The Experts below are selected from a list of 47286 Experts worldwide ranked by ideXlab platform
Erland Jonsson - One of the best experts on this subject based on the ideXlab platform.
-
Efficient in-vehicle delayed Data Authentication based on compound message Authentication codes
IEEE Vehicular Technology Conference, 2008Co-Authors: Dennis K. Nilsson, Ulf E. Larson, Erland JonssonAbstract:Modern vehicles contain an in-vehicle network consisting of a number of electronic control units (ECUs). These ECUs are responsible for most of the functionality in the vehicle, including vehicle control and maneuverability. To date, no security features exist in this network since it has been isolated. However, an upcoming trend among automobile manufacturers is to establish a wireless connection to the vehicle to provide remote diagnostics and software updates. As a consequence, the in-vehicle network is exposed to external communication, and a potential entry point for attackers is introduced. Messages sent on the in-vehicle network lack integrity protection and Data Authentication; thus, the network is vulnerable to injection and modification attacks. Due to the real-time constraints and the limited resources in the ECUs, achieving Data Authentication is a challenge. In this paper, we propose an efficient delayed Data Authentication using compound message Authentication codes. A message Authentication code is calculated on a compound of successive messages and sent together with the subsequent messages, resulting in a delayed Authentication. This Data Authentication could be used to detect and possibly recover from injection and modification attacks in the in-vehicle network.
-
VTC Fall - Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes
2008 IEEE 68th Vehicular Technology Conference, 2008Co-Authors: Dennis K. Nilsson, Ulf E. Larson, Erland JonssonAbstract:Modern vehicles contain an in-vehicle network consisting of a number of electronic control units (ECUs). These ECUs are responsible for most of the functionality in the vehicle, including vehicle control and maneuverability. To date, no security features exist in this network since it has been isolated. However, an upcoming trend among automobile manufacturers is to establish a wireless connection to the vehicle to provide remote diagnostics and software updates. As a consequence, the in-vehicle network is exposed to external communication, and a potential entry point for attackers is introduced. Messages sent on the in-vehicle network lack integrity protection and Data Authentication; thus, the network is vulnerable to injection and modification attacks. Due to the real-time constraints and the limited resources in the ECUs, achieving Data Authentication is a challenge. In this paper, we propose an efficient delayed Data Authentication using compound message Authentication codes. A message Authentication code is calculated on a compound of successive messages and sent together with the subsequent messages, resulting in a delayed Authentication. This Data Authentication could be used to detect and possibly recover from injection and modification attacks in the in-vehicle network.
Dennis K. Nilsson - One of the best experts on this subject based on the ideXlab platform.
-
Efficient in-vehicle delayed Data Authentication based on compound message Authentication codes
IEEE Vehicular Technology Conference, 2008Co-Authors: Dennis K. Nilsson, Ulf E. Larson, Erland JonssonAbstract:Modern vehicles contain an in-vehicle network consisting of a number of electronic control units (ECUs). These ECUs are responsible for most of the functionality in the vehicle, including vehicle control and maneuverability. To date, no security features exist in this network since it has been isolated. However, an upcoming trend among automobile manufacturers is to establish a wireless connection to the vehicle to provide remote diagnostics and software updates. As a consequence, the in-vehicle network is exposed to external communication, and a potential entry point for attackers is introduced. Messages sent on the in-vehicle network lack integrity protection and Data Authentication; thus, the network is vulnerable to injection and modification attacks. Due to the real-time constraints and the limited resources in the ECUs, achieving Data Authentication is a challenge. In this paper, we propose an efficient delayed Data Authentication using compound message Authentication codes. A message Authentication code is calculated on a compound of successive messages and sent together with the subsequent messages, resulting in a delayed Authentication. This Data Authentication could be used to detect and possibly recover from injection and modification attacks in the in-vehicle network.
