CS 395T - Design and Analysis of Security Protocols (54302)
(due 3:30pm CDT, Monday, September 20, 2004).
Read and present a paper
For this assignment, you will read a research paper and present it
in class. Each presentation will be 30 minutes long, with 10 minutes
for questions and discussion. You may choose a paper that you will
be working on as part of your project.
To bid for a paper to present, please select at least five
candidates from the list below, order them by decreasing preference,
and email your list to me. Note that some related short papers are
packaged together (you'll need to present both). Also, please send me
the four available presentation dates ordered by decreasing preference.
Bidding deadline is Monday, October 4. In case of identical
preferences, earlier bids will get priority.
Formal methods for security analysis
Formal Verification of Standards for Distance Vector Routing Protocols by
Bhargavan, Obradovic, and Gunter.
Automatic Proof of Strong Secrecy for Security Protocols by
First-Order Verification of Cryptographic Protocols by
A Formal Analysis of Some Properties of Kerberos 5 Using MSR by
Butler, Cervesato, Jaggard, and Scedrov.
A Cost-Based Framework for Analysis of Denial of Service in Networks by
Protocol Insecurity with a Finite Number of Sessions and Composed Keys
is NP-complete by
Rusinowitch and Turuani.
Cryptographic models, relationship to formal models
On Formal Models for Secure Key Exchange by
Completeness Theorems for the Abadi-Rogaway Language of Encrypted Expressions by
Micciancio and Warinschi.
Soundness of Formal Encryption in the Presence of Active Adversaries by
Micciancio and Warinschi.
Threats and attacks
Intercepting Mobile Communications: The Insecurity of 802.11 by
Borisov, Goldberg, and Wagner; and
Your 802.11 Wireless Network has No Clothes by
Arbaugh, Shankar, and Wan.
Weaknesses in the Key Scheduling Algorithm of RC4 by
Fluhrer, Mantin, and Shamir; and
Using the Fluhrer, Mantin, and Shamir Attack to Break WEP by
Stubblefield, Ioannidis, and Rubin.
Practical Traffic Analysis: Extending and Resisting Statistical Disclosure by
Mathewson and Dingledine.
Client-Side Defense Against Web-Based Identity Theft by
Chou, Ledesma, Teraguchi, Boneh, and Mitchell; and
Web Spoofing: An Internet Con Game by
Felten, Balfanz, Dean, and Wallach.
Privacy Preserving Data Mining by
Lindell and Pinkas.
Privacy Preserving Auctions and Mechanism Design by
Naor, Pinkas, and Sumner.
Multicast Security: A Taxonomy and Some Efficient Constructions by
Canetti, Garay, Itkis, Micciancio, Naor, and Pinkas.
Provably Authenticated Group Diffie-Hellman Key Exchange by
Bresson, Chevassut, Pointcheval, and Quisquater.
Group Key Agreement Efficient in Communication by
Kim, Perrig, and Tsudik.
Optimized Group Rekey for Group Communication Systems by
Rodeh, Birman, and Dolev.
Terra: A Virtual Machine-Based Platform for Trusted Computing by
Garfinkel, Pfaff, Chow, Rosenblum, and Boneh.
Available presentation dates
October 27, November 3, 10, 17 (all Wednesdays).