Hassan Jameel Asghar

On the Security of PAS (Predicate-Based Authentication Service)

Recently a new human authentication scheme called PAS (predicate-based authentication service) was proposed, which does not require the assistance of any supplementary device. The main security claim of PAS is to resist passive adversaries who can observe the whole authentication session between the human user and the remote server. In this paper we show that PAS is insecure against both brute force attack and a probabilistic attack. In particular, we show that its security against brute force attack was strongly overestimated. Furthermore, we introduce a probabilistic attack, which can break part of the password even with a very small number of observed authentication sessions. Although the proposed attack cannot completely break the password, it can downgrade the PAS system to a much weaker system similar to common OTP (one-time password) systems.

Mobility independent secret key generation for wearable health-care devices

Security in Wireless Body Area Networks (WBAN) is of major concern as the miniature personal health-care devices need to protect the sensitive health information transmitted in wireless medium. It is essential for these devices to generate the shared secret key used for data encryption periodically. Recent studies have exploited wireless channel characteristics, e.g., received signal strength indicator (RSSI) to derive the shared secret key during random body movement of subject wearing devices. However, in the absence of node mobility, these schemes have very low bit rate capacity, and fail to derive keys with good entropy, which is a big threat for security. In this work, we study the effectiveness of combining dual antennas and frequency diversity for obtaining uncorrelated channel samples to improve entropy of key and bit rate in static channel conditions. We propose a novel mobility independent RSSI based secret key generation protocol -- iARC for WBAN. We conduct an extensive set of experiments in real time environments on sensor platforms used in WBAN to validate the performance of iARC. iARC has 800 bps secrecy capacity and generates 128 bit key in only 160 ms.

A new human identification protocol and coppersmith's baby-step giant-step algorithm

We propose a new protocol providing cryptographically secure authentication to unaided humans against passive adversaries. We also propose a new generic passive attack on human identification protocols. The attack is an application of Coppersmiths baby-step giantstep algorithm on human identification protcols. Under this attack, the achievable security of some of the best candidates for human identification protocols in the literature is further reduced. We show that our protocol preserves similar usability while achieves better security than these protocols. A comprehensive security analysis is provided which suggests parameters guaranteeing desired levels of security.

Cryptanalysis of the convex hull click human identification protocol

Recently, a convex hull-based human identification protocol was proposed by Sobrado and Birget, whose steps can be performed by humans without additional aid. The main part of the protocol involves the user mentally forming a convex hull of secret icons in a set of graphical icons and then clicking randomly within this convex hull. While some rudimentary security issues of this protocol have been discussed, a comprehensive security analysis has been lacking. In this paper, we analyze the security of this convex hull-based protocol. In particular, we show two probabilistic attacks that reveal the user’s secret after the observation of only a handful of authentication sessions. These attacks can be efficiently implemented as their time and space complexities are considerably less than brute force attack. We show that while the first attack can be mitigated through appropriately chosen values of system parameters, the second attack succeeds with a non-negligible probability even with large system parameter values that cross the threshold of usability.

iARC: Secret Key Generation for Resource Constrained Devices by Inducing Artificial Randomness in the Channel

The existing secret key generation schemes for body-worn devices using wireless channel characteristics, e.g., received signal strength indicator (RSSI) are dependent on the node mobility and have very low bit rate. In this work, we propose a novel mobility independent RSSI based secret key generation protocol - iARC, which induces artificial randomness in the channel by employing dual antennas and dynamic frequency hopping effectively.

On the Linearization of Human Identification Protocols: Attacks Based on Linear Algebra, Coding Theory, and Lattices

Human identification protocols are challenge-response protocols that rely on human computational ability to reply to random challenges from the server based on a public function of a shared secret and the challenge to authenticate the human user. One security criterion for a human identification protocol is the number of challenge-response pairs the adversary needs to observe before it can deduce the secret. In order to increase this number, protocol designers have tried to construct protocols that cannot be represented as a system of linear equations or congruences. In this paper, we take a closer look at different ways from algebra, lattices, and coding theory to obtain the secret from a system of linear congruences. We then show two examples of human identification protocols from literature that can be transformed into a system of linear congruences. The resulting attack limits the number of authentication sessions these protocols can be used before secret renewal. Prior to this paper, these protocols had no known upper bound on the number of allowable sessions per secret.

On the Hardness of the Sum of k Mins Problem

The sum of k mins protocol was proposed by Hopper and Blum as a protocol for secure human identification. The goal of the protocol is to let an unaided human securely authenticate to a remote server. The main ingredient of the protocol is the sum of k mins problem. The difficulty of solving this problem determines the security of the protocol. In this paper, we show that the sum of k mins problem is NP-Complete and W[1]-Hard. This latter notion relates to fixed parameter intractability. We also discuss the use of the sum of k mins protocol in resource-constrained devices.

Touch and You’re Trapp(ck)ed: Quantifying the Uniqueness of Touch Gestures for Tracking

Abstract We argue that touch-based gestures on touch-screen devices enable the threat of a form of persistent and ubiquitous tracking which we call touch-based tracking. Touch-based tracking goes beyond the tracking of virtual identities and has the potential for cross-device tracking as well as identifying multiple users using the same device. We demonstrate the likelihood of touch-based tracking by focusing on touch gestures widely used to interact with touch devices such as swipes and taps.. Our objective is to quantify and measure the information carried by touch-based gestures which may lead to tracking users. For this purpose, we develop an information theoretic method that measures the amount of information about users leaked by gestures when modelled as feature vectors. Our methodology allows us to evaluate the information leaked by individual features of gestures, samples of gestures, as well as samples of combinations of gestures. Through our purpose-built app, called TouchTrack, we gather gesture samples from 89 users, and demonstrate that touch gestures contain sufficient information to uniquely identify and track users. Our results show that writing samples (on a touch pad) can reveal 73.7% of information (when measured in bits), and left swipes can reveal up to 68.6% of information. Combining different combinations of gestures results in higher uniqueness, with the combination of keystrokes, swipes and writing revealing up to 98.5% of information about users. We further show that, through our methodology, we can correctly re-identify returning users with a success rate of more than 90%.

On the Intrusiveness of JavaScript on the Web

Various web components and JavaScripts have been used for collecting personal identifiable information resulting in privacy concerns. Although several privacy preserving tools have been proposed to limit online advertising and tracking their use has been limited and mostly limited to tech-savvy audience. In addition to poor and manual filtering-list maintenance and confusing settings, these privacy preserving tools have, arguably, usability and intrusiveness issues. Among others, their brute-force blockage of all JavaScripts on a website, may result in broken functionalities thus effecting users web-experience. In this work, we propose a framework to quantify the intrusiveness of JavaScripts with ultimate objective of measuring the usability of privacy preserving tools. We postulate that intrusive JavaScripts carry distinct characteristics that could be used to differentiate them from functional JavaScripts i.e., scripts that are genuinely used for enhancing the users web experience. We propose a measurement methodology that can automatically separate tracking and privacy intrusive JavaScripts from the functional JavaScripts. Our methodology assumes only partial knowledge of the privacy intrusive JavaScripts.

A Subexponential Construction of Graph Coloring for Multiparty Computation

Abstract We show the first deterministic construction of an unconditionally secure multiparty computation (MPC) protocol in the passive adversarial model over black-box non-Abelian groups which is both optimal (secure against an adversary who possesses any t<n 2