Henry Carter

(sp)iPhone: decoding vibrations from nearby keyboards using mobile phone accelerometers

Mobile phones are increasingly equipped with a range of highly responsive sensors. From cameras and GPS receivers to three-axis accelerometers, applications running on these devices are able to experience rich interactions with their environment. Unfortunately, some applications may be able to use such sensors to monitor their surroundings in unintended ways. In this paper, we demonstrate that an application with access to accelerometer readings on a modern mobile phone can use such information to recover text entered on a nearby keyboard. Note that unlike previous emanation recovery papers, the accelerometers on such devices sample at near the Nyquist rate, making previous techniques unworkable. Our application instead detects and decodes keystrokes by measuring the relative physical position and distance between each vibration. We then match abstracted words against candidate dictionaries and record word recovery rates as high as 80%. In so doing, we demonstrate the potential to recover significant information from the vicinity of a mobile device without gaining access to resources generally considered to be the most likely sources of leakage (e.g., microphone, camera).

CryptoLock (and Drop It): Stopping Ransomware Attacks on User Data

Ransomware is a growing threat that encrypts ausers files and holds the decryption key until a ransom ispaid by the victim. This type of malware is responsible fortens of millions of dollars in extortion annually. Worse still, developing new variants is trivial, facilitating the evasion of manyantivirus and intrusion detection systems. In this work, we presentCryptoDrop, an early-warning detection system that alerts a userduring suspicious file activity. Using a set of behavior indicators, CryptoDrop can halt a process that appears to be tampering witha large amount of the users data. Furthermore, by combininga set of indicators common to ransomware, the system can beparameterized for rapid detection with low false positives. Ourexperimental analysis of CryptoDrop stops ransomware fromexecuting with a median loss of only 10 files (out of nearly5,100 available files). Our results show that careful analysis ofransomware behavior can produce an effective detection systemthat significantly mitigates the amount of victim data loss.

Whitewash: outsourcing garbled circuit generation for mobile devices

Garbled circuits offer a powerful primitive for computation on a users personal data while keeping that data private. Despite recent improvements, constructing and evaluating circuits of any useful size remains expensive on the limited hardware resources of a smartphone, the primary computational device available to most users around the world. In this work, we develop a new technique for securely outsourcing the generation of garbled circuits to a Cloud provider. By outsourcing the circuit generation, we are able to eliminate the most costly operations from the mobile device, including oblivious transfers. Our proofs of security show that this technique provides the best security guarantees of any existing garbled circuit outsourcing protocol. We also experimentally demonstrate that our new protocol, on average, decreases execution time by 75% and reduces network costs by 60% compared to previous outsourcing protocols. In so doing, we demonstrate that the use of garbled circuits on mobile devices can be made nearly as practical as it is becoming for server-class machines.

Frigate: A Validated, Extensible, and Efficient Compiler and Interpreter for Secure Computation

Recent developments in secure computation have led to significant improvementsin efficiency and functionality. These efforts created compilers that form thebackbone of practical secure computation research. Unfortunately, many of theartifacts that are being used to demonstrate new research for secure computationare incomplete, incorrect, or unstable, leading to demonstrably erroneousresults and inefficiencies - extending even to the most recently developedcompiler systems. This is a problem because it hampers research and underminesfeasibility tests when other researchers attempt to use these tools. We addressthese problems and present Frigate, a principled compiler and fast circuitinterpreter for secure computation. To ensure correctness we apply bestpractices for compiler design and development, including the use of standarddata structures, helpful negative results, and structured validation testing. Our systematic validation tests include checks on the internal compiler state, combinations of operators, and edge cases based on widely used techniques anderrors we have observed in other work. This produces a compiler that buildscorrect circuits, is efficient and extensible. Frigate creates circuits withgate counts comparable to previous work, but does so with compile time speedupsas high as 447x compared with the best results from previous work in circuit compilers. By creating avalidated tool, our compiler will allow future secure computationimplementations to be developed quickly and correctly.

For your phone only: custom protocols for efficient secure function evaluation on mobile devices

Mobile applications increasingly require users to surrender private information, such as GPS location or social networking data. To facilitate user privacy when using these applications, secure function evaluation SFE could be used to obliviously compute functions over encrypted inputs. The dominant construction for desktop applications is the Yao garbled circuit, but this technique requires significant processing power and network overhead, making it extremely expensive on resource-constrained mobile devices. In this work, we develop Efficient Mobile Oblivious Computation, a set of SFE protocols customized for the mobile platform. Using partially homomorphic cryptosystems, we develop protocols to meet the needs of two popular application types: location-based and social networking. Using these applications as comparison benchmarks, we demonstrate execution time improvements of 99% and network overhead improvements of 96% over the most optimized garbled circuit techniques. These results show that our protocols provide mobile application developers with a more practical and equally secure alternative to garbled circuits. Copyright

More Guidelines Than Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations

OAuth 2.0 provides an open framework for the authorization of users across the web. While the standard enumerates mandatory security protections for a variety of attacks, many embodiments of this standard allow these protections to be optionally implemented. In this paper, we analyze the extent to which one particularly dangerous vulnerability, Cross Site Request Forgery, exists in real-world deployments. We crawl the Alexa Top 10,000 domains, and conservatively identify that 25i?ź% of websites using OAuth appear vulnerable to CSRF attacks. We then perform an in-depth analysis of four high-profile case studies, which reveal not only weaknesses in sample code provided in SDKs, but also inconsistent implementation of protections among services provided by the same company. From these data points, we argue that protection against known and sometimes subtle security vulnerabilities can not simply be thrust upon developers as an option, but instead must be strongly enforced by Identity Providers before allowing web applications to connect.

