Internet computing technologies, like grid computing, enable a weak computational device connected to such a grid to be less limited by its inadequate local computational, storage, and bandwidth resources. However, such a weak computational device (PDA, smartcard, sensor, etc.) often cannot avail itself of the abundant resources available on the network because its data are sensitive. This motivates the design of techniques for computational outsourcing in a privacy-preserving manner, i.e., without revealing to the remote agents whose computational power is being used either one

Based on the notion of accumulators, we propose a new cryptographic scheme called universal accumulators. This scheme enables one to commit to a set of values using a short accumulator and to efficiently compute a membership witness of any value that has been accumulated. Unlike traditional accumulators,this scheme also enables one to efficiently compute a nonmembership witness of any value that has not been accumulated. We give a construction for universal accumulators and prove its security based on the strong RSA assumption. We further present a construction for dynamic universal accumulators; this construction allows one to dynamically add and delete inputs with constant computational cost. Our construction directly builds upon Camenisch and Lysyanskaya

Theft of stored credit card information is an increasing threat to e-commerce. We propose a dynamic virtual credit card number scheme that reduces the damage caused by stolen credit card numbers. A user can use an existing credit card account to generate multiple virtual credit card numbers that are either usable for a single transaction or are tied with a particular merchant. We call the scheme dynamic because the virtual credit card numbers can be generated without online contact with the credit card issuers. These numbers can be processed without changing any of the infrastructure currently in place; the only changes will be at the end points, namely, the card users and the card issuers. We analyze the security requirements for dynamic virtual credit card numbers, discuss the design space, propose a scheme using HMAC, and prove its security under the assumption that HMAC is a PRF.

The notion of Oblivious Commitment Based Envelope (OCBE) was recently proposed; it enables attribute-based access control without revealing any information about the attributes. Previous OCBE protocols are designed by taking zero-knowledge proof protocols that prove a committed value satisfies some property and changing the protocols so that instead of one party proving to the other party, the two parties compute two keys that agree if and only if the committed value indeed satisfy the property. In this paper, we introduce a more general approach for designing OCBE protocols that uses zero-knowledge proof protocols in a black-box fashion. We present a construction such that given a zero-knowledge proof protocol that proves a committed value satisfies a predicate, we have an OCBE protocol for that predicate with constant additional cost. Compared with previous OCBE protocols, our construction is more general, more efficient, and has wide applicability.

In wireless networks, secure multicast protocols are difficult to implement efficiently due to the dynamic nature of the multicast group and scarcity of bandwidth at the receiving and transmitting ends. Mobility is one of the most distinct features to be considered in a wireless network. Moving users onto the key tree causes extra key management resources even though they are still in service. To take care of frequent handoff between wireless access networks, it is necessary to reduce the number of rekeying messages and the size of the messages. In this paper, we design a key management tree such that neighbors on the key tree are also physical neighbors on the cellular network. By tracking the user location, we localize the delivery of rekeying messages to the users who need them. This lessens the amount of traffic in wireless and wired intervals of the network. The group key management scheme uses a pre-positioned secret sharing scheme.

In wireless networks, secure multicast protocols are more difficult to implement efficiently due to the dynamic nature of the multicast group and the scarcity of bandwidth at the receiving and transmitting ends. Mobility is one of the most distinct features to be considered in wireless networks. Moving users onto the key tree causes extra key management resources even though they are still in service. To take care of frequent handoff between wireless access networks, it is necessary to reduce the number of rekeying messages and the size of the messages. The multicast protocol used in wired networks does not perform well in wireless networks because multicast structures are fragile as the mobile node moves and connectivity changes. When we choose a key management scheme, the structure of the wireless network should be considered very carefully. In this paper, we design a key management tree such that neighbors on the key tree are also physical neighbors on the cellular network. By tracking the user location, we localize the delivery of rekeying messages to the users who need them. This lessens the amount of traffic in wireless and wired intervals of the network. The group key management scheme uses the prepositioned secret sharing scheme.

In this paper, we demonstrated the feasibility of embedding unperceivable code sequence by modulating dot gains through laser intensity modulation for halftone images. From a communication systems point of view, a printer and a document scanner form the physical layer of a communication channel, where information can be hidden in halftone images and reliably transmitted and extracted. In the proposed approach, we will leverage our previous results in embedding unperceivable banding signals to halftone images and develop an integrated embedding and detection algorithm to embed and extract information with high payload capacity. Specifically, we will characterize the embedding capacity and detection rate associated with the proposed algorithm. Preliminary experimental results will be presented.

In previous publications we have demonstrated the use of laser intensity modulation to embed information in halftone and text documents. In those experiments we were able to embed and correctly decode 33 bits in a 12 point page of printed text. In this paper we will present our current work on developing a channel model for a text document. This model will allow us to define capacity bounds for the channel and to better understand the modulation and detection techniques that can be used to reach that capacity.

