CompChall: Addressing Password Guessing Attacks

Even though passwords are the most convenient means of authentication, they bring along themselves the threat of dictionary attacks. Dictionary attacks may be of two kinds: online and offline. While offline dictionary attacks are possible only if the adversary is able to collect data for a successful protocol execution by eavesdropping on the communication channel and can be successfully countered using public key cryptography, online dictionary attacks can be performed by anyone and there is no satisfactory solution to counter them. This paper presents a new authentication protocol which is called CompChall (computational challenge). The proposed protocol uses only one way hash functions as the building blocks and attempts to eliminate online dictionary attacks by implementing a challenge-response system. This challenge-response system is designed in a fashion that it does not pose any difficulty to a genuine user but is time consuming and computationally intensive for an adversary trying to launch a large number of login requests per unit time as in the case of an online dictionary attack. The protocol is stateless and thus less vulnerable to DoS (Denial of Service) attacks

On the Release of Crls in Public Key Infrastructure

Public key infrastructure provides a promising founda-tion for verifying the authenticity of communicating par-ties and transferring trust over the internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this aspect has con-centrated on the tradeoffs that can be made among dif-ferent revocation options. No rigorous efforts have been made to understand the probability distribution of certifi-cate revocation requests based on real empirical data. In this study, we first collect real empirical data from VeriSign and derive the probability function for certifi-cate revocation requests. We then prove that a revocation system will become stable after a period of time. Based on these, we show that different certificate authorities should take different strategies for releasing certificate revocation lists for different types of certificate services. We also provide the exact steps by which certificate au-thorities can derive optimal releasing strategies.

Privacy in Mobile Technology for Personal Healthcare

Information technology can improve the quality, efficiency, and cost of healthcare. In this survey, we examine the privacy requirements of \emphmobile\/ computing technologies that have the potential to transform healthcare. Such \emphmHealth\/ technology enables physicians to remotely monitor patients\u27 health, and enables individuals to manage their own health more easily. Despite these advantages, privacy is essential for any personal monitoring technology. Through an extensive survey of the literature, we develop a conceptual privacy framework for mHealth, itemize the privacy properties needed in mHealth systems, and discuss the technologies that could support privacy-sensitive mHealth systems. We end with a list of open research questions

NBPKI: uma ICP baseada em autoridades notariais

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro Tecnológico, Programa de Pós-Graduação em Ciência de Computação, Florianópolis, 2011Infraestrutura de Chaves Públicas tem sido implementadas considerando o tradicional modelo de certificação digital baseado em serviços tais como autoridades de registro, autoridades de carimbo do tempo e autoridades certificadoras: um certificado digital certificando uma chave é somente emitido pela autoridade certificadora após a verificação pela autoridade de registro dos atributos da chave e de sua posse pelo titular. Nesse modelo, certificados podem ser revogados, o que implica, necessariamente, pela parte confiante, na verificação do seu status, antes que possa ser usado tanto para a verificação de um token de autenticação quanto para a verificação de uma assinatura digital. Esse modelo tem sido regulamentado e amplamente utilizado tanto por empresas e governos de todo o mundo quanto integrado em sistemas computacionais. Este trabalho apresenta uma visão crítica deste modelo, o que tem dificultado e encarecido sua adoção, bem como das alternativas existentes na literatura. Também apresenta-se uma nova alternativa ao modelo - denominada de Infraestrutura de Chaves Públicas baseadas em Autoridades Notariais - eliminando-se processos e serviços complementares que deixam de ser necessários. Mostra-se que o novo modelo é mais simples de ser implementado, mais fácil de se definir um justo modelo de negócio, além de simplificar o processo de verificação de assinatura

