Now showing items 1-20 of 22

    • A Characterization of Compound Documents on the Web 

      Lara, Eyal de; Wallach, Dan S.; Zwaenepoel, Willy (1999-11-29)
      Recent developments in office productivity suites make it easier for users to publish rich {\em compound documents\/} on the Web. Compound documents appear as a single unit of information but may contain data generated by ...
    • A Related-Key Cryptanalysis of RC4 

      Grosul, Alexander; Wallach, Dan S. (2000-06-08)
      In this paper we present analysis of the RC4 stream cipher and show that for each 2048-bit key there exists a family of related keys, differing in one of the byte positions. The keystreams generated by RC4 for a key and ...
    • A Security Analysis of My.MP3.com and the Beam-it Protocol 

      Stubblefield, Adam; Wallach, Dan S. (2000-03-08)
      My.MP3.com is a service that streams audio in the MP3 format to its users. In order to resolve copyright concerns, the service first requires that a user prove he or she owns the right to listen to a particular CD. The ...
    • An Analysis of BitTorrent’s Two Kademlia-Based DHTs 

      Crosby, Scott A.; Wallach, Dan S. (2007-05-26)
      Despite interest in structured peer-to-peer overlays and their scalability to millions of nodes, few, if any, overlays operate at that scale. This paper considers the distributed hash table extensions supported by modern ...
    • Building Incentives into Tor 

      Dingledine, Roger; Ngan, Tsuen-Wan "Johnny"; Wallach, Dan S. (2008-11-12)
      Distributed anonymous communication networks like Tor depend on volunteers to donate their resources. However, the efforts of Tor volunteers have not grown as fast as the demands on the Tor network. We explore techniques ...
    • Dagster: Censorship-Resistant Publishing Without Replication 

      Stubblefield, Adam; Wallach, Dan S. (2002-07-23)
      In this paper we present Dagster, a new censorship-resistant publishing scheme. Unlike previous censorship-resistant schemes, Dagster does not rely on the widespread replication of data and can even be used in a single ...
    • Denial of Service via Algorithmic Complexity Attacks 

      Crosby, Scott A.; Wallach, Dan S. (2003-02-12)
      We present a new class of low-bandwidth denial of service attacks that exploit algorithmic deficiencies in many common applications' data structures. Frequently used data structures have "average-case'' expected running ...
    • Finding the Evidence in Tamper-Evident Logs 

      Sandler, Daniel; Derr, Kyle; Crosby, Scott A.; Wallach, Dan S. (2008-01-23)
      Secure logs are powerful tools for building systems that must resist forgery, prove temporal relationships, and stand up to forensic scrutiny. The proofs of order and integrity encoded in these tamper-evident chronological ...
    • From Error to Error: Why Voters Could not Cast a Ballot and Verify Their Vote With Helios, Prêt à Voter, and Scantegrity II 

      Acemyan, Claudia Z.; Kortum, Philip; Byrne, Michael D.; Wallach, Dan S. (2015)
      The aim of this paper is to identify user errors, and the related potential design deficiencies, that contributed to participants failing to vote cast and vote verify across three end-to-end voting systems: Helios, Prêt à ...
    • Garbage Collector Memory Accounting in Language-Based Systems 

      Price, David W.; Rudys, Algis; Wallach, Dan S. (2003-11-11)
      Language run-time systems are often called upon to safely execute mutually distrustful tasks within the same runtime, protecting them from other tasks' bugs or otherwise hostile behavior. well-studied access controls exist ...
    • Hack-a-Vote: Demonstrating Security Issues with Electronic Voting Systems 

      Bannet, Jonathan; Price, David W.; Rudys, Algis; Singer, Justin; Wallach, Dan S. (2003-11-21)
      A representative democracy depends on a universally trusted voting system for the election of representatives; voters need to believe that their votes count, and all parties need to be convinced that the winner and loser ...
    • The Mason Test: A Defense Against Sybil Attacks in Wireless Networks Without Trusted Authorities 

      Liu, Yue; Bild, David R.; Dick, Robert P.; Mao, Z. Morley; Wallach, Dan S. (2015)
      Wireless networks are vulnerable to Sybil attacks, in which a malicious node poses as many identities in order to gain disproportionate influence. Many defenses based on spatial variability of wireless channels exist, but ...
    • Opportunities and Limits of Remote Timing Attacks 

      Crosby, Scott A.; Riedi, Rudolf H.; Wallach, Dan S. (2007-05-26)
      Many algorithms can take a variable amount of time to complete depending on the data being processed. These timing differences can sometimes disclose confidential information. Indeed, researchers have been able to reconstruct ...
    • Present but Unreachable: Reducing Persistentlatent Secrets in HotSpot JVM 

      Pridgen, Adam; Garfinkel, Simson L.; Wallach, Dan S. (2017)
      Applications that manage sensitive secrets, including cryptographic keys, are typically engineered to overwrite the secrets in memory once they’re no longer necessary, offering an important defense against forensic attacks ...
    • Puppeteer: Component-based Adaptation for Mobile Computing 

      de Lara, Eyal; Wallach, Dan S.; Zwaenepoel, Willy (2000-03-20)
      Puppeteer is a system for adapting component-based applications in mobile environments. Puppeteer takes advantage of the exported interfaces of these applications to perform adaptation <i>without</i> modifying the ...
    • Puppeteer: Component-based Adaptation for Mobile Computing 

      Lara, Eyal de; Wallach, Dan S.; Zwaenepoel, Willy (2000-07-06)
      Puppeteer is a system for adapting component-based applications in mobile environments. Puppeteer takes advantage of the component-based nature of the applications to perform adaptation without modifying the applications. ...
    • Robotics-Based Location Sensing based on Wireless Ethernet 

      Bekris, Kostas E.; Kavraki, Lydia E.; Ladd, Andrew M.; Marceau, Guillaume; Rudys, Algis; Wallach, Dan S. (2002-04-25)
      A key subproblem in the construction of location-aware systems is the determination of the position of a mobile device. This paper describes the design, implementation and analysis of a system for determining position from ...
    • Runtime Support for Distributed Sharing in Strongly-Typed Languages 

      Cox, Alan L.; Hu, Y. Charlie; Wallach, Dan S.; Yu, Weimin; Zwaenepoel, Willy (1999-11-13)
      In this paper, we present a new run-time system for strongly-typed programming languages that supports object sharing in a distributed system. The key insight in this system is that type information allows efficient and ...
    • Slender PUF Protocol: A lightweight, robust, and secure authentication by substring matching 

      Majzoobi, Mehrdad; Rostami, Masoud; Koushanfar, Farinaz; Wallach, Dan S.; Devadas, Srinivas (2012)
      We introduce Slender PUF protocol, an efficient and secure method to authenticate the responses generated from a Strong Physical Unclonable Function (PUF). The new method is lightweight, and suitable for energy constrained ...
    • Stones Unturned: Gaps in the Investigation of Sarasota's Disputed Congressional Election 

      Dill, David L.; Wallach, Dan S. (2007-04-13)
      The November 2006 race for Florida’s 13th Congressional District resulted in a 369 vote margin of victory for the winning candidate with more than 18,000 undervotes recorded on the ES&S iVotronic touch-screen voting machines ...