István Vajda - Academia.edu (original) (raw)
Papers by István Vajda
2017 25th International Conference on Software, Telecommunications and Computer Networks (SoftCOM), 2017
The proliferation of cloud computing highlights the importance of techniques that allow both secu... more The proliferation of cloud computing highlights the importance of techniques that allow both securing sensitive data and flexible data management at the same time. One line of research with this double motivation is the study of Searchable Symmetric Encryption (SSE) that has provided several outstanding results in the recent years. These solutions allow sublinear keyword search in huge databases by using various data structures to store keywords and document identifiers. In this work, we focus on certain scenarios in which search over the whole database is not necessary and show that the otherwise inefficient sequential scan (in linear time) can be very practical. This is due to the fact that adding new entries to the database comes for free in this case while updating a complex data structure without information leakage is rather complicated. To demonstrate the practicality of our approach we build a simple SSE scheme based on bilinear pairings and prove its security against adapti...
Bookmarks Related papers MentionsView impact
Journal of Communications Software and Systems, 2018
Bookmarks Related papers MentionsView impact
(1) Több ugrásos vezeték nélküli hálózatok biztonsága: Ad hoc és szenzorhálózatokban használt útv... more (1) Több ugrásos vezeték nélküli hálózatok biztonsága: Ad hoc és szenzorhálózatokban használt útvonalválasztó protokollok biztonágának analízise, új bizonyíthatóan biztonságos protokollok tervezése (enairA, Secure tinyLUNAR). Új támadás-ellenálló adataggregációs algoritmusok tervezése (RANBAR, CORA) és analízise. Spontán kooperáció kialakulása feltételeinek vizsgálata ad hoc és szenzorhálózatokban, kooperáció ösztönzése késleltetéstűrő ad hoc hálózatokban (Barter). (2) Személyes biztonsági tokenek: A nem-megbízható terminál probléma vizsgálata, feltételes aláírásra épülő megoldás tervezése és analízise. (3) RFID biztonsági és adatvédelmi kérdések: Kulcsfa alapú azonosító-rejtő hitelesítés analízise, a privacy szintjének meghatározása. Optimális kulcsfa tervezése. Új azonosító-rejtő hitelesítő protokoll tervezése és összehasonlítása a kulcsfa alapú módszerrel. (4) Formális biztonsági modellek: Szimulációs paradigmára épülő biztonsági modell útvonalválasztó protokollok analízisére. Tá...
Bookmarks Related papers MentionsView impact
The biggest infection events show that the most dangerous viruses propagate via the Internet emai... more The biggest infection events show that the most dangerous viruses propagate via the Internet email systems. We propose a new solu-tion to accelerate the identification of infected computers after an attack by e-mail viruses. Our approach uses trap e-mail addresses secured by a feasible cryptographic technique. The novelty of our work is the introduc-tion of virtual e-mail addresses to identify virus sources. Furthermore we propose a technique for a secure file identifier that allows secure identifi-cation of a file for trusted parties, but makes it impossible for others. Our solution is viable: It has been successfully embedded in a localized version of a common desktop software.
Bookmarks Related papers MentionsView impact
IEEE Transactions on Dependable and Secure Computing, 2011
Bookmarks Related papers MentionsView impact
2004 International Symposium on Collaborative …, 2004
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Second Workshop on Security in Ubiquitous …, 2003
Providing security in low-cost RFID tags is a challenging task because tags are highly resource c... more Providing security in low-cost RFID tags is a challenging task because tags are highly resource con- strained and cannot support strong cryptography. Special lightweight algorithms and protocols need to be designed that take into account the limitations of the tags. In this paper, we propose a set of extremely lightweight tag authentication protocols. We also provide an analysis of the
Bookmarks Related papers MentionsView impact
IACR Cryptol. ePrint Arch., 2013
What kind of guidelines can the UC approach provide for traditional designs and applications? The... more What kind of guidelines can the UC approach provide for traditional designs and applications? The aim of this report is to bring this theoretically rooted, computer scientist technology closer to the community of practitioners in the field of protocol designs.
