Smarter Password Guessing Techniques Leveraging Contextual Information and OSINT

In recent decades, criminals have increasingly used the web to research, assist and perpetrate criminal behaviour. One of the most important ways in which law enforcement can battle this growing trend is through accessing pertinent information about suspects in a timely manner. A significant hindrance to this is the difficulty of accessing any system a suspect uses that requires authentication via password. Password guessing techniques generally consider common user behaviour while generating their passwords, as well as the password policy in place. Such techniques can offer a modest success rate considering a large/average population. However, they tend to fail when focusing on a single target -- especially when the latter is an educated user taking precautions as a savvy criminal would be expected to do. Open Source Intelligence is being increasingly leveraged by Law Enforcement in order to gain useful information about a suspect, but very little is currently being done to integrate this knowledge in an automated way within password cracking. The purpose of this research is to delve into the techniques that enable the gathering of the necessary context about a suspect and find ways to leverage this information within password guessing techniques

A security analysis of email communications

The objective of this report is to analyse the security and privacy risks of email communications and identify technical countermeasures capable of mitigating them effectively. In order to do so, the report analyses from a technical point of view the core set of communication protocols and standards that support email communications in order to identify and understand the existing security and privacy vulnerabilities. On the basis of this analysis, the report identifies and analyses technical countermeasures, in the form of newer standards, protocols and tools, aimed at ensuring a better protection of the security and privacy of email communications. The practical implementation of each countermeasure is evaluated in order to understand its limitations and identify potential technical and organisational constrains that could limit its effectiveness in practice. The outcome of the above mentioned analysis is a set of recommendations regarding technical and organisational measures that when combined properly have the potential of more effectively mitigating the privacy and security risks of today's email communications.JRC.G.6-Digital Citizen Securit

Cybersecurity, our digital anchor: A European perspective

The Report ‘Cybersecurity – Our Digital Anchor’ brings together research from different disciplinary fields of the Joint Research Centre (JRC), the European Commission's science and knowledge service. It provides multidimensional insights into the growth of cybersecurity over the last 40 years, identifying weaknesses in the current digital evolution and their impacts on European citizens and industry. The report also sets out the elements that potentially could be used to shape a brighter and more secure future for Europe’s digital society, taking into account the new cybersecurity challenges triggered by the COVID-19 crisis. According to some projections, cybercrime will cost the world EUR 5.5 trillion by the end of 2020, up from EUR 2.7 trillion in 2015, due in part to the exploitation of the COVID-19 pandemic by cyber criminals. This figure represents the largest transfer of economic wealth in history, more profitable than the global trade in all major illegal drugs combined, putting at risk incentives for innovation and investment. Furthermore, cyber threats have moved beyond cybercrime and have become a matter of national security. The report addresses relevant issues, including: - Critical infrastructures: today, digital technologies are at the heart of all our critical infrastructures. Hence, their cybersecurity is already – and will become increasingly – a matter of critical infrastructure protection (see the cases of Estonia and Ukraine). - Magnitude of impact: the number of citizens, organisations and businesses impacted simultaneously by a single attack can be huge. - Complexity and duration of attacks: attacks are becoming more and more complex, demonstrating attackers’ enhanced planning capabilities. Moreover, attacks are often only detected post-mortem . - Computational power: the spread of malware also able to infect mobile and Internet of Things (IoT) devices (as in the case of Mirai botnet), hugely increases the distributed computational power of the attacks (especially in the case of denial of services (DoS)). The same phenomenon makes the eradication of an attack much more difficult. - Societal aspects: cyber threats can have a potentially massive impact on society, up to the point of undermining the trust citizens have in digital services. As such services are intertwined with our daily life, any successful cybersecurity strategy must take into consideration the human and, more generally, societal aspects. This report shows how the evolution of cybersecurity has always been determined by a type of cause-and-effect trend: the rise in new digital technologies followed by the discovery of new vulnerabilities, for which new cybersecurity measures must be identified. However, the magnitude and impacts of today's cyber attacks are now so critical that the digital society must prepare itself before attacks happen. Cybersecurity resilience along with measures to deter attacks and new ways to avoid software vulnerabilities should be enhanced, developed and supported. The ‘leitmotiv’ of this report is the need for a paradigm shift in the way cybersecurity is designed and deployed, to make it more proactive and better linked to societal needs. Given that data flows and information are the lifeblood of today’s digital society, cybersecurity is essential for ensuring that digital services work safely and securely while simultaneously guaranteeing citizens’ privacy and data protection. Thus, cybersecurity is evolving from a technological ‘option’ to a societal must. From big data to hyperconnectivity, from edge computing to the IoT, to artificial intelligence (AI), quantum computing and blockchain technologies, the ‘nitty-gritty’ details of cybersecurity implementation will always remain field-specific due to specific sectoral constraints. This brings with it inherent risks of a digital society with heterogeneous and inconsistent levels of security. To counteract this, we argue for a coherent, cross-sectoral and cross-societal cybersecurity strategy which can be implemented across all layers of European society. This strategy should cover not only the technological aspects but also the societal dimensions of ‘behaving in a cyber-secure way’. Consequently, the report concludes by presenting a series of possible actions instrumental to building a European digital society secure by design.JRC.E.3-Cyber and Digital Citizens' Securit

