S. Hohenberger, Satyanarayana Vusirikala, Brent Waters
Pairing-based cryptography is widely used for its efficiency and functionality. When designing pairing-based schemes, one common task is to devise algorithms for verifying a set of untrusted group elements with respect to a set of trusted group elements. One might be searching for a verification algorithm for a signature scheme or a method for verifying an IBE/ABE private key with respect to the IBE/ABE public parameters. In ACM CCS 2019 Hohenberger Vusirikala, the AutoPPE software tool was introduced for automatically generating a set of pairing product equations (PPEs) that can verify the correctness of a set of pairing group elements with respect to a set of trusted group elements. This task is non-trivial. Some schemes (e.g., those based on dual system encryption) provably do not support any efficient algorithm for verifying the private keys with respect to the public parameters. Other schemes (e.g., the Boyen-Waters anonymous IBE) were left in a gray area by Hohenberger-Vusirikala (CCS 19) -- no conjunction of PPEs was known for testing them, but no proof of untestability either. In this work, we significantly generalize and expand on the foundation of Hohenberger-Vusirikala (CCS 19). Specifically, we consider a larger space of verification algorithms, which we call PPE Circuits, to verify a set of untrusted group elements with respect to a set of trusted group elements. Informally, a PPE Circuit supports AND, OR, NOT and PPE gates, thus capturing all of the capability of AutoPPE while novelly enabling the verification algorithm to include arbitrary logic (as opposed to only conjunctions of PPEs). Our contributions include a formalization of PPE circuits, a provably-correct algorithm for searching for a PPE circuit given a description of the trusted and untrusted elements to be verified, and a new open-source software tool called AutoCircuitPPE that realizes this algorithm. AutoCircuitPPE was tested on a host of test cases and it output PPE circuits for all "gray area" schemes left unresolved in Hohenberger-Vusirikala (CCS 19) as well as several new test cases, usually in 100 seconds or less.
{"title":"PPE Circuits: Formal Definition to Software Automation","authors":"S. Hohenberger, Satyanarayana Vusirikala, Brent Waters","doi":"10.1145/3372297.3417230","DOIUrl":"https://doi.org/10.1145/3372297.3417230","url":null,"abstract":"Pairing-based cryptography is widely used for its efficiency and functionality. When designing pairing-based schemes, one common task is to devise algorithms for verifying a set of untrusted group elements with respect to a set of trusted group elements. One might be searching for a verification algorithm for a signature scheme or a method for verifying an IBE/ABE private key with respect to the IBE/ABE public parameters. In ACM CCS 2019 Hohenberger Vusirikala, the AutoPPE software tool was introduced for automatically generating a set of pairing product equations (PPEs) that can verify the correctness of a set of pairing group elements with respect to a set of trusted group elements. This task is non-trivial. Some schemes (e.g., those based on dual system encryption) provably do not support any efficient algorithm for verifying the private keys with respect to the public parameters. Other schemes (e.g., the Boyen-Waters anonymous IBE) were left in a gray area by Hohenberger-Vusirikala (CCS 19) -- no conjunction of PPEs was known for testing them, but no proof of untestability either. In this work, we significantly generalize and expand on the foundation of Hohenberger-Vusirikala (CCS 19). Specifically, we consider a larger space of verification algorithms, which we call PPE Circuits, to verify a set of untrusted group elements with respect to a set of trusted group elements. Informally, a PPE Circuit supports AND, OR, NOT and PPE gates, thus capturing all of the capability of AutoPPE while novelly enabling the verification algorithm to include arbitrary logic (as opposed to only conjunctions of PPEs). Our contributions include a formalization of PPE circuits, a provably-correct algorithm for searching for a PPE circuit given a description of the trusted and untrusted elements to be verified, and a new open-source software tool called AutoCircuitPPE that realizes this algorithm. AutoCircuitPPE was tested on a host of test cases and it output PPE circuits for all \"gray area\" schemes left unresolved in Hohenberger-Vusirikala (CCS 19) as well as several new test cases, usually in 100 seconds or less.","PeriodicalId":20481,"journal":{"name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","volume":"39 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2020-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80761526","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Shuofei Zhu, Ziyi Zhang, Limin Yang, Linhai Song, Gang Wang
VirusTotal is the largest online anti-malware scanning service. It is widely used by security researchers for labeling malware data or serving as a comparison baseline. However, several important challenges of using VirusTotal are left unaddressed (e.g., whether VirusTotal labels are already stable, when VirusTotal labels can be trusted), severely harming the correctness of research projects depending on VirusTotal. In this paper, we present VTSet, which contains daily VirusTotal labels on more than 14,000 files over one year. VTSet can be used to build and evaluate various tools to tackle the existing challenges and facilitate the usage of VirusTotal. Besides the data, VTSet also provides a demonstration tool to display many measurement results and a query tool to ease the access of its data. A video demonstration of VTSet is located at the following link: https://youtu.be/aSVaUGHxFi4.
