Florian Reimair

MoCrySIL - carry your cryptographic keys in your pocket

Todays applications need to share data and workload in heterogeneous device environments. Many of these handle sensitive data and need to make use of cryptography, which induces keys that have to be provisioned, stored and shared securely. Our Cryptographic Service Interoperability Layer (CrySIL) architecture addressed these challenges by storing the key material off-device in a central hardened service that provides cryptographic functions to arbitrary devices via standardised APIs. While CrySIL is typically deployed by a trusted entity utilising hardware-security-modules (HSMs), the setup of this central trusted instance might be too complex or not desired in SME/personal deployment scenarios. Therefore, we present MoCrySIL, an extension to CrySIL that omits the need for a thrusted third party by making use of hardware-backed key-storage facilities available in todays smart phones. We describe the MoCrySIL architectures and present a prototype that performs S/MIME based email encryption/signatures via a PKCS#11 library. We conduct a thorough security/risk analysis, and reflect on functional achievements and shortcomings.

WebCrySIL - Web Cryptographic Service Interoperability Layer

Today’s applications need to work with a heterogeneous collection of platforms. Servers, desktops, mobile devices, and web browsers share data and workload. Many of these applications handle sensitive data or even have security as their core feature. Secure messaging, password storage, encrypted cloud storage applications or alike make use of cryptographic algorithms and protocols. These algorithms and protocols require keys. The keys in turn have to be provisioned, securely stored, and shared between various devices. Unfortunately, handling the keys and the availability of cryptographic APIs evokes non-trivial challenges in current heterogeneous platform environments. Also, the implementation of APIs supporting cryptographic protocols on arbitrary platforms require significant effort, which is a major challenge when new cryptographic protocols become available. Our approach, the Crypto Service Interoperability Layer (CrySIL), enables applications to securely store/use/share key material and supports a wide range of cryptographic protocols and algorithms on heterogeneous platforms. CrySIL complements existing solutions that mitigate the aforementioned problems through central services by allowing for more flexible deployment scenarios. In this work, we explain the motivation of CrySIL, describe its architecture, highlight its deployment in a typical heterogeneous application use case and reflect on achievements and shortcomings.

Secure Data Sharing and Processing in Heterogeneous Clouds

Abstract The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs.

CrySIL: Bringing Crypto to the Modern User

Modern times introduced a highly heterogeneous device landscape. The landscape was populated by distributed applications. These applications are used by modern multi-device users. A modern user wants to create, process, and share potentially sensitive data among her devices. For instance, start a document at the smart phone, continue on the laptop and finish the document on a tablet. A common way to protect sensitive data against disclosure and theft is cryptography. Cryptography, however, requires for all devices in question to be able to perform appropriate operations and protect the subsequent cryptographic primitives against attacks. Unfortunately, different devices have different capabilities when it comes to cryptography. Some have hardware-backed solutions available, some cannot do any cryptography at all. In general, it is hard to provide adequate (and potentially equal) cryptographic methods on every device of the modern landscape – be it rather basic and well-known schemes or new methodologies that are long awaited to stand the challenges of the cloud. In order to tackle the above mentioned status and bring cryptography to the modern multi-device user, we present CrySIL, the Cryptographic Service Interoperability Layer. CrySIL is designed as a flexible and extensible layer between the user and the cryptographic primitive. In a nutshell, CrySIL can use local key storage solutions, offers remote key storage and crypto provider deployments, and features strong authentication methodologies to constrain access to cryptographic primitives. In this work, we explain the motivation of CrySIL, describe its architecture, highlight its deployment in a typical modern use case, and reflect on achievements and shortcomings.

Attribute-Based Encryption Goes X.509

Key authentication as well as an intended recipient not having a key available are, among others, challenges that public key infrastructures (PKIs) still face. Trusted third parties work around these issues. However, identity-based encryption (IBE) systems and later attribute-based encryption (ABE) systems were designed to address these exact challenges. Unfortunately, such schemes became only practicable after public key infrastructures have been picked up by industry. In this work, we present our approach on standing the above mentioned challenges. We propose to utilize recent developments on centralized key storage solutions to bring the features of IBE/ABE systems to PKI-based IT infrastructures. We describe our IBE/ABE emulation approach, present our prototype and give a thorough security evaluation. We found that it is possible to emulate IBE/ABE schemes without compromising security.

