Subject: Electronic CIPHER, Issue 36, April 7, 2000
_/_/_/_/ _/_/_/ _/_/_/_/ _/ _/ _/_/_/_/ _/_/_/_/
_/ _/ _/ _/ _/ _/ _/ _/ _/
_/ _/ _/_/_/_/ _/_/_/_/ _/_/ _/_/_/_/
_/ _/ _/ _/ _/ _/ _/ _/
_/_/_/_/ _/_/_/ _/ _/ _/ _/_/_/_/ _/ _/
====================================================================
Newsletter of the IEEE Computer Society's TC on Security and Privacy
Electronic Issue 36 April 7, 2000
Jim Davis, Editor
Hilarie Orman, Assoc. Editor Bob Bruen, Book Review Editor
Mary Ellen Zurko, Assoc. Editor Anish Mathuria, Reader's Guide
====================================================================
http://www.issl.org/cipher.html
Contents:
* Letter from the Editor
* Conference and Workshop Announcements
o Program for 2000 IEEE Symposium on Security and Privacy
o Program for Computer Security Foundations Workshop (CSFW-13)
o Upcoming calls-for-papers and events
* News Briefs:
o LISTWATCH: Items from security-related lists, by Mary Ellen Zurko
o New column on networking and telecommunications in IEEE Computer
* Commentary and Opinion
o Gene Spafford's review of "Database Nation" by Simson Garfinkel
o Robert Bruen's review of "Solaris Security" by Peter Gregory
o Robert Bruen's review of "Linux Firewalls" by Robert L. Ziegler
o Report on Financial Crypto 2000 by Jonathan Byron
* Staying in Touch
o Information for subscribers and contributors
o Recent address changes
* Interesting Links
* New reports available via FTP and WWW
* Reader's guide to recent security and privacy literature, by
Anish Mathuria
* List of Computer Security Academic Positions, maintained
by Cynthia Irvine
* Technical Committee on Security and Privacy
o Becoming a member of the TC
o TC Officers
o TC publications for sale
====================================================================
Letter from the Editor
====================================================================
Dear Readers,
We are pleased to bring you this issue of Cipher!
As Paul Syverson noted in his last letter as editor, I am
succeeding Paul as editor of Cipher. I am very pleased to have the
opportunity to serve our community in this capacity.
I've been an avid fan of Cipher for many years and have always been
impressed with the quality and timeliness of its content. When Paul
and Avi Rubin succeeded Carl Landwehr, they wrote in their inaugural
issue that their primary objective was to maintain the high standards
set by Carl. I feel the same way today. It's my hope that you will
continue to find the articles and reviews in Cipher to be of value.
It's also my hope that you will occasionally feel the urge to contribute.
Cipher is OUR community newsletter; it is written by us and for
us. We all see different parts of the (very large) Information
Assurance mosaic and Cipher provides us with a great common forum
to share news and views. Towards that end, I'd like to encourage you
to consider authoring a short conference or workshop review.
I will try to heed my own call and share information about recent
activity in academia on emerging information assurance curricula,
standards, and certification.
I want to thank Paul for his help in putting this issue together.
I also want to thank Mary Ellen Zurko, Bob Bruen, Jonathan Byron,
Hilarie Orman, Tom Berson, and Anish Mathuria for their contributions,
assistance, and advice. When I put out the "call for contributions",
each of these folks stepped forward to see how they could help.
If you have suggestions for Cipher, please send me a note. Or better
yet, let's chat in Oakland May 14-17...you HAVE registered for
S&P 2000, haven't you?
Best Regards,
Jim Davis
====================================================================
Conference and Workshop Announcements
====================================================================
____________________________________________________________________
2000 IEEE Symposium on Security and Privacy
The Claremont Resort, Oakland, California, USA
May 14-17, 2000
____________________________________________________________________
PRELIMINARY PROGRAM
2000 IEEE Symposium on Security and Privacy
May 14-17, 2000
The Claremont Resort
Oakland, California, USA
sponsored by
IEEE Computer Society Technical Committee on Security and Privacy
in cooperation with
The International Association for Cryptologic Research (IACR)
Sunday, 14 May 2000
4:00- 7:00 Registration and Reception
Monday, 15 May 2000
8:45-9:00 Opening remarks
9:00-10:30 Access Control I
"Access Control Meets Public Key Infrastructure, Or: Assigning
Roles to Strangers" Amir Herzberg, Joris Mihaeli, Yosi Mass,
Dalit Naor, Yiftach Ravid (IBM, Israel)
"A Security Infrastructure for Distributed Java Applications"
Dirk Balfanz (Princeton University, USA) and Drew Dean (Xerox
PARC, USA)
"A Practically Implementable and Tractable Delegation Logic"
Ninghui Li, Benjamin Grosof (IBM T.J. Watson Research Center,
USA),Joan Feigenbaum (AT&T Research, USA)
10:30-11:00 Break
11:00-12:00 Applications of Cryptography
"Practical Techniques for Searches on Encrypted Data"
Dawn Song, David Wagner, Adrian Perrig (University of California,
Berkeley, USA)
"Efficient Authentication and Signature of Multicast Streams over
Lossy Channels" Adrian Perrig, Dawn Song, Doug Tygar (University
of California, Berkeley, USA), Ran Canetti (IBM T.J. Watson
Research Center, USA)
12:00- 1:30 Lunch
1:30- 3:00 Panel: Is privacy too costly to implement?
Moderator: Cynthia Irvine, Tim Levin
3:00- 3:30 Break
3:30- 5:00 Protocol Analysis and Design
"Searching for a Solution: Engineering Tradeoffs and the
Evolution of Provably Secure Protocols", John A Clark,
Jeremy L Jacob (University of York, UK)
"Authentication Tests", Joshua D. Guttman, F. Javier Thayer
(MITRE, USA)
"Protocol-Independent Secrecy", Jonathan Millen, Harald Ruess
(SRI International, USA)
Tuesday, 16 May 2000
9:00-10:30 Panel: Does open source really improve system security?
Moderator: Lee Badger
10:30-11:00 Break
11:00-12:00 Intrusion Detection
"Using Conservation of Flow As a Security Mechanism in Network
Protocols", John R. Hughes, Tuomas Aura, Matt Bishop (University
of California, Davis, USA)
"Logic Induction of Valid Behavior Specifications for Intrusion
Detection", Calvin Ko (NAI Labs, USA)
12:00- 1:30 Lunch
1:30- 3:00 Assurance
"Using Model Checking to Analyze Network Vulnerabilities",
Ronald W. Ritchey (Booz Allen & Hamilton, USA), Paul Ammann
(George Mason University, USA)
"Verifying the EROS Confinement Mechanism", Jonathan S. Shapiro,
Samuel Weber (IBM T.J. Watson Research Center)
"Fang: A Firewall Analysis Engine", Alain Mayer, Avishai Wool,
Elisha Ziskind (Bell Labs, Lucent, USA)
3:00- 3:30 Break
3:30- 5:00 5-minute presentations on developing research
Wednesday, 17 May 2000
9:00-10:30 Key Management
"A More Efficient Use of Delta-CRLs", David A. Cooper (National
Institute of Standards and Technology, USA)
"An Efficient, Dynamic and Trust Preserving Public Key
Infrastructure", Albert Levi, M. Ufuk Caglayan (Oregon State
University, USA)
"Kronos: A Scalable Group Re-keying approach for Secure
Multicast" Sanjeev Setia, Samir Koussih, Sushil Jajodia,
Eric Harder (George Mason University, USA)
10:30-11:00 Break
11:00-12:00 Access Control II
"LOMAC: Low Water-Mark Integrity Protection for COTS
Environments" Timothy Fraser (NAI Labs, USA)
"IRM Enforcement of Java Stack Inspection", Ulfar Erlingsson,
Fred B. Schneider (Cornell University, USA)
-----------------------------------------------------
5-Minute Talks
A continuing feature of the symposium will be a session of 5-minute
talks, where attendees can present preliminary research results or
summaries of research published elsewhere. Commercial advertisements
and marketing presentations are inappropriate. Printed abstracts of
these talks will be distributed at the symposium.
____________________________________________________________________
13th IEEE Computer Security Foundations Workshop
Cambridge, England
July 3-5, 2000
____________________________________________________________________
13th IEEE Computer Security Foundations Workshop
July 3-5, 2000
Cambridge, England
Sponsored by the IEEE Computer Society
Preliminary Technical Program (Subject to Change)
MONDAY July 3, 2000
8:45 - 9:00 Welcome
E. Stewart Lee (Cambridge University), General Chair
Paul Syverson (Naval Research Laboratory), Program Chair
9:00 - 10:00 Names and Certificates
"Local Names In SPKI/SDSI 2.0", Ninghui Li (New York University)
"Reasoning about Trust and Insurance in a Public Key
Infrastructure", Jonathan Millen (SRI) and Rebecca Wright
(AT&T Labs -- Research)
10:00 - 10:30 Break
10:30 - 12:00 Invariants, Induction, Ranks, Languages, and Ideals
"Towards automatic verification of authentication protocols on an
unbounded network", James Heather and Steve Schneider (Royal
Holloway, University of London)
"TAPS: A First-Order Verifier for Cryptographic Protocols"
Ernie Cohen (Telcordia)
"Invariant Generation Techniques in Cryptographic Protocol
Analysis" Catherine Meadows (Naval Research Lab)
12:00 - 2:00 Lunch
2:00 - 3:30 Automated Security Protocol Methods
"Looking for a Needle in a Haystack -- Extending Automatic
Protocol Generation to Three-Party Key Authentication and Key
Agreement Protocols", Dawn Song and Adrian Perrig (UC, Berkeley)
"C3PO: A Tool for Automatic Sound Cryptographic Protocol
Analysis" Anthony H. Dekker
"An Executable Specification Language for Planning Attacks to
Security Protocols", Luigia Carlucci Aiello (Univ. Roma
``La Sapienza'') and Fabio Massacci (Univ. Di Siena)
3:30 - 4:00 Break
4:00 - 5:30 Panel: Intrusion Detection
Panel Chair: Teresa Lunt (Xerox PARC)
Panelists: TBD
TUESDAY July 4, 2000
9:00 - 10:00 Network Security
"Analyzing single-server network inhibition",
Tuomas Aura (Helsinki University of Technology), Matt Bishop,
(UC, Davis), and Dean Sniegowski (UC, Davis)
"Reasoning About Secrecy for Active Networks", Carl A. Gunter
(U. Pennsylvania), Pankaj Kakkar (U. Pennsylvania), and
Martmn Abadi (Lucent, Bell Labs)
10:00 - 10:30 Break
10:30 - 12:00 Strands and Multiset Rewriting
"Protocol Independence through Disjoint Encryption",
Joshua D. Guttman and F. Javier THAYER Fabrega (MITRE)
"Relating Strands and Multiset Rewriting for Security Protocol
Analysis", Iliano Cervesato (ITT Industries), Nancy Durgin
(Stanford), Patrick Lincoln (SRI), John Mitchell (Stanford),
and Andre Scedrov (Pennsylvania)
"Optimizing Protocol Rewrite Rules of CIL Specifications",
G. Denker (SRI), J. Millen (SRI) J. Kuester-Filipe (Tech. Univ.
Braunschwieg), and A. Grau (Tech. Univ. Braunschwieg)
12:00 - 2:00 Lunch
2:00 - 3:30 Noninterference and Information Flow
"Information Flow Analysis in a Discrete-Time Process Algebra",
Riccardo Focardi (U. Venezia - Ca' Foscari), Roberto Gorrieri
(U. Bologna), and Fabio Martinelli (IAT-CNR)
"Possibilistic Definitions of Security -- An Assembly Kit --",
Heiko Mantel (German Research Center for Artificial Intelligence
(DFKI)) "Probabilistic Noninterference for Multi-threaded
Programs", Andrei Sabelfeld and David Sands (Chalmers University
of Technology)
3:30 - 4:00 Break
4:00 - 5:00 Invited Talk: "American Fish and Colossus, WW II Code breaking
in Bletchley Park" Anthony E Sale, Hon. FBCS, ex Museums Director,
Bletchley Park
WEDNESDAY July 5, 2000
9:00 - 10:00 Java and Mobile Code Security
"An Operational Semantics of Java 2 Access Control",
Guenter Karjoth (IBM Research)
"Confidentiality for Mobile Code: The Case of a Simple Payment
Protocol", Mads Dam and Pablo Giambiagi (SICS)
10:00 - 10:30 Break
10:30 - 12:00 Types and Language-Based Security
"Secure Introduction of One-way Functions", Dennis Volpano
(Naval Postgraduate School)
"How to Prevent Type Flaw Attacks on Security Protocols",
James Heather (Royal Holloway), Gavin Lowe (U. Leicester), and
Steve Schneider (Royal Holloway)
"Secure Composition of Untrusted Code: Wrappers and Causality
Types", Peter Sewell (Cambridge) and Jan Vitek (Purdue)
12:00 - Closing remarks. Presentation of Croquet Awards
Lunch
Field Trip to Bletchley Park
____________________________________________________________________
Upcoming Calls-For-Papers and Events
for April, May, and June 2000
____________________________________________________________________
The complete Cipher Calls-for-Papers is located at
www.issl.org/cfp.html. The Cipher event Calendar is at
www.cs.utah.edu/flux/cipher/cipher-hypercalendar.html
__________
Journals
__________
Internet Computing , Call for papers on Widely Deployed Internet
Security Solutions", November/December 2000, Guest Editors: Li Gong
and Ravi Sandhu. Submissions due: April 28, 2000
The goal of this special issue is two-fold. One is to reflect on
security technology that have made into mainstream products and have
been widely deployed within the past decade. An interesting
perspective is why these solutions were picked over other competing
solutions and what made them more attractive and acceptable. The
other part of the goal is to access the state of the art in security
research and technology with the hope that these investigations
point to what may be deployed in the next decade. Topics of Interest
include (but are not limited to) descriptions of and perspectives
(historic, legal, etc.) on:
* Security solutions that are widely deployed
* Security solutions that were once fashionable but no longer in use
* Prevailing security solutions that are becoming obsolete
* Emerging security solutions that are likely to be widely deployed
We welcome submissions regarding security solutions covering all
aspect of computing, including operating systems, networking,
databases, distributed systems, human-computer interaction, the web,
the Internet, information appliances, and wireless communication.