{"title":"Benchmarking Label Dynamics of VirusTotal Engines","authors":"Shuofei Zhu, Ziyi Zhang, Limin Yang, Linhai Song, Gang Wang","doi":"10.1145/3372297.3420013","DOIUrl":"https://doi.org/10.1145/3372297.3420013","url":null,"abstract":"VirusTotal is the largest online anti-malware scanning service. It is widely used by security researchers for labeling malware data or serving as a comparison baseline. However, several important challenges of using VirusTotal are left unaddressed (e.g., whether VirusTotal labels are already stable, when VirusTotal labels can be trusted), severely harming the correctness of research projects depending on VirusTotal. In this paper, we present VTSet, which contains daily VirusTotal labels on more than 14,000 files over one year. VTSet can be used to build and evaluate various tools to tackle the existing challenges and facilitate the usage of VirusTotal. Besides the data, VTSet also provides a demonstration tool to display many measurement results and a query tool to ease the access of its data. A video demonstration of VTSet is located at the following link: https://youtu.be/aSVaUGHxFi4.","PeriodicalId":20481,"journal":{"name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","volume":"87 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2020-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83802739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The problem of fair exchange consists of interchanging goods between two parties that do not trust each other. Despite known impossibility results, recent works leverage the block-chain and zero-knowledge proofs to implement zero-knowledge contingent payment (zkCP) systems that make fair exchange of digital goods possible. Implementing these systems in a secure and efficient way is a big challenge, as evidenced by several unsuccessful attempts from the literature. Campanelli et al. (ACM CCS 2017) discovered a vulnerability on an existing zkCP proposal based on SNARKs (succinct non-interactive arguments of knowledge) and suggested several repairs. Fuchsbauer (ACM CCS 2019) found a flaw in the mentioned countermeasures. In particular, he showed that witness-indistinguishability (WI) is not sufficient for the zkCP schemes proposed by Campanelli et al. to be secure. In this work, we observe that a slightly stronger notion of WI, that we coin trapdoor subversion WI (tS-WI), rules out Fuchsbauer's attack. We formally define security properties for CP systems and show that, under tS-WI, Campanelli et al.'s proposal indeed satisfies these properties. Additionally, we explore alternative approaches to implement ZK (other than SNARKs) and develop a prototype, using it to demonstrate their potential. Our new ideas result in a protocol to sell ECDSA signatures with contingent payment that can be executed in less than $150$ milliseconds over a LAN network.
