a machine behind a firewall, machines on the same side of firewall may be attacked in this way. The second flaw occurs in the bytecode dissassembler, javap. A long method name can overflow a stack allocated buffer, potentially permitting arbitrary native code to be executed. Both flaws can be avoided by disabling Java until patches are made available. Dean and Felten will present a paper on security flaws in versions of Java and the HotJava browser at this year's IEEE CS Symposium on Security and Privacy. Details of a third serious flaw, reported by the same group on March 23, are being withheld pending development and distribution of appropriate fixes, but the flaw is reported to permit a malicious applet to delete a user's files or implant a virus. More information on these flaws is available at ______________________________________________________________________ JavaScript not ready for prime time ______________________________________________________________________ The following report is excerpted from Lincoln Stein's WWW Security FAQ files, found at JavaScript and Java share a common name and syntax, but they are quite distinct entities. Java is a language designed by Sun Microsystems. JavaScript is a series of extensions to the HTML language understood only by Netscape Navigator versions 2.0 (and higher). It's an interpreted language designed for controlling the Netscape browser; it has the ability to open and close windows, manipulate form elements, adjust browser settings, and download and execute Java applets. JavaScript holes all involve infringements on the user's privacy. The following holes all exist in Netscape 2.01, and were discovered and publicized by John Robert LoVerso of the OSF Research Institute (loverso@osf.org): 1. JavaScripts can trick the user into uploading a file on his local hard disk or network mounted disk to an arbitrary machine on the Internet. Although the user must click a button in order to initiate the transfer, the button can easily masquerade as something innocent. Nor is there any indication that a file transfer has occurred before or after the event. This is a major security risk for systems that rely on a password file to control access, because a stolen password file can often be readily cracked. 2. JavaScripts can obtain directory listings of the user's local hard disk and any network mounted disks. This represents both an invasion of privacy and a security risk, since an understanding of a machine's organization is a great advantage for devising a way to break into it. 3. JavaScripts can monitor all pages the user visits during a session, capture the URLs, and transmit them to a host somewhere on the Internet. This hole requires a user interaction to complete the upload, but as in the first example the interaction can be disguised in an innocuous manner. A description of these bugs can be found at: http://www.osf.org/~loverso/javascript/ Netscape's version 2.01 browser permits the user to disable Javascript. ______________________________________________________________________ Microsoft Web server security flaws documented ______________________________________________________________________ Microsoft's freely available Internet Information Server (IIS) software shared a bug with other Windows NT browsers that permitted a malicious user to cause arbitrary commands to be executed by the server. A detailed description of the bug by Andy Baron is available at . Microsoft released a fix and a new version of IIS; versions downloaded after March 5, 1996 are not supposed to have the bug. However, there is some disagreement over whether or not the revised IIS is not in fact vulnerable to a similar, but slightly more complex attack. See for details. ______________________________________________________________________ Common Criteria Version 1.0 Available for Comment: No paper! ______________________________________________________________________ Gene Troy of the U.S. National Institute for Standards and Technology (NIST), reports that the Common Criteria for Information Technology Security (CC) version 1.0, January 31, 1996, is (are?) now available for public review and comment. This version is being distributed electronically in two forms: from files at the NIST Web site and elsewhere that may be retrieved via the Internet, or as the files on a compact disk (CD-ROM) now being developed and that can be requested from one of the CC Project sponsoring agencies (see list in ). Because the CC materials are so voluminous, paper copies are not being provided for general distribution. ______________________________________________________________________ German EPL now available on WWW ______________________________________________________________________ Heinrich Kersten of the German Information Security Agency (GISA/BSI) writes Cipher to announce that the German Evaluated Products List is now available on the Internet, at URL . The certification reports (according to the European ITSEC) are presently available in printed form from: BSI, P.O.Box 200363, D- Bonn, Germany FAX +49-228-9582455) These reports are also expected to be available on the Internet soon. Cipher readers may enjoy this opportunity to exercise their German! The site not only lists systems certified or currently in the certification process in Germany (at URL), but also systems rated by the UK, at URL . [Will the U.S. follow suit? If any enterprising Cipher readers would like to help, I can provide the raw materials--CEL] ______________________________________________________________________ ITAR crypto export window opens a crack ______________________________________________________________________ U.S. citizens who want to take crypto products abroad with them on trips may now find it a little easier than before. The State Department has amended the International Traffic in Arms (ITAR) regulations to ease the burden on U.S. citizens desiring to export cryptographic products temporarily for personal use, excluding use for copying, demonstration, sale, re-export, or transfer of ownership or control. The traveler is required to keep the product secure by "locking the product in a hotel room, safe, or other comparably secure location; and, while in transit, the exporter keeps the product in his/her carry-on luggage or locked in baggage accompanying the exporter which has been checked with the carrier." The policy does not apply to travel to Cuba, Iran, Iraq, Libya, North Korea, Sudan or Syria, and it requires that the traveler maintain records of the export and subsequent re-import for five years. Full text of the regulation is available on the Web version of Cipher. _____________________________________________________________________ Report on the Internet Society Symposium on Network and Distributed System Security, San Diego, CA, February 22-23, 1996 by Christoph L. Schuba (schuba@cs.purdue.edu, schuba@parc.xerox.com) ______________________________________________________________________ The fourth Symposium on Network and Distributed System Security (SNDSS) was held at the Princess Hotel in San Diego, CA on February 22-23, 1996. This one-track symposium was sponsored by the Privacy and Security Research Group of the Internet Research Task Force with support from the Internet Society (ISOC). The symposium was well attended, with about 300 registered attendees. Thursday consisted of four sessions, two of which were panel discussions. The refereed paper sessions addressed electronic mail security, distributed object systems, and distributed system security. The panels discussed scalability of security in distributed object systems and intellectual property protection. After the dinner banquet, Henry Kluepfel (Vice President, SAIC) was invited to speak about "Security and Fraud on the Information Superhighway". The last scheduled activity