Authentification et Anonymat à Bas-coût (Modélisations et Protocoles)

Dans la vie de tous les jours, la sécurité de nombreuses applications est assurée par des mécanismes cryptographiques. Dans certains cas, le respect de la vie privée revêt une importance majeure. Par exemple, sur internet, un utilisateur attend du fournisseur de services que celui-ci ne divulgue pas son identité. Dans ce mémoire, je donne tout d'abord une définition formelle des preuves de connaissance à divulgation nulle de connaissance (ZKPK), très utiles pour concevoir des signatures numériques. Je prouve la sécurité d'une construction générique fournissant des preuves de connaissance d'un ensemble de relations de logarithmes discrets. Puis je présente l'état de l'art des différents schémas de signature assurant l'anonymat de l'utilisateur. J'en donne ensuite une version coopérative, dans laquelle un intermédiaire aide l'utilisateur à réaliser certains calculs au cours du protocole. Je définis également un modèle formel de sécurité tenant compte de la potentielle corruption de l'intermédiaire tout en améliorant l'efficacité du protocole. Dans la deuxième partie de ce mémoire, je présente les propriétés de sécurité requises d'un schéma d'authentification d'étiquettes RFID. Comme ces dispositifs sont susceptibles d'être intégrés dans différents produits, il faut qu'ils soient intraçables afin d'empêcher leur porteur d'être pisté. Cette propriété n'est pas assurée par l'anonymat seul et doit donc apparaître dans le modèle de sécurité. Enfin, je décris deux protocoles d'authentification. Le premier utilise une infrastructure à clé secrète et un mécanisme de mise à jour de clé. Le second utilise une infrastructure à clé publique et un algorithme de chiffrement.In our daily life, security of many applications are based on cryptographic mechanisms. In some of them, privacy issues are a major concern. For example in internet context, a user expects the service provider not to divulgate his identity. In this thesis, I first give a formal definition of zero-knowledge proofs of knowledge (ZKPK), very useful for designing digital signatures. I prove the security of a generic construction of proofs of knowledge of discrete logarithm relations set. Then, I present state of the art of different signature schemes ensuring users' anonymity. Afterwards I adapt these protocols to the cooperative set-up, in which an intermediary helps the user perform some computations during the protocol. I also define a formal security model which is robust against corruption of the intermediary, while improving protocol efficiency.In the second part of this thesis, I present the security requirements for RFID tags authentication protocols. As these small embedded devices are potentially integrated into many various products, they must be intraceable so that nobody can trace their holder. As anonymity does not provide this property on its own, it must be included in the security model. Finally, I describe two authentication protocols which provide this security level. The first one uses a secret key infrastructure and a key update mechanism. The other one uses a public key infrastructure and an encryption algorithm.CAEN-BU Sciences et STAPS (141182103) / SudocSudocFranceF

