Privacy and Security (TOPS)


Search Issue
enter search term and/or author name


ACM Transactions on Information and System Security (TISSEC), Volume 7 Issue 2, May 2004

Consistency analysis of authorization hook placement in the Linux security modules framework
Trent Jaeger, Antony Edwards, Xiaolan Zhang
Pages: 175-205
DOI: 10.1145/996943.996944
We present a consistency analysis approach to assist the Linux community in verifying the correctness of authorization hook placement in the Linux Security Modules (LSM) framework. The LSM framework consists of a set of authorization hooks inserted...

Breaking and provably repairing the SSH authenticated encryption scheme: A case study of the Encode-then-Encrypt-and-MAC paradigm
Mihir Bellare, Tadayoshi Kohno, Chanathip Namprempre
Pages: 206-241
DOI: 10.1145/996943.996945
The secure shell (SSH) protocol is one of the most popular cryptographic protocols on the Internet. Unfortunately, the current SSH authenticated encryption mechanism is insecure. In this paper, we propose several fixes to the SSH protocol and,...

Just fast keying: Key agreement in a hostile internet
William Aiello, Steven M. Bellovin, Matt Blaze, Ran Canetti, John Ioannidis, Angelos D. Keromytis, Omer Reingold
Pages: 242-273
DOI: 10.1145/996943.996946
We describe Just Fast Keying (JFK), a new key-exchange protocol, primarily designed for use in the IP security architecture. It is simple, efficient, and secure; we sketch a proof of the latter property. JFK also has a number of novel engineering...

Techniques and tools for analyzing intrusion alerts
Peng Ning, Yun Cui, Douglas S. Reeves, Dingbang Xu
Pages: 274-318
DOI: 10.1145/996943.996947
Traditional intrusion detection systems (IDSs) focus on low-level attacks or anomalies, and raise alerts independently, though there may be logical connections between them. In situations where there are intensive attacks, not only will actual alerts...

A key recovery attack on the 802.11b wired equivalent privacy protocol (WEP)
Adam Stubblefield, John Ioannidis, Aviel D. Rubin
Pages: 319-332
DOI: 10.1145/996943.996948
In this paper, we present a practical key recovery attack on WEP, the link-layer security protocol for 802.11b wireless networks. The attack is based on a partial key exposure vulnerability in the RC4 stream cipher discovered by Fluhrer, Mantin, and...