Re: Protection mail at rest

2008-06-02 Thread Angelos D. Keromytis
A more recent version, which appeared at ACSAC in December 2007 can be  
found at:

Since then, the student primarily working on this(*) has improved  
performance to the point of being able to search a couple of email  
messages per minute or so, with further scope for improvement. The  
very large storage overhead remains, but can probably be reduced by  
half or so.

(*) Adam Aviv; he was an undergrad at Columbia, now pursuing his Phd  
with Matt Blaze at UPenn...


On Jun 1, 2008, at 8:53 AM, Perry E. Metzger wrote:

Leichter, Jerry [EMAIL PROTECTED] writes:

Does anyone know of existing work in this area?

SSARES: Secure Searchable Automated Remote Email Storage
by Keromytis et al,

There is probably other work out there. In some small part, this also
looks like the problem that Matt Blaze's CFS addressed, though in that
case it was to deal with untrusted remote file servers rather than
email servers.


The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Death of antivirus software imminent

2008-01-02 Thread Angelos D. Keromytis
There was a paper in IEEE Security  Privacy 2006 by Sam King on how  
to do this kind of attack (his system was called SubVirt):

However, in practice it turns out this is a much harder than people  
think. See Tal Garfinkel's paper on precisely this topic at HotOS 2007:


On Jan 2, 2008, at 1:09 PM, Anne  Lynn Wheeler wrote:

Bill Frantz wrote:
 My favorite virtual machine use is for the virus to install itself
 as a virtual machine, and run the OS in the virtual machine.  This
 technique should be really good for hiding from virus scanners.

re: Death of antivirus  
software imminent Death of antivirus  
software imminent

i commented on that in reference posts mentioning that there have been
uses of virtual machines to study virus/trojans ... but that
some of the new generation virus/trojans are now looking to see if  

are running in virtual machine (studied?).

some of the current trade-off is whether that virtual machine  
can be used to partition off basically insecure operations (which  
are widely

recognized as being easy to compromise) and then completely discard
the environment and rebuild from scratch after every session (sort of
the automated equivalent of having to manually wipe an infected  

and re-install from scratch).

the counter argument is that crooks can possibly also use similar
technology to hide ... once they have infected the machine. the  
issue is that a lot of the antivirus/scanning techniques are  
becoming obsolete

w/o the attackers even leveraging virtual machine technology.

The attackers can leverage the technology in an otherwise poorly
defended machine. Some years ago there was a product claiming
that it could operate even at a public access machine because
of their completeness of their antivirus countermeasures ... even
on an infected machine. I raised the issue that it would be trivial
to defeat all such countermeasures using virtual machine technology.
Somewhat of a skirmish resulted since they had never considered
(or heard of) virtual machine technology ... for all i know there
is still ongoing head-in-the-sand situation.

for little topic drift ... this blog entry:


there is some assertion that the crooks overwhelming the
defenders countermeasures because they are operating
significantly faster and more efficiently.

however, another interpretation is that the defenders
have chosen extremely poor position to defend ... and are
therefor at enormous disadvantage. it may be necessary
to change the paradigm (and/or find the high ground)
in order to successfully defend.

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

WWW 2006 Call For Papers: Security, Privacy Ethics Track

2005-07-08 Thread Angelos D. Keromytis

WWW2006 Refereed Track: Security, privacy  Ethics

Viruses, spyware, and identity theft are turning the World Wide Web into 
a dangerous place. By undermining consumer trust, these problems are 
hampering e-commerce and the growth of online communities. A basic 
lesson is coming home to researchers, operators, and ordinary users 
alike: Security and privacy are not frills or features, but vital and 
enabling building blocks. As Web-based systems take on a physical 
dimension through wireless devices and sensors, and as they absorb 
varied media — from books to online games to home movies — digital 
security is ramifying in its economic and social reach.

This track promotes the view that security, privacy, and sound guiding 
ethics must be part of the texture of a successful World Wide Web. In 
addition to devising practical tools and techniques, it is the duty of 
the research community to promote and guide business adoption of 
security technology for the Web and to help inform related legislation.

The organizers seek novel research in security, privacy, and ethics as 
they relate to the Web, including but not limited to the following areas:

* Biometrics and secure template management
* Digital Rights Management from its technical, ethical, and legal 

* Economic / business analysis of Web security and privacy
* Electronic commerce, particularly security mechanisms for e-cash, 
auctions, payment, and fraud detection

* Intrusion detection, insider threats, auditing, and honeypots
* Legal and legislative approaches to issues of Web security and 

* Location-based services
* Knowledge-based authentication, such as security questions for 
password recovery
* Privacy-enhancing technologies, including anonymity, pseudonymity 
and identity management
* Public-key infrastructure and supporting concepts like digital 
signatures and certification

* Secure and robust management of server farms
* User interfaces as they relate to digital signing, encryption, 
passwords, and online scams like phishing
* Wireless devices that interface with the Web, including RFID, 
sensors, and mobile phones

* Web-services and supporting standards like XML


* Ari Juels (RSA Laboratories) (Vice Chair)
* Angelos Keromytis (Columbia University)  (Deputy Vice Chair)

PC Members

* Masayuki Abe (NTT, Japan)
* Kostas Anagnostakis (Univ. of Penn., USA)
* Dan Boneh (Stanford Univ., USA)
* Dario Catalano (l’ENS, France)
* Sabrina de Capitani di Vimercati (Univ. of Milan, Italy)
* Marc Dacier (Eurecom, France)
* George Danezis (Univ. Cambridge, UK)
* Ed Felten (Princeton Univ., USA)
* Kevin Fu (Univ. of Mass, USA)
* Craig Gentry (NTT DoCoMo?, USA)
* Sotiris Ioannidis (Stevens Inst. of Tech., USA)
* Markus Jakobsson (Univ. of Indiana, USA)
* Marc Joye (Gemplus, France)
* Arjen Lenstra (Lucent, Bell Labs, USA and Tech. Univ. Eindhoven, 
The Netherlands)

* Radia Perlman (Sun Microsystems, USA)
* Benny Pinkas (HP Labs, USA)
* Mike Reiter (CMU, USA)
* Eric Rescorla (RTFM Inc., USA)
* Vitaly Shmatikov (UT Austin, USA)
* Jessica Staddon (PARC, USA)
* Dan Wallach (Rice Univ., USA)
* Brent Waters (Stanford Univ., USA)
* Rebecca Wright (Stevens Inst. of Tech, USA)
* Dongyan Xu (Purdue, Univ., USA)
* Yuliang Zheng (Univ. of North Carolina, USA)

For more details, see

The World's WWW Conference

WWW2006 will bring together the international communities of 
researchers, developers and business that drive the Web forward, shaping 
and developing its potential for new areas of communication, research, 
business and public administration.

Since the first international WWW Conference in 1994, this prestigious 
event, organized by the International World Wide Web Conference 
Committee (IW3C2), has provided the annual public forum for 
communicating research and development of the Web infrastructure and 
applications, as well as W3C initiatives.

The fifteenth conference in the series comes to the UK for the first 
time, and to one of the great historical centres of science and 
technology. Edinburgh is Scotland's capital city, home to one of the 
UK's oldest universities, an epicentre of the IT business sector and one 
of the world's great festival cities.

The WWW2006 programme addresses topics in media, e-government, 
e-commerce, education and e-science. The technical programme will draw 
on global research and industrial strengths to provide a strategic forum 
for the dissemination of new techniques and applications throughout the 
research community, the business and company sector and government agencies.

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]