Research » Recent Publications

2008 Publications

M. Albrecht. Algebraic Attacks on the Courtois Toy Cipher Cryptologia, vol. 32 (3), pp. 220-276 (2008).

W. Alrodhan and C.J. Mitchell. A client-side CardSpace-Liberty integration architecture. in K. E. Seamons, N. McBurnett and T. Polk (eds.), IDtrust 2008, Proceedings of the 7th Symposium on Identity and Trust on the Internet, March 4-6, 2008, Gaithersburg, Maryland, USA, ACM International Conference Proceeding Series 283, ACM (2008), pp.1-7.

W. Alrodhan and C. J. Mitchell. A delegation framework for Liberty. in J. Haggerty and M. Merabti (eds.), Proceedings: 3rd Conference on Advances in Computer Security and Forensics (ACSF 2008), 10-11 July 2008, Liverpool, UK, Liverpool JMU (2008), pp.67-73.

I. Askoxylakis, D. Sauveron, K. Markantonakis, T. Tryfonas, A. Traganitis. A Body-Centered Cubic Method for Key Agreement in Dynamic Mobile Ad Hoc Networks. to be presented at SECURWARE 2008.

S. Balfe and K.G. Paterson. Augmenting Internet-based Card-not-present Transactions with Trusted Computing: An Analysis. In G. Tsudik (ed.), Financial Cryptography 2008, Lecture Notes in Computer Science Vol. 5143, pp. 171-175, Springer-Verlag, Berlin, 2008.

S. Balfe and K. G. Paterson. e-EMV: Emulating EMV for Internet Payments with Trusted Computing Technologies. In S. Xu, C. Nita-Rotaru, J.-P. Seifert (eds.), Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing (STC 2008), pp. 81-92, ACM 2008.

S. Balfe, E. Gallery, C. J. Mitchell and K. G. Paterson. Crimeware and trusted computing. Chapter 15 in M. Jacobsson and Z. Ramzan (eds.), Crimeware, Addison-Wesley/Symantec Press, 2008.

S. Balfe and S. Reidt. Key Deactivation Strategies in MANETs. In Proceedings of the 2nd Annual Conference of ITA (AC-ITA), 2008.

S. Balfe, E. Gallery, C. J. Mitchell and K. G. Paterson. Challenges for trusted computing. IEEE Security and Privacy, vol. 6 no. 6 (November/December 2008), pp. 60-66.

W. D. Benits Jr. and S. D. Galbraith, The GPS identification scheme using Frobenius expansions, Proceedings of WeWorc, Springer LNCS 4945 (2008), pp. 13-27.

J. Birkett and A. W. Dent. Relations Among Notions of Plaintext Awareness.Proceedings of Public Key Cryptography (PKC 2008), volume 4939 of Lecture Notes in Computer Science, Springer-Verlag, pp. 47-64, 2008.

S.R. Blackburn, T. Etzion, D.R. Stinson and G.M. Zaverucha. A bound on the size of separating hash families, J. Comb. Theory - Series A, Vol. 115 (2008), pp. 1246-1256.

S.R. Blackburn and I.E. Shparlinski. On the average energy of circulant graphs, Linear Algebra and its Applications, Vol. 428 (2008), pp. 1956-1963.

S.R. Blackburn, T. Etzion, K.M. Martin and M.B. Paterson. Efficient key predistribution for grid-based wireless sensor networks. Information Theoretic Security (ICITS 2008), volume 5155 of Lecture Notes in Computer Science, Springer-Verlag, pp 54-69, 2008.

S.R. Blackburn, K.M. Martin, M.B. Paterson and D.R. Stinson. Key refreshing in wireless sensor networks. Information Theoretic Security (ICITS 2008), volume 5155 of Lecture Notes in Computer Science, Springer-Verlag, pp 156-170, 2008.

S.R. Blackburn, T. Etzion and S.-L. Ng. Prolific codes with the identifiable parent property, SIAM J. Discrete Mathematics, Vol. 22 (2008) pp. 1393-1410.

S.R. Blackburn. A mathematical walk in Surrey. British Society for the History of Mathematics Bulletin, Vol. 23 (2008), 178-180.