Outsourcing Secure Two-Party Computation as a Black Box

Secure multiparty computation (SMC) offers a technique to preserve functionality and data privacy in mobile applications. Current protocols that make this costly cryptographic construction feasible on mobile devices securely outsource the bulk of the computation to a Cloud provider. However, these outsourcing techniques are built on specific secure computation assumptions and tools, and applying new SMC ideas to the outsourced setting requires the protocols to be completely rebuilt and proven secure. In this work, we develop a generic technique for lifting any secure two-party computation protocol into an outsourced two-party SMC protocol. By augmenting the function being evaluated with auxiliary consistency checks, we can create an outsourced protocol with low overhead cost. Our implementation and evaluation show that in the best case, our outsourcing additions execute within the confidence intervals of two servers running the same computation, and incur approximately the same communication cost. In addition, the mobile device itself requires minimal communication exchanged over a single round. This work demonstrates that efficient outsourcing is possible with any underlying SMC scheme, and implements an outsourcing protocol that is efficient and directly applicable to current and future SMC techniques.

OnionDNS: A seizure-resistant top-level Domain

The Domain Name System (DNS) provides the critical service of mapping canonical names to IP addresses. Recognizing this, a number of parties have increasingly attempted to perform “domain seizures” on targets by having them delisted from DNS. Such operations often occur without providing due process to the owners of these domains, a practice made potentially worse by recent legislative proposals. We address this problem by creating OnionDNS, an anonymous top-level domain (TLD) and resolution service for the Internet. Our solution relies on the establishment of a hidden service running DNS within Tor, and uses a variety of mechanisms to enable a high-performance architecture with strong integrity guarantees for resolved records. After discussing the details of our DNS architecture, we present our anonymous domain registrar and detail the protocol for securely transferring the service to another party. We also conduct a performance analysis demonstrating the service is fast with an average request latency between 1 and 2 seconds over Tor. In doing so, we demonstrate that the delisting of domains from DNS can be mitigated in an efficient and secure manner.

Phonion: Practical Protection of Metadata in Telephony Networks

Abstract The majority of people across the globe rely on telephony networks as their primary means of communication. As such, many of the most sensitive personal, corporate and government related communications pass through these systems every day. Unsurprisingly, such connections are subject to a wide range of attacks. Of increasing concern is the use of metadata contained in Call Detail Records (CDRs), which contain source, destination, start time and duration of a call. This information is potentially dangerous as the very act of two parties communicating can reveal significant details about their relationship and put them in the focus of targeted observation or surveillance, which is highly critical especially for journalists and activists. To address this problem, we develop the Phonion architecture to frustrate such attacks by separating call setup functions from call delivery. Specifically, Phonion allows users to preemptively establish call circuits across multiple providers and technologies before dialing into the circuit and does not require constant Internet connectivity. Since no single carrier can determine the ultimate destination of the call, it provides unlinkability for its users and helps them to avoid passive surveillance. We define and discuss a range of adversary classes and analyze why current obfuscation technologies fail to protect users against such metadata attacks. In our extensive evaluation we further analyze advanced anonymity technologies (e.g., VoIP over Tor), which do not preserve our functional requirements for high voice quality in the absence of constant broadband Internet connectivity and compatibility with landline and feature phones. Phonion is the first practical system to provide guarantees of unlinkable communication against a range of practical adversaries in telephony systems.

Outsourcing secure two-party computation as a black box

Secure multiparty computation SMC offers a technique to preserve functionality and data privacy in mobile applications. Current protocols that make this costly cryptographic construction feasible on mobile devices securely outsource the bulk of the computation to a cloud provider. However, these outsourcing techniques are built on specific secure computation assumptions and tools, and applying new SMC ideas to the outsourced setting requires the protocols to be completely rebuilt and proven secure. In this work, we develop a generic technique for lifting any secure two-party computation protocol into an outsourced two-party SMC protocol. By augmenting the function being evaluated with auxiliary consistency checks and input values, we can create an outsourced protocol with low overhead cost. Our implementation and evaluation show that in the best case our outsourcing additions execute within the confidence intervals of two servers running the same computation and consume approximately the same bandwidth. In addition, the mobile device itself uses minimal bandwidth over a single round of communication. This work demonstrates that efficient outsourcing is possible with any underlying SMC scheme and provides an outsourcing protocol that is efficient and directly applicable to current and future SMC techniques. Copyright