More security or less insecurity

We depart from the conventional quest for ‘Completely Secure Systems’ and ask ‘How can we be more Secure’. We draw heavily from the evolution of the Theory of Justice and the arguments against the institutional approach to Justice. Central to our argument is the identification of redressable insecurity, or weak links. Our contention is that secure systems engineering is not really about building perfectly secure systems but about redressing manifest insecurities.Final Accepted Versio

More security or less insecurity (transcript of discussion)

The purpose of this talk is to explore the possibility of an exploitable analogy between approaches to secure system design and theories of jurisprudence. The prevailing theory of jurisprudence in the West at the moment goes back to Hobbes. It was developed by Immanuel Kant and later by Rousseau, and is sometimes called the contractarian model after Rousseau’s idea of the social contract. It’s not the sort of contract that you look at and think, oh gosh, that might be nice, I might think about opting in to that, it’s more like a pop up licence agreement that says, do you want to comply with this contract, or would you rather be an outlaw. So you don’t get a lot of choice about it. Sometimes the same theory, flying the flag of Immanuel Kant, is called transcendental institutionalism, because the basic approach says, you identify the legal institutions that in a perfect world would govern society, and then you look at the processes and procedures, the protocols that everyone should follow in order to enable those institutions to work, and then you say, right, that can’t be transcended, so therefore there’s a moral imperative for everyone to do it. So this model doesn’t pay any attention to the actual society that emerges, or to the incentives that these processes actually place on various people to act in a particular way. It doesn’t look at any interaction effects, it simply says, well you have to behave in this particular way because that’s what the law says you have to do, and the law is the law, and anybody who doesn’t behave in that way is a criminal, or (in our terms) is an attackerFinal Accepted Versio

Maintaining consumer confidence in electronic payment mechanisms

Credit card fraud is already a significant factor inhibiting consumer confidence in e-commerce. As more advanced payment systems become common, what legal and technological mechanisms are required to ensure that fraud does not do long-term damage to consumers' willingness to use electronic payment mechanisms

The Pesto project. Goals and motivation

Pesto is a storage system geared towards a computing model where private machines play a pivotal role. Sharing of data is crucial, both between partners, and between the many devices owned by individual users. Replication is the only sensible means to provide ubiquitous access to private data. However, without provisions, replication endangers privacy by enlarging the Trusted Computing Base. The Pesto project aims at investigating security and safety issues in concert, such that security and safety measures and mechanisms can be identified that strengthen each other and, when that is not possible, to identify tradeoffs between safety and security of data in distributed systems. This report introduces the Pesto project and system; the motivation behind it and its design goals

Authenticating Secure Tokens Using Slow Memory Access

We present an authentication protocol that allows a token, such as a smart card, to authenticate itself to a back-end trusted computer system through an untrusted reader. This protocol relies on the fact that the token will only respond to queries slowly, and that the token owner will not sit patiently while the reader seems not to be working. This protocol can be used alone, with "dumb" memory tokens or with processor-based tokens

High-level Cryptographic Abstractions

The interfaces exposed by commonly used cryptographic libraries are clumsy, complicated, and assume an understanding of cryptographic algorithms. The challenge is to design high-level abstractions that require minimum knowledge and effort to use while also allowing maximum control when needed. This paper proposes such high-level abstractions consisting of simple cryptographic primitives and full declarative configuration. These abstractions can be implemented on top of any cryptographic library in any language. We have implemented these abstractions in Python, and used them to write a wide variety of well-known security protocols, including Signal, Kerberos, and TLS. We show that programs using our abstractions are much smaller and easier to write than using low-level libraries, where size of security protocols implemented is reduced by about a third on average. We show our implementation incurs a small overhead, less than 5 microseconds for shared key operations and less than 341 microseconds (< 1%) for public key operations. We also show our abstractions are safe against main types of cryptographic misuse reported in the literature

Soft Constraint Programming to Analysing Security Protocols

Security protocols stipulate how the remote principals of a computer network should interact in order to obtain specific security goals. The crucial goals of confidentiality and authentication may be achieved in various forms, each of different strength. Using soft (rather than crisp) constraints, we develop a uniform formal notion for the two goals. They are no longer formalised as mere yes/no properties as in the existing literature, but gain an extra parameter, the security level. For example, different messages can enjoy different levels of confidentiality, or a principal can achieve different levels of authentication with different principals. The goals are formalised within a general framework for protocol analysis that is amenable to mechanisation by model checking. Following the application of the framework to analysing the asymmetric Needham-Schroeder protocol, we have recently discovered a new attack on that protocol as a form of retaliation by principals who have been attacked previously. Having commented on that attack, we then demonstrate the framework on a bigger, largely deployed protocol consisting of three phases, Kerberos.Comment: 29 pages, To appear in Theory and Practice of Logic Programming (TPLP) Paper for Special Issue (Verification and Computational Logic