-
Quantifying the checkerboard problem to reduce numerical dissipation
Authors:
Johannes Arend Hopman,
Daniel Santos,
Àdel Alsalti-Baldellou,
Joaquim Rigola,
Francesc Xavier Trias
Abstract:
This work provides a comprehensive exploration of various methods in solving incompressible flows using a projection method, and their relation to the occurrence and management of checkerboard oscillations. It employs an algebraic symmetry-preserving framework, clarifying the derivation and implementation of discrete operators while also addressing the associated numerical errors. The lack of a pr…
▽ More
This work provides a comprehensive exploration of various methods in solving incompressible flows using a projection method, and their relation to the occurrence and management of checkerboard oscillations. It employs an algebraic symmetry-preserving framework, clarifying the derivation and implementation of discrete operators while also addressing the associated numerical errors. The lack of a proper definition for the checkerboard problem is addressed by proposing a physics-based coefficient. This coefficient, rooted in the disparity between the compact- and wide-stencil Laplacian operators, is able to quantify oscillatory solution fields with a physics-based, global, normalised, non-dimensional value. The influence of mesh and time-step refinement on the occurrence of checkerboarding is highlighted. Therefore, single measurements using this coefficient should be considered with caution, as the value presents little use without any context and can either suggest mesh refinement or use of a different solver. In addition, an example is given on how to employ this coefficient, by establishing a negative feedback between the level of checkerboarding and the inclusion of a pressure predictor, to dynamically balance the checkerboarding and numerical dissipation. This method is tested for laminar and turbulent flows, demonstrating its capabilities in obtaining this dynamical balance, without requiring user input. The method is able to achieve low numerical dissipation in absence of oscillations or diminish oscillation on skew meshes, while it shows minimal loss in accuracy for a turbulent test case. Despite its advantages, the method exhibits a slight decrease in the second-order relation between time-step size and pressure error, suggesting that other feedback mechanisms could be of interest.
△ Less
Submitted 13 August, 2024;
originally announced August 2024.
-
Privacy Engineering From Principles to Practice: A Roadmap
Authors:
Frank Pallas,
Katharina Koerner,
Isabel Barberá,
Jaap-Henk Hoepman,
Meiko Jensen,
Nandita Rao Narla,
Nikita Samarin,
Max-R. Ulbricht,
Isabel Wagner,
Kim Wuyts,
Christian Zimmermann
Abstract:
Privacy engineering is gaining momentum in industry and academia alike. So far, manifold low-level primitives and higher-level methods and strategies have successfully been established. Still, fostering adoption in real-world information systems calls for additional aspects to be consciously considered in research and practice.
Privacy engineering is gaining momentum in industry and academia alike. So far, manifold low-level primitives and higher-level methods and strategies have successfully been established. Still, fostering adoption in real-world information systems calls for additional aspects to be consciously considered in research and practice.
△ Less
Submitted 4 April, 2024;
originally announced April 2024.
-
Mutual Contact Discovery
Authors:
Jaap-Henk Hoepman
Abstract:
Contact discovery allows new users of a messaging service to find existing contacts that already use that service. Existing users are similarly informed of new users that join. This creates a privacy issue: anyone already on the service that has your number on their contact list gets notified that you joined. Even if you don't know that person, or if it is an ex or former colleague that you long p…
▽ More
Contact discovery allows new users of a messaging service to find existing contacts that already use that service. Existing users are similarly informed of new users that join. This creates a privacy issue: anyone already on the service that has your number on their contact list gets notified that you joined. Even if you don't know that person, or if it is an ex or former colleague that you long parted with and whose contact details you deleted long ago. To solve this, we propose a mutual contact discovery protocol, that only allow users to discover each other when both are (still) in each other's contact list. Mutual contact discovery has the additional advantage that it can be implemented in a more privacy friendly fashion (e.g. protecting the social graph from the server) than traditional, one-sided contact discovery, without necessarily relying on trusted hardware.
△ Less
Submitted 5 December, 2023; v1 submitted 24 September, 2022;
originally announced September 2022.
