Current e-mail security systems base their security on the secrecy of the long-term private key. If this private key is ever compromised, an attacker can decrypt any messages— past, present, or future—encrypted with the corresponding public key. The system described in this paper uses short term private-key/public-key key pairs to reduce the magnitude of this vulnerability.

Assume that a client outsources his database to a remote storage-provider (the server), so that for privacy reasons, the client’s database is encrypted by his secret key. During a PIR-writing protocol, the client updates one element of the encrypted database without revealing to the semi-honest server which element was updated and, of course, to which value. The best previous PIR-writing protoc...

This paper addresses some of the discriminants that make IPSec tunnel fingerprinting possible. Fingerprinting of VPN-tunnel endpoints may be desirable for forensic purposes, but in the hands of individuals of ill-intent, it undermines an enterprise network’s perimeter security. Three ways of preventing the ill-use of this type of fingerprinting are presented. The first two, apply to enterprises...

Public-key Encryption with Keyword Search (PEKS) allows authorized users to search by keywords on encrypted data by generating trapdoors for the desired keywords. Basically there are two requirements for the process of trapdoors generation. On one hand, it is important to allow users to privately search on encrypted data without revealing keywords to the Trapdoor Generation Entity T GE , and so...

One of the most promising uses of time-stamping technology lies in combining it with a public key infrastructure. A public-key infrastructure (PKI) consists of protocols, services, and standards supporting applications of public-key cryptography [1]. Public-key cryptography involves the use of a public and private key pair. Data encrypted with a public key can only be decrypted with its related...

With the increasing popularity of firewalls, virtual private networks (VPNs) and Quality of Service (QoS) routing, packet classification becomes increasingly important in the Internet. The high-performance solutions known so far strongly rely on certain properties of the filter database to match against, such as a small number of distinct prefixes or the absence of conflicts. In this paper, we ...

In this paper we introduce some key exchange protocols over noncommutative rings. These protocols use some polynomials with coefficients in the center of the ring as part of the private keys. We give some examples over the ring End(Zp × Zp2), where p is a prime number. We also give a security analysis of the proposed protocols and conclude that the only possible attack is by brute force.