Internet security is a branch of computer security that involves various security measures taken for ensuring browser security, network security, security of other applications and operating systems. Since most of the cyber-attacks and malware programs originate from the internet, the primary goal of the Internet security suite is to offer rules and regulations against cyber-attacks that arise from the Internet.
Comodo Internet Security Suite Premium has been rated as the Top Product by AV-TEST after evaluating 18 home internet user security products using their default settings in Feb 2018. Tested against the Windows 7 (SP1, 64 bit) platform, our internet security product succeeded in demonstrating its capabilities employing all components and protection layers with a score of 17.5/18.
Built from the ground upwards with your security in mind, Internet Security offers 360° internet protection by combining powerful Antivirus, an enterprise class packet filtering firewall, advanced host intrusion prevention, and automatic sandboxing of unknown files.
Our free download offers basic protection for your PC but depending on your needs, that may not be enough. Complete Antivirus actively protects you while you shop online, offers web filtering and unlimited product support!.
The best way to protect your Android device from malware is by installing an antivirus from a trusted provider. Comodo offers a mobile security solution for Android-based mobile devices through Comodo Mobile Security (CMS). CMS protects your Android devices against viruses, unsafe apps, potentially risky settings and even from theft, and is available for free.
Despite this fact, iPhone users would be wise to add additional security to their phones through a mobile security app. Mobile security apps can ensure greater protection than the iPhone affords on its own, through features like hacked account alerts, identity theft protection, password management, safe browsing, and backups. Comodo Mobile Security for iPhone has all these features and more, and is available for free.
Comodo Internet Security (CIS) is developed and distributed by Comodo Group, a freemium Internet security suite that includes an antivirus program, personal firewall, sandbox, host-based intrusion prevention system (HIPS) and website filtering.
With Comodo no longer providing free antivirus security with firewall, who actually purchase their Internet Security Pro, Internet Security Complete and Antivirus Advanced? One of the main differences between the paid and free version is the lack of support, backups and VPN. Most can survive without these features.
Comodo Firewall Pro brings a revolutionary change to internet security with Default Deny Protection (DDP?) technology. The security tool provides the very best protection against online threats like malware, spyware, trojans and hackers.
The pricing doesn't give you any clue that this isn't a top-shelf product. At $89.99 for three devices, it costs more than many competitors. Bitdefender and Kaspersky Internet Security give you three entry-level security suite licenses for $10 less. Five top-tier Bitdefender suite licenses cost the same as Comodo's three, and five licenses for Kaspersky's top-of-the line suite cost $99.99 per year, which is not much more. Norton 360 Deluxe also gives you five licenses for $99.99, which includes a working cloud backup system and a VPN without the bandwidth cap that Comodo imposes. From the start, it's not a bargain.
Comodo also offers a free security suite called Comodo Internet Security Premium. Yes, despite "premium" in the name, it's free. This suite does include antivirus and firewall protection, along with Secure Shopping, but you don't get the Cloud Backup or VPN features. You also don't get the VIP support and warranty offered to paying customers.
Comodo offers its firewall as a standalone free product, one that shares many ancillary features with the free antivirus. With powerful firewall protection built into Windows, we're no longer convinced that you need a personal firewall, but it does make a nice addition for a security suite.
Like maintaining online backups, using a virtual private network, or VPN is a kind of outside-the-box security technique. Your local security suite can't do a thing to protect your data once it heads out into the wilds of the internet. Using a VPN encrypts your traffic as it travels to the VPN company's servers, protecting it from meddling by others on your same network, even by the owner of the network.
Poring over the online help, I learned that I had to log into my Comodo account online to set up TrustConnect. I eventually found a link to download the Windows client. After a lengthy installation, I had to dig up my license key to activate the service, but I eventually got it installed and running.
If you're looking for an entry-level security suite, you'll do much better with Bitdefender Internet Security or Kaspersky Internet Security, our Editors' Choice products in that field. Both cost less than Comodo, and all their components work. For just a little more than Comodo's price, you can get five licenses for Symantec Norton 360 Deluxe. It's an Editors' Choice for cross-platform security, with fully functional cloud backup and VPN components that outstrip what Comodo offers.
