crypto.bib
@inproceedings{bellovin.merritt:augmented,
address = {Fairfax, VA},
author = {Steven M. Bellovin and Michael Merritt},
booktitle = {Proceedings of the First ACM Conference on Computer and
Communications Security},
month = {November},
pages = {244--250},
psurl = {https://www.cs.columbia.edu/~smb/papers/aeke.ps},
title = {Augmented Encrypted Key Exchange},
url = {https://www.cs.columbia.edu/~smb/papers/aeke.pdf},
year = {1993},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/aeke.pdf}
}
@misc{whiting.schneier.ea:aes,
author = {D. Whiting and B. Schneier and Steven M. Bellovin},
psurl = {https://www.cs.columbia.edu/~smb/papers/AES-KeyAgile.ps},
title = {{AES} Key Agility Issues in High-Speed {IPsec}
Implementations},
url = {https://www.cs.columbia.edu/~smb/papers/AES-KeyAgile.pdf},
year = {2000},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/AES-KeyAgile.pdf}
}
@inproceedings{androulaki.bellovin:anonymous,
author = {Elli Androulaki and Steven M. Bellovin},
booktitle = {Proceedings of 6th International Conference on Trust,
Privacy \& Security in Digital Business (TrustBus)},
month = {September},
note = {Longer version issued as Tech Report CUCS-010-09.},
title = {An Anonymous Credit Card System},
url = {https://www.cs.columbia.edu/~smb/papers/ACC_TrustBus09.pdf},
year = {2009},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/ACC_TrustBus09.pdf}
}
@inproceedings{androulaki.bellovin:anonymous*2,
author = {Elli Androulaki and Steven M. Bellovin},
booktitle = {Symposium on Privacy-Enhancing Technologies (PET)},
month = {July},
title = {Anonymous Delivery of Physical Objects},
url = {https://www.cs.columbia.edu/~smb/papers/APOD_PETS09.pdf},
year = {2009},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/APOD_PETS09.pdf}
}
@inproceedings{bellovin:problem,
annote = {A discussion of flaws in some versions of the proposed
IP-layer security protocols.},
author = {Steven M. Bellovin},
booktitle = {Proceedings of the Sixth Usenix Unix Security Symposium},
date-modified = {2019-02-03 22:17:29 -0500},
month = {July},
pages = {205--214},
title = {Problem Areas for the {IP} Security Protocols},
url = {https://www.cs.columbia.edu/~smb/papers/badesp.pdf},
xpages = {1--16},
year = {1996},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/badesp.pdf}
}
@inproceedings{wagner.bellovin:bump,
address = {San Diego},
author = {David A. Wagner and Steven M. Bellovin},
booktitle = {Proceedings of the Symposium on Network and Distributed
System Security},
month = {February},
pages = {155--160},
psurl = {https://www.cs.columbia.edu/~smb/papers/bisconf.ps},
title = {A ``Bump in the Stack'' Encryptor for {MS-DOS} Systems},
url = {https://www.cs.columbia.edu/~smb/papers/bisconf.pdf},
year = {1996},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/bisconf.pdf}
}
@inproceedings{fisch.vo.ea:malicious-client,
author = {Ben A. Fisch and Binh Vo and Fernando Krell and Abishek
Kumarasubramanian and Vladimir Kolesnikov and Tal Malkin
and Steven M. Bellovin},
booktitle = {{IEEE} Symposium on Security and Privacy},
date-modified = {2022-10-10 17:28:05 -0400},
month = {May},
title = {Malicious-Client Security in {Blind Seer}: A Scalable
Private {DBMS}},
url = {https://ieeexplore.ieee.org/document/7163038},
year = {2015},
bdsk-url-1 = {http://www.ieee-security.org/TC/SP2015/papers/6949a395.pdf}
}
@inproceedings{pappas.krell.ea:blind-seer,
author = {Vasilis Pappas and Fernando Krell and Binh Vo and Vladimir
Kolesnikov and Tal Malkin and Seung Geol Choi and Wesley
George and Angelos Keromytis and Steven M. Bellovin},
booktitle = {{IEEE} Symposium on Security and Privacy},
date-modified = {2017-10-07 02:59:08 +0000},
month = {May},
title = {{Blind Seer}: A Scalable Private {DBMS}},
url = {https://www.cs.columbia.edu/~smb/papers/blind_seer.sp14.pdf},
year = {2014},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/blind_seer.sp14.pdf}
}
@inproceedings{bellovin.merritt:encrypted*1,
address = {Oakland, CA},
author = {Steven M. Bellovin and Michael Merritt},
booktitle = {Proc. IEEE Symposium on Research in Security and Privacy},
date-modified = {2022-05-23 22:49:29 -0400},
month = {May},
pages = {72--84},
title = {Encrypted Key Exchange: Password-Based Protocols Secure
against Dictionary Attacks},
url = {https://www.cs.columbia.edu/~smb/papers/neke.pdf},
year = {1992},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/neke.pdf}
}
@inproceedings{androulaki.vo.ea:cybersecurity,
author = {Elli Androulaki and Binh Vo and Steven M. Bellovin},
booktitle = {Engaging Data: First International Forum on the
Application and Management of Personal Electronic
Information},
date-modified = {2017-01-17 06:03:30 +0000},
month = {October},
title = {Cybersecurity Through Identity Management},
url = {https://www.cs.columbia.edu/~smb/papers/idenman_edf09.pdf},