However, we discourage abstract theory/idea papers, especially pure
cryptography theory or crypto protocol papers. Our focus is on
security solutions that were, are, or will be widely deployed.
Submission instructions can be found on the journal web page at
church.computer.org/internet/call4ppr.htm.
_________________________________________
Conference and Workshop calls-for-papers
_________________________________________
DISC'2000, 14th International Symposium on DIStributed Computing,
Toledo, Spain, October 4-6, 2000. Papers due April 11, 2000;
announcements due May 10, 2000
Original contributions to theory, design, analysis, implementation,
or application of distributed systems and networks are solicited.
Topics of interest include, but are not limited to: distributed
algorithms and their complexity, fault-tolerance of distributed
systems, consistency conditions, concurrency control, and
synchronization, multiprocessor/cluster architectures and
algorithms, cryptographic and security protocols for distributed
systems, distributed operating systems, distributed computing
issues on the internet and the web , distributed systems management,
distributed applications, such as databases, mobile agents, and
electronic commerce, communication network architectures and
protocols, specification, semantics, and verification of
distributed systems. A "brief announcement track" has been set
up for ongoing work for which full papers are not ready yet or
recent results published elsewhere are suitable for submission
as brief announcements. More information on submissions can be
found at the conference web page at www.disc2000.org/
FMCS'2000 Workshop on Formal Methods and Computer Security,
Chicago,Illinois, USA, July 20, 2000. Extended abstracts are
due April 14, 2000
Computer security protocols are notoriously difficult to get right.
Surprisingly simple problems with some well known protocols have
been found years after the original protocol was published and
extensively analyzed. Our workshop goal is to bring together the
formal methods and security communities. Security is a current
hot topic in the formal methods community, and we hope that this
workshop can help focus these energies. Topics of interest include
descriptive techniques (specification languages, models, logics)
and analysis techniques (model checking, theorem proving, and
their combination), as applied to protocols for authentication,
fair exchange, electronic commerce, and electronic auctions.
However, this list is not exclusive. We particularly want to
hear about new approaches, new problems, new security properties,
and new protocol bugs. Reports on work in progress are welcome.
The program of the workshop will include a keynote address by
Doug Tygar, a number of technical sessions (with talks of
about 15-20 minutes duration), and a panel discussion. An
extended abstract (about 5-10 pages) explaining recent
research results or work in progress should be mailed
electronically to fmcs-2000@cs.cmu.edu, to be received by
April 14, 2000. More information can be found at the conference
web site at www.cs.cmu.edu/~veith/fmcs/
WITS'2000, Workshop on Issues in the Theory of Security, Geneva,
Switzerland, July 7-8, 2000. Submissions due April 15, 2000.
The members of The IFIP WG 1.7 on "Theoretical Foundations of
Security Analysis and Design" will hold their annual workshop
as an open event to which all researchers working on the theory
of computer security are invited. The W/S will be co-located
with ICALP '00 (cuiwww.unige.ch/~icalp/). Its program will
encourage discussions by all attendees, both during and after
scheduled presentations on participants' ongoing work. Topics
of interest include:
* formal definition and verification of the various aspects of
security: confidentiality, integrity, authentication and
availability;
* new theoretically-based techniques for the formal analysis
and design of cryptographic protocols and their manifold
applications (e.g., electronic commerce);
* information flow modeling and its application to the theory
of confidentiality policies,
* composition of systems, and covert channel analysis;
* formal techniques for the analysis and verification of
mobile code;
* formal analysis and design for prevention of denial of
service.
Details on the conference and submission procedure can be found
on the conference web site at
www.dsi.unive.it/IFIPWG1_7/wits2000.html, or contact the program
chair, Pierpaolo Degano, by email,degano@di.unipi.it, or phone,
+39 050 887257, or fax, +39 050 887226.
CHES'2000, Workshop on Cryptographic Hardware and Embedded Systems,
Worcester Polytechnic Institute, Worcester, Massachusetts, USA.,
August 17-18, 2000. Submissions due April 15, 2000.
The focus of this workshop is on all aspects of cryptographic
hardware and embedded system design. Of special interest are
contributions that describe new methods for efficient hardware
implementations and high-speed software for embedded systems.
The topics of interest include but are not limited to:
* Computer architectures for public-key cryptosystems
* Computer architectures for secret-key cryptosystems
* Reconfigurable computing and applications in cryptography
* Cryptographic processors and co-processors
* Modular and Galois field arithmetic architectures
* Tamper resistance on the chip and board level
* Architectures for smart cards
* Tamper resistance for smart cards
* Efficient algorithms for embedded processors
* Special-purpose hardware for cryptanalysis
* Fast network encryption
* True and pseudo random number generators
If you want to receive emails with subsequent Call for Papers
and registration information, please send a brief mail to
ches@ece.orst.edu. Complete instructions for authors can be found
on the workshop web page at www.ece.WPI.EDU/Research/crypt/ches.
You may also contact the Program Chairs Cetin Kaya Koc
(Koc@ece.orst, +1 541 737 4853) or Christof Paar
(christof@ece.wpi.edu, +1 508 831 5061).
4th International Workshop on Discrete Algorithms and Methods
for Mobile Computing & Communications, Boston, Massachusetts,
USA, August 11, 2000. In conjunction with ACM MobiCom 2000.
Submissions due April 25, 2000.
The introduction of mobility raises a number of new research
issues. This workshop is devoted to discrete algorithms and
methods in the context of mobile and wireless computing and
communications. Contributions are solicited in all areas related
to mobile computing and communications where discrete algorithms
and methods are utilized, including, but not limited to:
* distributed algorithms frequency allocation
* scheduling location tracking
* site allocation multi-hop packet radio networks
* wireless networks synchronization
* cryptography and security error correcting codes
* handover (handoff) telecommunications
* modeling optimization
* routing satellite communication
Instructions for submitting a paper or a panel proposal are
given on the conference web page at
www.cis.udel.edu/~elloyd/dialm.d/home.htm. Since deadlines
overlap, dual submission of papers to MobiCom and DIALM is
encouraged. Any paper accepted for MobiCom will automatically
be removed from consideration for DIALM.
CCS-7, 7th ACM Conference on Computer and Communication Security,
November 1-4, 2000, Athens, Greece. Abstract of papers due
April 30, 2000.
Papers may present theory, technique, applications, or practical
experiences on topics including:
* Database Security *Authentication and key management
* New threats and attacks *Authorization, access control, audit
* Privacy and anonymity *Cryptographic algorithms, protocols
* Steganography, watermarking *New security architectures
* Secure electronic commerce *Intrusion detection and response
* Security evaluation *Licensing and intellectual property
* Security education *Malicious code and countermeasures
Details on instructions for papers and panel proposals can be
obtained from www.ccs2000.org (USA Mirror site:
cimic.rutgers.edu/~atluri/ccs.html) or from Sushil Jajodia
(jajodia@gmu.edu)
WSPEC'00, 1st Workshop on Security and Privacy in E-Commerce,
November 4, 2000, Athens, Greece. Held in conjunction with the ACM
Conference on Computers and Communications Security (ACM-CCS'00).
Paper abstracts and panel proposals due May 1, 2000; Papers and
case studies due June 1, 2000.
The First Workshop on Security and Privacy in E-Commerce seeks
to bring together practitioners and researchers to address the
real-world security and privacy concerns in e-commerce. We are
seeking contributions on topics in security and privacy that
will enable the e-commerce systems of tomorrow to be developed
more securely and robustly without compromising individual
privacy rights. The workshop will focus on group discussion
and collaboration in identifying the important problems and
potential solutions in this important topic area. We are seeking
research papers, business case studies, or system designs that
address security and privacy concerns. Topics of interest
include:
* anonymizing e-commerce/Web transactions
* component-based software in e-commerce
* databases access control
* denial of service attacks and countermeasures
* detecting anomalous database transactions
* detection and recovery from Internet-based attacks
* e-commerce protocols
* e-commerce systems
* Internet client risks
* malicious software or Trojan functionality
* mobile agents in e-commerce
* novel attacks and countermeasures
* privacy negotiation/bartering
* privacy risks with cookies/tokens/identifiers
* software analysis and certification.
See www.rstcorp.com/conferences/WSPEC00/ for the official
Call For Papers.
SAC'2000, Seventh Annual Workshop on Selected Areas in Cryptography,
August 14-15, 2000, Waterloo, Ontario, Canada. Papers due
May 1, 2000.
Workshop Themes:
* Design and analysis of symmetric key cryptosystems.
* Primitives for private key cryptography, including block and
stream ciphers, hash functions and MACs.
* Efficient implementations of cryptographic systems in public
and private key cryptography.
* Cryptographic solutions for web/internet security.
Details on submitting a paper are given on the conference web page
at www.cacr.math.uwaterloo.ca/conferences/2000/SAC2000/announcement.html
ACSAC, 16th Annual Computer Security Applications Conference,
Sheraton Hotel, New Orleans, Louisiana, USA, December 11-15, 2000.
Papers due: May 12, 2000; Case Studies due: May 30, 2000.
ACSAC is an internationally recognized conference for experts in
information system security to exchange practical ideas about
solving critical security problems. The following topic areas
are of potential interest to ACSAC.
* Internet technologies Intrusion detection and response / audit
and audit reduction
* Mobile computing Network management and smart card applications
* Electronic commerce Incident response planning - governmental
and other perspectives
* Legal and ethical concerns over protecting intellectual
property
* New paradigms for protecting electronic intellectual capital
* Software safety and program correctness Crypto, key management,
and digital signature applications
* Security in health care and law enforcement
* Defensive information warfare
* Securing very high-speed telecommunications (e.g., ATM)
We encourage technical papers that relate to any of the above
topics or other applications of computer security. Format of
submission is explained on our web site:
www.acsac.org/sub/PaperSubmission.html. Student papers can compete
for best paper prizes and student conference scholarships are
also provided. If you have an idea for a panel or forum, see
our web site for details: www.acsac.org/sub/panels/PanelsFora.html
Again this year we will have a track devoted to actual applications
where real world problems have been solved. Vendors, systems
integrators, and users can share knowledge and we will also have
a display area to complement this portion of the conference.
For details, see our web site: www.acsac.org/sub/casestudies.html.
Tutorials are either full day (6 instruction hours) or half day
(3 instruction hours). For details, see our web page at
www.acsac.org/sub/tutorials/tutsub.html Got a question? See the
FAQ on our web page at www.acsac.org, or email
Publicity_Chair@acsac.org.
AMOC 2000, Asian International Mobile Computing Conference, Penang,
Malaysia, November 1-3, 2000. Submissions due: May 30, 2000.
This conference will provide a platform for researchers and
experts primarily from the Asian region to meet and discuss
current issues in this field. The focus on Asia is important
because there are unique regional issues not given attention
in typical international conferences, where technological
issues in developed nations receive centre stage. These unique
issues include different infrastructural and economic
requirements; the effect of a more diverse socio-economic
environment on technological specifications; the wider-ranging
impact of wireless communication in rural areas and the great
interest in the rapid deployment of cutting edge technology
due to the high progress rate of technological implementation
in many Asian countries. A complete list of topics and guidelines
for submissions is given on the conference web site at
www.fsktm.um.edu.my/amoc/, or send email to
amoc-submission@fsktm.um.edu.my.
_________________________________________________________________
Upcoming Conferences and Workshops for April, May, and June 2000.
_________________________________________________________________
CFP'2000, Computers, Freedom, and Privacy. CFP 2000 Challenging the
Assumptions, Toronto, Ontario, Canada, April 4-7, 2000.
The theme of the tenth CFP conference is 'Challenging the
Assumptions'. After a decade of CFP conferences, it's time to
examine what we have learned. At CFP2000 we want to re-examine
the assumptions we have been making and consider which ones
still make sense as we move forward. Proposals are welcomed on
all aspects of computers, freedom, and privacy. We strongly
encourage proposals that challenge the future, tackle the hard
questions, look at old issues in new ways, articulate and
analyze key assumptions, and present complex issues in all
their complexity. More conference information are given on the
CFP 2000 web site at www.cfp2000.org.