[Thanks to Melih, Jens Steinke & Ugur ]Share this:Click to share on Twitter (Opens in new window)Click to share on Facebook (Opens in new window)Like this:Like Loading...RelatedComodo Internet Security 4Comodo Internet Security ProComodo Internet Security Pro 2011Comodo Internet Security Pro 2011 freeComodo Internet Security Pro 2011 free for 1 yearComodo Internet Security Pro 2011 keyComodo Internet Security Pro 2011 licenseComodo Internet Security Pro 2011 license keyComodo Internet Security Pro 2011 serialComodo IS 2011Comodo VPNfree stuffSecurity Post navigationPrevious PostDeus Ex: Human Revolution System requirementsNext PostSpeedUpMyPC 2011- PC Perfomance optimizer for Freesudeep says: May 5, 2011 at 3:49 pm is this compatible with kaspersky internet security 11
To grab the free 1-year trial copy of the Comodo Internet Security Pro, just download the special setup installer of it: Download free here, for direct link Then, install the program and it will run for 365 days without any license serial key or paid subscription.
Nano Antivirus goes the extra mile: Unlike most free antivirus software, Nano protects against winlockers and ransomware as well as viruses. Nano also aims to provide reliability, speed and convenience. First, it runs on its own antivirus engine to provide real-time defense for local systems, downloads and web traffic. As such, it also offers high-speed scanning, fixes, and software updates, thus minimizing downtime and loss of productivity. Nano also gives you the convenience of choosing the type of antivirus protection that best fits your organization. For instance, you can choose between recommended settings for hands-free protection or advanced settings in case you have your own IT department.
Softexia.com is a Mac, Linux, Android, iOS, Web Cloud and Windows software publishing website that provides free downloads, daily software updates and sales for trending software with discounts, coupon codes and other promos.
Comodo Internet Security Premium 2023 Crack plus Key includes antivirus, firewall, sandbox boxing, a browser with free providers Fighter Wall with Comodo Review, who buys their Internet Security Pro, to improve internet security and improve anti-virus? One of the main differences between the paid and the free version is the lack of support, backup, and VPN. The maximum can survive without these features. It is free online software from online protection, security software that provides stability, full virus attack, Trojan, Insects, Buffalo Flow, zero-day attacks, Spyware, and Advanced SystemCare Pro Crack.
Dear friends, for those who like it or who wants to try to use Comodo Anti-Virus, we posted to download the program itself and keys to it. Download key for Comodo Internet Security 10 or 11 version free you can at the end of the text. In addition, you can via torrent or immediately from our site. The license key for Comodo for 2020-2021 can be obtained along with the installation of the antivirus itself, since it has not yet been able to get activation codes for Comodo. Now the company has both paid products and free. We list the most popular of them, it is: Comodo Internet Security Premium, Comodo Antivirus, Comodo Firewall (Firewall), Comodo Antivirus for Linux and Mac. Available for free more useful utility called the Comodo rescue disk (similar to the scanner) for one-time check of the entire computer system. TO paid versions The product includes Internet Security Pro, Antivirus Advanced and Internet Security Complete. Creit (buy) them can be from the official site Comodo. Work almost on all versions
Receive license key For Comodo Internet Security 11 or 10 versions for 2020-2021, you can download yourself antivirus programSince she has a built-in key. That is, you can download the free version of the Comodo Internet Security with the activation key from our site, through the torrent or from the official site of the antivirus. On the this moment free versions Are Comodo Antivirus, Comodo Internet Security, Comodo Firewall (Firewall) AntiVirus for Mac and Comodo Antivirus for Linux. There is also a COMODO rescue disk (as a scanner) that can be scanned through the entire system. Other versions such as Internet Security Pro, Internet Security Complete and AntiVirus Advanced already paid. You can buy them on the official site Comodo. All of them work perfectly and are suitable for Windows 10, 8 and 7. There is another version of Comodo Internet Security Premium 10 and 11 versions. You can also download it at the bottom.