year = {2009},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/idenman_edf09.pdf}
}
@inproceedings{bellovin:cryptography,
author = {Steven M. Bellovin},
booktitle = {Advances in Cryptology: Proceedings of {CRYPTO} '98},
month = {August},
psurl = {https://www.cs.columbia.edu/~smb/papers/inet-crypto.ps},
title = {Cryptography and the {Internet}},
url = {https://www.cs.columbia.edu/~smb/papers/inet-crypto.pdf},
year = {1998},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/inet-crypto.pdf}
}
@inproceedings{bellovin.blaze:cryptographic,
author = {Steven M. Bellovin and M.A. Blaze},
booktitle = {Second {NIST} Workshop on Modes of Operation},
month = {August},
psurl = {https://www.cs.columbia.edu/~smb/papers/internet-modes.ps},
title = {Cryptographic Modes of Operation for the {Internet}},
url = {https://www.cs.columbia.edu/~smb/papers/internet-modes.pdf},
year = {2001},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/internet-modes.pdf}
}
@inproceedings{aiello.bellovin.ea:efficient,
author = {William Aiello and Steven M. Bellovin and Matt Blaze and
Ran Canetti and John Ioannidis and Angelos D. Keromytis and
Omer Reingold},
booktitle = {Proceedings of the ACM Computer and Communications
Security (CCS) Conference},
month = {November},
psurl = {https://www.cs.columbia.edu/~smb/papers/jfk-ccs.ps},
title = {Efficient, {DoS}-Resistant, Secure Key Exchange for
Internet Protocols},
url = {https://www.cs.columbia.edu/~smb/papers/jfk-ccs.pdf},
year = {2002},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/jfk-ccs.pdf}
}
@article{aiello.bellovin.ea:just,
author = {William Aiello and Steven M. Bellovin and Matt Blaze and
Ran Canetti and John Ioannidis and Angelos D. Keromytis and
Omer Reingold},
date-modified = {2020-05-02 11:25:07 -0400},
journal = {ACM Transactions on Information and System Security
(TISSEC)},
month = {May},
number = {2},
pages = {1--32},
title = {Just Fast Keying: Key Agreement In A Hostile {Internet}},
url = {https://dl.acm.org/doi/abs/10.1145/996943.996946},
volume = {7},
year = {2004},
bdsk-url-1 = {https://dl.acm.org/doi/abs/10.1145/996943.996946}
}
@inproceedings{bellovin.merritt:limitations,
address = {Dallas, TX},
author = {Steven M. Bellovin and Michael Merritt},
booktitle = {USENIX Conference Proceedings},
issue = {Winter},
month = {Winter},
pages = {253--267},
psurl = {https://www.cs.columbia.edu/~smb/papers/kerblimit.usenix.ps},
title = {Limitations of the {Kerberos} Authentication System},
url = {https://www.cs.columbia.edu/~smb/papers/kerblimit.usenix.pdf},
year = {1991},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/kerblimit.usenix.pdf}
}
@article{bellovin.merritt:limitations*1,
author = {Steven M. Bellovin and Michael Merritt},
journal = {Computer Communication Review},
month = {October},
number = 5,
title = {Limitations of the {Kerberos} Authentication System},
url = {https://dl.acm.org/citation.cfm?doid=381906.381946},
volume = 20,
year = {1990},
bdsk-url-1 = {dl.acm.org/citation.cfm?doid=381906.381946}
}
@inproceedings{blumenthal.bellovin:better,
address = {Prague},
author = {Uri Blumenthal and Steven M. Bellovin},
booktitle = {Proceedings of PRAGOCRYPT '96},
psurl = {https://www.cs.columbia.edu/~smb/papers/ides.ps},
title = {A Better Key Schedule for {DES}-like Ciphers},
url = {https://www.cs.columbia.edu/~smb/papers/ides.pdf},
year = {1996},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/ides.pdf}
}
@article{bellovin.merritt:attack,
author = {Steven M. Bellovin and Michael Merritt},
journal = {IEEE Transactions on Information Theory},
month = {January},
number = {1},
pages = {273--275},
psurl = {https://www.cs.columbia.edu/~smb/papers/interlock.ps},
title = {An Attack on the {{\em Interlock Protocol}} When Used for
Authentication},
url = {https://www.cs.columbia.edu/~smb/papers/interlock.pdf},
volume = {40},
year = {1994},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/interlock.pdf}
}
@inproceedings{bellovin.rescorla:deploying,
author = {Steven M. Bellovin and Eric K. Rescorla},
booktitle = {Proceedings of NDSS '06},
title = {Deploying a New Hash Algorithm},
url = {https://www.cs.columbia.edu/~smb/papers/new-hash.pdf},
year = {2006},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/new-hash.pdf}
}
@inproceedings{androulaki.raykova.ea:par,
author = {Elli Androulaki and Mariana Raykova and Angelos Stavrou
and Steven M. Bellovin},
booktitle = {Proceedings of the 8th Privacy Enhancing Technologies
Symposium},
month = {July},
title = {{PAR}: Payment for Anonymous Routing},
url = {https://www.cs.columbia.edu/~smb/papers/par.pdf},
year = {2008},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/par.pdf}
}
@inproceedings{androulaki.bellovin:secure,
author = {Elli Androulaki and Steven M. Bellovin},
booktitle = {Proceedings of the 1st Workshop on Real-Life Cryptographic