-
Privacy Friendly E-Ticketing For Public Transport
Authors:
Jaap-Henk Hoepman
Abstract:
This paper studies how to implement a privacy friendly form of ticketing for public transport in practice. The protocols described are inspired by current (privacy invasive) public transport ticketing systems used around the world. The first protocol emulates paper based tickets. The second protocol implements a pay-as-you-go approach, with fares determined when users check-in and check-out. Both…
▽ More
This paper studies how to implement a privacy friendly form of ticketing for public transport in practice. The protocols described are inspired by current (privacy invasive) public transport ticketing systems used around the world. The first protocol emulates paper based tickets. The second protocol implements a pay-as-you-go approach, with fares determined when users check-in and check-out. Both protocols assume the use of a smart phone as the main user device to store tickets or travel credit. We see this research as a step towards investigating how to design commonly used infrastructure in a privacy friendly manner in practice, paying particular attention to how to deal with failures.
△ Less
Submitted 22 January, 2021;
originally announced January 2021.
-
Hansel and Gretel and the Virus: Privacy Conscious Contact Tracing
Authors:
Jaap-Henk Hoepman
Abstract:
Digital contact tracing has been proposed to support the health authorities in fighting the current Covid-19 pandemic. In this paper we propose two centralised protocols for digital contact tracing that, contrary to the common hypothesis that this is an inherent risk, do not allow (retroactive) tracking of the location of a device over time. The first protocol does not rely on synchronised clocks.…
▽ More
Digital contact tracing has been proposed to support the health authorities in fighting the current Covid-19 pandemic. In this paper we propose two centralised protocols for digital contact tracing that, contrary to the common hypothesis that this is an inherent risk, do not allow (retroactive) tracking of the location of a device over time. The first protocol does not rely on synchronised clocks. The second protocol does not require a handshake between two devices, at the expense of relying on real-time communication with a central server. We stress that digital contact tracing is a form of technological solutionism that should be used with care, especially given the inherent mass surveillance nature of such systems.
△ Less
Submitted 21 February, 2021; v1 submitted 8 January, 2021;
originally announced January 2021.
-
A Critique of the Google Apple Exposure Notification (GAEN) Framework
Authors:
Jaap-Henk Hoepman
Abstract:
As a response to the COVID-19 pandemic digital contact tracing has been proposed as a tool to support the health authorities in their quest to determine who has been in close and sustained contact with a person infected by the coronavirus. In April 2020 Google and Apple released the Google Apple Exposure Notification (GAEN) framework, as a decentralised and more privacy friendly platform for conta…
▽ More
As a response to the COVID-19 pandemic digital contact tracing has been proposed as a tool to support the health authorities in their quest to determine who has been in close and sustained contact with a person infected by the coronavirus. In April 2020 Google and Apple released the Google Apple Exposure Notification (GAEN) framework, as a decentralised and more privacy friendly platform for contact tracing. The GAEN framework implements exposure notification mostly at the operating system layer, instead of fully at the app(lication) layer. In this paper we study the consequences of this approach. We argue that this creates a dormant functionality for mass surveillance at the operating system layer. We show how it does not technically prevent the health authorities from implementing a purely centralised form of contact tracing (even though that is the stated aim). We highlight that GAEN allows Google and Apple to dictate how contact tracing is (or rather isn't) implemented in practice by health authorities, and how it introduces the risk of function creep.
△ Less
Submitted 12 January, 2021; v1 submitted 9 December, 2020;
originally announced December 2020.
-
A symmetry-preserving second-order time-accurate PISO-based method
Authors:
Ed M. J. Komen,
Jannes A. Hopman,
Edo M. A. Frederix,
F. Xavi Trias,
Roel W. C. P. Verstappen
Abstract:
A new conservative symmetry-preserving second-order time-accurate PISO-based pressure-velocity coupling for solving the incompressible Navier-Stokes equations on unstructured collocated grids is presented in this paper. This new method for implicit time stepping is an extension of the conservative symmetry-preserving incremental-pressure projection method for explicit time stepping and unstructure…
▽ More
A new conservative symmetry-preserving second-order time-accurate PISO-based pressure-velocity coupling for solving the incompressible Navier-Stokes equations on unstructured collocated grids is presented in this paper. This new method for implicit time stepping is an extension of the conservative symmetry-preserving incremental-pressure projection method for explicit time stepping and unstructured collocated meshes of Trias et al. (2014). In order to assess and compare both methods, we have implemented them within one unified solver in the open source code OpenFOAM. We combine both methods with a Butcher tableau for a family of explicit and diagonally implicit Runge-Kutta temporal schemes. We assess the energy conservation properties of the implemented discretisation methods and the temporal consistency of the selected Runge-Kutta schemes using Taylor-Green vortex and lid-driven cavity flow test cases.
