@misc{334, author = {{Wagener, Peter}}, publisher = {{Universität Paderborn}}, title = {{{Vertical Thread Migration in FPGA based Sound Localization}}}, year = {{2014}}, } @inproceedings{346, abstract = {{One future goal of service-oriented computing is to realize global markets of composed services. On such markets, service providers offer services that can be flexibly combined with each other. However, most often, market participants are not able to individually estimate the quality of traded services in advance. As a consequence, even potentially profitable transactions between customers and providers might not take place. In the worst case, this can induce a market failure. To overcome this problem, we propose the incorporation of reputation information as an indicator for expected service quality. We address On-The-Fly Computing as a representative environment of markets of composed services. In this environment, customers provide feedback on transactions. We present a conceptual design of a reputation system which collects and processes user feedback, and provides it to participants in the market. Our contribution includes the identification of requirements for such a reputation system from a technical and an economic perspective. Based on these requirements, we propose a flexible solution that facilitates the incorporation of reputation information into markets of composed services while simultaneously preserving privacy of customers who provide feedback. The requirements we formulate in this paper have just been partially met in literature. An integrated approach, however, has not been addressed yet.}}, author = {{Brangewitz, Sonja and Jungmann, Alexander and Petrlic, Ronald and Platenius, Marie Christin}}, booktitle = {{Proceedings of the 6th International Conferences on Advanced Service Computing (SERVICE COMPUTATION)}}, pages = {{49--57}}, title = {{{Towards a Flexible and Privacy-Preserving Reputation System for Markets of Composed Services}}}, year = {{2014}}, } @inproceedings{347, abstract = {{Dynamic thread duplication is a known redundancy technique for multi-cores. The approach duplicates a thread under observation for some time period and compares the signatures of the two threads to detect errors. Hybrid multi-cores, typically implemented on platform FPGAs, enable the unique option of running the thread under observation and its copy in different modalities, i.e., software and hardware. We denote our dynamic redundancy technique on hybrid multi-cores as thread shadowing. In this paper we present the concept of thread shadowing and an implementation on a multi-threaded hybrid multi-core architecture. We report on experiments with a block-processing application and demonstrate the overheads, detection latencies and coverage for a range of thread shadowing modes. The results show that trans-modal thread shadowing, although bearing long detection latencies, offers attractive coverage at a low overhead.}}, author = {{Meisner, Sebastian and Platzner, Marco}}, booktitle = {{Proceedings of the 10th International Symposium on Applied Reconfigurable Computing (ARC)}}, editor = {{Goehringer, Diana and Santambrogio, MarcoDomenico and Cardoso, JoãoM.P. and Bertels, Koen}}, pages = {{283--290}}, publisher = {{Springer}}, title = {{{Thread Shadowing: Using Dynamic Redundancy on Hybrid Multi-cores for Error Detection}}}, doi = {{10.1007/978-3-319-05960-0_30}}, year = {{2014}}, } @misc{348, author = {{Rüthing, Christoph}}, publisher = {{Universität Paderborn}}, title = {{{The Xilinx Zynq Architecture as a Platform for Reconfigurable Heterogeneous Multi-Cores}}}, year = {{2014}}, } @techreport{349, abstract = {{Identity-based cryptography has attracted attention in the cryptographic research communityin recent years. Despite the importance of cryptographic schemes for applicationsin business and law, the legal implications of identity-based cryptography have not yetbeen discussed. We investigate how identity-based signatures fit into the legal framework.We focus on the European Signature Directive, but also take the UNCITRAL Model Law onElectronic Signatures into account. In contrast to previous assumptions, identity-basedsignature schemes can, in principle, be used even for qualified electronic signatures,which can replace handwritten signatures in the member states of the European Union.We derive requirements to be taken into account in the development of future identitybasedsignature schemes.