{"title":"WI is Almost Enough: Contingent Payment All Over Again","authors":"Ky-Giao C. Nguyen, Miguel Ambrona, Masayuki Abe","doi":"10.1145/3372297.3417888","DOIUrl":"https://doi.org/10.1145/3372297.3417888","url":null,"abstract":"The problem of fair exchange consists of interchanging goods between two parties that do not trust each other. Despite known impossibility results, recent works leverage the block-chain and zero-knowledge proofs to implement zero-knowledge contingent payment (zkCP) systems that make fair exchange of digital goods possible. Implementing these systems in a secure and efficient way is a big challenge, as evidenced by several unsuccessful attempts from the literature. Campanelli et al. (ACM CCS 2017) discovered a vulnerability on an existing zkCP proposal based on SNARKs (succinct non-interactive arguments of knowledge) and suggested several repairs. Fuchsbauer (ACM CCS 2019) found a flaw in the mentioned countermeasures. In particular, he showed that witness-indistinguishability (WI) is not sufficient for the zkCP schemes proposed by Campanelli et al. to be secure. In this work, we observe that a slightly stronger notion of WI, that we coin trapdoor subversion WI (tS-WI), rules out Fuchsbauer's attack. We formally define security properties for CP systems and show that, under tS-WI, Campanelli et al.'s proposal indeed satisfies these properties. Additionally, we explore alternative approaches to implement ZK (other than SNARKs) and develop a prototype, using it to demonstrate their potential. Our new ideas result in a protocol to sell ECDSA signatures with contingent payment that can be executed in less than $150$ milliseconds over a LAN network.","PeriodicalId":20481,"journal":{"name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","volume":"42 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2020-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80876997","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yuan Li, Mingzhe Wang, Chao Zhang, Xingman Chen, Songtao Yang, Y. Liu
Control-flow integrity (CFI) is a promising technique to mitigate control-flow hijacking attacks. In the past decade, dozens of CFI mechanisms have been proposed by researchers. Despite the claims made by themselves, the security promises of these mechanisms have not been carefully evaluated, and thus are questionable. In this paper, we present a solution to measure the gap between the practical security and the claimed theoretical security. First, we propose CScan to precisely measure runtime feasible targets of indirect control transfer (ICT) instructions protected by CFI, by enumerating all potential code addresses and testing whether ICTs are allowed to jump to them. Second, we propose CBench as a sanity check for verifying CFI solutions? effectiveness against typical attacks, by exploiting a comprehensive set of vulnerable programs protected by CFI and verifying the recognized feasible targets. We evaluated 12 most recent open-source CFI mechanisms and discovered 10 flaws in most CFI mechanisms or implementations. For some CFIs, their security policies or protected ICT sets do not match what they claimed. Some CFIs even expand the attack surface (e.g. introducing unintended targets). To facilitate a deeper understanding of CFI, we summarize the flaws into 7 common pitfalls which cover the whole lifetime of CFI mechanisms and reveal issues that affect CFI mechanisms in practical security.
{"title":"Finding Cracks in Shields: On the Security of Control Flow Integrity Mechanisms","authors":"Yuan Li, Mingzhe Wang, Chao Zhang, Xingman Chen, Songtao Yang, Y. Liu","doi":"10.1145/3372297.3417867","DOIUrl":"https://doi.org/10.1145/3372297.3417867","url":null,"abstract":"Control-flow integrity (CFI) is a promising technique to mitigate control-flow hijacking attacks. In the past decade, dozens of CFI mechanisms have been proposed by researchers. Despite the claims made by themselves, the security promises of these mechanisms have not been carefully evaluated, and thus are questionable. In this paper, we present a solution to measure the gap between the practical security and the claimed theoretical security. First, we propose CScan to precisely measure runtime feasible targets of indirect control transfer (ICT) instructions protected by CFI, by enumerating all potential code addresses and testing whether ICTs are allowed to jump to them. Second, we propose CBench as a sanity check for verifying CFI solutions? effectiveness against typical attacks, by exploiting a comprehensive set of vulnerable programs protected by CFI and verifying the recognized feasible targets. We evaluated 12 most recent open-source CFI mechanisms and discovered 10 flaws in most CFI mechanisms or implementations. For some CFIs, their security policies or protected ICT sets do not match what they claimed. Some CFIs even expand the attack surface (e.g. introducing unintended targets). To facilitate a deeper understanding of CFI, we summarize the flaws into 7 common pitfalls which cover the whole lifetime of CFI mechanisms and reveal issues that affect CFI mechanisms in practical security.","PeriodicalId":20481,"journal":{"name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","volume":"42 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2020-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91122795","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Operating system (OS) kernels frequently encounter various errors due to invalid internal states or external inputs. To ensure the security and reliability of OS kernels, developers propose a diverse set of mechanisms to conservatively capture and handle potential errors. Existing research has thus