AES3, Third Advanced Encryption Standard (AES) Candidate Conference,
New York,New York, USA, April 13-14, 2000.
In the summer of 1999, NIST began Round 2 of the technical
analysis of five candidate algorithms that have been selected
as finalists for the AES development effort. Near the end of
Round 2, the 3rd AES Candidate Conference (AES3) will focus
on discussion of the technical results of Round 2 and views on
candidates for Round 3. Conference information can be found
at csrc.nist.gov/encryption/aes/round2/conf3/aes3conf.htm.
MFPS, The Sixteenth Workshop on the Mathematical Foundations of
Programming Semantics, Stevens Institute of Technology, Hoboken,
NJ, USA, April 13-16, 2000.
The MFPS conferences are devoted to those areas of mathematics,
logic and computer science which are related to the semantics
of programming languages. The series particularly has stressed
providing a forum where both mathematicians and computer
scientists can meet and exchange ideas about problems of common
interest. We also encourage participation by researchers in
neighboring areas, since we strive to maintain breadth in
the scope of the series. The invited speakers for MFPS 16
are: Samson Abramsky University of Edinburgh, Rance Cleaveland
Stony Brook, Andy Gordon Microsoft Cambridge, Robin Milner
University of Cambridge, Peter O'Hearn Queen Mary - Westfield,
and Dana Scott CMU. In addition to the invited talks,
there will be special sessions devoted to security and model
checking. More information cane be found at:
www.math.tulane.edu/mfps16.html or from mfps@math.tulane.edu.
S&P'2000,2000 IEEE Symposium on Security and Privacy, Oakland CA,
USA,May 14-17, 2000.
See the program announcement in the "Conferences
and Workshops" section of this issue of Cipher.
WWW9, 9th International World Wide Web Conference, Amsterdam,
The Netherlands, May 15-19, 2000.
Topics: E-Commerce, XML, Multimedia, Web Server Performance,
Searching and Querying, Protocols, Web Document Management,
Java, Web Site Design, Web Security, RDF, Database and
Directory Services, Collaboration, Accessibility, Metadata,
New Languages Submitted papers should present original reports
of substantive new work in areas that can be theoretical
(models, analyses, techniques, semantics), empirical
(experiments, case studies), or implementation-oriented
(new systems, tools, methodologies, user interfaces).
WWW9 workshops are intended to provide a forum for highly
interactive discussion on focused topics. Submission details
are available at www9.org.
ICCC First International Common Criteria Conference, Baltimore,
Maryland, USA, May 23-25, 2000.
The ICCC will bring together the signatories to the Mutual
Recognition Arrangement, their national implementation scheme
administrators, accredited commercial testing laboratories,
producers and consumers of information technology products,
acquisition authorities and information assurance professionals
from government, industry and academia throughout the world.
There will be four tracks at the ICCC geared towards providing
you with the most up to date, accurate and complete
information on the Common Criteria process. For more detailed
information on the ICCC or to register for the conference,
visit the National Information Assurance Partnership (NIAP)
web site: www.niap.nist.gov/iccc. For information on the vendor
exhibits to be held in conjunction with the ICCC on May 23
and 24, contact Janin Hardin or Stephanie King at the
Federal Business Council, (800) 878-2940 or log on to:
www.fbcinc.com/specialeventspage.htm.
NCISSE'2000 Fourth Colloquium for Information Systems Security
Education, Washington D.C., USA, May 23-25, 2000.
It is the task of American higher education to provide an
information-literate work force and to prepare information
technology professionals. The National Colloquium for
Information Systems Security Education (the Colloquium)
is established to serve as a living body to bring government,
industry and academia together to meet those challenges.
This year the colloquium introduces two paper tracks, one
general submission, the other restricted to student
participation. The papers in both tracks should discuss course
or lab development, INFOSEC curricula, standards, existing
or emerging programs, and related issues. This year, we are
particularly interested in addressing the question, "what is
academia's response to the shortfall of INFOSEC workers?"
More information can be found on the conference web site at:
www.infosec.jmu.edu/ncisse/.
20th Biennial Symposium on Communications, Department of
Electrical and Computer Engineering, Queen's University, Kingston,
Ontario, Canada, May 28-31, 2000.
This symposium is intended to provide a forum for engineers
and researchers in the area of communications and signal
processing. Original papers are encouraged from new areas
of research on communications, as well as those traditionally
associated with this conference. A complete list of topics
of interest (which includes cryptography and security) as
well as submission instructions is provided on the
conference web page at www.ece.queensu.ca/dept/sympcomm.html
FIRST'2000, The 12th Annual FIRST Conference on Computer Security
and Incident Handling, Chicago, Illinois, USA, June 25-30, 2000.
The Forum of Incident Response and Security Teams (FIRST,
www.first.org) brings security incident response teams together
including government, commercial, and academic organizations.
The conference is a five day event, two days of tutorials and
three days of technical sessions including refereed paper
presentations, invited talks, and panel discussions. The
focus of the FIRST'2000 conference is on the most recent
practical advances in computer security in all its aspects.
The full call for papers is at www.first.org/conference/2000.
IC'2000, Special session at IC'2000, the First International
Conference on Internet Computing, Monte Carlo Resort, Las Vegas,
Nevada, USA, June 26-29, 2000.
This special session, New Paradigms in Computer Security, at
IC'2000 is to present recent advances in computer system
security. The main focus will be on new approaches for less
vulnerable program generation and intrusion detection. More
information can be found on the conference web site at:
www.cs.umanitoba.ca/~iwic/.
====================================================================
News Briefs
====================================================================
News briefs from past issues of Cipher are archived at
www.issl.org/Cipher/NewsBriefs.html
____________________________________________________________________
New IEEE Computer Magazine column on Networking and
Telecommunications edited by by Upkar Varshney
____________________________________________________________________
Beginning April 2000, IEEE Computer Magazine is starting a new
column on Networking and Telecommunications. It aims at publishing
short articles (1800-2000 words) on topics related the design,
implementation, technology, and security issues in wireline and
wireless networks, support for multicast reliable and survivable
network architectures, broadband access to home, intelligent
transportation systems, GPS and location tracking, support for E911,
mobile and handheld devices (hardware, OS, and networking
support). The articles should attempt to address a topic of
importance to Computer readers in a tutorial style and should
attempt to present state-of-the-art information or complex concepts
in an easy to read style. The total number of tables and figures
should not exceed four. Interested authors are encouraged to send
their contributions to Prof. Upkar Varshney, editor for the column,
via e-mail at uvarshney@gsu.edu (www.cis.gsu.edu/~uvarshne).
_____________________________________________________________________
LISTWATCH: items from security-related mailing lists (March 27, 2000)
by Mary Ellen Zurko (mzurko@iris.com)
_____________________________________________________________________
This issue's highlights are from cypherpunks, risks, tbtf, and
crypto-gram.
____________________
Members of Peacefire.org wrote and published a program (cphack.exe)
that breaks the encryption in Cyber Patrol, a "censorware" Internet
filtering application, displaying the list of sites it blocks, and
displaying the password used to enable and disable the filtering.
Cyber Patrol has obtained a restraining order against the authors
to prevent them from distributing it, accusing them of illegal
reverse engineering. The counts include copyright infringement and
theft of trade secrets. Mirror sites have sprung up for distributing
an essay on the program and the program itself
(www.openpgp.net/censorship/). There seems to be an injunction
against the mirror sitest too, which was mass emailed to them so
that they all now have a list of all the known mirror sites. It
does not work against the latest version of Cyber Patrol, which
has changed its encryption. Cyber Patrol (and Mattel, their parent
company) claims the suit is about disabling the software (though
publishing the password). Pro-cphack spin says that programs like
this have been around for 2 years and nobody sued anybody; that
it's the publishing of the sites that are blocked that is making
Cyber Patrol mad, and not because their competitive edge depends
on it, but because of the large number of sites that are claimed
to be mistakenly blocked. Peacefire has released programs that
decrypt the lists of two competitors; X-Stop and I-Gear. Of the
first 50 working .edu sites on those lists, Peacefire claims a
68% and 76% error rate, respectively (too bad they didn't do
a random sample from the list to come up with a real, overall
error rate instead). Examples of errors include: (1) a diagram
of a milk pasteurization system written in Portuguese,
(2) a page with 75 K of Latin, (3) two PowerPoint slides about
network setup, and (4) volumes 4 and 6 of "The Decline and
Fall of the Roman Empire".
www.wired.com/news/politics/0,1283,35038,00.html
slashdot.org/article.pl?sid=00/03/20/0845236.
In an exciting escalation, Mattel has not only sent mass mailings
to all mirrors of the the critical web pages, they have allegedly
added these mirror sites (and the author's home pages) to their
blacklist under all categories (after all, just what category
would they use? :-).
____________________
A laptop computer containing sensitive information on Northern
Ireland was stolen from an MI5 intelligence agent on March 4 when
the Security Service worker stopped to help a passer-by in the
ticket hall at Paddington Underground station in Central London.
On March 23, a government source confirmed the theft and said:
"We believe that the information on the laptop is secure. The
theft is currently being investigated by the police." No word
on whether the encryption key is stored on the laptop.
____________________
The Korean Advanced Institute of Science and Technology (KAIST)
will reportedly hold an international hacking contest. Hackers
will attempt to break into a firewall the Protection Education
Research Center has built for prize money totaling W100 million.
The contest aims to test the capacity of Korean information
protection technology, and find out the international standard
of hackers. (I was just reading an article on how public
competitions aimed at amateurs was how the US's earliest memorials
were commissioned.)
____________________
The French national assembly has voted to ban anonymous web
hosting. One more vote will make it a law. Users must declare
their identity to their hosting service, with a six month
jail penalty if they provide false information. The hosting
service must give the identities to the court, otherwise its
owner faces a six month jail penalty. Voted text from the
French national assembly on March 22
www.assemblee-nat.fr/2/pdf/ta0473-01.pdf (pdf, in french).
____________________
An annual survey by the FBI and the Computer Security Institute
said that total verifiable losses in 1999 more than doubled
to $266 million, while more than 90 percent of respondents
reported detecting some form of security breach. The survey
covered 643 corporations, banks and government organizations.
CSI estimates that total losses attributable to computer
crime are around $10 billion annually. Only one company in
four surveyed reported the crimes in 1999, down 32% from 1998.
59% of the companies said the computer attacks initiated from
the Internet, while 38% said they initiated from internal
company computers. At least 74 percent of respondents reported
security breaches including theft of proprietary information,
financial fraud, system penetration by outsiders, data or
network sabotage, or denial of service attacks. Information
theft and financial fraud caused the most severe financial
losses, put at $68 million and $56 million respectively. Losses
traced to denial of service attacks were only $77,000 in 1998,
and by 1999 had risen to just $116,250 (the survey occurred
before the recent spat of high profile DDOS attacks). The
survey showed quantified losses up at more than $8.2 million.
____________________
Stolen data on 485,000 credit cards was discovered on a U.S.
government agency's Web site. Many of the credit cards remain
in use today because there has been no evidence that any of the
cards have been used in fraud, and credit-card companies and
card-issuing credit unions decided that it would be too much
trouble to shut down the accounts and issue new numbers, or even
to tell the credit card holders about the potential leak.
www.msnbc.com/news/382561.asp.
____________________
Dave Kormann and Avi Rubin evaluated Microsoft's Passport single
signon protocol and examined the risks. Their
paper cs.nyu.edu/rubin/passport.html will be presented at WWW9,
which runs at the same time as Oakland this year, and where I will
be chairing the Security session .
____________________
Actor Jerry Orbach is suing eBay for allegedly allowing a user to
auction two of his old acting contracts. Reportedly, the scanned
images of the contracts that advertised the sale showed his Social
Security number, which allegedly resulted in credit card fraud.
www.cnn.com/2000/SHOWBIZ/News/03/21/showbuzz/#story2.
____________________
The NSA holds a patent on a holographic storage device
tbtf.com/blog/2000-03-19.html.
____________________
Two of the three defendants in the New York MPAA DeCSS case have
withdrawn under consent agreements, leaving only the magazine 2600,
which succeeds its publisher, Emmanuel Goldstein, as defendant. A
trial date was set for December 5.
____________________
DoveBid, WebbitTown, and the Libertarian party all have a policy of
digitally signing their press releases.
____________________
Is credit card fraud higher or lower? MasterCard is imposing a fine
on merchants whose charge backs are one per cent or higher of total
sales, or 2.5 per cent or higher of total sales volume for more than
two consecutive months. Conversely, Visa International announced
last week that fees for lost or stolen cards will now be waived in
view of card fraud losses reaching an all-time low during 1999.
The move was prompted by fraud losses dropping to 6 cents for every
USD 100 in 1999, compared to 7 cents per USD 100 in 1998, and
18 cents per USD 100 in 1992.
