Trust is a critical component of any identity system. Several incidents in the past have demonstrated the existence of possible harm that can arise from misuse of people's personal information. Giving credible and provable reassurances to people is required to build trust and make people feel secure to use the electronic services offered by companies or governments on-line. However, when it comes to privacy, typical identity management systems like PKI fail to provide strong reassurances. For example, in these systems, the so-called "Identity Provider" is able to trace and link all communications and transactions of the users. Strong cryptographic protocols can be used to increase trust, by not letting such privacy violations be technically possible. Over the past years, a number of technologies have been developed to build Privacy Preserving Attribute-based Credentials (Privacy-ABCs) in a way that they can be trusted, like normal cryptographic certificates, while at the same time they protect the privacy of their holder [3]. Such Privacy-ABCs are issued just like ordinary cryptographic credentials (e.g., X.509 credentials) using a digital secret signature key. However, Privacy-ABCs allow their holder to transform them into a new token, in such a way that the privacy of the user is protected. Bringing more control on the user side, created an interesting discussion on the acceptance factors and the cost-benefit trade-offs involved in adopting such technologies, as perceived by users [1]. As technology is progressing rapidly and moving towards the pervasive world, not only citizens but also objects get increasingly connected. For example, today's vehicles are already connected and in the very near future they will also interact directly with each other and with the road infrastructure giving rise to a new domain called Cooperative Intelligent Transport Systems (C-ITS). C-ITS needs to be secured and a trust architecture needs to be in place in order to protect messages. This also includes the necessity of authentication and authorization of participating vehicles, ensuring that messages originate from genuine vehicles without making individual vehicles traceable throughout the system. So, a security and trust architecture featuring a public key infrastructure (PKI) has been specified. The practical C-ITS systems which are currently considered for deployment in Europe, the US and China take this approach to authentication by letting vehicles sign outgoing V2X messages with short-lived pseudonym certificates. Some degree of privacy is obtained by letting vehicles frequently change or rotate their certificates from a pool of pseudonyms. However, the architecture is complex and exhibits several shortcomings [2]. Similar to the experiences from the online world, we argue that the pressing need for establishing federated trust between services and devices in a dynamic network of vehicles, gateways, services and applications cannot be solely secured with
{"title":"Enabling Trusted Digital Identities ? From Connected Citizens to Connected Objects","authors":"Ioannis Krontiris","doi":"10.1145/3411505.3418440","DOIUrl":"https://doi.org/10.1145/3411505.3418440","url":null,"abstract":"Trust is a critical component of any identity system. Several incidents in the past have demonstrated the existence of possible harm that can arise from misuse of people's personal information. Giving credible and provable reassurances to people is required to build trust and make people feel secure to use the electronic services offered by companies or governments on-line. However, when it comes to privacy, typical identity management systems like PKI fail to provide strong reassurances. For example, in these systems, the so-called \"Identity Provider\" is able to trace and link all communications and transactions of the users. Strong cryptographic protocols can be used to increase trust, by not letting such privacy violations be technically possible. Over the past years, a number of technologies have been developed to build Privacy Preserving Attribute-based Credentials (Privacy-ABCs) in a way that they can be trusted, like normal cryptographic certificates, while at the same time they protect the privacy of their holder [3]. Such Privacy-ABCs are issued just like ordinary cryptographic credentials (e.g., X.509 credentials) using a digital secret signature key. However, Privacy-ABCs allow their holder to transform them into a new token, in such a way that the privacy of the user is protected. Bringing more control on the user side, created an interesting discussion on the acceptance factors and the cost-benefit trade-offs involved in adopting such technologies, as perceived by users [1]. As technology is progressing rapidly and moving towards the pervasive world, not only citizens but also objects get increasingly connected. For example, today's vehicles are already connected and in the very near future they will also interact directly with each other and with the road infrastructure giving rise to a new domain called Cooperative Intelligent Transport Systems (C-ITS). C-ITS needs to be secured and a trust architecture needs to be in place in order to protect messages. This also includes the necessity of authentication and authorization of participating vehicles, ensuring that messages originate from genuine vehicles without making individual vehicles traceable throughout the system. So, a security and trust architecture featuring a public key infrastructure (PKI) has been specified. The practical C-ITS systems which are currently considered for deployment in Europe, the US and China take this approach to authentication by letting vehicles sign outgoing V2X messages with short-lived pseudonym certificates. Some degree of privacy is obtained by letting vehicles frequently change or rotate their certificates from a pool of pseudonyms. However, the architecture is complex and exhibits several shortcomings [2]. Similar to the experiences from the online world, we argue that the pressing need for establishing federated trust between services and devices in a dynamic network of vehicles, gateways, services and applications cannot be solely secured with ","PeriodicalId":157519,"journal":{"name":"Proceedings of the 2nd Workshop on Cyber-Security Arms Race","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127754250","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Systems that protect enclaves from privileged software must consider software-based side-channel attacks. Our system isolates enclaves on separate secure cores to stop attackers from running on the same core as the victim, which mitigates intra-core side-channel attacks. Redesigning the memory hierarchy based on enclave ownership protects enclaves against inter-core side-channel attacks. We implement this system and evaluate it in terms of communication performance, memory overhead and hardware area. Combining physical isolation and a redesigned memory hierarchy protects enclaves against all known software-based side-channel attacks.
