Copyright Notice

Using SHA2 Algorithms with Cryptographic Message Syntax This document describes the conventions for using the Secure Hash Algorithm (SHA) message digest algorithms (SHA-224, SHA-256, SHA-384, SHA-512) with the Cryptographic Message Syntax (CMS). It also describes the conventions for using these algorithms with the CMS an

VISUAL MODELING AND SIMULATION OF CRYPTOGRAPHIC PROTOCOLS UNDER CONTESTED ENVIRONMENTS

With an ever-evolving battlefield in cyberspace, it is essential to stay abreast of current and developing security protocols that will maintain a state of authenticity, confidentiality, and integrity between communicating entities in information-contested environments. The Department of Defense is interested in transitioning its mission objective goals to establishing and maintaining a reliable security posture between communicating command-and-control platforms. However, the current security protocol visualizations need to cater more to military users and decision-makers to help decide which security protocols would best accommodate various operational environments. This research designed and developed a two-dimensional protocol visualization tool (ProVis) that simulates various security protocol interactions in non-contested and contested operational study environments that assist with understanding how security protocols work in the context of military-related usage. A user study was conducted to examine users’ understanding, accuracy, and overall benefit of ProVis concerning the visualization of the Transport Layer Security, Message Layer Security, and Pre-Shared Key protocols. The findings are highly satisfactory: the user subjects were able to easily interface with ProVis and complete the tasks given. The user subjects found ProVis to be a helpful tool in understanding security protocols quickly. This research provides an alternative to current visualization tools.NPS Naval Research ProgramThis project was funded in part by the NPS Naval Research Program.Outstanding ThesisLieutenant Commander, United States NavyApproved for public release. Distribution is unlimited

Network Access Control: Disruptive Technology?

Network Access Control (NAC) implements policy-based access control to the trusted network. It regulates entry to the network by the use of health verifiers and policy control points to mitigate the introduction of malicious software. However the current versions of NAC may not be the universal remedy to endpoint security that many vendors tout. Many organizations that are evaluating the technology, but that have not yet deployed a solution, believe that NAC presents an opportunity for severe disruption of their networks. A cursory examination of the technologies used and how they are deployed in the network appears to support this argument. The addition of NAC components can make the network architecture even more complex and subject to failure. However, one recent survey of organizations that have deployed a NAC solution indicates that the \u27common wisdom\u27 about NAC may not be correct

ProtoMon: Embedded Monitors for Cryptographic Protocol Intrusion Detection and Prevention

Intrusion Detection Systems (IDS) are responsible for monitoring and analyzing host or network activity to detect intrusions in order to protect information from unauthorized access or manipulation. There are two main approaches for intrusion detection: signature-based and anomaly-based. Signature-based detection employs pattern matching to match attack signatures with observed data making it ideal for detecting known attacks. However, it cannot detect unknown attacks for which there is no signature available. Anomaly-based detection uses machine-learning techniques to create a profile of normal system behavior and uses this profile to detect deviations from the normal behavior. Although this technique is effective in detecting unknown attacks, it has a drawback of a high false alarm rate. In this paper, we describe our anomaly-based IDS designed for detecting malicious use of cryptographic and application-level protocols. Our system has several unique characteristics and benefits, such as the ability to monitor cryptographic protocols and application-level protocols embedded in encrypted sessions, a very lightweight monitoring process, and the ability to react to protocol misuse by modifying protocol response directly

Security Hazards when Law is Code.

As software continues to eat the world, there is an increasing pressure to automate every aspect of society, from self-driving cars, to algorithmic trading on the stock market. As this pressure manifests into software implementations of everything, there are security concerns to be addressed across many areas. But are there some domains and fields that are distinctly susceptible to attacks, making them difficult to secure? My dissertation argues that one domain in particular—public policy and law— is inherently difficult to automate securely using computers. This is in large part because law and policy are written in a manner that expects them to be flexibly interpreted to be fair or just. Traditionally, this interpreting is done by judges and regulators who are capable of understanding the intent of the laws they are enforcing. However, when these laws are instead written in code, and interpreted by a machine, this capability to understand goes away. Because they blindly fol- low written rules, computers can be tricked to perform actions counter to their intended behavior. This dissertation covers three case studies of law and policy being implemented in code and security vulnerabilities that they introduce in practice. The first study analyzes the security of a previously deployed Internet voting system, showing how attackers could change the outcome of elections carried out online. The second study looks at airport security, investigating how full-body scanners can be defeated in practice, allowing attackers to conceal contraband such as weapons or high explosives past airport checkpoints. Finally, this dissertation also studies how an Internet censorship system such as China’s Great Firewall can be circumvented by techniques that exploit the methods employed by the censors themselves. To address these concerns of securing software implementations of law, a hybrid human-computer approach can be used. In addition, systems should be designed to allow for attacks or mistakes to be retroactively undone or inspected by human auditors. By combining the strengths of computers (speed and cost) and humans (ability to interpret and understand), systems can be made more secure and more efficient than a method employing either alone.PhDComputer Science and EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/120795/1/ewust_1.pd

Software support of teaching of cryptography protocols

Dokument obsahuje informace o autentizaci, šifrování, integritě dat, autentičnosti dat. Dále je zde popis známých kryptografických protokolů a jejich funkce, popřípadě jejich slabiny. Všechny tyto informace vedly k návrhu a realizaci softwaru pro podporu výuky kryptografických protokolů spustitelného na běžném webovém prohlížeči. Proto byla aplikace navržena jako webové stránky v PHP za využití i JavaSriptu a AJAXu. Tím je zajištěna i multiplatformnost a nezávislost na architektuře OS. Krom popisné a ilustrativní části aplikace obsahuje i interaktivní části a animace. V závěru textové části se nachází popis obsahu a funkcí výukového softwaru. Zdrojové kódy je možné nalézt na přiloženém CD.Document contains informations about authentication, encryption, data integrity and data authenticity. Next part includes description of well know cryptography protocols, their functions and also their weaknesses. All of these acquired informations were used in concept and final software support for teaching of cryptography protocols, which is able to run on clasic web-browser. Thats why the application was designed as web PHP pages using JavaScript and AJAX, which ensures plaform and OS architecture independency. Besides the descripted and ilustrated part of application there are also interactive parts and animations. The last period contains description of education software and its functions. Source code can be found on the appended CD.