primarily focused on the completeness and adequacy of error handling to not miss the attention. However, we find that handling an error with an over-severe level (e.g., unnecessarily terminating the execution) instead hurts the security and reliability. In this case, the error-handling consequences are even worse than the error it attempts to resolve. We call such a case Exaggerated Error Handling (EEH). The security impacts of EEH bugs vary, including denial-of-service, data losses, broken control-flow integrity, memory leaks, etc. Despite its significance, detecting EEH remains an unexplored topic. In this paper, we first conduct an in-depth study on EEH. Based on the findings of the study, we then propose an approach, EeCatch, to detect EEH bugs in a context-aware manner. EeCatch accurately identifies errors and extracts their contexts (both spatial and temporal), and automatically infers the appropriate severity level for error handling. Using the inferred severity level, EeCatch finally detects EEH bugs in which the used error handling exceeds the inferred severity level. By analyzing the whole Linux kernel, EeCatch reports hundreds of potential EEH bugs that may cause security issues such as crashing the system. After evaluating 104 cases reported by EeCatch, we manually confirmed 64 EEH bugs and submitted patches for all of them. Using our patches, Linux maintainers have fixed 48 reported EEH bugs, confirming the effectiveness of EeCatch. To the best of our knowledge, we are the first to systematically study and detect EEH bugs. We hope the findings could raise the awareness of the critical consequences of EEH bugs to help developers avoid them.
{"title":"Exaggerated Error Handling Hurts! An In-Depth Study and Context-Aware Detection","authors":"Aditya Pakki, Kangjie Lu","doi":"10.1145/3372297.3417256","DOIUrl":"https://doi.org/10.1145/3372297.3417256","url":null,"abstract":"Operating system (OS) kernels frequently encounter various errors due to invalid internal states or external inputs. To ensure the security and reliability of OS kernels, developers propose a diverse set of mechanisms to conservatively capture and handle potential errors. Existing research has thus primarily focused on the completeness and adequacy of error handling to not miss the attention. However, we find that handling an error with an over-severe level (e.g., unnecessarily terminating the execution) instead hurts the security and reliability. In this case, the error-handling consequences are even worse than the error it attempts to resolve. We call such a case Exaggerated Error Handling (EEH). The security impacts of EEH bugs vary, including denial-of-service, data losses, broken control-flow integrity, memory leaks, etc. Despite its significance, detecting EEH remains an unexplored topic. In this paper, we first conduct an in-depth study on EEH. Based on the findings of the study, we then propose an approach, EeCatch, to detect EEH bugs in a context-aware manner. EeCatch accurately identifies errors and extracts their contexts (both spatial and temporal), and automatically infers the appropriate severity level for error handling. Using the inferred severity level, EeCatch finally detects EEH bugs in which the used error handling exceeds the inferred severity level. By analyzing the whole Linux kernel, EeCatch reports hundreds of potential EEH bugs that may cause security issues such as crashing the system. After evaluating 104 cases reported by EeCatch, we manually confirmed 64 EEH bugs and submitted patches for all of them. Using our patches, Linux maintainers have fixed 48 reported EEH bugs, confirming the effectiveness of EeCatch. To the best of our knowledge, we are the first to systematically study and detect EEH bugs. We hope the findings could raise the awareness of the critical consequences of EEH bugs to help developers avoid them.","PeriodicalId":20481,"journal":{"name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","volume":"60 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2020-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90295904","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Session details: Session 6D: Web Security","authors":"Adam Doupé","doi":"10.1145/3432985","DOIUrl":"https://doi.org/10.1145/3432985","url":null,"abstract":"","PeriodicalId":20481,"journal":{"name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","volume":"1991 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2020-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90549675","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Session details: Session 1A: Anonymous Routing and Censorship","authors":"Dave Levin","doi":"10.1145/3432957","DOIUrl":"https://doi.org/10.1145/3432957","url":null,"abstract":"","PeriodicalId":20481,"journal":{"name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","volume":"335 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2020-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76730720","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Martin Henze, L. Bader, Julian Filter, Olav Lamberts, Simon Ofner, D. Velde
Mitigating cybersecurity threats in power distribution grids requires a testbed for cybersecurity, e.g., to evaluate the (physical) impact of cyberattacks, generate datasets, test and validate security approaches, as well as train technical personnel. In this paper, we present a blueprint for such a testbed that relies on network emulation and power flow computation to couple real network applications with a simulated power grid. We discuss the benefits of our approach alongside preliminary results and various use cases for cybersecurity research and training for power distribution grids.
