46 research outputs found
McFIL: Model Counting Functionality-Inherent Leakage
Protecting the confidentiality of private data and using it for useful
collaboration have long been at odds. Modern cryptography is bridging this gap
through rapid growth in secure protocols such as multi-party computation,
fully-homomorphic encryption, and zero-knowledge proofs. However, even with
provable indistinguishability or zero-knowledgeness, confidentiality loss from
leakage inherent to the functionality may partially or even completely
compromise secret values without ever falsifying proofs of security. In this
work, we describe McFIL, an algorithmic approach and accompanying software
implementation which automatically quantifies intrinsic leakage for a given
functionality. Extending and generalizing the Chosen-Ciphertext attack
framework of Beck et al. with a practical heuristic, our approach not only
quantifies but maximizes functionality-inherent leakage using Maximum Model
Counting within a SAT solver. As a result, McFIL automatically derives
approximately-optimal adversary inputs that, when used in secure protocols,
maximize information leakage of private values.Comment: To appear in USENIX Security 202
Exploitation of Vulnerabilities in Cloud-Storage
The paper presents the vulnerabilities of cloudstorage and various possible attacks exploiting thesevulnerabilities that relate to cloud security, which is one of thechallenging features of cloud computing. The attacks areclassified into three broad categories of which the socialnetworking based attacks are the recent attacks which areevolving out of existing technologies such as P2P file sharing.The study is extended to available defence mechanisms andcurrent research areas of cloud storage. Based on the study,simple cloud storage is implemented and the major aspectssuch as login mechanism, encryption techniques and keymanagement techniques are evaluated against the presentedattacks. The study proves that the cloud storage consumers arestill dependent on the trust and contracts agreed with theservice provider and there is no hard way of proven defensemechanisms against the attacks. Further down, the emergingtechnologies could possibly break down all key basedencryption mechanisms
Light-weight primitive, feather-weight security? A cryptanalytic knock-out. (Preliminary results)
In [12], the authors present a new light-weight cryptographic primitive which supports an associated RFID-based authentication protocol. The primitive has some structural similarities to AES, but is presented as a keyed one-way function using a 128-bit key. Although a security analysis is included, this is at a high-level only. To provide a more concrete idea as to the security of this primitive, we therefore make three contributions: first, a structural attack requiring plaintext/ciphertext pairs (and hence effort online) plus effort offline, second an algebraic attack on round reduced versions of the primitive which requires only a single plaintext/ciphertext pair, and, third debunk the claimed attack of [36] on the same primitive as wishful thinking. Our structural attack completely breaks the primitive and the algebraic attack highlights a crucial weakness of the primitive: we conclude that although one can consider countermeasures against these specific attacks, the design in general is questionable and should therefore be avoided
A survey on security analysis of machine learning-oriented hardware and software intellectual property
Intellectual Property (IP) includes ideas, innovations, methodologies, works of authorship (viz., literary and artistic works), emblems, brands, images, etc. This property is intangible since it is pertinent to the human intellect. Therefore, IP entities are indisputably vulnerable to infringements and modifications without the owner’s consent. IP protection regulations have been deployed and are still in practice, including patents, copyrights, contracts, trademarks, trade secrets, etc., to address these challenges. Unfortunately, these protections are insufficient to keep IP entities from being changed or stolen without permission. As for this, some IPs require hardware IP protection mechanisms, and others require software IP protection techniques. To secure these IPs, researchers have explored the domain of Intellectual Property Protection (IPP) using different approaches. In this paper, we discuss the existing IP rights and concurrent breakthroughs in the field of IPP research; provide discussions on hardware IP and software IP attacks and defense techniques; summarize different applications of IP protection; and lastly, identify the challenges and future research prospects in hardware and software IP security
Mecanismos dinâmicos de segurança para redes softwarizadas e virtualizadas
The relationship between attackers and defenders has traditionally been
asymmetric, with attackers having time as an upper hand to devise an exploit
that compromises the defender. The push towards the Cloudification of
the world makes matters more challenging, as it lowers the cost of an attack,
with a de facto standardization on a set of protocols. The discovery of a vulnerability
now has a broader impact on various verticals (business use cases),
while previously, some were in a segregated protocol stack requiring independent
vulnerability research. Furthermore, defining a perimeter within a cloudified
system is non-trivial, whereas before, the dedicated equipment already
created a perimeter. This proposal takes the newer technologies of network
softwarization and virtualization, both Cloud-enablers, to create new dynamic
security mechanisms that address this asymmetric relationship using novel
Moving Target Defense (MTD) approaches. The effective use of the exploration
space, combined with the reconfiguration capabilities of frameworks like
Network Function Virtualization (NFV) and Management and Orchestration
(MANO), should allow for adjusting defense levels dynamically to achieve the
required security as defined by the currently acceptable risk. The optimization
tasks and integration tasks of this thesis explore these concepts. Furthermore,
the proposed novel mechanisms were evaluated in real-world use cases, such
as 5G networks or other Network Slicing enabled infrastructures.A relação entre atacantes e defensores tem sido tradicionalmente assimétrica,
com os atacantes a terem o tempo como vantagem para conceberem
uma exploração que comprometa o defensor. O impulso para a Cloudificação
do mundo torna a situação mais desafiante, pois reduz o custo de um
ataque, com uma padronização de facto sobre um conjunto de protocolos.
A descoberta de uma vulnerabilidade tem agora um impacto mais amplo em
várias verticais (casos de uso empresarial), enquanto anteriormente, alguns
estavam numa pilha de protocolos segregados que exigiam uma investigação
independente das suas vulnerabilidades. Além disso, a definição de um
perÃmetro dentro de um sistema Cloud não é trivial, enquanto antes, o equipamento
dedicado já criava um perÃmetro. Esta proposta toma as mais recentes
tecnologias de softwarização e virtualização da rede, ambas facilitadoras da
Cloud, para criar novos mecanismos dinâmicos de segurança que incidem sobre
esta relação assimétrica utilizando novas abordagens de Moving Target
Defense (MTD). A utilização eficaz do espaço de exploração, combinada com
as capacidades de reconfiguração de frameworks como Network Function
Virtualization (NFV) e Management and Orchestration (MANO), deverá permitir
ajustar dinamicamente os nÃveis de defesa para alcançar a segurança
necessária, tal como definida pelo risco actualmente aceitável. As tarefas de
optimização e de integração desta tese exploram estes conceitos. Além disso,
os novos mecanismos propostos foram avaliados em casos de utilização no
mundo real, tais como redes 5G ou outras infraestruturas de Network Slicing.Programa Doutoral em Engenharia Informátic
Problems in Cloud Security, Access Control and Logic Locking
In this thesis, we study problems related to security in three different contexts: cloud scheduling, access control, and logic locking to protect digital ICs.
The first set of problems relates to security in cloud computing. Prior work suggests that scheduling, with security as a consideration, can be effective in minimizing information leakage, via side-channels, that can exist when virtual machines (VMs) co-reside in clouds. We analyze the overhead that is incurred by such an approach. We first pose and answer a fundamental question: is the problem tractable? We show that the seemingly simpler sub-cases of initial placement and migration across only two equal-capacity servers are both intractable (NP-hard). However, a decision version of the general problem to which the optimization version is related polynomially is in NP. With these results as the basis, we make several other contributions. We revisit recent work that proposes a greedy algorithm for this problem, called Nomad. We establish that if P != NP, then there exist infinitely many classes of input, each with an infinite number of inputs, for which a decrease in information leakage is possible, but Nomad provides none, let alone minimize it. We establish also that a mapping to Integer Linear Programming (ILP) in prior work is deficient in that the mapping can be inefficient (exponential-time), and therefore does not accurately convey the overhead of such an approach that actually decreases information leakage. We present our efficient reductions to ILP and boolean satisfiability in conjunctive normal form (CNF-SAT). We have implemented these approaches and conducted an empirical assessment using the same ILP solver as prior work, and a SAT solver. Our analytical and empirical results more accurately convey the overhead that is incurred by an approach that actually provides security (decrease in information leakage).
The second set of problems relates to access control. We pose and study forensic analysis in the context of access control systems. Forensics seeks to answer questions about past states of a system, and thereby provides important clues and evidence in the event of a security incident. Access control deals with who may perform what action on a resource and is an important security function. We argue that access control is an important context in which to consider forensic analysis, and observe that it is a natural complement of safety analysis, which has been considered extensively in the literature. We pose the forensic analysis problem for access control systems abstractly, and instantiate it for three schemes from the literature: a well-known access matrix scheme, a role-based scheme, and a discretionary scheme. In particular, we ask what the computational complexity of forensic analysis is, and compare it to the computational complexity of safety analysis for each of these schemes. We observe that in the worst-case, forensic analysis lies in the same complexity class as safety analysis. We consider also the notion of logs, i.e., data that can be collected over time to aid forensic analysis. We present results for sufficient and minimal logs that render forensic analysis for the three schemes efficient. This motivates discussions on goal-directed logging, with the explicit intent of aiding forensic analysis. We carry out a case-study in the realistic setting of a serverless cloud application, and observe that goal-directed logging can be highly effective. Our work makes contributions at the foundations of information security, and its practical implications.
The third set of problems relates to logic locking to protect digital integrated circuits (ICs) against untrusted semiconductor foundries. We make two sets of complementary contributions, all rooted in foundations and bolstered by implementations and empirical results. Our first set of contributions regards observations about prior schemes and attacks, and our second is a new security notion. Towards the former, we make two contributions. (a) We revisit a prior approach called XOR-locking that has been demonstrated to be susceptible, in practice, to a particular attack called the SAT attack. We establish that (i) there exist circuits that are invulnerable to the SAT attack when XOR-locked with even a 1-bit key, and, (ii) there is a particular property that is inherent to benchmark circuits that explains why the SAT attack is successful against XOR-locked versions of those. Both (i) and (ii) are rooted in computing foundations: for (i), one-way functions; for (ii), average-case computational complexity, specifically, the class distP. (b) We revisit a state-of-art logic locking approach called TTLock whose generalization called SFLL-HD has been argued to be ``provably secure'' in prior work. We devise a new, probabilistic attack against TTLock. We explain, from foundations, why benchmark circuits that are locked using TTLock are susceptible to our new attack. Our observations (a) and (b), and prior work on attacks, informs our second contribution, which is a new security notion. Our notion is at least as strong as the property that underlies the SAT attack
Towards trustworthy computing on untrustworthy hardware
Historically, hardware was thought to be inherently secure and trusted due to its
obscurity and the isolated nature of its design and manufacturing. In the last two
decades, however, hardware trust and security have emerged as pressing issues.