K.D. Boklan, Z. Klagsbrun, K.G. Paterson and S. Srinivasan. Flexible and Secure Communications in an Identity-Based, Coalition Environment. IEEE Milcom, 2008..

H. Borgen, P. Bours, and S. Wolthusen. Visible-Spectrum Biometric Retina Recognition. In Proceedings of the Special Session on Biometrics, Fourth International Conference on Intelligent Information Hiding and Multimedia Signal Processing (Harbin, China, Aug. 2008), IEEE Press, pp. 1056–1062.

C. Boyd, Y. Cliff, J.M. Gonzalez Nieto and K.G. Paterson. Efficient one round key exchange in the standard model. In Y. Mu, W. Susilo and J. Seberry (eds.), Proceedings of ACISP 2008, Lecture Notes in Computer Science Vol.5107, pp. 69-83, Springer-Verlag, Berlin, 2008.

D.J. Boyd. Enhancing the non-repudiation properties of Internet payments through a third dimension. In Kamel Adi, Mourad Debbabi, and Luigi Logrippo, editors, Proceedings of the 2nd Workshop on Practice and Theory of IT Security (PTITS 2008), pages 33-39, January 2008.

D.J. Boyd. Single sign-on to the Web with an EMV card. In Waleed W. Smari and William McQuay, editors, Proceedings of the 2008 International Symposium on Collaborative Technologies and Systems (CTS 2008), pages 112-120. IEEE, May 2008.

D.J. Boyd. Enhancing the non-repudiation properties of EMV payment cards. In Sanjay Goel, editor, Proceedings of the 3rd Annual Symposium on Information Assurance (ASIA '08): The Academic Track of the 11th Annual New York State Cyber Security Conference, pages 63-70, June 2008.

D.J. Boyd. Towards a private and anonymous EMV payment application. In John Haggerty and Madjid Merabti, editors, Proceedings of the 3rd Conference on Advances in Computer Security and Forensics (ACSF 2008), pages 53-59, July 2008.

L. Chen and J. Crampton. On spatio-temporal constraints and inheritance in role-based access control. In Proceedings of ACM Symposium on Information, Computer and Communications Security (ASIACCS08), 205-216, 2008.

J. Crampton. Why we should take a second look at access control in Unix. In Proceedings of 13th Nordic Workshop on Secure IT Systems, 2008.

J. Crampton and H. Khambhammettu. On delegation and workflow execution models. In Proceedings of 21st ACM Symposium on Applied Computing, 2137-2144, 2008.

J. Crampton and H. Khambhammettu. Delegation in role-based access control. International Journal of Information Security, 7(2), 123-136, 2008.

J. Crampton and H. Khambhammettu. Delegation and satisfiability in workflow systems. In Proceedings of 13th ACM Symposium on Access Control Models and Technologies, 31-40, 2008.

M. Dekker, J. Crampton, and S. Etalle. RBAC administration in distributed systems. In Proceedings of 13th ACM Symposium on Access Control Models and Technologies, 93-102, 2008.

A. W. Dent, B. Libert and K. G. Paterson. Certificateless Encryption Schemes Strongly Secure in the Standard Model. Proceedings of Public Key Cryptography (PKC 2008), volume 4939 of Lecture Notes in Computer Science, Springer-Verlag, pp. 344-359, 2008.

A. W. Dent. A Brief History of Provably-Secure Public-Key Encryption. In S. Vaudenay, editor, Proceedings of Africacrypt 2008, volume 5023 of Lecture Notes in Computer Science, Springer-Verlag, pp. 357-370, 2008.

A. W. Dent. Point-weight designs with design conditions on t points. Discrete Mathematics, vol. 308, no. 11, pp. 2080--2093, 2008.

A. W. Dent. A Survey of Certificateless Encryption Schemes and Security Models. International Journal of Information Security, vol. 7, no. 5, pp. 349--377, 2008.

L. Francis, K. Mayes and K. Markantonakis. On the Future of Accessing Multiple Telecommunication and Network Access Systems from a Single Smart Card. Book Chapter for Information Security 2007, Ed. J McKenna, Touch Briefings. To be published in 2008.