{"title":"Cybersecurity Research and Training for Power Distribution Grids -- A Blueprint","authors":"Martin Henze, L. Bader, Julian Filter, Olav Lamberts, Simon Ofner, D. Velde","doi":"10.1145/3372297.3420016","DOIUrl":"https://doi.org/10.1145/3372297.3420016","url":null,"abstract":"Mitigating cybersecurity threats in power distribution grids requires a testbed for cybersecurity, e.g., to evaluate the (physical) impact of cyberattacks, generate datasets, test and validate security approaches, as well as train technical personnel. In this paper, we present a blueprint for such a testbed that relies on network emulation and power flow computation to couple real network applications with a simulated power grid. We discuss the benefits of our approach alongside preliminary results and various use cases for cybersecurity research and training for power distribution grids.","PeriodicalId":20481,"journal":{"name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","volume":"340 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2020-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76288237","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The rapid growth of Internet of Things (IoT) devices makes it vitally important to understand real-world cybersecurity threats to them. Traditionally, honeypots have been used as decoys to mimic real devices on a network and help researchers/organizations understand the dynamic of threats. A crucial condition for a honeypot to yield useful insights is to let attackers believe they are real systems used by humans and organizations. However, IoT devices pose unique challenges in this respect, due to the large variety of device types and the physical-connectedness nature. In this work, we (1) presented an approach to create a multi-phased multi-faceted honeypot ecosystem, where researchers gradually increase the sophistication of a low-interaction IoT honeypot by observing real-world attackers' behaviors, (2) built a low-interaction honeypot for IoT cameras that allowed researchers to gain a concrete understanding of what attackers were going after on IoT camera devices, and (3) designed a proxy instance, called ProxyPot, that sits between IoT devices and the external network and helps researchers study the IoT devices' inbound/outbound communication. We used PorxyPot as a means to understanding attacks against IoT cameras and increasing the honeypot's sophistication. We deployed honeypots for more than two years. Our preliminary results showed that we were able to attract increasingly sophisticated attack data in each new phase. Moreover, we captured activities that appeared to involve direct human interactions rather than purely automated scripts.