They tested three different distances: < 10 meters (is in proximity), < 1mile (is in proximity), > 10 miles (not in proximity). In the same room: 85%success rate. On the same university campus: high 70%, large distance: doesnot compute to same place. each test was then repeated 5 times whichprevented any false results.Q: What happens on the borders of LAC?A: Reasonable that it is not a problem.Q: How far apart towers are affect results?A: Have not tested this yet. Q: Any plans to do CDMA?A: Chose GSM due to currently possessed equipment. Should work on CDMA.Q: Is the modifications of the phones available/ can we use it?A: I can point you to who did the modifications of the phonesMetrics for Measuring ISP Badness: The Case of Spam (Short Paper)Benjamin Johnson, John Chuang, Jens Grossklags and Nicolas Christinpresenter: Benjamin JohnsonThis talk describes the problem of spam and focuses on the bad ISPs andwhether they can be taken down to prevent the spam. They revealed a coupleinteresting statistics including that spam comprises 90% of all email andcosts businesses $100B a year. It is difficult to manage by only therecipient. They propose that filtering the spam would be better. However,this is made more difficult by bad ISPs. The ISPs can do something about theoutbound spam. The majority of spam is from a few IP addresses controlled bya few ISPs.A question raised during this research is what is the legal issues regardingremoving a ISP. To determine whether an ISP can be removed they used a fewmetrics. The exclusive customer cone is the set of customers which will becut off if the ISP is removed. Exclusive customer prefix size, how manylarger customers are included in that cut off. They also keep track of howmany bad users there are and what the ratio of good to bad users is.For their tests they did not include forged headers since 80% of spam doesnot have forged headers. They used spam email headers to deal determine IPs(for un-forged headers). They used the spam database which Georgia Techgathered from july 2008 to january 2010. They used databases to determinethe metrics listed above. Their results show some ISPs which spam comes fromare needed but at least one could be removed; judged by the amount of spamvs legitimate data.Q: ?A: Some mechanism to put pressures on the ISP and shut it downCongestion-aware Path Selection for TorTao Wang, Kevin Bauer, Clara Forero and Ian Goldbergpresenter: Tao WangThis talk was on finding the least congested routes in Tor. Tor is an onlinerouting system for preserving the clients privacy. They presented twoalgorithms for finding these routes. The first algorithm, circuit choosing,works as follows: the clients pre-build and maintain a number of circuits.Use circuit which has the least amount of congestion. Reduces the durationtime by about 1/2. Some overhead was needed for gathering the informationneeded for this algorithm. The second algorithm was called "circuitdropping": If the route has too much congestion then pick a new route. Thisreduces the time by about 1/2 as well. There is no overhead.They also have a long term path suggestion algorithm. Since some relays(i.e. users) may always be congested, they find and remove them from use.However probing these may have a large amount of overhead. They use theroute overhead to determine a relay's overhead. If the relay keeps a historyof congestion then they remove it. They were able to reduce long term pathby 10%. General attacks are not affected by their approach. There are specificattacks against the long term path selection since an attacker can floodnodes which causes those nodes to be slower, however this does notdramatically decrease the run time.Ross Anderson: 25 years ago people use to do "sticky routing" use routeuntil congested, can this be applied? A. this fits into route dropping.Q: What if a large number of users use this process? Won't this prevent itfrom working?A: Guess the benefit will not be as great but still use the routes more evenly.Q: reverse of smear attack, make a relay look better than everyone else?A: best way to avoid this is to drop that particular circuit.Session: AuditingSession Chair: Nicolas ChristinAttacking the Washington DC Voting SystemScott Wolchok, Eric Wustrow, Dawn Isabel and J. Alex Haldermanpresenter: Eric WustrowInternet voting systems are hard to get right. Verifiability and auditability are particularly properties to obtain, as is ballot secrecy -these are potentially at odds with each other. Washington, DC deployedInternet voting for overseas absentee voters in the 2010 general electionand invited the academic security to "hack" a mock election using the systemwith three days notice and two weeks before it was to be deployed for ageneral election. The