Although both implemented methods are based on a symmetry-preserving discretisation, we show that both methods still produce a small amount of numerical dissipation when the total pressure is directly solved from a Poisson equation. This numerical dissipation is mainly caused by the corresponding pressure error which is of $O(Δt Δh^2)$. When an incremental-pressure approach is used, where a pressure correction is solved from a Poisson equation, the pressure error reduces to $O(Δt^2 Δh^2)$, yielding better conservation properties: both methods are then effectively fully-conservative. Furthermore, we conclude that all selected explicit and implicit higher order temporal schemes suffer from a reduction of the temporal order to approximately one when the pressure Poisson equation is based on the total pressure due to the presence of a pressure error of $O(Δt Δh^2)$.
△ Less
Submitted 8 October, 2020;
originally announced October 2020.
-
Towards direct numerical simulation of turbulent co-current Taylor bubble flow
Authors:
Edo M. A. Frederix,
Jannes A. Hopman,
Traianos Karageorgiou,
Ed M. J. Komen
Abstract:
This paper present a simulation strategy for DNS of turbulent co-current Taylor bubble flow. This is a continuation of the work presented in [2] in which Large Eddy Simulation (LES) of co-current turbulent Taylor bubble flow was presented. It was observed that one of the main challenges is the physically accurate prediction of the behavior of the Taylor bubble skirt, and the related bubble sheddin…
▽ More
This paper present a simulation strategy for DNS of turbulent co-current Taylor bubble flow. This is a continuation of the work presented in [2] in which Large Eddy Simulation (LES) of co-current turbulent Taylor bubble flow was presented. It was observed that one of the main challenges is the physically accurate prediction of the behavior of the Taylor bubble skirt, and the related bubble shedding. An underestimation of the turbulent fluctuations in the wake of the Taylor bubble was observed in the LES results. It was suggested that this is related to over-prediction of the loss of void of the Taylor bubble due to bubble shedding induced by an LES mesh resolution which is not sufficient to capture the break-up and bubble formation accurately. To counter this, in the current work we present a DNS approach of co-current turbulent Taylor bubble flow called RK-Basilisk, based on the Basilisk code with local adaptive grid refinement. This strategy allows for very high mesh resolution near the bubble's interface while elsewhere the grid is allowed to be coarser. Each time step, the mesh is adapted based on a void fraction criterion. Basilisk's underlying data structure which is based on an 'octree' allows for much faster solution procedures and, therefore, a much greater number of grid points as compared to the LES simulations which were performed using the more general OpenFOAM code. We compare the results against experimental data of the same setting, as well as the co-current LES OpenFOAM results. The setting of turbulent Taylor bubble flow in co-current conditions allows for both lower order turbulence model development and the validation of more general two-phase modeling strategies. Taylor bubble flow in itself also bears relevance to specific two-phase flow situations. The current work contributes to an advancement in simulation capability for such situations.
△ Less
Submitted 8 October, 2020;
originally announced October 2020.
-
Hydra: A Multiple Blockchain Protocol for Improving Transaction Throughput
Authors:
Rowel Gündlach,
Jaap-Henk Hoepman,
Remco van der Hofstad,
Tommy Koens,
Stijn Meijer
Abstract:
Improving transaction throughput is one of the main challenges in decentralized payment systems. Attempts to improve transaction throughput in cryptocurrencies are usually a trade-off between throughput and security or introduce a central component.
We propose Hydra, a decentralized protocol that improves transaction throughput without the security trade-off and has no central component. Our nov…
▽ More
Improving transaction throughput is one of the main challenges in decentralized payment systems. Attempts to improve transaction throughput in cryptocurrencies are usually a trade-off between throughput and security or introduce a central component.
We propose Hydra, a decentralized protocol that improves transaction throughput without the security trade-off and has no central component. Our novel approach distributes blocks over multiple blockchains. Hydra makes a trade-off between transaction throughput and finality, the time it takes to stabilize the record of a transaction in the blockchain. We rigorously analyze the double spend attack in a multiple-blockchain protocol. Our analysis shows that the number of transactions per second can be increased significantly while finality is within acceptable boundaries.