____________________
Microsoft Windows 2000 is using the usually blank "data authorization
field" in Kerberos (which DCE also used), and not publishing how
they're using it (impeding certain forms of interoperability). They
did not follow the IETF procedure for deviating from a standard, which
they do by overwriting, instead of copying through, any information
in that field from the request to the ticket (DCE did not deviate).
____________________
Eben Moglen, of Columbia Law School, makes the ultimate statement
on the new US crypto export regulations: "It used to be that giving
export control advice consisted of helping clients to comprehend
unbelievably ridiculous statements in the present tense. Giving
such advice now largely consists of helping clients to comprehend
unbelievably ridiculous statements in the future conditional
subjunctive. That's some kind of progress."
____________________
The Arizona Democratic Primary had the first binding election in
the US with votes cast over the Internet. According to the
elections.com website, each voter receives a PIN via postal mail
that gets them access to the voting web page. A voter also has
to answer "several questions" to confirm their identity. The
instructions also remind the potential voter that "[...] it is
a Class 5 felony offense to knowingly vote at an election when
not entitled to do so." Voting Integrity Project,
www.voting-integrity.org/ raised concerns over unequal access.
____________________
Verisign agreed to acquire Web domain-name registrar Network
Solutions in an all-stock transaction the companies valued at
$21 billion.
____________________
Wondering what cypherpunks look like? Declan MucCullagh has a
photo archive (www.mccullagh.org/cgi-bin/photosearch.cgi?name=tim+may).
I imagined Tim May much meaner, with fangs and a pointy tail :-).
____________________
President Clinton said that he considered cyberspace too insecure
for him to correspond privately by e-mail with his daughter, Chelsea,
who is away at college.
____________________
Finally, two older excerpts. The first is Spaf on the 2/8/00 White
House Infosecurity meeting. I don't understand how the hacker
suggestion is different from Tiger Teaming, and I don't understand
most of the references to CERIAS, which seems to be Spaf's baby.
Otherwise, a fine report:
[Note: you may post this account or forward it to mailing lists,
provided you pass the account and this notice in its entirety.]
Infosecurity at the White House
Gene Spafford
Prolog
Last week (ca. 2/8/00), a massive distributed denial of service
attack was committed against a number of Internet businesses,
including e-Bay, Yahoo, Amazon.com, and others. This was
accomplished by breaking into hundreds (thousands?) of
poorly-secured machines around the net and installing packet
generation "slave" programs. These programs respond by
remote control to send packets of various types to target hosts
on the network. The resulting flood effectively shut those
target systems out of normal operation for periods ranging up
to several hours.
The press jumped all over this as if it was something terribly
new (it isn't -- experienced security researchers have known
about this kind of problem for many years) and awful (it can be,
but wasn't as bad as they make it out to be). One estimate in
one news source speculated that over a billion dollars had
been lost in lost revenue, downtime, and preventative measures.
I'm skeptical of that, but it certainly is the case that a
significant loss occurred.
Friday, Feb 11, I got a call from someone I know at OSTP (Office
of Science and Technology Policy) inquiring if I would be available
to meet with the President as part of a special meeting on
Internet security. I said "yes." I was not provided with a list
of attendees or an agenda. Initially, I was told it would be a
meeting of security experts, major company CEOs, and some members
of the Security Council, but that was subject to change.
The Meeting
I arrived at the Old Executive Office Building prior to the
meeting to talk with some staff from OSTP. These are the people
who have been working on the Critical Infrastructure issues for
some time, along with some in the National Security Council.
They really "get it" about the complexity of the problem, and
about academia's role and needs, and this may be one reason
why this was the first Presidential-level meeting on information
security that included academic faculty.
After a few minutes, I was ushered into Dr. Neal Lane's office
where we spent about 15 minutes talking. (As a scientist and
polymath, I think Lane has one of the more fascinating jobs in
the Executive Branch: that of Assistant to the President for
Science and Technology and Director of OSTP. For instance,
on his table he had some great photos of the Eros asteroid that
had been taken the day before.) We then decided to walk
over to the White House (next door) where we joined the other
attendees who were waiting in a lobby area.
Eventually, we were all escorted upstairs to the Cabinet Room. It
was a tight fit, as there were over 30 of us, staff and guests
(invitee list at the end). We then spent a half hour mingling
and chatting. There were a lot of people I didn't know, but
that's because normally I don't get to talk to CEOs. Most notably,
there were people present from several CERIAS sponsor organizations
(AT&T, Veridian/Trident, Microsoft, Sun, HP, Intel, Cisco). I also
(finally!) got to meet Prof. David Farber in person. We've "known"
each other electronically for a long time, but this was our first
in-person meeting.
After a while, some more of the government folk joined the group:
Attorney General Reno; Commerce Secretary Daley; Richard Clarke,
the National Coordinator for Security, Infrastructure Protection
and Counter-terrorism; and others. After some more mingling, I
deduced the President was about to arrive -- several Secret
Service agents walked through the room giving everyone a once-over.
Then, without any announcement or fanfare, the President came into
the room along with John Podesta, his chief of staff.
President Clinton worked his way around the room, shaking
everyone's hand and saying "hello." He has a firm handshake.
In person, he looks thinner than I expected, and is not quite
as tall as I expected, either.
We all then sat down at assigned places. I had the chair directly
opposite the President. Normally, it is the chair of the
Secretary of State. To my left was Whit Diffie of Sun, and to
my right was John Podesta. I was actually surprised that I had
a seat at the table instead of in the "overflow" seats around
the room.
The press was then let into the room. It was quite a mass. The
President made a statement, as did Peter Solvik of Cisco. The
press then asked several questions (including one about oil
prices that had nothing to do with the meeting). Then, they
were ushered out and the meeting began.
The President asked a few individuals (Podesta, Daley, Reno,
Pethia, Noonan) to make statements on behalf of a particular
segment of industry of government, and then opened it up for
discussion. The next hour went by pretty quickly. Throughout,
the President listened carefully, and seemed really involved
in the discussion. He asked several follow-up questions to things,
and steered the discussion back on course a few times. He
followed the issues quite well, and asked some good follow-up
questions.
During the discussion, I made two short comments. The first was
about how it was important that business and government get
past using cost as the primary deciding factor in acquiring
computer systems, because quality and safety were important.
I went on to say that it was important to start holding
managers and owners accountable when their systems failed because
of well-known problems. I observed that if the government could
set a good example in these regards, others might well follow.
My second comment was on the fact that everyone was talking about
"business and government" at the meeting but that there were
other players, and that academia in particular could play an
important part in this whole situation in cooperation with
everyone else. After all, academia is where much of the research
gets done, and where the next generation of leaders, researchers,
and business people are coming from!
Overall, the bulk of the comments and interchange were reasoned
and polite. I only remember two people making extreme comments
(to which the rest of us gave polite silence or objections);
I won't identify the people here, but neither were CERIAS
sponsors :-). One person claimed that we were in a crisis and
more restrictions should be placed on publishing vulnerability
information, and the other was about how the government should
fund "hackers" to do more offensive experimentation to help
protect systems. My summary of the major comments and conclusions
is included below.
After considerable discussion, the meeting concluded with
Dick Clarke reminding everyone that the President had submitted
a budget to Congress with a number of new and continuing
initiatives in information security and cybercrime investigation,
and it would be up to Congress to provide the follow-through on
these items.
We then broke up the meeting, and the President spent a little
more time shaking hands and talking with people present. Buddy
(his dog) somehow got into the room and "met" several of us,
too -- I got head-butt in the side of my leg as he went by.
:-) The official photographer got a picture of the President
shaking my hand again.
The President commented to Vint Cerf how amazed he was that the
group had been so well-behaved --- we listened to each other,
no one made long rambling speeches, and there was very little
posturing going on. Apparently, similar groups from other areas
are quite noisy and contentious.
We (the invitees) then went outside where there was a large crowd
of the press. Several of us made short statements, and then broke
up into groups for separate interviews. After that was done, I
left and returned home to teach class on Wednesday.
My interview with the local news station didn't make it on the
6pm news, and all the print accounts seemed make a big deal of the
fact that "Mudge" was at the meeting. Oh well, I thought
"Spaf" was a way-cool "handle", better than "Mudge" but it doesn't
go over as well with the press for some reason. I'll have to
find some other way to develop a following of groupies. :-)
On Friday, I was back in DC at the White House conference center
to participate in a working session with the PCAST (President's
Committee of Advisors on Science & Technology) to discuss the
structure and organization of the President's proposed Institute
for Information Infrastructure Protection. This will have a
projected budget of $50 million per year. CERIAS is already
doing a significant part of what the IIIP is supposed to address
(but at a smaller scale). Thus, we may have a role to play in
that organization, as will (I hope) many of the other established
infosec centers. The outcome of that meeting was that the
participants are going to draft some "strawman" documents on
the proposed IIIP organization for consideration. I am unsure
whether this is significant progress or not.
Outcomes
I didn't enter the meeting with any particular expectations.
However, I was pleasantly surprised at the sense of cooperation
that permeated the meeting. I don't think we solved any problems,
or even set an agenda of exactly what to do. There was a clear
sense of resistance from the industry participants to any major
changes in regulations or Internet structure. In fact, most of
the companies represented did not send CEOs so that (allegedly)
there would be no one there who could make a solid commitment
for their firms should the President press for some action.
Nonetheless, there were issues discussed, some subsets of those
present did agree to meet and pursue particular courses of
action, and we were reminded about the President's info
protection plan. To be fair, this is an area that has been
getting attention from the Executive Branch for several years,
so this whole event shouldn't be seen as a sudden reaction
to specific events. Rather, from the PCCIP on, there has
been concern and awareness of the importance of these issues.
This was simply good timing for the President to again demonstrate
his concern, and remind people of the national plan that was
recently released.
I came away from the meeting with the feeling that a small,
positive step had been made. Most importantly, the President
had made it clear that information security is an area of
national importance and that it is taken seriously by him and
his administration. By having Dave Farber and myself there, he
had also made a statement to the industry people present that
his administration takes the academic community seriously in this
area. (Whether many of the industry people got that message --
or care -- remains to be seen.)
I recall that there were about 7 major points made that no one
disputed:
1) The Internet is international in scope, and most of the
companies present have international operations. Thus, we must
continue to think globally. US laws and policies won't be
enough to address all our problems.
2) Privacy is a big concern for individuals and companies alike.
Security concerns should not result in new rules or mechanisms
that result in significant losses of privacy.
3) Good administration and security hygiene are critical. The
problems of the previous week were caused by many sites
(including, allegedly, some government sites) being compromised
because they were not maintained and monitored. This, more than
any perceived weakness in the Internet, led to the denial of
service.
4) There is a great deal of research that yet needs to be done.
5) There are not enough trained personnel to deal with all our
security needs.
6) Government needs to set a good example for everyone else, by
using good security, employing standard security tools, installing
patches, and otherwise practicing good infosec.
7) Rather than new structure or regulation, broadly-based
cooperation and information sharing is the near-term approach
best suited to solving these kinds of problems.
Let's see what happens next. I hope there is good follow-though
by some of the parties in attendance, both within and outside
government.
Miscellany
Rich Pethia of CERT, Alan Paller of SANS, and I have drafted a
short list of near-term actions that sites can implement to help
prevent a recurrence of the DDOS problems. Alan is going to
coordinate input from a number of industry people, and then we
will publicize this widely. It isn't an agenda for research or
long-term change, but we believe it can provide a concrete
set of initial steps. This may serve as a good model for
future such collaborative activities.
I was asked by several people if I was nervous. Actually, no.
I've been on national television many times, and I've spoken
before crowds of nearly a thousand people. Actually, *he* should
have been nervous -- I have tenure, and he clearly does not. :-)
The model we have at CERIAS with the partnership of industry and
academia is exactly what is needed right now. Our challenge is
to find some ways to solve our faculty needs and space shortage.
In every other way, we're ideally positioned to continue to make
a big difference in the coming years.
Of the 29 invited guests, there was only one woman and one
member of a traditional minority. I wonder how many of the people
in the room didn't even notice?
Attendees
Douglas F. Busch
Vice President of Information Technology, Intel
Clarence Chandran
President, Service Provider & Carrier Group, Nortel Networks
Vinton Cerf
Senior Vice President, Internet & Architecture & Engineering,
MCI Worldcom
Christos Costakos
Chief Executive Officer, E-Trade Group, Inc.
Jim Dempsey
Senior Staff Counsel, Center for Democracy and Technology
Whitfield Diffie
Corporate Information Officer, Sun Microsystems
Nick Donofrio
Senior Vice President and Group Executive, Technology & Manufacturing, IBM
Dave Farber
University of Pennsylvania
Elliot Gerson
Chief Executive Officer, Lifescape.com
Adam Grosser
President, Subscriber Networks, Excite@home
Stephen Kent
BBN Technologies (GTE)
David Langstaff
Chairman and Chief Executive Officer, Veridan
Michael McConnell
Booz-Allen
Mary Jane McKeever
Senior Vice President, World Markets, AT&T
Roberto Medrano
Senior Vice President, Hewlett Packard
Harris N. Miller
President, Information Technology Association of America (ITAA)
Terry Milholland
Chief Information Officer, EDS
Tom Noonan
Internet Security Systems (ISS)
Ray Oglethorpe
President, AOL Technologies, America Online
Allan Paller
Chairman, SANS Institute
Rich Pethia
CERT/CC, SEI at Carnegie-Mellon University
Geoff Ralston
Vice President for Engineering, Yahoo!