system consists of a web server in a DMZ between twofirewalls, with application server and DB server behind the web serverfirewall. IDS is in front of the web server. Name, zip code, voter ID isentered, as is a hex-based PIN mailed in advance to voters. Ballot is aninteractive PDF, saved to computer after being filled in and then uploadedto system. System is built with Ruby on Rails, open source, available onGitHub. Team was able to download the code in advance. Ballot is encryptedwith GPG. By using double rather than single quotes in the GPG operation, thecode is susceptible to a shell injection attack. Other problems includeunencrypted ballots persisting in /tmp and the deployed session secretwasn't changed from what's in the public GitHub repository. Created anexploit ballot with a small Python shell. Allowed making a fake ballot. Alldatabase credentials were effectively stolen, replaced votes with theirchoices, replaced and new votes, installed a back door to reveal new votes,and cleared the audit logs. Ballot return page played "Hail to the Victors"to make it abundantly clear it was compromised. Based on network diagram,were able to determined who was coming in and out of server room webcams.Even got access to real voter roll that would allow voting in the realelection. All was made possible from using double rather than single quotes. Q: didn't change code so just had hash of PIN - how would you have voted?A: if you have the PIN, yu can just log in. If same session secret andattacker knows, can craft a ballot with cookies, need ID number from DB butthat is sequentialQ: that's if a real person voted?A: that's without modifying the server at allQ: DC government can't fix much of anything, is this just bad implementationof fundamentally hard?A: People hired for this were pretty good - open source, good work done inthe past, this was much better than many closed source systems in the past.Wasn't a problem with them, these are issues that everyone has.Q: After all this, some discussion probably. Any insight into QA process?A: Not too familiar with their QA. Probably not much of one. Even doing itin advance isn't the right approach. Enough vulnerabilities. Illustrates realpressures election officials are under. Changes required due to electiontimeline pressure. Elections are administered by municipalities and noteveryone has resources to get this right. Security Audits RevisitedRainer Boehmepresenter: Rainer BoehmeIn the past, there were many entities that worked independently of eachother. Nowadays, more specialization which means more networking ofindependent actors to form things such as supply chains. This raises thequestion of who is in charge of security in these organizational networks,and the answer is that everyone is usually in charge - but there are someselfish actors. To get around this, audits are proposed. Using game theorycan show productivity, interdependence, and thoroughness of these audits.Model interdependence in terms of probabilities of loss and attack. Securityinvestment generate positive externalities in this model, which helps allactors. Is there a benefit to investing though if others won't? Considerthat the total cost is that of loss plus that of adding security. There isalso a social cost of two firms together. There is a local minimum calledthe social optimization. The curve changes depending on interdependence andmore is required as interdependence increases. Security audits can bedeployed in this environment but is hampered given security of an organizationisn't directly observable. The thoroughness of the audit is thus important,and the audit result can be attested to third parties. Symmetric NashEquilibria shows the optimal security level given a security investment oftwo parties. ??A certain security level can be reached without audits. Thoughaudits are useful, baseline audits are useless since both players haveincentive to sufficiently invest to the Nash equilibrium. Thus, onlythorough audits will be useful. The implications are that audit proceduresmust be tailored to adjust thoroughness, that systems should be built to beauditable easily, and that systems should be decoupled whenever possible.Audit requirements should similarly be tailored and criteria defined forthoroughness. Limitations include uncertainty about an attacker's action. Thetakeaway is that security audits are no panacea.Q: How can this be applied or introduced, particularly interconnectednessA: Customer diversity, length of supply chain - this is theoretical - lookat ISP system as interconnected system who themselves use graph-relatedapproaches. Finding best indicators is important.Q: What is timing?A: Simultaneous and symmetricQ: Set of compatible or similar with