△ Less
Submitted 15 October, 2019;
originally announced October 2019.
-
Privacy and Data Protection by Design - from policy to engineering
Authors:
George Danezis,
Josep Domingo-Ferrer,
Marit Hansen,
Jaap-Henk Hoepman,
Daniel Le Metayer,
Rodica Tirtea,
Stefan Schiffner
Abstract:
Privacy and data protection constitute core values of individuals and of democratic societies. There have been decades of debate on how those values -and legal obligations- can be embedded into systems, preferably from the very beginning of the design process.
One important element in this endeavour are technical mechanisms, known as privacy-enhancing technologies (PETs). Their effectiveness has…
▽ More
Privacy and data protection constitute core values of individuals and of democratic societies. There have been decades of debate on how those values -and legal obligations- can be embedded into systems, preferably from the very beginning of the design process.
One important element in this endeavour are technical mechanisms, known as privacy-enhancing technologies (PETs). Their effectiveness has been demonstrated by researchers and in pilot implementations. However, apart from a few exceptions, e.g., encryption became widely used, PETs have not become a standard and widely used component in system design. Furthermore, for unfolding their full benefit for privacy and data protection, PETs need to be rooted in a data governance strategy to be applied in practice.
This report contributes to bridging the gap between the legal framework and the available technological implementation measures by providing an inventory of existing approaches, privacy design strategies, and technical building blocks of various degrees of maturity from research and development. Starting from the privacy principles of the legislation, important elements are presented as a first step towards a design process for privacy-friendly systems and services. The report sketches a method to map legal obligations to design strategies, which allow the system designer to select appropriate techniques for implementing the identified privacy requirements. Furthermore, the report reflects limitations of the approach. It concludes with recommendations on how to overcome and mitigate these limits.
△ Less
Submitted 10 April, 2015; v1 submitted 12 January, 2015;
originally announced January 2015.
-
Privacy Design Strategies
Authors:
Jaap-Henk Hoepman
Abstract:
In this paper we define the notion of a privacy design strategy. These strategies help IT architects to support privacy by design early in the software development life cycle, during concept development and analysis. Using current data protection legislation as point of departure we derive the following eight privacy design strategies: minimise, hide, separate, aggregate, inform, control, enforce,…
▽ More
In this paper we define the notion of a privacy design strategy. These strategies help IT architects to support privacy by design early in the software development life cycle, during concept development and analysis. Using current data protection legislation as point of departure we derive the following eight privacy design strategies: minimise, hide, separate, aggregate, inform, control, enforce, and demonstrate. The strategies also provide a useful classification of privacy design patterns and the underlying privacy enhancing technologies. We therefore believe that these privacy design strategies are not only useful when designing privacy friendly systems, but also helpful when evaluating the privacy impact of existing IT systems.
△ Less
Submitted 6 May, 2013; v1 submitted 24 October, 2012;
originally announced October 2012.
-
In Things We Trust? Towards trustability in the Internet of Things
Authors:
Jaap-Henk Hoepman
Abstract:
This essay discusses the main privacy, security and trustability issues with the Internet of Things.
This essay discusses the main privacy, security and trustability issues with the Internet of Things.
△ Less
Submitted 12 September, 2011;
originally announced September 2011.
-
The Identity Crisis. Security, Privacy and Usability Issues in Identity Management
Authors:
Gergely Alpár,
Jaap-Henk Hoepman,
Johanneke Siljee
Abstract:
This paper studies the current "identity crisis" caused by the substantial security, privacy and usability shortcomings encountered in existing systems for identity management. Some of these issues are well known, while others are much less understood. This paper brings them together in a single, comprehensive study and proposes recommendations to resolve or to mitigate the problems. Some of these…
▽ More
This paper studies the current "identity crisis" caused by the substantial security, privacy and usability shortcomings encountered in existing systems for identity management. Some of these issues are well known, while others are much less understood. This paper brings them together in a single, comprehensive study and proposes recommendations to resolve or to mitigate the problems. Some of these problems cannot be solved without substantial research and development effort.
△ Less
Submitted 2 January, 2011;
originally announced January 2011.
