crypto.bib

@inproceedings{pappas.krell.ea:blind,
  author = {Vasilis Pappas and Fernando Krell and Binh Vo and Vlad
		  Kolesnimov and Tal Malkin and Seung Geol Choi and Wesley
		  George and Angelos Keromytis and Steven M. Bellovin},
  booktitle = {{IEEE} Symposium on Security and Privacy},
  month = {May},
  note = {To appear},
  title = {Blind Seer: A Scalable Private {DBMS}},
  year = 2014
}
@inproceedings{bellovin.merritt:augmented,
  address = {Fairfax, VA},
  author = {Steven M. Bellovin and Michael Merritt},
  booktitle = {Proceedings of the First ACM Conference on Computer and
		  Communications Security},
  month = {November},
  pages = {244--250},
  psurl = {https://www.cs.columbia.edu/~smb/papers/aeke.ps},
  title = {Augmented Encrypted Key Exchange},
  url = {https://www.cs.columbia.edu/~smb/papers/aeke.pdf},
  year = {1993},
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/aeke.pdf}
}
@misc{whiting.schneier.ea:aes,
  author = {D. Whiting and B. Schneier and S. Bellovin},
  psurl = {https://www.cs.columbia.edu/~smb/papers/AES-KeyAgile.ps},
  title = {{AES} Key Agility Issues in High-Speed {IPsec}
		  Implementations},
  url = {https://www.cs.columbia.edu/~smb/papers/AES-KeyAgile.pdf},
  year = 2000,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/AES-KeyAgile.pdf}
}
@inproceedings{bellovin:problem,
  annote = {A discussion of flaws in some versions of the proposed
		  IP-layer security protocols.},
  author = {Steven M. Bellovin},
  booktitle = {Proceedings of the Sixth Usenix Unix Security Symposium},
  month = {July},
  pages = {205--214},
  psurl = {https://www.cs.columbia.edu/~smb/papers/badesp.ps},
  smb-major = {yes},
  title = {Problem Areas for the {IP} Security Protocols},
  url = {https://www.cs.columbia.edu/~smb/papers/badesp.pdf},
  xpages = {1--16},
  year = {1996},
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/badesp.pdf}
}
@inproceedings{wagner.bellovin:bump,
  address = {San Diego},
  author = {David A. Wagner and Steven M. Bellovin},
  booktitle = {Proceedings of the Symposium on Network and Distributed
		  System Security},
  month = {February},
  pages = {155--160},
  psurl = {https://www.cs.columbia.edu/~smb/papers/bisconf.ps},
  title = {A ``Bump in the Stack'' Encryptor for {MS-DOS} Systems},
  url = {https://www.cs.columbia.edu/~smb/papers/bisconf.pdf},
  year = 1996,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/bisconf.pdf}
}
@inproceedings{bellovin.merritt:encrypted*1,
  address = {Oakland, CA},
  author = {Steven M. Bellovin and Michael Merritt},
  booktitle = {Proc. IEEE Computer Society Symposium on Research in
		  Security and Privacy},
  month = {May},
  pages = {72--84},
  psurl = {https://www.cs.columbia.edu/~smb/papers/neke.ps},
  smb-major = {yes},
  title = {Encrypted Key Exchange: Password-Based Protocols Secure
		  Against Dictionary Attacks},
  url = {https://www.cs.columbia.edu/~smb/papers/neke.pdf},
  year = {1992},
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/neke.pdf}
}
@inproceedings{bellovin:cryptography,
  author = {Steven M. Bellovin},
  booktitle = {Advances in Cryptology: Proceedings of {CRYPTO} '98},
  month = {August},
  psurl = {https://www.cs.columbia.edu/~smb/papers/inet-crypto.ps},
  smb-major = {yes},
  title = {Cryptography and the Internet},
  url = {https://www.cs.columbia.edu/~smb/papers/inet-crypto.pdf},
  year = 1998,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/inet-crypto.pdf}
}
@inproceedings{bellovin.blaze:cryptographic,
  author = {S.M. Bellovin and M.A. Blaze},
  booktitle = {Second {NIST} Workshop on Modes of Operation},
  month = {August},
  psurl = {https://www.cs.columbia.edu/~smb/papers/internet-modes.ps},
  title = {Cryptographic Modes of Operation for the {Internet}},
  url = {https://www.cs.columbia.edu/~smb/papers/internet-modes.pdf},
  year = 2001,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/internet-modes.pdf}
}
@article{aiello.bellovin.ea:just,
  author = {William Aiello and Steven M. Bellovin and Matt Blaze and
		  Ran Canetti and John Ioannidis and Angelos D. Keromytis and
		  Omer Reingold},
  journal = {ACM Transactions on Information and System Security
		  (TISSEC)},
  month = {May},
  number = 2,
  pages = {1--32},
  smb-major = {yes},
  title = {Just Fast Keying: Key Agreement In A Hostile {Internet}},
  volume = 7,
  year = 2004
}
@inproceedings{aiello.bellovin.ea:efficient,
  author = {William Aiello and Steven M. Bellovin and Matt Blaze and
