Security properties analysis in a TPM-based protocol

Security protocols are designed in order to provide security properties (goals). They achieve their goals using cryptographic primitives such as key agreement or hash functions. Security analysis tools are used in order to verify whether a security protocol achieves its goals or not. The analysed property by specific purpose tools are predefined properties such as secrecy (confidentiality), authentication or non-repudiation. There are security goals that are defined by the user in systems with security requirements. Analysis of these properties is possible with general purpose analysis tools such as coloured petri nets (CPN). This research analyses two security properties that are defined in a protocol that is based on trusted platform module (TPM). The analysed protocol is proposed by Delaune to use TPM capabilities and secrets in order to open only one secret from two submitted secrets to a recipient

Formal analysis of card-based payment systems in mobile devices

To provide card holder authentication while they are conducting an electronic transaction using mobile devices, VISA and MasterCard independently proposed two electronic payment protocols: Visa 3D Secure and MasterCard Secure Code. The protocols use pre-registered passwords to provide card holder authentication and Secure Socket Layer/ Transport Layer Security (SSL/TLS) for data confidentiality over wired networks and Wireless Transport Layer Security (WTLS) between a wireless device and a Wireless Application Protocol (WAP) gateway. The paper presents our analysis of security properties in the proposed protocols using formal method tools: Casper and FDR2. We also highlight issues concerning payment security in the proposed protocols.

Efficient extension of standard Schnorr/RSA signatures into Universal Designated-Verifier Signatures

Universal Designated-Verifier Signature (UDVS) schemes are digital signature schemes with additional functionality which allows any holder of a signature to designate the signature to any desired designated-verifier such that the designated-verifier can verify that the message was signed by the signer, but is unable to convince anyone else of this fact. Since UDVS schemes reduce to standard signatures when no verifier designation is performed, it is natural to ask how to extend the classical Schnorr or RSA signature schemes into UDVS schemes, so that the existing key generation and signing implementation infrastructure for these schemes can be used without modification. We show how this can be efficiently achieved, and provide proofs of security for our schemes in the random oracle model.

Security and Privacy in Vehicular Ad-Hoc Networks : Survey and the Road Ahead

Vehicular Ad-hoc Networks (VANETs) can make roads safer, cleaner, and smarter. It can offer a wide range of services, which can be safety and non-safety related. Many safety-related VANETs applications are real-time and mission critical, which would require strict guarantee of security and reliability. Even non-safety related multimedia applications, which will play an important role in the future, will require security support. Lack of such security and privacy in VANETs is one of the key hindrances to the wide spread implementations of it. An insecure and unreliable VANET can be more dangerous than the system without VANET support. So it is essential to make sure that “life-critical safety” information is secure enough to rely on. Securing the VANETs along with appropriate protection of the privacy drivers or vehicle owners is a very challenging task. In this work we summarize the attacks, corresponding security requirements and challenges in VANETs. We also present the most popular generic security policies which are based on prevention as well detection methods. Many VANETs applications require system-wide security support rather than individual layer from the VANETs’ protocol stack. In this work we will review the existing works in the perspective of holistic approach of security. Finally, we will provide some possible future directions to achieve system-wide security as well as privacy-friendly security in VANETs.

Security in wireless sensor networks : issues and challenges

Wireless Sensor Networks (WSNs) are employed in numerous applications in different areas including military, ecology, and health; for example, to control of important information like the personnel position in a building, as a result, WSNs need security. However, several restrictions such as low capability of computation, small memory, limited resources of energy, and the unreliable channels employ communication in using WSNs can cause difficulty in use of security and protection in WSNs. It is very essential to save WSNs from malevolent attacks in unfriendly situations. Such networks require security plan due to various limitations of resources and the prominent characteristics of a wireless sensor network which is a considerable challenge. This article is an extensive review about problems of WSNs security, which examined recently by researchers and a better understanding of future directions for WSN security.

Low probability differentials and the cryptanalysis of full-round CLEFIA-128

So far, low probability differentials for the key schedule of block ciphers have been used as a straightforward proof of security against related-key differential analysis. To achieve resistance, it is believed that for cipher with k-bit key it suffices the upper bound on the probability to be 2− k . Surprisingly, we show that this reasonable assumption is incorrect, and the probability should be (much) lower than 2− k . Our counter example is a related-key differential analysis of the well established block cipher CLEFIA-128. We show that although the key schedule of CLEFIA-128 prevents differentials with a probability higher than 2− 128, the linear part of the key schedule that produces the round keys, and the Feistel structure of the cipher, allow to exploit particularly chosen differentials with a probability as low as 2− 128. CLEFIA-128 has 214 such differentials, which translate to 214 pairs of weak keys. The probability of each differential is too low, but the weak keys have a special structure which allows with a divide-and-conquer approach to gain an advantage of 27 over generic analysis. We exploit the advantage and give a membership test for the weak-key class and provide analysis of the hashing modes. The proposed analysis has been tested with computer experiments on small-scale variants of CLEFIA-128. Our results do not threaten the practical use of CLEFIA.

The Value of Financial Planning Advice: Process and Outcome Effects on Consumer Well-being [Time 1 and 2 Survey Summary Results]

While anecdotal evidence indicates financial advice affects consumers’ financial well-being, this research project is motivated by the absence of empirically-grounded research relating to the extent to which, and, importantly, how, financial planning advice contributes to broader client well-being. Accordingly, the aim of this project is to establish how the quality of financial planning advice can be optimised to add value, not only to clients’ financial situation, but also to broader aspects of their well-being. This broader construct of well-being captures a range of process and outcome factors that map to concepts of security, control, choice, mastery, and life satisfaction (Irving, 2012; Gallery, Gallery, Irving & Newton, 2011; Irving, Gallery, and Gallery, 2009). Financial planning is commonly purported to confer not only tangible benefits, but also intangible benefits, such as increased security and peace of mind that are considered as important, if not more important, than material outcomes. Such claims are intuitively appealing; however, little empirical evidence exists for the notion that engaging with a financial planner or adviser promotes peace of mind, feelings of security, and expands choices and possibilities. Nor is there evidence signalling what mechanisms might underpin such client benefits. In addressing this issue, we examine the financial planning advice (including financial product advice) provided to retail clients, and consider the short- and longer-term impacts on clients’ financial satisfaction and broader well-being. To this end, we examine both process (e.g., how financial planning advice is given) and outcome (e.g., financial situation) effects.

On the leakage resilience of secure channel establishment

Secure communication channels are typically constructed from an authenticated key exchange (AKE) protocol, which authenticates the communicating parties and establishes shared secret keys, and a secure data transmission layer, which uses the secret keys to encrypt data. We address the partial leakage of communicating parties' long-term secret keys due to various side-channel attacks, and the partial leakage of plaintext due to data compression. Both issues can negatively affect the security of channel establishment and data transmission. In this work, we advance the modelling of security for AKE protocols by considering more granular partial leakage of parties' long-term secrets. We present generic and concrete constructions of two-pass leakage-resilient key exchange protocols that are secure in the proposed security models. We also examine two techniques--heuristic separation of secrets and fixed-dictionary compression--for enabling compression while protecting high-value secrets.