{"title":"Protecting Enclaves from Intra-Core Side-Channel Attacks through Physical Isolation","authors":"Marno van der Maas, S. Moore","doi":"10.1145/3411505.3418437","DOIUrl":"https://doi.org/10.1145/3411505.3418437","url":null,"abstract":"Systems that protect enclaves from privileged software must consider software-based side-channel attacks. Our system isolates enclaves on separate secure cores to stop attackers from running on the same core as the victim, which mitigates intra-core side-channel attacks. Redesigning the memory hierarchy based on enclave ownership protects enclaves against inter-core side-channel attacks. We implement this system and evaluate it in terms of communication performance, memory overhead and hardware area. Combining physical isolation and a redesigned memory hierarchy protects enclaves against all known software-based side-channel attacks.","PeriodicalId":157519,"journal":{"name":"Proceedings of the 2nd Workshop on Cyber-Security Arms Race","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117221146","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Recent work by Pijnenburg and Poettering (ESORICS'20) explores the novel cryptographic Encrypt-to-Self primitive that is dedicated to use cases of symmetric encryption where encryptor and decryptor coincide. The primitive is envisioned to be useful whenever a memory-bounded computing device is required to encrypt some data with the aim of temporarily depositing it on an untrusted storage device. While the new primitive protects the confidentiality of payloads as much as classic authenticated encryption primitives would do, it provides considerably better authenticity guarantees: Specifically, while classic solutions would completely fail in a context involving user corruptions, if an encrypt-to-self scheme is used to protect the data, all ciphertexts and messages fully remain unforgeable. To instantiate their encrypt-to-self primitive, Pijnenburg et.al propose a mode of operation of the compression function of a hash function, with a carefully designed encoding function playing the central role in the serialization of the processed message and associated data. In the present work we revisit the design of this encoding function. Without questioning its adequacy for securely accomplishing the encrypt-to-self job, we improve on it from a technical/implementational perspective by proposing modifications that alleviate certain conditions that would inevitably require implementations to disrespect memory alignment restrictions imposed by the word-wise operation of modern CPUs, ultimately leading to performance penalties. Our main contributions are thus to propose an improved encoding function, to explain why it offers better performance, and to prove that it provides as much security as its predecessor. We finally report on our open-source implementation of the encrypt-to-self primitive based on the new encoding function. For the full version of this article, see https://arxiv.org/abs/2009.02667 arXiv:2009.02667.
{"title":"Efficiency Improvements for Encrypt-to-Self","authors":"Jeroen Pijnenburg, Bertram Poettering","doi":"10.1145/3411505.3418438","DOIUrl":"https://doi.org/10.1145/3411505.3418438","url":null,"abstract":"Recent work by Pijnenburg and Poettering (ESORICS'20) explores the novel cryptographic Encrypt-to-Self primitive that is dedicated to use cases of symmetric encryption where encryptor and decryptor coincide. The primitive is envisioned to be useful whenever a memory-bounded computing device is required to encrypt some data with the aim of temporarily depositing it on an untrusted storage device. While the new primitive protects the confidentiality of payloads as much as classic authenticated encryption primitives would do, it provides considerably better authenticity guarantees: Specifically, while classic solutions would completely fail in a context involving user corruptions, if an encrypt-to-self scheme is used to protect the data, all ciphertexts and messages fully remain unforgeable. To instantiate their encrypt-to-self primitive, Pijnenburg et.al propose a mode of operation of the compression function of a hash function, with a carefully designed encoding function playing the central role in the serialization of the processed message and associated data. In the present work we revisit the design of this encoding function. Without questioning its adequacy for securely accomplishing the encrypt-to-self job, we improve on it from a technical/implementational perspective by proposing modifications that alleviate certain conditions that would inevitably require implementations to disrespect memory alignment restrictions imposed by the word-wise operation of modern CPUs, ultimately leading to performance penalties. Our main contributions are thus to propose an improved encoding function, to explain why it offers better performance, and to prove that it provides as much security as its predecessor. We finally report on our open-source implementation of the encrypt-to-self primitive based on the new encoding function. For the full version of this article, see https://arxiv.org/abs/2009.02667 arXiv:2009.02667.","PeriodicalId":157519,"journal":{"name":"Proceedings of the 2nd Workshop on Cyber-Security Arms Race","volume":"78 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134011061","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: