TrustedPals: Secure Multiparty Computation Implemented with Smart Cards

We study the problem of Secure Multi-party Computation (SMC) in a model where individual processes contain a tamper-proof security module, and introduce the TrustedPals framework, an efficient smart card based implementation of SMC for any number of participating entities in such a model. Security modules can be trusted by other processes and can establish secure channels between each other. However, their availability is restricted by their host, that is, a corrupted party can stop the computation of its own security module as well as drop any message sent by or to its security module. We show that in this model SMC can be implemented by reducing it to a fault-tolerance problem at the level of security modules. Since the critical part of the computation can be executed locally on the smart card, we can compute any function securely with a protocol complexity which is polynomial only in the number of processes (that is, the complexity does not depend on the function which is computed), in contrast to previous approaches

Using Failure Detection and Consensus in the General Omission Failure Model to Solve Security Problems

It has recently been shown that fair exchange, a security problem in distributed systems, can be reduced to a fault tolerance problem, namely a special form of distributed consensus. The reduction uses the concept of security modules which reduce the type and nature of adversarial behavior to two standard fault-assumptions: message omission and process crash. In this paper, we investigate the feasibility of solving consensus in asynchronous systems in which crash and message omission faults may occur. Due to the impossibility result of consensus in such systems, following the lines of unreliable failure detectors of Chandra and Toueg, we add to the system a distributed device that gives information about the failure of other processes. Then we give an algorithm using this device to solve the consensus problem. Finally, we show how to implement such a device in a asynchronous untrusted environment using security modules and some weak timing assumptions

Transforming Asynchronous Systems with Crash-Stop Failures and Failure Detectors to the General Omission Model

This paper studies the impact of omission failures on asynchronous distributed s ystems with crash-stop failures. For the large group of problem specifications that are restricted to correct processes, we show how to transform a crash-stop related problem specification into an equivalent omission one. For that, we provide transformations for algorithms and failure detectors, such that if and only if an algorithm using a failure detector satisfies a problem specification, then the transformed algorithm using the transformed failure detector satisfies the transformed problem specification. Our transformed problem specification is ensured to be non-trivial, and moreover, the transformation reveals itself to be in a reasonable sense weakest failure detector preserving. Our results help to use the power of the well-understood crash-stop model to aut omatically derive solutions for the general omission model, which has recently raised interest for being noticeably applicable for security problems in distributed environments equipped with security modules such as smartcards

06371 Abstracts Collection -- From Security to Dependability

From 10.09.06 to 15.09.06, the Dagstuhl Seminar 06371 ``From Security to Dependability\u27\u27 was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

End-user traffic policing for QoS assurance in polyservice RINA networks

Looking at the ever-increasing amount of heterogeneous distributed applications supported on current data transport networks, it seems evident that best-effort packet delivery falls short to supply their actual needs. Multiple approaches to Quality of Service (QoS) differentiation have been proposed over the years, but their usage has always been hindered by the rigidness of the TCP/IP-based Internet model, which does not even allow for applications to express their QoS needs to the underlying network. In this context, the Recursive InterNetwork Architecture (RINA) has appeared as a clean-slate network architecture aiming to replace the current Internet based on TCP/IP. RINA provides a well-defined QoS support across layers, with standard means for layers to inform of the different QoS guarantees that they can support. Besides, applications and other processes can express their flow requirements, including different QoS-related measures, like delay and jitter, drop probability or average traffic usage. Greedy end-users, however, tend to request the highest quality for their flows, forcing providers to apply intelligent data rate limitation procedures at the edge of their networks. In this work, we propose a new rate limiting policy that, instead of enforcing limits on a per QoS class basis, imposes limits on several independent QoS dimensions. This offers a flexible traffic control to RINA network providers, while enabling end-users freely managing their leased resources. The performance of the proposed policy is assessed in an experimental RINA network test-bed and its performance compared against other policies, either RINA-specific or adopted from TCP/IP. Results show that the proposed policy achieves an effective traffic control for high QoS traffic classes, while also letting lower QoS classes to take profit of the capacity initially reserved for the former ones when available.Peer ReviewedPostprint (author's final draft