		  Ran Canetti and John Ioannidis and Angelos D. Keromytis and
		  Omer Reingold},
  booktitle = {Proceedings of the ACM Computer and Communications
		  Security (CCS) Conference},
  month = {November},
  psurl = {https://www.cs.columbia.edu/~smb/papers/jfk-ccs.ps},
  title = {Efficient, {DoS}-Resistant, Secure Key Exchange for
		  Internet Protocols},
  url = {https://www.cs.columbia.edu/~smb/papers/jfk-ccs.pdf},
  year = 2002,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/jfk-ccs.pdf}
}
@inproceedings{bellovin.merritt:limitations,
  address = {Dallas, TX},
  author = {Steven M. Bellovin and Michael Merritt},
  booktitle = {USENIX Conference Proceedings},
  month = {Winter},
  pages = {253--267},
  psurl = {https://www.cs.columbia.edu/~smb/papers/kerblimit.usenix.ps},
  smb-major = {yes},
  title = {Limitations of the {Kerberos} Authentication System},
  url = {https://www.cs.columbia.edu/~smb/papers/kerblimit.usenix.pdf},
  year = {1991},
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/kerblimit.usenix.pdf}
}
@inproceedings{blumenthal.bellovin:better,
  address = {Prague},
  author = {Uri Blumenthal and Steven M. Bellovin},
  booktitle = {Proceedings of PRAGOCRYPT '96},
  psurl = {https://www.cs.columbia.edu/~smb/papers/ides.ps},
  title = {A Better Key Schedule for {DES}-like Ciphers},
  url = {https://www.cs.columbia.edu/~smb/papers/ides.pdf},
  year = 1996,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/ides.pdf}
}
@article{bellovin.merritt:attack,
  author = {Steven M. Bellovin and Michael Merritt},
  journal = {IEEE Transactions on Information Theory},
  month = {January},
  number = 1,
  pages = {273--275},
  psurl = {https://www.cs.columbia.edu/~smb/papers/interlock.ps},
  smb-major = {yes},
  title = {An Attack on the {{\em Interlock Protocol}} When Used for
		  Authentication},
  url = {https://www.cs.columbia.edu/~smb/papers/interlock.pdf},
  volume = 40,
  year = {1994},
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/interlock.pdf}
}
@inproceedings{bellovin.rescorla:deploying,
  author = {Steven M. Bellovin and Eric K. Rescorla},
  booktitle = {Proceedings of NDSS '06},
  smb-major = {yes},
  title = {Deploying a New Hash Algorithm},
  url = {https://www.cs.columbia.edu/~smb/papers/new-hash.pdf},
  year = 2006,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/new-hash.pdf}
}
@inproceedings{bellovin:probable,
  author = {Steven M. Bellovin},
  booktitle = {Proc.~of the Symposium on Network and Distributed System
		  Security},
  pages = {155--160},
  psurl = {https://www.cs.columbia.edu/~smb/papers/probtxt.ps},
  smb-major = {yes},
  title = {Probable Plaintext Cryptanalysis of the {IP} Security
		  Protocols},
  url = {https://www.cs.columbia.edu/~smb/papers/probtxt.pdf},
  year = 1997,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/probtxt.pdf}
}
@misc{wagner.bellovin:programmable,
  author = {David A. Wagner and Steven M. Bellovin},
  note = {Unpublished},
  psurl = {https://www.cs.columbia.edu/~smb/papers/recog.ps},
  title = {A Programmable Plaintext Recognizer},
  url = {https://www.cs.columbia.edu/~smb/papers/recog.pdf},
  year = 1994,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/recog.pdf}
}
@inproceedings{blaze.bellovin:session-layer,
  address = {Salt Lake City, UT},
  author = {Matt Blaze and Steven M. Bellovin},
  booktitle = {Proc. 5th USENIX UNIX Security Symposium},
  month = {June},
  psurl = {https://www.cs.columbia.edu/~smb/papers/sesscrypt.ps},
  title = {Session-Layer Encryption},
  url = {https://www.cs.columbia.edu/~smb/papers/sesscrypt.pdf},
  year = {1995},
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/sesscrypt.pdf}
}
@inproceedings{androulaki.raykova.ea:par,
  author = {Elli Androulaki and Mariana Raykova and Angelos Stavrou
		  and Steven M. Bellovin},
  booktitle = {Proceedings of the 8th Privacy Enhancing Technologies
		  Symposium},
  month = {July},
  title = {{PAR}: Payment for Anonymous Routing},
  url = {https://www.cs.columbia.edu/~smb/papers/par.pdf},
  year = 2008,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/par.pdf}
}
@inproceedings{androulaki.choi.ea:reputation*1,
  author = {Elli Androulaki and Seung Geol Choi and Steven M. Bellovin
		  and Tal Malkin},
  booktitle = {Proceedings of the 8th Privacy Enhancing Technologies
		  Symposium},
  month = {July},
  title = {Reputation Systems for Anonymous Networks},