L. Francis, K. Mayes and K. Markantonakis. An Architecture to Support Multiple Subscriber Identity Applications Accessing Multiple Mobile Telecommunication Access Network Systems. ccit, vol. 2, pp.386-395, 2008. Third International Conference on Convergence and Hybrid Information Technology (ICCIT08). Busan, South Korea, November 11-13, 2008.

S. D. Galbraith, M. Harrison and D. Mireles. Efficient Hyperelliptic Arithmetic using Balanced Representation for Divisors. in A. J. van der Poorten and A. Stein (eds.), ANTS 2008, Springer LNCS 5011 (2008) 342-356.

S.D. Galbraith and E. R. Verheul. An analysis of the vector decomposition problem, Proceedings of Public Key Cryptography (PKC 2008), volume 4939 of Lecture Notes in Computer Science, pp. 308-327, Springer-Verlag (2008).

S.D. Galbraith, K.G. Paterson and N.P. Smart, Pairings for Cryptographers. Discrete Applied Mathematics, Volume 156, Issue 16 (2008) 3113-3121.

S.D. Galbraith and K.G. Paterson (eds.), Pairing 2008, Lecture Notes in Computer Science Vol. 5209, Springer-Verlag, Berlin, 2008.

S. D. Galbraith and M. Scott. Exponentiation in pairing-friendly groups using homomorphisms. In S. D. Galbraith and K. G. Paterson (eds) Pairing 2008, Springer LNCS 5209, 2008, pp. 211-224.

S. D. Galbraith, X. Lin and D. J. Mireles. Pairings on hyperelliptic curves with a real model. In S. D. Galbraith and K. G. Paterson (eds) Pairing 2008, Springer LNCS 5209, 2008, pp. 265-281.

S. D. Galbraith, F. Hess and F. Vercauteren. Aspects of Pairing Inversion. IEEE Trans. Information Theory, Volume 54, Issue 12 (2008) 5719-5728.

C. Gebhardt and A. Tomlinson. Secure Virtual Disk Images for Grid Computing. In 3rd Asia-Pacific Trusted Infrastructure Technologies Conference (APTC 2008). IEEE Computer Society, October 2008.

C. Gebhardt and A. Tomlinson. Trusted Virtual Disk Images. In 2nd Conference on the Future of Trust in Computing, Berlin, July 2008. Vieweg & Teubner.

R. Gennaro, S. Halevi, H. Krawczyk, T. Rabin, S. Reidt and S. Wolthusen. Strongly-Resilient and Non-Interactive Hierarchical Key-Agreement in MANETs. In Proceedings of the 13th European Symposium on Research in Computer Security (ESORICS 2008) (Malaga, Spain, Oct. 2008), S. Jajodia and J. Lopez, Eds., vol. 5283 of Lecture Notes in Computer Science, Springer-Verlag, pp. 49-65.

G. P. Hancke. Eavesdropping Attacks on High-Frequency RFID Tokens. Proceedings of the 4th Workshop on RFID Security (RFIDsec'08), pp 100-113, July 2008.

G. P. Hancke and M.G. Kuhn. Attacks on Time-of-Flight Distance Bounding Channels. Proceedings of the First ACM Conference on Wireless Network Security (WISEC'08), pp. 194-202, March 2008.

G. Kalogridis and C.J.Mitchell. Using non-adaptive group testing to construct spy agent routes, in Proceedings of the Third International Conference on Availability, Reliability and Security, ARES 2008, March 4-7, 2008, Technical University of Catalonia, Barcelona, Spain, IEEE Computer Society (2008), pp. 1013-1019.

X. Leng, K. Mayes and K. Markantonakis. HB-MP+ Protocol: An Improvement on the HB-MP Protocol. 2008 IEEE International Conference on RFID, Las Vegas, April 16--17, 2008.

Y. Lien, X. Leng, K. Mayes, and J-H Chiu. Reading Order Independent Grouping Proof for RFID Tags. 2008 IEEE International Conference on Intelligence and Security Informatics, Taipei, Taiwan, June 17--20, 2008.

