Presentations

Each student will be expected to present one topic before Spring Break and one topic after Spring Break. You may work with one of student on a given topic (sign up in pairs if you want to do this).

The presenter's responsibilities are:

1. 2 weeks before the scheduled presentation or earlier (or by Friday 16 Jan if you are next week): send me (evans@virginia.edu) or discuss with me your intended topic and paper selections.
2. 1 week before the scheduled presentation or earlier: bring to class copies of the papers you expect the seminar participants to read. If the papers are available electronically, send links to the papers to me.
3. During the scheduled presentation: present an interesting perspective on the topic. As presenter, you should have more material to draw from than just what is covered in the selected papers. Your presentation should not just be a summary of what is in the papers: it should connect and compare different approaches to the problem, critique the ideas in the papers, raise interesting discussion questions, etc. Your presentation should not feel like a book report! You should include a brief overview of the paper, but assume that everyone in the seminar can read and understand the papers themselves (but be prepared to answer questions about them).
4. No later than 1 day after the presentation: email me all the materials from your presentation for posting on the seminar web site.

Your topics may be anything you find interesting that is relevant to the seminar topic (which broadly includes any use of cryptography to solve a problem). The list below is not meant to be exhaustive, but provides some suggestions of possibly interesting topics and papers. As presenter, it is your responsibility to come up with a coherent group of papers. If there is more than one group presenting on a topic area, you should coordinate with the other group to produce progressive presentations.

Identity and Authentication

• Talking To Strangers: Authentication in Ad-Hoc Wireless Networks, Dirk Balfanz, D. K. Smetters, Paul Stewart and H. Chi Wong (NDSS 2002)
• Client-Side Defense Against Web-Based Identity Theft. Neil Chou, Robert Ledesma, Yuka Teraguchi, and John C. Mitchell (NDSS 2004)
• Proactive Two-Party Signatures for User Authentication, Antonio Nicolosi, Maxwell Krohn, Yevgeniy Dodis, David Mazieres (NDSS 2003).

  Passwords

• Securing passwords against dictionary attacks, Benny Pinkas, Tomas Sander (CCS 2002)
• Addressing Online Dictionary Attacks with Login Histories and Humans-in-the-Loop, S. Stubblebine and P.C. van Oorschot (Financial Crypto 2004)
• Ian Jermyn, Alain Mayer, Fabian Monrose, Michael K. Reiter, and Aviel D. Rubin. The Design and Analysis of Graphical Passwords. (USENIX Security 1999)
• Fabian Monrose and Aviel D. Rubin. Keystroke Dynamics as a Biometric for Authentication. Future Generation Computing Systems (FGCS) Journal: Security on the Web (special issue). March 2000.

  PKI

• SDSI (http://theory.lcs.mit.edu/~cis/sdsi.html))
• Revocation

  MicroPayments

• Micropayments Revisited, Silvio Micali and Ronald L. Rivest (RSA Conference 2002)
• Electronic Lottery Tickets as Micropayments, Ronald L. Rivest (Financial Crypto 1997)
• PayWord and MicroMint — Two Simple Micropayment Schemes, Ronald L. Rivest and Adi Shamir (1996).
• PPay: micropayments for peer-to-peer systems, Beverly Yang, Hector Garcia-Molina (CCS 2002).
• A Micro-Payment Scheme Encouraging Collaboration in Multi-Hop Cellular Networks, Markus Jakobsson, Jean-Pierre Hubaux, and Levente Buttyan (Financial Crypto 2003)
• On the Anonymity of Fair Off-line e-Cash Systems, Matthieu Gaud and Jacques Traore (Financial Crypto 2003)
• Fileteller: Paying and Getting Paid for File Storage, John Ioannidis, Sotiris Ioannidis, Angelos Keromytis, Vassilis Prevelakis (Financial Crypto 2002)
• Electronic National Lotteries, Elisavet Konstantinou, Vasiliki Liagokou, Paul Spirakis, Yannis, C. Stamatiou, and Moti Yung (Financial Crypto 2004)

  Auctions

• Interleaving Cryptography and Mechanism Design: The Case of Online Auctions, Edith Elkind and Helger Lipmaa (Financial Crypto 2004)
• Secure Generalized Vickrey Auction without Third-Party Servers, Makoto Yokoo and Koutarou Suzuki (Financial Crypto 2004)
• Papers in Financial Crypto 2003 and earlier

