SSH Key Management Challenges and Requirements

Invited paperSSH (Secure Shell) uses public keys for authenticating servers and users. This paper summarizes progress in SSH key management so far, highlights outstanding problems, and presents requirements for a long-term solution. Proposals are solicited from the research community to address the issue. The problem is of high practical importance, as most of our critical Internet infrastructure, cloud services, and open source software development is protected using these keys.Non peer reviewe

The GRB Library: Grid Computing with Globus in C

none5In this paper we describe a library layered on top of basic Globus services. The library provides high level services, can be used to develop both web-based and desktop grid applications, it is relatively small and very easy to use. We show its usefulness in the context of a web-based Grid Resource Broker developed using the library as a building block, and in the context of a metacomputing experiment demonstrated at the SuperComputing 2000 conference.Aloisio G.; Cafaro M.; Blasi E.; De Paolis L.; Epicoco I.Aloisio, Giovanni; Cafaro, Massimo; Blasi, E.; DE PAOLIS, Lucio Tommaso; Epicoco, Ital

Digital certificates and threshold cryptography

This dissertation discusses the use of secret sharing cryptographic protocols for distributing and sharing of secret documents, in our case PDF documents. We discuss the advantages and uses of such a system in the context of collaborative environments. Description of the cryptographic protocol involved and the necessary Public Key Infrastructure (PKI) shall be presented. We also provide an implementation of this framework as a “proof of concept” and fundament the use of a certificate extension as the basis for threshold cryptography. Details of the shared secret distribution protocol and shared secret recovery protocol shall be given as well as the associated technical implementation details. The actual secret sharing algorithm implemented at this stage is based on an existing well known secret sharing scheme that uses polynomial interpolation over a finite field. Finally we conclude with a practical assessment of our prototype

Intermediate Certificate Suppression in Post-Quantum TLS: An Approximate Membership Querying Approach

Quantum computing advances threaten the security of today\u27s public key infrastructure, and have led to the pending standardization of alternative, quantum-resistant key encapsulation and digital signature cryptography schemes. Unfortunately, authentication algorithms based on the new post-quantum (PQ) cryptography create significant performance bottlenecks for TLS due to larger certificate chains which introduce additional packets and round-trips. The TLS handshake slowdown will be unacceptable to many applications, and detrimental to the broader adoption of quantum safe cryptography standards. In this paper, we propose a novel framework for Intermediate Certificate Authority (ICA) certificate suppression in TLS that reduces the authentication message size and prevents excessive round-trip delays. Our approach utilizes an approximate membership query (AMQ) data structure (probabilistic filter) to advertise known ICA certs to remote TLS endpoints so that unnecessary ICA certificates are omitted from the TLS handshake exchange. We showcase the extend of the PQ authentication overhead challenge in TLS, and evaluate the feasibility of AMQ filters for ICA suppression in terms of space and computational overhead. Finally, we experimentally evaluate the potential gains form our approach and showcase a $70\%$ reduction in exchanged ICA cert data that translates to 15-50 MB of savings in PQ TLS and for certain Web-based application scenarios

Security and Trust in Safety Critical Infrastructures

Critical infrastructures such as road vehicles and railways are undergoing a major change, which increases the dependency of their operation and control on Information Technology (IT) and makes them more vulnerable to malicious intent. New complex communication infrastructures emerge using the increased connectivity of these safety-critical systems to enable efficient management of operational processes, service provisioning, and information exchange for various (third-party) actors. Railway Command and Control Systems (CCSs) turn with the introduction of digital interlocking into an “Internet of Railway Things”, where safety-critical railway signaling components are deployed on common-purpose platforms and connected via standard IP-based networks. Similarly, the mass adoption of Electric Vehicles (EVs) and the need to supply their batteries with energy for charging has given rise to a Vehicle-to-Grid (V2G) infrastructure, which connects vehicles to power grids and multiple service providers to coordinate charging and discharging processes and maintain grid stability under varying power demands. The Plug-and-Charge feature brought in by the V2G communication standard ISO 15118 allows an EV to access charging and value-added services, negotiate charging schedules, and support the grid as a distributed energy resource in a largely automated way, by leveraging identity credentials installed in the vehicle for authentication and payment. The fast deployment of this advanced functionality is driven by economical and political decisions including the EU Green Deal for climate neutrality. Due to the complex requirements and long standardization and development cycles, the standards and regulations, which play the key role in operating and protecting critical infrastructures, are under pressure to enable the timely and cost-effective adoption. In this thesis, we investigate security and safety of future V2G and railway command and control systems with respect to secure communication, platform assurance as well as safety and security co-engineering. One of the major goals in this context is the continuous collaboration and establishment of the proposed security solutions in upcoming domain-specific standards, thus ensuring their practical applicability and prompt implementation in real-world products. We first analyze the security of V2G communication protocols and requirements for secure service provisioning via charging connections. We propose a new Plug-and-Patch protocol that enables secure update of EVs as a value-added service integrated into the V2G charging loop. Since EVs can also participate in energy trading by storing and feeding previously stored energy to grid, home, or other vehicles, we then investigate fraud detection methods that can be employed to identify manipulations and misbehaving users. In order to provide a strong security foundation for V2G communications, we propose and analyze three security architectures employing a hardware trust anchor to enable trust establishment in V2G communications. We integrate these architectures into standard V2G protocols for load management, e-mobility services and value-added services in the V2G infrastructure, and evaluate the associated performance and security trade-offs. The final aspect of this work is safety and security co-engineering, i.e., integration of safety and security processes vital for the adequate protection of connected safety-critical systems. We consider two application scenarios, Electric Vehicle Charging System (EVCS) and Object Controller (OC) in railway CCS, and investigate how security methods like trusted computing can be applied to provide both required safety and security properties. In the case of EVCS, we bind the trust boundary for safety functionality (certified configuration) to the trust boundary in the security domain and design a new security architecture that enforces safety properties via security assertions. For the railway use case, we focus on ensuring non-interference (separation) between these two domains and develop a security architecture that allows secure co-existence of applications with different criticality on the same hardware platform. The proposed solutions have been presented to the committee ISO/TC 22/SC 31/JWG 1 that develops the ISO 15118 standard series and to the DKE working group “Informationssicherheit für Elektromobilität” responsible for the respective application guidelines. Our security extension has been integrated in the newest edition ISO 15118-20 released in April 2022. Several manufacturers have already started concept validation for their future products using our results. In this way, the presented analyses and techniques are fundamental contributions in improving the state of security for e-mobility and railway applications, and the overall resilience of safety-critical infrastructures to malicious attacks

A Blockchain-Based PKI Management Framework

Public-Key Infrastructure (PKI) is the cornerstone technology that facilitates secure information exchange over the Internet. However, PKI is exposed to risks due to potential failures of Certificate Authorities (CAs) that may be used to issue unauthorized certificates for end-users. Many recent breaches show that if a CA is compromised, the security of the corresponding end-users will be in risk. As an emerging solution, Blockchain technology potentially resolves the problems of traditional PKI systems - in particular, elimination of single point-of-failure and rapid reaction to CAs shortcomings. Blockchain has the ability to store and manage digital certificates within a public and immutable ledger, resulting in a fully traceable history log. In this paper we designed and developed a blockchain-based PKI management framework for issuing, validating and revoking X.509 certificates. Evaluation and experimental results confirm that the proposed framework provides more reliable and robust PKI systems with modest maintenance costs

A Security Model for Mobile Agents using X.509 Proxy Certificates

Mobile agent technology presents an attractive alternative to the client-server paradigm for several network and real-time applications. However, for most applications, the lack of a viable agent security model has limited the adoption of the agent paradigm. This thesis presents a security model for mobile agents based on a security infrastructure for Computational Grids, and specifically, on X.509 Proxy Certificates. Proxy Certificates serve as credentials for Grid applications, and their primary purpose is temporary delegation of authority. Exploiting the similarity between Grid applications and mobile agent applications, this thesis motivates the use of Proxy Certificates as credentials for mobile agents. A new extension for Proxy Certificates is proposed in order to make them suited to mobile agent applications, and mechanisms are presented for agent-to-host authentication, restriction of agent privileges, and secure delegation of authority during spawning of new agents. Finally, the implementation of the proposed security mechanisms as modules within a multi-lingual and modular agent infrastructure, the Distributed Agent Delivery System, is discussed

Synchronization and Backup of Data under Android OS

Tato práce zkoumá existující synchronizační aplikace a další nástroje vhodné pro tvorbu synchronizačního nástroje, z nichž následně vybírá vhodné metody pro tvorbu nového nástroje pro operační systém Android. Vytvořený nástroj je schopen synchronizovat uživatelské soubory v peer-to-peer sítích nad IPv4 i IPv6, přičemž spolupracuje s analogickými nástroji v operačních systémech Linux a Windows. Nástroj využívá sledování verzí založené na Gitu a zabezpečení komunikace pomocí TLS.This thesis analyzes existing synchronization tools and other tools suitable for creating a synchronization tool, which are then used to select appropriate methods for creating a new tool for the Android operating system. The newly created tool is able to synchronize user files across peer-to-peer networks over IPv4 and IPv6, while cooperating with analogical tools for the Linux and Windows operating systems. The tool uses Git-based version tracking and TLS communication security.