Modern day hardware is surrounded by threats manifested mainly in undesired
modifications by untrusted parties in its supply chain, unauthorized and pirated
selling, injected faults, and system and microarchitectural level attacks. These threats,
if realized, are expected to push hardware to abnormal and unexpected behaviour
causing real-life damage and significantly undermining our trust in the electronic and
computing systems we use in our daily lives and in safety critical applications. A
large number of detective and preventive countermeasures have been proposed in
literature. It is a fact, however, that our knowledge of potential consequences to
real-life threats to hardware trust is lacking given the limited number of real-life
reports and the plethora of ways in which hardware trust could be undermined. With
this in mind, run-time monitoring of hardware combined with active mitigation of
attacks, referred to as trustworthy computing on untrustworthy hardware, is proposed
as the last line of defence. This last line of defence allows us to face the issue of live
hardware mistrust rather than turning a blind eye to it or being helpless once it occurs.
This thesis proposes three different frameworks towards trustworthy computing
on untrustworthy hardware. The presented frameworks are adaptable to different
applications, independent of the design of the monitored elements, based on
autonomous security elements, and are computationally lightweight. The first
framework is concerned with explicit violations and breaches of trust at run-time,
with an untrustworthy on-chip communication interconnect presented as a potential
offender. The framework is based on the guiding principles of component guarding,
data tagging, and event verification. The second framework targets hardware elements
with inherently variable and unpredictable operational latency and proposes a
machine-learning based characterization of these latencies to infer undesired latency
extensions or denial of service attacks. The framework is implemented on a DDR3
DRAM after showing its vulnerability to obscured latency extension attacks. The
third framework studies the possibility of the deployment of untrustworthy hardware
elements in the analog front end, and the consequent integrity issues that might arise
at the analog-digital boundary of system on chips. The framework uses machine
learning methods and the unique temporal and arithmetic features of signals at this
boundary to monitor their integrity and assess their trust level
Dagstuhl News January - December 2011
"Dagstuhl News" is a publication edited especially for the members of the Foundation "Informatikzentrum Schloss Dagstuhl" to thank them for their support. The News give a summary of the scientific work being done in Dagstuhl. Each Dagstuhl Seminar is presented by a small abstract describing the contents and scientific highlights of the seminar as well as the perspectives or challenges of the research topic
Understanding and Identifying Vulnerabilities Related to Architectural Security Tactics
To engineer secure software systems, software architects elicit the system\u27s security requirements to adopt suitable architectural solutions. They often make use of architectural security tactics when designing the system\u27s security architecture. Security tactics are reusable solutions to detect, resist, recover from, and react to attacks. Since security tactics are the building blocks of a security architecture, flaws in the adoption of these tactics, their incorrect implementation, or their deterioration during software maintenance activities can lead to vulnerabilities, which we refer to as tactical vulnerabilities . Although security tactics and their correct adoption/implementation are crucial elements to achieve security, prior works have not investigated the architectural context of vulnerabilities. Therefore, this dissertation presents a research work whose major goals are: (i) to identify common types of tactical vulnerabilities, (ii) to investigate tactical vulnerabilities through in-depth empirical studies, and (iii) to develop a technique that detects tactical vulnerabilities caused by object deserialization. First, we introduce the Common Architectural Weakness Enumeration (CAWE), which is a catalog that enumerates 223 tactical vulnerability types. Second, we use this catalog to conduct an empirical study using vulnerability reports from large-scale open-source systems. Among our findings, we observe that Improper Input Validation was the most reoccurring vulnerability type. This tactical vulnerability type is caused by not properly implementing the Validate Inputs tactic. Although prior research focused on devising automated (or semi-automated) techniques for detecting multiple instances of improper input validation (e.g., SQL Injection and Cross-Site Scripting) one of them got neglected, which is the untrusted deserialization of objects. Unlike other input validation problems, object deserialization vulnerabilities exhibit a set of characteristics that are hard to handle for effective vulnerability detection. We currently lack a robust approach that can detect untrusted deserialization problems. Hence, this dissertation introduces DODO untrusteD ObjectDeserialization detectOr), a novel program analysis technique to detect deserialization vulnerabilities. DODO encompasses a sound static analysis of the program to extract potentially vulnerable paths, an exploit generation engine, and a dynamic analysis engine to verify the existence of untrusted object deserialization. Our experiments showed that DODO can successfully infer possible vulnerabilities that could arise at runtime during object deserialization