Key management for wireless sensor network security

Wireless Sensor Networks (WSNs) have attracted great attention not only in industry but also in academia due to their enormous application potential and unique security challenges. A typical sensor network can be seen as a combination of a number of low-cost sensor nodes which have very limited computation and communication capability, memory space, and energy supply. The nodes are self-organized into a network to sense or monitor surrounding information in an unattended environment, while the self-organization property makes the networks vulnerable to various attacks.Many cryptographic mechanisms that solve network security problems rely directly on secure and efficient key management making key management a fundamental research topic in the field of WSNs security. Although key management for WSNs has been studied over the last years, the majority of the literature has focused on some assumed vulnerabilities along with corresponding countermeasures. Specific application, which is an important factor in determining the feasibility of the scheme, has been overlooked to a large extent in the existing literature.This thesis is an effort to develop a key management framework and specific schemes for WSNs by which different types of keys can be established and also can be distributed in a self-healing manner; explicit/ implicit authentication can be integrated according to the security requirements of expected applications. The proposed solutions would provide reliable and robust security infrastructure for facilitating secure communications in WSNs.There are five main parts in the thesis. In Part I, we begin with an introduction to the research background, problems definition and overview of existing solutions. From Part II to Part IV, we propose specific solutions, including purely Symmetric Key Cryptography based solutions, purely Public Key Cryptography based solutions, and a hybrid solution. While there is always a trade-off between security and performance, analysis and experimental results prove that each proposed solution can achieve the expected security aims with acceptable overheads for some specific applications. Finally, we recapitulate the main contribution of our work and identify future research directions in Part V

Evolving Bitcoin Custody

The broad topic of this thesis is the design and analysis of Bitcoin custody systems. Both the technology and threat landscape are evolving constantly. Therefore, custody systems, defence strategies, and risk models should be adaptive too. We introduce Bitcoin custody by describing the different types, design principles, phases and functions of custody systems. We review the technology stack of these systems and focus on the fundamentals; key-management and privacy. We present a perspective we call the systems view. It is an attempt to capture the full complexity of a custody system, including technology, people, and processes. We review existing custody systems and standards. We explore Bitcoin covenants. This is a mechanism to enforce constraints on transaction sequences. Although previous work has proposed how to construct and apply Bitcoin covenants, these require modifying the consensus rules of Bitcoin, a notoriously difficult task. We introduce the first detailed exposition and security analysis of a deleted-key covenant protocol, which is compatible with current consensus rules. We demonstrate a range of security models for deleted-key covenants which seem practical, in particular, when applied in autonomous (user-controlled) custody systems. We conclude with a comparative analysis with previous proposals. Covenants are often proclaimed to be an important primitive for custody systems, but no complete design has been proposed to validate that claim. To address this, we propose an autonomous custody system called Ajolote which uses deleted-key covenants to enforce a vault sequence. We evaluate Ajolote with; a model of its state dynamics, a privacy analysis, and a risk model. We propose a threat model for custody systems which captures a realistic attacker for a system with offline devices and user-verification. We perform ceremony analysis to construct the risk model.Comment: PhD thesi