{"title":"A Multi-phased Multi-faceted IoT Honeypot Ecosystem","authors":"Armin Ziaie Tabari, Xinming Ou","doi":"10.1145/3372297.3420023","DOIUrl":"https://doi.org/10.1145/3372297.3420023","url":null,"abstract":"The rapid growth of Internet of Things (IoT) devices makes it vitally important to understand real-world cybersecurity threats to them. Traditionally, honeypots have been used as decoys to mimic real devices on a network and help researchers/organizations understand the dynamic of threats. A crucial condition for a honeypot to yield useful insights is to let attackers believe they are real systems used by humans and organizations. However, IoT devices pose unique challenges in this respect, due to the large variety of device types and the physical-connectedness nature. In this work, we (1) presented an approach to create a multi-phased multi-faceted honeypot ecosystem, where researchers gradually increase the sophistication of a low-interaction IoT honeypot by observing real-world attackers' behaviors, (2) built a low-interaction honeypot for IoT cameras that allowed researchers to gain a concrete understanding of what attackers were going after on IoT camera devices, and (3) designed a proxy instance, called ProxyPot, that sits between IoT devices and the external network and helps researchers study the IoT devices' inbound/outbound communication. We used PorxyPot as a means to understanding attacks against IoT cameras and increasing the honeypot's sophistication. We deployed honeypots for more than two years. Our preliminary results showed that we were able to attract increasingly sophisticated attack data in each new phase. Moreover, we captured activities that appeared to involve direct human interactions rather than purely automated scripts.","PeriodicalId":20481,"journal":{"name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","volume":"271 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2020-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75773106","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Eleftherios Kokoris-Kogias, D. Malkhi, A. Spiegelman
In this paper, we present the first Asynchronous Distributed Key Generation (ADKG) algorithm which is also the first distributed key generation algorithm that can generate cryptographic keys with a dual (f,2f+1)-threshold (where f is the number of faulty parties). As a result, using our ADKG we remove the trusted setup assumption that the most scalable consensus algorithms make. In order to create a DKG with a dual (f,2f+1)- threshold we first answer in the affirmative the open question posed by Cachin et al. [7] on how to create an Asynchronous Verifiable Secret Sharing (AVSS) protocol with a reconstruction threshold of f+1
{"title":"Asynchronous Distributed Key Generation for Computationally-Secure Randomness, Consensus, and Threshold Signatures.","authors":"Eleftherios Kokoris-Kogias, D. Malkhi, A. Spiegelman","doi":"10.1145/3372297.3423364","DOIUrl":"https://doi.org/10.1145/3372297.3423364","url":null,"abstract":"In this paper, we present the first Asynchronous Distributed Key Generation (ADKG) algorithm which is also the first distributed key generation algorithm that can generate cryptographic keys with a dual (f,2f+1)-threshold (where f is the number of faulty parties). As a result, using our ADKG we remove the trusted setup assumption that the most scalable consensus algorithms make. In order to create a DKG with a dual (f,2f+1)- threshold we first answer in the affirmative the open question posed by Cachin et al. [7] on how to create an Asynchronous Verifiable Secret Sharing (AVSS) protocol with a reconstruction threshold of f+1<k łe 2f+1, which is of independent interest. Our High-threshold-AVSS (HAVSS) uses an asymmetric bivariate polynomial to encode the secret. This enables the reconstruction of the secret only if a set of k nodes contribute while allowing an honest node that did not participate in the sharing phase to recover his share with the help of f+1 honest parties. Once we have HAVSS we can use it to bootstrap scalable partially synchronous consensus protocols, but the question on how to get a DKG in asynchrony remains as we need a way to produce common randomness. The solution comes from a novelEventually Perfect Common Coin (EPCC) abstraction that enables the generation of a common coin from n concurrent HAVSS invocations. EPCC's key property is that it is eventually reliable, as it might fail to agree at most f times (even if invoked a polynomial number of times). UsingEPCC we implement anEventually Efficient Asynchronous Binary Agreement (EEABA) which is optimal when the EPCC agrees and protects safety when EPCC fails. Finally, using EEABA we construct the first ADKG which has the same overhead and expected runtime as the best partially-synchronous DKG (O(n4) words, O(f) rounds). As a corollary of our ADKG, we can also create the first Validated Asynchronous Byzantine Agreement (VABA) that does not need a trusted dealer to setup threshold signatures of degree n-f. Our VABA has an overhead of expected O(n2) words and O(1) time per instance, after an initial O(n4) words and O(f) time bootstrap via ADKG.","PeriodicalId":20481,"journal":{"name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","volume":"188 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2020-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73737371","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: