14 research outputs found
Secure Device Bootstrapping with the Nimble Out of Band Authentication Protocol
The smart personal and business appliances which form the Internet of Things are expected to become ubiquitous and to make our daily life more convenient. Most of these devices are connected though wireless networks to cloud-based online services. However, such devices may be vulnerable to various attacks which could compromise the users’ security and privacy and even cause physical harm. Therefore, securing the network connection for the devices is of utmost importance. In order to secure the network connections, the devices need to be configured with the necessary keys and other connection parameters. There is not yet any widely adopted generic solution for this secure bootstrapping. One proposed solution is out-of-band (OOB) authentication with a protocol called EAP-NOOB, which is a new method for the EAP and IEEE 802.1X authentication framework.
The goal of this thesis is to build a prototype of the EAP-NOOB protocol and deploy the prototype to test it with the real-world scenarios. The protocol requires no a-priori information either about the device or the user is necessary for the bootstrapping. Instead, the user’s ownership of the device is established during the bootstrapping process. The protocol was implemented both by adding support for the new EAP method into existing open-source software, the commonly used WPA_Supplicant and Hostapd packages. We also implemented a web interface for the back-end authentication server, which works in tandem with the AAA server, and out-of-band channels based on dynamic QR codes and NFC tags.
We used the prototype to test and demonstrate the EAP-NOOB protocol, including its usability and authentication latency. The bootstrapping procedure can be completed in less than a minute in most cases. The main results of the project are the EAP-NOOB implementation and various improvements and clarifications to the protocol specification. These results are an essential part of the protocol standardization process at IETF
Analysis and implementation of a security standard
This master's thesis describes the design and implementation of a security standard in a university research department. It has been developed in the framework of the ETSETB Master's Degree in Cybersecurity, in cooperation with the University of Barcelona. The work has consisted on several stages. First, an analysis of the vulnerabilities of the system has been performed. This diagnosis has been specially important, since the lack of cybersecurity protections in the department has lead to several hijacks and data losses throughout the years. Then, the report describes the application of all the security features that are considered essential in a company, covering as much elements as possible. Those include from devices' physical security, through software protection to employees training. The project will be mainly focused in the deployment of the main services found in an IT department with a brief cybersecurity training session for the employees at the end. The work developed in this master thesis will reinforce the security of all crucial services and will reduce the possibility of data loss
Security Implications of Insecure DNS Usage in the Internet
The Domain Name System (DNS) provides domain-to-address lookup-services used by almost all internet applications. Because of this ubiquitous use of the DNS, attacks against the DNS have become more and more critical. However, in the past, studies of DNS security have been mostly conducted against individual protocols and applications. In this thesis, we perform the first comprehensive evaluation of DNS-based attacks against a wide range of internet applications, ranging from time-synchronisation via NTP over internet resource management to security mechanisms. We show how to attack those applications by exploiting various weaknesses in the DNS. These attacks are based on both, already known weaknesses which are adapted to new attacks, as well as previously unknown attack vectors which have been found during the course of this thesis. We evaluate our attacks and provide the first taxonomy of DNS applications, to show how adversaries can systematically develop attacks exploiting the DNS. We analyze the attack surface created by our attacks in the internet and find that a significant number of applications and systems can be attacked. We work together with the developers of the vulnerable applications to develop patches and general countermeasures which can be applied by various parties to block our attacks. We also provide conceptual insights into the root causes allowing our attacks to help with the development of new applications and standards.
The findings of this thesis are published in in 4 full-paper publications and 2 posters at international academic conferences. Additionally, we disclose our finding to developers which has lead to the registration of 8 Common Vulnerabilities and Exposures identifiers (CVE IDs) and patches in 10 software implementations. To raise awareness, we also presented our findings at several community meetings and via invited articles
Security technologies for wireless access to local area networks
In today’s world, computers and networks are connected to all life aspects and professions.