Howard Schmidt
Chief Information Security Officer, Microsoft
Peter Solvik
Chief Information Officer, Cisco Systems
Gene Spafford
CERIAS at Purdue University
David Starr
Chief Information Officer, 3Com
Charles Wang
Chief Executive Officer, Computer Associates International
Maynard Webb
President, Ebay
Peiter Zatko a.k.a. "Mudge"
--
COMPASS [for the CDC-6000 series] is the sort of assembler one expects
from a corporation whose president codes in octal. -- J.N. Gray
______________________________
The second older excerpt, from back in early February, when privacy
was hot, here's what TBTF had to say about the two biggest issues:
..DoubleClick flip-flops, gets sued
DoubleClick has insisted since 1996 that, while it tracks
100 million Internet users' browsing and buying habits across
11,500 Web sites, it does not identify users personally. But
last June the company purchased Abacus Direct Corp., a
direct-marketing services company with a database of names,
addresses, phone numbers, and catalog purchasing habits of
90% of American households.
Queue the loud bassoon.
On 31 January Will Rodger of USA Today broke the news [16]
that since December, at the latest, DoubleClick has been
merging its anonymous, cookie-borne, unique-user-ID data with
the personal data from Abacus. DoubleClick's move moved
Lauren Weinstein, the ever-dependable voice of reason on
privacy issues, to flights of prose and heights of alarm that
have rarely been seen on the PRIVACY Forum [17].
In a massively lame attempt at damage control, DoubleClick
asked Slashdot [18] to take down a link to the USA Today story.
The story's poster, Hemos, refused.
Three days later a California woman sued DoubleClick for
illegally collecting and selling consumers' personal
information [19]. Her lawyer said she wants to represent the
California general public in the suit.
DoubleClick replies, in effect, "What's the big deal? We let
customers opt out of the tracking." How very generous. The
instructions [20] for opting out will make your eyes cross.
Be easy on yourself: edit your cookie file and delete all but
one of the cookies for
.doubleclick.net. Replace that one with:
.doubleclick.net TRUE / FALSE 1920499172 id OPT_OUT
Be sure to use a single tab, not spaces, for each whitespace
in this line.
Or do like I do [21]: before you start your browser -- every
time -- overwrite its cookie file with one containing only the
innocuous and helpful cookies you want. [Since the time of this
story,
Doubleclick has backed down from its plans to link its cookie and
meatspace
data. Mez]
[16] www.usatoday.com/life/cyber/tech/cth211.htm
[17] www.vortex.com/privacy/priv.09.06
[18] slashdot.org/article.pl?sid=00/01/28/0917229
[19] news.cnet.com/news/0-1005-200-1531929.html
[20] www.mercurycenter.com/svtech/news/indepth/docs/dg012800.htm
[21] tbtf.com/archive/1999-08-23.html#s03
..Texas company accuses Yahoo of privacy violations
In a considerably more complicated case, a Texas company called
Universal Image has taken Yahoo to court [22] to test the legal
theory that, under Texas law, using cookies to track visitors
constitutes electronic stalking and eavesdropping. Universal
Image has a long-standing beef with broadcast.com, which Yahoo
inherited when it bought the streaming-media company last year.
Universal might be accused of jumping on the privacy bandwagon
to aid their ongoing legal quarrel, and perhaps of cynicism
as well. The original point of their complaint was that
broadcast.com wasn't turning over to them as much customer
data as it should be doing. Cynicism or no, the case could
still set legal precedent.
[22] www.zdnet.com/zdnn/stories/news/0,4586,2429363,00.html
====================================================================
Commentary and Opinion
====================================================================
Book reviews from past issues of Cipher are archived at
www.issl.org/Cipher/BookReviews.html, and conference reports are
archived at www.issl.org/Cipher/ConfReports.html.
___________________________________________________________________
Book Review by Robert Bruen, Cipher Book Review Editor,
bruen@.mit.edu
___________________________________________________________________
Solaris Security. Peter Gregory. Sun Microsystems Press. 2000.
ISBN 0-13-096053-5. LoC QA76.9.A25G75 291 pages. Nine appendices,
index, bibliography. $39.99
The Solaris community now has a good book to help with the security
aspects of administering Sun systems. The book is not a complete
security, but it provide lots of pointers and helpful information.
It is one of the few places you will this kind of material on NIS+,
however. It does not cover the attacks on rpc that started last
summer, but it does cover rpc in general, but not in depth. The
chapters are short, but they give clear instructions on how to
execute commands and programs. Solaris, like all unix variants,
has its own peculiarities making it important to reference material
available such as this book. I believe that since Solaris has
experienced its share of security holes and exploits that it is
about time that books devoted to the topic were published. You
can buy many more Linux books related to security than most other
operating systems. In my opinion, this is because there is an
expectation that the vendors will provide what you need, both
for taking care of the OS and for providing information. The Linux
expectation is not the same, so there is a more obvious market
for books. Perhaps now, publishers and users are beginning to
realize that you cannot depend solely on the vendors. I hope this
book is the beginning of a trend for Sun.
Looking at the table of contents, it is apparent that there is a set
of chapters required for all security books covering general security,
disasters, publicly available software and information. The
information specific to Solaris (and it is only for Solaris 2.x,
not SunOs or Solaris 1.x), is the most useful. Solaris has its own
unique set of tools for administering its environment.
If you are running Solaris with the feeling that you can not get
enough information on how to go about managing security in a
systematic manner, this book is worth purchasing. However, if you
consider yourself well informed on Solaris security, you may this
book elementary, but still useful because of the references and
pointers to more resources.
Table of Contents:
Part 1 Introduction
1. The Security Problem
2. The Security Paradigm
Part 2 The Standalone System
3. The PROM, OpenBoot and Physical Security
4. The Filesystem
5. User Accounts and Environments
6. System Startup and Shutdown
7. cron and at
8. System Logs
Part 3 The Network-Connected System
9. Network Interfaces and Services
10. Network/System Architecture
11. Electronic Mail
12. Printing
13. Network Access Control
14. Name Services
15. NFS and the Automounter
Part 4 Disaster and Recovery
16. System Recovery Preparation
Part 5 Appendices
A. Online Sources for Security Information
B. Online Sources for Public-Domain Security
C. Obtaining and Applying Solaris Patches
D. Suggested Reading
E. Solaris Security Products
F. Implementing C2 Security
G. Verifying the Integrity of Public-Domain Software
H. Glossary of Attacks
I. Secure System Checklist
___________________________________________________________________
Book Review by Robert Bruen, Cipher Book Review Editor, bruen@.mit.edu
___________________________________________________________________
Linux Firewalls. Robert L. Ziegler. New Riders Publishing. 2000.
470 pages, two appendices, glossary, index
ISBN 0-7357-0900-9. Approx. $40
New Riders has published the best firewall book since the original
books released in 1994 (Cheswick & Bellovin) and 1995
(Chapman & Zwicky) that I have seen. Ziegler knows his stuff, writing
in a detailed, clear style that should be copied by other aspiring
writers. The book is aimed at Linux firewalls as the title states
focusing on RedHat Linux 6.x and ipchains, but there is enough
explanation of why one does things that it is still worth reading,
even if you are not interested in Linux per se. Then again, you
might be more interested in Linux after reading this book.
The book is organized into four main parts, the first is a short,
single, background chapter covering TCP/IP, ports and packets.
The fourth is comprised of the appendices and glossary. The
first appendix presents several pages of useful resources as
one would expect, but the second appendix has scripts that can
be used to set up a firewall on your home Linux box, for
both ipchains (RHL 6.x) and ipfwadm (RHL 5.x). There is also
help for optimizing rules, not a trivial task, even if you can get
the rules correct in the first place.
The real book is in Part II, Packet-Filtering and Basic Security
Measures (chapters 2-5). These chapters are true explanations of
how one goes about setting up ipchains, rule by rule, protocol by
protocol, port by port and application by application. This is one
of those rare books that is both readable straight through and can
be used as a reference tool.
Chapter 2 covers nicely packet filtering. There is a very helpful
table that describes network services (such as amd, bootp, dhcpd,
arpwatch, autofs, etc) that many of the newer Linux users/sysadmins
are not sure about. Ziegler describes each one, then recommends
whether or not to run them on the firewall accompanied by the
rationale. Often since new users do not know what these services
are, they get started with the default install, leading to various
security problems. Red Hat should have done as good a job in their
documentation. The actual building and installing of ipchains
in done chapter 3. The next chapter explains configurations for
home size LANS and for larger LANS. Debugging strategies are the
topic of the useful chapter 5.
Part III, System Level Security and Monitoring (chapters 6-8)
is more general admin information, telling the reader about tools
like ping, ifconfig, netstat, etc. in chapter 6. Chapter 7 presents
authentication, authorization, SOCKS and logging. Intrusion
detection makes up chapter 8. The book would have been just fine
without these three chapters because they are only marginally
related to firewalls. However, they are as high quality as the
rest of the book, saving you the cost of another sysadmin security
book.
Although the book is readable and provides background, it does not
insult your intelligence, expecting you to work at the technical
details. Firewalls are not easy to put up and maintain, thus the
material is not easy. However if you work through it , you will be
rewarded with the understanding of Linux firewalls. On one of my
top choices of new books in security. And it is even reasonably
priced.
___________________________________________________________________
Book Review by Gene Spafford
___________________________________________________________________
Database Nation: The Death of Privacy in the 21st Century, by
Simson Garfinkel. O'Reilly&Associates. 312 pages,
January 2000, Approx: $18. ISBN 1-56592-653-6.
www.databasenation.com
Reviewed by: Gene Spafford, CERIAS, Purdue University.
First of all, I should disclose what is probably a conflict of
interest. Simson and I have been friends for years, and we have
collaborated on a number of projects, including 3 books. As such,
some people (who don't know me well) might suspect that I wouldn't
provide an objective review. So, if you think that might be the
case, then discount my recommendation by half -- and still buy
and read this book. Simson has done an outstanding job
documenting and describing a set of issues that a great many
people -- myself included -- believe will influence computing,
e-commerce, law and public policy in the next decade. They also
impact every person in modern society.
This book describes -- well, and with numerous citations -- how
our privacy as individuals and members of groups has been eroding.
Unfortunately, that erosion is accelerating, and those of us
involved with information technology are a significant factor in
that trend. Credit bureaus accumulate information on our spending,
governments record the minutiae of their citizens' lives, health
insurance organizations record everything about us that might
prove useful to deny our claims, and merchants suck up every bit
of information they can find so as to target us for more marketing.
In each case, there is a seemingly valid reason, but the
accumulated weight of all this record-keeping -- especially when
coupled with the sale and interchange of the data -- is frightening.
Simson provides numerous examples and case studies showing how
our privacy is incrementally disappearing as more data is captured
in databases large and small. The book includes chapters on a
wide range of privacy-related issues, including medical
information privacy, purchasing patterns and affinity programs,
on-line monitoring, credit bureaus, genetic testing, government
record-keeping and regulation, terrorism and law enforcement
monitoring, biometrics and identification, ownership of
personal information, and AI-based information modeling and
collection. The 270 pages of text present a sweeping view of the
various assaults on our privacy in day-to-day life. Each instance
is documented as a case where someone has a reasonable cause to
collect and use the information, whether for law enforcement, medical
research, or government cost-saving. Unfortunately, the reality is
that most of those scenarios are then extended to where the
information is misused, misapplied, or combined with other
information to create unexpected and unwanted intrusions.
Despite my overall enthusiasm, I was a little disappointed in
a few minor respects with the book. Although Simson concludes
the book with an interesting agenda of issues that should be
pursued in the interests of privacy protection, he misses a
number of opportunities to provide the reader with information
on how to better his or her own control over personal information.
For instance, he describes the opt-out program for direct
marketing, but doesn't provide the details of how the reader
can do this; Simson recounts that people are able to get their
credit records or medical records from MIB, but then doesn't
provide any information on how to get them or who to contact;
and although he sets forth a legislative agenda for government,
he fails to note realistic steps that the reader can take
to help move that agenda forward. I suspect that many people will
finish reading this book with a strong sense of wanting to
*do* something, but they will not have any guidance as to where
to go or who to talk with.
The book has over 20 pages of comprehensive endnotes and WWW
references for the reader interested in further details. These
URLs do include pointers to many important sources of information
on privacy and law, but with a few puzzling omissions: I didn't
see references to resources such as EPIC or Lauren Weinstein's
Privacy digest outside of the fine print in the endnotes. I also
didn't note references to ACM's Computers, Freedom and Privacy
conferences, the USACM, or a number of other useful venues and
supporters of privacy and advocacy. Robert Ellis Smith's
"Privacy Journal" is mentioned in the text, but there is no
information given as to how to subscribe it it. And so on.
I also noted that the book doesn't really discuss much of the
international privacy scene, including issues of law and culture
that complicate our domestic solutions. However, the book is
intended for a U.S. audience, so this is somewhat understandable.