Untangling RFID privacy models

The rise of wireless applications based on RFID has brought up major concerns on privacy. Indeed nowadays, when such an application is deployed, informed customers yearn for guarantees that their privacy will not be threatened. One formal way to perform this task is to assess the privacy level of the RFID application with a model. However, if the chosen model does not reflect the assumptions and requirements of the analyzed application, it may misevaluate its privacy level. Therefore, selecting the most appropriate model among all the existing ones is not an easy task. This paper investigates the eight most well-known RFID privacy models and thoroughly examines their advantages and drawbacks in three steps. Firstly, five RFID authentication protocols are analyzed with these models. This discloses a main worry: although these protocols intuitively ensure different privacy levels, no model is able to accurately distinguish them. Secondly, these models are grouped according to their features (e.g., tag corruption ability). This classification reveals the most appropriate candidate model(s) to be used for a privacy analysis when one of these features is especially required. Furthermore, it points out that none of the models are comprehensive. Hence, some combinations of features may not match any model. Finally, the privacy properties of the eight models are compared in order to provide an overall view of their relations. This part highlights that no model globally outclasses the other ones. Considering the required properties of an application, the thorough study provided in this paper aims to assist system designers to choose the best suited model

Improved Cryptanalysis of the DECT Standard Cipher

The DECT Standard Cipher (DSC) is a 64-bit key stream cipher used in the Digital Enhanced Cordless Telecommunications (DECT) standard to protect the confidentiality of the communications. In this paper we present an improved cryptanalysis approach which is more effective than the Nohl-Tews-Weinmann (NTW) attack and requires four times less plaintext material. Under the best conditions, our attack requires a 3 minutes long communication instead of more than 10 minutes for the NTW attack. Our approach is able to quickly recover the secret key with a success rate of more than 50% by analysing 2^13 keystreams and performing an exhaustive search over 2^31 keys. Additionally, the attack was successfully conducted against real intercepted communications when the plaintext was only 90% accurate. To the best of our knowledge, the approach we present in this paper is the most effective cryptanalysis published so far against the DSC cipher.JRC.G.6-Digital Citizen Securit

Untraceability Model for RFID

International audienc

Lighten Encryption Schemes for Secure and Private RFID Systems

We provide several concrete implementations of a generic method given by Vaudenay to construct secure privacy-preserving RFID authentication and identification systems. More precisely, we give the first instantiation of the Vaudenay's result by using the IND-CCA secure DHAES cryptosystem. Next we argue that weaker cryptosystems can also be used by recalling the WIPR RFID system and giving a new protocol based on the El Carnal encryption scheme. After that, we introduce a new generic construction based on the use of any IND-CPA secure public key cryptosystem together with a MAC scheme and describe a possibility using the Hash El Carnal cryptosystem. We finally compare all these schemes, both in terms of implementation and security, proving that, nowadays the DHAES and our Hash El Carnal based solutions appear as the most promising schemes.Anglai

Practical interception of DECT encrypted voice communications in Unified Communications environments

Digital Enhanced Cordless Telephony, DECT, is a world-wide standard for cordless telephony that is frequently integrated into Unified Communications systems both in commercial and residential environments. DECT supports encryption to protect the confidentiality of the communications whilst allowing the interoperability between products from different models and manufacturers. In this paper we explore, from both a theoretical and a practical standpoint, the security of the DECT cryptographic pairing process, which plays a vital role in the security chain of Unified Communications systems involving DECT technology. Furthermore, we demonstrate a practical security attack against the DECT pairing process that is able to retrieve the cryptographic keys and decrypt in real-time any subsequent encrypted voice communication. We also present a proposal for a more secure alternative cryptographic pairing process that is not vulnerable to this type of passive attack.JRC.G.6-Digital Citizen Securit