Infraestrutura de chaves públicas otimizadora

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro Tecnológico, Programa de Pós-Graduação em Ciência da Computação, Florianópolis, 2010Este trabalho tem como objetivo propor e implementar um novo conceito de certificado: o Certificado Otimizado, base da Infraestrutura de Chaves Publicas Otimizadora. Trata-se de adaptaçoes ao padrao X.509 para reduzir o esforço computacional necessario ao uso de documentos eletronicos assinados sem a perda da compatibilidade com as aplicaçoes existentes. Tal reduçao incide na verificação de assinaturas digitais, pois o Certificado Otimizado: (1) dispensa verificaçao de situaçao de revogaçao; (2) substitui carimbos do tempo sobre uma assinatura digital; (3) ´e emitido por uma Autoridade Certificadora cuja situaçao de revogaçao ´e aferida atraves do m´etodo Novomodo; e (4) possui um caminho de certificaçao curto. Esta proposta tamb´em explora a substituição de Certificados Otimizados quando da obsolescencia dos algoritmos criptograficos, tornando possivel a manutencão da autenticidade de assinaturas digitais sem o aumento contínuo dos recursos computacionais utilizados. Desta forma, beneficia diretamente verificadores de assinaturas digitais e entidades arquivisticas, as quais enfrentam o desafio de armazenar e manter validas assinaturas digitais sobre documentos eletronicos sem demandar quantidades impraticaveis de recursos computacionais. A soluçao proposta é comparada com o certificado X.509 convencional atrav´es da simulaçao de um cenario de documentos eletronicos assinados na ICP-Brasil. Os resultados da simulaçao demonstram que o Certificado Otimizado proporciona uma economia superior a 80% de recursos computacionais ao longo dos anos. Ainda, observa-se, atrav´es de testes realizados sobre a implementaçao do algoritmo Certificate Path Processing, presente na M´aquina Virtual Java, que o Certificado Otimizado ´e aderente ao padrao X.509 e, portanto, compatível com a maioria das aplicaçoes de certificaçao digital existentes. Sem duvida, tais características tornam o Certificado Otimizado uma atraente soluçao para reduzir os recursos computacionais necessarios no uso de documentos eletronicos assinados.This work deals with the proposal and the implementation of a new digital certificate concept: an Optimized Certificate, on which Optimizer Public Key Infrastructure is based. This concept implies some changes in the X.509 standard as a means to cut down on the computational effort required to use digital signatures on electronic documents, while keeping compatibility with existing applications. This reduction can be noted when verifying digital signatures because an Optimized Certificate: (1) dismisses the need to verify the revocation status; (2) replaces timestamps for a signature; (3) is issued by a Certification Authority whose revocation status is checked using Novomodo; and (4) presents a short certification path. Also, this proposal takes advantage of replacing an Optimized Certificate before cryptographic algorithms become weak, which makes it possible to maintain authentic digital signatures without requiring an ever-growing amount of computational resources. Therefore, Optimized Certificates benefit the verifiers of digital signatures and archiving entities, which have to overcome the challenge of storing and maintaining valid digital signature on electronic documents within computational resource constraints. The proposal is compared with the conventional X.509 certificate, considering the simulation of a scenario of signed electronic documents in ICP-Brasil. The result of this comparison reveals that an Optimized Certificate can lead to the reduction of computational resources along years at rates above 80%. Moreover, successful tests on the implementation of Certificate Path Processing available in Java Virtual Machine indicate that an Optimized Certificate adheres to X.509 and therefore, with regard to digital signatures, it is compatible with most existing applications. Indeed, such characteristics make Optimized Certificates an attractive solution to reduce the computational resources required for using signed electronic documents

Performance Evaluation of Distributed Security Protocols Using Discrete Event Simulation

The Border Gateway Protocol (BGP) that manages inter-domain routing on the Internet lacks security. Protective measures using public key cryptography introduce complexities and costs. To support authentication and other security functionality in large networks, we need public key infrastructures (PKIs). Protocols that distribute and validate certificates introduce additional complexities and costs. The certification path building algorithm that helps users establish trust on certificates in the distributed network environment is particularly complicated. Neither routing security nor PKI come for free. Prior to this work, the research study on performance issues of these large-scale distributed security systems was minimal. In this thesis, we evaluate the performance of BGP security protocols and PKI systems. We answer the questions about how the performance affects protocol behaviors and how we can improve the efficiency of these distributed protocols to bring them one step closer to reality. The complexity of the Internet makes an analytical approach difficult; and the scale of Internet makes empirical approaches also unworkable. Consequently, we take the approach of simulation. We have built the simulation frameworks to model a number of BGP security protocols and the PKI system. We have identified performance problems of Secure BGP (S-BGP), a primary BGP security protocol, and proposed and evaluated Signature Amortization (S-A) and Aggregated Path Authentication (APA) schemes that significantly improve efficiency of S-BGP without compromising security. We have also built a simulation framework for general PKI systems and evaluated certification path building algorithms, a critical part of establishing trust in Internet-scale PKI, and used this framework to improve algorithm performance