-
The Privacy Coach: Supporting customer privacy in the Internet of Things
Authors:
Gerben Broenink,
Jaap-Henk Hoepman,
Christian van 't Hof,
Rob van Kranenburg,
David Smits,
Tijmen Wisman
Abstract:
The Privacy Coach is an application running on a mobile phone that supports customers in making privacy decisions when confronted with RFID tags. The approach we take to increase customer privacy is a radical departure from the mainstream research efforts that focus on implementing privacy enhancing technologies on the RFID tags themselves. Instead the Privacy Coach functions as a mediator betwe…
▽ More
The Privacy Coach is an application running on a mobile phone that supports customers in making privacy decisions when confronted with RFID tags. The approach we take to increase customer privacy is a radical departure from the mainstream research efforts that focus on implementing privacy enhancing technologies on the RFID tags themselves. Instead the Privacy Coach functions as a mediator between customer privacy preferences and corporate privacy policies, trying to find a match between the two, and informing the user of the outcome. In this paper we report on the architecture of the Privacy Coach, and show how it enables users to make informed privacy decisions in a user-friendly manner. We also spend considerable time to discuss lessons learnt and to describe future plans to further improve on the Privacy Coach concept.
△ Less
Submitted 25 January, 2010;
originally announced January 2010.
-
Practical Schemes For Privacy & Security Enhanced RFID
Authors:
Jaap-Henk Hoepman,
Rieks Joosten
Abstract:
Proper privacy protection in RFID systems is important. However, many of the schemes known are impractical, either because they use hash functions instead of the more hardware efficient symmetric encryption schemes as a efficient cryptographic primitive, or because they incur a rather costly key search time penalty at the reader. Moreover, they do not allow for dynamic, fine-grained access contr…
▽ More
Proper privacy protection in RFID systems is important. However, many of the schemes known are impractical, either because they use hash functions instead of the more hardware efficient symmetric encryption schemes as a efficient cryptographic primitive, or because they incur a rather costly key search time penalty at the reader. Moreover, they do not allow for dynamic, fine-grained access control to the tag that cater for more complex usage scenarios.
In this paper we investigate such scenarios, and propose a model and corresponding privacy friendly protocols for efficient and fine-grained management of access permissions to tags. In particular we propose an efficient mutual authentication protocol between a tag and a reader that achieves a reasonable level of privacy, using only symmetric key cryptography on the tag, while not requiring a costly key-search algorithm at the reader side. Moreover, our protocol is able to recover from stolen readers.
△ Less
Submitted 25 February, 2010; v1 submitted 7 September, 2009;
originally announced September 2009.
-
Client-Server Password Recovery (Extended Abstract)
Authors:
Łukasz Chmielewski,
Jaap-Henk Hoepman,
Peter van Rossum
Abstract:
Human memory is not perfect - people constantly memorize new facts and forget old ones. One example is forgetting a password, a common problem raised at IT help desks. We present several protocols that allow a user to automatically recover a password from a server using partial knowledge of the password. These protocols can be easily adapted to the personal entropy setting, where a user can reco…
▽ More
Human memory is not perfect - people constantly memorize new facts and forget old ones. One example is forgetting a password, a common problem raised at IT help desks. We present several protocols that allow a user to automatically recover a password from a server using partial knowledge of the password. These protocols can be easily adapted to the personal entropy setting, where a user can recover a password only if he can answer a large enough subset of personal questions.
We introduce client-server password recovery methods, in which the recovery data are stored at the server, and the recovery procedures are integrated into the login procedures. These methods apply to two of the most common types of password based authentication systems. The security of these solutions is significantly better than the security of presently proposed password recovery schemes. Our protocols are based on a variation of threshold encryption that may be of independent interest.
△ Less
Submitted 25 June, 2009;
originally announced June 2009.
-
Private Handshakes
Authors:
Jaap-Henk Hoepman
Abstract:
Private handshaking allows pairs of users to determine which (secret) groups they are both a member of. Group membership is kept secret to everybody else. Private handshaking is a more private form of secret handshaking, because it does not allow the group administrator to trace users. We extend the original definition of a handshaking protocol to allow and test for membership of multiple groups…
▽ More
Private handshaking allows pairs of users to determine which (secret) groups they are both a member of. Group membership is kept secret to everybody else. Private handshaking is a more private form of secret handshaking, because it does not allow the group administrator to trace users. We extend the original definition of a handshaking protocol to allow and test for membership of multiple groups simultaneously. We present simple and efficient protocols for both the single group and multiple group membership case.
