Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection

Permanent URI for this collectionhttps://hdl.handle.net/11147/7148

Browse

Filters

2006 - 200922010 - 20162

Settings

Publisher: search.filters.publisher.Springer VerlagSubject: search.filters.subject.Cryptography

Search Results

Now showing 1 - 4 of 4
  • Article
    Citation - WoS: 1
    Citation - Scopus: 4
    A Practical Privacy-Preserving Targeted Advertising Scheme for Iptv Users
    (Springer Verlag, 2016) Khayati, Leyli Javid; Örencik, Cengiz; Savaş, Erkay; Ustaoğlu, Berkant
    In this work, we present a privacy-preserving scheme for targeted advertising via the Internet Protocol TV (IPTV). The scheme uses a communication model involving a collection of subscribers, a content provider (IPTV), advertisers and a semi-trusted server. To target potential customers, the advertiser can utilize not only demographic information of subscribers, but also their watching habits. The latter includes watching history, preferences for IPTV content and watching rate, which are periodically (e.g., weekly) published on a semi-trusted server (e.g., cloud server) along with anonymized demographics. Since the published data may leak sensitive information about subscribers, it is safeguarded using cryptographic techniques in addition to the anonymization of demographics. The techniques used by the advertiser, which can be manifested in its queries to the server, are considered (trade) secrets and therefore are protected as well. The server is oblivious to the published data and the queries of the advertiser as well as its own responses to these queries. Only a legitimate advertiser, endorsed with so-called trapdoors by the IPTV, can query the cloud server and access the query results. Even when some background information about users is available, query responses do not leak sensitive information about the IPTV users. The performance of the proposed scheme is evaluated with experiments, which show that the scheme is practical. The algorithms demonstrate both weak and strong scaling property and take advantage of high level of parallelism. The scheme can also be applied as a recommendation system. © 2015, Springer-Verlag Berlin Heidelberg.
  • Conference Object
    Citation - WoS: 9
    Citation - Scopus: 24
    Modeling Leakage of Ephemeral Secrets in Tripartite/Group Key Exchange
    (Springer Verlag, 2010) Manulis, Mark; Suzuki, Koutarou; Ustaoğlu, Berkant
    Recent advances in the design and analysis of secure two-party key exchange (2KE) such as the leakage of ephemeral secrets used during the attacked sessions remained unnoticed by the current models for group key exchange (GKE). Focusing on a special case of GKE - the tripartite key exchange (3KE) - that allows for efficient one-round protocols, we demonstrate how to incorporate these advances to the multi-party setting. From this perspective our work closes the most pronounced gap between provably secure 2KE and GKE protocols. The proposed 3KE protocol is an implicitly authenticated protocol with one communication round which remains secure even in the event of ephemeral secret leakage. It also significantly improves upon currently known 3KE protocols, many of which are insecure. An optional key confirmation round can be added to our proposal to achieve the explicitly authenticated protocol variant. © 2010 Springer-Verlag.
  • Conference Object
    Citation - WoS: 4
    Reusing Static Keys in Key Agreement Protocols
    (Springer Verlag, 2009) Chatterjee, Sanjit; Menezes, Alfred; Ustaoğlu, Berkant
    Contrary to conventional cryptographic wisdom, the NIST SP 800-56A standard explicitly allows the use of a static key pair in more than one of the key establishment protocols described in the standard. In this paper, we give examples of key establishment protocols that are individually secure, but which are insecure when static key pairs are reused in two of the protocols. We also propose an enhancement of the extended Canetti-Krawczyk security model and definition for the situation where static public keys are reused in two or more key agreement protocols. © 2009 Springer-Verlag.
  • Article
    Citation - WoS: 4
    Citation - Scopus: 9
    End-To Security Implementation for Mobile Devices Using Tls Protocol
    (Springer Verlag, 2006) Kayayurt, Barış; Tuğlular, Tuğkan
    End-to-end security has been an emerging need for mobile devices with the widespread use of personal digital assistants and mobile phones. Transport Layer Security Protocol (TLS) is an end-to-end security protocol that is commonly used on the Internet, together with its predecessor, SSL protocol. By implementing TLS protocol in the mobile world, the advantage of the proven security model of this protocol can be utilized. The main design goals of mobile end-to-end security protocol are maintainability and extensibility. Cryptographic operations are performed with a free library, Bouncy Castle Cryptography Package. The object oriented architecture of proposed end-to-end security protocol implementation makes the replacement of this library with another cryptography package easier. The implementation has been experimented with different cases, which represent use of different cryptographic algorithms.