audits A: As long as originating - stability of equilibria determines whetheraudits required symmetrically or whether asymmetric audits are OK.Reputation effects can also be introduced. Efficient, Compromise Resilient and Append-Only Crypto Schemes for Secure AuditLoggingAttila A. Yavuz, Peng Ning and Mike Reiterpresenter: Barry PeddycordAudit logs should be designed to be unforgeable. When a log entry is signedand the signature is generated, the key should be deleted to prevent logsfrom being tampered. Forward security is guaranteed but no guarantee againstlog erasure. Another scheme would include aggregating signatures together.Evolving the key and keeping a signature of the entire stream preventscompromise but is expensive particularly for the verifier. Previous schemesare not necessarily verifiable publicly or have dependency on an onlinetrusted third party. More recent schemes using public keys are scalable andsecure but if they fail, it's hard to determine what parts are valid andinvalid. Public key schemes must have signatures computed in order to verifythe signature of the entire scheme. Each private key is associated with anindividual public key, raising the question of whether it's possible toverify the entire scheme once and directly. LogFAS system created withconstant number of expensive operations regardless of input size, as well asa public key independent from the number of signers or log entries, andfine-grained verification is possible. It is also provably secure. Singlepublic key verifies signatures across all private keys using Schnorr scheme.Tag values are verified rather than individual log entries. Bind thesignature and tag using a token that evolves with private key and log entry.Private keys are deleted as used, and loggers support a given number ofentries before new keys are necessary. Tokens are aggregated and comprisetags. Based on tags, signature can be calculated and exponentiation(expensive) only needs to be done twice. Corrupt log entries can beidentified with a binary search like strategy on O (lg n) expensiveoperations. The external counter signature protects against truncation.Security is proven in a supplemental paper. Evaluation shows this scheme ismuch faster in terms of verification time with little overhead in signing.Future work involves building truncation protection implicit into the log. Q: Isn't there an issue if a machine is broken into multiple times, if theprivate key is stolen?A: Assume if you break into the system this causes a log entry. If you canbreak in and target the key without incurring a reporting event, you'vesubverted the logging mechanism, not the security primitives.Q: How to handle randomization? In Schnorr, knowing the one-time randomgives you the private key. Deterministic of pseudorandom?A: Truly random selection. Don't rely on pseudorandom.Q: hash tree logging mechanism in the past?A: Sounds familiarSession: PrimitivesSession Chair: Moti YungOn Secure Two-party Integer DivisionMorten Dahl, Chao Ning and Tomas Toftpresenter: Morten DahlA method for secure integer division. They use athreshold homomorphic encryption system (Paillier) to accomplish thesecure computation and is specific to two party computation. Theymention it could be extended. For their homomorphic system, the publickey is known to everyone and private key is shared such that no partycan decrypt his own encryption and decryption must be done incollaboration. The scheme they use has addition and multiplication.Division. Divides h/d and returns the quotient to both parties. Thiscan be used for private statistics. This can be useful for dataanalysis like (n_a + n_b)/(d_a + d_b).They use a taylor series to compute do the division. They fix theapproximation of the taylor series by comparison. For divisionprotocol, they needed truncation (using encryption and homomorphicaddition) and a way to determine the bit length of a number (using abinary search like technique or a regression protocol)Q: You are doing this on integer mod N, correct?A: Yes, using Pallier, and using a thousand bits to be secureQ: Have you implanted this?A: No, we have not yet. We wanted to create a general framework beforeimplementing this.Privacy Enhanced Access Control for Outsourced Data SharingMariana Raykova, Hang Zhao and Steven Bellovinpresenter: Mariana RaykovaAccessing the data in the cloud. The goal oftheir system is confidentiality of the data. Previous methods includeencryption and ORAM. Their approach is a two level access controlmodel which uses coarse gain and fine grain levels. The coarse grainedlevel is enforced by the cloud which maps users file requests toaccess blocks. This will let the cloud to match the requests tooblivious blocks. This uses predicate encryption