  Anonymity

• Mixminion: Design of a Type III Anonymous Remailer Protocol, George Danezis (Cambridge Univ.), Roger Dingledine, Nick Mathewson (Free Haven Project) (Oakland 2003)
• Practical Anonymity for the Masses with MorphMix, Marc Rennhard and Bernhard Plattner (Financial Crypto 2004)
• A Privacy-Friendly Loyalty System Based on Discrete Logarithms over Elliptic Curves, Matthias Enzmann, Marc Fischlin, and Markus Schneider (Financial Crypto 2004)
• Identity-based Chameleon Hash and Applications, Giuseppe Ateniese and Breno de Medeiros (Financial Crypto 2004)

  Secure Multicast

• A Practical Revocation Scheme for Broadcast Encryption Using Smart Cards, Noam Kogan, Yuval Shavitt, Avishai Wool (Oakland 2003)
• Efficient Multicast Packet Authentication Using Signature Amortization, Jung Min Park, Edwin K.P. Chong, Howard Jay Siegel (Oakland 2002)

  Voting

• Almost entirely correct mixing with applications to voting, Dan Boneh, Philippe Golle (CCS 2002)
• The Vector-Ballot E-Voting Approach, Aggelos Kiayias and Moti Yung (Financial Crypto 2004)
• An Implementation of a Universally Verifiable Electronic Voting Scheme based on Shuffling, Jun Furukawa, Hiroshi Miyauchi, Kengo Mori, Satoshi Obana, Kazue Sako (Financial Crypto 2002)
• Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking, Markus Jakobsson, Ari Juels, and Ronald L. Rivest (USENIX Security 2002)
• VoteHere papers, Chaum paper

  Sensor Networks

• Secure Information Aggregation in Sensor Networks, Bartosz Przydatek, Dawn Song, and Adrian Perrig (Carnegie-Mellon University) (SenSys 2003)
• SPINS: Security Protocols for Sensor Networks, Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J. D. Tygar (Wireless Networks Journal, September 2002)
• LEAP: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks, S. Zhu, S. Setia and S. Jajodia (CCS 2003)

  Key Distribution

• A key-management scheme for distributed sensor networks, Laurent Eschenauer, Virgil D. Gligor (CCS 2002)
• Random Key Predistribution Schemes for Sensor Networks, Haowen Chan, drian Perrig, Dawn Song (CMU) (Oakland 2003)
• Establishing pairwise keys in distributed sensor networks, Donggang Liu, Peng Ning (CCS 2003)
• A pairwise key pre-distribution scheme for wireless sensor networks, Wenliang Du, Jing Deng, Yunghsiang S. Han, Pramod K. Varshney (CCS 2003)

  Routing

• Efficient Security Mechanisms for Routing Protocols, Yih-Chun Hu, Adrian Perrig, David Johnson (NDSS 2003)
• Working around BGP: An Incremental Approach to Improving Security and Accuracy in Interdomain Routing, Geoffrey Goodell, William Aiello, Timothy Griffin, John Ioannidis, Patrick McDaniel, Aviel Rubin (NDSS 2003)

  Location

• Secure Verification of Location Claims, Naveen Sastry, Umesh Shankar and David Wagner (WiSe 2003)
• Wireless LAN Location-Sensing for Security Applications, Ping Tao, Algis Rudys, Andrew Ladd, and Dan Wallach (WiSe 2003)
• Privacy-Aware Location Sensor Networks, M. Gruteser, G. Schelle, A. Jain, R. Han, D. Grunwald (Hot Topics in Operating Systems 2003)

  RFID

• The blocker tag: selective blocking of RFID tags for consumer privacy, Ari Juels, Ronald L. Rivest, Michael Szydlo (CCS 2003)
• Squealing Euros: Privacy Protection in RFID-Enabled Banknotes, Ari Juels and Ravikanth Pappu (Financial Crypto 2003)

  Denial of Service / Spam

• Defending Against Denial-of-Service Attacks with Puzzle Auctions, XiaoFeng Wang, Mike Reiter (CMU) (Oakland 2003)
• Pi: A Path Identification Mechanism to Defend against DDoS Attacks, Abraham Yaar, Adrian Perrig, Dawn Song (CMU) (Oakland 2003)
• Moderately Hard, Memory-Bound Functions, Martin Abadi, Michael Burrows, Ted Wobber (NDSS 2003)

For more ideas for topics, consider these conferences:

• IEEE Symposium on Security and Privacy ("Oakland"): 2003, 2002, 2001, 2000, 1999
• ACM Conference on Computer and Communications Security (CCS)
• Network and Distributed System Security Symposium: 2004, 2003, 2002
• Financial Cryptography
• Crypto (not too many applications): 2003, 2002
• Digital Rights Management (DRM 2003)
• Workshop on Wireless Security (WiSe 2003)

University of Virginia Department of Computer Science CS 851/551: Cryptography Applications Bistro

evans@cs.virginia.edu