}}, author = {{Sorge, Christoph}}, title = {{{The Legal Classification of Identity-Based Signatures}}}, year = {{2014}}, } @inproceedings{355, abstract = {{In the last decade pairings have become an important, and often indispensable, ingredient in the construction of identity-based and attribute-based cryptosystems, as well as group signatures and credential systems. Consequently, the applicability of timing, power, or fault attacks to implementations of pairings is an important research topic. We will review some of the known results in this area.}}, author = {{Blömer, Johannes and Günther, Peter and Liske, Gennadij}}, booktitle = {{Proceedings of Fault Tolerance and Diagnosis in Cryptography(FDTC)}}, pages = {{1----7}}, title = {{{Tampering attacks in pairing-based cryptography}}}, doi = {{10.1109/FDTC.2014.10}}, year = {{2014}}, } @inproceedings{366, abstract = {{On-The-Fly (OTF) Computing constitutes an approach towards highly dynamic and individualized software markets. Based on service-oriented computing, OTF Computing is about realizing global markets of services that can be flexibly combined. We report on our current research activities, the security and privacy implications thereof, and our approaches to tackle the challenges. Furthermore, we discuss how the security and privacy challenges are addressed in research projects similar to OTF Computing.}}, author = {{Petrlic, Ronald and Jungmann, Alexander and Platenius, Marie Christin and Schäfer, Wilhelm and Sorge, Christoph}}, booktitle = {{Tagungsband der 4. Konferenz Software-Technologien und -Prozesse (STeP 2014)}}, pages = {{131--142}}, title = {{{Security and Privacy Challenges in On-The-Fly Computing}}}, year = {{2014}}, } @inproceedings{368, abstract = {{We consider the problem of scheduling a number of jobs on $m$ identical processors sharing a continuously divisible resource. Each job j comes with a resource requirement r_j \in {0,1}. The job can be processed at full speed if granted its full resource requirement. If receiving only an x-portion of r_j, it is processed at an x-fraction of the full speed. Our goal is to find a resource assignment that minimizes the makespan (i.e., the latest completion time). Variants of such problems, relating the resource assignment of jobs to their \emph{processing speeds}, have been studied under the term discrete-continuous scheduling. Known results are either very pessimistic or heuristic in nature.In this paper, we suggest and analyze a slightly simplified model. It focuses on the assignment of shared continuous resources to the processors. The job assignment to processors and the ordering of the jobs have already been fixed. It is shown that, even for unit size jobs, finding an optimal solution is NP-hard if the number of processors is part of the input. Positive results for unit size jobs include an efficient optimal algorithm for 2 processors. Moreover, we prove that balanced schedules yield a 2-1/m-approximation for a fixed number of processors. Such schedules are computed by our GreedyBalance algorithm, for which the bound is tight.}}, author = {{Brinkmann, Andre and Kling, Peter and Meyer auf der Heide, Friedhelm and Nagel, Lars and Riechers, Sören and Suess, Tim }}, booktitle = {{Proceedings of the 26th ACM Symposium on Parallelism in Algorithms and Architectures (SPAA)}}, pages = {{128--137}}, title = {{{Scheduling Shared Continuous Resources on Many-Cores}}}, doi = {{10.1145/2612669.2612698}}, year = {{2014}}, } @misc{369, abstract = {{RSA Full Domain Hash ist im Zufallsorakelmodell ein EUF-CMA sicheres Signaturverfahren (existentially unforgeable under chosen-message attacks). Der Sicherheitsbeweis wird unter anderem in der Vorlesung Einf{\"u}hrung in die Kryptographie vorgestellt. Auch bei einer genaueren Analyse verliert man bei der Reduktion einen Faktor \nicefrac{1}{q_{s}}(wobei q_{s}die Anzahl der Anfragen an das Signaturorakel darstellt), was f{\"u}r die Praxis in relativ großen Systemparametern (RSA-Modul) resultiert [1].Seit der Ver{\"o}ffentlichung von [2] wurde geglaubt, dass der Faktor \nicefrac{1}{q_{s}}optimal ist. Erst zehn Jahre sp{\"a}ter offenbarten die Autoren von [3] einen Fehler in [2] und zeigten eine bessere Reduktion allerdings unter einer etwas st{\"a}rkeren Sicherheitsannahme.Die Ergebnisse aus [3] lassen sich auf PSS-Verfahren (Probabilistic Signature Scheme), das z.B. in PKCS #1 benutzt wird, {\"u}bertragen und sind somit von großer Bedeutung f{\"u}r die Praxis. Weiterhin sind die in den Beweisen verwendete Techniken n{\"u}tzlich auch bei anderen kryptographischen Verfahren.In Rahmen dieser Arbeit sollen die entsprechenden Sicherheitsbeweise aufgearbeitet und dessen Auswirkungen f{\"u}r die Praxis analysiert werden.