  url = {https://www.cs.columbia.edu/~smb/papers/anonrep.pdf},
  year = 2008,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/anonrep.pdf}
}
@inproceedings{androulaki.bellovin:anonymous,
  author = {Elli Androulaki and Steven M. Bellovin},
  booktitle = {Proceedings of 6th International Conference on Trust,
		  Privacy \& Security in Digital Business (TrustBus)},
  month = {September},
  note = {Longer version issued as Tech Report CUCS-010-09.},
  title = {An Anonymous Credit Card System},
  url = {https://www.cs.columbia.edu/~smb/papers/ACC_TrustBus09.pdf},
  year = 2009,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/ACC_TrustBus09.pdf}
}
@inproceedings{androulaki.bellovin:anonymous*2,
  author = {Elli Androulaki and Steven M. Bellovin},
  booktitle = {Symposium on Privacy-Enhancing Technologies (PET)},
  month = {July},
  title = {Anonymous Delivery of Physical Objects},
  url = {https://www.cs.columbia.edu/~smb/papers/APOD_PETS09.pdf},
  year = 2009,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/APOD_PETS09.pdf}
}
@inproceedings{raykova.vo.ea:secure,
  author = {Mariana Raykova and Binh Vo and Tal Malkin and Steven M.
		  Bellovin},
  booktitle = {Proceedings of the {ACM} Cloud Computing Security
		  Workshop},
  month = {November},
  smb-major = {yes},
  title = {Secure Anonymous Database Search},
  url = {https://www.cs.columbia.edu/~smb/papers/sads_ccsw.pdf},
  year = 2009,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/sads_ccsw.pdf}
}
@inproceedings{androulaki.bellovin:secure,
  author = {Elli Androulaki and Steven M. Bellovin},
  booktitle = {Proceedings of the 1st Workshop on Real-Life Cryptographic
		  Protocols and Standardization},
  month = {January},
  title = {A Secure and Privacy-Preserving Targeted Ad-System},
  url = {https://www.cs.columbia.edu/~smb/papers/ppoad_cr_RLCPS10.pdf},
  year = 2010,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/ppoad_cr_RLCPS10.pdf}
}
@inproceedings{androulaki.vo.ea:privacy-preserving,
  abstract = {Current banking systems do not aim to protect user
		  privacy. Purchases made from a single bank account can be
		  linked to each other by many parties. This could be
		  addressed in a straight-forward way by generating
		  unlinkable credentials from a single master credential
		  using Camenisch and Lysyanskaya's algorithm; however, if
		  bank accounts are taxable, some report must be made to the
		  tax authority about each account. Using unlinkable
		  credentials, digital cash, and zero knowledge proofs of
		  kmowledge, we present a solution that prevents anyone, even
		  the tax authority, from knowing which accounts belong to
		  which users, or from being able to link any account to
		  another or to purchases or deposits.},
  address = {Athens},
  author = {Elli Androulaki and Binh Vo and Steven M. Bellovin},
  booktitle = {Proceedings of the European Symposium on Research in
		  Computer Security (ESORICS)},
  month = {September},
  note = {Longer version issued as Tech Report CUCS-005-10.},
  title = {Privacy-Preserving, Taxable Bank Accounts},
  year = 2010
}
@article{bellovin:frank-miller,
  abstract = {The invention of the one-time pad is generally credited to
		  Gilbert S. Vernam and Joseph O. Mauborgne. We show that it
		  was invented about 35 years earlier by a Sacramento banker
		  named Frank Miller. We provide a tentative identification
		  of which Frank Miller it was, and speculate on whether or
		  not Mauborgne might have known of Miller's work, especially
		  via his colleague Parker Hitt. },
  author = {Steven M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  journal = {Cryptologia},
  month = {July},
  note = {An earlier version is available as technical report
		  CUCS-009-11},
  number = 3,
  pages = {203--222},
  title = {{Frank Miller}: Inventor of the One-Time Pad},
  url = {http://dx.doi.org/10.1080/01611194.2011.583711},
  volume = 35,
  year = 2011,
  bdsk-url-1 = {http://dx.doi.org/10.1080/01611194.2011.583711}
}
@inproceedings{pappas.raykova.ea:private,
  abstract = { Encrypted search---performing queries on protected
		  data---has been explored in the past; however, its inherent
		  inefficiency has raised questions of practicality. Here, we
		  focus on improving the performance and extending its
		  functionality enough to make it practical. We do this by
		  optimizing the system, and by stepping back from the goal
		  of achieving maximal privacy guarantees in an encrypted