A. Leung, L. Chen and C. J. Mitchell. On a possible privacy flaw in Direct Anonymous Attestation (DAA), in P. Lipp, A.-R. Sadeghi and K.-M. Koch (eds.), Trusted Computing - Challenges and Applications, First International Conference on Trusted Computing and Trust in Information Technologies, TRUST 2008, Villach, Austria, March 11-12, 2008, Proceedings, Springer-Verlag LNCS 4968, Berlin (2008), pp.179-190.

A. Leung and C. J. Mitchell. A device management framework for secure ubiquitous service delivery. In Proceedings of the Fourth International Symposium on Information Assurance and Security (IAS 2008), Naples, Italy, September 2008, IEEE Computer Society Press, Los Alamitos, CA (2008), pp. 267-274.

J. Lu, J. Kim, N. Keller, O. Dunkelman. Improving the Efficiency of Impossible Differential Cryptanalysis of Reduced Camellia and MISTY1. CT-RSA 2008, Lecture Notes in Computer Science Vol. 4964, pp. 370-386, Springer-Verlag, Berlin, 2008.

J. Lu and J. Kim. Attacking 44 Rounds of the SHACAL-2 Block Cipher Using Related-Key Rectangle Cryptanalysis. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Vol. 91-A(9), pp. 2588-2596, IEICE Press, 2008.

J. Lu, O. Dunkelman, N. Keller and J. Kim. New Impossible Differential Attacks on AES. In Dipanwita Roy Chowdhury, Vincent Rijmen, Abhijit Das (eds.),Progress in Cryptology - INDOCRYPT '08 - The 9th International Conference on Cryptology in India, Lecture Notes in Computer Science, Vol. 5365, pp. 279-293, Springer-Verlag, 2008.

I.D. MacKinnon and K.M. Martin. White hat vs. white hat: a new approach to managing business risk. ISSA Journal, April 2008, 10 - 15.

W. W. Malek, K. Mayes, K. Markantonakis. Fraud Detection and Prevention in Smart-Card Based Environments Using Artificial Intelligence. to be published in Cardis 2008, Lecture Notes in Computer Science.

K. Markantonakis, K. Mayes, D. Sauveron, I. Askoxylakis. Overview of Security Threats for Smart Cards in the Public Transport Industry. IEEE International Conference on e-Business Engineering (ICEBE) 2008, 22-24 October 2008, XI AN, China, IEEE Computer Society Conference Publishing Services, to be presented.

K. Markantonakis, K. Mayes, D. Sauveron, and M. Tunstall. Smart Cards, Book Chapter. Eds H. Bidgoli, to be published.

K.M. Martin and M.B. Paterson. An application-oriented framework for wireless sensor network key establishment. In Proceedings of the Third Workshop on Cryptography for Ad-hoc Networks WCAN'07, Electronic Notes in Theoretical Computer Science 192(2), 31 - 41 (2008).

K. M. Martin. Challenging the adversary model in secret sharing schemes. Coding Theory and Cryptography II, Proceedings of the Royal Flemish Academy of Belgium for the Science and the Arts, 2008.

K. Mayes and K. Markantonakis. Smart Cards, Tokens, Security and Applications, Springer Verlag, January 2008, ISBN: 978-0-387-72197-2.

K. Mayes and K. Markantonakis. Mobile communication security controllers: an evaluation paper. Information Security Technical Report, Volume 13, Issue 3, August 2008, Pages 173--192.

K. Mayes, C. Cid, K. Markantonakis. Mifare Classic Security Issues: A System Perspective. In Smart Card Technology International, A Global Journal of Advanced Chip Technology, Editor Jeanne Winnet, November 2008.

T. R. McEvoy and S. Wolthusen. Using Observations of Invariant Behavior to Detect Malicious Agency in Distributed Environments. In Proceedings of the 4th International Conference on IT Incident Management & IT Forensics (IMF 2008) (Mannheim, Germany, Sep. 2008). O. Göbel, S. Frings, D. Günther, J. Nedon, D. Schadt, Eds., vol. 140 of Lecture Notes in Informatics, GI-Edition, pp. 55–72.

S. Murphy and M.B. Paterson. A Geometric View of Cryptographic Equation Solving.Journal of Mathematical Cryptology, Vol. 2, pages 63-107, 2008.