Private handshaking is a useful tool for mutual authentication, demanded by many pervasive applications (including RFID) for privacy. Our implementations are efficient enough to support such usually resource constrained scenarios.
△ Less
Submitted 1 April, 2008;
originally announced April 2008.
-
A Practical Attack on the MIFARE Classic
Authors:
Gerhard de Koning Gans,
Jaap-Henk Hoepman,
Flavio D. Garcia
Abstract:
The MIFARE Classic is the most widely used contactless smart card in the market. Its design and implementation details are kept secret by its manufacturer. This paper studies the architecture of the card and the communication protocol between card and reader. Then it gives a practical, low-cost, attack that recovers secret information from the memory of the card. Due to a weakness in the pseudo-…
▽ More
The MIFARE Classic is the most widely used contactless smart card in the market. Its design and implementation details are kept secret by its manufacturer. This paper studies the architecture of the card and the communication protocol between card and reader. Then it gives a practical, low-cost, attack that recovers secret information from the memory of the card. Due to a weakness in the pseudo-random generator, we are able to recover the keystream generated by the CRYPTO1 stream cipher. We exploit the malleability of the stream cipher to read all memory blocks of the first sector of the card. Moreover, we are able to read any sector of the memory of the card, provided that we know one memory block within this sector. Finally, and perhaps more damaging, the same holds for modifying memory blocks.
△ Less
Submitted 26 June, 2008; v1 submitted 15 March, 2008;
originally announced March 2008.
-
The Ephemeral Pairing Problem
Authors:
Jaap-Henk Hoepman
Abstract:
In wireless ad-hoc broadcast networks the pairing problem consists of establishing a (long-term) connection between two specific physical nodes in the network that do not yet know each other. We focus on the ephemeral version of this problem. Ephemeral pairings occur, for example, when electronic business cards are exchanged between two people that meet, or when one pays at a check-out using a w…
▽ More
In wireless ad-hoc broadcast networks the pairing problem consists of establishing a (long-term) connection between two specific physical nodes in the network that do not yet know each other. We focus on the ephemeral version of this problem. Ephemeral pairings occur, for example, when electronic business cards are exchanged between two people that meet, or when one pays at a check-out using a wireless wallet.
This problem can, in more abstract terms, be phrased as an ephemeral key exchange problem: given a low bandwidth authentic (or private) communication channel between two nodes, and a high bandwidth broadcast channel, can we establish a high-entropy shared secret session key between the two nodes without relying on any a priori shared secret information.
Apart from introducing this new problem, we present several ephemeral key exchange protocols, both for the case of authentic channels as well as for the case of private channels.
△ Less
Submitted 6 February, 2008;
originally announced February 2008.
-
Distributed Double Spending Prevention
Authors:
Jaap-Henk Hoepman
Abstract:
We study the problem of preventing double spending in electronic payment schemes in a distributed fashion. This problem occurs, for instance, when the spending of electronic coins needs to be controlled by a large collection of nodes (eg. in a peer-to-peer (P2P) system) instead of one central bank. Contrary to the commonly held belief that this is fundamentally impossible, we propose several sol…
▽ More
We study the problem of preventing double spending in electronic payment schemes in a distributed fashion. This problem occurs, for instance, when the spending of electronic coins needs to be controlled by a large collection of nodes (eg. in a peer-to-peer (P2P) system) instead of one central bank. Contrary to the commonly held belief that this is fundamentally impossible, we propose several solutions that do achieve a reasonable level of double spending prevention, and analyse their efficiency under varying assumptions.
△ Less
Submitted 6 February, 2008;
originally announced February 2008.
-
Crossing Borders: Security and Privacy Issues of the European e-Passport
Authors:
Jaap-Henk Hoepman,
Engelbert Hubbers,
Bart Jacobs,
Martijn Oostdijk,
Ronny Wichers Schreur
Abstract:
The first generation of European e-passports will be issued in 2006. We discuss how borders are crossed regarding the security and privacy erosion of the proposed schemes, and show which borders need to be crossed to improve the security and the privacy protection of the next generation of e-passports. In particular we discuss attacks on Basic Access Control due to the low entropy of the data fr…
▽ More
The first generation of European e-passports will be issued in 2006. We discuss how borders are crossed regarding the security and privacy erosion of the proposed schemes, and show which borders need to be crossed to improve the security and the privacy protection of the next generation of e-passports. In particular we discuss attacks on Basic Access Control due to the low entropy of the data from which the access keys are derived, we sketch the European proposals for Extended Access Control and the weaknesses in that scheme, and show how fundamentally different design decisions can make e-passports more secure.
