37 research outputs found
Flexible Framework for Secret Handshakes (Multi-Party Anonymous and Un-observable Authentication)
In the society increasingly concerned with the erosion of privacy,
privacy-preserving techniques are becoming very important.
This motivates research in cryptographic techniques offering
built-in privacy.
A secret handshake is a protocol whereby participants establish
a secure, anonymous and unobservable communication channel only
if they are members of the same group. This type of ``private
authentication is a valuable tool in the arsenal of privacy-preserving
cryptographic techniques. Prior research focused on 2-party secret
handshakes with one-time credentials.
This paper breaks new ground on two accounts: (1) it shows how
to obtain secure and efficient secret handshakes with reusable
credentials, and (2) it represents the first treatment of group
(or {\em multi-party}) secret handshakes, thus providing a
natural extension to the secret handshake technology. An
interesting new issue encountered in multi-party secret handshakes
is the need to ensure that all parties are indeed distinct.
(This is a real challenge since the parties cannot expose their
identities.) We tackle this and other challenging issues in
constructing GCD -- a flexible framework for secret handshakes.
The proposed framework lends itself to many practical
instantiations and offers several novel and appealing features
such as self-distinction and strong anonymity with reusable
credentials. In addition to describing the motivation and
step-by-step construction of the framework, this paper provides
a thorough security analysis and illustrates two concrete
framework instantiations
Private Handshakes
Private handshaking allows pairs of users to determine which (secret) groups
they are both a member of. Group membership is kept secret to everybody else.
Private handshaking is a more private form of secret handshaking, because it
does not allow the group administrator to trace users. We extend the original
definition of a handshaking protocol to allow and test for membership of
multiple groups simultaneously. We present simple and efficient protocols for
both the single group and multiple group membership case.
Private handshaking is a useful tool for mutual authentication, demanded by
many pervasive applications (including RFID) for privacy. Our implementations
are efficient enough to support such usually resource constrained scenarios
Anonymous, authentic, and accountable resource management based on the E-cash paradigm
The prevalence of digital information management in an open network has driven
the need to maintain balance between anonymity, authenticity and accountability (AAA).
Anonymity allows a principal to hide its identity from strangers before trust relationship
is established. Authenticity ensures the correct identity is engaged in the transaction even
though it is hidden. Accountability uncovers the hidden identity when misbehavior of the
principal is detected. The objective of this research is to develop an AAA management
framework for secure resource allocations. Most existing resource management schemes
are designed to manage one or two of the AAA attributes. How to provide high strength
protection to all attributes is an extremely challenging undertaking. Our study shows that
the electronic cash (E-cash) paradigm provides some important knowledge bases for this
purpose. Based on Chaum-Pederson’s general transferable E-cash model, we propose a
timed-zero-knowledge proof (TZKP) protocol, which greatly reduces storage spaces and
communication overheads for resource transfers, without compromising anonymity and
accountability. Based on Eng-Okamoto’s general divisible E-cash model, we propose a hypercube-based divisibility framework, which provides a sophisticated and flexible way
to partition a chunk of resources, with different trade-offs in anonymity protection and
computational costs, when it is integrated with different sub-cube allocation schemes.
Based on the E-cash based resource management framework, we propose a privacy
preserving service oriented architecture (SOA), which allows the service providers and
consumers to exchange services without leaking their sensitive data. Simulation results
show that the secure resource management framework is highly practical for missioncritical
applications in large scale distributed information systems
Deniable Key Exchanges for Secure Messaging
Despite our increasing reliance on digital communication, much of our online discourse lacks any security or privacy protections. Almost no email messages sent today provide end-to-end security, despite privacy-enhancing technologies being available for decades. Recent revelations by Edward Snowden of government surveillance have highlighted this disconnect between the importance of our digital communications and the lack of available secure messaging tools. In response to increased public awareness and demand, the market has recently been flooded with new applications claiming to provide security and privacy guarantees. Unfortunately, the urgency with which these tools are being developed and marketed has led to inferior or insecure products, grandiose claims of unobtainable features, and widespread confusion about which schemes can be trusted.
Meanwhile, there remains disagreement in the academic community over the definitions and desirability of secure messaging features. This incoherent vision is due in part to the lack of a broad perspective of the literature. One of the most contested properties is deniability—the plausible assertion that a user did not send a message or participate in a conversation. There are several subtly different definitions of deniability in the literature, and no available secure messaging scheme meets all definitions simultaneously. Deniable authenticated key exchanges (DAKEs), the primary cryptographic tool responsible for deniability in a secure messaging scheme, are also often unsuitable for use in emerging applications such as smartphone communications due to unreasonable resource or network requirements.
