Learn More
We examine some known attacks on the PIN verification framework, based on weaknesses of the security API for the tamper-resistant Hardware Security Modules used in the network. We specify this API in an imperative language with cryptographic primitives, and show how its flaws are captured by a notion of robustness that extends the one of Myers, Sabelfeld(More)
In this paper we consider the decontamination problem in a hypercube network of size n. The nodes of the network are assumed to be contaminated and they have to be decontaminated by a sufficient number of agents. An agent is a mobile entity that asynchronously moves along the network links and decontaminates all the nodes it touches. A decontaminated node(More)
In this paper we consider the problem of searching for an intruder in a network. There is a team of collaborative software agents that are deployed to capture a hostile intruder (e.g., a virus). These agents asynchronously move along the network links and the intruder has the capability of escaping arbitrarily fast. We propose two different strategies for(More)
In this paper, we consider the problem of decontaminating a network, i.e., protecting it from unwanted and dangerous intrusions. Initially all nodes are contaminated and a team of agents is deployed to clean the entire network. When an agent transits on a node, it can clean it, when the node is left unguarded, however, it will be recontaminated as soon as(More)
We propose a countermeasure for a class of known attacks on the PIN processing API used in the ATM (cash machine) network. This API controls access to the tamper-resistant Hardware Security Modules where PIN encryption, decryption and verification takes place. The attacks are differential attacks, whereby an attacker gains information about the plaintext(More)
Given a graph G = (V ,E), the minimum feedback vertex set V is a subset of vertices of minimum size whose removal induces an acyclic subgraph G′ = (V \ V ,E′). The problem of finding V is NP-hard for general networks but interesting polynomial solutions have been found for particular graph classes. In this paper we find close upper and lower bounds to the(More)
We revise a known attack on the PIN verification framework, based on a weakness of the underlying security API. We specify this flawed API in an imperative language with cryptographic primitives and we show why its type-based verification fails in the type system of Myers, Sabelfeld and Zdancewic. We propose an improved API, extend the type system with(More)