NSAC @ Stony Brook	Main Page | About | Help | FAQ | Special pages | Log in
	Printable version | Disclaimers | Privacy policy

Yao's Reading List

From NSAC @ Stony Brook

This is Yao's reading list (Spring 2008):

• Dec
  • Project Kittyhawk: Building a Global-Scale Computer([1])
  • ORGs for Scalable, Robust, Privacy-Friendly Client Cloud Computing([2])

• 3-5 Oct
  • data source ([3])
  • A large-scale study of failures in high-performance computing systems([4])
  • Disk failures in the real world: What does an MTTF of 1,000,000 hours mean to you? ([5])

• Note
  • The Footprint of Gmail: How Much Energy Would Deleting Email Save?[6]
  • Information Technology and Resource Useg [7]

• 13th June
  • How to Be a Good Graduate Student([8])
• 10th June
  • PPay: Micropayments for Peer-to-Peer Systems ([9])

• 9th June
  • Information Security Economics – and Beyond (Crypto 2007)([10]) ([11])
  • How Should We Solve Search Problems Privately?([12])

• Reading on Micropayment
  • Very good resource page on Economics and Security([13])
  • The New Limits on High-Performance Computing([14])

• Spring Break
• The micropayment problem
  • Second generation micropayment systems: lessons learned([15])
  • PayWord and MicroMint:Two simple micropayment schemes([16])
    • PayWord -> user generate a pay word chain, w0,w1,w2, s.t. w(i)=h(w(i+1)). The payment is made by giving the vender the pay words and user's certificate.
    • MicroMint: broker generate coins by using hash collisions.
  • An efficient micropayment system based on probabilistic polling([17])
• routing in WSN
  • Routing Techniques in Wireless Sensor Networks: A Survey([18])
  • Secure routing in wireless sensor networks: attacks and countermeasures([19])
  • Locality-Preserving Randomized Oblivious Routing on Torus Networks([20])
• continue voting

• 6th week
• The ThreeBallo Voting System
• Split-Ballot Voting: Everlasting Privacy With Distributed Trust
• On Auditing Elections When Precincts Have Different Sizes
• Security Considerations for Remote Electronic Voting over the Internet
• The Design and Implementation of a Secure Auction Service
• A study on Electronic Auctions

• 5th week - God, how time flies!!!!!!!!!!!!
• Identity-Based Cryptosystems and signature schemes([21])
  • The original paper introducing IBE
  • didn't give a encryption scheme for IBE.
• An Identity Based Encryption Scheme based on Quadratic Residue ([22])
  • Alice has idenity a, Jacobi symbol (a/M)=+1, and she was given the square root r modulo M as her private key.
  • Bob wants to communicate with Alice. He encrypt his message with a transport key. And he send the transport key to Alice bit by bit(for each bit he generates a number using Alice's identity and only Alice can recover this number).
  • Question: I thought for a large modulo M=p*q, it is hard to decide whether a number A is a quadratic residue modulo M. But the paper says Jacobi symbol can be calculated without knowledge of the factorisation of M. don't understand.
• Identity based Encryption from the Weil Pairing([23])
• IBE Secure E-mail Project by crypto.Stanford ([24])
• Fuzzy Identity-Based Encryption ([25])
  • Something -> Fuzzy something
  • Biometric identity is natural to use. like fingerprint
  • But the fingerprint may change a little due to different environments, different sensors, etc. So we need a error tolerance (like match k out of n positions).
  • for each of the attribute of user's identity, the key generation issues a private key component that is tied to the user’s random polynomial q(x).If the user is able to “match” at least d components of the ciphertext with their private key components, then they will be able to perform decryption

• Efficient Identity-Based Encryption Without Random Oracles ([26])
• Identity-based management (bandwidth-management)([27])
• Identity-based right management([28])
  • Previous Right Management system is vunerable because they are based on the keys or locks.
  • True Identity based Right Management is important. But it's also very hard, coz we need a good crypto foundation and an identity infrastructure which can be smoothly integrated with the rights management technology and ultimately with the end-user applications.
  • Microsoft Rights Management Services. How does it work? wiki([29])
• Sun Identity Based Data Management([30])

• 4th week
• FROM USENIX SECURITY 2007
• Combating Click Fraud via Premium Clicks
• Human-Seeded Attacks and Exploiting Hot-Spots in Graphical Passwords
• Language Identification of Encrypted VoIP Traffic: Alejandra y Roberto or Alice and Bob?
• Security Analysis of the Diebold AccuVote-TS Voting Machine

• 3rd week
• Endorsed E-Cash([31])
  • produce an unlimited number of unendorsed coin from a wallet coin and they can not be linked together.
  • split the coin into two parts. if the exchange aborts, user won't lose his money.
• Forward-Secure Sequential Aggregate Authentication ([32])
  • (sk,pk) secrete key are updated sk'=H(sk), public key are generated accordingly by a TTP. Different key for differnet message. The signature can be aggregated as AggSig'=AggSig.Sig. Verifier can verify the signature correspondingly.
  • constant signature size.
• Cryptographic Randomized Response Techniques([33])
  • the difference between an election and a poll. the former requires more accurate result, has more fund to provide privacy
  • Use Obliviouse transfer, zero-knowledge to build a randomized response techniques.
• Privacy-Preserving Polling using Playing Cards([34])
  • A visualization of "Cryptographic Randomized Response Techniques".. intersting, easy to read
• Non-interactive Zero-Knowledge Arguments for Voting([35])
  • still reading, the main purpose is enforcing the voter's vote is valid. if the legla vote is {0,1}, then the vote can not vote a 100 trying to alter the result of the voting.

• 2nd week
• - Forward-Secure Signatures with Untrusted Update ([36])
• - Deniable Authentication and Key Exchange ([37])
• - Data Collection With Self-Enforcing Privacy ([38])
  • here, for a honest pollster, the response from the respondents(if submitting one bit, 0,....0,1,1),the information is equal to the sum of the answers. so, why not using the privacy reserved computation?)
  • Question for the model: not all the responsers are bounty hunters, release of their private information(which are the main part of the poll) will not be caught.
• - Privacy-Preserving Set Operations([39])
• - Differential Privacy([40])

View source | Discuss this page | Page history | What links here | Related changes Main Page | About NSAC @ Stony Brook | Find: This page has been accessed 1,622 times. This page was last modified on 8 December 2008, at 18:38.