Performance Evaluation of Distributed Security Protocols Using Discrete Event Simulation

The Border Gateway Protocol (BGP) that manages inter-domain routing on the Internet lacks security. Protective measures using public key cryptography introduce complexities and costs. To support authentication and other security functionality in large networks, we need public key infrastructures (PKIs). Protocols that distribute and validate certificates introduce additional complexities and costs. The certification path building algorithm that helps users establish trust on certificates in the distributed network environment is particularly complicated. Neither routing security nor PKI come for free. Prior to this work, the research study on performance issues of these large-scale distributed security systems was minimal. In this thesis, we evaluate the performance of BGP security protocols and PKI systems. We answer the questions about how the performance affects protocol behaviors and how we can improve the efficiency of these distributed protocols to bring them one step closer to reality. The complexity of the Internet makes an analytical approach difficult; and the scale of Internet makes empirical approaches also unworkable. Consequently, we take the approach of simulation. We have built the simulation frameworks to model a number of BGP security protocols and the PKI system. We have identified performance problems of Secure BGP (S-BGP), a primary BGP security protocol, and proposed and evaluated Signature Amortization (S-A) and Aggregated Path Authentication (APA) schemes that significantly improve efficiency of S-BGP without compromising security. We have also built a simulation framework for general PKI systems and evaluated certification path building algorithms, a critical part of establishing trust in Internet-scale PKI, and used this framework to improve algorithm performance

Greenpass: Flexible and Scalable Authorization for Wireless Networks

Wireless networks break the implicit assumptions that supported authorization in wired networks (that is: if one could connect, then one must be authorized). However, ensuring that only authorized users can access a campus-wide wireless network creates many challenges: we must permit authorized guests to access the same network resources that internal users do; we must accommodate the de-centralized way that authority flows in real universities; we also must work within standards, and accommodate the laptops and systems that users already have, without requiring additional software or plug-ins. This paper describes our ongoing project to address this problem, using SPKI/SDSI delegation on top of X.509 keypair within EAP-TLS. Within the ``living laboratory\u27\u27 of Dartmouth\u27s wireless network, this project lets us solve real problem with wireless networking, while also experimenting with trust flows and testing the limits of current tools

Long-Lasting Phosphorescence in BaSi\u3csub\u3e2\u3c/sub\u3eO\u3csub\u3e2\u3c/sub\u3eN\u3csub\u3e2\u3c/sub\u3e:Eu\u3csup\u3e2+\u3c/sup\u3e and Ba\u3csub\u3e2\u3c/sub\u3eSiO\u3csub\u3e4\u3c/sub\u3e:Eu\u3csup\u3e2+\u3c/sup\u3e Phases for X-Ray and Cathode Ray Tubes

We report the long-lasting bluish-green phosphorescence for X-ray or cathode ray tubes in the phosphors with compositions of either Ba2SiO4:0.01Eu2+–xSi3N4 (x=0–1) or 2BaCO3–ySi3N4:0.01Eu2+(y=1/6–1) synthesized by a solid-state reaction. By tuning the Si3N4content, the phosphorescence may originate from Eu2+ in BaSi2O2N2(peaking at 490 nm), Ba2SiO4 (505 nm), and Ba3SiO5 (590 nm) phases. The strong phosphorescence of the Ba2SiO4:Eu2+ phase in 2BaCO3–ySi3N4:0.01Eu2+ is attributed to N substitution for O to generate a shallow trap. In Ba2SiO4:0.01Eu2+–xSi3N4 , however, N prefers reacting with Ba2SiO4 to form BaSi2O2N2 , thereby exhibiting a strong phosphorescence of the BaSi2O2N2:Eu2+ phase but a weak phosphorescence of the Ba2SiO4:Eu2+ phase

Modeling and Evaluation of Certification Path Discovery in the Emerging Global PKI

Abstract. Establishing trust on certificates across multiple domains requires an efficient certification path discovery algorithm. Previously, small exmaples are used to analyze the performance of certification path discovery. In this work, we propose and implement a simulation framework and a probability search tree model for systematic performance evaluation. Built from measurement data collected from current PKI systems in development and deployment over more than 10 countries, our model is (to the best of our knowledge) the largest simulated PKI architecture to-date.

Keyjacking: Risks of the Current Client-side Infrastructure

In theory, PKI can provide a flexible and strong way to authenticate users in distributed information systems. In practice, much is being invested in realizing this vision via tools such as client-side SSL and browser-based keystores. Exploring this vision, we demonstrate that browsers will use personal certificates to authenticate requests that the person neither knew of nor approved (in some scenarios, direct migration from password-based systems to clientside SSL makes things worse). We also demonstrate the easy permeability of these keystores, including new attacks on medium and high-security IE/XP keys. We suggest some short-term countermeasures. However, against this background, it is not clear that the current client-side infrastructure can achieve the PKI vision. A fundamental rethinking of the trust, usage, and storage model might result in more effective tools for building a PKI.

Keyjacking: the Surprising Insecurity of Client-side SSL

In theory, PKI can provide a flexible and strong way to authenticate users in distributed information systems. In practice, much is being invested in realizing this vision via client-side SSL and various client keystores. However, whether this works depends on whether what the machines do with the private keys matches what the humans think they do: whether a server operator can conclude from an SSL request authenticated with a user’s private key that the user was aware of and approved that request. Exploring this vision, we demonstrate via a series of experiments that this assumption does not hold with standard desktop tools, even if the browser user does all the right things. A fundamental rethinking of the trust, usage, and storage model might result in more effective tools for achieving the PKI vision.