A few other topics -- such as workplace monitoring -- are
similarly given more abbreviated coverage than every reader might
wish. Overall, I recognized few of those.
On the plus side, the book is very readable, with great examples
and anecdotes, and a clear sense of urgency. Although it is
obvious that Simson is not an impartial party on these topics,
he does present many of the conflicting viewpoints to illustrate
the complexity of the issues. For instance, he presents data
on the need for wiretaps and criminal investigation, along with
accounts and descriptions of bioterrorism, including interviews
with FBI officials, to illustrate why there are people of good
faith who want to be able to monitor telephone conversations
and email. If anything, this increases the impact of the book
-- it is not an account of bad people with evil intent, but
a description of what happens when ideas reasonable to a
small group have consequences beyond their imagining -- or
immediate concern. The death of privacy is one of a thousand cuts,
each one small and seemingly made for a good reason.
Simson has committed to adding important information to the WWW
site for the book. Many (or most) of the items I have noted
above will likely be addressed at the WWW site before long.
Simson also has informed me that the publisher will be making
corrections and some additions to future editions of the book
if he deems them important. This is great news for those of us
who will use the book as an classroom text, or if we recommend
the book to policy makers on an on-going basis. Those of us
with older copies will need to keep the URL on our bookmark list.
Overall, I was very pleased with the book. I read it all in
one sitting, on a flight cross-country, and found it an easy
read. I have long been interested in (and involved in) activities
in protection of privacy, so I have seen and read most of the
sources Simson references. Still, learned a number of things
from reading the book that I didn't already know -- Simson has
done a fine job of presenting historical and ancillary context
to his narrative without appearing overly pedantic.
This is a book I intend to recommend to all of my graduate
students and colleagues. I only wish there was some way to
get all of our elected officials to read it, too. I believe
that everyone who values some sense of private life should be
aware of these issues, and this book is a great way to learn
about them. I suggest you go out and buy a copy -- but pay in
cash instead of with a credit card, take mass transit to the
store instead of your personal auto, and don't look directly
into the video cameras behind the checkout counter. Once you
read the book, you'll be glad you did.
____________________________________________________________________
Conference Reports
____________________________________________________________________
____________________________________________________________________
Financial Crypto by Jonathan Bryon
____________________________________________________________________
Fourth International Conference on Financial Cryptography (FC ’00)
Anguilla, British West Indies
February 21-24, 2000
By Jonathan Byron
The Fourth International Conference on Financial Cryptography was held
in Anguilla from February 21 to February 24 under the sponsorship of
the International Financial Cryptography Association. Attendance was
up over previous years, with approximately 140 participants.
The Anguillan people were quite friendly and accommodating. Breakfast
and lunch were served at the InterIsland Hotel; the food was
plentiful and good. Courtesy transportation between the conference
site and nearby hotels ran frequently. Internet links at the conference
were improved compared to previous years; a wireless network system
was available and the public terminals saw heavy use. Although most
of Anguilla runs on ‘island time’ which is only peripherally connected
to the clock, the conference ran very close to schedule. With the
exception of one day of extremely heavy rains and localized flooding,
the weather was pleasant throughout. Participants spent so much
time in the conference and in informal discussions that sunburn was
scarcely evident.
Evening events included an initial reception sponsored by Xcert at
the Sonesta Hotel, a poolside party at the Sonesta on Monday evening
sponsored by Hansa Bank and nCipher, the rump session on Tuesday
evening sponsored by e-gold, a Wednesday party at the Dunes featuring
island food and the music of Banky Banks (sponsored by InterTrust and
Telcordia), and the Villa Party part 2 sponsored by Zeroknowledge.
The Chandeliers Conference Room of the InterIsland Hotel was filled
to capacity throughout the conference. Organizers of FC indicated
that next year’s conference would probably be held somewhere outside
of Anguilla, as the conference had grown beyond the facilities
available on the island. Proposals were tended to hold the conference
in the Cayman Islands, Ireland, and South Africa. These proposals were
discussed by the general membership but the final decision was
deferred to the next IFCA board meeting. It was noted that the plan
adopted prior to the first Financial Cryptography was to alternate
between Anguilla and other locations. Conference facilities are
under construction in Anguilla that will be capable of accommodating
foreseeable growth in the meeting; these should be available for the
2002 meeting.
The tradition of starting the meeting with a speech from the
Anguillan Minister of Finance was broken this year. Anguilla recently
experienced a governmental impasse, and several key people (including
the finance minister) had resigned. New elections were scheduled for
a few days after the FC Conference, and campaigning for the elections
was in evidence across the island.
The first invited speaker was Pam Samuelson (Berkeley, USA), who
suggested ways of moving "Towards a More Sensible Way of Regulating
the Circumvention of Technical Protection Systems." Pam contrasted
the perspective of the cryptography community with the view of the
media, particularly Hollywood. She noted that that decryption
tools are commonly portrayed as ‘burglar tools’ and that framing
the debate in terms of ‘breaking and entering’favored those seeking
to ban reverse engineering and cryptanalysis. She discussed Clinton
administration’s policies on circumventing technical protection
systems and the influence that Hollywood has had on these policies.
The clash between Hollywood and the telecommunications industry was
analyzed, and the fight to balance the interests of the
internet service providers used up much of the political capital
available for intellectual property rights. The World Intellectual
Property Organization (WIPO) and its role in global lawmaking was
examined. Samuelson challenged a common response in the crypto
community to oppose all regulation, or hope that bad laws will be
repealed. Such an outcome is unlikely; a more rational response is
to amend existing laws to so they are more tolerable to the
crypto community.
The second invited speaker was Kevin McCurley (IBM, USA), whose
session was titled "In Search of the Killer App." After addressing
the characteristics of a killer application, he admitted that he
didn’t know what the next essential uninvented technology might be.
Instead, he presented several strategies for saving an existing killer
app, email. Given the low cost of sending unsolicited email and the
large sums of money spent on direct marketing, McCurley predicted that
the average individual will soon be receiving thousands of unwanted
emails each day. Such a large volume of spam would kill email.
Legislative solutions to spam were considered, but considered
limited given the financial incentives to spam, the international
nature of the internet, and the slow response of legislatures to a
fast paced technology. An alternative method of method of saving
email might involve software that would allow delivery of email only
if the email was accompanied by a bond or escrowed digital currency.
This bond would be redeemed only if the receiver felt the email was
unsolicited or a waste of time. Such a system would provide a strong
financial incentive not to send undesired email. This type of
filtering software could include a permission file to allow email
from known parties with out the need for bonds.
Papers and mini-abstracts:
Efficient Trace and Revoke Schemes. Methods were presented for
discouraging users from leaking cryptographic keys, tracing keys
that have been leaked, and to disabling keys that have been leaked.
This scheme is based on secret sharing where revoked keys are broadcast
and used as a secret share by valid users to obtain new keys.
Moni Naor and Benny Pinkas (Weizmann Institute of Science, Israel)
Signing on a Postcard. Efficient signing of short messages is
discussed in relation to postal collection systems. Using a modified
elliptic curve method, the authors propose a 26 byte signature with
security comparable to a 40 byte DSA or 128 byte RSA signature.
David Naccache (Gemplus Card International) and Jacques Stern
(Ecole Normale Superieure)
Efficient Watermark Detection and Collusion Security. The notion of
efficiency is approached using the question "What resources does the
watermark detector need to perform a trace?" A modified version of
the CKLS watermarking algorithm was presented that significantly
reduces tracing time. A relationship between the number of
colluding adversaries and the amount of secret information required
was established. Francis Zane (Lucent Technologies)
Sharing Decryption in the Context of Voting or Lotteries. In many
cryptosystems, knowledge of a single key can convey extreme power.
A variety of systems have been developed to minimize the power of
any one key by requiring that shared keys be used cooperatively.
This paper proposed a distributed implementation of the Paillier
cryptosystem presented at Eurocrypt ’99. Its application to
elections and lottery pools was discussed. Pierre-Alan Foque,
Guillame Poupard and Jacques Stern (Ecole Normale Superieure, France)
Self-Escrowed Cash Against User Blackmailing. Blackmailing is
an activity that might be enabled by of digital cash systems, as
the blackmailer can avoid physical contact for the payoff and
the digital currency lacks serial numbers or other traceable
features. Some systems propose to limit blackmailing by establishing
trusted parties with the ability to revoke anonymity, but such
systems present problems of their own. The scheme presented
involves a passive trustee system in which the blackmailing party
would reveal the required information to trace extorted coins
without revealing any secrets. Birgit Pfitzmann and Ahmad-Reza
Sadeghi (University of Saarland, Germany)
Blind, Auditable Membership Proofs. Audibility is essential to
establishing trust in many systems, including financial ones.
A ‘blind auditable membership proof’ (BAMP) primitive was defined
that allows for both anonymity and public auditability of the
system. A method for efficiently implementing a BAMP that is
resistant to blackmailing and bank robbery attacks was presented.
Tomas Sander (InterTrust, USA), Ammon Ta-Shma (International Computer
Science Institute, USA) and Moti Yung (CertCo, USA)
Private Selective Payment Protocols. Auctions, lotteries, and prize
competitions are all transactions involving private selective
payments. A protocol was presented that is based on two novel methods
of oblivious transfer: ‘symmetrically-private conditional oblivious
transfer’ and ‘selective oblivious transfer.’ Giovanni Di Crescenzo
(Telecordia Technologies, USA)
Postal Revenue in the Digital Age. This paper provided an overview
of the conceptual foundations of existing digital postmark systems.
The authors presented what they believe is an optimal solution for
public-key postage evidencing using an elliptic curve system;
compared to RSA, this method may provide a higher degree of security
using smaller keys. Leon A. Pintsov (Pitney Bowes, USA) and
Scott A. Vanstone (University of Waterloo & Certicom, Canada)
Non-Repudiation in SET: Open Issues. The SET protocol was developed
to provide secure transactions between customers, merchants and
banks. SET digital signatures do not provide enough evidence to
prove certain transactions features, and is especially limited with
respect to non-repudiation. SET is compared to the iKP protocol,
which is better able to deal with issues of repudiation by providing
explicit rules for deriving authorization. Els Van Herreweghen
(IBM Zurich, Switzerland)
Statistics and Secret Leakage. Electrical current flows from
circuits can function as an unlocked backdoor of crypto systems,
allowing secrets to leak out to an attacker. This paper rigorously
defines leakage immunity and provides several leakage tests.
Failure of the tests confirms secret leakage, but successfully
passing the tests does not guarantee that secrets are not being
leaked. Jean-Sebastian Coron (Ecole Normale Superieure, France),
Paul Kocher (Cryptography Research, USA) and David Naccache
(Gemplus Card International, France)
Analysis of Abuse-Free Contract Signing. Optimistic contract
signing protocols involve complexity that may lead to ambiguity
and abuse. Using a finite-state verification tool, the Garay,
Jakobsson and MacKenzie Protocol was analyzed. An attack
involving misconduct by the trusted third party was presented.
A modification to the protocol was proposed to protect against
this attack. The value of finite-state analysis to determine
fairness guarantees, abuse, and corruption was discussed.
Vitaly Shmatikov and John C. Mitchell (Stanford University,USA)
Asymmetric Currency Rounding. The rules for implementing the
Euro currency prohibit charging fees for conversion and specify
the rules for rounding conversions. Combined with computerized
currency trading, this creates a potential for abuse where a very
large number of conversions are made, each resulting in a small
benefit from the rounding rules. This weakness can be
eliminated through an asymmetric system which eliminates prior
knowledge of how any individual transaction will be rounded.
David M’Raihi, David Naccache and Michael Tunstall
(Gemplus Card International, France)
The Encryption Debate in Plaintext: National Security and
Encryption in Israel and the United States. Recent liberalization
of US encryption export policy is compared to policy in Israel.
Although Israel is extremely security-conscious, its policies have
long been less restrictive than those of the US. Strict
regulations may impose an economic cost greater than the
security benefit, and internationalization may further accelerate
deregulation. Barak Jolish (Hancock, Rothert and Bunshoft, USA)
Critical Comments on the European Directive on a Common Framework
for Electronic Signatures and Certification Service Providers.
Electronic signatures and certificates are essential for e-commerce.
The European Directive is an attempt to standardize the legal
systems of EC countries with respect to signatures and certificates.
The existing framework is seriously limited with respect to key
issues such as certificate lifespan and revocation, and
liability. Apollonia Martinez-Nada and J.L. Ferrer-Gomila
(University of Balearic Islands, Spain)
A Response to "Can We Eliminate Certificate Revocation Lists?"
The use of certificate revocation lists (CRLs) to convey the state
of certificates is an important issue in PKI management. This
paper responds to Rivest’s proposal that CRLs are impractical.
An analysis of various scenarios indicates that CRLs are sometimes
the most practical verification method. ‘Revocation on Demand’
was presented as an efficient CRL based method. Patrick McDaniel
(University of Michigan, USA) and Avi Rubin (AT&T Labs, USA)
Self Scrambling Anonymizers. The authors provide a new tool and
a new business based on the provision of scalable anonymity.
