The views and conclusions in this document are those of the authors and do not necessarily represent the official policies or endorsements of any of the research sponsors. How do we build distributed systems that are secure? Cryptographic techniques can be used to secure the communications between physically separated systems, but this is not enough: we must be able to guarantee the privacy of the cryptographic keys and the integrity of the cryptographic functions, in addition to the integrity of the security kernel and access control databases we have on the machines. Physical security is a central assumption upon which secure distributed systems are built; without this foundation even the best cryptosystem or the most secure kernel will crumble. In this thesis, I address the distributed security problem by proposing the addition of a small, physically secure hardware module, a secure coprocessor, to standard workstations and PCs. My central axiom is that secure coprocessors are able to maintain the privacy of the data they process. This thesis attacks the distributed security problem from multiple sides. First, I analyze the security properties of existing system components, both at the hardware and

Many researchers believe electronic wallets (secure storage devices that maintain account balances) are the solution to electronic commerce challenges. This paper argues for a more powerful model --- a secure coprocessor --- that can run a small operating system, run application programs, and also keep secure storage for cryptographic keys and balance information. We have built a system called Dyad, on top of a port of the Mach 3.0 microkernel to the IBM Citadel secure coprocessor. This paper describes the abstract architecture of Dyad and a general discussion of secure coprocessor implementations of a variety of electronic commerce applications: ffl Copy protection for software ffl Electronic cash (including a critique of proposed solutions for point-of-sale electronic wallet systems) ffl Electronic contracts ffl Secure postage 1 Introduction Many researchers believe electronic wallets (secure storage devices that maintain account balances) are the solution to electronic commerc...

We present a novel solution for authenticating printed paper documents by utilizing the inherent non--repeatable randomness existing in the printing process. For a document printed by a laser-printer, we extract the unique features of the non-- repeatable print content for each copy. The shape profiles of this content are used as the feature to represent the uniqueness of that particular printed copy. These features along with some important document content is then captured as the print signature. We present theoretical and experimental details on how to register as well as authenticate this print signature. The security analysis of this technique is also presented. We finally provide experimental results to demonstrate the feasibility of the proposed method.

A Feature Correction Two Stage Vector Quantization #FC2VQ# algorithm was previously developed to compress gray-scale photo ID pictures. This algorithm is extended to color images in this paper. Two options are compared, which apply the FC2VQ algorithm in RGB and YCbCr color spaces, respectively. The RGBFC2VQ algorithm is found to yield better image quality than YCbCr-FC2VQatsimilar bitrate. With the RGB-FC2VQ algorithm, an 128 # 128 24-bit color ID image #49,152 bytes# can be compressed down to 500 bytes with satisfactory quality. 1. INTRODUCTION In a digital ID system, it is desirable to store a photo ID picture along with other personal information suchas ID number, other demographic information, and certain biometric information ##ngerprint, voice, signature, etc.#. Tosave the storage space, compression of the ID picture is necessary. This is especially important with portable ID devices where the ID information are stored locally in a portable card, e.g., in a barcode or a mag...

Abstract. Metered mail provides substantial opportunities for fraud. (Indeed, losses due to meter fraud in the United States are said to exceed $100 million annually.) We apply cryptographic techniques to prevent several types of improper use of metering indicia. This paper describes a mail system that combines o-the-shelf barcode technology, tamper-proof devices, and cryptography in a fully-integrated secure franking system. This system provides protection against: 1. Tampering with postage meters to fraudulently obtain extra postage� 2. Forging and copying of postal indicia� 3. Unauthorized use of postage meters � and 4. Stolen postage meters. We provide detailed justi cation for our design, and discuss important tradeo s involving scanning strategies, encryption technology and 2-D barcode technology.

The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the US Government or Motorola Inc. Keywords: cryptography, franking, electroniccurrency, mail, postage, stamps, We extend cryptographic techniques to the protection of the application of stamps for mail. We show how to provide electronic stamps (using off-the-shelf bar code technology to represent a cryptographic message) to use in a fully integrated franking system that provides protection against: 1. Tampering with postage meter to given the user additional credit; 2. Forged or copied electronic stamps; 3. Unauthorized use of a postage meter; and 4. Stolen postage meters. We relate the question of electronic stamps to broader issues in electronic currency While cryptographic methods have long been associated with mail (dating back

Two-dimensional (2D) barcode has improved the information encoded capacity, and it also has enriched the applications of barcode technique. Recently, there are researches dealing with watermark technique on 2D barcode to prevent it from counterfeited or prepensely tampered. The existent methods still have to limit the size of embedded watermark in a relatively small portion. Furthermore, it also needs to utilize original watermark or other auxiliary verification mechanism to achieve the barcode verification. In this paper, we propose a method called associative watermarking which is conducted by the concept of Association Rules (ARs) and the idea of Vector Quantization (VQ). Our method is a kind of blind watermarking, and it also can free the size limitation of an embedded watermark. Performing associative watermarking to 2D barcode can reduce the embedded information amount, and using VQ indexing scheme can easily recall the embedded watermark for the purpose of barcode data authentication. The experiment demonstrates that our method can significantly save the information hiding capacity of 2D barcode and detects a counterfeited or prepensely tampered 2D barcode data correctly.