J.A. Onieva, D. Sauveron, S. Chaumette, D. Gollmann, K. Markantonakis (Eds.). Information Security Theory and Practices. Smart Devices, Convergence and Next Generation Networks. Second IFIP WG 11.2 International Workshop, WISTP 2008,
Seville, Spain, May 13-16, 2008, Lecture Notes in Computer Science, Vol. 5019, ISBN: 978-3-540-79965-8.

F. Paci, E. Bertino and J. Crampton. An Access-Control Framework for WS-BPEL. International Journal of Web Services Research, 5(3), 20-43, 2008.

A.J. Palmer. Criteria to evaluate Automated Personal Identification Mechanisms. Computers & Security, Volume 27, Issues 7-8, December 2008, Pages 260-284.

K.G. Paterson and S. Srinivasan. Security and Anonymity of Identity-based Encryption with Multiple Trusted Authorities. In S.D. Galbraith and K.G. Paterson (eds.), Pairing 2008, Lecture Notes in Computer Science Vol. 5209, pp.354-375, Springer-Verlag, Berlin, 2008.

K.G. Paterson and G.J. Watson. Immunising CBC Mode Against Padding Oracle Attacks: A Formal Security Treatment. In R. Ostrovsky, R. De Prisco and I. Visconti (eds.), SCN 2008, Lecture Notes in Computer Science Vol. 5229, pp. 340-357, Springer-Verlag, Berlin, 2008.

M.B. Paterson and D.R. Stinson. Two attacks on a sensor network key distribution scheme of Cheng and Agrawal. Journal of Mathematical Cryptology, volume 2, number 4, pages 393-403, 2008.

G.S. Poh and K.M. Martin. Design Flaws of A Secure Watermarking Scheme for Buyer-Seller Identification and Copyright Protection, in Proceedings of the International Cryptology Workshop and Conference 2008 (Cryptology2008), Kuala Lumpur, 9-12 June, 2008.

G.S. Poh and K.M. Martin. On the (In)security of Two Buyer-Seller Watermarking Protocols. in Proceedings of the International Conference on Security and cryptography (SECRYPT 2008), Porto, Portugal, July 26-29, 2008, INSTICC Press, pp. 253-260.

J. R. Rabaiotti , H. Chivers, J. A. Clark, P-C. Cheng , N. Ivanic and S. Balfe. Reputation Attacks in Mediated and Automated Systems. In Proceedings of the 2nd Annual Conference of ITA (AC-ITA), 2008.

S. Reidt and S. Wolthusen. Exploiting UAV Capabilities in Tactical MANETS. In Proceedings of the Second Annual Conference of ITA (London, UK, Sep. 2008).

S. Reidt and S. Wolthusen. Connectivity Augmentation in Tactical Mobile Ad hoc Networks. In Proceedings of the IEEE Military Communications Conference 2008 (MILCOM 2008) (San Diego, CA, USA, Nov. 2008), IEEE Press.

A. Rupp, G. Leander, E. Bangerter, A. W. Dent, and A.-R. Sadeghi. Sufficient Conditions for Intractability over Black-Box Groups: Generic Lower Bounds for Generalized DL and DH Problems. To appear in J. Pieprzyk, editor, Advances in Cryptology -- Asiacrypt 2008, volume 5350 of Lecture Notes in Computer Science, pp. 489--505, 2008.

R. Safavi-Naini and P. R. Wild. Information theoretic bounds on authentication systems in query model. IEEE Trans. Inf. Theory, Vol. 54, No. 6 (2008) 2426-2436.

R. Safavi-Naini, D. Tonien and P. Wild. Authentication codes in the query model, in Coding and Cryptography, World Scientific Publishing, Singapore, 2008, pp. 214-225.

J.C.N. Schdult, K. Matsuura and K.G. Paterson. Proxy Signatures Secure Against Proxy Key Exposure. In Proceedings of Public Key Cryptography (PKC 2008), volume 4939 of Lecture Notes in Computer Science, Springer-Verlag, pp. 344-359, 2008.

S. Schwiderski-Grosche. Context-dependent Event Detection in Sensor Networks. Fast Abstract, 2nd Intl. Conf. on Distributed Event-Based Systems (DEBS'08), Rome, Italy, July 2008.