Decentralizing Software Identity Management

Software ist in unterschiedlichsten Bereichen von größter Wichtigkeit: Wirtschaft, Handel, Industrielle Steueranlagen, Transport, Logistik, Kommunikation, sowie im privaten Gebrauch um nur einige Beispiele zu nennen. Es ist entsprechend unverzichtbar, Software mit Integrität und einer expliziten Befürwortung durch den jeweiligen Entwickler oder Herausgeber zu beziehen. In dieser Arbeit verfolgen wir das Ziel, die Interaktion zwischen Erstellern und Nutzern von Software durch die Etablierung und Nutzung von expliziten Identitäten für Software weiter abzusichern. Eine Softwareidentität etabliert in erster Linie einen eindeutigen und persistenten Bezugspunkt an den Softwareersteller Informationen zu Binärdateien ihrer Software anhängen und entfernen können. Die Möglichkeit zuvor veröffentlichte Binärdateien aus einer Softwareidentität zu entfernen erlaubt Entwicklern auf sicherheitskritische Fehler oder Kompromittierungen zu reagieren, indem sie klar kommunizieren, dass bestimmte Binärdateien nicht länger verwendet werden sollten. Nutzer einer Software können über solche Widerrufe oder neue Versionen informiert werden, indem sie die entsprechende Softwareidentität beobachten über die sie dann auch die Integrität und Befürwortung von heruntergeladenen Binärdateien überprüfen können. Distributed Ledger Technologien wie Ethereum oder zuvor Bitcoin scheinen taugliche Plattformen für die Umsetzung von Softwareidentitäten zu sein, ohne dabei auf zentrale Anbieter vertrauen zu müssen. Ein offenes Peer-to-Peer Netzwerk etabliert einen Konsens über einen manipulationsgeschützten Zustandsverlauf, der namensgebende Ledger, und ermöglicht Zugriff auf selbigen. Ethereum ist einer der ersten Distributed Ledger, der sogenannte Smart Contracts ermöglicht. Dabei handelt es sich um Programme, die auf einem Distributed Ledger installiert und ausgeführt werden und damit einen eindeutig referenzierbaren Teil des Ledgerzustandes etablieren und verwalten. Einzig und allein die Programmierung eines Smart Contracts bestimmt darüber, wer den Teilzustand wann und wie verändern kann. Die erste Forschungsfrage dieser Dissertation zielt auf die Tauglichkeit von Distributed Ledger Technologien hinsichtlich der Etablierung, Verwaltung, und Nutzung von Softwareidentitäten ab. Insbesondere untersuchen wir, wie nützliche Eigenschaften für Softwareidentitätsmanagement und -nutzung von den Sicherheitseigenschaften des zugrundeliegenden Distributed Ledgers und weiteren Annahmen abgeleitet werden können. Neben der Verwendung von Softwareidentitäten zur weiteren Absicherung der Softwaredistribution untersuchen wir außerdem ihre Nutzbarkeit als Grundlage für unabhängige Begutachtungen von Softwareversionen. Die Durchführung solcher unabhängigen Begutachtungen mittels Distributed Ledgern führt unweigerlich zu einer Herausforderung hinsichtlich der koordinierten Offenlegung der Ergebnisse. Zum Zeitpunkt der Abfassung dieser Arbeit bietet kein Distributed Ledger eine entsprechende Funktionalität, um die Erstellung einer Menge unabhängig erstellter Aussagen zu unterstützen oder zu dokumentieren. Die zweite Forschungsfrage dieser Arbeit befasst sich deshalb mit der Umsetzung eines Offenlegungsmechanismus für Distributed Ledger basierend auf bestehenden kryptografischen Primitiven. Wir behandeln beide Forschungsfragen, indem wir entsprechende dezentrale Anwendungen konzipieren, implementieren, und evaluieren. Wir nutzen dabei Ethereum als prominentestes Exemplar eines Smart-Contract-fähigen Distributed Ledgers. Genauer gesagt messen wir die Installations- und Ausführungskosten jener Smart Contracts, die für unsere dezentralen Anwendungen nötig sind, um ihre praktische Tauglichkeit zu bestimmen. In zwei Fällen ermitteln wir außerdem den Rechenaufwand, der abseits des Ledgers anfällt. Wir zeigen zudem semi-formal, wie die Sicherheitseigenschaften unserer Proof of Concept Implementierung von dem zugrundeliegenden Distributed Ledger und weiteren Annahmen abgeleitet werden können. Wir kommen zu dem Ergebnis, dass Ethereum stellvertretend für Smart-Contract-fähige Distributed Ledger eine taugliche Plattform für die Umsetzung von Softwareidentitäten ist, inklusive der zuvor angemerkten unabhängigen Begutachtungen. Da unser Konzept des Softwareidentitätsmanagements auf eher grundlegenden Eigenschaften von Distributed Ledgern fußt sollte es sich gut auf andere Systeme übertragen lassen. Im Gegensatz dazu erfordert unser Konzept für einen Offenlegungsmechanismus die Unterstützung von bestimmten kryptografischen Operationen auf dem verwendeten Ledger, was die Übertragbarkeit entsprechend einschränkt. Die Kosten für die Installation der nötigen Smart Contracts sind signifikant größer als die Ausführungskosten im typischen Gebrauch, weshalb wir für zukünftige Arbeit empfehlen, die Wiederverwendbarkeit von installierten Smart Contract Instanzen zu verbessern. Bei der koordinierten Offenlegung von unabhängig erstellten Aussagen auf einem Distributed Ledger erzielen wir eine Reduktion der Gesamtkosten von 20–40 % im Vergleich zu verwandter Arbeit, indem wir unterschiedliche kryptografische Anforderungen ausnutzen. Unser Ansatz um eine koordinierte Offenlegung auf Ethereum zu erzielen stützt sich auf Elliptische-Kurven-Operationen die, obwohl ausreichend, zum aktuellen Zeitpunkt sehr eingeschränkt sind. Entsprechend trägt unsere Arbeit einen weiteren Grund für die Erweiterung der unterstützten elliptischen Kurven im Zuge der Weiterentwicklung von Ethereum bei