Waltzing the Bear, or: A Trusted Virtual Security Module

Cryptographic key material needs to be protected. Currently, this is achieved by either pure software based solutions or by more expensive dedicated hardware security modules. We present a practical architecture to project the security provided by the Trusted Platform Module and Intel Trusted eXecution Technology on a virtual security module. Our approach uses commodity personal computer hardware to offer integrity protection and strong isolation to a security module which implements a compact security API that has been fully verified. Performance results suggest that our approach offers an attractive balance between speed, security and cost.

Leveraging the adoption of electronic identities and electronic-signature solutions in Europe

The concepts of electronic identity (eID) and electronic signature (e-Signature) are crucial enablers of e-government solutions in Europe. The present heterogeneity of national e-government infrastructures in Europe raises serious challenges. The country-specific nature of infrastructure components prevents an easy reuse of country-specific components in other countries. We propose a solution, that facilitates the deployment and integration or third-party components into existing national e-government infrastructures. We demonstrate the feasibility of our proposal by means of a concrete implementation. Evaluation results obtained are promising and show the proposed solutions potential to leverage the adoption of eID and e-Signature solutions in Europe.

Emulating U2F authenticator devices

Password authentication has been made more secure by adding additional factors. Unfortunately, popular two-factor authentication methods are vulnerable to attacks themselves. Therefore, the FIDO alliance proposed Universal Second Factor (U2F), an open standard aiming for unified interfaces, secure protocols, and hardware-backed tokens for authentication. However, U2F requires the user to purchase and constantly carry yet another distinct device. We propose an enhancement to U2F making it more user friendly. First, we enable the use of existing cryptographic devices a user already carries around (e. g. a bank card or her smartphone). Second, we provide increased token mobility by enabling remote authenticator tokens. Our showcases demonstrate logging into a web application as well as logging into Microsofts Windows 10 with a cryptographic smart card via card reader or NFC, Austrias eID, a smartphone, a cloud key service, and a remote U2F token. Our evaluations indicate that our approach is more usable and easier to deploy than stock U2F while it keeps its security features intact. Only a few additional risks are induced by the underlying cryptographic devices. All in all, we believe that our enhancements can push acceptance of U2F even further and thus, make everyone benefit from state-of-the-art authentication.

The Net Rat - Rethinking Connected Services for Increased Security.

Traditional desktop computers have been outranked in terms of usage numbers by mobile devices. Still, many popular mobile-first services rely on workflows designed decades ago for a different environment. When relying on cloud-based services, privacy and data protection issues need to be considered. Mostly, however, one can choose between either well-supported legacy applications or innovative niche solutions. In this paper, we introduce the Net Rat, a framework enabling a seamless transition from existing centralised setups to decentralised state-of-the-art services, increasing security while maintaining backwards compatibility to wellestablished legacy services. We demonstrate the feasibility of our approach with a case study focusing on the decentralisation of the e-mail service—until now, this failed due to missing backward compatibility. A security analysis demonstrates how our approach reaches its goal of protecting user data through decentralisation. The Net Rat is built on a solid foundation as result of a security-first design. The results of this work clearly show the feasibility of decentralising existing services and highlight how well-established services can be improved. Our approach also presents opportunities to develop new services based on a solid foundation.

Cryptographic Service Providers in Current Device Landscapes: An Inconvenient Truth.

Current application and device landscapes became a harsh environment for data security. Multi-device users enjoy the convenience and efficiency of modern distributed applications in a highly heterogeneous device landscape. However, today’s data protection mechanisms fell behind in taking care of some current use cases and application scenarios. We perform a case study and an in-depth security analysis and risk assessment on a simplified set of three different cryptographic service provider types; software, hardware, and remote. Our case study shows that different provider types can change application characteristics considerably. Our security analysis and risk assessment shows how different provider types can influence the security properties of a set of use cases. We found that no one provider can excel for every cryptographic task. Based on these findings we formulate a list of features which we believe are crucial to get the data protection mechanisms up to speed again so that everyone can again benefit from data security even in a world of highly distributed applications and data.