for the day was a BOF on security in Java. Friday consisted again of four sessions, the last one was a panel discussion on public-key infrastructure. The other sessions covered aspects of network security, key management, and encryption. The purpose of the symposium is to bring together people who are building software and/or hardware to provide network and distributed system security services. It has a focus on practical aspects, such as actual system design, and implementation. It targets researchers, implementors, and users of network and distributed systems facilities. Forty submissions for refereed papers, panels, and BOFs and the work of the program committee resulted in an outstanding symposium program. Thursday, February 22 Morning James Ellis (general chair, CERT) opened the symposium with welcoming remarks and thanks to the chairs that brought the symposium together: Donna Leggett (registration chair), Thomas Hutton (local arrangement chair), Stephen Welke (publication chair), Clifford Neuman and David Balenson (Program Chairs), the session chairs Stephen Kent, Danny Nesset, Michael Roe, Peter Neumann, Matt Bishop, Burt Kaliski, Avi Rubin, and Warwick Ford, the rest of the Program Committee, and a number of external reviewers. The first session regarding "Electronic Mail Security" was chaired by Stephen Kent (BBN) and featured two talks. The first talk was given by Ceki Gulcu (IBM) (joint work with Gene Tsudik) with the title "Mixing E-mail with BABEL". Gulcu discussed the goals and desired properties of anonymous email, such as availability of the service to anyone, strong guarantee of anonymity, minimal trust in remailers, and a remailer infrastructure that can resist attacks. He then introduced the design and salient features of the BABEL anonymous remailer. The basic idea is that the sender repeatedly encrypts the message with the public keys of the remailers that are on the forward path to the destination. Return path information is included in the message to enable replies. This approach has its obvious scalability problems, but is resistant to a number of active and passive attacks, and assumes little trust in intermediate remailers. A prototype implementation is based on freely available software: Perl and PGP. The following presentation was given by Kazuhiko Yamamoto (Nara IST, Japan) who described and demonstrated a design for the "Integration of PGP and MIME". The advantage is obvious: combining PGP's privacy services and MIME's capability of exchanging multipart, multimedia documents offers privacy for any non-textual documents. The design allows for the embedding of PGP objects into MIME with a backward compatibility with PGP. It offers confidentiality and authenticity on a whole MIME message, or only selected parts. A prototype was implemented in Emacs LISP and is operational on various emacs platforms. The second session in the morning was titled "Distributed Object Systems". Dan Nessett (Sun Microsystems) chaired this session that contained one presentation of a refereed paper and one panel discussion. The sole paper in this session was presented by Nicholas Yialelis (joint work with Morris Sloman, both Imperial College London, UK). He described a "Security Framework Supporting Domain Based Access Control in Distributed Systems". Explicit goals of this work are to provide a security platform for distributed applications that makes access control and authentication mechanisms transparent to the application level, and to support the enforcement of access control policies that are specified using management domains. The latter has the advantage that policies can be specified in terms of groups of objects. Therefore it is not necessary to specify policies for possibly millions of individual objects in large scale systems. The architecture provides for a host manager server that is present on all hosts and supports the host manager object, an authentication agent object, and an access control agent object. The provided security is transparent to the applications, and only few modifications are necessary at the applications servers. The components communicate with their remote peers via secure channels. A prototype implementation is underway in the CORBA-compliant Orbix environment. Bret Hartman (BlackWatch Technology), Dan Nessett, and Nicholas Yialelis served on the following panel. The objective of the panel was to discuss the question of "Scalability of Security in Distributed Object Systems". Hartman began with a brief overview of the problem area. To manage a set of objects, rather than the individual objects separately is a powerful mechanism. The challenges include how to compose policies that are specified on sets of objects, if compositions can scale in the presence of complex security requirements, and how different solutions to the previous two challenges might interoperate. Dan Nessett provided three example applications of large scale distributed object systems to explore the applicability and advantages of security policy domains. The examples addressed the question of federated domains, federated domains with transitive trust requirements, and security policy updates. The first two examples centered around the insight that technical solutions are necessary but not sufficient to provide good security. The search for higher level solutions must go on, and a true solution will in addition to technical aspects have many other facets, such as nondisclosure agreements, trust, object domains, ...and lots of lawyers. Afternoon The third session was on "Distributed System Security". Michael Roe (University of Cambridge, UK) chaired this session. Jonathan Trostle (CyberSAFE) spoke first, about "A Flexible Distributed Authorization Protocol" (joint work with Clifford Neuman, ISI). The work is based on the observation that considerable effort has been put into creating interoperability among authentication methods, but authorization methods have received far less attention. Trostle presented a flexible authorization protocol that provides the full generality of restricted proxies while supporting the functionality of and interoperability with existing authorization models, such as OSF DCE, and SESAME V2. Trent Jaeger (University of Michigan) presented "Preserving Integrity in Remote File Location and Retrieval" (joint work with Avi Rubin, Bellcore). Jaeger's work addresses the two problems of locating files and verification of file integrity in the presence of untrusted networks, or mobile systems with little memory. He described a service that provides the capability to automatically locate, retrieve, and verify files specified by a client using a single trusted principal, a certification authority (CA). CAs generate and sign certificates that associate an author with a file and a cryptographic digest of the file. Automated location is possible because all remote files are published with location servers. Takahiro Kiuchi (University of Tokyo) presented the final speech in this session titled "C-HTTP - The Development of a Secure, Closed HTTP-Based Network on the Internet" (joint work with his colleague Shigekoto Kaihara). The components of the system are a client-side proxy, a server-side proxy, and a C-HTTP name server. Client-side proxies and server-side proxies communicate with each other using a secure encrypted protocol while communication between a user agent and its client-side proxy or an origin server and server-side proxy are performed using current HTTP/1.0. The C-HTTP based secure, encrypted name and certification service is used, instead of the DNS. The aim of C-HTTP is to assure institutional level security, in contrast to other secure HTTP protocols currently proposed which are oriented toward secure end-user to end-user HTTP communications. The last session of the day, "Intellectual Property Protection", was