with the modificationwhich re-randomizes a cipher text. Fine-grained level is enforced atthe user's site once a block has been given from the cloud. The finegrain is encryption based. Each user can only decrypt the files which he is allowed to read and uses a tree based derivation method for distributing keys and tokens. Users can also let other users read and write the data which they own.For access write control at the coarse gained level oblivious mappingstill works. For fine grain, encryption does not work - it may allowfor unauthorized writes or not let the cloud know which file waswritten. Their solution is to use oblivious update tags, whichcontains information about which file was updated and lets the cloudknow which files are being written too. Each spot in the resourcestree has a key pair. Each file in encrypted with symmetric keys.The cloud observes requests at block level and will not seepatterns. It was noted that cache optimizations are possible toincrease the performance of the system.Q: This is like ID based apples, like a capability where the users has a token which can allow a users to access, this is capability, right?A: YesQ: What about solutions like PIR with access control?A: We wanted something in-between cloud side completely and user completely. Q: Estimate in performance? Important for what is the price of privacy.A: Question becomes what you want to store in blocks (i.e. how large of data)? Not implemented for these measurements.Privacy-Preserving Stream Aggregation with Fault ToleranceT-H. Hubert Chan, Elaine Shi and Dawn Songpresenter: Xavier BoyenTheir main topic was how can a user preform data analysis on datawhile preserving the privacy of the data. The previous work allows theaggregator to learn the noisy sum only. They added support for faulttolerance and support for dynamic join and leave operations. They usedifferential privacy which allow for adversaries to not notice largechanges. In the basic scheme a one-time key distribution is used. Thisis enabled by homomorphic encryption. To achieve fault tolerance, theyuse a binary tree like construction. This contraction also allows fordynamic joins and leaves. Whenever the number of users reaches thenext power of two, a new tree must be created. Differentialcryptography allows for dealing with untrusted aggregator.Q: Could you combine secret sharing with differential privacy?A: Differential cryptography allows for a smaller noise value. We usesome secret sharing.Q: I think you can turn this model into secret sharing?A: Yes, but then you may lose some privacy. (follow up)Q: You would have to treat K as N?A: Yes.Session: Access controlSession Chair: Lenore ZuckDynamic Accumulator based DAC for Outsourced Storage with UnlinkableAccess (short paper)Daniel Slamanigpresenter: Daniel SlamanigDiscretionary access control is popular but there are issues with this modelin conjunction with outsourced storage. The storage provider (e.g., a cloudprovider) could be "honest but curious", where it runs the protocolcorrectly but might be interest in properties such as access patterns.Storage provider ay learn who owns the data objects but shouldn't be ableidentify the users accessing these objects. A desired property isunlinkability, where the provider can't link accesses to the users.Pseudonyms hide identities but don't provide unlinkability of accesspatterns. Instead, have an ACL per permission and have the user prove to thetrusted reference monitor that one valid pseudonym is possessed withoutspecifying which one. Cryptographic accumulators are used to provide this,and the second of two schemes presented uses a dynamic accumulator, whichallows efficient updating of the accumulator. Representing the ACl, the sizeof values and the proof complexity are constant-time. Q: Does this model consider a particular document you're not going to needright away, if there are a number of people on an ACL and there are accessesper person - are there ways to link this?A: Perhaps through side channel. But can't tell the users themselves apart.If two accesses are of different or the same users.Q: Can you see if the same user accesses different data?A: NoQ: You can see what is being accessed though?A: Yes, but not by whoQ: Accumulator looks like group signature sometimes, is a trusted authorityneeded?A: No, not for thisA Non-Interactive Range Proof with Constant CommunicationRafik Chaabouni, Helger Lipmaa and Bingsheng Zhangpresenter: Dan Bogdanov (not an author, due to injury of the authorpresent at FC)Two parties want a commitment without revealing specific values such as age(e.g., prove over 18 but not give the specific age). This can be done with anon-interactive zero knowledge proof. This has applications to