Protocols and Standardization},
month = {January},
title = {A Secure and Privacy-Preserving Targeted Ad-System},
url = {https://www.cs.columbia.edu/~smb/papers/ppoad_cr_RLCPS10.pdf},
year = {2010},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/ppoad_cr_RLCPS10.pdf}
}
@inproceedings{raykova.zhao.ea:privacy,
abstract = {Traditional access control models often assume that the
entity enforcing access control policies is also the owner
of data and resources. This assumption no longer holds when
data is outsourced to a third-party storage provider, such
as the \emph{cloud}. Existing access control solutions
mainly focus on preserving confidentiality of stored data
from unauthorized access and the storage provider. However,
in this setting, access control policies as well as users'
access patterns also become privacy sensitive information
that should be protected from the cloud. We propose a
two-level access control scheme that combines
coarse-grained access control enforced at the cloud, which
allows to get acceptable communication overhead and at the
same time limits the information that the cloud learns from
his partial view of the access rules and the access
patterns, and fine-grained cryptographic access control
enforced at the user's side, which provides the desired
expressiveness of the access control policies. Our solution
handles both \emph{read} and \emph{write} access control.},
author = {Mariana Raykova and Hang Zhao and Steven M. Bellovin},
booktitle = {Financial Cryptography and Data Security},
month = {March},
title = {Privacy Enhanced Access Control for Outsourced Data
Sharing},
url = {https://www.cs.columbia.edu/~smb/papers/ac-cloud.pdf},
year = {2012},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/ac-cloud.pdf}
}
@inproceedings{bellovin:probable,
author = {Steven M. Bellovin},
booktitle = {Proc.~of the Symposium on Network and Distributed System
Security},
pages = {155--160},
psurl = {https://www.cs.columbia.edu/~smb/papers/probtxt.ps},
title = {Probable Plaintext Cryptanalysis of the {IP} Security
Protocols},
url = {https://www.cs.columbia.edu/~smb/papers/probtxt.pdf},
year = {1997},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/probtxt.pdf}
}
@inproceedings{pappas.raykova.ea:private,
abstract = {Encrypted search---performing queries on protected
data---has been explored in the past; however, its inherent
inefficiency has raised questions of practicality. Here, we
focus on improving the performance and extending its
functionality enough to make it practical. We do this by
optimizing the system, and by stepping back from the goal
of achieving maximal privacy guarantees in an encrypted
search scenario and consider efficiency and functionality
as priorities. \par We design and analyze the privacy
implications of two practical extensions applicable to any
keyword-based private search system. We evaluate their
efficiency by building them on top of a private search
system, called SADS. Additionally, we improve SADS'
performance, privacy guaranties and functionality. The
extended SADS system offers improved efficiency parameters
that meet practical usability requirements in a relaxed
adversarial model. We present the experimental results and
evaluate the performance of the system. We also demonstrate
analytically that our scheme can meet the basic needs of a
major hospital complex's admissions records. Overall, we
achieve performance comparable to a simply configured MySQL
database system.},
author = {Vasilis Pappas and Mariana Raykova and Binh Vo and Steven
M. Bellovin and Tal Malkin},
booktitle = {Proceedings of the 2011 Annual Computer Security
Applications Conference},
month = {December},
title = {Private Search in the Real World},
url = {https://www.cs.columbia.edu/~smb/papers/final_ACSAC11.pdf},
year = {2011},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/final_ACSAC11.pdf}
}
@misc{wagner.bellovin:programmable,
author = {David A. Wagner and Steven M. Bellovin},
note = {Unpublished},
psurl = {https://www.cs.columbia.edu/~smb/papers/recog.ps},
title = {A Programmable Plaintext Recognizer},
url = {https://www.cs.columbia.edu/~smb/papers/recog.pdf},
year = {1994},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/recog.pdf}
}
@inproceedings{androulaki.choi.ea:reputation,
author = {Elli Androulaki and Seung Geol Choi and Steven M. Bellovin
and Tal Malkin},
booktitle = {Proceedings of the 8th Privacy Enhancing Technologies
Symposium},
month = {July},
title = {Reputation Systems for Anonymous Networks},
url = {https://www.cs.columbia.edu/~smb/papers/anonrep.pdf},
year = {2008},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/anonrep.pdf}
}
@inproceedings{raykova.vo.ea:secure,
author = {Mariana Raykova and Binh Vo and Tal Malkin and Steven M.