-
VTC Fall - Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes
2008 IEEE 68th Vehicular Technology Conference, 2008Co-Authors: Dennis K. Nilsson, Ulf E. Larson, Erland JonssonAbstract:Modern vehicles contain an in-vehicle network consisting of a number of electronic control units (ECUs). These ECUs are responsible for most of the functionality in the vehicle, including vehicle control and maneuverability. To date, no security features exist in this network since it has been isolated. However, an upcoming trend among automobile manufacturers is to establish a wireless connection to the vehicle to provide remote diagnostics and software updates. As a consequence, the in-vehicle network is exposed to external communication, and a potential entry point for attackers is introduced. Messages sent on the in-vehicle network lack integrity protection and Data Authentication; thus, the network is vulnerable to injection and modification attacks. Due to the real-time constraints and the limited resources in the ECUs, achieving Data Authentication is a challenge. In this paper, we propose an efficient delayed Data Authentication using compound message Authentication codes. A message Authentication code is calculated on a compound of successive messages and sent together with the subsequent messages, resulting in a delayed Authentication. This Data Authentication could be used to detect and possibly recover from injection and modification attacks in the in-vehicle network.
Jun-bin Yeh - One of the best experts on this subject based on the ideXlab platform.
-
A bandwidth efficiency of Lempel-Ziv scheme for Data Authentication
Lecture Notes in Computer Science, 2005Co-Authors: Chin-chen Chang, Jun-bin YehAbstract:This paper extends the bandwidth of Lempel-Ziv-Welch (LZW) and Lempel Ziv Fiala Greene (LZFG) compression schemes to hide information in the compressed codes for compressed Data Authentication. The proposed schemes are designed for two objectives; one is to compress a text file; the other is to hide secret information to warrant its authenticity. According to the results of experiment, the proposed scheme could easily and efficiently reach the objective of hiding secret information and only with negligible degradation in compression performance. In addition, the proposed scheme can be even used to hide secret' information in medical images without distorting the image quality.
-
KES (4) - A bandwidth efficiency of lempel-ziv scheme for Data Authentication
Lecture Notes in Computer Science, 2005Co-Authors: Chin-chen Chang, Jun-bin YehAbstract:This paper extends the bandwidth of Lempel-Ziv-Welch (LZW) and Lempel Ziv Fiala Greene (LZFG) compression schemes to hide information in the compressed codes for compressed Data Authentication. The proposed schemes are designed for two objectives; one is to compress a text file; the other is to hide secret information to warrant its authenticity. According to the results of experiment, the proposed scheme could easily and efficiently reach the objective of hiding secret information and only with negligible degradation in compression performance. In addition, the proposed scheme can be even used to hide secret information in medical images without distorting the image quality.
Ulf E. Larson - One of the best experts on this subject based on the ideXlab platform.
-
Efficient in-vehicle delayed Data Authentication based on compound message Authentication codes
IEEE Vehicular Technology Conference, 2008Co-Authors: Dennis K. Nilsson, Ulf E. Larson, Erland JonssonAbstract:Modern vehicles contain an in-vehicle network consisting of a number of electronic control units (ECUs). These ECUs are responsible for most of the functionality in the vehicle, including vehicle control and maneuverability. To date, no security features exist in this network since it has been isolated. However, an upcoming trend among automobile manufacturers is to establish a wireless connection to the vehicle to provide remote diagnostics and software updates. As a consequence, the in-vehicle network is exposed to external communication, and a potential entry point for attackers is introduced. Messages sent on the in-vehicle network lack integrity protection and Data Authentication; thus, the network is vulnerable to injection and modification attacks. Due to the real-time constraints and the limited resources in the ECUs, achieving Data Authentication is a challenge. In this paper, we propose an efficient delayed Data Authentication using compound message Authentication codes. A message Authentication code is calculated on a compound of successive messages and sent together with the subsequent messages, resulting in a delayed Authentication. This Data Authentication could be used to detect and possibly recover from injection and modification attacks in the in-vehicle network.