Self-Updatable Encryption: Time Constrained Access Control with Hidden Attributes and Better Efficiency

Revocation and key evolving paradigms are central issues in cryptography, and in PKI in particular. A novel concern related to these areas was raised in the recent work of Sahai, Seyalioglu, and Waters (Crypto 2012) who noticed that revoking past keys should at times (e.g., the scenario of cloud storage) be accompanied by revocation of past ciphertexts (to prevent unread ciphertexts from being read by revoked users). They introduced revocable-storage attribute-based encryption (RS-ABE) as a good access control mechanism for cloud storage. RS-ABE protects against the revoked users not only the future data by supporting key-revocation but also the past data by supporting ciphertext-update, through which a ciphertext at time $T$ can be updated to a new ciphertext at time $T+1$ using only the public key. Motivated by this pioneering work, we ask whether it is possible to have a modular approach, which includes a primitive for time managed ciphertext update as a primitive. We call encryption which supports this primitive a ``self-updatable encryption\u27\u27 (SUE). We then suggest a modular cryptosystems design methodology based on three sub-components: a primary encryption scheme, a key-revocation mechanism, and a time-evolution mechanism which controls the ciphertext self-updating via an SUE method, coordinated with the revocation (when needed). Our goal in this is to allow the self-updating ciphertext component to take part in the design of new and improved cryptosystems and protocols in a flexible fashion. Specifically, we achieve the following results: - We first introduce a new cryptographic primitive called self-updatable encryption (SUE), realizing a time-evolution mechanism. In SUE, a ciphertext and a private key are associated with time. A user can decrypt a ciphertext if its time is earlier than that of his private key. Additionally, anyone (e.g., a cloud server) can update the ciphertext to a ciphertext with a newer time. We also construct an SUE scheme and prove its full security under static assumptions. - Following our modular approach, we present a new RS-ABE scheme with shorter ciphertexts than that of Sahai et al. and prove its security. The length efficiency is mainly due to our SUE scheme and the underlying modularity. - We apply our approach to predicate encryption (PE) supporting attribute-hiding property, and obtain a revocable-storage PE (RS-PE) scheme that is selectively-secure. - We further demonstrate that SUE is of independent interest, by showing it can be used for timed-release encryption (and its applications), and for augmenting key-insulated encryption with forward-secure storage

