The reliability of plagiarism detection sytems, which try to identify similar programs in large populations, is critically dependent on the choice of program representation. Software metrics conventionally used as representations are described, and the limitations of metrics adapted from software complexity measures are outlined. An application-specific metric is proposed, one that represents the structure of a program as a variable- length profile. Its constituent terms, each recording the control structures in a program fragment, are ordered for efficient comparison. The superior performance of the plagiarism detection system based on this profile is reported, and deriving complexity measures from the profile is discussed.

Programming style guidelines, style analyzers, and code formatters have been developed without a solid empirical or theoretical basis. In this paper we provide: (1) a justification for developing a programming style taxonomy, (2) an operational style taxonomy, (3) example applications of the taxonomy illustrating the diverse and sometimes contradictory nature of programming style guidelines, and (4) a discussion on how the taxonomy can be used to further teaching and research in programming style. The taxonomy provides a context for understanding and identifying specific style factors and empirical studies necessary to determine the effects of style on program comprehension. The result of this paper have a direct impact on programming instruction, programming standards, automated style analyzers, and code formatting tools like pretty-printers and syntax-editors

A large quantity of well-respected software is tested against a series of metrics designed to measure program lucidity, with intriguing results. Although slanted toward software written in C language, the measures are adaptable for analyzing most high- level languages.

Programming style guidelines, style analyzers, and code formatters have been developed without a solid empirical or theoretical basis. In this paper we provide: (1) a justification for developing a programming style taxonomy, (2) an operational style taxonomy, (3) example applications of the taxonomy illustrating the diverse and sometimes contradictory nature of programming style guidelines, and (4) a discussion on how the taxonomy can be used to further teaching and research in programming style. The taxonomy provides a context for understanding and identifying specific style factors and empirical studies necessary to determine the effects of style on program comprehension. The results of this paper have a direct impact on programming instruction, programming standards, auto- mated style analyzers, and code formatting tools like pretty- printers and syntax directed editors.

There is disagreement about the role and importance of typographic style (source code formatting and commenting) in program comp- rehension. Results from experiments and opinions in programming style books are mixed. This article presents principals of typographic style consistent and compatible with the results of program comprehension studies. Four experiments demonstrate that the typographic style principals embodied in the book format significantly aid program comprehension and reduce maintenance effort.

Programming style plays an important role in program understanding and maintenance. Studies [Par83] have shown that as much as one- half of a maintenance programmer’s time is spent in activities related to understanding the program. Program understanding is also important for testing and debugging. Programming style embellishes the readability of a program and hence improves its under- standablility

Despite its prominence as the most widely used programing language in industry, there are only a small number of publications on software metrics applied to COBOL. COBSTYLE, a one-pass, line-by line style analyzer, written in PL/I, is used to analyze 638 COBOL programs. COBSTYLE differs from other style analyzers in that it assesses penalty points for abuses in style, and considers to a larger degree, overall program structure. Mean style scores for 23 style characteristics are obtained. The data produced by COBSTYLE, together with programmer efficiency data, are stat- istically analyzed, yielding results which empirically demonstrate the benefits of good programming style. COBSTYLE, scores are shown to have statistically significant correlations with the following: (a) overall performance (as measured by students’ final course grade)- at the 0.005 significance level; (b) program correctness- at the 0.01 significance level; and (c) total debugging time - at the 0.05 significance level. An important aspect of this study is the “after-the-fact” nature of the methodology; i.e., none of the participants in this experiment were aware that the programs to be submitted to a style analyzer for analysis.

Detecting instances of software theft and plagiarism is a difficult problem. The statistical analysis of peculiar words or phrases known to be used by an author is a common method of settling authorship disputes in English literature. This paper presents a similar method for identifying authorship of programs. The method is based on typographic or layout style program characteristics. Our experiments show that these characteristics can be useful in determining authorship. The major benifits of the method are that it is simple, easy to automate, and can be used in conjunction with other program fingerprinting methodologies.

Programming style guidelines and automated coding sytle analyzers have been developed without a solid experimental or theoretical basis. In this paper we make a distinction between typographic sytle characteristics and underlying structural style content and show that this distinction aids in assessing the influence of style factors. This distinction permits straightforward identification of specific style factors and a better understanding of thier effect on program comprehension. The results of our studies have a direct impact on automated coding style assessment programs, programming standards, program maintainablity, and code formatting tools.

In this paper we describe simple identification and signature schemes which enable any user to prove his identity and the authenticity of his messages to any other user without shared or public keys. The schemes are provably secure against any known or chosen message attack if factoring is difficult, and typical implementations require only 1 to 4 of the number of modular multiplications required by RSA scheme. Due to their simplicity, security and speed, these schemes are ideally suited for microprocessor-bases devices such as smart cards, personal computers, and remote control systems.

Three Israeli computer scientists-Uriel Feige, Amos Fiat and Adi Shamir, of the Weizmann Institute-figured out how to play the game, called “Zero knowledge proofs of identity”. They publicized their result at conferences and they applied for U.S. patent protection. Ironically the United States said disclosure was “detrimential to the national security”, and imposed a secrecy order. The three Israelis sought relief, and, with intervention from powerful sources, they got it. Though no one will say for certain, it appears that the National Security Agency (NSA), the goverment decrypter of secrets, stepped in to help. What the research is, and why the NSA had reason to involve itself, is the story we present here.

The notion of a “proof of knowledge”, suggested by Goldwasser, Micali and Rackoff, has been used in many works as a tool for the construction of cryptographic protocols and other schemes. Yet the commonly cited formalizations of this notion are unsatisfactory and in particular inadequate for some of the applications in which they are used. Consequently, new researchers keep getting misled by existing literature. The purpose of this paper is to indicate the source of these problems and suggest a definition which resolves them.

It is often desirable to achieve mutual authentication and secret key exchange in the same protocol. Two kinds of approaches may be considered for this purpose ; authentication after key exchange using symetric algorithms and Diffie-Hellman type key exchange protocols, and key exchange after authentication by modifying 3-move identification schemes based on zero-knowledge technique. This letter presents several such protocols by each approach.

On a moonless night the spy returns to the castle after a reconnoitering mission to the enemy camp. As he nears the gate a voice whispers, “What’s the password?” But is it a friend or foe who whispers? How can the spy show he knows the password without actually revealing it to a possible imposter? The spy’s dilemma is commonplace now with the widespread use of telecom- munications. When your automatic teller machine communicates with your bank, each must be assured that the other is legitimate; the electronic “passwords” must be unforgeable and must be of no use to imposters and eavesdroppers.

In the first part of this paper two techniques for system authentication via a password are analyzed. The first is a probabilistic protcol for the improvement of the login security mechanism and the second is a zero knowledge model for system authentication. Their major advantages and disadvantages are identified and commented upon. The second part of this paper, a new protocol is proposed as a combination of the two, which establishes a new approach which is quite effective in the case of system-to-system authentication. This protocol avoids some of the limitations of the previously mentioned two techniques, while at the same time manages to merge several of the advantages of both.