chaired by Peter Neumann (SRI). The panel consisted of brief presentations by the panelists and a question and answer session. Olin Sibert (Electronic Publishing Resources) proposed a decentralized approach to electronic publishing of intellectual property. Components of such an approach are decentralized servers, 'crypto (un)lock' technology for making documents (in)accessible, and 'local' participation and enforcement of end systems. Olin also advocated the view that in the business world security requirements differ from military requirements. Russ Housley (Spyrus) represented a vendor of PCMCIA crypto hardware for metering remote use. Dan Boneh (Princeton University) described a method of using public key cryptography to mark complex documents, such as images, to allow the owner of the document to identify each authorized copy and its owner. The scheme can protect against collusion. It fails if automated tools can be utilized to remove the protecting fingerprints, such as spacing in text documents. A number of different topics were addressed during the following question and answer period. Peter Neumann asked if electronic commerce products can be made secure? The joint opinion of all panelists concluded that this is impossible, and that the real question is how to make the publishing systems resilient enough, such that fraud is limited to an acceptable level. The remaining questions centered around Boneh's work on fingerprinting documents. It was asked if the assumption that products can be associated with the initial purchaser is reasonable, and if so, how much this violates personal privacy issues. The last question discussed if there are methods of fingerprinting that do not affect the artistic contents of the work. Friday, February 23 Morning The first session on the second day on "Network Security" was chaired by Matt Bishop (UC Davis). This session included three presentations. Jonathan Stone (Stanford University) described "Designing an Academic Firewall: Policy, Practice, and Experiences with SURF" (joint work with colleagues Michael Greenwald, Sandeep Singhal, and David Cheriton). The interesting premise of this work was that corporate firewall designs are neither effective nor appropriate for academic or corporate research environments. The research group built the Stanford University Research Firewall (SURF). The policy implemented by this firewall allows less restrictive outward information flow than the traditional model. Services, such as e-mail, WWW, and anonymous FTP work transparently for internal users. SURF was constructed using off-the-shelf software and hardware components. Secondly, Sandra Murphy (TIS) described "Digital Signature Protection of the OSPF Routing Protocol" (joint work with colleague Madelyn Badger). The talk reported on work in progress to protect the OSPF routing protocol through the use of cryptography, specifically digital signatures. The routing information is signed with an asymmetric cryptographic algorithm, allowing each router recipient to check the source and integrity of the information. Murphy discussed fundamental issues in security of routing protocols, reviewed the basics of OSPF operation, the proposed design, and remaining vulnerabilities (such as the age field not being protected by the keyed hash). Michael Roe (University of Cambridge, UK) concluded the session by his "Case Study of Secure ATM Switch Booting" in the context of the Fairisle ATM switch environment (joint work with his colleague Shaw-Cheng Chuang). Roe examined a few techniques for booting Asynchronous Transfer Mode (ATM) switches securely over an insecure network. Each of the techniques assumed a different trust model. The work assumes an open multi-service network where ATM switches are booted with third party software, possibly even using a third party booting service. In that environment it is important to ensure that the switches are booted with authorized and authenticated boot code. Michael examined the threats and presented schemes of countering the threats. The sixth session of the symposium was on "Key Management", chaired by Burt Kaliski (RSA). Hugo Krawczyk (IBM T.J. Watson) began with a discussion of "SKEME, A Versatile Secure Key Exchange Mechanism for Internet". SKEME constitutes a compact protocol that supports a variety of realistic scenarios and security models over the Internet. It provides clear tradeoffs between security and performance as required by the different scenarios without incurring unnecessary system complexity. The protocol supports key exchange based on public keys, key distribution centers, or manual installation, and provides for fast and secure key refreshment. Additionally, SKEME selectively provides perfect forward secrecy, allows for replaceability and negotiation of the underlying cryptographic primitives, and addresses privacy issues as anonymity and repudiatability. The final talk before lunch was given by Carlisle Adams (BNR, Canada) on "IDUP and SPKM: Developing Public-Key Based APIs and Mechanisms for Communication Security Services". Carlisle discussed the progress in the development of APIs and mechanisms which provide a comprehensive set of security services to application developers. Existing APIs, though similar, are developed for distinct environments: the session API (GSS) is aimed at the on-line real-time messaging environment; the store-and-forward API (IDUP) is particularly suited for electronic-mail types of environments. Both APIs were designed to be easy to use, yet with appropriate public-key-based mechanisms include many necessary services for communication security, such as data origin authentication, data confidentiality, data integrity, and support for non-repudiation. A full key management and certification infrastructure can be provided by implementations of these APIs/mechanisms in a way which is completely transparent to the calling application, thus ensuring maximum flexibility and scalability to future environments. Afternoon Avi Rubin (Bellcore) opened the seventh session on "Encryption", encompassing three presentations. Iskender Agi (SRI) presented "An Empirical Study of Secure MPEG Video Transmissions" (joint work with colleague Li Gong). MPEG is an industrial strength standard for video processing and is widely used in multimedia applications in the Internet. No security provision is specified in the standard. The speakers conducted an experimental study of previously proposed selective encryption schemes for MPEG video security. This study showed that these methods are inadequate for sensitive applications. Agi also discussed the tradeoffs between levels of security and computational and compression efficiency. The second presentation titled "Parallelized Network Security Protocols" described a joint effort by Erich Nahum, David J. Yates (both University of Massachusetts), Sean O'Malley, Hillarie Orman, and Richard Schroeppel (all University of Arizona). The premise is that shared-memory multiprocessors make attractive server platforms. The paper is an experimental performance study that examines how encryption protocol performance can be improved using parallelism. The authors show linear speedup for several different Internet-based cryptographic protocol stacks running on a symmetric shared-memory multiprocessor using two different approaches to parallelism. The last presentation was by David A. Wagner (UC Berkeley) who spoke about a TCP/IP security extension for MS-DOS systems "A 'Bump in the Stack' Encryptor for MS_DOS Systems" (joint work with Steven Bellovin, AT&T Bell Labs). Source code is not readily available for MS-DOS systems. Therefore, Wagner implemented the IP security extensions using the packet driver interface. The IPSEC module sits between the generic Ethernet driver and the hardware driver; it emulates each to the other. The