Bellovin},
booktitle = {Proceedings of the {ACM} Cloud Computing Security
Workshop},
month = {November},
title = {Secure Anonymous Database Search},
url = {https://www.cs.columbia.edu/~smb/papers/sads_ccsw.pdf},
year = {2009},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/sads_ccsw.pdf}
}
@inproceedings{blaze.bellovin:session-layer,
address = {Salt Lake City, UT},
author = {Matt Blaze and Steven M. Bellovin},
booktitle = {Proc. 5th USENIX UNIX Security Symposium},
month = {June},
psurl = {https://www.cs.columbia.edu/~smb/papers/sesscrypt.ps},
title = {Session-Layer Encryption},
url = {https://www.cs.columbia.edu/~smb/papers/sesscrypt.pdf},
year = {1995},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/sesscrypt.pdf}
}
@inproceedings{androulaki.vo.ea:privacy-preserving,
abstract = {Current banking systems do not aim to protect user
privacy. Purchases made from a single bank account can be
linked to each other by many parties. This could be
addressed in a straight-forward way by generating
unlinkable credentials from a single master credential
using Camenisch and Lysyanskaya's algorithm; however, if
bank accounts are taxable, some report must be made to the
tax authority about each account. Using unlinkable
credentials, digital cash, and zero knowledge proofs of
kmowledge, we present a solution that prevents anyone, even
the tax authority, from knowing which accounts belong to
which users, or from being able to link any account to
another or to purchases or deposits.},
address = {Athens},
author = {Elli Androulaki and Binh Vo and Steven M. Bellovin},
booktitle = {Proceedings of the European Symposium on Research in
Computer Security (ESORICS)},
date-modified = {2020-02-27 13:44:34 -0500},
month = {September},
note = {Longer version issued as Tech Report CUCS-005-10.},
title = {Privacy-Preserving, Taxable Bank Accounts},
url = {https://academiccommons.columbia.edu/doi/10.7916/D8FX7HC5/download},
year = {2010},
bdsk-url-1 = {https://academiccommons.columbia.edu/doi/10.7916/D8FX7HC5/download}
}
@article{raykova.cui.ea:usable,
abstract = {It is a common requirement in real world applications for
untrusting parties to be able to share sensitive
information securely. We describe a secure anonymous
database search scheme (SADS) that provides exact keyword
match capability. Using a new primitive, re-routable
encryption, and the ideas of Bloom filters and
deterministic encryption, SADS allows multiple parties to
efficiently execute exact match queries over distributed
encrypted database in a controlled manner. We further
consider a more general search setting allowing similarity
searches, going beyond existing work that considers
similarity in terms of error-tolerance and Hamming distance
by capturing semantic level similarity in our definition.
Building on the cryptographic and privacy preserving
guarantees of the SADS primitive, we then describe a
general framework for engineering usable private secure
search systems.},
author = {Mariana Raykova and Ang Cui and Binh Vo and Bin Liu and
Tal Malkin and Steven M. Bellovin and Salvatore J. Stolfo},
doi = {10.1109/MSP.2011.155},
journal = {IEEE Security \& Privacy},
month = {September-October},
number = {5},
title = {Usable Secure Private Search},
url = {https://www.cs.columbia.edu/~smb/papers/UsableSecurePrivateSearch.pdf},
volume = {10},
year = {2012},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/UsableSecurePrivateSearch.pdf},
bdsk-url-2 = {http://dx.doi.org/10.1109/MSP.2011.155}
}