Challenges in Security and Privacy Urs Hengartner Cryptography, Security, and Privacy (CrySP) Research Group David R. Cheriton School of Computer Science

Challenges in Security and Privacy

Urs Hengartner Cryptography, Security, and Privacy (CrySP) Research GroupDavid R. Cheriton School of Computer ScienceUniversity of Waterloo

Urs Hengartner 2Challenges in Security and Privacy

Overview

Part I – Some Research Challenges

Part II – Location Privacy


Part I

Sample Research Challenges:PhishingUsability

Seamless Device AuthenticationRFID

Vehicular Ad-Hoc Networks


Phishing

Internet users enter confidential personal information at fraudulent websites Email with fake link

How to protect Internet users against these attacks?


Toolbars

Display more information about website Examine webpage for suspicious signs Compare webpage to blacklist

Challenges: Users tend to ignore toolbars Retroactive Which ones actually work?


Password Management Tools (Transparently) make password depend on

website (and secret) Remember sites and passwords, force user to go

through tool Keep password away from browser

E.g., cellphone, run browser in virtual machine

Challenges: Usability Mobile users Maybe changes at server required


Web Wallet [Wu et al.]


Industrial Solutions - SiteKey User enters ID (not password!) Site tries to recognize user’s computer based on

cookie, IP address,… Challenge question if failure

Display user-specific image User is expected to abort if wrong/no image

User enters password

Challenges: Usability What if many images/servers? Security/privacy of challenge question


Remove Site-Authentication Image [Schechter et al.]

SAI Maintanance [sic] Notice:[bank name] is currently upgrading our award winning SAI feature. Please contact customer service if your SAI does not reappear within the next 24 hours.


Other Phishing-Related Challenges

Evaluation of existing tools

New tools/approaches

Confidential data other than passwords


Part I





Usability

© Lorrie Cranor


Usability


Usability Other problem cases:

Privacy settings in social networking sites (E.g., Facebook, MySpace)

Wireless routers

Good case: Skype


Challenges for Security Interfaces Security is secondary goal

User might not know about security issues, work around them, or give up

Appropriate feedback Good feedback for security management is

difficult

Mistakes can be costly Once a secret has been left unprotected, it

could have been read by an attacker


Part I





Seamless Device Authentication Portable devices in ad-hoc environments

No centralized administrator for devices

Secure communication between devices requires that devices authenticate each other E.g., other device’s public key Avoids man-in-the-middle attack

How can devices authenticate each other with minimal user intervention? Insecure, high-bandwidth channel Authenticated, low-bandwidth channel


Example Channels Insecure, high-bandwidth channels

Internet wireless link (e.g., Bluetooth, WiFi)

Authenticated, low-bandwidth channels SMS messages visual channel (display and camera) audio channel (loudspeaker and microphone) physical contact infrared humans


Seeing-Is Believing [McCune et al.]


LoKey [Nicholson et al.]

Kb=(ga mod n)bKa=(gb mod n)a

Ka = Kb

secret known only to Alice and Bob(Diffie Hellman)

a b

SHA-256(Ka) == SHA-256(Kb) ?

hash


Challenges for Seamless Device Authentication

Other authenticated channels?

What kind of authenticated channels involving humans?


Part I





RFID Tags

Barcodes of the future

Sticker containing microchip and antenna

Gains power from wireless signal received from tag reader

Tag-reader communication with range of up to half a meter

Tag returns its unique number and static data


Wigmodel #4456

(cheap polyester)

Das Kapital and Communist-

party handbook

1500 Eurosin wallet

Serial numbers:597387,389473

…30 items of lingerie

Replacement hipmedical part #459382

The RFID Privacy Problem

Mr. Jones in 2015

© Ari Juels


RFID Other uses for RFID technology

Libraries, passports, banknotes, pets, humans

Security is difficult for RFID tags Very limited computing capabilities

No cryptography Limited amount of memory


Approaches Kill tag during checkout

IBM’s Clipped Tag

YA-TRAP [Tsudik] Assumptions:

Reader shares a secret with each tag Reader has database with entry

<hash(secret, time), secret> for each tag Reader -> Tag : time Tag -> Reader: hash(secret, time) Reader looks up hash in database to get secret Issue: time must only increase


Part I





Vehicular Ad-Hoc Networks Vehicles communicating with each other

and roadside infrastructure using WiFi

Traffic optimization, payment services, location-based services, infotainment

Safety-related applications Collision avoidance, cooperative driving Can prevent life-endangering accidents Security is mandatory