Such ‘anonymity providers’ would certify re-encrypted data
regarding the authenticity of the data without knowing the content.
The system is scalable as the user specifies the degree of anonymity
desired, and is charged accordingly. David Pointcheval
(Ecole Normale Superieure, France)
Authentic Attributes with Fine-Grained Anonymity Protection. This
paper proposes a pseudonym registration scheme that permits Globally
Unique Pseudonyms (GUPs). Such a system enables authentication
of user attributes while preserving anonymity and is resistant
to pseudonym profiling. The system allows for partial or
complete revocation of multi-group certificates held by an
individual. Stuart G. Stubblebine (CertCo, USA) and
Paul F. Syverson (Naval Research Labs, USA)
Resource Efficient Anonymous Group Identification. The Homage
system was presented as a way to anonymously verify that a
person is a member of a group; not even the group that issues
membership can determine the identify of the person. The
computational intensity is not a function of the number of members.
The method is based on the assumption that the Diffie-Hellman
decision problem is hard. Although the impossibility of forgery
is not proved, it is suggested. Ben Handley (New Zealand)
Secret Key Authentication with Software-Only Verification. Two
authentication protocols use a symmetric cipher applied
asymmetrically; the result is a software based system that does
not require storage of any secret information. The protocols
are particularly suited to smart card applications.
Jaap-Henk Hoepman (University of Twente, Netherlands)
Financial Cryptography in 7 Layers. A model was presented to
conceptualize the discipline of financial cryptography. The
proposed layers include 1) cryptography, 2) Software Engineering,
3) Rights, 4) Accounting, 5) Governance, 6) Value, and
7) Finance. The model allows for the delineation of areas of
expertise and a common vocabulary for coordinating projects.
The model has a number of limitations, and is not a design
methodology. Ian Grigg (Systemics)
Capability-Based Financial Instruments. The idea of
'cryptographic capabilities’ is introduced as a method for
standardizing design of e-commerce systems. Cryptographic
capabilities are compared to the object-oriented approach that
allows high-level modular design. Mark S. Miller (Erights.org),
Bill Franz and Chip Morningstar (Communities.com, USA)
Panel Discussion I Payment Systems: The Next Generation.
Focus on business issues relating to second generation electronic
payment systems. Identification of markets, assessing technology,
forecasting future trends.
Moderated by Moti Yung (CertCo, USA)
Shannon Byrne (Paradata, Canada)
Greg Napiorkowski (Mondex, International)
Max Levechin (Confinity, USA)
David Farago (Ecash, USA)
Charles Evans (e-gold, USA)
Panel Discussion II Public Key Infrastructure: PKIX, Signed XML,
or Something Else? The 1999 IETF proposed standard for public key
infrastructure has been criticized on a number of levels. The
proposed standards are somewhat ambiguous and do not prohibit
application specific features. PKIX software from different
sources interoperates on a basic level, but many functions are
not fully interoperable. The 1999 document places an emphasis
on certificates and has little to say on public/private key pairs.
Extensible Markup Language (XML) offers an alternative for
building a PKI that is flexible and more interoperable.
Moderated by Barb Fox and Brian LaMacchia (Microsoft)
Carl Ellison (Intel Architecture Labs)
Caelen King (Baltimore Technologies)
Patrick Richard (Xcert)
Ron Rivest (MIT LCS)
Vince Cate’s term as an IFCA Director expired and he declined to
run for re-election. In the election to fill that spot, Barb Fox
was elected.
Vince Cate gave a presentation immediately after the conference
on the several strategies for improving Anguilla’s internet
connectivity. Various satellite, line of sight, and cable
alternatives are under consideration. A number of Anguillan
residents involved in FC planned on approaching the new
government with a plan to increase bandwidth and stimulate
business following the March elections.
Corporate Sponsors of FC 2000 include: e-gold, InterTrust Star Lab,
Hushmail, Telcordia Technologies, Zeroknowledge, Ncipher, Xcert,
Hansa.net Global Commerce, Offshore Information Services, and CertCo.
====================================================================
Staying in Touch
====================================================================
____________________________________________________________________
Information for Subscribers and Contributors
____________________________________________________________________
SUBSCRIPTIONS:
Two options:
1. To receive the full ascii CIPHER issues as e-mail, send e-mail to
(which is NOT automated) with subject line "subscribe".
2. To receive a short e-mail note announcing when a new issue of
CIPHER is available for Web browsing send e-mail to
(which is NOT automated) with subject line "subscribe postcard".
To remove yourself from the subscription list, send e-mail to
cipher@issl.iastate.edu with subject line "unsubscribe".
Those with access to hypertext browsers may prefer to read Cipher
that way. It can be found at URL www.issl.org/cipher.html
CONTRIBUTIONS:
to cipher@issl.iastate.edu are invited. Cipher is a NEWSletter,
not a bulletin board or forum. It has a fixed set of departments,
defined by the Table of Contents. Please indicate in the
subject line for which department your contribution is intended. For
Calendar entries, please include a URL and/or e-mail address for the
point-of-contact. For Calls for Papers, please submit a one paragraph
summary. See this and past issues for examples. ALL CONTRIBUTIONS
CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. All reuses
of Cipher material should respect stated copyright notices, and should
cite the sources explicitly; as a courtesy, publications using Cipher
material should obtain permission from the contributors.
____________________________________________________________________
Recent Address Changes
____________________________________________________________________
Address changes from past issues of Cipher are archived at
www.ieee-security.org/Cipher/AddressChanges.html
Entered March 20, 2000:
Heather Hinton,
IBM Tivoli Security Business Unit
9020 Captial of Texas Hwy N. Great Hills Corporate Center
Building 1, Suite 270
Austin, TX 78759 USA
e-mail: hhinton@tivoli.com
Telephone: +1:(512)458-4037x5023
Fax: +1(512)458-2377
Entered January 21, 2000:
Jeremy Epstein
Principal Security Architect
webMethods, Inc.
3877 Fairfax Ridge Road, 4th Floor
Fairfax, Virginia 22030
Tel: 703.460.2500
Fax: 703.460.2599
Email: jepstein@acm.org
James W. Gray, III
Director of Product Management, Confinity Inc.
jim@confinity.com
165 University Ave.
Palo Alto, CA 94301
Anish Mathuria
Department of Computer and Information Science
University of Massachusetts Dartmouth
285 Old Westport Road
North Dartmouth, MA 02747-2300
USA
E-mail: amathuria@umassd.edu
Phone: +1-508-999 6987
Fax: +1-508-999 9144
Peter Ryan
SRI International
Cambridge Computer Science Research Centre
23 Millers Yard
Mill Lane
Cambridge CB2 1RQ
UK
Tel +44 1223 518236
Fax +44 1223 517417
e-mail: ryan@cam.sri.com
Pantelimon Stanica
Auburn University Montgomery
Department of Mathematics
Montgomery, AL 36117
stanpan@strudel.aum.edu
Gene Tsudik
Information and Computer Science Dept.
University of California, Irvine Irvine, CA 92697-3425
USA
gts@ics.uci.edu
Ron Watro
Senior Scientist, Information Security
BBNT/GTE
Mail Code 11/2c
70 Fawcett St
Cambridge MA 02138
rwatro@bbn.com
====================================================================
Interesting Links
====================================================================
New link: Information about the UK's Domain Based Security work
www.dera.gov.uk/html/news/reports/dba/index.htm
Interesting links from previous issues of Cipher are archived at
www.issl.org/Cipher/InterestingLinks.hml
====================================================================
Reports Available via FTP and WWW
====================================================================
Nothing new...."Reports Available" links from previous issues of
Cipher are archived at www.issl.org/Cipher/NewReports.html
====================================================================
Reader's Guide to Current Technical Literature in Security and
Privacy, by Anish Mathuria
====================================================================
The Reader's Guide from Past issues of Cipher is archived at
www.issl.org/Cipher/ReadersGuide.html
New Entries:
___________________________________________________________________
ACSAC'99, 15th Annual Computer Security Applications
Conference, December 6 - 10, 1999, Phoenix, Arizona, USA:
___________________________________________________________________
"Modular Fair Exchange Protocols for Electronic Commerce"
H. Vogt, H. Pagnia and F. C. Gdrtner
"Trustworthy Access Control with Untrustworthy Web Servers"
T. Wilkinson, D. Hearn and S. Wiseman
"A Language for Modeling Secure Business Transactions"
A. Rvhm, G. Herrmann and G. Pernul
"Safe Areas of Computation for Secure Computing with Insecure
Applications" A. Santos and R. Kemmerer
"Architecture and Concepts of the ARGuE Guard"
J. Epstein
"Using Abuse Case Models for Security Requirements Analysis"
J. McDermott and C. Fox
"A Parallel Packet Screen for High Speed Networks"
C. Benecke
"An Asynchronous Distributed Access Control Architecture for IP
over ATM Networks"
O. Paul, M. Laurent, and S. Gombault
"Secure Communications in ATM Networks"
M. Laurent, A. Bouabdallah, C. Delahaye, H. Leitold,
R. Posch, E. Areizaga, and J.M. Mateos
"Using Checkable Types in Automatic Protocol Analysis"
S.H. Brackin
"SCR: A Practical Approach to Building a High Assurance
COMSEC System"
J. Kirby, M. Archer and C. Heitmeyer
"Application-Level Isolation Using Data Inconsistency Detection"
A. Fayad, S. Jajodia and C. McCollum
"A Prototype Secure Workflow Server"
D. Long, J. Baker and F. Fung
"Napoleon: A Recipe for Workflow"
C. Payne, D. Thomsen, J. Bogle and R. O'Brien
"Tools to Support Secure Enterprise Computing"
M. Kang, B. Eppinger and J. Froscher
"An Effective Defense Against First Party Attacks in Public-Key
Algorithms"
S. Matyas and A. Roginsky
"Towards a Practical, Secure, and Very Large Scale Online
Election"
J. Karro and J. Wang
"Design of LAN-Lock, A System for Securing Wireless Networks"
R. Newman, M. Hoyt, T. Swanson, P. Broccard, M. Sanders
and J. Winner
"Toward a Taxonomy and Costing Method for Security Services"
C. Irvine and T. Levin
"TrustedBox: A Kernel-Level Integrity Checker"
P. Iglio
"Adding Availability to Log Services of Untrusted Machines"
A. Arona, D. Bruschi and E. Rosti
"Policy-Based Management: Bridging the Gap"
S. Hinrichs
"Security Policy Coordination for Heterogeneous Information
Systems"
J. Hale, P. Galiasso, M. Papa and S. Shenoi
"The ARBAC99 Model for Administration of Roles"
R. Sandhu and Q. Munawer
"A Distributed Certificate Management System (DCMS)
Supporting Group-Based Access Controls"
R. Oppliger, A. Greulich and P. Trachsel
"Fast Checking of Individual Certificate Revocatiqn on
Small Systems"
S. Russell
"A Model of Certificate Revocation"
D.A. Cooper
"Generic Support for PKIX Certificate Management in CDSA"
S. Erfani and S. Chandersekaran
"Efficient Certificate Status Handling Within PKIs: An
Application to Public Administration Services"
M. Prandini
"User Authentication and Authorization in the Java(tm)
Platform"
C. Lai, L. Gong, L. Koved, A. Nadalin and R. Schemers
"Transactions in Java Card"
M. Oestreicher
"A Middleware Approach to Asynchronous and Backward Compatible
Detection and Prevention of ARP Cache Poisoning"
M.V. Tripunitara and P. Dutta
"A Resource Access Decision Service for CORBA-Based
Distributed Systems"
K. Beznosov, Y. Deng, B. Blakley, C. Burt and J. Barkley
"Non-repudiation Evidence Generation for CORBA using XML"
M. Wichert, D. Ingham and S. Caughey
"Security Relevancy Analysis on the Registry of Windows NT 4.0"
W. Du, P. Garg and A.P. Mathur
"Security Architecture Development and Results for a
Distributed Modeling and Simulation System"
R.B. Neely
"SecurSight: An Architecture for Secure Information Access"
J.G. Brainard
"SAM: Security Adaptation Manager "
H. Hinton, C. Cowan, L. Delcambre and S. Bowers
"An Application of Machine Learning to Network Intrusion Detection"
C. Sinclair, L. Pierce and S. Matzner
"A Process State-Transition Analysis and Its Application to
Intrusion Detection"
N. Nuansri, S. Singh and T.S. Dillon
___________________________________________________________________
The Seventh IEEE Workshop on Future Trends of Distributed
Computing Systems, December 20, 1999, Tunisia, South Africa
___________________________________________________________________
[Security-related papers only]
"Security Issues in Mobile Agent Technology"
A. Corradi, R. Montanari and C. Stefanelli
"Ephemeral Java Source Code"
S. Eisenbach and C. Sadler
"Secure Internet Based Virtual Trading Communities"
N. Weiler and B. Plattner
"Protecting Competitive Negotiation of Mobile Agents"
H. Vogler, A. Spriestersbach and M-L. Moschgath
"Incremental Security in Open, Untrusted Networks"
A. Hutchison and M. Welz
"Supporting Real World Security Models in Java"
I. Welch and R. Stroud
___________________________________________________________________
POPL'00, 27th ACM Symposium on Principles of Programming Languages,
Boston, Massachusetts, USA:
___________________________________________________________________
[Security-related papers only]
"Resource Bound Certification"
K. Crary and S. Weirich
"A Semantic Model for Types and Machine Instruction for
Proof-Carrying Code"
A. Appel and A. Felty
"A Type System for Expressive Security Policies"
D. Walker
"Verifying Secrets and Relative Secrecy"
D. Volpano and G. Smith
"Authentication primitives and their compilation"
M. Abadi, C. Fournet and G. Gonthier
"Generalized Certificate Revocation"
C. Gunter and T. Jim
___________________________________________________________________
IEEE INFOCOM 2000, March 26-31, Tel Aviv, Israel:
___________________________________________________________________
[Security-related papers only]
"Transport and Application Protocol Scrubbing"
R. Malan, D. Watson, F. Jahanian and P. Howell
"MarketNet: Market-Based Protection of Network Systems and
Services - An Application to SNMP Protection"
A. Dailianas, Y. Yemini, D. Florissi, and H. Huang
"Certified Electronic Mail Protocol Resistant to a Minority of
Malicious Third Parties"
M. Puigserver, J. Gomila, and L. Rotger
"Windowed Certificate Revocation"
P. McDaniel and S. Jamin
___________________________________________________________________
TACAS'2000, Sixth International Conference on Tools and Algorithms
for the Construction and Analysis of Systems,
March 27-April 1, 2000, Berlin, Germany:
___________________________________________________________________
[Security-related papers only]
"Partial order reductions for security protocol verification"
E. Clarke, S. Jha, and W. Marrero
"Model checking security protocols using a logic of belief"
M. Benerecetti and F. Giunchiglia
___________________________________________________________________
7th IEEE International Conference and Workshop on the
Engineering of Computer Based Systems, April 3-7, 2000,
Scotland, United Kingdom:
___________________________________________________________________
[Security-related paper only]
"Software Agents and Computer Network Security"
J. Pikoulas, M. Mannion and W. Buchanan
====================================================================
Listing of Academic (Teaching and Research) Positions in Computer
Security maintained by Cynthia Irvine (irvine@cs.nps.navy.mil) Reports Available via FTP and WWW
====================================================================
Last modified: 27 January 2000
Department of Computer Science, Dartmouth College, Hanover, NH
Tenure Track Positions. Areas of interest: all fields of computer
systems. Areas of particular interest: Computer security, or anything
that can contribute to the new Institute for Security Studies at
Dartmouth. Applications will be processed as they arrive, with
interviews expected in March or April 2000.