Digital images can be captured or generated by a variety of sources including digital cameras and scanners. In many cases it is important to be able to determine the source of a digital image. This paper presents methods for authenticating images that have been acquired using flatbed desktop scanners. The method is based on using the pattern noise of the imaging sensor as a fingerprint for the scanner, similar to methods that have been reported for identifying digital cameras. To identify the source scanner of an image a reference pattern is estimated for each scanner and is treated as a unique fingerprint of the scanner. An anisotropic local polynomial estimator is used for obtaining the reference patterns. To further improve the classification accuracy a feature vector based approach using an SVM classifier is used to classify the pattern noise. This feature vector based approach is shown to achieve a high classification accuracy.

This paper describes methods for forensic characterization of physical devices. This is important in verifying the trust and authenticity of data and the device that created it. Current forensic identification techniques for digital cameras, printers, and RF devices are presented. It is also shown how these techniques can fit into a general forensic characterization framework, which can be generalized for use with other devices.

A robust, invisible watermarking scheme is proposed for digital images, where the watermark is embedded using the block-based lapped orthogonal transform (LOT). The embedding process follows a spread spectrum watermarking approach. In contrast to the use of transforms such as discrete cosine transform, our LOT watermarking scheme allows larger watermark embedding energy while maintaining the same level of subjective invisibility. In particular, the use of LOT reduces block artifacts caused by the insertion of the watermark in a block-by-block manner, hence obtaining a better balance between invisibility and robustness. Moreover, we use a human visual system (HVS) model to adaptively adjust the energy of the watermark during embedding. In our HVS model, each block is categorized into one of four classes (texture, fine-texture, edge, and plain-area) by using a feature known as the texture masking energy. Blocks with edges are also classified according to the edge direction. The block classification is used to adjust the watermark embedding parameters for each block.

Future generations of in-vehicle Intelligent Transportation Systems (ITS) will network nearby vehicles for enhanced safety and efficiency.  Initially, these intelligent vehicles will utilize wireless communication to extend the perception horizon for individual drivers through warning messages of roadway hazards, including obstacles in the roadway, accidents, and hard-braking incidents.  Ultimately, this communication will become a vital part of automated highway systems including cooperative driving and coordinated collision avoidance.  For efficiency and cost reasons, the wireless communication is likely to be done directly between vehicles.  However, direct inter-  vehicle communication (IVC) presents unique security and scalability issues that must be addressed before these systems can be realized. 
  This dissertation describes a Communication Architecture for Reliable Adaptive Vehicular Ad hoc Networks (CARAVAN) to address these issues.  CARAVAN consists of IVC-specific parameterization for the physical layer, as well as protocols for the link and the network layers of the architecture.  In the development of CARAVAN, this dissertation makes the following contributions:  1. A study of the characteristics and requirements of the IVC network, elicited through analytical and simulation studies of the network.  2. A description of the services needed to support the distribution of the secret spreading codes and the additional scalability requirements that arise from the use of spread spectrum, in order to use spread spectrum to provide protection against Denial of Service attacks.  3. A methodology to balance the tradeoffs between radio range, spatial reuse, and multi-hop message delivery.  4. A novel mapping function, which maps discrete sections of roadway to timeslots allocated to vehicles that allows for significantly lower latencies for multi-hop transmissions.  5. Novel assignment rules, which specify the timeslots a vehicle is authorized to use,  that allow for significantly more efficient use of the allocated spectrum.  6. Assignment rules designed to automatically adapt the timeslot allocation to varying densities of vehicle traffic.  7. Forwarding rules at the network layer, including acknowledgement processing,  for the delivery of a-periodic messages to all nodes in the zone-of-relevance.  8. A network layer that leverages the benefits of varying radio ranges to reduce the latency in multi-hop message delivery. 
  Through simulation and analysis, the CARAVAN architecture is shown to present significant and measurable improvement over current IVC architecture proposals.

Despite the increase in email and other forms of digital communication, the use of printed documents continues to increase every year. Many types of printed documents need to be “secure” or traceable to the printer that was used to print them. Examples of these include identity documents (e.g. passports) and documents used to commit a crime. Traditional protection methods such as special inks, security threads, or holograms, can be cost prohibitive. The goals of our work are to securely print and trace documents on low cost consumer printers such as inkjet and electrophotographic (laser) printers. We will accomplish this through the use of intrinsic and extrinsic features obtained from modelling the printing process. Specically we show that the banding artifact in the EP print process can be viewed as an intrinsic feature of the printer used to identify both the model and make of the device. Methods for measuring and extracting the banding signals from documents are presented. The use of banding as an extrinsic feature is also explored.