work showed that it is possible to add IP security features by exploiting open interfaces. However, the implementation has several problems, such as the duplication of functionality (IP fragmentation). The final session of the symposium was a panel on "Public-Key Infrastructure". Chair and moderator Warwick Ford (BNR) introduced the panel members and gave brief comments on the importance of the topic. He also acknowledged that the subject was too broad, and restricted it to the question of how many credentials are needed. The panelists gave short presentations and answered several questions from the audience. John Wankmueller (MasterCard International) stressed one point in his presentation: MasterCard and VISA take a different approach to certification than most other other systems: they try to establish that a valid account is used, not the identity of the user. Authenticating account numbers is in a sense obscuring the identity of users. Wankmueller then presented the architecture of a certification hierarchy that was developed to secure MasterCard electronic commerce transactions. Taher ElGamal (Netscape) focussed on the importance of user friendly and transparent security features. It therefore did not matter how many certificates were needed, if all the user has to do is to click on an icon to commit to a transaction, and the software beneath it determines which certificate is needed. There will most likely be a multitude of certificates: identity type, authorization type, and special purpose certificates. Universal certificates are possible to design, but complicated. Different countries have different styles (e.g., phone cards). ElGamal claimed that a likely outcome is to have about as many important certificates as plastic cards in one's wallet. Michael Baum (Verisign) represented the commercial public-key infrastructure service provider perspective. He asked if the lack of a single certificate is really a problem. He focussed on the practices and the legal side. The remainder of the time was spent with questions from the floor. Steve Kent observed that there is no need for multiple credentials not only because of different types of identity, but also because of context of identity. Bob Abbott challenged the trust in the system by asking what recourse customers have against fraudulent merchants. ________________________________________________________________________ New Reports available via FTP and WWW ________________________________________________________________________ * Proceedings of the Internet Society's 1996 Symposium on Network and Distributed System are promised to be available at URL though they aren't available as of 30 March 1996 -- keep checking! * White Paper on Information Infrastructure Assurance by the staff of the U.S. Security Policy Board * Revised Internet Draft on Web transaction security available: Requirements for Web Transaction Security, by G. Bossert, S. Cooper, W. Drummond. Revised 03/13/1996. 3 pages. This document specifies the requirements for the provision of security services to the HyperText Transport Protocol. These services include confidentiality, integrity, user authentication, and authentication of servers/services, including proxied or gatewayed services. Such services may be provided as extensions to HTTP, or as an encapsulating security protocol. Secondary requirements include ease of integration and support of multiple mechanisms for providing these services. * Papers from the February 1996 FORMIS workshop. FORMIS = Framework and Open Reference Model for Information Security; several papers and slide presentations available at: * Papers from the Joint Australian/OECD Conference on Security, Privacy and Intellectual Property Protection in the Global Information Infrastructure, held in Canberra, 7-8 February. Available at: * Perspectives on Security in the Information Age. Computer Systems Policy Project (representing 13 high-tech companies) report on what "cyberproperty" is and why and how to protect it. Includes a list of ten proposed "security principles" largely concerning the use and regulation of cryptography and four policy recommendations addressed to the U.S. government on the same topic. * Common Criteria for Information Technology Security (CC) version 1.0, January 31, 1996 is now available for public review and comment from NIST's Web site; URL ________________________________________________________________________ Interesting Links [new entries only] ________________________________________________________________________ Format: Description (first lines) followed by URL (last line) Government sources/information: ------------------------------- Collaborative Internet Security Project Federal Bureau of Investigation Office of the Director of Central Intelligence; pointers to CIA, US Intelligence Community, Center for the Study of Intelligence National Reconnaissance Office Professional societies and organizations: ----------------------------------------- [No new entries this issue] Other places for interesting research papers, announcements, assistance ----------------------------------------------------------------------- Federation of American Scientists Project on Government Secrecy RST Corporation's Reliability Hotlist ________________________________________________________________________ Who's Where: recent address changes ________________________________________________________________________ Entered 21 March 1996: Bret Hartman, President Polar Humenn, Chief Science Office Ted Ralston, Chief Business Officer BlackWatch Technology, Inc. 2-212 Center for Science & Technology CASE Center/Syracuse University Syracuse, NY 13244-4100 voice: 315-443-3171 fax: 315-443-4745 home page: http://www.blackwatch.com hartman@blackwatch.com polar@blackwatch.com ted@blackwatch.com Tom Van Vleck CyberCash Redwood City, CA thvv@best.com _______________________________________________________________________ Calls for Papers (new listings since last issue only -- full list on Web) ________________________________________________________________________ CONFERENCES Listed earliest deadline first. See also Cipher Calendar and NRL CHACS CFP list. o International Conference on Network Protocols '96, Columbus, Ohio, October 29 through November 1, 1996. Network security is a topic of interest for this conference. Authors are requested to submit six copies (in English) of their double-space typed manuscript (maximum of 25 pages) with an abstract to the program chair by April 1, 1996. All accepted papers will be published in the conference proceedings; some will be forwarded to the journal IEEE/ACM Transactions on Networking for publication consideration. Submit papers by mail. The program chair is Dr. Hasan Ural (ural@csi.uottawa.ca). Conf Web page: o Internet Privacy and Security Workshop, Haystack Observatory, Mass., May 20-21, 1996. A principal focus of the workshop will be on the Federal portion of the Internet. All points of view on Federal policies affecting Internet privacy and security are welcome. Please make all electronic submissions in ASCII format. Submissions are due to papers@rpcp.mit.edu by April 14, 1996. Conf Web page: o Engineering of Complex Systems, Montreal, Quebec, October 21-25, 1996. The goal of this conference is to bring together industrial, academic, and government experts from these various disciplines, to determine how the disciplines' problems and solution techniques interact within the whole system. A subject of interest is dependable Real-Time Systems. Both long (under 5000 words) and short (under 2500 words) submissions are welcome, including presentations of complete work, summaries of work in progress, position statements, exhibit proposals, tutorial proposals. Papers are due April 15 by mail. o Education in Computer Security, Monterey, California, May 10, 