30 research outputs found
Design and Validation of a Secured Tunnel in the Automatic Multicast Tunneling (AMT) Environment
IP multicasting is a communication mechanism in which data are communicated from a server to a set of clients who are interested in receiving those data. Any client can dynamically enter or leave the communication. The main problem of this system is that every client that is interested in receiving the multicast data has to be in a multicast enabled network. The Network Working Group at the Internet Engineering Task Force (IETF) has come up with a solution to this problem. They have developed a protocol named Automatic Multicast Tunneling (AMT). This protocol offers a mechanism to enable the unicast-only clients to join and receive multicast data from a multicast enabled region through an AMT tunnel, which is formed between the two intermediate participants named Gateway and Relay. However, AMT does not provide any Participant Access Control (PAC).
Malla has designed an architecture for adding PAC at the receiver’s end in the AMT environment. His work is based on the assumption that the AMT tunnel is secure and the tunnel can recognize and pass the additional message types that his design requires. We have designed the solution to secure the AMT tunnel. We also defined the additional message types. Lastly, we validated our work using the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool to ensure that our design is secure
Security Analysis of the Consumer Remote SIM Provisioning Protocol
Remote SIM provisioning (RSP) for consumer devices is the protocol specified
by the GSM Association for downloading SIM profiles into a secure element in a
mobile device. The process is commonly known as eSIM, and it is expected to
replace removable SIM cards. The security of the protocol is critical because
the profile includes the credentials with which the mobile device will
authenticate to the mobile network. In this paper, we present a formal security
analysis of the consumer RSP protocol. We model the multi-party protocol in
applied pi calculus, define formal security goals, and verify them in ProVerif.
The analysis shows that the consumer RSP protocol protects against a network
adversary when all the intended participants are honest. However, we also model
the protocol in realistic partial compromise scenarios where the adversary
controls a legitimate participant or communication channel. The security
failures in the partial compromise scenarios reveal weaknesses in the protocol
design. The most important observation is that the security of RSP depends
unnecessarily on it being encapsulated in a TLS tunnel. Also, the lack of
pre-established identifiers means that a compromised download server anywhere
in the world or a compromised secure element can be used for attacks against
RSP between honest participants. Additionally, the lack of reliable methods for
verifying user intent can lead to serious security failures. Based on the
findings, we recommend practical improvements to RSP implementations, to future
versions of the specification, and to mobile operator processes to increase the
robustness of eSIM security.Comment: 33 pages, 8 figures, Associated ProVerif model files located at
https://github.com/peltona/rsp_mode
Eighth Workshop and Tutorial on Practical Use of Coloured Petri Nets and the CPN Tools, Aarhus, Denmark, October 22-24, 2007
This booklet contains the proceedings of the Eighth Workshop on Practical Use of Coloured Petri Nets and the CPN Tools, October 22-24, 2007. The workshop is organised by the CPN group at the Department of Computer Science, University of Aarhus, Denmark. The papers are also available in electronic form via the web pages: http://www.daimi.au.dk/CPnets/workshop0
Toward Open and Programmable Wireless Network Edge
Increasingly, the last hop connecting users to their enterprise and home networks is wireless. Wireless is becoming ubiquitous not only in homes and enterprises but in public venues such as coffee shops, hospitals, and airports. However, most of the publicly and privately available wireless networks are proprietary and closed in operation. Also, there is little effort from industries to move forward on a path to greater openness for the requirement of innovation. Therefore, we believe it is the domain of university researchers to enable innovation through openness. In this thesis work, we introduce and defines the importance of open framework in addressing the complexity of the wireless network. The Software Defined Network (SDN) framework has emerged as a popular solution for the data center network. However, the promise of the SDN framework is to make the network open, flexible and programmable. In order to deliver on the promise, SDN must work for all users and across all networks, both wired and wireless. Therefore, we proposed to create new modules and APIs to extend the standard SDN framework all the way to the end-devices (i.e., mobile devices, APs). Thus, we want to provide an extensible and programmable abstraction of the wireless network as part of the current SDN-based solution. In this thesis work, we design and develop a framework, weSDN (wireless extension of SDN), that extends the SDN control capability all the way to the end devices to support client-network interaction capabilities and new services. weSDN enables the control-plane of wireless networks to be extended to mobile devices and allows for top-level decisions to be made from an SDN controller with knowledge of the network as a whole, rather than device centric configurations. In addition, weSDN easily obtains user application information, as well as the ability to monitor and control application flows dynamically. Based on the weSDN framework, we demonstrate new services such as application-aware traffic management, WLAN virtualization, and security management
Measuring And Securing Cryptographic Deployments
This dissertation examines security vulnerabilities that arise due to communication failures and incentive mismatches along the path from cryptographic algorithm design to eventual deployment. I present six case studies demonstrating vulnerabilities in real-world cryptographic deployments. I also provide a framework with which to analyze the root cause of cryptographic vulnerabilities by characterizing them as failures in four key stages of the deployment process: algorithm design and cryptanalysis, standardization, implementation, and endpoint deployment. Each stage of this process is error-prone and influenced by various external factors, the incentives of which are not always aligned with security. I validate the framework by applying it to the six presented case studies, tracing each vulnerability back to communication failures or incentive mismatches in the deployment process.