[1] J.S. Coron, “On the Exact Security of Full Domain Hash”, CRYPTO 2000. LNCS 1880, pp. 229-235, 2000.[2] J.S. Coron, “Optimal security proofs for PPS and other signature schemes”, EUROCRYPT 2002. LNCS 2332, pp 272-287, 2002.[3] S.A. Kakvi and E. Kiltz, “Optimal Security Proofs for Full Domain Hash, Revisited”, in EUROCRYPT 2012. LNCS 7237, pp 537-553, 2012.}}, author = {{Rath, Timo}}, publisher = {{Universität Paderborn}}, title = {{{RSA-Full Domain Hash Revisited}}}, year = {{2014}}, } @inproceedings{371, abstract = {{In this work we present the first distributed storage system that is provably robust against crash failures issued by an adaptive adversary, i.e., for each batch of requests the adversary can decide based on the entire system state which servers will be unavailable for that batch of requests. Despite up to \gamma n^{1/\log\log n} crashed servers, with \gamma>0 constant and n denoting the number of servers, our system can correctly process any batch of lookup and write requests (with at most a polylogarithmic number of requests issued at each non-crashed server) in at most a polylogarithmic number of communication rounds, with at most polylogarithmic time and work at each server and only a logarithmic storage overhead. Our system is based on previous work by Eikel and Scheideler (SPAA 2013), who presented IRIS, a distributed information system that is provably robust against the same kind of crash failures. However, IRIS is only able to serve lookup requests. Handling both lookup and write requests has turned out to require major changes in the design of IRIS.}}, author = {{Scheideler, Christian and Setzer, Alexander and Eikel, Martina}}, booktitle = {{Proceedings of the 18th International Conference on Principles of Distributed Systems (OPODIS)}}, pages = {{107----122}}, title = {{{RoBuSt: A Crash-Failure-Resistant Distributed Storage System}}}, doi = {{10.1007/978-3-319-14472-6_8}}, year = {{2014}}, } @inproceedings{374, abstract = {{Run-time reconfiguration provides an opportunity to increase performance, reduce cost and improve energy efficiency in FPGA-based systems. However, run-time reconfigurable systems are more complex to implement than static only systems. This increases time to market, and introduces run-time overhead into the system. Our research aims to raise the abstraction level to develop run-time reconfigurable systems. We present operating system extensions which enable seamless integration of run-time reconfigurable hardware threads into applications. To improve resource utilization, the hardware threads are placed on a fine granularity tile grid. We take advantage of a relocatable module placer targeting modern FPGA to manage the reconfigurable area. The module placer accurately models the FPGA resources to compute feasible placement locations for the hardware threads at run-time. Finally, we evaluate our work by means of a case study that consists of a synthetic application to validate the functionality and performance of the implementation. The results show a reduction in reconfiguration time of up to 42% and more than double resource utilization.}}, author = {{Wold, Alexander and Agne, Andreas and Torresen, Jim}}, booktitle = {{Proceedings of the 10th International Symposium on Reconfigurable Computing: Architectures, Tools, and Applications}}, editor = {{Goehringer, Diana and Santambrogio, MarcoDomenico and Cardoso, JoãoM.P. and Bertels, Koen}}, pages = {{61--72}}, title = {{{Relocatable Hardware Threads in Run-Time Reconfigurable Systems}}}, doi = {{10.1007/978-3-319-05960-0_6}}, year = {{2014}}, } @article{378, abstract = {{The Chord peer-to-peer system is considered, together with CAN, Tapestry and Pastry, as one of the pioneering works on peer-to-peer distributed hash tables (DHT) that inspired a large volume of papers and projects on DHTs as well as peer-to-peer systems in general. Chord, in particular, has been studied thoroughly, and many variants of Chord have been presented that optimize various criteria. Also, several implementations of Chord are available on various platforms. Though Chord is known to be very efficient and scalable and it can handle churn quite well, no protocol is known yet that guarantees that Chord is self-stabilizing, i.e., the Chord network can be recovered from any initial state in which the network is still weakly connected. This is not too surprising since it is known that the Chord network is not locally checkable for its current topology. We present a slight extension of the Chord network, called Re-Chord (reactive Chord), that turns out to be locally checkable, and we present a self-stabilizing distributed protocol for it that can recover the Re-Chord network from any initial state, in which the n peers are weakly connected, in O(nlogn) communication rounds. We also show that our protocol allows a new peer to join or an old peer to leave an already stable Re-Chord network so that within O(logn)^2) communication rounds the Re-Chord network is stable again.