e-voting,auctions, age-verification sites. Historically Lagrange proofs can be usedand are short but finding the values taks time, and don't know how to dofactoring-based NIZK. Binary representations have shortcomings as well,namely non-constant communication and non-interactivity only through randomoracles. The range proof in this paper is pairing-based using knowledgeassumptions and common reference strings rather than random oracles,providing low computational complexity for the prover. Communication can betuned through parameterization. Trade-offs can be made between eitherconstant communication/verification or small CRS length or prover'scomplexity, or any trade-off between them.No questions.Designing Privacy-preserving Smart Meters with Low-cost MicrocontrollersAndres Molina-Markham, George Danezis, Kevin Fu, Prashant Shenoy and David Irwinpresenter: Andres Molina-MarkhamAbout 76 million smart meters are deployed worldwide, 10 million in the USalone. They enable consumers to help distribute and reduce loads and gatherconsumption information. There are privacy issues with collecting this data.Thought has been given to privacy-preserving solutions, but not thefeasibility of using these techniques on low cost microcontrollers. Thiswork shows privacy preserving computations are possible in limitedenvironments. Privacy can be given with zero-knowledge proofs. However,microcontrollers have pretty low MIPS rates and small code space. This workshows it's possible to implement zero-knowledge billing on these platforms.Using different cryptographic primitives affects feasibility. Even low-endcheap microcontrollers can provide cryptographic committments in a matter ofseconds. Certified readings can be done with 10 seconds with a $3microcontroller while the ones in current smart meters can produce readingsevery 28 seconds. ECC primitives maximize the capabilities.Q: What about power issues? Also, how can software upgrades be done giventhe high amount of energy required for writing flash? You could do privacyand attach meter. These should be policy issues.A: Agreed on some points.Q: What do utilities have to say about this? What is their incentive tosupport this?A: Could prevent lawsuits from fraud/stealing, also potentially futurelegislation.Session: Secure ProcessingSession Chair: Angelos KeromytisMemory-Efficient Garbled CircuitsBenjamin Mood, Lara Letaw and Kevin Butlerpresenter: Benjamin MoodMany financial transactions demand confidentiality, and these areincreasingly done on mobile devices. Privacy-preservingcomputation through secure function evaluation is feasible on desktops butis slow and requires large amounts of memory, too much for mobile devices.Clouds aren't everywhere and can track usage patterns. Better would be to doall of the computation on the mobile devices themselves. This work usescircuit templating, taking small pre-optimized pieces of garbled circuitsand can create vastly larger circuits for SFE than were previously possibleon phones. The Fairplay compiler generally used for SFE was modified with anew intermediate language that allows easy generation of these templates.This language, called PAL, is transparent to the user, who can write inFairplay-standard SFDL and output SHDL, also standard. Evaluation shows thata large number of programs can be compiled on mobile devices that werepreviously infeasible, with reductions in required memory of over 95%. Thecircuit generation techniques are modular and can be used with otherefficient techniques for garbled circuit execution.Q: Tried to compare size of circuits? Are they similar?A: Some are smaller, some the same size, a couple are largerQ: Why is this difference?A: Sometimes compilers can increase resulting circuit sizeQ: Is the system available?A: Yes - online soon and available on requestOblivious Branching Program EvaluationPayman Mohassel and Salman Niksefatpresenter: Payam MohasselBinary decision trees are provide a means for determining program executionfor a branching program. Ordered binary decision diagrams (OBDD) aredirected acyclic graphs where variables are processed in order, used forapplications such as formal verification and circuit design. Multivariatebranching programs can be represented with these diagrams. Secure two-partycomputation aims to keep these programs and their input private, for examplefor diagnostics. Private database queries can represent server data as abranching program such as private information retrieval and keyword search.Using OBDD can allow for these. Protocol uses oblivious transfer. Serversends encrypted decision tree to client, client can decrypt with keyreceived from oblivious transfer. Randomly permute answers to hidestructure. This requires a stronger oblivious transfer where