Security Protocols: 9th International Workshop Cambridge, UK, April 25–27, 2001 Revised Papers

Roger Needham (auth.), Bruce Christianson, James A. Malcolm, Bruno Crispo, Michael Roe (eds.)3540442634, 9783540442639

Hello and welcome. These are the proceedings of the 9th International Workshop on Security Protocols, the ?rst to be held in the new millennium. This year our theme was “mobile computing versus immobile security”. As usual, the insights and challenges which emerged during the workshop are re?ected in the position papers, which appear here in rewritten form. Transcripts are also included of the discussions which took place in C- bridge as the initial versions were presented. These transcripts are intended to provide a perspective on lines of argument which are worth pursuing further. Our desire is that you will join with us in this activity, and that as a result you will, like many of our participants, feel moved to propound something quite di?erent from what you originally planned. Our thanks as always to Prof. Roger Needham, FRS and to Microsoft – search Ltd. (Cambridge) for the use of the meeting room and co?ee machine. Thanks also to Lori Klimaszewska of the University of Cambridge Computing Service for transcribing the audio tapes (and for revealing in “Audrey James” a previously unsuspected double life of a well-known double agent), and to Dr. Mary Buchanan for her assistance in editing the transcripts into a Thucydidean mould. Actually, we are often asked how we go about producing the transcripts, especially upon those occasions when, for various reasons, no audio recording was made. This year we bow to pressure and reveal the details of our methodology in the Afterword.

---

Table of contents :
Keynote Address: Mobile Computing versus Immobile Security….Pages 1-3
Experiences of Mobile IP Security….Pages 4-11
Denial-of-Service, Address Ownership, and Early Authentication in the IPv6 World….Pages 12-21
Denial of sService, Address Ownership, and Early Authentication in the IPv6 World….Pages 22-26
Efficient, DoS-Resistant, Secure Key Exchange for Internet Protocols….Pages 27-39
Efficient, DoS-Resistant, Secure Key Exchange for Internet Protocols….Pages 40-48
Thwarting Timing Attacks Using ATM Networks….Pages 49-58
Thwarting Timing Attacks Using ATM Networks….Pages 59-62
Towards a Survivable Security Architecture for Ad-Hoc Networks….Pages 63-73
Towards a Survivable Security Architecture for Ad-Hoc Networks….Pages 74-79
PIM Security….Pages 80-81
PIM Security….Pages 82-86
Merkle Puzzles Revisited — Finding Matching Elements between Lists….Pages 87-90
Merkle Puzzles Revisited….Pages 91-94
Encapsulating Rules of Prudent Security Engineering….Pages 95-101
Encapsulating Rules of Prudent Security Engineering….Pages 102-106
A Multi-OS Approach to Trusted Computer Systems….Pages 107-114
A Multi-OS Approach to Trusted Computer Systems….Pages 115-118
A Proof of Non-repudiation….Pages 119-125
A Proof of Non-repudiation….Pages 126-133
Using Authority Certificates to Create Management Structures….Pages 134-145
Using Attribute Certificates for Creating Management Structures….Pages 146-150
Trust Management and Whether to Delegate….Pages 151-157
Trust Management and Whether to Delegate….Pages 158-165
You Can’t Take It with You….Pages 166-169
Protocols Using Keys from Faulty Data….Pages 170-179
Protocols Using Keys from Faulty Data….Pages 180-187
On the Negotiation of Access Control Policies….Pages 188-201
Negotiation of Access Control Policies….Pages 202-212
Intrusion-Tolerant Group Management in Enclaves….Pages 213-216
Lightweight Authentication in a Mobile Network….Pages 217-220
Bluetooth Security — Fact or Fiction?….Pages 221-228
Concluding Discussion When Does Confidentiality Harm Security?….Pages 229-238
The Last Word….Pages 239-239