Bitcoin’s core innovation is its solution to double-spending, called Nakamoto consensus. This mechanism provides a probabilistic guarantee that transactions will not be reversed once they are sufficiently deep in the blockchain, assuming an attacker controls a bounded fraction of mining power in the network. We show, however, that when miners are rational this guarantee can be undermined by a w...

In this paper, we present a passive attack for finding out the secrets used in MAP (Minimalist Mutual Authentication Protocol), which is an authentication protocol between RFID tags and RFID readers. We describe an algorithm that breaks the protocol after eavesdropping a few consecutive rounds of communication. After two eavesdropped runs of the protocol, the attacker can learn the identificati...

Code-based cryptographic schemes are promising candidates for post-quantum cryptography since they are fast, require only basic arithmetic, and because their security is well understood. While most analyses of security assume that an attacker does not have any information about the secret key, we show that in certain scenarios an attacker can gain partial knowledge of the secret key. We present...

Briefly, PyCRA implicitly requires the victim sensor to select a sample rate that is higher than a threshold that depends on the non-zero physical delays present in the attacker. This threshold does not depend on the sampling rate at the attacker, and therefore there is no “race” between the two sample rates. Also, some of the key conclusions in your paper are based on using the simple detector...

Increasingly, applications are downloaded from the Internet by unsuspecting users, unaware of the intentions of the program author. To facilitate and secure this growing class of mobile code, Microsoft has introduced a new development and runtime environment called .NET framework. The framework combines a virtual machine, strong typing, and a configurable rule-set to subject the application to ...

We examine the problem of protecting online banking accounts from password brute-forcing attacks. Our method is to create a large number of honeypot userID-password pairs. Presentation of any of these honeypot credentials causes the attacker to be logged into a honeypot account with fictitious attributes. For the attacker to tell the difference between a honeypot and a real account he must atte...

Sites use firewalls to defend against external attacks while providing necessary Internet services. Firewalls make a site safer: they present a smaller risk since they provide fewer services. However, most firewalls use standard computer operating systems. This can allow an attacker to overrun the firewall if a known security flaw is present. The Sidewinder firewall system overcomes this proble...

This work presents a cryptographic analysis of AN.ON’s anonymization protocols. We have discovered three flaws of differing severity. The first is caused by the fact that the freshness of the session key was not checked by the mix. This flaw leads to a situation where an external attacker is able to perform a replay attack against AN.ON. A second, more severe, error was found in the encryption ...

In this paper, we apply game theory to identify equilibrium strategies for both attacker and defender in a fully endogenous model of resource allocation for countering terrorism and natural disasters. The key features of our model include balancing protection from terrorism and natural disasters, and describing the attacker choice by a continuous level of effort rather than a discrete choice (i...

The world of network security is an arms race where attackers constantly change the signatures of their attacks to avoid detection. Aiding the white-hats in this race is one fundamental invariant across all network attacks (present and future): for the attack to progress there must be communication among attacker, the associated set of compromised hosts and the victim(s), and this communication...