Brecht Wyseur

Remote attestation on legacy operating systems with trusted platform modules

A lot of progress has been made to secure network communication, e.g., through the use of cryptographic algorithms. However, this offers only a partial solution as long as the communicating end points still suffer from security problems. A number of applications require remote verification of software executing on an untrusted platform. Trusted computing solutions propose to solve this problem through software and hardware changes, typically a secure operating system and the addition of a secure coprocessor respectively. On the other hand, timed execution of code checksum calculations aims for a solution on legacy platforms, but can not provide strong security assurance. We present a mixed solution by using the trusted computing hardware, namely the time stamping functionality of the trusted platform module, in combination with a timing based remote code integrity verification mechanism. In this way, we do not require a secure operating system, but at the same time the overall security of the timed execution scheme can be improved.

Cryptanalysis of white-box DES implementations with arbitrary external encodings

At DRM 2002, Chow et al. [4] presented a method for implementing the DES block cipher such that it becomes hard to extract the embedded secret key in a white-box attack context. In such a context, an attacker has full access to the implementation and its execution environment. In order to provide an extra level of security, an implementation shielded with external encodings was introduced by Chow et al. and improved by Link and Neumann [10]. In this paper, we present an algorithm to extract the secret key from such white-box DES implementations. The cryptanalysis is a differential attack on obfuscated rounds, and works regardless of the shielding external encodings that are applied. The cryptanalysis has a average time complexity of 214 and a negligible space complexity.

Cryptanalysis of a Perturbated White-Box AES Implementation

In response to various cryptanalysis results on white-box cryptography, Bringer et al. presented a novel white-box strategy. They propose to extend the round computations of a block cipher with a set of random equations and perturbations, and complicate the analysis by implementing each such round as one system that is obfuscated with annihilating linear input and output encodings. The improved version presented by Bringer et al. implements the AEw/oS, which is an AES version with key-dependent S-boxes (the S-boxes are in fact the secret key). In this paper we present an algebraic analysis to recover equivalent keys from the implementation. We show how the perturbations and system of random equations can be distinguished from the implementation, and how the linear input and output encodings can be eliminated. The result is that we have decomposed the white-box implementation into a much more simple, functionally equivalent implementation and retrieved a set of keys that are equivalent to the original key. Our cryptanalysis has a worst time complexity of 217 and a negligible space complexity.

RE-TRUST: Trustworthy Execution of SW on Remote Untrusted Platforms

A major challenge in software security is preserving software integrity. Traditionally this problem is addressed through the development of software (self-) checking techniques that verify the integrity of its code and execution. Unfortunately no satisfactory solutions for run-time verification of software integrity have been presented. In this paper, we approach the problem of run-time software integrity verification in a networked context. That is, we present techniques to enable remote verification of the execution of software, given the availability of a continuous network connection between the verification entity and the untrusted execution platform.

Security Model for a Shared Multimedia Archive

Broadcasters and production houses are moving toward tape-less digital production environments for generating their multimedia content. Consequently, they are in need of a digital archive to store their new multimedia content. Ideally, this archive is closely integrated into the production environment, and enables its owners to share their content with others. In this paper, investigate the threats, associated with a shared digital multimedia archive and we describe a security model for such an archive In our approach of the model, we try to spread the security measures as wide as possible, such that single points of failure or compromise have a minimal impact on the security of the system.