<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-15"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
<pre wrap="">Hallo,
we would like to invite you to very interesting presentations taking
place in the framework of the research seminar of the Horst-Görz
Institute for IT Security (Ruhr-University Bochum, Germany) this week:
Speaker: <b>Jesse Walker</b> (Intel Corporation, USA)
Title: <b class="moz-txt-star">Distributed Trust in Community Networks<span
class="moz-txt-tag"></span></b>
Abstract: Please see below
Time: <b class="moz-txt-star"><span class="moz-txt-tag"></span> Thursday, April 10th, 11.00 am<span
class="moz-txt-tag"></span></b>
Place: HGI at Ruhr-University Bochum, Building IC, 4th floor, Room 161.
Speaker: <b>Giovanni Di Crescenzo</b> (Telcordia Research, USA)
Title: <b>Perfectly Secure Password Protocols in the Bounded Retrieval Model</b>
Abstract: Please see below
Time: <b class="moz-txt-star"><span class="moz-txt-tag"></span> Friday, April 11th, 1.00 pm<span
class="moz-txt-tag"></span></b>
Place: HGI at Ruhr-University Bochum, Building IC, 4th floor, Room 39-41.
For more information see <span class="moz-txt-underscore"><span
class="moz-txt-tag"></span><a class="moz-txt-link-freetext" href="http://www.hgi.rub.de/index_en.html">http://www.hgi.rub.de/index_en.html</a><span
class="moz-txt-tag"></span></span>
You can find directions and hotel recommendations on <a
class="moz-txt-link-freetext"
href="http://www.trust.rub.de/home/contact/">http://www.trust.rub.de/home/contact/</a>
If you have any further Questions please don't hesitate to contact us.
******************************************************************************************************************************
Jesse Walker (Intel Corporation, USA)
Title: "<b class="moz-txt-star">Distributed Trust in Community Networks</b>"
Abstract:
Traditionally manufacturers have treated device introduction and direct
device-to-device authentication as afterthoughts, if at all. Mobility, ad hoc
networking, meshes, ubiquitous computing, and other unmanaged networks have
given urgency to the consideration of first class features to address these
problems. In this talk, we examine reasons why the centralized authentication
systems fall short for these new classes of networks and suggest some
foundations for a distributed trust model to address these issues. We argue that instead of a simple label, an identity signifies a relationship the named entity has with the community. We describe a PGP-like paradigm in which every member can serve as a root to enroll and authenticate devices for the community. Members of the community share certificates they issue with each other, as well as other evidence relevant to identification. We illustrate our ideas with a technique we call identity laundering, to introduce device using existing relationships in other communities.
***************************************************************************************************************************
Speaker: Giovanni Di Crescenzo (Telcordia Research, USA)
Title: Perfectly Secure Password Protocols in the Bounded Retrieval Model
Abstract:
</pre>
<div class="Abstract"><small><font
face="Courier New, Courier, monospace">We introduce a formal model,
which we call the <i>Bounded Retrieval Model</i>, for the design and
analysis of cryptographic protocols remaining secure against intruders
that can retrieve a limited amount of parties’ private memory. The
underlying model assumption on the intruders’ behavior is supported by
real-life physical and logical considerations, such as the inherent
superiority of a party’s local data bus over a <i>remote</i>
intruder’s bandwidth-limited channel, or the detectability of
voluminous resource access by any <i>local</i> intruder. More
specifically, we assume a fixed upper bound on the amount of a party’s
storage retrieved by the adversary. Our model could be considered a
non-trivial variation of the well-studied Bounded Storage Model, which
postulates a bound on the amount of storage available to an adversary
attacking a given system. </font></small>
<div class="AbstractPara"><small></small>
<div class=""><small><font face="Courier New, Courier, monospace">In
this model we study perhaps the simplest among cryptographic tasks:
user authentication via a password protocol. Specifically, we study the
problem of constructing efficient password protocols that remain secure
against offline dictionary attacks even when a large (but bounded) part
of the storage of the server responsible for password verification is
retrieved by an intruder through a remote or local connection. We show
password protocols having satisfactory performance on both <i>efficiency</i>
(in terms of the server’s running time) and <i>provable security</i>
(making the offline dictionary attack not significantly stronger than
the online attack). We also study the tradeoffs between efficiency,
quantitative and qualitative security in these protocols. All our
schemes achieve <i>perfect security</i> (security against
computationally-unbounded adversaries). Our main schemes achieve the
interesting efficiency property of the server’s lookup complexity being
much smaller than the adversary’s retrieval bound.</font> </small></div>
</div>
</div>
<pre wrap="">
**************************************************************************
We are lookong forward on your comming!
Best regards,
Biljana Cubaleska
Dipl.-Ing Biljana Cubaleska
Research assistant
Chair for System Security
Ruhr-University Bochum
++49 234 / 32 27757</pre>
</body>
</html>