To curate these case studies, I develop novel techniques to measure both existing and new cryptographic attacks, and demonstrate the widespread impact of these attacks on real-world systems through measurement and cryptanalysis. While I do not claim that all cryptographic vulnerabilities can be described with this framework, I present a non-trivial (in fact substantial) number of case studies demonstrating that this framework characterizes the root cause of failures in a diverse set of cryptographic deployments
Using Large-Scale Empirical Methods to Understand Fragile Cryptographic Ecosystems
Cryptography is a key component of the security of the Internet.
Unfortunately, the process of using cryptography to secure the Internet is
fraught with failure. Cryptography is often fragile, as a single mistake can
have devastating consequences on security, and this fragility is further
complicated by the diverse and distributed nature of the Internet. This
dissertation shows how to use empirical methods in the form of Internet-wide
scanning to study how cryptography is deployed on the Internet, and shows
this methodology can discover vulnerabilities and gain insights into fragile
cryptographic ecosystems that are not possible without an empirical approach.
I introduce improvements to ZMap, the fast Internet-wide scanner, that allow
it to fully utilize a 10 GigE connection, and then use Internet-wide
scanning to measure cryptography on the Internet.
First, I study how Diffie-Hellman is deployed, and show that implementations
are fragile and not resilient to small subgroup attacks. Next, I measure the
prevalence of ``export-grade'' cryptography. Although regulations limiting
the strength of cryptography that could be exported from the United States
were lifted in 1999, Internet-wide scanning shows that support for various
forms of export cryptography remains widespread. I show how purposefully
weakening TLS to comply with these export regulations led to the FREAK,
Logjam, and DROWN vulnerabilities, each of which exploits obsolete
export-grade cryptography to attack modern clients. I conclude by discussing
how empirical cryptography improved protocol design, and I present further
opportunities for empirical research in cryptography.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/149809/1/davadria_1.pd
Nation-State Attackers and their Effects on Computer Security
Nation-state intelligence agencies have long attempted to operate in secret, but recent revelations have drawn the attention of security researchers as well as the general public to their operations. The scale, aggressiveness, and untargeted nature of many of these now public operations were not only alarming, but also baffling as many were thought impossible or at best infeasible at scale. The security community has since made many efforts to protect end-users by identifying, analyzing, and mitigating these now known operations.
While much-needed, the security community's response has largely been reactionary to the oracled existence of vulnerabilities and the disclosure of specific operations. Nation-State Attackers, however, are dynamic, forward-thinking, and surprisingly agile adversaries who do not rest on their laurels and are continually advancing their efforts to obtain information. Without the ability to conceptualize their actions, understand their perspective, or account for their presence, the security community's advances will become antiquated and unable to defend against the progress of Nation-State Attackers.
In this work, we present and discuss a model of Nation-State Attackers that can be used to represent their attributes, behavior patterns, and world view. We use this representation of Nation-State Attackers to show that real-world threat models do not account for such highly privileged attackers, to identify and support technical explanations of known but ambiguous operations, and to identify and analyze vulnerabilities in current systems that are favorable to Nation-State Attackers.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/143907/1/aaspring_1.pd