Bookmarks Related papers MentionsView impact
IEEE Transactions on Mobile Computing, 2006
Bookmarks Related papers MentionsView impact
In this paper we consider the problem of resilient data aggregation, namely, when aggregation has... more In this paper we consider the problem of resilient data aggregation, namely, when aggregation has to be performed on a compromised sample. We present a statistical framework that is designed to mitigate the effects of an attacker who is able to alter the values of the measured parameters of the environment around some of the sensor nodes. Our proposed framework takes advantage of the naturally existing correlation between the sample elements, which is very rarely considered in other sensor network related papers. The algorithms presented are to be applied without assumption on the sensor network’s sampling distribution or on the behaviour of the attacker. The effectiveness of the algorithms is formally evaluated.
Bookmarks Related papers MentionsView impact
IACR Cryptology ePrint Archive, 2011
Bookmarks Related papers MentionsView impact
Abstract: We present the first cryptographically sound security proof of a routing protocol for m... more Abstract: We present the first cryptographically sound security proof of a routing protocol for mobile ad-hoc networks. More precisely, we show that the route discovery protocol does not output a non-existing path under arbitrary active attacks, where on a non-existing path there exists at least one pair of neighboring nodes without communication connection during the run of the route discovery protocol. The proof relies on the Dolev-Yao-style model of Backes, Pfitzmann and Waidner, which allows for mapping results obtained symbolically within this model to cryptographically sound proofs if certain assumptions are met. 1.
Bookmarks Related papers MentionsView impact
The UC approach of Canetti offers the advantage of stand-alone analysis while keeping security gu... more The UC approach of Canetti offers the advantage of stand-alone analysis while keeping security guaranties for arbitrary complex environment. When we implement by this approach first we have to ensure secure instance separation and based on this condition, we are allowed to carry out a stand-alone analysis. In this report we propose three issues related to instance separation in UC-context: We consider the problem of universal composability in cases, when we cannot assume independence of instances. Next we formalize the interleaving attack and a related security notion. In time-aware protocols time-based separation of instances is one of the standard implementation techniques. We propose an event-driven clock model towards purely symbolic analysis of time-aware protocols. 1.
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Abstract. Key-tree based private authentication has been proposed by Molnar and Wagner as a neat ... more Abstract. Key-tree based private authentication has been proposed by Molnar and Wagner as a neat way to efficiently solve the problem of privacy preserving authentication based on symmetric key cryptography. However, in the key-tree based approach, the level of privacy provided by the system to its members may decrease considerably if some members are compromised. In this paper, we analyze this problem, and show that careful design of the tree can help to minimize this loss of privacy. First, we introduce a benchmark metric for measuring the resistance of the system to a single compromised member. This metric is based on the well-known concept of anonymity sets. Then, we show how the parameters of the key-tree should be chosen in order to maximize the system’s resistance to single member compromise under some constraints on the authentication delay. In the general case, when any member can be compromised, we give a lower bound on the level of privacy provided by the system. We also ...
Bookmarks Related papers MentionsView impact
In this paper, we propose a new model of resilient data aggregation in sensor networks, where the... more In this paper, we propose a new model of resilient data aggregation in sensor networks, where the aggregator analyzes the received sensor readings and tries to detect unexpected deviations before the aggregation function is called. In this model, the adversary does not only want to cause maximal distortion in the output of the aggregation function, but it also wants to remain undetected. The advantage of this approach is that in order to remain undetected, the adversary cannot distort the output arbitrarily, but rather the distortion is usually upper bounded, even for aggregation functions that were considered to be insecure earlier (e.g., the average). We illustrate this through an example in this paper. 1.
Bookmarks Related papers MentionsView impact
In this research report we present an UC framework for the general task of anonymous communicatio... more In this research report we present an UC framework for the general task of anonymous communication. Definition of the ideal and the real models are carried out in the BPW (Backes-Pfitzmann-Waidner) formalism. It is shown how this approach relates to and extends earlier proposals [10],[15]. We consider also the adaptive adversary. An example is given for a wireless application. 1.