The amount of information, personal and organizational, spread over the network
is increasing exponentially. Simultaneously, malicious attacks are being developed at the
same speed, which makes having a secure network system a crucial factor on every level
and in any organization. Achieving a high protection level has been the goal of many
organizations, such as the Wi-Fi Alliance
R , and many standards and protocols have been
developed over time.
This work addresses the historical development of WLAN security technologies, starting
from the oldest standard, WEP, and reaching the newly released standard WPA3, passing
through the several versions in between,WPA, WPS, WPA2, and EAP. Along with WPA3,
this work addresses two newer certificates, Enhanced OpenTM and Easy ConnectTM. Furthermore,
a comparative analysis of the previous standards is also presented, detailing
their security mechanisms, flaws, attacks, and the measures they have adopted to prevent
these attacks. Focusing on the new released WPA3, this work presents a deep study
on both WPA3 and EAP-pwd. The development of WPA3 had the objective of providing
strong protection, even if the network’s password is considered weak. However, this
objective was not fully accomplished and some recent research work discovered design
flaws in this new standard.
Along with the above studies, this master thesis’ work builds also a network for penetration
testing using a set of new devices that support the new standard. A group of possible
attacks onWi-Fi latest security standards was implemented on the network, testing the response
against each of them, discussing the reason behind the success or the failure of the
attack, and providing a set of countermeasures applicable against these attacks. Obtained results show that WPA3 has overcome many of WPA2’s issues, however, it is still unable to overcome some major Wi-Fi vulnerabilities.No mundo de hoje, os computadores e as redes estão conectados praticamente a todos
os aspectos da nossa vida pessoal e profissional. A quantidade de informações, pessoais
e organizacionais, espalhadas pela rede está a aumentar exponencialmente. Simultaneamente,
também os ataques maliciosos estão a aumentar à mesma velocidade, o que faz
com que um sistema de rede seguro seja um fator crucial a todos os níveis e em qualquer
organização. Alcançar altos níveis de proteção tem sido o objetivo de trabalho de muitas
organizações, como a Wi-Fi Alliance
R , tendo muitos standards e protocolos sido desenvolvidos
ao longo do tempo.
Este trabalho aborda o desenvolvimento histórico das tecnologias de segurança para WLANs,
começando pelo standard mais antigo, WEP, e acabando no recém-chegado WPA3, passando
pelas várias versões intermedias, WPA, WPS, WPA2 e EAP. Juntamente com o
WPA3, este trabalho aborda os dois certificados mais recentes, Enhanced OpenTM e Easy
ConnectTM. Além disso, também é apresentada uma análise comparativa dos standards
anteriores, detalhando os seus principais mecanismos de segurança, falhas, ataques a que
são susceptíveis e medidas adotadas para evitar esses ataques. Quanto ao novo WPA3
e EAP-pwd, este trabalho apresenta um estudo aprofundado sobre os seus modos "Personal"
e "Enterprise". O desenvolvimento do WPA3 teve por objetivo fornecer proteção
forte, mesmo que a password de rede seja considerada fraca. No entanto, esse objetivo
não foi totalmente alcançado e alguma investigação realizada recentemente detectou falhas
de desenho nesse novo padrão.
Juntamente com os estudo dos standards acima referidos, o trabalho realizado para esta
tese de mestrado também constrói uma rede para testes de penetração usando um conjunto
de novos dispositivos que já suportam o novo standard. São aplicados vários ataques aos
mais recentes padrões de segurança Wi-Fi, é testada a sua resposta contra cada um deles,
é discutindo o motivo que justifica o sucesso ou a falha do ataque, e são indicadas
contramedidas aplicáveis a esses ataques. Os resultados obtidos mostram que o WPA3
superou muitos dos problemas do WPA2 mas que, no entanto, ainda é incapaz de superar
algumas das vulnerabilidades presentes nas redes Wi-Fi.First, I would like to express my deepest appreciation to those who gave me the possibility
to complete my study and get my Master degree, the Aga Khan Foundation, who has
supported me financiall
Actas da 10ª Conferência sobre Redes de Computadores
Universidade do MinhoCCTCCentro AlgoritmiCisco SystemsIEEE Portugal Sectio