1996; The Workshop on Education in Computer Security has been created to bring together educators, vendors and researchers who are interested in developing and enhancing instruction in computer security within undergraduate and graduate computer science programs. In the first workshop we seek input on a broad range of topics associated with computer security education. Employers are invited to present the educational backgrounds they would like to see for computer security specialists. Educators may outline pedagogical objectives for entry-level and more advanced students, including individual classes and curricula as examples. Educational activities that would enhance students' ability to contribute to government and corporate programs are of interest as are presentations of novel approaches to computer security education. Educators, employers, and researchers are invited to submit 2-3 page position papers describing their interest and activities in Education in Computer Security. Position papers are due to Cynthia Irvine, irvine@cs.nps.navy.mil, by April 16, 1996. Hard copy, e-mail, or fax submissions are acceptable. Conf Web page: o Computer Security Institute Conference, in Chicago, Illinois, November 11-13, 1996. Proposed presentation should offer successful concepts, models, processes and applications useful to those responsible for information security. To be eligible for selection as a speaker, you will need to submit an abstract that describes the content of your talk(s), a biography that describes your background, and complete contact information including your e-mail address and fax numbers. Submissions due April 15, 1996 via email to prapalus@mfi.com. o Personal Information - Security, Engineering, and Ethics, Cambridge, England, 21-22 June, 1996. It is becoming clear that systems cannot adequately protect medical records and other personal information by blindly following the banking and military paradigms of computer security. A fresh approach is needed. For this reason, the British Medical Association is sponsoring a two day colloquium at the Isaac Newton Institute, Cambridge, whose goal is to bring together people interested in the protection of personal information with computer security professionals. Topics of interest include the interaction between privacy and safety, security and safety policy, technical aspects, practice in different countries, the tension between clinicians and researchers, privacy in other systems (such as those supporting legal practice), the philosophy of privacy, and the regulation of access to personal information by administrators and law officers. Papers should not exceed fifteen pages in length. Submissions due via email to Ross Anderson (rja14@newton.cam.ac.uk) or via paper mail by 10th May 1996. o 12th Annual Computer Security Applications Conference, San Diego, CA. Those who are developing solutions to problems relating to protecting your country's information infrastructure or a commercial enterprise are invited to consider submitting a paper to the Annual Computer Security Applications Conference. Papers are due by May 24 and should not exceed 7500 words. Panel/forum proposal and vendor presentation proposals are also sought. Mailing instructions are provided. Conference Web page: o 6th International Conference on Database Theory, Delphi, Greece, January 8-10, 1997. A topic of interest is fundamentals of security and privacy in databases. Authors are invited to submit 8 copies of a full conference paper (which might be an extended abstract where proofs are only sketched) of about 5000 words (10 typed pages in no less than 11-point font) by June 13, 1996, to one of the program co-chairs, Foto Afrati (afrati@cs.ece.ntua.gr) or Phokion G. Kolaitis (kolaitis@cse.ucsc.edu). Conf. Web page: o Third International Symposium on Autonomous Decentralized Systems, Berlin, Germany, April 9 - 11, 1997. Driven by the increasing power, intelligence, reliability, and openness of computer, communication and control technologies, a new generation of distributed systems is emerging, that will be able to support distributed business and control applications with extreme efficiency, reliability and security requirements. Security is not mentioned in the CFP as a specific topic of interest, but the topic list is not exclusive. Send 6 copies of an original (not submitted or published elsewhere) full paper (12 point, double-spaced) with 3000 - 6000 words - in paper form only - to the address given by July 15, 1996. Panel proposals are also solicited. Conf Web page: JOURNALS o International Journal of Digital Libraries aims to advance the theory and practice of acquisition, definition, organization, management and dissemination of digital information via global networking. In particular, the journal will emphasize technical issues in digital information production, management and use, issues in high-speed networks and connectivity, inter-operability, and seamless integration of information, people, profiles, tasks and needs, security and privacy of individuals and business transactions and effective business processes in the Information Age. The first issue will appear in Summer 1996. Electronic submission is encouraged (for details please send email to dlib@adam.rutgers.edu). For hard copy submission, please mail five copies to: Prof. Nabil R. Adam, CIMIC, Rutgers University, Newark, NJ 07102, (201) 648-5239, adam@adam.rutgers.edu. Regular archival computer security journals: o Journal of Computer Security (JCS) [see Cipher Web pages or EI#9]; e-mail contacts for submissions: jajodia@isse.gmu.edu or jkm@mitre.org See also Web site: http://www.jcompsec.mews.org/ o Computers & Security [see Cipher Web pages or EI#9] e-mail contact for submissions: j.meyer@elsevier.co.uk Special Issues of Journals and Handbooks: listed earliest deadline first. [No new entries this issue] ________________________________________________________________________ Reader's Guide to Current Technical Literature in Security and Privacy Part 1: Conference Papers ________________________________________________________________________ * INET '96, 6th Annual Conference of the Internet Society, June 25-28, Montreal . Security-related papers: - Securing Radio Spectrum for Wireless Internet Access, Steve Cisler (Apple Computer, Inc., USA) - Electronic Payment Interoperability, Alireza Bahreman - Efficient Micropayment Systems, Donald Eastlake (Cybercash, USA) - The Design of the SECT (Secure Electronic Transactions) Protocol, Allan M. Schiffman - Secure DNS, Don Eastlake, (Cybercash, USA) - IP Security, Jim Hughes * SIGMOD '96, ACM SIGMOD International Conference on Management of Data, June 3-6, 1996, Montreal . Security-related paper: Static Detection of Security Flaws in Object-Oriented Databases, Keishi Tajima. * ACM-SIGMOD'96 Workshop on Research Issues on Data Mining and Knowledge Discovery, June 2, 1996, Montreal. Security-related paper: Security and Privacy Implications of Data Mining. C. Clifton (MITRE) and D. Marks (US Department of Defense) * SDNE '96, Third International Workshop on Services in Distributed and Networked Environments, June 3-4, 1996, Macau: ; security-related papers: - Security and Auditing of VPN, Nora Boukari (Telis S & C, France) and Ali Aljane (Universite Pierre et Marie Curie, France) - Information Distribution by FleaMarket System, Osamu Akashi, Kenji Moriyasu, and Atsushi Terauchi (NTT Software Laboratories, Japan) - A Privilege Management System For A Secure Network, K.J. Maly, A. Gupta, B Kvande, I.B. Levinstein, R. Mukkamala, and M. Olson (Old Dominion University, USA) * TACAS'96, Second International Workshop on Tools and Algorithms for the Construction and Analysis of Systems, March 27-29, 1996, Passau, Germany: - Breaking and Fixing the Needham-Schroeder Public-Key Protocol using CSP and FDR, G. Lowe (Oxford