Ricardo Felipe Custódio

Learn More
The timing behavior of the EDCA mechanism defined in the IEEE 802.11e standard is analyzed. More specifically, the target of this paper is to evaluate the limitations of the highest priority level of the EDCA mechanism (voice category) when supporting real-time (RT) communication. By RT communication, we mean small-sized packets generated in periodic(More)
Farnel is a voting system proposed in 2001 in which each voter signs a ballot. It uses two ballot boxes to avoid the association between a voter and a vote. In this paper we first point out a flaw in the ThreeBallot system proposed by Rivest that seems to have gone unnoticed so far: it reveals statistical information about who is winning the election. Then,(More)
The concept of a ceremony as an extension of network and security protocols was introduced by Ellison. There are no currently available methods or tools to check correctness of the properties in such ceremonies. The potential application for security ceremonies are vast and fill gaps left by strong assumptions in security protocols. Assumptions include the(More)
The private keys used in a PKI are its most important asset. Protect these keys from unauthorised use or disclosure is essential to secure a PKI. Relying parties need assurances that the private key used to sign their certificates is controlled and managed following pre-defined statement policy. Hardware Security Modules (HSM) offer physical and logical(More)
Hardware Security Modules (HSMs) are an useful tool to deploy public key infrastructure (PKI) and its applications. This paper presents necessary procedures and protocols to perform backup and audit in such devices when deployed in PKIs. These protocols were evaluated in an implementation of a real HSM, enabling it to perform secure backups and to provide(More)
We propose a new Public Key Infrastructure model for long-term signatures. It is based on X.509 and the real world of handwritten signatures. In the model, notaries certify that a signer's certificate is trustworthy to verify a particular signature at a specific time. An end user issues his own X.509 certificate, whose validity period is meaningless and(More)
Since Needham and Schroeder introduced the idea of an active attacker, a lot of research has been made in the protocol design and analysis area in order to verify the protocols' claims against this type of attacker. Nowadays, the Dolev-Yao threat model is the most widely accepted attacker model in the analysis of security protocols. Consequently, there are(More)
Ceremonies are a useful tool to establish trust in scenarios where protocols operate. They describe a greater range of issues not taken into account by protocol designers. We take an already-designed protocol and ceremony for a key management protocol operating in a Public-Key Infrastructure environment and test it using a formal method. The ceremonies were(More)
Dynamic distributed systems like peer-to-peer systems, overlay networks and mobile ad hoc networks must execute their applications using distributed resources and in a decentralized way. The structure (composition and topology) of these systems changes frequently due to nodes joining or leaving the network, or due to mobility, faults and networks(More)