The Sanctuary project at UCSD is building a secure infrastructure for mobile agents, and examining

Anonymity is critical for many networked applications. Yet current Internet protocols provide no support for masking the identity of communication endpoints. This paper outlines a design for a peer-to-peer, scalable, tamper-resilient communication protocol that provides strong anonymity and privacy. Called CliqueNet, our protocol provides an information-theoretic guarantee: an omnipotent adversary that can wiretap at any location in the network cannot determine the sender of a packet beyond a clique, that is, a set of k hosts, where k is an anonymizing factor chosen by the participants. CliqueNet is resilient to jamming by malicious hosts and can scale with the number of participants. This paper motivates the need for an anonymous communication layer and describes the self-organizing, novel divide-and-conquer approach that enables CliqueNet to scale while offering a strong anonymity guarantee. CliqueNet is widely applicable as a communication substrate for peer-to-peer applications that require anonymity, privacy and anti-censorship guarantees.

We present FaceCerts, a si5((( i nexp e, and cryptographi/Ri securei denti y certiR]5/0z system. A FaceCert i a pri tout of person's portrai photo, anarbi(//R textual message, and a 2-D color barcode whi h encodes an SAsi$7$zFR of the message hash and the compressed representatie of the face encompassed by the photo. The si5z7$)R i created usi0 the pri ate key of the partyi ssui( the ID. ID veri$/R]5) i performed by a si((F o#-li7 scanni/ devi that contaiF thepubli key of theiR$7F$ The system does not requi4 smart cards;i t can be expanded to encompass otherbierR$7/ features, and morei nteresti]$7 , the ID does not need to bepri ted by a trusted or hi5)z0( pri ter,i can be pri ted anywhere, anyti$4 and potentinR$ by anyone. The ID veri$) uses a si5F5 scan process whi h does not requiz the use ofdi$4z ys. Wedetai system's components and present a preli/R]$0 performance evaluatiz using an in-field experiment.

Evaluating computing systems and classifying them by the security properties they provide is not new

We present FACECERTS, a simple, inexpensive, and cryptographically secure identity certification system. A FACECERT is a printout of person’s portrait photo, an arbitrary textual message, and a 2D color bar-code which encodes a cryptographic signature of the message hash and the compressed representation of the face encompassed by the photo. The signature is created using the private key of the party issuing the ID. Verification is performed by a simple, intelligent, and off-line scanning device that contains the public key of the issuer. The system does not require smart cards. More interestingly, the ID does not need to be printed by a trusted or high-end printer, it can be printed anywhere, anytime, and potentially by anyone. In this paper, we present the crucial component of the FACECERT system, a novel hybrid algorithm for compressing faces, and investigate system reliability and performance.