University, UK) - Automatic Compositional Verification of Some Security Properties, R. Focardi and R. Gorrieri (University of Bologna, Italy) * IEEE INFOCOM'96, The Conference on Computer Communications, March 24 - 28, San Francisco, CA, USA: [Conference information] Network Security via Reverse Engineering of TCP Code: Vulnerability Analysis and Proposed Solutions. B. Guha and B. Mukherjee (UC Davis, USA) * IEEE IPCCC'96, IEEE International Phoenix Conference on Computers and Communications, March 27-29, 1996, Phoenix, Arizona, USA: - Security for Real-Time MPEG Compressed Video in Distributed Multimedia Applications, G. Spansos and T. Maples (California State University at Long Beach, USA) - Distributed Communication Services in the MASIX System, J. Simon and F. Mevel (Universite Paris VI, France) - TCP/IP Spoofing Fundamentals, N. Hastings (Iowa State University, USA) and P. Mclean (Andersen Consulting) - The Role of Decimated Sequences in Scaling Encryption Speeds Through Parallelism, E. Witzke (RE/SPEC, Inc.) and L. Pierson (Sandia National Laboratories, USA) _______________________________________________________________________ Reader's Guide to Current Technical Literature in Security and Privacy Part 2: Journal and Newsletter Articles, Book Chapters ________________________________________________________________________ * COMPUTER, Vol. 29, No. 3 (March 1996). Erin English and Scott Hamilton. Network security under siege: the timing attack. pp. 95-97. * ACM SIGOPS Operating System Review, Vol. 30, No. 2 (April, 1996). Shiuh-Pyng Shieh and Wen-Her Yang. An authentication and key distribution system for open network systems. pp. 32-41. * ACM SIGCOMM Computer Communication Review, Vol. 26, Number 1 (January,1996). T. Coffey and P. Saidha. Non-repudiation with mandatory proof of receipt. pp. 6-17. * IEEE Trans. on Knowledge and Data Engineering Vol. 8, Number 1 (Feb. 1996). Special issue on secure database systems technology. - B. Thuraisingham and T. C. Ting. Guest editors' introduction. pp. 1-2. - X. Qian and T. F. Lunt. A MAC policy framework for multilevel relational databases. pp. 3-15. - R.K. Thomas and R.S. Sandhu. A trusted subject architecture for miltilevel secure object-oriented databases. pp. 16-31. - K. P. Smith, B. T. Blaustein, S. Jajodia, and L. Notargiacomo. Correctness criteria for multilevel secure transactions. pp. 32-45. - D. G. Marks. Inference in MLS database systems. pp. 46-55. - H. S. Delugach and T. H. Hinke. Wizard: a database inference analysis and detection system. p. 56-66 - E. Bertino, C. Bettini, E. Ferrari and P. Samarati. A temporal access control mechanism for database systems. pp. 67-80. - V. Varadharajan and C. Calvelli. An access control model and its use in representing mental health application access policy. pp. 81-95. * Communications of the ACM, Vol. 39 (1996) Number 3, March: Special section on how to use key escrow: - R. Ganesan. Introduction. pp.32-33. - D. E. Denning and D. K. Branstad. A taxonomy for key escrow encryption systems. pp.34-40. - S. T. Walker, S. B. Lipner, C. M. Ellison, and D. M. Balenson. Commercial key recovery. pp. 41-47. - D. P. Maher. Crypto backup and key escrow. pp. 48-54. - R. Ganesan. The Yaksha security system. pp. 55-60. * COMPUTER, Vol. 29, No. 2 (February 1996): R. Sandhu, E. Coyne, H. Feinstein and C. Youman. Role-Based Access Control Models. pp. 38-47. * IEEE Communications Magazine, Vol. 34, No. 1 (January 1996): P. Lin and L. Lin. Security in Enterprise Networking: A Quick Tour. pp. 56-61. * Design, Codes and Cryptography, Vol. 7, No. 1/2 (January 1996): - P. Syverson and C. Meadows. A Formal Language for Cryptographic Protocol Requirements. pp. 27-59. - K. Nyberg and R. Rueppel. Message Recovery for Signature Schemes Based on the Discrete Logarithm Problem. pp. 61-81. * Computer Communications, Vol. 18, No. 12 (December 1995): - D. Trcek and J. Blazic. Formal language for security services base modelling and analysis. pp. 921-928. - C-C. Chang, S-M. Tsu and C-Y. Chen. Remote scheme for password authentication based on theory of quadratic residues. pp. 936-942. - T-C. Wu. Remote login authentication scheme based on a geometric approach. pp. 959-963. - T. Hwang, N-Y. Lee, C-H. Wang and M-Y. Ko. On the security of Wu and Yeh's conference key distribution scheme. pp. 978-981. - K-Y. Lam. Replay tolerance of authentication protocols. pp. 988-992. - Y-H. Chen and T. Hwang. ID-based non-interactive zero-knowledge proof system based on one-out-of-two non-interactive oblivious transfer. pp. 993-996. * The Computer Journal, Vol. 38, No. 8: M. Reiter and L. Gong. Securing Causal Relationships in Distributed Systems. pp. 633-642. ________________________________________________________________________ Calendar ________________________________________________________________________ Internet Conference Calendar, URL:http://www.automatrix.com/conferences/ is also worth a look. ==================================================================== See Calls for Papers section for details on many of these listings. ==================================================================== Dates Event, Location Point of Contact/ more information ----- --------------- ---------------------------------- * 3/31/96: ATMA, Goa, India; Papers (from USA) due to Sushil Jajodia; * 3/31/96: DEXA96. Zurich, ; Submissions due; dexa@faw.uni-linz.ac.at for info * 4/ 1/96: NSPW '96: submissions to meadows@itd.nrl.navy.mil & daveb@gcsi.com * 4/ 1/96: ICNP96. Columbus, Ohio; Submissions due by mail. * 4/10/96- 4/13/96: CWCP, Cambridge, UK; tmal@cl.cam.ac.uk * 4/14/96: IPSWG '96, Haystack Observatory, Mass.; Submissions due via email to papers@rpcp.mit.edu * 4/15/96: ICECCS96, Montreal; mail submissions to alex@vulcan.njit.edu * 4/15/96: CSI '96, Chicago, Illinois * 4/16/96- 4/18/96: METAD. Silver Spring, Maryland * 4/16/96: EdCS, Monterey, CA; Position papers due to irvine@cs.nps.navy.mil * 4/30/96- 5/ 3/96: 8th CCSS, Ottawa; questions to ccss96@cse.dnd.ca. * 5/ 5/96- 5/ 8/96: IEEE S&P 96; dmj@mitre.org * 5/ 6/96- 5/11/96: WWWC96, Paris, France, * 5/ 7/96: OSDI '96, Seattle, WA. Submissions due by mail and email to osdi-papers@cs.rice.edu; * 5/ 9/96- 5/10/96:EdCS. Monterey, California; * 5/10/96: PISEE. Cambridge, England. Submissions due via email to rja14@newton.cam.ac.uk * 5/20/96: ASIACRYPT96 Kyongju, South Korea; Paper submissions due by mail * 5/20/96- 5/21/96: IPSWG '96. Haystack Observatory, Mass.; * 5/21/96- 5/24/96: IFIP/SEC 96 - Greece; sec96@aegean.ariadne-t.gr * 5/24/96: ACSAC, San Diego, CA; . Papers due. * 5/27/96- 5/30/96: ICDCS96 Kowloon, Hong Kong. * 5/30/96- 6/1/96: IH Wkshp. '96, Cambridge, UK; ross.anderson@cl.cam.ac.uk * 6/ 2/96: DMKD96 Montreal, Canada. Web page * 6/ 3/96- 6/ 6/96: SIGMOD/PODS '96, Montreal, Canada * 6/ 3/96- 6/ 5/96: SOC18, Kingston, Ontario, Canada. * 6/ 4/96- 6/ 6/96: SECURICOM '96, Paris, France. * 6/ 7/96: SAC '96, Kingston, Ontario, Canada. Submissions due via mail * 6/10/96- 6/12/96: CSFW96. County Kerry, Ireland * 6/10/96- 6/11/96: ISTCS96. Jerusalem, Israel. * 6/10/96- 6/12/96: CVDSWS, Gaithersburg, MD * 6/12/96- 6/14/96: BDBIS. Tallinn, Estonia * 6/17/96- 6/21/96: COMPASS96, Gaithersburg, Maryland; * 6/13/96: ICDT97, Delphi, Greece; Submissions due to afrati@cs.ece.ntua.gr * 6/18/96- 6/20/96: ICSSDBM '96, Stockholm; pers@sto.foa.se * 6/19/96- 6/21/96: CoopIS96, Brussels, Belgium. * 6/19/96- 6/21/96: IWES. Stanford University, California * 6/21/96- 6/22/96: PISEE; Isaac Newton Institute, Cambridge, England * 6/24/96- 6/26/96: ACISP96, Woolongong, NSW, Australia. * 6/25/96- 6/28/96: INET96. Montreal, Canada * 7/15/96: ISADS97, Berlin, Germany; Submissions due to by mail * 7/22/96- 7/24/96: IFIP WG 11.3, Como, Italy, samarati@dsi.unimi.it or sandhu@isse.gmu.edu * 7/22/96- 7/25/96: USENIX Sec Symp, San Jose, California; * 7/28/96- 7/31/96: FIRST '96, Santa