Bookmarks Related papers MentionsView impact
2017 25th International Conference on Software, Telecommunications and Computer Networks (SoftCOM), 2017
The proliferation of cloud computing highlights the importance of techniques that allow both secu... more The proliferation of cloud computing highlights the importance of techniques that allow both securing sensitive data and flexible data management at the same time. One line of research with this double motivation is the study of Searchable Symmetric Encryption (SSE) that has provided several outstanding results in the recent years. These solutions allow sublinear keyword search in huge databases by using various data structures to store keywords and document identifiers. In this work, we focus on certain scenarios in which search over the whole database is not necessary and show that the otherwise inefficient sequential scan (in linear time) can be very practical. This is due to the fact that adding new entries to the database comes for free in this case while updating a complex data structure without information leakage is rather complicated. To demonstrate the practicality of our approach we build a simple SSE scheme based on bilinear pairings and prove its security against adapti...
Bookmarks Related papers MentionsView impact
Journal of Communications Software and Systems, 2018
Bookmarks Related papers MentionsView impact
(1) Több ugrásos vezeték nélküli hálózatok biztonsága: Ad hoc és szenzorhálózatokban használt útv... more (1) Több ugrásos vezeték nélküli hálózatok biztonsága: Ad hoc és szenzorhálózatokban használt útvonalválasztó protokollok biztonágának analízise, új bizonyíthatóan biztonságos protokollok tervezése (enairA, Secure tinyLUNAR). Új támadás-ellenálló adataggregációs algoritmusok tervezése (RANBAR, CORA) és analízise. Spontán kooperáció kialakulása feltételeinek vizsgálata ad hoc és szenzorhálózatokban, kooperáció ösztönzése késleltetéstűrő ad hoc hálózatokban (Barter). (2) Személyes biztonsági tokenek: A nem-megbízható terminál probléma vizsgálata, feltételes aláírásra épülő megoldás tervezése és analízise. (3) RFID biztonsági és adatvédelmi kérdések: Kulcsfa alapú azonosító-rejtő hitelesítés analízise, a privacy szintjének meghatározása. Optimális kulcsfa tervezése. Új azonosító-rejtő hitelesítő protokoll tervezése és összehasonlítása a kulcsfa alapú módszerrel. (4) Formális biztonsági modellek: Szimulációs paradigmára épülő biztonsági modell útvonalválasztó protokollok analízisére. Tá...
Bookmarks Related papers MentionsView impact
The biggest infection events show that the most dangerous viruses propagate via the Internet emai... more The biggest infection events show that the most dangerous viruses propagate via the Internet email systems. We propose a new solu-tion to accelerate the identification of infected computers after an attack by e-mail viruses. Our approach uses trap e-mail addresses secured by a feasible cryptographic technique. The novelty of our work is the introduc-tion of virtual e-mail addresses to identify virus sources. Furthermore we propose a technique for a secure file identifier that allows secure identifi-cation of a file for trusted parties, but makes it impossible for others. Our solution is viable: It has been successfully embedded in a localized version of a common desktop software.
Bookmarks Related papers MentionsView impact
IEEE Transactions on Dependable and Secure Computing, 2011
Bookmarks Related papers MentionsView impact
2004 International Symposium on Collaborative …, 2004
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Second Workshop on Security in Ubiquitous …, 2003
Providing security in low-cost RFID tags is a challenging task because tags are highly resource c... more Providing security in low-cost RFID tags is a challenging task because tags are highly resource con- strained and cannot support strong cryptography. Special lightweight algorithms and protocols need to be designed that take into account the limitations of the tags. In this paper, we propose a set of extremely lightweight tag authentication protocols. We also provide an analysis of the
Bookmarks Related papers MentionsView impact
IACR Cryptol. ePrint Arch., 2013
What kind of guidelines can the UC approach provide for traditional designs and applications? The... more What kind of guidelines can the UC approach provide for traditional designs and applications? The aim of this report is to bring this theoretically rooted, computer scientist technology closer to the community of practitioners in the field of protocol designs.