		  search scenario and consider efficiency and functionality
		  as priorities. \par We design and analyze the privacy
		  implications of two practical extensions applicable to any
		  keyword-based private search system. We evaluate their
		  efficiency by building them on top of a private search
		  system, called SADS. Additionally, we improve SADS'
		  performance, privacy guaranties and functionality. The
		  extended SADS system offers improved efficiency parameters
		  that meet practical usability requirements in a relaxed
		  adversarial model. We present the experimental results and
		  evaluate the performance of the system. We also demonstrate
		  analytically that our scheme can meet the basic needs of a
		  major hospital complex's admissions records. Overall, we
		  achieve performance comparable to a simply configured MySQL
		  database system. },
  author = {Vasilis Pappas and Mariana Raykova and Binh Vo and Steven
		  M. Bellovin and Tal Malkin},
  booktitle = {Proceedings of the 2011 Annual Computer Security
		  Applications Conference},
  month = {December},
  title = {Private Search in the Real World},
  url = {https://www.cs.columbia.edu/~smb/papers/final_ACSAC11.pdf},
  year = 2011,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/final_ACSAC11.pdf}
}
@article{raykova.cui.ea:usable,
  abstract = { It is a common requirement in real world applications for
		  untrusting parties to be able to share sensitive
		  information securely. We describe a secure anonymous
		  database search scheme (SADS) that provides exact keyword
		  match capability. Using a new primitive, re-routable
		  encryption, and the ideas of Bloom filters and
		  deterministic encryption, SADS allows multiple parties to
		  efficiently execute exact match queries over distributed
		  encrypted database in a controlled manner. We further
		  consider a more general search setting allowing similarity
		  searches, going beyond existing work that considers
		  similarity in terms of error-tolerance and Hamming distance
		  by capturing semantic level similarity in our definition.
		  Building on the cryptographic and privacy preserving
		  guarantees of the SADS primitive, we then describe a
		  general framework for engineering usable private secure
		  search systems. },
  author = {Mariana Raykova and Ang Cui and Binh Vo and Bin Liu and
		  Tal Malkin and Steven M. Bellovin and Salvatore J. Stolfo},
  doi = {10.1109/MSP.2011.155},
  journal = {IEEE Security \& Privacy},
  month = {September-October},
  number = 5,
  title = {Usable Secure Private Search},
  url = {https://www.cs.columbia.edu/~smb/papers/UsableSecurePrivateSearch.pdf},
  volume = 10,
  year = 2012,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/UsableSecurePrivateSearch.pdf},
  bdsk-url-2 = {http://dx.doi.org/10.1109/MSP.2011.155}
}
@inproceedings{raykova.zhao.ea:privacy*1,
  abstract = { Traditional access control models often assume that the
		  entity enforcing access control policies is also the owner
		  of data and resources. This assumption no longer holds when
		  data is outsourced to a third-party storage provider, such
		  as the \emph{cloud}. Existing access control solutions
		  mainly focus on preserving confidentiality of stored data
		  from unauthorized access and the storage provider. However,
		  in this setting, access control policies as well as users'
		  access patterns also become privacy sensitive information
		  that should be protected from the cloud. We propose a
		  two-level access control scheme that combines
		  coarse-grained access control enforced at the cloud, which
		  allows to get acceptable communication overhead and at the
		  same time limits the information that the cloud learns from
		  his partial view of the access rules and the access
		  patterns, and fine-grained cryptographic access control
		  enforced at the user's side, which provides the desired
		  expressiveness of the access control policies. Our solution
		  handles both \emph{read} and \emph{write} access control. },
  author = {Mariana Raykova and Hang Zhao and Steven M. Bellovin},
  booktitle = {Financial Cryptography and Data Security},
  month = {March},
  title = {Privacy Enhanced Access Control for Outsourced Data
		  Sharing},
  url = {https://www.cs.columbia.edu/~smb/papers/ac-cloud.pdf},
  year = 2012,
  bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/ac-cloud.pdf}
}