Download Episode 5 (VBR MP3) | Episode details and other formats

Announcements

A new feature at this year’s Privacy Enhancing Technology Symposium is the HotPETs session. In addition to the usual “talk for 3-5 minutes on anything you like” rump session, there will be a session called HotPETs, at which you must be invited to speak (but of course all are encouraged to attend). For this session we invite submission of your hottest most exciting ideas that are still in a formative state. Submissions need not be technical in nature; we welcome challenges from other fields whereby our audience may learn about real world needs that require new research and solutions. Our intent is to bring new questions, approaches, and problems to our research community for discussion, feedback, and consideration of new approaches based on the diverse expertise of our attendees.

Submit abstracts by April 11 to hotpets08@petsymposium.org, or contact us through the cryptocracy blog.

Acknowledgements

Download Episode 4 (VBR MP3) | Episode details and other formats

Announcements

Cryptocracy is expanding

We have moved to the domain cryptocracy.net where we now have a blog as well as the podcast. We now consist of a board of 6 editors, and will be bringing you content in a variety of media. Please consider giving us your feedback here on our new site.  It is easy to log in: we accept OpenID

1st Identity in the Information Society Workshop taking place in Arona Italy.

The workshop will occur on the 28th through the 30th of May 2008, and invites submission of extended abstracts by the 31st of March. From the CFP: “Identity is now a key issue for citizens, business and the state. The workshop will explore the developing relationships between identity, security and privacy in an information-intensive society that in the name of better marketing or more efficient delivery of goods and services relentlessly tracks physical persons, their financial transactions, and their health.”

“The workshop is associated with the Identity in the Information Society (IDIS) Journal, providing a structured route for authors developing journal articles. Papers presented at the workshop will be considered (by peer-review) for publication in IDIS.”
http://is2.lse.ac.uk/idis/index.html

Two RFID security workshops

The first is titled “RFID Security: Theory and Practice”, and will take place from March 26th to 28th at the Lorentz Center in the Netherlands. Presentation is by invitation only, workshop lectures are open to everyone, but only 50 registrations will be accepted. Visit the workshop website for more information.
http://www.lorentzcenter.nl/lc/web/2008/298/info.php3?wsid=298

The second workshop is titled “Workshop on RFID security” to be held July 9th through 11th in Budapest. Papers are to be submitted by May 12th, and both academic and industry papers are sought. From the CFP: “The workshop focuses on approaches to solve security and data-protection issues in advanced contactless technologies like RFID. The workshop is the fourth edition of a series of workshops formerly held in Graz and Malaga. This year it will be co-located with the 2nd International EURASIP Workshop on RFID Technology 2008 (RFID2008) in Budapest.”
http://events.iaik.tugraz.at/RFIDSec08/

Acknowledgements

Download Special Episode (VBR MP3) | Episode details and other formats

Download Episode 3 (VBR MP3) | Download in other formats

Acknowledgements

Download Episode 2 (VBR mp3) | Download in other formats

The program

• Announcements
• This week’s guest: Karsten Nohl on the Mifare Crypto 1 break
• Anonymity Bibliography Paper of the week: The Pynchon Gate: A Secure Method of Pseudonymous Mail Retrieval

This Week’s Guest

This week’s guest is Karsten Nohl, a Ph. D. candidate in the computer science department of the University of Virginia. Karsten was kind enough to speak with us about joint work with Henryk Plötz regarding their analysis of the Mifare Crypto 1 cipher.

More information about the Mifare Crypto 1 (“Mifare classic crypto”) analysis including video footage of the 24c3 presentation is available on Hack A Day.

This Week’s Announcements

W2SP 2008: Web 2.0 Security and Privacy 2008
When: May 22, 2008
Submission Deadline: March 7, 2008
Where: Co-located with IEEE S&P, Oakland, CA, USA
What: “The goal of this one day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and establishing new collaborations in these areas.”

Fourth International Summer School:
The Future of Identity in the Information Society – Challenges for Privacy and Security FIDIS/IFIP Internet Security & Privacy Summer School 2008
When: 1-7 September 2008
Submission Deadline: April 28, 2008
Where: Masaryk University in Brno, Czech Rep
What: “The increasing diversity of Information & Communication Technologies and their equally diverse range of uses in personal, professional and official capacities raise challenging questions of identity in a variety of contexts. What constitutes an identity, how do new technologies affect identity, how do we manage identities in a globally networked information society?”

2008 USENIX/ACCURATE Electronic Voting Technology Workshop
When: July 28-29, 2008
Submission Deadline: March 28, 2008
Where: San Jose, CA, USA
What: “EVT ‘08 seeks to bring together researchers from a variety of disciplines, ranging from computer science and human-computer interaction experts through political scientists, legal experts, election administrators, and voting equipment vendors. EVT seeks to publish original research on important problems in all aspects of electronic voting.”

If you are going to be in Barcelona in March, hurry up and register for PKC 2008: The 11th International Workshop on Practice and Theory in Public Key Cryptography. The late registration deadline is almost upon us, as it falls on February 13th.

Tune in next week for an interview with Ian Goldberg, author of many great papers including “Improving the Robustness of Private Information Retrieval” which was featured on last week’s program.

Anonymity Bibliography Paper of the week
The Pynchon Gate: A Secure Method of Pseudonymous Mail Retrieval [Anonbib entry][Bibtex]
By Len Sassaman, Bram Cohen, and Nick Mathewson

Other papers mentioned in this week’s episode
Security Analysis of a Cryptographically-Enabled RFID Device [Bibtex]
By S. Bono, M. Green, A. Stubblefield, A. Juels, A. Rubin, and M. Szydlo

Acknowledgements

In this first episode I reading some abstracts from the Freehaven anonymity bibliography of which I am an editor. The papers I have selected this week span a variety of topics in privacy enhancing technology, and were published within the past two years.

Please make requests for future podcast episodes by sending me email (tshb@acm.org) or by leaving a comment here on my blog. I rely on you to suggest interviews you would like to hear, abstracts or venues you would like me to cover, or other things you would like to hear.

I also invite contributions. If you are interested in speaking on my show please contact me.

A list of papers mentioned in this week’s podcast after the jump.

Download episode 001 (VBR MP3) | Download in other formats

This week I read the following abstracts. The metadata and comments reproduced here are copied from the Freehaven anonymity bibliography. For up to date information please refer back to this source.

1.  

   Sampled Traffic Analysis by Internet-Exchange-Level Adversaries (PDF) (Cached: PDF)
   by Steven J. Murdoch and Piotr Zieli?ski.
   In the Proceedings of the Seventh Workshop on Privacy Enhancing Technologies (PET 2007), Ottawa, Canada, June 2007. (BibTeX entry)·

   Examines efficacy of traffic analysis against a low-latency anonymity network by an adversary who controls Ineternet exchanges, and who can only sample a fraction of traffic.

2.  

   Nymble: Anonymous IP-address Blocking (PDF)
   by Peter C. Johnson, Apu Kapadia, Patrick P. Tsang, and Sean W. Smith.
   In the Proceedings of the Seventh Workshop on Privacy Enhancing Technologies (PET 2007), Ottawa, Canada, June 2007. (BibTeX entry)·

   Describes Nymble, a system that allows services to block anonymous users that misbehave, without making their transactions linkable.

3.  

   The Economics of Mass Surveillance and the Questionable Value of Anonymous Communications (PDF) (Cached: PDF)
   by George Danezis and Bettina Wittneben.
   In the Proceedings of the Fifth Workshop on the Economics of Information Security (WEIS 2006), Cambridge, UK, June 2006. (BibTeX entry)·

4.  

   Locating Hidden Servers (PDF) (Cached: PDF)
   by Lasse Øverlier and Paul Syverson.
   In the Proceedings of the 2006 IEEE Symposium on Security and Privacy, May 2006. (BibTeX entry)·

   Motivates and describes Tor’s entry guard design.

5.  

   How to win the clonewars: efficient periodic n-times anonymous authentication (PDF) (Cached: PDF)
   by Jan Camenisch, Susan Hohenberger, Markulf Kohlweiss, Anna Lysyanskaya, and Mira Meyerovich.
   In the Proceedings of the 13th ACM conference on Computer and communications security (CCS 2006), Alexandria, Virginia, USA, 2006, pages 201-210. (BibTeX entry)·

Download the Cryptocracy Podcast episode 001 as a VBR MP3, or Cryptocracy Podcast in other formats.