Jean Lancrenon scite author profile

Modern network intrusion detection systems rely on machine learning techniques to detect trac anomalies and thus intruders. However, the ability to learn the network behaviour in real-time comes at a cost: malicious software can interfere with the learning process, and teach the intrusion detection system to accept dangerous trac. This paper presents an intrusion detection system (IDS) that is able to detect common network attacks including but not limited to, denial-of-service, bot nets, intrusions, and network scans. With the help of the proposed example IDS, we show to what extent the training attack (and more sophisticated variants of it) has an impact on machine-learning based detection schemes, and how it can be detected.

show abstract

Two More Efficient Variants of the J-PAKE Protocol

Lancrenon

Skrobot

Tang

2016

View full text Add to dashboard Cite

Recently, the password-authenticated key exchange protocol J-PAKE of Hao and Ryan (Workshop on Security Protocols 2008) was formally proven secure in the algebraic adversary model by Abdalla et al. (IEEE S&P 2015). In this paper, we propose and examine two variants of J-PAKE -which we call RO-J-PAKE and CRS-J-PAKE -that each makes the use of two less zero-knowledge proofs than the original protocol. We show that they are provably secure following a similar strategy to that of Abdalla et al. We also study their efficiency as compared to J-PAKE's, also taking into account how the groups are chosen. Namely, we treat the cases of subgroups of finite fields and elliptic curves. Our work reveals that, for subgroups of finite fields, CRS-J-PAKE is indeed more efficient than J-PAKE, while RO-J-PAKE is much less efficient. On the other hand, when instantiated with elliptic curves, both RO-J-PAKE and CRS-J-PAKE are more efficient than J-PAKE, with CRS-J-PAKE being the best of the three. We illustrate this experimentally, making use of recent research by Brier et al. (CRYPTO 2010). Regardless of implementation, we note that RO-J-PAKE enjoys a looser security reduction than both J-PAKE and CRS-J-PAKE. CRS-J-PAKE has the tightest security proof, but relies on an additional trust assumption at setup time. We believe our results can be useful to anyone interested in implementing J-PAKE, as perhaps either of these two new protocols may also be options, depending on the deployment context.

show abstract

On the Provable Security of the Dragonfly Protocol

Lancrenon

Skrobot

2015

View full text Add to dashboard Cite

Abstract. Dragonfly Dragonfly is a password-authenticated key exchange protocol that was proposed by Harkins [11] in 2008. It is currently a candidate for standardization by the Internet Engineering Task Force, and would greatly benefit from a security proof. In this paper, we prove the security of a very close variant of Dragonfly Dragonfly in the random oracle model. It shows in particular that Dragonfly Dragonfly's main flows -a kind of Diffie-Hellman variation with a password-derived base -are sound. We employ the standard Bellare et al.[2] security model, which incorporates forward secrecy.

show abstract

Attribute-Based Signatures with Controllable Linkability

Urquidi¹,

Khader²,

Lancrenon³

et al. 2016

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Jean Lancrenon

Provably Secure Password Authenticated Key Exchange Based on RLWE for the Post-Quantum World

A training-resistant anomaly detection system

Two More Efficient Variants of the J-PAKE Protocol

On the Provable Security of the Dragonfly Protocol

Attribute-Based Signatures with Controllable Linkability

Contact Info

Product

Resources

About