Automatic analysis of distance bounding protocols

Distance bounding protocols are used by nodes in wireless networks to calculate upper bounds on their distances to other nodes. However, dishonest nodes in the network can turn the calculations both illegitimate and inaccurate when they participate in protocol executions. It is important to analyze protocols for the possibility of such violations. Past efforts to analyze distance bounding protocols have only been manual. However, automated approaches are important since they are quite likely to find flaws that manual approaches cannot, as witnessed in literature for analysis pertaining to key establishment protocols. In this paper, we use the constraint solver tool to automatically analyze distance bounding protocols. We first formulate a new trace property called Secure Distance Bounding (SDB) that protocol executions must satisfy. We then classify the scenarios in which these protocols can operate considering the (dis)honesty of nodes and location of the attacker in the network. Finally, we extend the constraint solver so that it can be used to test protocols for violations of SDB in these scenarios and illustrate our technique on some published protocols.Comment: 22 pages, Appeared in Foundations of Computer Security, (Affiliated workshop of LICS 2009, Los Angeles, CA)

Informing the Design of Privacy-Empowering Tools for the Connected Home

Connected devices in the home represent a potentially grave new privacy threat due to their unfettered access to the most personal spaces in people's lives. Prior work has shown that despite concerns about such devices, people often lack sufficient awareness, understanding, or means of taking effective action. To explore the potential for new tools that support such needs directly we developed Aretha, a privacy assistant technology probe that combines a network disaggregator, personal tutor, and firewall, to empower end-users with both the knowledge and mechanisms to control disclosures from their homes. We deployed Aretha in three households over six weeks, with the aim of understanding how this combination of capabilities might enable users to gain awareness of data disclosures by their devices, form educated privacy preferences, and to block unwanted data flows. The probe, with its novel affordances-and its limitations-prompted users to co-adapt, finding new control mechanisms and suggesting new approaches to address the challenge of regaining privacy in the connected home.Comment: 10 pages, 2 figures. To appear in the Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems (CHI '20

An Optimal Symmetric Secret Distribution of Star Networks 1

In this paper, we present a lower bound on secret distribution in star network. Examples of star communication network exist in various systems including sensor networks where there is one base station and several sensors that need to communicate with it. While the previous result had shown the possibility of performing secret distribution in a star network using 2 log n secrets, the lower bound for this problem was unknown. With this motivation, in this paper, we derive a tight bound for the number of secrets required for secret distribution in a star network. We show that as n, the number of satellite nodes in the star network, tends to ∞, it suffices to maintain log n + 1/2 log log n + 1 secrets at the center node. However, log n + 1/2 log log n secrets do not. Even in the absence of the constraint of n → ∞, we argue that these bounds are reasonably tight, i.e., there are several examples for finite values of n where ⌈log n + 1/2 log log n ⌉ secrets do not suffice although ⌈log n + 1/2 log log n + 1 ⌉ secrets suffice for virtually all cases of practical interest. We also show that our protocol could provide a tradeoff between internal and external attacks and to reduce the number of secrets in acyclic, planar and fully connected bipartite graphs

A cross-domain privacy-preserving protocol for cooperative firewall optimization

Abstract—Firewalls have been widely deployed on the Internet for securing private networks. A firewall checks each incoming or outgoing packet to decide whether to accept or discard the packet based on its policy. Optimizing firewall policies is crucial for improving network performance. Prior work on firewall optimization focuses on either intra-firewall or inter-firewall optimization within one administrative domain where the privacy of firewall policies is not a concern. This paper explores interfirewall optimization across administrative domains for the first time. The key technical challenge is that firewall policies cannot be shared across domains because a firewall policy contains confidential information and even potential security holes, which can be exploited by attackers. In this paper, we propose the first cross-domain privacy-preserving cooperative firewall policy optimization protocol. Specifically, for any two adjacent firewalls belonging to two different administrative domains, our protocol can identify in each firewall the rules that can be removed because of the other firewall. The optimization process involves cooperative computation between the two firewalls without any party disclosing its policy to the other. We implemented our protocol and conducted extensive experiments. The results on real firewall policies show that our protocol can remove as many as 49 % of the rules in a firewall whereas the average is 19.4%. The communication cost is less than a few hundred KBs. Our protocol incurs no extra online packet processing overhead and the offline processing time is less than a few hundred seconds