Lecture Notes in Computer Science 8341 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen Editorial Board David Hutchison Lancaster University, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M. Kleinberg Cornell University, Ithaca, NY, USA Alfred Kobsa University of California, Irvine, CA, USA Friedemann Mattern ETH Zurich, Switzerland John C. Mitchell Stanford University, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel Oscar Nierstrasz University of Bern, Switzerland C. Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen TU Dortmund University, Germany Madhu Sudan Microsoft Research, Cambridge, MA, USA Demetri Terzopoulos University of California, Los Angeles, CA, USA Doug Tygar University of California, Berkeley, CA, USA Gerhard Weikum Max Planck Institute for Informatics, Saarbruecken, Germany
Sokratis Katsikas Isaac Agudo (Eds.) Public Key Infrastructures, Services andapplications 10th European Workshop, EuroPKI 2013 Egham, UK, September 12-13, 2013 Revised Selected Papers 13
Volume Editors Sokratis Katsikas University of Piraeus Department of Digital Systems 150 Androutsou St. Piraeus 185 32, Greece E-mail: ska@unipi.gr Isaac Agudo University of Malaga Department of Computer Science Campus de Teatinos s/n 29071 Málaga, Spain E-mail: isaac@lcc.uma.es ISSN 0302-9743 e-issn 1611-3349 ISBN 978-3-642-53996-1 e-isbn 978-3-642-53997-8 DOI 10.1007/978-3-642-53997-8 Springer Heidelberg New York Dordrecht London Library of Congress Control Number: 2013957062 CR Subject Classification (1998): K.6.5, C.2, E.3, D.4.6, J.1, K.4.4 LNCS Sublibrary: SL 4 Security and Cryptology Springer-Verlag Berlin Heidelberg 2014 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Exempted from this legal reservation are brief excerpts in connection with reviews or scholarly analysis or material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. Duplication of this publication or parts thereof is permitted only under the provisions of the Copyright Law of the Publisher s location, in its current version, and permission for use must always be obtained from Springer. Permissions for use may be obtained through RightsLink at the Copyright Clearance Center. Violations are liable to prosecution under the respective Copyright Law. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein. Typesetting: Camera-ready by author, data conversion by Scientific Publishing Services, Chennai, India Printed on acid-free paper Springer is part of Springer Science+Business Media (www.springer.com)
Preface This volume contains the papers presented at the 10th European Workshop on Public Key Infrastructures, Services and Applications (EuroPKI 2013) held during September 11 12, 2013 in conjunction with ESORICS 2013 in Egham, U.K. The workshop received 20 submissions. Each submission was subjected to a thorough review by at least three Program Committee members and external reviewers. The papers were evaluated on the basis of their significance, novelty, and technical quality. Reviewing was double-blind meaning that the Program Committee was not able to see the names and affiliations of the authors, and the authors were not told which Committee members reviewed which papers. These proceedings contain the 11 accepted publications and the presentation paper by the invited speaker Fabio Martinelli. We wish to thank everyone who contributed toward the success of the workshop: the authors of submitted contributions, the program chairs and the Program Committee for their efforts in reviewing and discussing the submissions under tight time constraints. We are also very grateful to all other ESORICS 2013 organizers whose work ensured a smooth organizational process. December 2013 Sokratis Katsikas Isaac Agudo
Organization Program Chairs Sokratis Katsikas Isaac Agudo University of Malaga, Spain Publicity Chair Christopher Dadoyan Program Committee Lejla Batina Carlos Blanco Bueno David Chadwick Sherman S.M. Chow Paolo D Arco Sabrina De Capitani Di Vimercati Carmen Fernandez Gago Simone Fischer-Huebner Sara Foresti Steven Furnell Dimitris Geneiatakis Stefanos Gritzalis Peter Gutmann Ravi Jhawar Georgios Kambourakis Dogan Kesdogan Elisavet Konstantinou Costas Lambrinoudakis Herbert Leitold Dimitris Lekkas Javier Lopez Fabio Martinelli Catherine Meadows Chris Mitchell Stig Mjolsnes Radboud University Nijmegen, The Netherlands Universidad de Cantabria, Spain University of Kent, UK Chinese University of Hong Kong, Hong Kong University di Salerno, Italy DTI - Universita degli Studi di Milano, Italy University of Malaga, Spain Karlstad University, Sweden DTI - Universita degli Studi di Milano, Italy University of Plymouth, UK University of the Aegean, Greece University of Auckland, New Zealand Università degli Studi di Milano, Italy University of the Aegean, Greece University of Siegen, Germany University of the Aegean, Greece A-SIT, Austria University of the Aegean, Greece University of Malaga, Spain IIT-CNR, Italy NRL, USA Royal Holloway, University of London, UK Norwegian University of Science and Technology NTNU, Norway
VIII Organization Yi Mu Svetla Nikova Rolf Oppliger Massimiliano Pala Stefano Paraboschi Andreas Pashalidis Olivier Pereira Günther Pernul Nineta Polemi Sasa Radomirovic Pierangela Samarati Sean Smith Christos Xenakis University of Wollongong, Australia K.U. Leuven and University of Twente, The Netherlands esecurity Technologies, Switzerland Polytechnic Institute of New York University, USA Università di Bergamo, Italy K.U.Leuven, The Netherlands Université catholique de Louvain, Belgium Universitt Regensburg, Germany University of Pireaus, Greece ETH Zürich, Switzerland DTI - Universita degli Studi di Milano, Italy Dartmouth College, UK Additional Reviewers Broser, Christian Heupel, Marcel Mavrogiannopoulos, Nikos Nikov, Ventzi Peters, Thomas Reiter, Andreas Riesner, Moritz
Table of Contents Partial Model Checking for the Verification and Synthesis of Secure Service Compositions... 1 Fabio Martinelli and Ilaria Matteucci Efficient and Perfectly Unlinkable Sanitizable Signatures without Group Signatures... 12 Christina Brzuska, Henrich C. Pöhls, and Kai Samelin Revocation and Non-repudiation: When the First Destroys the Latter... 31 Johannes Braun, Franziskus Kiefer, and Andreas Hülsing New Results for the Practical Use of Range Proofs... 47 Sébastien Canard, Iwen Coisel, Amandine Jambert, and Jacques Traoré STUNT: A Simple, Transparent, User-Centered Network of Trust... 65 Klaus Potzmader, Johannes Winter, and Daniel Hein What Public Keys Can Do for 3-Party, Password-Authenticated Key Exchange... 83 Jean Lancrenon Towards a More Secure and Scalable Verifying PKI of emrtd... 102 Nicolas Buchmann and Harald Baier Mutual Restricted Identification... 119 Lucjan Hanzlik, Kamil Kluczniak, Miros law Kuty lowski, and Lukasz Krzywiecki Trust Views for the Web PKI... 134 Johannes Braun, Florian Volk, Johannes Buchmann, and Max Mühlhäuser A User-Centric Digital Signature Scheme... 152 Felipe Carlos Werlang, Ricardo Felipe Custódio, and Martín A.G. Vigil
X Table of Contents A Test-Bed for Intrusion Detection Systems Results Post-processing... 170 Georgios Spathoulas, Sokratis K. Katsikas, and Anastasios Charoulis Uncertainty in Intrusion Detection Signaling Games... 184 Ioanna Kantzavelou and Sokratis K. Katsikas Author Index... 205