61,926 research outputs found
Crypto-test-lab for security validation of ECC co-processor test infrastructure
© 20xx IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting /republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other worksElliptic Curve Cryptography (ECC) is a technology for public-key cryptography that is becoming increasingly popular because it provides greater speed and implementation compactness than other public-key technologies. Calculations, however, may not be executed by software, since it would be so time consuming, thus an ECC co-processor is commonly included to accelerate the speed. Test infrastructure in crypto co-processors is often avoided because it poses serious security holes against adversaries. However, ECC co-processors include complex modules for which only functional test methodologies are unsuitable, because they would take an unacceptably long time during the production test. Therefore, some internal test infrastructure is always included to permit the application of structural test techniques. Designing a secure test infrastructure is quite a complex task that relies on the designer's experience and on trial & error iterations over a series of different types of attacks. Most of the severe attacks cannot be simulated because of the demanding computational effort and the lack of proper attack models. Therefore, prototypes are prepared using FPGAs. In this paper, a Crypto-Test-Lab is presented that includes an ECC co-processor with flexible test infrastructure. Its purpose is to facilitate the design and validation of secure strategies for testing in this type of co-processor.Postprint (author's final draft
DSTC: DNS-based Strict TLS Configurations
Most TLS clients such as modern web browsers enforce coarse-grained TLS
security configurations. They support legacy versions of the protocol that have
known design weaknesses, and weak ciphersuites that provide fewer security
guarantees (e.g. non Forward-Secrecy), mainly to provide backward
compatibility. This opens doors to downgrade attacks, as is the case of the
POODLE attack [18], which exploits the client's silent fallback to downgrade
the protocol version to exploit the legacy version's flaws. To achieve a better
balance between security and backward compatibility, we propose a DNS-based
mechanism that enables TLS servers to advertise their support for the latest
version of the protocol and strong ciphersuites (that provide Forward-Secrecy
and Authenticated-Encryption simultaneously). This enables clients to consider
prior knowledge about the servers' TLS configurations to enforce a fine-grained
TLS configurations policy. That is, the client enforces strict TLS
configurations for connections going to the advertising servers, while
enforcing default configurations for the rest of the connections. We implement
and evaluate the proposed mechanism and show that it is feasible, and incurs
minimal overhead. Furthermore, we conduct a TLS scan for the top 10,000 most
visited websites globally, and show that most of the websites can benefit from
our mechanism
Recommended from our members
Can Emergency Physicians Perform Carotid Artery Point-of-Care Ultrasound to Detect Stenosis in Patients with TIA and Stroke? A Pilot Study
Introduction: Patients with severe, symptomatic carotid stenosis can have their subsequent stroke risk reduced by surgical intervention if performed soon after a transient ischemic attack (TIA) or stroke. Patients presenting to an emergency department (ED) without computed tomography angiography (CTA) with TIA/stroke, may require transfer to another hospital for imaging to rule out carotid artery stenosis. The objective of this study was to determine the test characteristics of carotid artery point-of-care ultrasound (POCUS) in detecting greater than 50% stenosis in patients presenting with TIA/stroke.Methods: We conducted a prospective cohort study on a convenience sample of adult patients presenting to a comprehensive stroke centre with TIA or stroke between June–October 2017. Carotid POCUS was performed. Primary outcome measure, stenosis ≥ 50%, was determined by the final radiology report of CTA. A blinded POCUS expert separately reviewed the archived carotid POCUS scans. We calculated sensitivity and specificity for stenosis ≥ 50%.Results: We conducted POCUS on 75 patients, of which 70 were included in our analyses. Of those 70, 14.3% were diagnosed with greater than 50% stenosis. Carotid POCUS performed as follows: sensitivity 70.0% (95% confidence interval [CI], 34.8%-93.3%); specificity 86.7% (95% CI, 75.4%-94.1%); positive likelihood ratio (LR +) 5.3 (95% CI, 1.2-9.3); negative likelihood ratio (LR -) 0.4 (95% CI, 0.0-0.7). The inter-rater reliability between POCUS performer interpretation and expert interpretation had moderate agreement (k = 0.68). Scans took a mean 6.2 ± 2.2 minutes to complete.Conclusion: Carotid POCUS has low to moderate association with CTA for detection of carotid artery stenosis ≥ 50%. Further research and investigation is needed prior to widespread use of carotid POCUS in patients with acute cerebral ischemia. Additionally, external validity is likely affected by availability of training, maintenance of competency, and experience in more rural centres
InternalBlue - Bluetooth Binary Patching and Experimentation Framework
Bluetooth is one of the most established technologies for short range digital
wireless data transmission. With the advent of wearables and the Internet of
Things (IoT), Bluetooth has again gained importance, which makes security
research and protocol optimizations imperative. Surprisingly, there is a lack
of openly available tools and experimental platforms to scrutinize Bluetooth.
In particular, system aspects and close to hardware protocol layers are mostly
uncovered.
We reverse engineer multiple Broadcom Bluetooth chipsets that are widespread
in off-the-shelf devices. Thus, we offer deep insights into the internal
architecture of a popular commercial family of Bluetooth controllers used in
smartphones, wearables, and IoT platforms. Reverse engineered functions can
then be altered with our InternalBlue Python framework---outperforming
evaluation kits, which are limited to documented and vendor-defined functions.
The modified Bluetooth stack remains fully functional and high-performance.
Hence, it provides a portable low-cost research platform.
InternalBlue is a versatile framework and we demonstrate its abilities by
implementing tests and demos for known Bluetooth vulnerabilities. Moreover, we
discover a novel critical security issue affecting a large selection of
Broadcom chipsets that allows executing code within the attacked Bluetooth
firmware. We further show how to use our framework to fix bugs in chipsets out
of vendor support and how to add new security features to Bluetooth firmware
SCADA System Testbed for Cybersecurity Research Using Machine Learning Approach
This paper presents the development of a Supervisory Control and Data
Acquisition (SCADA) system testbed used for cybersecurity research. The testbed
consists of a water storage tank's control system, which is a stage in the
process of water treatment and distribution. Sophisticated cyber-attacks were
conducted against the testbed. During the attacks, the network traffic was
captured, and features were extracted from the traffic to build a dataset for
training and testing different machine learning algorithms. Five traditional
machine learning algorithms were trained to detect the attacks: Random Forest,
Decision Tree, Logistic Regression, Naive Bayes and KNN. Then, the trained
machine learning models were built and deployed in the network, where new tests
were made using online network traffic. The performance obtained during the
training and testing of the machine learning models was compared to the
performance obtained during the online deployment of these models in the
network. The results show the efficiency of the machine learning models in
detecting the attacks in real time. The testbed provides a good understanding
of the effects and consequences of attacks on real SCADA environmentsComment: E-Preprin
- …