Mathematical Aspects of Financial Markets with Frictions

Frictions are factors that hinder trading of securities in financial markets. Typical frictions include limited market depth, transaction costs, lack of infinite divisibility of securities, and taxes. Conventional models used in mathematical finance often gloss over these issues, which affect almost all financial markets, by arguing that the impact of frictions is negligible and, consequently, the frictionless models are valid approximations. This dissertation consists of three research papers, which are related to the study of the validity of such approximations in two distinct modeling problems. Models of price dynamics that are based on diffusion processes, i.e., continuous strong Markov processes, are widely used in the frictionless scenario. The first paper establishes that diffusion models can indeed be understood as approximations of price dynamics in markets with frictions. This is achieved by introducing an agent-based model of a financial market where finitely many agents trade a financial security, the price of which evolves according to price impacts generated by trades. It is shown that, if the number of agents is large, then under certain assumptions the price process of security, which is a pure-jump process, can be approximated by a one-dimensional diffusion process. In a slightly extended model, in which agents may exhibit herd behavior, the approximating diffusion model turns out to be a stochastic volatility model. Finally, it is shown that when agents' tendency to herd is strong, logarithmic returns in the approximating stochastic volatility model are heavy-tailed. The remaining papers are related to no-arbitrage criteria and superhedging in continuous-time option pricing models under small-transaction-cost asymptotics. Guasoni, Rásonyi, and Schachermayer have recently shown that, in such a setting, any financial security admits no arbitrage opportunities and there exist no feasible superhedging strategies for European call and put options written on it, as long as its price process is continuous and has the so-called conditional full support (CFS) property. Motivated by this result, CFS is established for certain stochastic integrals and a subclass of Brownian semistationary processes in the two papers. As a consequence, a wide range of possibly non-Markovian local and stochastic volatility models have the CFS property.

Educating to secure the national interest

In this paper I examine how one political actor–former Prime Minister Kevin Rudd–proposes to use education for the purpose of securing national productivity and foreign policy. I work with Foucault’s suggestion that the apparatus of security is the essential technical instrument of governmentality and that the production of milieu, made up of human, spatial, temporal and cultural objects, and the government of risk are key strategies in the bio-politicisation of security. The discourse analysis also draws on Bacchi to problematise statements that (a) represent both the nation and regional neighbours as governable milieu within the ambit of a whole of government approach, and (b) locate literacy and education as both risk and solution in a security apparatus. My examination of the emergence of literacy and education as security technologies, takes account of the discursive effects of Rudd’s representation of the spaces and scale of national, geopolitical and global policy problems. I argue that in these examples of policy texts, education is used as a discursive tool to secure education workers and youth as subjects of economic interest and sovereign rule.

Sovereignty, surveillance and speeding: Considering the Panopticon as a method of policing

This paper argues that the Panopticon is an accurate model for and illustration of policing and security methods in the modern society. Initially, I overview the theoretical concept of the Panopticon as a structure of perceived universal surveillance which facilitates automatic obedience in its subjects as identified by the theorists Jeremy Bentham and Michel Foucault. The paper subsequently moves to identify how the Panopticon, despite being a theoretical construct, is nevertheless instantiated to an extent through the prevalence of security cameras as a means of sovereignly regulating human conduct; speeding is an ordinary example. It could even be contended that increasing surveillance according to the model of the Panopticon would reduce the frequency of offences. However, in the final analysis the paper considers that even if adopting an approach based on the Panopticon is a more effective method of policing, it is not necessarily a more desirable one.

Random security scheme selection for mobile transactions

Security in a mobile communication environment is always a matter for concern, even after deploying many security techniques at device, network, and application levels. The end-to-end security for mobile applications can be made robust by developing dynamic schemes at application level which makes use of the existing security techniques varying in terms of space, time, and attacks complexities. In this paper we present a security techniques selection scheme for mobile transactions, called the Transactions-Based Security Scheme (TBSS). The TBSS uses intelligence to study, and analyzes the security implications of transactions under execution based on certain criterion such as user behaviors, transaction sensitivity levels, and credibility factors computed over the previous transactions by the users, network vulnerability, and device characteristics. The TBSS identifies a suitable level of security techniques from the repository, which consists of symmetric, and asymmetric types of security algorithms arranged in three complexity levels, covering various encryption/decryption techniques, digital signature schemes, andhashing techniques. From this identified level, one of the techniques is deployed randomly. The results shows that, there is a considerable reduction in security cost compared to static schemes, which employ pre-fixed security techniques to secure the transactions data.

