Defending Against the Unknown Enemy: Applying FlipIt to System Security, by Kevin D. Bowers and Marten van Dijk and Robert Griffin and Ari Juels and Alina Oprea and Ronald L. Rivest and Nikos Triandop
Most cryptographic systems carry the basic assumption that entities
are able to preserve the secrecy of their keys. With attacks today showing ever increasing sophistication, however, this tenet is eroding. \"Advanced Persistent Threats\" (APTs), for instance, leverage zero-day exploits and extensive system knowledge to achieve full compromise of cryptographic keys and other secrets.Such compromise is often silent, with defenders failing to detect the loss of private
keys critical to protection of their systems. The growing virulence of today\'s threats clearly calls for new models of defenders\' goals and abilities.
In this paper, we explore applications of FlipIt, a novel game-theoretic model of system defense introduced recently. In FlipIt, an attacker periodically gains complete control of a system, with the unique feature that system compromises are stealthy, i.e., not immediately detected by the system owner, called the defender. We distill out several lessons from our study of FlipIt and demonstrate
their application to several real-world problems, including password reset policies, key rotation, VM refresh and cloud auditing.
New Constructions and Proof Methods for Large Universe Attribute-Based Encryption, by Yannis Rouselakis and Brent Waters
We propose two large universe Attribute-Based Encryption constructions. In a large universe ABE construction any string can be used as an attribute and attributes need not be enumerated at system setup. Our first construction establishes a novel large universe Ciphertext-Policy ABE scheme on prime order bilinear groups, while the second achieves
a significant efficiency improvement over the large universe Key-Policy ABE systems of Lewko-Waters and Lewko. Both schemes are selectively secure in the standard model under two \"q-type\" assumptions similar to ones used in prior works. Our work brings back \"program and cancel\" techniques to this problem.
We provide implementations and benchmarks of our constructions
in Charm; a programming environment for rapid prototyping of cryptographic primitives.
Quantitative Analysis of the Full Bitcoin Transaction Graph, by Dorit Ron and Adi Shamir
The Bitcoin scheme is a rare example of a large scale global
payment system in which all the transactions are publicly
accessible (but in an anonymous way). We downloaded the full history
of this scheme, and analyzed many statistical properties of its
associated transaction graph. In this paper we answer for the
first time a variety of interesting questions about the typical
behavior of account owners, how they acquire and how they spend
their Bitcoins, the balance of Bitcoins they keep in their
accounts, and how they move Bitcoins between their various
accounts in order to better protect their privacy. In addition, we
isolated all the large transactions in the system, and discovered
that almost all of them are closely related to a single large
transaction that took place in November 2010, even though the
associated users apparently tried to hide this fact with many
strange looking long chains and fork-merge structures in the
ON PROVABLY SECURE CODE-BASED SIGNATURE AND SIGNCRYPTION SCHEME, by Preetha Mathew K and Sachin Vasant and C Pandu Rangan
Signcryption is a cryptographic protocol that provides authentication and confidentiality as a single primitive at a cost lower than the combined cost of sign and encryption. Due to the improved efficiency, signcryption schemes have found significant applications in areas related to E-commerce. Shor\'s algorithm  poses a threat to number-theoretic algorithms, as it can solve the number-theoretic hard problems in polynomial time using quantum computers. Therefore, code-based cryptography offers an exciting alternative to number-theoretic cryptography, as it is not only resistant to quantum algorithms, but also, the base operation (matrix-vector multiplication) is far less computationally intensive
compared to the modular exponentiation required in number-theoretic schemes. Courtois, Finiasz and Sendrier proposed the only practical code-based signature(CFS signature) . It can be used to realise
many cryptographic primitives. But the signature is currently not provably secure due to the existence
of the high rate distinguisher . In this paper, we make use of an alternate key-construct for the CFS
signature, and thus prove its existential unforgeability under chosen message attacks (EUF-CMA). Also,
we propose a code-based signcryption scheme and proved its security. To the best of our knowledge,
this is the first code-based, provably secure signature and signcryption scheme in literature.