Clara, California; * 8/ 3/96- 8/ 5/96: KDD96. Portland, Oregon . * 8/14/96- 8/16/96: MMDMS, Mountain Lake, NY * 8/15/96- 8/16/96: SAC '96, Kingston, Ontario, Canada * 8/18/96- 8/22/96: CRYPTO96, Santa Barbara, California * 8/27/96- 8/30/96: TPHOLs '96, Turku, Finland; * 8/31/96- 9/ 2/96: ATMA, Goa, India; * 9/2/96-9/6/96: IFIP96 Mobile Commns Canberra, Australia. * 9/ 3/96- 9/ 6/96: VLDB96, Bombay, India * 9/ 3/96: DCCA6, Garmisch-Partenkirchen, Germany. * 9/ 9/96- 9/13/96: DEXA96, Zurich, Switzerland. * 9/16/96 - 9/19/96: NSPW '96, Lake Arrowhead, CA ; questions to newparadigms96@itd.nrl.navy.mil. * 9/18/96- 9/20/96: SCRAPC96, Lille, France * 9/23/96- 9/24/96: IFIPTC6TC11, University of Essen, Germany; * 9/23/96- 9/27/96: SDSP96, Perth, Australia * 9/25/96- 9/27/96: ESORICS'96, Rome; bertino@hermes.mc.dsi.unimi.it * 9/30/96-10/ 3/96: PRAGOCRYPT '96, Prague * 10/16/96-10/19/96: WebNet. San Francisco, CA * 10/16/96-10/19/96: IC3N96, Rockville, Washington D. C. * 10/21/96-10/25/96: ICECCS96; Montreal, Quebec. * 10/29/96-11/ 1/96: ICNP96, Columbus, Ohio; * 11/ 3/96-11/ 7/96: ASIACRYPT96, Kyongju, South Korea * 11/11/96-11/12/96: MOBICOM96, Rye, NY; conf Web page * 11/11/96-11/13/96: CSI '96,Chicago, Illinois * 11/14/96-11/15/96: IPIC96, Cambridge, Massachusetts; * 10/22/96: HASE96. Niagara-on-the-Lake, Canada; * 10/22/96-10/25/96: NISS96. Baltimore, Maryland * 10/29/96-11/ 1/96: OSDI '96 Seattle, WA; * 12/ 9/96-12/13/96: San Diego, CA * 1/ 8/97- 1/10/97: ICDT97, Delphi, Greece; * 2/23/97- 2/24/97: PAKDD '97, Singapore. Info hweeleng@iti.gov.sg; * 3/ 5/97- 3/ 7/97: DCCA6. Garmisch-Partenkirchen, Germany. * 4/ 9/97- 4/11/97: ISADS97, Berlin, Germany; * 5/ 4/97- 5/ 7/97: IEEE S&P 97; no e-mail address available * 5/13/97- 5/16/97: 9th CCSS, Ottawa; no e-mail address available * 5/ 3/98- 5/ 6/98: IEEE S&P 98; Oakland no e-mail address available * 5/12/98- 5/15/98: 10th CCSS, Ottawa; no e-mail address available * 5/ 2/99- 5/ 5/99: IEEE S&P 99; Oakland no e-mail address available * 5/11/99- 5/14/99: 11th CCSS, Ottawa; no e-mail address available * 4/30/00- 5/ 3/00: IEEE S&P 00; Oakland no e-mail address available * 5/16/00- 5/19/00: 12th CCSS, Ottawa; no e-mail address available Key: * ACISP = Australasian Conf on Information Security and Privacy, ACISP96 * ACSAC = Annual Computer Security Applications Conf. * ATMA = Advanced Transaction Models and Architectures ATMA * BDBIS = Baltic Workshop on DB and IS, BDBIS * CCS-3 = 3rd ACM Conf. on Computer and Communications Security * CCSS = Annual Canadian Computer Security Symp. * CIKM = Int. Conf. on Information and Knowledge Management CIKM '95 * COMAD = Seventh Int'l Conf. on Management of Data (India) * CISMOD = Int'l Conf. on Information Sys. and Mgmnt of Data * CFP = Conf. on Computers, Freedom, and Privacy * COMPASS = Conf. on Computer Assurance COMPASS'96 * CoopIS96 = First IFCIS Int'l Conf on Cooperative Inf Systems, CoopIS96. * CPAC = Cryptography - Policy and Algorithms Conf. * CRYPTO = IACR Annual CRYPTO Conf. CRYPTO96 * CSFW = Computer Security Foundations Workshop * CSI = Computer Security Institute Conf. CSI96 * CVDSWS = Invitational Workshop on Computer Vulnerability Data Sharing * CWCP = Cambridge Workshop on Cryptographic Protocols * DCCA = Dependable Computing for Critical Applications DCCA6 * DEXA = Int'l Conf. and Workshop on Database and Expert Systems Applications * DMKD96 = Wkshp on Research Issues on Data Mining and Knowledge Discovery * DOOD = Conf. on Deductive and Object-Oriented Databases DOOD '95 * EdCS = Education in Computer Security EdCS * ESORICS = European Symp. on Research in Computer Security ESORICS'96 * FIRST = Computer Security Incident Handling and Response FIRST '96 * FISP = Federal Internet Security Plan Workshop, FISP96. * FISSEA = Federal Information Systems Security Educators' Association * FME = Formal Methods Europe, FME '96 * FMSP = Formal Methods in Software Practice * FSE = Fast Software Encryption * HASE = High-Assurance Systems Engineering Workshop HASE96 * HPTS = Workshop on High Performance Transaction Systems * IC3N = Int'l Conf. on Computer Communications and Networks * ICDCS96 = The 16th Int'l Conf. on Distributed Computing Systems * ICDE = Int. Conf. on Data Engineering ICDE '95 * ICDT = Int'l Conf. on Database Theory ICDT97. * ICECCS = Int'l Conf. on Engineering of Complex Computer Systems ICECCS '96 * ICI = Int'l Cryptography Institute * ICNP96 = Int'l Conf. on Network Protocols ICNP96 * ICSSDBM = Int. Conf. on Scientific and Statistical Database Management * IEEE S&P = IEEE Symp. on Security and Privacy - IEEE S&P '96 * IFIP/SEC = Int'l Conf. on Information Security (IFIP TC11) * IFIP WG11.3 = IFIP WG11.3 10th Working Conf. on Database Security * IFIP96 Mobile Commns = IFIP 1996 World Conf., Mobile Communications * IH Workshop '96 = Workshop on Information Hiding * IMACCC = IMA Conf. on Cryptography and Coding, 5th IMACC * IMC96 = IMC'96 Information Visualization and Mobile Computing * INET = Internet Society Annual Conf. * INET96 = The Internet: Transforming Our Society Now, INET96 * IPIC = Integration of Enterprise Information and Processes, IPIC96 * IPSWG = Internet Privacy and Security Workshop IPSWG '96 * IS = Information Systems (journal) * ISADS = Symp. on Autonomous Decentralized Systems ISADS '97 * ISTCS = Fourth Israeli Symp. on Theory of Computing and Systems * IWES = Int'l Workshop on Enterprise Security IWES * JBCS = Journal of the Brazilian Computer Society * JCMS = Journal of Computer Mediated Communication * KDD96 = The Second Int'l Conf. on Knowledge Discovery and Data Mining * MCN = ACM Int. Conf. on Mobile Computing and Networking. See MOBICOM * MCDA = Australian Workshop on Mobile Computing & Databases & Applications * MDS '95 = Second Conf. on the Mathematics of Dependable Systems * METAD = First IEEE Metadata Conf. METAD * MMDMS = Wkshop on Multi-Media Database Management Systems MMDMS '96 * MOBICOM = Mobile Computing and Networking MOBICOM '96. * NCSC = National Computer Security Conf. * NISS = National Information Systems Security Conf. NISS96 * NSPW = New Security Paradigms Workshop NSPW '96 * OSDI = Operating Systems Design and Implementation * PAKDD = First Asia-Pacific Conf. on Knowledge Discovery and Data Mining * PISEE = Personal Information - Security, Engineering, and Ethics * RBAC'95 = First ACM Workshop on Role-Based Access Control * RTDB'96 = First Int'l Wkshp. on Real-Time Databases: Issues and Applications * SAC = Workshop on Selected Areas of Cryptography SAC '96 * SCRAPC = Smart Card Research and Advanced Application Conf. * SDSP = UK/Australian Int'l Symp. On DSP For Communication Systems * SECURICOM = World Congress on the Security of Information Systems and Telecommunication * SFTC-VI = Symp. on Fault Tolerant Computing - VI (Brazil) * SIGMOD/PODS - ACM SIGMOD Int'l Conf. on Management of Data / ACM SIGACT SIGMOD-SIGART Symp. on Principles of Database Systems * SNDSS = Symp. on Network and Distributed System Security (Internet Society) * SOC = 18th Biennial Symp. on Communications. * TPHOLs = Theorem Proving in Higher Order Logics TPHOLs96 * TSMCFP96 = 4th Int'l Conf. on Telecommunication Systems * USENIX Sec Symp = USENIX UNIX Security Symp., 6th Annual. * VLDB = 22nd Int'l Conf. on Very Large Data Bases, VLDB96. * WDAG-9 = Ninth Int. Workshop on Distributed Algorithms * WebNet = World Conf. of the Web Society. * WWWC = Int'l World Wide Web Conf. WWWC96. ________________________________________________________________________ Data Security Letter Subscription Offer ________________________________________________________________________ A special subscription rate of $25/year for the Data Security Letter is now available to IEEE TC members. The DSL is an external, nonpartisan newsletter published by Trusted Information Systems, Inc. Eleven issues (usually 16 pages each) per year are published. The DSL