In this thesis, we provide a guide for a practitioner seeking to implement deniable secure messaging systems. We examine dozens of existing secure messaging protocols, both proposed and implemented, and find that they achieve mixed results in terms of security. This systematization of knowledge serves as a resource for understanding the current state-of-the-art approaches. We survey formalizations of deniability in the secure messaging context, as well as the properties of existing DAKEs. We construct several new practical DAKEs with the intention of providing deniability in modern secure messaging environments. Notably, we introduce Spawn, the first non-interactive DAKE that offers forward secrecy and achieves deniability against both offline and online judges; Spawn can be used to improve the deniability properties of the popular TextSecure secure messaging application. We prove the security of our new constructions in the generalized universal composability (GUC) framework. To demonstrate the practicality of our protocols, we develop and compare open-source instantiations that remain secure without random oracles
The Nature of Ephemeral Secrets in Reverse Engineering Tasks
Reverse engineering is typically carried out on static binary objects, such as files or compiled programs. Often the goal of reverse engineering is to extract a secret that is ephemeral and only exists while the system is running. Automation and dynamic analysis enable reverse engineers to extract ephemeral secrets from dynamic systems, obviating the need for analyzing static artifacts such as executable binaries.
I support this thesis through four automated reverse engineering efforts: (1) named entity extraction to track Chinese Internet censorship based on keywords; (2) dynamic information flow tracking to locate secret keys in memory for a live program; (3) man-in-the-middle to emulate server behavior for extracting cryptographic secrets; and, (4) large-scale measurement and data mining of TCP/IP handshake behaviors to reveal machines on the Internet vulnerable to TCP/IP hijacking and other attacks.
In each of these cases, automation enables the extraction of ephemeral secrets, often in situations where there is no accessible static binary object containing the secret. Furthermore, each project was contingent on building an automated system that interacted with the dynamic system in order to extract the secret(s). This general approach provides a new perspective, increasing the types of systems that can be reverse engineered and provides a promising direction for the future of reverse engineering
Security Hazards when Law is Code.
As software continues to eat the world, there is an increasing pressure to
automate every aspect of society, from self-driving cars, to algorithmic trading
on the stock market. As this pressure manifests into software implementations
of everything, there are security concerns to be addressed across many areas.
But are there some domains and fields that are distinctly susceptible to attacks,
making them difficult to secure?
My dissertation argues that one domain in particular—public policy and law—
is inherently difficult to automate securely using computers. This is in large part
because law and policy are written in a manner that expects them to be flexibly
interpreted to be fair or just. Traditionally, this interpreting is done by judges
and regulators who are capable of understanding the intent of the laws they are
enforcing. However, when these laws are instead written in code, and interpreted
by a machine, this capability to understand goes away. Because they blindly fol-
low written rules, computers can be tricked to perform actions counter to their
intended behavior.
This dissertation covers three case studies of law and policy being implemented
in code and security vulnerabilities that they introduce in practice. The first study
analyzes the security of a previously deployed Internet voting system, showing
how attackers could change the outcome of elections carried out online. The second study looks at airport security, investigating how full-body scanners can be
defeated in practice, allowing attackers to conceal contraband such as weapons or
high explosives past airport checkpoints. Finally, this dissertation also studies how
an Internet censorship system such as China’s Great Firewall can be circumvented
by techniques that exploit the methods employed by the censors themselves.
To address these concerns of securing software implementations of law, a hybrid human-computer approach can be used. In addition, systems should be designed to allow for attacks or mistakes to be retroactively undone or inspected by
human auditors. By combining the strengths of computers (speed and cost) and
humans (ability to interpret and understand), systems can be made more secure
and more efficient than a method employing either alone.PhDComputer Science and EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/120795/1/ewust_1.pd
Foundations of Security Analysis and Design III, FOSAD 2004/2005- Tutorial Lectures
he increasing relevance of security to real-life applications, such as electronic commerce and Internet banking, is attested by the fast-growing number of research groups, events, conferences, and summer schools that address the study of foundations for the analysis and the design of security aspects. This book presents thoroughly revised versions of eight tutorial lectures given by leading researchers during two International Schools on Foundations of Security Analysis and Design, FOSAD 2004/2005, held in Bertinoro, Italy, in September 2004 and September 2005. The lectures are devoted to: Justifying a Dolev-Yao Model under Active Attacks, Model-based Security Engineering with UML, Physical Security and Side-Channel Attacks, Static Analysis of Authentication, Formal Methods for Smartcard Security, Privacy-Preserving Database Systems, Intrusion Detection, Security and Trust Requirements Engineering