WorldCat Identities

Boneh, Dan 1969-

Works: 13 works in 40 publications in 1 language and 382 library holdings
Roles: Author, Editor, Thesis advisor
Publication Timeline
Most widely held works by Dan Boneh
On the implementation of pairing-based cryptosystems by Ben Lynn( Book )

1 edition published in 2007 in English and held by 2 WorldCat member libraries worldwide

Security for real-world networked applications by Nagendra Gupta Modadugu( Book )

1 edition published in 2007 in English and held by 2 WorldCat member libraries worldwide

Breaking DES using a molecular computer by Dan Boneh( Book )

1 edition published in 1995 in English and held by 2 WorldCat member libraries worldwide

Abstract: "Recently Adleman [1] has shown that a small traveling salesman problem can be solved by molecular operations. In this paper we show how the same principles can be applied to breaking the Data Encryption Standard (DES). Our method is based on an encoding technique presented in Lipton [8]. We describe in detail a library of operations which are useful when working with a molecular computer. We estimate that given one arbitrary (plain-text, cipher-text) pair, one can recover the DES key in about 4 months of work. Furthermore, if one is given cipher-text, but the plain text is only known to be one of several candidates then it is still possible to recover the key in about 4 months of work. Finally, under chosen cipher-text attack it is possible to recover the DES key in one day using some preprocessing."
Making DNA computers error resistant by Dan Boneh( Book )

1 edition published in 1995 in English and held by 2 WorldCat member libraries worldwide

Spatial encryption by Michael Alexander Hamburg( )

1 edition published in 2011 in English and held by 1 WorldCat member library worldwide

Since Boneh and Franklin and Cocks first constructed identity-based encryption in 2001, many variants of that technology have appeared. We present a unified model for those variants. Furthermore, we show two highly flexible designs which can be used to build new systems under this model. We prove the security of these systems, and discuss applications to other areas of cryptography and security
Collusion-secure fingerprinting for digital data by Dan Boneh( Book )

1 edition published in 1994 in English and held by 1 WorldCat member library worldwide

Abstract: "This paper discusses methods for assigning codewords for the purpose of fingerprinting digital data (e.g., software, documents, and images). Fingerprinting consists of uniquely marking and registering each copy of the data. This marking allows a distributor to detect any unauthorized copy and trace it back to the user. This threat of detection will deter users from releasing unauthorized copies. A problem arises when users collude: For digital data, two different fingerprinted objects can be compared and the differences between them detected. Hence, a set of users can collude to detect the location of the fingerprint. They can then alter the fingerprint to mask their identities. We present a general fingerprinting solution which is secure in the context of collusion. In addition, we discuss methods for distributing fingerprinted data."
Studies in computational number theory with applications to cryptography by Dan Boneh( )

1 edition published in 1996 in English and held by 1 WorldCat member library worldwide

Formal proofs of cryptographic security of network protocols by Arnab Roy( )

1 edition published in 2009 in English and held by 1 WorldCat member library worldwide

Present-day internet users and networked enterprises rely on key management and related protocols that use cryptographic primitives. In spite of the staggering financial value of, say, the total number of credit card numbers transmitted by SSL/TLS in a day, we do not have correctness proofs that respect cryptographic notions of security for many of these relatively simple distributed programs. In light of this challenge, there have been many efforts to develop and use methods for proving security properties of network protocols. Computational Protocol Composition Logic (CPCL), developed by our group at Stanford, is a symbolic logic whose semantics is defined with respect to the complexity-theoretic model of cryptography. The axiomatic proofs in CPCL do not involve probability and complexity and are amenable to automation. Furthermore, the soundness theorem guarantees that they provide comparable mathematical guarantees as traditional hand-proofs done by cryptographers. Protocol authentication properties are generally trace-based, meaning that authentication holds for the protocol if authentication holds for individual traces (runs of the protocol and adversary). Computational secrecy conditions, on the other hand, often are not trace based: the ability to computationally distinguish a system that transmits a secret from one that does not, is measured by overall success on the \textit{set} of all traces of each system. Non-trace-based properties present a challenge for inductive or compositional methods: induction is a natural way of reasoning about traces of a system, but it does not appear directly applicable to non-trace properties. We therefore investigate the semantic connection between trace properties that could be established by induction and non-trace-based security requirements. In this dissertation, we present foundations for inductive analysis of computational security properties by proving connections between selected trace properties of protocol executions and non-trace complexity theoretic properties standard in the literature. Specifically, we prove that a certain trace property implies computational secrecy and authentication properties, assuming the encryption scheme provides chosen ciphertext security and ciphertext integrity. We formalize the aforesaid inductive properties in a set of new axioms and inference rules that are added to CPCL and prove soundness of the system over a standard cryptographic model with a probabilistic polynomial time adversary. We illustrate the system by giving a modular, formal proof of computational authentication and secrecy properties of Kerberos V5. We also present axioms and inference rules for reasoning about Diffie-Hellman-based key exchange protocols and use these rules to prove authentication and secrecy properties of two important protocol standards, the Diffie-Hellman variant of Kerberos, and IKEv2, the revised standard key management protocol for IPSEC. The proof system extended with the new axioms and rules is sound for an accepted semantics used in cryptographic studies. In the process of applying our system, we uncover a deficiency in Diffie-Hellman Kerberos that is easily repaired
Security from location by Di Qiu( Book )