Access Control in Wireless Sensor Networks

Wireless sensor networks consist of a large amount of sensor nodes, small low-cost wireless computing devices equipped with different sensors. Sensor networks collect and process environmental data and can be used for habitat monitoring, precision agriculture, wildfire detection, structural health monitoring and many other applications. Securing sensor networks calls for novel solutions, especially because of their unattended deployment and strong resource limitations. Moreover, developing security solutions without knowing precisely against what threats the system should be protected is impossible. Thus, the first task in securing sensor networks is to define a realistic adversary model. We systematically investigate vulnerabilities in sensor networks, specifically focusing on physical attacks on sensor node hardware. These are all attacks that require direct physical access to the sensor nodes. Most severe attacks of this kind are also known as node capture, or node compromise. Based on the vulnerability analysis, we present a novel general adversary model for sensor networks. If the data collected within a sensor network is valuable or should be kept confidential then the data should be protected from unauthorized access. We determine security issues in the context of access control in sensor networks in presence of node capture attacks and develop protocols for broadcast authentication that constitute the core of our solutions for access control. We develop broadcast authentication protocols for the case where the adversary can capture up to some threshold t sensor nodes. The developed protocols offer absolute protection while not more than t nodes are captured, but their security breaks completely otherwise. Moreover, security in this case comes at a high cost, as the resource requirements for the protocols grow rapidly with t. One of the most popular ways to overcome impossibility or inefficiency of solutions in distributed systems is to make the protocol goals probabilistic. We therefore develop efficient probabilistic protocols for broadcast authentication. Security of these protocols degrades gracefully with the increasing number of captured nodes. We conclude that the perfect threshold security is less appropriate for sensor networks than the probabilistic approach. Gracefully degrading security offers better scalability and saves resources, and should be considered as a promising security paradigm for sensor networks

Security of Smartphones at the Dawn of their Ubiquitousness

The importance of researching in the field of smartphone security is substantiated in the increasing number of smartphones, which are expected to outnumber common computers in the future. Despite their increasing importance, it is unclear today if mobile malware will play the same role for mobile devices as for common computers today. Therefore, this thesis contributes to defining and structuring the field mobile device security with special concern on smartphones and on the operational side of security, i.e., with mobile malware as the main attacker model. Additionally, it wants to give an understanding of the shifting boundaries of the attack surface in this emerging research field. The first three chapters introduce and structure the research field with the main goal of showing what has to be defended against today. Besides introducing related work they structure mobile device attack vectors with regard to mobile malicious software and they structure the topic of mobile malicious software itself with regard to its portability. The technical contributions of this thesis are in Chapters 5 to 8, classified according to the location of the investigation (on the device, in the network, distributed in device and network). Located in the device is MobileSandbox, a software for dynamic malware analysis. As another device-centric contribution we investigate on the efforts that have to be taken to develop an autonomously spreading smartphone worm. The results of these investigations are used to show that device-centric parts are necessary for smartphone security. Additionally, we propose a novel device-centric security mechanism that aims at reducing the attack surface of mobile devices to mobile malware. The network-centric investigations show the possibilities that a mobile network operator can use in its own mobile network for protecting the mobile devices of its clients. We simulate the effectiveness of different security mechanisms. Finally, the distributed investigations show the feasibility of distributed computation algorithms with security modules. We give prototypic implementations of protocols for secure multiparty computation as a modularized version with failure detector and consensus algorithms, and for fair exchange with guardian angels

