Abstract — This paper discusses the design, implementation and deployment of a secure and practical payment system for electronic commerce on the Internet. The system is basedontheiKP family of protocols – i =1, 2, 3 – developed at IBM Research. The protocols implement credit cardbased transactions between buyers and merchants while the existing financial network is used for payment clearing and authorization. The protocols are extensible and can be readily applied to other account-based payment models, such as debit cards. They are based on careful and minimal use of public-key cryptography and can be implemented in either software or hardware. Individual protocols differ in both complexity and degree of security. In addition to being both a pre-cursor and a direct ancestor of the well-known SET standard, iKP-based payment systems have been in continuous operation on the Internet since mid-1996. This longevity – as well as the security and relative simplicity of the underlying mechanisms – make the iKP experience unique. For this reason, this paper also reports on, and addresses, a number of practical issues arising in the course of implementation and real-world deployment of a secure payment system.

Non-repudiation is one of the most important security services. In this paper we present a novel nonrepudiation technique, called Server-Supported Signatures, S³. It is based on one-way hash functions and traditional digital signatures. One of its highlights is that for ordinary users the use of asymmetric cryptography is limited to signature verification. S³ is efficient in terms of computational, communication and storage costs. It also offers a degree of security comparable to that of existing techniques based on asymmetric cryptography.

Abstract not found

this document. The first section, in chapter 3, develops a model for syntactic dependencies based on word-category n-grams. The second section, in chapter 4, extends this model by allowing short-range word relations to be captured through the incorporation of selected word n-grams.

Contents List of Figures vi List of Tables vii 1 Introduction 1 2 An Efficient Message Authentication Scheme for Link State Routing 6 2.1 Introduction : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 6 2.2 Background: Link State Update Authentication : : : : : : : : : : : : : : : : 8 2.3 Optimistic Link State Verification : : : : : : : : : : : : : : : : : : : : : : : 11 2.3.1 Assumptions : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 11 2.3.2 Protocol Overview : : : : : : : : : : : : : : : : : : : : : : : : : : : : 13 2.3.3 Sender Process : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 14 2.3.4 Receiver Process : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 16 2.3.5 Recovery Process : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 17 2.3.6 An Example : : : : : : : :

This paper presents research methodologies for collecting speech data and gives observations from a recent set of conversational speech collections before describing their outcomes. The presentation begins with a comparison of the relative challenges offered by broadcast news, telephone conversation and meeting recordings. The remainder

Abstract. We consider Secure Function Evaluation (SFE) in the clientserver setting where the server issues a secure token to the client. The token is not trusted by the client and is not a trusted third party. We show how to take advantage of the token to drastically reduce the communication complexity of SFE and computation load of the server. Our main contribution is the detailed consideration of design decisions, optimizations, and trade-offs, associated with the setting and its strict hardware requirements for practical deployment. In particular, we model the token as a computationally weak device with small constant-size memory and limit communication between client and server. We consider semi-honest, covert, and malicious adversaries. We show the feasibility of our protocols based on a FPGA implementation. 1

This paper discusses the design, implementation and deployment of a secure and practical payment system for electronic commerce on the Internet. The system is based on the iKP family of protocols -- iKP (i = 1; 2; 3) -- developed at IBM Research. The protocols implement credit card-based transactions between buyers and merchants while the existing financial network is used for payment clearing and authorization. The protocols are extensible and can be readily applied to other account-based payment model, such as debit cards. They are based on careful and minimal use of public-key cryptography and can be implemented in either software or hardware. Individual protocols differ in both complexity and degree of security. In addition to being both a pre-cursor and a direct ancestor of the well-known SET standard, iKP- based payment systems have been in continuous operation on the Internet since mid-1996. This longevity -- as well as the security and relative simplicity of the underlying me...

Abstract. Secure outsourcing of computation to an untrusted (cloud) service provider is becoming more and more important. Pure cryptographic solutions based on fully homomorphic and verifiable encryption, recently proposed, are promising but suffer from very high latency. Other proposals perform the whole computation on tamper-proof hardware and usually suffer from the the same problem. Trusted computing (TC) is another promising approach that uses trusted software and hardware components on computing platforms to provide useful mechanisms such as attestation allowing the data owner to verify the integrity of the cloud and its computation. However, on the one hand these solutions require trust in hardware (CPU, trusted computing modules) that are under the physical control of the cloud provider, and on the other hand they still have to face the challenge of run-time attestation. In this paper we focus on applications where the latency of the computation should be minimized, i.e., the time from submitting the query until receiving the outcome of the computation should be as small as possible. To achieve this we show how to combine a trusted hardware token (e.g., a cryptographic coprocessor or provided by the customer) with Secure Function Evaluation (SFE) to compute arbitrary functions on secret (encrypted) data where the computation leaks no information and is verifiable. The token is used in the setup phase only whereas in the time-critical online phase the cloud computes the encrypted function on encrypted data using symmetric encryption primitives only and without any interaction with other entities. Keywords: Cloud Computing, Hardware Token, Outsourcing. 1

This year we conducted experiments on shot boundary detection and rushes video summarisation. For the shot boundary determination task, we focused on detection of ‘cut’. The approach calculated the ‘exclusive or’ of two frames in the grey scale in order to measure the amount of discontinuity at a pixel level between two shots. Five runs were submitted with different sets of parameters, resulting in the performance of as high as 87 % recall and 85 % precision. For the rushes video task, the summary duration was fixed at 4 % of the video length. We joined a number of continuous frames that were extracted from the middle of each shot detected. We submitted a single run, resulting in the average level performance. 1 Shot Boundary Detection Shot boundary detection is a process of identifying boundaries between shots from a sequence of video frames. The key idea is to choose a right set of features and measures that capture the dissimilarity between shots. The difference between adjacent frame pair is calculated from features. A shot boundary is assigned when the value is greater than a predefined thresholds. To date there have been a large number of shot boundary detection algorithms proposed (Pye et al., 1998;