Investigating Android permissions and intents for malware detection

Today’s smart phones are used for wider range of activities. This extended range of functionalities has also seen the infiltration of new security threats. Android has been the favorite target of cyber criminals. The malicious parties are using highly stealthy techniques to perform the targeted operations, which are hard to detect by the conventional signature and behaviour based approaches. Additionally, the limited resources of mobile device are inadequate to perform the extensive malware detection tasks. Impulsively emerging Android malware merit a robust and effective malware detection solution. In this thesis, we present the PIndroid ― a novel Permissions and Intents based framework for identifying Android malware apps. To the best of author’s knowledge, PIndroid is the first solution that uses a combination of permissions and intents supplemented with ensemble methods for malware detection. It overcomes the drawbacks of some of the existing malware detection methods. Our goal is to provide mobile users with an effective malware detection and prevention solution keeping in view the limited resources of mobile devices and versatility of malware behavior. Our detection engine classifies the apps against certain distinguishing combinations of permissions and intents. We conducted a comparative study of different machine learning algorithms against several performance measures to demonstrate their relative advantages. The proposed approach, when applied to 1,745 real world applications, provides more than 99% accuracy (which is best reported to date). Empirical results suggest that the proposed framework is effective in detection of malware apps including the obfuscated ones. In this thesis, we also present AndroPIn—an Android based malware detection algorithm using Permissions and Intents. It is designed with the methodology proposed in PInDroid. AndroPIn overcomes the limitation of stealthy techniques used by malware by exploiting the usage pattern of permissions and intents. These features, which play a major role in sharing user data and device resources cannot be obfuscated or altered. These vital features are well suited for resource constrained smartphones. Experimental evaluation on a corpus of real-world malware and benign apps demonstrate that the proposed algorithm can effectively detect malicious apps and is resilient to common obfuscations methods. Besides PInDroid and AndroPIn, this thesis consists of three additional studies, which supplement the proposed methodology. First study investigates if there is any correlation between permissions and intents which can be exploited to detect malware apps. For this, the statistical significance test is applied to investigate the correlation between permissions and intents. We found statistical evidence of a strong correlation between permissions and intents which could be exploited to detect malware applications. The second study is conducted to investigate if the performance of classifiers can further be improved with ensemble learning methods. We applied different ensemble methods such as bagging, boosting and stacking. The experiments with ensemble methods yielded much improved results. The third study is related to investigating if the permissions and intents based system can be used to detect the ever challenging colluding apps. Application collusion is an emerging threat to Android based devices. We discuss the current state of research on app collusion and open challenges to the detection of colluding apps. We compare existing approaches and present an integrated approach that can be used to detect the malicious app collusion

Advances and Open Problems in Federated Learning

Federated learning (FL) is a machine learning setting where many clients (e.g. mobile devices or whole organizations) collaboratively train a model under the orchestration of a central server (e.g. service provider), while keeping the training data decentralized. FL embodies the principles of focused data collection and minimization, and can mitigate many of the systemic privacy risks and costs resulting from traditional, centralized machine learning and data science approaches. Motivated by the explosive growth in FL research, this paper discusses recent advances and presents an extensive collection of open problems and challenges.Comment: Published in Foundations and Trends in Machine Learning Vol 4 Issue 1. See: https://www.nowpublishers.com/article/Details/MAL-08

Advances and Open Problems in Federated Learning

Federated learning (FL) is a machine learning setting where many clients (e.g. mobile devices or whole organizations) collaboratively train a model under the orchestration of a central server (e.g. service provider), while keeping the training data decentralized. FL embodies the principles of focused data collection and minimization, and can mitigate many of the systemic privacy risks and costs resulting from traditional, centralized machine learning and data science approaches. Motivated by the explosive growth in FL research, this paper discusses recent advances and presents an extensive collection of open problems and challenges

Data Service Outsourcing and Privacy Protection in Mobile Internet

Mobile Internet data have the characteristics of large scale, variety of patterns, and complex association. On the one hand, it needs efficient data processing model to provide support for data services, and on the other hand, it needs certain computing resources to provide data security services. Due to the limited resources of mobile terminals, it is impossible to complete large-scale data computation and storage. However, outsourcing to third parties may cause some risks in user privacy protection. This monography focuses on key technologies of data service outsourcing and privacy protection, including the existing methods of data analysis and processing, the fine-grained data access control through effective user privacy protection mechanism, and the data sharing in the mobile Internet