System Abstractions for Scalable Application Development at the Edge

Recent years have witnessed an explosive growth of Internet of Things (IoT) devices, which collect or generate huge amounts of data. Given diverse device capabilities and application requirements, data processing takes place across a range of settings, from on-device to a nearby edge server/cloud and remote cloud. Consequently, edge-cloud coordination has been studied extensively from the perspectives of job placement, scheduling and joint optimization. Typical approaches focus on performance optimization for individual applications. This often requires domain knowledge of the applications, but also leads to application-specific solutions. Application development and deployment over diverse scenarios thus incur repetitive manual efforts. There are two overarching challenges to provide system-level support for application development at the edge. First, there is inherent heterogeneity at the device hardware level. The execution settings may range from a small cluster as an edge cloud to on-device inference on embedded devices, differing in hardware capability and programming environments. Further, application performance requirements vary significantly, making it even more difficult to map different applications to already heterogeneous hardware. Second, there are trends towards incorporating edge and cloud and multi-modal data. Together, these add further dimensions to the design space and increase the complexity significantly. In this thesis, we propose a novel framework to simplify application development and deployment over a continuum of edge to cloud. Our framework provides key connections between different dimensions of design considerations, corresponding to the application abstraction, data abstraction and resource management abstraction respectively. First, our framework masks hardware heterogeneity with abstract resource types through containerization, and abstracts away the application processing pipelines into generic flow graphs. Further, our framework further supports a notion of degradable computing for application scenarios at the edge that are driven by multimodal sensory input. Next, as video analytics is the killer app of edge computing, we include a generic data management service between video query systems and a video store to organize video data at the edge. We propose a video data unit abstraction based on a notion of distance between objects in the video, quantifying the semantic similarity among video data. Last, considering concurrent application execution, our framework supports multi-application offloading with device-centric control, with a userspace scheduler service that wraps over the operating system scheduler

FairDrop: a Confidential Fair Exchange Protocol for Media Workers

In recent years, the asymmetry between open societies and regimes that control their media has increased, leading to the number of murdered journalists more than doubling worldwide. Even in countries in which freedom of the press is publicly recognized, the number of journalists jailed, assaulted, or criminally charged is relevant and growing. These attacks on media workers usually want to limit or control information regarding critical topics. In this context, the necessity of a system that allows reporters to publish their works without risking their own life is evident. Some systems to share information with newspapers while keeping the source anonymous exist. An example is SecureDrop, developed and maintained by the Freedom of the Press Foundation, and widely adopted by all major international newspapers. What limits them from extensively using this type of system is the lack of credibility in the information exchanged, which represents the main problem for the publisher's reputation. In this thesis, we present FairDrop, a system that allows the exchange of information between two untrusted parties and proposes a tradeoff between the anonymity of the source and the credibility of the information exchanged. We present a fair exchange protocol based on blockchain that allows sharing of a digital good fairly and confidentially. We also define the guidelines for a system based on ring signatures to measure the credibility of the exchanged information. All our design decisions are made taking into account the requirements of a journalist-newspaper communication, and the guidelines for anonymous sources applied by major newspapers around the world. We test the system in a real-world blockchain testnet, considering multi-seller and buyer situations, and introducing economic incentives for sources to use the system.In recent years, the asymmetry between open societies and regimes that control their media has increased, leading to the number of murdered journalists more than doubling worldwide. Even in countries in which freedom of the press is publicly recognized, the number of journalists jailed, assaulted, or criminally charged is relevant and growing. These attacks on media workers usually want to limit or control information regarding critical topics. In this context, the necessity of a system that allows reporters to publish their works without risking their own life is evident. Some systems to share information with newspapers while keeping the source anonymous exist. An example is SecureDrop, developed and maintained by the Freedom of the Press Foundation, and widely adopted by all major international newspapers. What limits them from extensively using this type of system is the lack of credibility in the information exchanged, which represents the main problem for the publisher's reputation. In this thesis, we present FairDrop, a system that allows the exchange of information between two untrusted parties and proposes a tradeoff between the anonymity of the source and the credibility of the information exchanged. We present a fair exchange protocol based on blockchain that allows sharing of a digital good fairly and confidentially. We also define the guidelines for a system based on ring signatures to measure the credibility of the exchanged information. All our design decisions are made taking into account the requirements of a journalist-newspaper communication, and the guidelines for anonymous sources applied by major newspapers around the world. We test the system in a real-world blockchain testnet, considering multi-seller and buyer situations, and introducing economic incentives for sources to use the system