Bookmarks Related papers MentionsView impact
IEEE Transactions on Mobile Computing, 2006
Bookmarks Related papers MentionsView impact
In this paper we consider the problem of resilient data aggregation, namely, when aggregation has... more In this paper we consider the problem of resilient data aggregation, namely, when aggregation has to be performed on a compromised sample. We present a statistical framework that is designed to mitigate the effects of an attacker who is able to alter the values of the measured parameters of the environment around some of the sensor nodes. Our proposed framework takes advantage of the naturally existing correlation between the sample elements, which is very rarely considered in other sensor network related papers. The algorithms presented are to be applied without assumption on the sensor network’s sampling distribution or on the behaviour of the attacker. The effectiveness of the algorithms is formally evaluated.
Bookmarks Related papers MentionsView impact
IACR Cryptology ePrint Archive, 2011
Bookmarks Related papers MentionsView impact
Abstract: We present the first cryptographically sound security proof of a routing protocol for m... more Abstract: We present the first cryptographically sound security proof of a routing protocol for mobile ad-hoc networks. More precisely, we show that the route discovery protocol does not output a non-existing path under arbitrary active attacks, where on a non-existing path there exists at least one pair of neighboring nodes without communication connection during the run of the route discovery protocol. The proof relies on the Dolev-Yao-style model of Backes, Pfitzmann and Waidner, which allows for mapping results obtained symbolically within this model to cryptographically sound proofs if certain assumptions are met. 1.
Bookmarks Related papers MentionsView impact
The UC approach of Canetti offers the advantage of stand-alone analysis while keeping security gu... more The UC approach of Canetti offers the advantage of stand-alone analysis while keeping security guaranties for arbitrary complex environment. When we implement by this approach first we have to ensure secure instance separation and based on this condition, we are allowed to carry out a stand-alone analysis. In this report we propose three issues related to instance separation in UC-context: We consider the problem of universal composability in cases, when we cannot assume independence of instances. Next we formalize the interleaving attack and a related security notion. In time-aware protocols time-based separation of instances is one of the standard implementation techniques. We propose an event-driven clock model towards purely symbolic analysis of time-aware protocols. 1.
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Abstract. Key-tree based private authentication has been proposed by Molnar and Wagner as a neat ... more Abstract. Key-tree based private authentication has been proposed by Molnar and Wagner as a neat way to efficiently solve the problem of privacy preserving authentication based on symmetric key cryptography. However, in the key-tree based approach, the level of privacy provided by the system to its members may decrease considerably if some members are compromised. In this paper, we analyze this problem, and show that careful design of the tree can help to minimize this loss of privacy. First, we introduce a benchmark metric for measuring the resistance of the system to a single compromised member. This metric is based on the well-known concept of anonymity sets. Then, we show how the parameters of the key-tree should be chosen in order to maximize the system’s resistance to single member compromise under some constraints on the authentication delay. In the general case, when any member can be compromised, we give a lower bound on the level of privacy provided by the system. We also ...
Bookmarks Related papers MentionsView impact
In this paper, we propose a new model of resilient data aggregation in sensor networks, where the... more In this paper, we propose a new model of resilient data aggregation in sensor networks, where the aggregator analyzes the received sensor readings and tries to detect unexpected deviations before the aggregation function is called. In this model, the adversary does not only want to cause maximal distortion in the output of the aggregation function, but it also wants to remain undetected. The advantage of this approach is that in order to remain undetected, the adversary cannot distort the output arbitrarily, but rather the distortion is usually upper bounded, even for aggregation functions that were considered to be insecure earlier (e.g., the average). We illustrate this through an example in this paper. 1.
Bookmarks Related papers MentionsView impact
In this research report we present an UC framework for the general task of anonymous communicatio... more In this research report we present an UC framework for the general task of anonymous communication. Definition of the ideal and the real models are carried out in the BPW (Backes-Pfitzmann-Waidner) formalism. It is shown how this approach relates to and extends earlier proposals [10],[15]. We consider also the adaptive adversary. An example is given for a wireless application. 1.
Bookmarks Related papers MentionsView impact