The mobile Internet is a fast growing technology that introduces new privacy risks. We argue that, since privacy legislation alone is not sufficient to protect the users privacy, technical solutions to enhanceinformational privacy of individuals are also needed. This paper introduces mCrowds, a privacy-enhancing technology that combines the concept of a crowd system in a mobile Internet setting with a filteringfunctionality to enable anonymity towards the content providers
In this paper, we propose a conceptual model for tunable security services. The aim of the model is to provide a tool that can be used to describe and analyze such services in a structured and consistent way. The proposed model can thus serve as a basis to examine the possibilities available for constructing tunable security services based on current and future networking standards and to identify missing requirements. It can also be used to describe and compare previous research results. In the paper, four different use cases are presented that illustrates the powerfulness of the proposed model.
To achieve an appropriate tradeoff between security and performance for wireless applications, a tunable and differential treatment of security is required.
In this paper, we present a tunable encryption service designed as a middleware that is based on a selective encryption paradigm. The core component of the middleware provides block-based selective encryption. Although the selection of which data to encrypt is made by the sending application and is typically content-dependent, the representation used by the core component is application and content-independent. This frees the selective decryption module at the receiver from the need for application or content-specific knowledge. The sending application specifies the data to encrypt either directly or through a set of highlevel application interfaces. A prototype implementation of the middleware isdescribed along with an initial performance evaluation. The experimental results demonstrate that the generic middleware service offers a high degree of security adaptiveness at a low cost.
More and more effort is being spent on security improvements in today's computer environments, with the aim to achieve an appropriate level of security. However, for small computing devices it might be necessary to reduce the computational cost imposed by security in order to gain reasonable performance and/or energy consumption. To accomplish this selective encryption can be used, which provides confidentiality by only encrypting chosen parts of the information. Previous work on selective encryption has chiefly focused on how to reduce the computational cost while still making the information perceptually secure, but not on how computationally secure the selectively encrypted information is.
Despite the efforts made and due to the harsh nature of computer security, good quantitative assessment methods for computer security are still lacking. Inventing new ways of measuring security are therefore needed in order to better understand, assess, and improve the security of computer environments. Two proposed probabilistic quantitative security measures are entropy and guesswork. Entropy gives the average number of guesses in an optimal binary search attack, and guesswork gives the average number of guesses in an optimal linear search attack. In information theory, a considerable amount of research has been carried out on entropy and on entropy-based metrics. However, the same does not hold for guesswork.
In this thesis, we evaluate the performance improvement when using the proposed generic selective encryption scheme. We also examine the confidentiality strength of selectively encrypted information by using and adopting entropy and guesswork. Moreover, since guesswork has been less theoretical investigated compared to entropy, we extend guesswork in several ways and investigate some of its behaviors.
Selective encryption is a concept in which the main goal is to reduce computational cost while providing confidentiality by encrypting only chosen parts of the information to be protected. Previous work on selective encryption has mainly been aimed towards multimedia applications in order to reduce the overhead induced by encryption while still making the information perceptually secure to a desired protection level. This was accomplished by utilizing the fact that different parts of the information have different impacts on our perception senses, i.e., eyes and ears. How computationally secure the information is when using selective encryption has however only briefly been mentioned or rudimentarily analyzed. In this paper, we therefore investigate the security implications of selective encryption by generalizing the work on entropy of selectively encrypted strings to several dimensions and applying it to bitmap images. The generalization is done by constructing information neighborhoods that capture and model information dependencies in several dimensions.
More and more effort is being spent on security improvements in today's computer networking environments. However, due to the nature of computer security there is still a lack of good quantitative assessment methods. Inventing and developing new ways of measuring security are therefore needed in order to more exact describe, assess, and improve security of computer environments. One existing quantitative security measure is guesswork. Guesswork gives the average number of guesses in a brute force attack when breaking an encrypted message. In the current definition of guesswork it is assumed that the attacker uses a single processor when breaking an encrypted message. However, an intelligent and motivated attacker will likely use several processors that can work in parallel to break an encrypted message. This paper formally investigates how guesswork changes over time in multi-processor attacks. The result is applied on three probability distributions, the English alphabet, the geometric, and the truncated geometric to illustrate some behaviors.
