Malware-Resistant Protocols for Real-World Systems

Cryptographic protocols are widely used to protect real-world systems from attacks. Paying for goods in a shop, withdrawing money or browsing the Web; all these activities are backed by cryptographic protocols. However, in recent years a potent threat became apparent. Malware is increasingly used in attacks to bypass existing security mechanisms. Many cryptographic protocols that are used in real-world systems today have been found to be susceptible to malware attacks. One reason for this is that most of these protocols were designed with respect to the Dolev-Yao attack model that assumes an attacker to control the network between computer systems but not the systems themselves. Furthermore, most real-world protocols do not provide a formal proof of security and thus lack a precise definition of the security goals the designers tried to achieve. This work tackles the design of cryptographic protocols that are resilient to malware attacks, applicable to real-world systems, and provably secure. In this regard, we investigate three real-world use cases: electronic payment, web authentication, and data aggregation. We analyze the security of existing protocols and confirm results from prior work that most protocols are not resilient to malware. Furthermore, we provide guidelines for the design of malware-resistant protocols and propose such protocols. In addition, we formalize security notions for malware-resistance and use a formal proof of security to verify the security guarantees of our protocols. In this work we show that designing malware-resistant protocols for real-world systems is possible. We present a new security notion for electronic payment and web authentication, called one-out-of-two security, that does not require a single device to be trusted and ensures that a protocol stays secure as long as one of two devices is not compromised. Furthermore, we propose L-Pay, a cryptographic protocol for paying at the point of sale (POS) or withdrawing money at an automated teller machine (ATM) satisfying one-out-of-two security, FIDO2 With Two Displays (FIDO2D) a cryptographic protocol to secure transactions in the Web with one-out-of-two security and Secure Aggregation Grouped by Multiple Attributes (SAGMA), a cryptographic protocol for secure data aggregation in encrypted databases. In this work, we take important steps towards the use of malware-resistant protocols in real-world systems. Our guidelines and protocols can serve as templates to design new cryptographic protocols and improve security in further use cases

Improved Upper Limit on the Neutrino Mass from a Direct Kinematic Method by KATRIN.

We report on the neutrino mass measurement result from the first four-week science run of the Karlsruhe Tritium Neutrino experiment KATRIN in spring 2019. Beta-decay electrons from a high-purity gaseous molecular tritium source are energy analyzed by a high-resolution MAC-E filter. A fit of the integrated electron spectrum over a narrow interval around the kinematic end point at 18.57 keV gives an effective neutrino mass square value of (-1.0_{-1.1}^{+0.9})  eV^{2}. From this, we derive an upper limit of 1.1 eV (90% confidence level) on the absolute mass scale of neutrinos. This value coincides with the KATRIN sensitivity. It improves upon previous mass limits from kinematic measurements by almost a factor of 2 and provides model-independent input to cosmological studies of structure formation

KATRIN "First Light" - Commissioning and Modelling of the Beamline

The Karlsruhe TRitium Neutrino (KATRIN) experiment is the next generation tritium beta-decay experiment to perform a direct and model independent measurement of the effective electron-neutrino mass with an unprecedented sensitivity of 200 meV (90% C.L.). The thesis describes the commissioning and modelling of the entire beamline with a focus on the alignment of the magnetic flux tube that guids the signal electrons. The aim is to demonstrate the required collision-free guidance through the entire KATRIN beamline in order to obtain the statics that are essential for achieving the targeted sensitivity

Commissioning of the vacuum system of the KATRIN Main Spectrometer

The KATRIN experiment will probe the neutrino mass by measuring the beta-electron energy spectrum near the endpoint of tritium beta-decay. An integral energy analysis will be performed by an electro-static spectrometer (Main Spectrometer), an ultra-high vacuum vessel with a length of 23.2 m, a volume of 1240 m^3, and a complex inner electrode system with about 120000 individual parts. The strong magnetic field that guides the beta-electrons is provided by super-conducting solenoids at both ends of the spectrometer. Its influence on turbo-molecular pumps and vacuum gauges had to be considered. A system consisting of 6 turbo-molecular pumps and 3 km of non-evaporable getter strips has been deployed and was tested during the commissioning of the spectrometer. In this paper the configuration, the commissioning with bake-out at 300{\deg}C, and the performance of this system are presented in detail. The vacuum system has to maintain a pressure in the 10^{-11} mbar range. It is demonstrated that the performance of the system is already close to these stringent functional requirements for the KATRIN experiment, which will start at the end of 2016.Comment: submitted for publication in JINST, 39 pages, 15 figure

Who Controls Your Energy? On the (In)Security of Residential Battery Energy Storage Systems

The home Battery Energy Storage System (BESS) industry is on the rise [1]. Newer models are built as Internet-connected devices that offer new service models for customers and manufacturers alike. This approach, as can be observed from emerging Internet of Things (IoT) devices in the last decade, brings new challenges and issues with it. First of all, threats to user privacy and botnet attacks come to mind. More importantly, there are now substantial advances to put flexible BESS in more critical roles in the power grid and let them provide primary balancing power in order to compensate fluctuations [2]. However, while the safety properties of such systems are currently being explored by researchers [3], their security is mostly unexplored and unregulated. To explore the state of security of residential BESS, we systematically analyzed commercially available storage systems from ten different manufacturers, who have a combined market share of more than 60 percent in Germany [4]. We show that all of them have security issues and four of them contain severe security flaws. In order to exemplify the deficit in the industry to properly secure Internet connected devices, we present three attacks in detail