Maintaining Security and Trust in Large Scale Public Key Infrastructures

In Public Key Infrastructures (PKIs), trusted Certification Authorities (CAs) issue public key certificates which bind public keys to the identities of their owners. This enables the authentication of public keys which is a basic prerequisite for the use of digital signatures and public key encryption. These in turn are enablers for e-business, e-government and many other applications, because they allow for secure electronic communication. With the Internet being the primary communication medium in many areas of economic, social, and political life, the so-called Web PKI plays a central role. The Web PKI denotes the global PKI which enables the authentication of the public keys of web servers within the TLS protocol and thus serves as the basis for secure communications over the Internet. However, the use of PKIs in practice bears many unsolved problems. Numerous security incidents in recent years have revealed weaknesses of the Web PKI. Because of these weaknesses, the security of Internet communication is increasingly questioned. Central issues are (1) the globally predefined trust in hundreds of CAs by browsers and operating systems. These CAs are subject to a variety of jurisdictions and differing security policies, while it is sufficient to compromise a single CA in order to break the security provided by the Web PKI. And (2) the handling of revocation of certificates. Revocation is required to invalidate certificates, e.g., if they were erroneously issued or the associated private key has been compromised. Only this can prevent their misuse by attackers. Yet, revocation is only effective if it is published in a reliable way. This turned out to be a difficult problem in the context of the Web PKI. Furthermore, the fact that often a great variety of services depends on a single CA is a serious problem. As a result, it is often almost impossible to revoke a CA's certificate. However, this is exactly what is necessary to prevent the malicious issuance of certificates with the CA's key if it turns out that a CA is in fact not trustworthy or the CA's systems have been compromised. In this thesis, we therefore turn to the question of how to ensure that the CAs an Internet user trusts in are actually trustworthy. Based on an in depth analysis of the Web PKI, we present solutions for the different issues. In this thesis, the feasibility and practicality of the presented solutions is of central importance. From the problem analysis, which includes the evaluation of past security incidents and previous scientific work on the matter, we derive requirements for a practical solution. For the solution of problem (1), we introduce user-centric trust management for the Web PKI. This allows to individually reduce the number of CAs a user trusts in to a fraction of the original number. This significantly reduces the risk to rely on a CA, which is actually not trustworthy. The assessment of a CA's trustworthiness is user dependent and evidence-based. In addition, the method allows to monitor the revocation status for the certificates relevant to a user. This solves the first part of problem (2). Our solution can be realized within the existing infrastructure without introducing significant overhead or usability issues. Additionally, we present an extension by online service providers. This enables to share locally collected trust information with other users and thus, to improve the necessary bootstrapping of the system. Moreover, an efficient detection mechanism for untrustworthy CAs is realized. In regard to the second part of problem (2), we present a CA revocation tolerant PKI construction based on forward secure signature schemes (FSS). Forward security means that even in case of a key compromise, previously generated signatures can still be trusted. This makes it possible to implement revocation mechanisms such that CA certificates can be revoked, without compromising the availability of dependent web services. We describe how the Web PKI can be transitioned to a CA revocation tolerant PKI taking into account the relevant standards. The techniques developed in this thesis also enable us to address the related problem of ``non-repudiation'' of digital signatures. Non-repudiation is an important security goal for many e-business and e-government applications. Yet, non-repudiation is not guaranteed by standard PKIs. Current solutions, which are based on time-stamps generated by trusted third parties, are inefficient and costly. In this work, we show how non-repudiation can be made a standard property of PKIs. This makes time-stamps obsolete. The techniques presented in this thesis are evaluated in terms of practicality and performance. This is based on theoretical results as well as on experimental analyses. Our results show that the proposed methods are superior to previous approaches. In summary, this thesis presents mechanisms which make the practical use of PKIs more secure and more efficient and demonstrates the practicability of the presented techniques