△ Less
Submitted 25 January, 2008;
originally announced January 2008.
-
Increased security through open source
Authors:
Jaap-Henk Hoepman,
Bart Jacobs
Abstract:
In this paper we discuss the impact of open source on both the security and transparency of a software system. We focus on the more technical aspects of this issue, combining and extending arguments developed over the years. We stress that our discussion of the problem only applies to software for general purpose computing systems. For embedded systems, where the software usually cannot easily b…
▽ More
In this paper we discuss the impact of open source on both the security and transparency of a software system. We focus on the more technical aspects of this issue, combining and extending arguments developed over the years. We stress that our discussion of the problem only applies to software for general purpose computing systems. For embedded systems, where the software usually cannot easily be patched or upgraded, different considerations may apply.
△ Less
Submitted 25 January, 2008;
originally announced January 2008.
-
Fuzzy Private Matching (Extended Abstract)
Authors:
Łukasz Chmielewski,
Jaap-Henk Hoepman
Abstract:
In the private matching problem, a client and a server each hold a set of $n$ input elements. The client wants to privately compute the intersection of these two sets: he learns which elements he has in common with the server (and nothing more), while the server gains no information at all. In certain applications it would be useful to have a private matching protocol that reports a match even i…
▽ More
In the private matching problem, a client and a server each hold a set of $n$ input elements. The client wants to privately compute the intersection of these two sets: he learns which elements he has in common with the server (and nothing more), while the server gains no information at all. In certain applications it would be useful to have a private matching protocol that reports a match even if two elements are only similar instead of equal. Such a private matching protocol is called \emph{fuzzy}, and is useful, for instance, when elements may be inaccurate or corrupted by errors.
We consider the fuzzy private matching problem, in a semi-honest environment. Elements are similar if they match on $t$ out of $T$ attributes. First we show that the original solution proposed by Freedman et al. is incorrect. Subsequently we present two fuzzy private matching protocols. The first, simple, protocol has bit message complexity $O(n \binom{T}{t} (T \log{|D|}+k))$. The second, improved, protocol has a much better bit message complexity of $O(n T (\log{|D|}+k))$, but here the client incurs a O(n) factor time complexity. Additionally, we present protocols based on the computation of the Hamming distance and on oblivious transfer, that have different, sometimes more efficient, performance characteristics.
△ Less
Submitted 29 October, 2007;
originally announced October 2007.
-
Simple Distributed Weighted Matchings
Authors:
Jaap-Henk Hoepman
Abstract:
Wattenhofer [WW04] derive a complicated distributed algorithm to compute a weighted matching of an arbitrary weighted graph, that is at most a factor 5 away from the maximum weighted matching of that graph. We show that a variant of the obvious sequential greedy algorithm [Pre99], that computes a weighted matching at most a factor 2 away from the maximum, is easily distributed. This yields the b…
▽ More
Wattenhofer [WW04] derive a complicated distributed algorithm to compute a weighted matching of an arbitrary weighted graph, that is at most a factor 5 away from the maximum weighted matching of that graph. We show that a variant of the obvious sequential greedy algorithm [Pre99], that computes a weighted matching at most a factor 2 away from the maximum, is easily distributed. This yields the best known distributed approximation algorithm for this problem so far.
△ Less
Submitted 19 October, 2004;
originally announced October 2004.
-
Spam filter analysis
Authors:
Flavio D. Garcia,
Jaap-Henk Hoepman
Abstract:
Unsolicited bulk email (aka. spam) is a major problem on the Internet. To counter spam, several techniques, ranging from spam filters to mail protocol extensions like hashcash, have been proposed. In this paper we investigate the effectiveness of several spam filtering techniques and technologies. Our analysis was performed by simulating email traffic under different conditions. We show that gen…
▽ More
Unsolicited bulk email (aka. spam) is a major problem on the Internet. To counter spam, several techniques, ranging from spam filters to mail protocol extensions like hashcash, have been proposed. In this paper we investigate the effectiveness of several spam filtering techniques and technologies. Our analysis was performed by simulating email traffic under different conditions. We show that genetic algorithm based spam filters perform best at server level and naive Bayesian filters are the most appropriate for filtering at user level.