S. Schwiderski-Grosche. Spatio-Temporal Reasoning with Composite Events in Mobile Systems. Fast Abstract, 2nd Intl. Conf. on Distributed Event-Based Systems (DEBS'08), Rome, Italy, July 2008.

B. Song and C.J. Mitchell. RFID authentication protocol for low-cost tags, in: V. D. Gligor, J.-P. Hubaux and R. Poovendran (eds.), Proceedings of the First ACM Conference on Wireless Network Security, WiSec 2008, Alexandria, VA, USA, March 31 - April 02, 2008, ACM (2008), pp.140-147.

B. Song. Server Impersonation Attacks on RFID Protocols. In the Second International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies - UBICOMM'08, pages 50-55, Valencia, Spain, October 2008, IEEE Computer Science.

B. Song. RFID Tag Ownership Transfer. Proceedings of the Workshop on RFID Security - RFIDSec'08, Budapest, Hungary, Jul. 2008.

M. Srivatsa, S. Balfe, K. G. Patterson and P. Rohatgi. Trust Management for Secure Information Flows. In P. Ning, P.F. Syverson, S. Jha (eds.), Proceedings of the 2008 ACM Conference on Computer and Communications Security (CCS 2008), pp. 175-188, ACM 2008.

M. Srivatsa, D. Agrawal and S. Balfe. A Metadata Calculus for Securing Information Flows. In Proceedings of the of 26th Army Science Conference (ACS), 2008.

M. Srivatsa, P. Rohatgi, S. Balfe and S. Reidt. Securing Information Flows: A Metadata Framework. In Proceedings of the 1st IEEE Workshop on Quality of Information for Sensor Networks (QoISN), 2008.

F. Stumpf, C. Eckert, and S. Balfe. Towards Secure E-Commerce Based on Virtualization and Attestation Techniques. In Proceedings of the 3rd International Conference on Availability, Reliability and Security (ARES), 2008.

N. K. Svendsen and S. Wolthusen. Modeling and Detection of Anomalies in SCADA Systems Networks. In Proceedings of the Second Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection (Arlington, VA, USA, Mar. 2008), Springer-Verlag, pp. 101–113.

A. Tomlinson. Security For Video Broadcasting. In Smart Cards, Tokens, Security and Applications, pages 139-154. Springer, 2008.

A. Tomlinson. Introduction to the TPM. In Smart Cards, Tokens, Security and Applications, pages 155-172. Springer, 2008.

A. Tomlinson. Developments in mobile communications security. Information Security Technical Report, 13(3), 2008. Elsevier.

T. Walker. Practical management of malicious insider threat - An enterprise CSIRT perspective. Information Security Technical Report, Volume 13 , Issue 4 (November 2008), pp. 225-234, 2008.

Q. Wei, J. Crampton, K. Beznosov, and M. Ripeanu. Authorization recycling in RBAC systems. In Proceedings of 13th ACM Symposium on Access Control Models and Technologies, 63-72, 2008.

S. Wolthusen and M. Jahnke. Information Assurance Situation Awareness for Tactical MANETs. In Proceedings of the NATO RTO Symposium on Information Assurance for Emerging and Future Military Systems (Ljubljana, Slovenia, Oct. 2008), NATO Research and Technology Organization.

M.-D. Wu and S. Wolthusen. Network Forensics of Partial SSL/TLS Encrypted Traffic Classification Using Clustering Algorithms. In Proceedings of the 4th International Conference on IT Incident Management & IT Forensics (IMF 2008) (Mannheim, Germany, Sep. 2008). O. Göbel, S. Frings, D. Günther, J. Nedon, D. Schadt, Eds., vol. 140 of Lecture Notes in Informatics, GI-Edition, pp. 157-172.

P-W. Yau, A. Tomlinson, S. Balfe and E. Gallery. Securing Grid Workflows with Trusted Computing (Extended Abstract). Eighth IEEE International Symposium on Cluster Computing and the Grid (CCGRID), page 700, 2008.

P-W. Yau, A. Tomlinson, S. Balfe and E. Gallery. Securing Grid Workflows with Trusted Computing. In Proceedings of the 2008 International Conference on Computational Science, volume 5103-0510 of LNCS, pages 510-519, Kraków, Poland, June 2008. Springer.