Security/Privacy Concerns In Vehicular Ad-Hoc Networks Legitimacy of messages

Fake senders or fake content Privacy of messages

Except for legal authorities Timely delivery of messages

Good news Lots of computing power, storage


Part II

Location Privacy


Location-Based Services (LBS) Offered by many cellphone providers

Bell Mobility’s Seek & Find service for locating friends & family

Other examples: Interesting places nearby Traffic conditions Personal navigator Nearby-friends locator


Location Information is Sensitive Can reveal information about your activities,

political views,… Of interest to burglars

Access control to limit the number of people that can access your location information Requires trusted computing base

Privacy-enhancing technologies to reduce trusted computing base Protects against break-ins, configuration errors,…


Sample Research

Louis, Lester and Pierre: Three Protocols for Location Privacy

Ge Zhong, Ian Goldberg and Urs HengartnerPET 2007

http://www.cs.uwaterloo.ca/~uhengart/pet07.pdf


LBS and Privacy Goal: Minimize amount of personal

information that LBS learns Typical architecture

Location Broker

LBS

LBS

Alice and herlocation

Bob and hislocation

?

?


Privacy Axes

Personal information revealed to LBS

Locationinformation

fine

coarse

none

true pseudonym anonymous

User identity


Location k-Anonymity [Gruteser and Grunwald]


Locationinformation

fine

coarse

none


User identity

Spatial k-anonymity

Temporal k-anonymity


Location k-Anonymity Naïve approach: Reveal your fine-grained location,

but not your true identity Location might leak your true identity (e.g., home) Might become trackable

Spatial k-anonymity Cloak location such that at least k-1 other people

are at same location Temporal k-anonymity

Ensure that at least k-1 other people are at location within a timeframe

Might affect quality/type of LBS


Non-Inference [Ravi et al.]


Locationinformation

fine

coarse

none


User identity

Non-inference


Non-Inference LBS migrates its code to the location

broker

Location broker runs code and returns result to LBS

Broker ensures that result does not leak fine-grained location information to LBS Based on information flow control


Mix Zones [Beresford and Stajano] / Swing & Swap [Li et al.]


Locationinformation

fine

coarse

none


User identity

Mix Zones Swing & Swap


Pseudonyms Some LBS cannot be accessed anonymously, but

do not require true identity, either Tracking service in amusement park

Use pseudonym Internal identifier determined by broker

Avoid long-term usage of a pseudonym Change pseudonyms frequently

Ensure unlinkability between old and new pseudonym


Mix Zones / Swing & Swap Guarantee unlinkability

Mix zone Spatial region not covered by LBS Change pseudonym only if at least k-1 other people

in same mix zone

Swing & swap Silent period Couple pseudonym change with speed/direction

change Exchange pseudonym with nearby people (maybe)


Quality of Service [Cheung et al.]


Locationinformation

fine

coarse

none


User identity

Quality ofService


Quality of Service

Cloaking introduces uncertainty about somebody’s location

Use probability to formally express quality of service achievable with cloaking


User Identity Re-Visited [Pang et al.]

Each WiFi card has static address, makes a laptop trackable

Change address from time to time (pseudonym) E.g., when connecting to new access point Might not be sufficient

Other factors that can make a user trackable Characteristics of WiFi card

Packet timings, configuration information in packet headers

Set of websites contacted by user Laptop might broadcast identifiers of access points

to which it connected in the past


Location Privacy Challenges

Location privacy for services that require true identity

Feasibility/Practicality of proposed approaches

What kind of LBS do approaches support?

How to get rid of centralized location broker?


Value of Location Privacy [Danezis et al.]

Experiment based on some deception Asked students whether they wanted to

participate in study tracking them for 28 days

How much money in exchange? “Winners”: n people with lowest biddings,

will be paid money requested by lowest non-chosen bidder

Min: 0; Med: 10; Mean: 27.4; Max: 400 (British pounds)


More Research Challenges See website of my course about hot topics

in computer and communications security http://www.cs.uwaterloo.ca/~uhengart

Teaching -> CS 854 Will be re-taught in Winter 2007,

undergrads can take grad courses

To learn about computer security and privacy, take CS 489 in Winter 2008

Documents

Challenges in Security and Privacy Urs Hengartner Cryptography, Security, and Privacy (CrySP) Research Group David R. Cheriton School of Computer Science