1 edition published in 2012 in English and held by 1 WorldCat member library worldwide

The emergence of the Internet and personal computers has led to an age of unprecedented information access. The proliferation of Internet connectivity, personal computers, and portable, high density data storage has put volumes of data at one's fingertips. While the spread of such technology has increased efficiency and knowledge, it has also made information theft easier and more damaging. One common expression of information theft is a data storage disk or equipment containing sensitive or valuable information. For example, the U.K. government lost computer disks that contain personal information on almost half of the country's population. The information includes names, addresses, insurance numbers, bank account details, etc. These emerging problems have made the field of information security grow significantly in recent years. This thesis develops a new means to provide more protection against information loss, named geo-security or location-based security. This new technology is well suited to help mitigate the above described data loss scenario. Precise location and time information can be used to restrict access of the system or equipment at certain locations and time frames. This study bridges the two fields of navigation and security, and provides experimental support for the concept using location information for security. This thesis designs a theoretical framework that provides a general analysis of geo-security, and quantifies the reliability and security of a geo-security system. The qualitative part of this analysis includes navigation signal definition, system design, performance standards, threat model and attack scenarios, and mitigation of the threats/attacks. The quantitative part of this analysis measures and quantifies location-dependent navigation parameters based on information theory, and evaluates the consistency, spatial decorrelation, and entropy of these parameters for a variety of relevant navigation systems. Next, this thesis demonstrates geo-security using Long Range Navigation (Loran) and Wi-Fi as case studies. Experiments were conducted to evaluate the performance based on the designed framework. They illustrate the trade space between permitting access to authorized users and denying access to attackers. Finally, error-tolerant algorithms, named fuzzy extractors, are developed to improve the availability and reliability of location-based security systems given the constraints of real-world navigation systems and signal propagation characteristics
Paradigms for virtualization based host security by Tal Simeon Garfinkel( )

1 edition published in 2010 in English and held by 1 WorldCat member library worldwide

Virtualization has been one of the most potent forces reshaping the landscape of systems software in the last 10 years and has become ubiquitous in the realm of enterprise compute infrastructure and in the emerging field of cloud computing. This presents a variety of new opportunities when designing host based security architectures. We present several paradigms for enhancing host security leveraging the new capabilities afforded by virtualization. First, we present a virtualization based approach to trusted computing. This allows multiple virtual hosts with different assurance levels to run concurrently on the same platform using a novel "open box" and "closed box" model that allows the virtualized platform to present the best properties of traditional open and closed platforms on a single physical platform. Next, we present virtual machine introspection, an approach to enhancing the attack resistance intrusion detection and prevention systems by moving them "out of the box" i.e. out of the virtual host they are monitoring and into a seperate protection domain where they can inspect the host they are monitoring from a more protected vantage point. Finally, we present overshadow data protection, an approach for providing a last line of defense for application data even if the guest OS running an application has been compromised. We accomplish this by presenting two views of virtual memory, an encrypted view to the operating system and a plain text view to the application the owning that memory. This approach more generally illustrates the mechanisms necessary to introduce new orthogonal protection mechanisms into a Guest Operating system from the virtualization layer while maintaining backwards compatibility with existing operating systems and applications
Advanced applications of multilinear maps in cryptography by Kevin Lewi( )

1 edition published in 2016 in English and held by 1 WorldCat member library worldwide

We study two new cryptographic primitives inspired by recent advances in multilinear maps: private constrained pseudorandom functions (PRFs) and order-revealing encryption (ORE). We show how these primitives have direct applications in searchable symmetric encryption, watermarking, deniable encryption, private information retrieval, and more. To construct private constrained PRFs, we first demonstrate that our strongest notions of privacy and functionality can be achieved using indistinguishability obfuscation. Then, for our main constructions, we build private constrained PRFs for bit-fixing constraints and for puncturing constraints from concrete algebraic assumptions over multilinear maps. We also construct the first implementable ORE scheme that provides what is known as ``best-possible'' semantic security. In our scheme, there is a public algorithm that given two ciphertexts as input, reveals the order of the corresponding plaintexts and nothing else. Our constructions are inspired by obfuscation techniques, but do not use obfuscation. Finally, we also show how to build efficiently implementable ORE from PRFs, achieving a simulation-based security notion with respect to a leakage function that precisely quantifies what is leaked by the scheme
Hardware support for tamper-resistant and copy-resistant software( )

1 edition published in 2001 in English and held by 0 WorldCat member libraries worldwide

"Although there have been many attempts to develop code transformations that yield tamper-resistant software, no reliable software-only methods are known. Motivated by numerous potential applications, we investigate a prototype hardware mechanism that supports software tamper-resistance with an atomic decrypt-and-execute operation. Our hardware architecture uses a novel combination of standard architectural units. As usual, security has its costs. In this design, the most difficult security tradeoffs involve testability and performance."--Abstract
moreShow More Titles
fewerShow Fewer Titles
Audience Level
Audience Level
  Kids General Special  
Audience level: 0.76 (from 0.52 for Security f ... to 0.88 for Security f ...)

Alternative Names
Bwneh Dan 1969-....

Dan Boneh

Dan Boneh cryptograaf uit Israël

Dan Boneh informatico israeliano

Dan Boneh Israeli cryptographer

Dan Boneh israelisch-US-amerikanischer Informatiker und Kryptologe

בונה דן 1969-....

دان بونه


English (12)