-
VTC Fall - Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes
2008 IEEE 68th Vehicular Technology Conference, 2008Co-Authors: Dennis K. Nilsson, Ulf E. Larson, Erland JonssonAbstract:Modern vehicles contain an in-vehicle network consisting of a number of electronic control units (ECUs). These ECUs are responsible for most of the functionality in the vehicle, including vehicle control and maneuverability. To date, no security features exist in this network since it has been isolated. However, an upcoming trend among automobile manufacturers is to establish a wireless connection to the vehicle to provide remote diagnostics and software updates. As a consequence, the in-vehicle network is exposed to external communication, and a potential entry point for attackers is introduced. Messages sent on the in-vehicle network lack integrity protection and Data Authentication; thus, the network is vulnerable to injection and modification attacks. Due to the real-time constraints and the limited resources in the ECUs, achieving Data Authentication is a challenge. In this paper, we propose an efficient delayed Data Authentication using compound message Authentication codes. A message Authentication code is calculated on a compound of successive messages and sent together with the subsequent messages, resulting in a delayed Authentication. This Data Authentication could be used to detect and possibly recover from injection and modification attacks in the in-vehicle network.
Mikhail J. Atallah - One of the best experts on this subject based on the ideXlab platform.
-
ICDCS - Efficient Distributed Third-Party Data Authentication for Tree Hierarchies
2008 The 28th International Conference on Distributed Computing Systems, 2008Co-Authors: Hao Yuan, Mikhail J. AtallahAbstract:In the third-party model for the distribution of Data, the trusted Data creator or owner provides an untrusted distributor D with integrity verification (IV) items that are stored at D in addition to the n Data items. When a user U has a subset of n' of those n Data items and needs to verify their integrity, U is provided by D with a number of IV items that U uses to verify its Data's integrity. The model forbids U from receiving any information about the n-n' Data items that the user is not authorized to access, and assumes that D has no signature authority (it stores only pre-signed IVs). Most of the published work in this area uses the Merkle tree or variants thereof, and typically requires D to store a linear or close to linear (in n) number s(n) of IV items that are pre-signed by the trusted authority. Moreover, most of the existing schemes impose on D a non-constant amount of computation work t(n) (typically logarithmic in n) in order to provide U with the IV items that enable U to verify the integrity of its Data; we call h(n) the number of such IV items. The h(n) values found in the literature are non-constant, i.e., they actually do depend on the number of Data items. The main contribution of this paper is to achieve linear s(n), constant h(n) and constant or logarithmic t(n) when the n Data items are organized in a tree hierarchy T, and the user's subset of n' items form a subtree T'. The cases of T' considered are when T' is (i) rooted at a node v and of depth k below v; and (ii) reachable in k hops from v going both up and down in T.
-
ICDE - Efficient Data Authentication in an Environment of Untrusted Third-Party Distributors
2008 IEEE 24th International Conference on Data Engineering, 2008Co-Authors: Mikhail J. Atallah, Younsun Cho, Ashish KunduAbstract:In the third-party model for the distribution of Data, the trusted Data creator or owner provides an untrusted party V with Data and integrity verification (IV) items for that Data. When a user U gets a subset of the Data at D or is already in possession of that subset, U may request from D the IV items that make it possible for U to verify the integrity of its Data: D must then provide U with the (hopefully small) number of needed IVs. Most of the published work in this area uses the Merkle tree or variants thereof. For the problem of 2-dimensional range Data, the best published solutions require V to store O(n log n) IV items for a Database of n items, and allow a user IA to be sent only O(log n) of those IVs for the purpose of verifying the integrity of the Data it receives from D (regardless of the size of lA's query rectangle). For Data that is modeled as a 2-dimensional grid (such as GIS or image Data), this paper shows that better bounds are possible: The number of IVs stored at D (and the time it takes to compute them) can be brought down to O(n), and the number of IVs sent to IA for verification can be brought down to a constant.