Revocation and update of trust in autonomous delay tolerant networks

A Delay Tolerant Network (DTN) is a dynamic, fragmented, and ephemeral network formed by a large number of highly mobile nodes. DTNs are ephemeral networks with highly mobile autonomous nodes. This requires distributed and self-organised approaches to trust management. Revocation and replacement of security credentials under adversarial influence by preserving the trust on the entity is still an open problem. Existing methods are mostly limited to detection and removal of malicious nodes. This paper makes use of the mobility property to provide a distributed, self-organising, and scalable revocation and replacement scheme. The proposed scheme effectively utilises the Leverage of Common Friends (LCF) trust system concepts to revoke compromised security credentials, replace them with new ones, whilst preserving the trust on them. The level of achieved entity confidence is thereby preserved. Security and performance of the proposed scheme is evaluated using an experimental data set in comparison with other schemes based around the LCF concept. Our extensive experimental results show that the proposed scheme distributes replacement credentials up to 35% faster and spreads spoofed credentials of strong collaborating adversaries up to 50% slower without causing any significant increase on the communication and storage overheads, when compared to other LCF based schemes.

The Gendered Social Organisation of Defence: Two Ethnographic Case Studies in the Finnish Defence Forces

In Finland the organising of defence is undergoing vast restructuring. Recent legislation has redefined the central tasks of the Finnish Defence Forces. At the same time, international security cooperation, economic pressures and new administrative paradigms have steered the military towards new ways of organising. National defence is not just politics and principles; to a large extent it is also enacted in day-to-day life in organisations. The lens through which these realities of defence are analysed in this study is gender. How is the security sector – and national defence as part of it – organised in the changing security environment? What is the new division of labour between different societal actors in the face of security challenges? What happens ‘at work’ within the military and the defence sector more broadly? How does gender affect the way in which defence is organised and understood, and how do the changes in the organising of security affect gender relations? The thesis searches for answers to these questions in the context of two organisational settings in the male-dominated defence sector. The case study on a Finnish peacekeeping unit in the Balkans opens a critical view on men’s social practices and the everyday life of crisis management organisations. In the second case study, reorganising of provisioning in the Finnish Defence Forces turns out to be a complicated process where different power relations and social divisions intermingle. Tallberg’s extensive ethnographic fieldwork in the two focal organisations has produced a detailed set of data that lays the basis for critical analysis and policy development in terms of defence organising, cooperation around peace and security issues, and gender equality in organisations. Observations and results are provided for understanding social networks, militarisation, authority relations, care, public-private partnerships, personnel policies, career planning, and humour.

Reacting to Complex Threats – the Securitization in the Speeches of Anders Fogh Rasmussen based on NATO´s New Strategic Concept

The purpose of this master´s thesis is to analyze how NATO Secretary General Anders Fogh Rasmussen is trying to justify the existence of the military alliance through the use of security arguments. I am puzzled by the question: why does NATO still exist – what is NATO’s raison d'être. The New Strategic Concept (2010) forms the base for his argumentation. This thesis focuses on the security argumentation of NATO which is examined by analyzing the speeches the Secretary General. The theoretical framework of this study is based on constructivist approach to international security examining the linguistic process of securitization. Issues become securitized after Anders Fogh Rasmussen names them as threats. This thesis focuses on the securitization process relating to NATO and analyses what issues Rasmussen raises to the security agenda. Research data consists of the speeches by Anders Fogh Rasmussen. They are analyzed through J.L. Austin’s speech act taxonomy and Chaïm Perelman’s argumentation theories. The thesis will concentrate on the formulation and articulation of these threats which are considered and coined as “new threats” in contemporary international relations. I am conducting this research through the use of securitization theory. This study illustrates that the threats are constructed by NATO’s member-states in unison, but the resolutions are sounded through Rasmussen’s official speeches and transcripts. . Based on the analysis it can be concluded that Rasmussen is giving reasons for the existence of NATO. This takes place by making use of speech acts and different rhetorical techniques. The results of the analysis indicate that NATO remains an essential organization for the West and the rest of the world according to the Secretary General.