welcomes reader suggestions and contributions and accepts short research abstracts (about 130 words) for publication on an ongoing basis. On occasion, the DSL will be republishing Cipher articles (with authors' approval), but such articles will constitute a small portion of DSL content (thus there will be very little duplication of Cipher material). IEEE TC members wishing to take advantage of the special subscription rate should send the following to sharon@tis.com. The information can also be faxed to 301-854-5363 (attention: DSL) phoned to 301-854-5338, or mailed to Trusted Information Systems, Inc., 3060 Washington Rd., Glenwood, MD 21738 USA. NAME: POSTAL ADDRESS: (Please indicate company name, if a business address) PHONE: (Please indicate if home or business) FAX: E-MAIL: IEEE Membership No. (if applicable): NOTE: If you are already a paying subscriber to the DSL, for the $25 you will receive a 2-year renewal; refunds, rebates, etc., on your current subscription are not available. If you have any questions about the offer or anything else pertaining to the DSL, you may contact the editor, Sharon Osuna, via E-Mail to sharon@tis.com or call her at 301-854-5338. ________________________________________________________________________ How to join the TC on Security and Privacy ________________________________________________________________________ You do NOT have to join either IEEE or the IEEE Computer Society to join the TC, and there is no cost to join the TC. All you need to do is fill out an application form and mail or fax it to the IEEE Computer Society. A copy of the form is included below (to simplify things, only the TC on Security and Privacy is included, and is marked for you) The full and complete form is available on the IEEE Computer Society's Web Server at URL: http://info.computer.org:80/tab/tcapplic.htm PLEASE NOTE THAT THE FORM IS TO BE RETURNED (BY MAIL OR FAX) TO THE IEEE COMPUTER SOCIETY, >>NOT<< TO CIPHER. --------- IEEE Computer Society Technical Committee Membership Application ----------------------------------------------------------- Please print clearly or type. ----------------------------------------------------------- Last Name First Name Middle Initial ___________________________________________________________ Company/Organization ___________________________________________________________ Office Street Address (Please use street addresses over P.O.) ___________________________________________________________ City State ___________________________________________________________ Country Postal Code ___________________________________________________________ Office Phone Fax ___________________________________________________________ Email Address (Internet accessible) ___________________________________________________________ Home Address (optional) ___________________________________________________________ Home Phone ___________________________________________________________ [ ] I am a member of the Computer Society IMPORTANT: IEEE Member/Affiliate/Computer Society Number: ____________________ [ ] I am not a member of the Computer Society* Please Note: In some TCs only current Computer Society members are eligible to receive Technical Committee newsletters. Please select up to four Technical Committees/Technical Councils of interest. TECHNICAL COMMITTEES [ X ] T27 Security and Privacy Please Return Form To: IEEE Computer Society 1730 Massachusetts Ave, NW Washington, DC 20036-1992 Phone: (202) 371-0101 FAX: (202) 728-9614 ________________________________________________________________________ TC Publications for Sale ________________________________________________________________________ No fooling: proceedings from the 1995 IEEE Symposium on Security and Privacy, or one of our past issues, are available for purchase by TC members at favorable rates. Current issues in stock and continuing LOW PRICES are as follows: Price by mail from TC IEEE CS Press IEEE CS Press Year TC members IEEE member price List Price ---- ---------- ----------------- ------------- 1992 $10 Only available from TC! 1993 $15 Only available from TC! 1994 $20 $30+$4 S&H $60+$5 S&H 1995 $25 $25+$4 S&H $50+$4 S&H For overseas delivery: -- by surface mail, please add $5 per order (3 volumes or fewer) -- by air mail, please add $10 per volume to the prices listed above. If you would like to place an order, please send a letter specifying which issues you would like, o where to send them, and o a check in US dollars, payable to the 1995 IEEE Symposium on Security and Privacy to: Charles N. Payne Treasurer, IEEE TC on Security and Privacy Secure Computing Corp. 2675 Long Lake Rd. Roseville, MN 55113 We remain unready to plunge our figurative toe into the inviting but potentially treacherous waters of electronic commerce! ________________________________________________________________________ TC Officer Roster ________________________________________________________________________ Chair: Vice Chair: Deborah Cooper Charles P. Pfleeger P.O. Box 17753 Trusted Information Systems, Inc. Arlington, VA 22216 3060 Washington Rd., (703)908-9312 voice and fax Glenwood, MD 21738 dmcooper@ix.netcom.com (301)854-6889 (voice) (301)854-5363 (fax) pfleeger@tis.com Newsletter Editor: Chair, Subcommittee on Academic Affairs: Carl Landwehr Prof. Karl Levitt Code 5542 University of California, Davis Naval Research Laboratory Division of Computer Science Washington, DC 20375-5337 Davis CA 95611 (202)767-3381 (916)752-0832 landwehr@itd.nrl.navy.mil levitt@iris.ucdavis.edu Standards Subcommittee Chair: Greg Bergren 10528 Hunters Way Laurel, MD 20723-5724 (410)684-7302 (410)684-7502 (fax) glbergr@missi.ncsc.mil ________________________________________________________________________ Information for Subscribers and Contributors ________________________________________________________________________ SUBSCRIPTIONS: Two options: 1. To receive the full ascii CIPHER issues as e-mail, send e-mail to (which is NOT automated) with subject line "subscribe". 2. To receive a short e-mail note announcing when a new issue of CIPHER is available for Web browsing or downloading from our ftp server send e-mail to (which is NOT automated) with subject line "subscribe postcard". To remove yourself from the subscription list, send e-mail to cipher-request@itd.nrl.navy.mil with subject line "unsubscribe". Those with access to hypertext browsers may prefer to read Cipher that way. It can be found at URL http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher CONTRIBUTIONS: to are invited. Cipher is a NEWSletter, not a bulletin board or forum. It has a fixed set of departments, defined by the Table of Contents. Please indicate in the subject line for which department your contribution is intended. For Calendar entries, please include an e-mail address for the point-of-contact. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. All reuses of Cipher material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy, publications using Cipher material should obtain permission from the contributors. BACK ISSUES: There is an archive that includes each copy distributed so far, in ascii, in files you can download at URL http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/cipher-archive.html There is also an anonymous FTP server that contains the same files. To access the archive via anonymous FTP: 1. ftp www.itd.nrl.navy.mil 2. At prompt for ID, enter "anonymous" 3. At prompt for password, enter your actual, full e-mail address 4. Once you are logged in, change to the Cipher Directory: cd pub/cipher 5. Now you can request any of the files containing Cipher issues in ascii. Issues are named in the form: EI#N.9506 where N is the number of the issue desired and 9506 captures the year and month it first appeared. =======end of Electronic Cipher Issue #13, 31 March 1996================