Learn More
Determining whether a client station should trust an access point is a known problem in wireless security. Traditional approaches to solving this problem resort to cryptography. But cryptographic exchange protocols are complex and therefore induce potential vulnerabilities in themselves. We show that measurement of clock skews of access points in an 802.11(More)
Keywords: Binary mapping Binary analysis File carving Hex editors Classification Reverse engineering a b s t r a c t Security analysts, reverse engineers, and forensic analysts are regularly faced with large binary objects, such as executable and data files, process memory dumps, disk images and hibernation files, often Gigabytes or larger in size and(More)
A private information retrieval scheme is a protocol whereby a client obtains a record from a database without the database operators learning anything about which record the client requested. This concept is well studied in the theoretical computer science literature. Here, we study a generalization of this idea where we allow a small amount of information(More)
—You do not understand how your program really works until it has been exploited. We believe that computer scientists and software engineers should regard the activity of modern exploitation as an applied discipline that studies both the actual computational properties and the practical computational limits of a target platform or system. Exploit developers(More)
Privacy-providing tools, including tools that provide anonymity, are gaining popularity in the modern world. Among the goals of their users is avoiding tracking and profiling. While some businesses are unhappy with the growth of privacy-enhancing technologies, others can use lack of information about their users to avoid unnecessary liability and even(More)
— In elections, it is important that voters be able to verify that the tally reflects the sum of the votes that were actually cast, as they were intended to be cast. It is also important that voters not be subject to coercion from adversaries. Currently most proposed voting systems fall short: they either do not provide both properties, or require the voter(More)
The views and conclusions do not necessarily represent those of the sponsors. Abstract Computers make very fast, very accurate mistakes. From a refrigerator magnet. Real-world infrastructure offers many scenarios where protocols (and other details) are not released due to being considered too sensitive or for other reasons. This situation makes it hard to(More)
We argue that visual analysis of binary data objects such as data files, process memory, and file systems presented as grayscale graphical depictions helps distinguish structurally different regions of data and thus facilitates a wide range of analytic tasks such as fragment classification, file type identification, location of regions of interest, and(More)
The "Hacker Curriculum" exists as a mostly undocumented set of principles and methods for learning about information security. Hacking, in our view, is defined by the ability to question the trust assumptions in the design and implementation of computer systems rather than any negative use of such skills. Chief among these principles and methods are two(More)