邹锦沛许志光姚兆明香港大学资讯保安及密码学.pptVIP

05/20/12 * 05/20/12 * * Drs KP Chow, Lucas Hui, SM Yiu Center for Information Security Cryptography (CISC) 邹锦沛, 许志光, 姚兆明 香港大学资讯保安及密码学研究中心 Information Security and digital forensics research in CS, HKU Research Directions in CISC 研究项目 * Computer Forensics research Security and cryptography research Cryptographic primitives 加密基元 Infrastructure (Identity-based; PKI-based etc) and different security Models Signature/encryption schemes….. Leakage resilience 泄漏的韧性 ………. Cryptographic protocol (密码协议) VANETs (Vehicular ad hoc network) 车辆随意网路 Smart (power) grid system 智能电网系统 Database system 数据库系统 (e.g. data mining with privacy 数据挖掘隐私问题) Anonymous authentication (credential) in discussion group 讨论组匿名身份验证 (凭据) …….. Applications implementation 应用与实现 Hybrid (software + hardware token) 混合系统 (软件 + 硬件密钥) GPU (图形处理单元卡) ……… * (1) Leakage Resilience (泄漏的韧性) Old Belief: Encryption protects your data well and the attacker has no information (not even 1 bit) about your secret key (e.g. passwords). * Impact: old security schemes are not guaranteed to be secure!! This is WRONG!! The “new” assumption: Attacker may get partial information about the secret key. E.g. Measure running time of CPU, temperature of CPU, sound of the keyboard stroke, etc… By restricting the power of f, we restrict how much information is leaked. E.g. f outputs x bits only, with x key (password) length. * The model To formalize these attacks, we model it as an efficiently computed leakage function f which represents how much leakage information can be obtained by the attacker. Selected publication: “ID-based encryption scheme on continual auxiliary leakage model”, Eurocrypt 2012. Can we still prove that scheme A is still secure? Security scheme A f(key) all other msgs/info Attacker (2) Dynamic Birthmark Generation for Javascript (JavaScript 动态软件胎记) Question Addressed: Given 2 JavaScript programs, does one program copy the other? [plagiarism? IP court cases: Software thefts?] One may change the source code O