www.cs.dartmouth.edu/job.html
Department of Computer Science, Purdue University, West Lafayette, IN
Emphasis on Assistant Professor Positions, but more senior applicants
will be considered. Areas of particular interest: Computer security,
and INFOSEC. Positions beginning August 2000.
www.cs.purdue.edu/positions.html
Department of Computer Science, Renesselaer Polytechnic Institute,
Troy, NY Tenure Track, Teaching, and Visiting Positions. Areas of
particular interest: Computer security, networking, parallel and
distributed computing and theory. Positions beginning Fall 2000.
www.cs.rpi.edu/faculty-opening.html
Swiss Federal Institute of Technology, Lausanne (EPFL),
Switzerland/Eurecom/Telecom Paris.General Director. Areas of
particular interest: Education and research in telecommunications.
Applications begin immediately. admwww.epfl.ch/pres/dir_eurecom.html
Department of Computer Science, Naval Postgraduate School,
Monterey, CA Junior and Senior Tenure Track Positions in
Professorship, Areas of particular interest: Computer Security,
but applicants from all areas of Computer Science will be
considered. Applications begin immediately and are open until
filled. www.cs.nps.navy.mil/people/faculty/chairman.html
Department of Computer Science, Florida State University,
Tallahassee, FL Tenure-track positions at all ranks. Several
positions available. (1/00) Areas of particular interest:
Trusted Systems, security, cryptography, software engineering,
provability and verification, real-time and software
engineering, provability and verifications, real-time and
safety-critical systems, system software, databases, fault
tolerance, and computational/simulation-based design.
www.cs.fsu.edu/positions/
Naval Postgraduate School Center for INFOSEC Studies and Research,
Monterey, CA, Visiting Professor (Assistant, Associate, or
Full Professor levels) (9/98) Areas of particular interest:
Computer and information systems security.
cisr.nps.navy.mil/jobs/npscisr_prof_ad.html
--------------------------------------------------------------
This job listing is maintained as a service to the academic
community. If you have an academic position in computer security
and would like to have in it included on this page, send the
following information :
Institution,
City, State,
Position title,
date position announcement closes, and
URL of position description
to: irvine@cs.nps.navy.mil
====================================================================
Information on the Technical Committee on Security and Privacy
====================================================================
______________________________________________________________________
How to become <> a member of the
IEEE Computer Society's TC on Security and Privacy
________________________________________________________________________
You do NOT have to join either IEEE or the IEEE Computer Society to
join the TC, and there is no cost to join the TC. All you need to
do is fill out an application form and mail or fax it to the
IEEE Computer Society. A copy of the form is included below (to
simplify things, only the TC on Security and Privacy is included, and
is marked for you). Members of the IEEE Computer Society may join the
TC via an https link. The full and complete form is available on the
IEEE Computer Society's Web Server by following the application form
hyperlink at the URL: computer.org/tcsignup/
IF YOU USE THE FORM BELOW, PLEASE NOTE THAT THE IT IS TO BE RETURNED
(BY MAIL OR FAX) TO THE IEEE COMPUTER SOCIETY, >>NOT<< TO CIPHER.
---------
IEEE Computer Society
Technical Committee Membership Application
-----------------------------------------------------------
Please print clearly or type.
-----------------------------------------------------------
Last Name First Name Middle Initial
___________________________________________________________
Company/Organization
___________________________________________________________
Office Street Address (Please use street addresses over P.O.)
___________________________________________________________
City State
___________________________________________________________
Country Postal Code
___________________________________________________________
Office Phone Fax
___________________________________________________________
Email Address (Internet accessible)
___________________________________________________________
Home Address (optional)
___________________________________________________________
Home Phone
___________________________________________________________
[ ] I am a member of the Computer Society
IMPORTANT: IEEE Member/Affiliate/Computer Society Number:
____________________
[ ] I am not a member of the Computer Society*
Please Note: In some TCs only current Computer Society members are
eligible to receive Technical Committee newsletters.
Please select up to four Technical Committees/Technical Councils of
interest.
TECHNICAL COMMITTEES
[ X ] T27 Security and Privacy
Please Return Form To:
IEEE Computer Society
1730 Massachusetts Ave, NW
Washington, DC 20036-1992
Phone: (202) 371-0101
FAX: (202) 728-9614
________________________________________________________________________
TC Publications for Sale
________________________________________________________________________
1. Proceedings of the IEEE CS Symposium on Security and Privacy
The Technical Committee on Security and Privacy has copies of its
publications available for sale directly to you.
Proceedings of the
IEEE Symposium on Security and Privacy
--------------------------------------
1999 $25.00
1998 $20.00
(Sorry, the TCSP has sold out of the 20 year CD. It may be
available from the Computer Society. Check the URL below.)
For domestic shipping and handling, add $3.00.
For overseas delivery:
-- by surface mail, please add $5 per order (3 volumes or fewer)
-- by air mail, please add $10 per volume
If you would like to place an order, please specify
* how many issues you would like, and
* where to send them, and
* the shipping method (air or surface) for overseas orders.
For mail orders, please send a check in US dollars, payable to the
IEEE Symposium on Security and Privacy to:
Brian J. Loe
Treasurer, IEEE TC on Security and Privacy
Secure Computing Corp.
2675 Long Lake Rd.
Roseville, MN 55113
U S A
For electronic orders, in addition to the information above, please
send the following credit card information to loe@securecomputing.com:
- the name of the cardholder,
- type of card (VISA, Mastercard, American Express, and Diner's
Club are accepted)
- credit card number, and
- the expiration date.
You may use the following PGP public key to encrypt any information
that you're not comfortable sending as cleartext.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 4.0 Business Edition
mQCNAy+T6TkAAAEEAN/fnVu7VCPtcmBQhXFhJbejSoZJkEmWNUYvx13yRwl/gyir
61ae+GUjgWjWs9O06C6dugRGrjFZpBhMosu7sgGJMz54hvKbBNrYBSHpH0yex6e/
+c2mzbCbh40naARgPAaAki2rCkV2ryETj2Z6w98/k5fMgOZDnEy6WVOs56vlAAUR
tBtCcmlhbiBKLiBMb2UgPGxvZUBzY3RjLmNvbT6JAHUDBRAvlQ8qNU4dUKmt/G0B
Aba2AwCu48Oq1DPElV16DNQb7SvQAwQPGYYM3zg9RT0AyFeXajBHb9O2GkOmai8y
ryJt4t3Q8aQ2BckWUsck29TT2M/U7hOrC+hJPMbziqbw5juR906pjs9OzPSR5Pta
AW66CUqJAJUDBRAvlQ56enbk/HH5npkBAfkwA/9zVKeAJh/X4qzUzYJt/w9Hi3mF
AAzm0YUcDwnNLkv/c1k3Kg0APh+BGbrbGvy2sVa1PgFKZluheCqSVO/BtApaf3QS
ygoS118k20mzBU2QsX9KMvJ6z8nocSCWU9RopUirk8zwAisqwAq8dmgNwNsMfxDK
mdCx3FiE46FrSnEKlokAlQMFEC+UKJdMullTrOer5QEB2aID/16rqeJkcfKRH/bs
/1yGSqFgu6r8TUKKsD5pg/vc51t9d5X6/APGv1nO/aJOtr8NQ3InNTsl6VZEWWi/
6TvKI7o+vuNtZ6qazRZixBXfSMh6UGzrDfgDgILVue4fG3qArF3rcRkKqFWxlX4Y
3ekZ8vYJAFyatphhFvhDX6BKhywAtCVCcmlhbiBKLiBMb2UgPGJyaWFuLmxvZUBj
b21wdXRlci5vcmc+tCZCcmlhbiBKLiBMb2UgPGxvZUBzZWN1cmVjb21wdXRpbmcu
Y29tPg==
=jEJA
-----END PGP PUBLIC KEY BLOCK-----
You may also order some back issues from IEEE CS Press at
http://www.computer.org/cspress/catalog/proc9.htm.
2. Proceedings of the IEEE CS Computer Security Foundations Workshop
(CSFW 1, 5 through 12)
The most recent Computer Security Foundation Workshop (CSFW12) took
place the 28th through 30th of June in Mordano, Italy. Topics
included formal specification of security protocols, protocol
engineering, distributed systems, information flow, and security
policies.
Copies of the proceedings are available from the publications chair
for $25. Copies of earlier proceedings starting
with year 5 are available at $10. Photocopy versions of year 1 are
also $10.
Checks payable to "Joshua Guttman for CSFW" may be sent to:
Joshua Guttman, MS A150
The MITRE Corporation
202 Burlington Rd.
Bedford, MA 01730-1420 USA
guttman@mitre.org
________________________________________________________________________
TC Officer Roster
________________________________________________________________________
Chair: Past Chair:
Thomas A. Berson Charles P. Pfleeger
Anagram Laboratories Arca Systems, Inc.
P.O. Box 791 8229 Boone Blvd, Suite 750
Palo Alto, CA 94301 Vienna VA 22182-2623
(650) 324-0100 (voice) (703) 734-5611 (voice)
berson@anagram.com (703) 790-0385 (fax)
c.pfleeger@computer.org
Vice Chair: Chair, Subcommittee on Academic Affairs:
Michael Reiter Prof. Cynthia Irvine
Bell Laboratories U.S. Naval Postgraduate School
600 Mountain Ave., Room 2A-342 Computer Science Department
Murray Hill, NJ 07974 USA Code CS/IC
Monterey CA 93943-5118
(908) 582-4328 (voice) (408) 656-2461 (voice)
(908) 582-1239 (fax) irvine@cs.nps.navy.mil
reiter@research.bell-labs.com
Newsletter Editor:
Jim Davis
Department of Electrical and Computer Engineering
2413 Coover Hall
Iowa State University
Ames, Iowa 50011
(515) 294-0659 (voice)
davis@iastate.edu
Chair, Subcommittee on Standards: Chair, Subcomm. on Security Conferences:
David Aucsmith Jonathan Millen
Intel Corporation SRI International EL233
JF2-74 Computer Science Laboratory
2111 N.E. 25th Ave 333 Ravenswood Ave.
Hillsboro OR 97124 Menlo Park, CA 94025
(503) 264-5562 (voice) (650) 859-2358 (voice)
(503) 264-6225 (fax) (650) 859-2844 (fax)
awk@ibeam.intel.com millen@csl.sri.com
BACK ISSUES:
There is an archive that includes each copy distributed so far,
in ascii, in files you can download at URL www.issl.org/cipher.html
========end of Electronic Cipher Issue #36, April 7, 2000============