queries andanswers can't be correlated. This can be generalized to decision trees.Client computation is constant time rather than log time in the Yao model,while server computations decrease from linear to log. Future work is tryingto achieve efficiency with communication and computation.No questionsUC-Secure Searchable Symmetric EncryptionKaoru Kurosawa and Yasuhiro Ohtakipresenter: Kaoru KurosawaThe security of searchable symmetric encryption against passiveattacks has been considered by many, but security against activeattackers has not been similarly considered. Universal composablesecurity is considered in this work. Naive approaches to securingsearches is to add a MAC to provide integrity, but a malicious servercan replace search pairs, so a stronger model is needed, namely theuse of tags computed over keyword aggregates. UC security can beproved using a simulation proof. In an ideal world, the adversary onlylears the size of the documents, size of keywords, and indices of thekeyword. Reliability is also proven in this scheme.No questionsSession: BitcoinSession Chair: Angelos KeromytisCommitCoin: Carbon Dating Commitments with Bitcoin (Short Paper)Jeremy Clark and Aleksander EssexPresenter: Jeremy ClarkThey propose a new way to verify when a vulnerability was found. They calledit "carbon dating", which is a way to verify a time stamp. Traditionalmethod is time stamping. Carbon dating involves the creation and solution ofa puzzles. Given a puzzle and a solution any user should be able to verify.However solving a puzzle should be hard. Carbon dating, as they described,creates a puzzle which takes N time to solve, so if the puzzle was solvedthen it must have been created N time ago. The past puzzle types wererepeated squaring or hashed based. Repeated squaring does not allow for easyverification. Hashed based is verifiable put easily parallelizable. Thedrawbacks of this method is it ties up a computer for N time, there is noidea proof to work protocol, nothing prevents a user from carbon datingmultiple outputs, and very fuzzie (meaning each computer takes a differentamount of time to solve a puzzle). Their next idea was to use Bitcoin tocarbon-date. They also created a method to avoid deflating the value ofbitCoin. Their applications include time-release encryption & commitmentsand digital cash schemes.Q: do you see this being integrated anywhere?A: Could be useful in some applications [did not say which applications]Q: what are some anonymity concerns?A: Account you create is a fresh account, have to send money from oneaccount to another account, one account must have a name from somewhere. Itspossible but you would have to take extra steps.Bitter to Better - How to Make Bitcoin a Better CurrencySimon Barber, Xavier Boyen, Elaine Shi and Ersin UzunPresenter: Xavier BoyenHow to make Bitcoin better. Bitcoin is an online currencywhich was decentralized, transparent, flexible, and is an alternative toother currencies. They compared e-cash and Bitcoin. Bitcoin is trustworthy,meaning no "unfair" manipulation of the currency, no double spending, andtransactions are irreversible. They note the real "kicker" of the system isa scripting language. Transactions can be divided and reconstructed inBitcoin. Also uses hashes for verification. Transactions are public whichallow for checks against double-spending. A group of transactions are puttogether into a "block". Legitimate transactions in blocks which werediscard can be recollected. They observed a few issues in Bitcoin: deflation, deflation allowsadversaries to enter into the currency later but still gain most of themoney. Theft, loose money forever. Their possible solutions are"checkpointing the past" - save hashes of a set of money. Backup the money,static master secret, postdated backup transactions, spending rate limits.They also suggest a new method for anonymity. Their solution is a two partymixer for transactions. Their conclusion is that Bitcoin is good idea andtheir paper shows couple of ideas to fix the problems.Q: if have computation power for history revision attack, why not just takeall the money?A: negative feedback loop in history revision attackQ: is language Turing complete?A: noQ: if we can save ssl certificates can we revoke sketchy things automatically?A: leaving humans to make decisions creates many problems.Q: can it be fixed?A: yes, problem is the parameters, but needs to be restarted from scratch.Q: what is purpose of slowing down coin mint rate?A: Want to have the shape of minting, put deflation at specific points. PanelModerator: Jason CronkPanelists: Peter Swire, Stuart Shapiro, Travis BreauxJason: FC is a virtual tax haven, laws sometimes respect privacy andsometimes do not respect privacy. 2b1af7f3a8