}}, author = {{Kniesburges, Sebastian and Koutsopoulos, Andreas and Scheideler, Christian}}, journal = {{Theory of Computing Systems}}, number = {{3}}, pages = {{591--612}}, publisher = {{Springer}}, title = {{{Re-Chord: A Self-stabilizing Chord Overlay Network}}}, doi = {{10.1007/s00224-012-9431-2}}, year = {{2014}}, } @inproceedings{384, abstract = {{Reputation systems provide reputation values of rated parties to users. These reputation values, typically aggregations of individual user ratings, shall be reliable, i.e. should enable a realistic assessment of the probability that the rated party behaves as expected in a transaction. In order for the reputation values to stay reliable and, thus, for the reputation system to provide a benefit, the system needs to be resistant against manipulations by users, the rated parties trying to improve their reputation values, and even against competitors trying to worsen a reputation value. At the same time, a reputation system shall provide privacy protection for users: rated parties shall not be able to learn who provided a certain rating. Otherwise users might not take part in the system as they fear bad feedback in revenge for bad ratings, or users do not want to be connected to certain transactions based on their provided ratings. In this paper we come up with a solution that provides both, reliability of reputation values on the one hand, and privacy protection for users on the other hand. In contrast to related work, our solution only makes use of a single reputation provider that needs to be trusted (to a certain extent) and does not require any bulletin boards to be present in the system. We make use of the Paillier cryptosystem to provide an aggregation of individual user ratings in a way that no party can learn which user provided a certain rating.}}, author = {{Petrlic, Ronald and Lutters, Sascha and Sorge, Christoph}}, booktitle = {{Proceedings of the 29th Symposium On Applied Computing (SAC)}}, pages = {{1712--1718}}, title = {{{Privacy-Preserving Reputation Management}}}, doi = {{10.1145/2554850.2554881}}, year = {{2014}}, } @phdthesis{385, author = {{Petrlic, Ronald}}, publisher = {{Universität Paderborn}}, title = {{{Privacy-Preserving Multiparty Digital Rights Management}}}, year = {{2014}}, } @inproceedings{386, abstract = {{We present a privacy-preserving multiparty DRM scheme that does not need a trusted third party. Users anonymously buy content from content providers and anonymously execute it at content execution centers. The executions are unlinkable to each other. The license check is performed as part of the used ciphertext-policy attribute-based encryption (CP-ABE) and, thus, access control is cryptographically enforced. The problem of authorization proof towards the key center in an ABE scheme is solved by a combination with anonymous payments.}}, author = {{Petrlic, Ronald and Sorge, Christoph}}, booktitle = {{Proceedings of the Sixth IFIP International Conference on New Technologies, Mobility and Security (NTMS)}}, pages = {{1--5}}, title = {{{Privacy-Preserving Digital Rights Management based on Attribute-based Encryption}}}, doi = {{10.1109/NTMS.2014.6814044}}, year = {{2014}}, } @article{387, abstract = {{This article studies the design of medium access control (MAC) protocols for wireless networks that are provably robust against arbitrary and unpredictable disruptions (e.g., due to unintentional external interference from co-existing networks or due to jamming). We consider a wireless network consisting of a set of n honest and reliable nodes within transmission (and interference) range of each other, and we model the external disruptions with a powerful adaptive adversary. This adversary may know the protocol and its entire history and can use this knowledge to jam the wireless channel at will at any time. It is allowed to jam a (1 − )-fraction of the timesteps, for an arbitrary constant > 0 unknown to the nodes. The nodes cannot distinguish between the adversarial jamming or a collision of two or more messages that are sent at the same time. We demonstrate, for the first time, that there is a local-control MAC protocol requiring only very limited knowledge about the adversary and the network that achieves a constant (asymptotically optimal) throughput for the nonjammed time periods under any of the aforementioned adversarial strategies. The derived principles are also useful to build robust applications on top of the MAC layer, and we present an exemplary study for leader election, one of the most fundamental tasks in distributed computing.