Malware-Resistant Protocols for Real-World Systems

Cryptographic protocols are widely used to protect real-world systems from attacks. Paying for goods in a shop, withdrawing money or browsing the Web; all these activities are backed by cryptographic protocols. However, in recent years a potent threat became apparent. Malware is increasingly used in attacks to bypass existing security mechanisms. Many cryptographic protocols that are used in real-world systems today have been found to be susceptible to malware attacks. One reason for this is that most of these protocols were designed with respect to the Dolev-Yao attack model that assumes an attacker to control the network between computer systems but not the systems themselves. Furthermore, most real-world protocols do not provide a formal proof of security and thus lack a precise definition of the security goals the designers tried to achieve. This work tackles the design of cryptographic protocols that are resilient to malware attacks, applicable to real-world systems, and provably secure. In this regard, we investigate three real-world use cases: electronic payment, web authentication, and data aggregation. We analyze the security of existing protocols and confirm results from prior work that most protocols are not resilient to malware. Furthermore, we provide guidelines for the design of malware-resistant protocols and propose such protocols. In addition, we formalize security notions for malware-resistance and use a formal proof of security to verify the security guarantees of our protocols. In this work we show that designing malware-resistant protocols for real-world systems is possible. We present a new security notion for electronic payment and web authentication, called one-out-of-two security, that does not require a single device to be trusted and ensures that a protocol stays secure as long as one of two devices is not compromised. Furthermore, we propose L-Pay, a cryptographic protocol for paying at the point of sale (POS) or withdrawing money at an automated teller machine (ATM) satisfying one-out-of-two security, FIDO2 With Two Displays (FIDO2D) a cryptographic protocol to secure transactions in the Web with one-out-of-two security and Secure Aggregation Grouped by Multiple Attributes (SAGMA), a cryptographic protocol for secure data aggregation in encrypted databases. In this work, we take important steps towards the use of malware-resistant protocols in real-world systems. Our guidelines and protocols can serve as templates to design new cryptographic protocols and improve security in further use cases

KATRIN "First Light" - Commissioning and Modelling of the Beamline

The Karlsruhe TRitium Neutrino (KATRIN) experiment is the next generation tritium beta-decay experiment to perform a direct and model independent measurement of the effective electron-neutrino mass with an unprecedented sensitivity of 200 meV (90% C.L.). The thesis describes the commissioning and modelling of the entire beamline with a focus on the alignment of the magnetic flux tube that guids the signal electrons. The aim is to demonstrate the required collision-free guidance through the entire KATRIN beamline in order to obtain the statics that are essential for achieving the targeted sensitivity

Time-dependent simulation of the flow reduction of D2 and T2 in the KATRIN experiment

The KArlsruhe TRItium Neutrino experiment (KATRIN) aims to measure the effective electron anti-neutrino mass with an unprecedented sensitivity of 0.2 eV/c², using β-electrons from tritium decay. Superconducting magnets will guide the electrons through a vacuum beamline from the windowless gaseous tritium source through differential and cryogenic pumping sections to a high resolution spectrometer. At the same time tritium gas has to be prevented from entering the spectrometer. Therefore, the pumping sections have to reduce the tritium flow by at least 14 orders of magnitude. This paper describes various simulation methods in the molecular flow regime used to determine the expected gas flow reduction in the pumping sections for deuterium (commissioning runs) and for radioactive tritium. Simulations with MolFlow+ and with an analytical model are compared with each other, and with the stringent requirements of the KATRIN experiment

Neutral tritium gas reduction in the KATRIN differential pumping sections

The KArlsruhe TRItium Neutrino experiment (KATRIN) aims to measure the effective electron anti-neutrino mass with an unprecedented sensitivity of $0.2\,\mathrm{eV}/\mathrm{c}^2$, using $\beta$-electrons from tritium decay. The electrons are guided magnetically by a system of superconducting magnets through a vacuum beamline from the windowless gaseous tritium source through differential and cryogenic pumping sections to a high resolution spectrometer and a segmented silicon pin detector. At the same time tritium gas has to be prevented from entering the spectrometer. Therefore, the pumping sections have to reduce the tritium flow by more than 14 orders of magnitude. This paper describes the measurement of the reduction factor of the differential pumping section performed with high purity tritium gas during the first measurement campaigns of the KATRIN experiment. The reduction factor results are compared with previously performed simulations, as well as the stringent requirements of the KATRIN experiment.Comment: 19 pages, 4 figures, submitted to Vacuu

Improved Upper Limit on the Neutrino Mass from a Direct Kinematic Method by KATRIN.

We report on the neutrino mass measurement result from the first four-week science run of the Karlsruhe Tritium Neutrino experiment KATRIN in spring 2019. Beta-decay electrons from a high-purity gaseous molecular tritium source are energy analyzed by a high-resolution MAC-E filter. A fit of the integrated electron spectrum over a narrow interval around the kinematic end point at 18.57 keV gives an effective neutrino mass square value of (-1.0_{-1.1}^{+0.9})  eV^{2}. From this, we derive an upper limit of 1.1 eV (90% confidence level) on the absolute mass scale of neutrinos. This value coincides with the KATRIN sensitivity. It improves upon previous mass limits from kinematic measurements by almost a factor of 2 and provides model-independent input to cosmological studies of structure formation