A feature that has become desirable for low-power mobile devices with limited computing and energy resources is the ability to select a security configuration in order to create a trade-off between security and other important parameters such as performance and energy consumption. Selective encryption can be used to create this trade-off by only encrypting chosen units of the information. In this paper, we continue the investigation of the confidentiality implications of selective encryption by applying entropy on a generic selective encryption scheme. By using the concept of run-length vector from run-length encoding theory, an expression is derived for entropy of selectively encrypted strings when the number of encrypted substrings, containing one symbol, and the order of the language change
To be able to perform an analytical and more exact description of security, quantitative security measures are desirable. In this paper, we continue our investigation of the quantitative security measure guesswork, which gives the average number of guesses in an optimal brute force attack. The definition of guesswork is extended to joint and conditional guesswork. We show that joint guesswork is always at least equal to the marginal guessworks, and that conditioning reduces guesswork. Hence, guesswork possesses the same two properties as entropy, i.e., joint entropy is always at least equal to the marginal entropies, and conditioning reduces entropy. However, unlike entropy, guesswork does not possess the chain rule property. For entropy, this rule states that joint entropy is equal to marginal entropy plus the corresponding conditional entropy
To be able to perform an analytical and more exact description of security, quantitative security measures are desirable. Two proposed quantitative security measures are entropy and guesswork. When breaking an encrypted message, entropy measures the average number of guesses in an optimal binary search attack, whereas guesswork measures the average number of guesses in an optimal linear search attack. In this paper, we continue to investigate the security implications of a generic selective encryption procedure. That is, how entropy and guesswork changes with the number of encrypted units, i.e., the encryption level. This is done for languages up to thesecond order by deriving equations for entropy of selectively encrypted messages and then transferring the result to guesswork through an equation relating the two measures. Furthermore, unlike entropy, guesswork does not possess the chain rule, however, through the equation relating entropy and guesswork an equation connecting the different guessworks is derived.
In this paper, we investigate the tunable privacy features provided by Internet Explorer version 6 (IE6), Mix Net and Crowds, by using a conceptual model for tunable security services. A tunable security service is defined as a service that has been explicitly designed to offer various security configurations that can be selected at run-time. Normally, Mix Net and Crowds are considered to be static anonymity services, since they were not explicitly designed to provide tunability. However, as discussed in this paper, they both contain dynamic elements that can be used to utilize the trade-off between anonymity and performance. IE6, on the other hand, was indeed designed to allow end users to tune the level of privacy when browsing the Internet
In this paper, we investigate the tunable features provided by Mix-Nets and Crowds using a conceptual model for tunable secu- rity services. A tunable security service is deflned as a service that has been explicitly designed to ofier various security levels that can be se- lected at run-time. Normally, Mix-Nets and Crowds are considered to be static anonymity services, since they were not explicitly designed to provide tunability. However, as discussed in this paper, they both con- tain dynamic elements that can be used to achieve a tradeofi between anonymity and performance
n this paper, we start to investigate the security implications of selective encryption. We do this by using the measure guesswork, which gives us the expected number of guesses that an attacker must perform in an optimal brute force attack to reveal an encrypted message. The characteristics of the proposed measure are investigated for zero-order languages. We also introduce the concept of reduction chains to describe how the message (or rather search) space changes for an attacker with different levels of encryption.
In this paper, we start to investigate the security implications of selective encryption. We do this by using the measure guesswork, which gives us the expected number of guesses that an attacker performs in an optimal brute force attack to reveal an encrypted message. The characteristics of the proposed measure are only investigated for zero-order languages, and we give some basic initial results. The work is in progress and later papers will examine higher order of languages.
In this paper, we investigate in detail the relationship between entropy and guesswork. The aim of the study is to lay the ground for future efficiency comparison of guessing strategies. After a short discussion of the two measures, and the differences between them, the formal definitions are given. Then, a redefinition of guesswork is made, since the measure is not completely accurate. The change is a minor modification in the last term of the sum expressing guesswork. Finally, two theorems are stated. The first states that the redefined guesswork is equal to the concept of cross entropy, and the second states, as a consequence of the first theorem, that the redefined guesswork is equal to the sum of the entropy and the relative entropy.
PR-SCTP, a partially reliable extension of SCTP, provides a flexible QoS trade-off between timeliness and reliability for application traffic. However, the performance of PR-SCTP can be reduced due to certain traffic characteristics and network scenarios. Previously, we proposed a NR-SACK based optimization for PR-SCTP. In this work we extensively evaluate and analyze the performance of PR-SCTP with NR-SACKs using different network scenarios. Moreover, we compare the performance of our NR-SACK based PR-SCTP with existing transport protocols for syslog traffic. In the evaluation, we use real syslog traces from an operational syslog system. The results indicate that NR-SACKs based PR-SCTP significantly improves the overall message transfer delay as compared to SCTP and TCP.
Syslog is one of the basic methods for event logging in computer networks. Log messages that are generated by syslog can be used for a number of purposes, including optimizing system performance, system auditing, and investigating malicious activities in a computer network. Considering all these attractive uses, both timeliness and reliability is needed when syslog messages are transported over a network. The unreliable transport protocol UDP was specified in the original syslog specification; later a reliable transport service based on TCP was also proposed. However, TCP is a costly alternative in terms of delay. In our previous work, we introduced the partially reliable extension of SCTP, PR-SCTP, as a transport service for syslog, trading reliability against timeliness by prioritizing syslog messages. In this work, we first model syslog data using real syslog traces from an operational network. The model is then used as input in the performance evaluation of PR-SCTP. In the experiments, real congestion is introduced in the network by running several competing flows. Although PR-SCTP clearly outperformed TCP and SCTP in our previous work, our present evaluations show that PR-SCTP performance is largely influenced by the syslog data size characteristics