△ Less
Submitted 19 February, 2004;
originally announced February 2004.
-
Self-stabilizing mutual exclusion on a ring, even if K=N
Authors:
Jaap-Henk Hoepman
Abstract:
We show that, contrary to common belief, Dijkstra's self-stabilizing mutual exclusion algorithm on a ring [Dij74,Dij82] also stabilizes when the number of states per node is one less than the number of nodes on the ring.
We show that, contrary to common belief, Dijkstra's self-stabilizing mutual exclusion algorithm on a ring [Dij74,Dij82] also stabilizes when the number of states per node is one less than the number of nodes on the ring.
△ Less
Submitted 21 September, 1999;
originally announced September 1999.
-
Space-Efficient Routing Tables for Almost All Networks and the Incompressibility Method
Authors:
Harry Buhrman,
Jaap-Henk Hoepman,
Paul Vitanyi
Abstract:
We use the incompressibility method based on Kolmogorov complexity to determine the total number of bits of routing information for almost all network topologies. In most models for routing, for almost all labeled graphs $Θ(n^2)$ bits are necessary and sufficient for shortest path routing. By `almost all graphs' we mean the Kolmogorov random graphs which constitute a fraction of $1-1/n^c$ of all…
▽ More
We use the incompressibility method based on Kolmogorov complexity to determine the total number of bits of routing information for almost all network topologies. In most models for routing, for almost all labeled graphs $Θ(n^2)$ bits are necessary and sufficient for shortest path routing. By `almost all graphs' we mean the Kolmogorov random graphs which constitute a fraction of $1-1/n^c$ of all graphs on $n$ nodes, where $c > 0$ is an arbitrary fixed constant. There is a model for which the average case lower bound rises to $Ω(n^2 \log n)$ and another model where the average case upper bound drops to $O(n \log^2 n)$. This clearly exposes the sensitivity of such bounds to the model under consideration. If paths have to be short, but need not be shortest (if the stretch factor may be larger than 1), then much less space is needed on average, even in the more demanding models. Full-information routing requires $Θ(n^3)$ bits on average. For worst-case static networks we prove a $Ω(n^2 \log n)$ lower bound for shortest path routing and all stretch factors $<2$ in some networks where free relabeling is not allowed.
△ Less
Submitted 10 March, 1999;
originally announced March 1999.
-
Mutual Search
Authors:
Harry Buhrman,
Matthew Franklin,
Juan A. Garay,
Jaap-Henk Hoepman,
John Tromp,
Paul Vitanyi
Abstract:
We introduce a search problem called ``mutual search'' where $k$ \agents, arbitrarily distributed over $n$ sites, are required to locate one another by posing queries of the form ``Anybody at site $i$?''. We ask for the least number of queries that is necessary and sufficient. For the case of two \agents using deterministic protocols we obtain the following worst-case results: In an oblivious se…
▽ More
We introduce a search problem called ``mutual search'' where $k$ \agents, arbitrarily distributed over $n$ sites, are required to locate one another by posing queries of the form ``Anybody at site $i$?''. We ask for the least number of queries that is necessary and sufficient. For the case of two \agents using deterministic protocols we obtain the following worst-case results: In an oblivious setting (where all pre-planned queries are executed) there is no savings: $n-1$ queries are required and are sufficient. In a nonoblivious setting we can exploit the paradigm of ``no news is also news'' to obtain significant savings: in the synchronous case $0.586n$ queries suffice and $0.536n$ queries are required; in the asynchronous case $0.896n$ queries suffice and a fortiori 0.536 queries are required; for $o(\sqrt{n})$ \agents using a deterministic protocol less than $n$ queries suffice; there is a simple randomized protocol for two \agents with worst-case expected $0.5n$ queries and all randomized protocols require at least $0.125n$ worst-case expected queries. The graph-theoretic framework we formulate for expressing and analyzing algorithms for this problem may be of independent interest.
△ Less
Submitted 2 February, 1999;
originally announced February 1999.