}}, author = {{Awerbuch, Baruch and Richa, Andrea W. and Scheideler, Christian and Schmid, Stefan and Zhang, Jin}}, journal = {{Transactions on Algorithms}}, number = {{4}}, publisher = {{ACM}}, title = {{{Principles of Robust Medium Access and an Application to Leader Election}}}, doi = {{10.1145/2635818}}, year = {{2014}}, } @techreport{389, abstract = {{This article presents a new approach for representing and processing abstract optimization models. Confronted with model and data integration tasks for distributed Decision Support Systems which are especially composed out of software services, we describe model constituents such as constraints both structurally and semantically. Within our approach, typed model constituents can be integrated into complete models and the instantiation of model constituents itself with data and data models can be wrapped into semantic software services. Besides others, this supports the automated generation of adaptors and the search for and composition of services. The basic idea of our approach is to represent the optimization models as instance knowledge of different ontologies for both optimization and application domains. By separating the model expression structure from the goal and constraint conceptualizations predefined modeling constructs can be reused, where we do not only separate the model structure from data, but can also abstract the structure from a specific data model. We present an XML and ontology-query based approach for this separation and demonstrate the resulting flexible model integration procedure out of reusable goal and constraint types on a network flow problem.}}, author = {{Stapel, Florian and Suhl, Lena}}, publisher = {{Universität Paderborn}}, title = {{{Ontology-based Representation of Optimization Models}}}, year = {{2014}}, } @misc{18001, author = {{Luo, Linghui}}, publisher = {{Universität Paderborn}}, title = {{{Ein selbst-stabilisierender Algorithmus für das Finite Sleep Problem in Skip+ Graphen}}}, year = {{2014}}, } @inproceedings{441, abstract = {{Das Future Internet soll den Anforderungen heutiger und zuk{\"u}nftiger daten-intensiver Internet-Anwendungen besser gerecht werden als dies heute der Fall ist. Seit einigen Jahren wird an unterschiedlichen Verfahren geforscht, die das „Future Internet“ erm{\"o}glichen sollen – diese Ans{\"a}tze gehen weit {\"u}ber die Ziele von IPv6 hinaus. In diesem Beitrag stellen wir einige Kernpunkte der Future-Internet-Initiativen vor und identifizieren Gemeinsamkeiten der unterschiedlichen Konzepte. Wir beleuchten die Konsequenzen aus datenschutzrechtlicher Sicht und geben einen {\"U}berblick {\"u}ber Ans{\"a}tze, die die identifizierten Datenschutz-Probleme durch technische Maßnahmen bis zu einem gewissen Grad verhindern.}}, author = {{Sorge, Christoph and Petrlic, Ronald}}, booktitle = {{Tagungsband des 17. Internationalen Rechtsinformatik Symposions}}, title = {{{Datenschutz im Future Internet: rechtliche Aspekte und technische Maßnahmen}}}, year = {{2014}}, } @unpublished{442, abstract = {{We present a new transformation of chosen-plaintext secure predicate encryption schemes with public index into chosen-ciphertext secure schemes. Our construction requires only a universal one-way hash function and is selectively secure in the standard model. The transformation is not generic but can be applied to various existing schemes constructed from bilinear groups. Using common structural properties of these schemes we provide an efficient and simple transformation without overhead in form of one-time signatures or message authentication codes as required in the known generic transformations.}}, author = {{Blömer, Johannes and Liske, Gennadij}}, publisher = {{Universität Paderborn}}, title = {{{Constructing CCA-secure predicate encapsulation schemes from CPA-secure schemes and universal one-way hash functions}}}, year = {{2014}}, }