John Solis

Loud and Clear: Human-Verifiable Authentication Based on Audio

Secure pairing of electronic devices that lack any previous association is a challenging problem which has been considered in many contexts and in various flavors. In this paper, we investigate the use of audio for human-assisted authentication of previously un-associated devices. We develop and evaluate a system we call Loud-and-Clear (L&C) which places very little demand on the human user. L&C involves the use of a text-to-speech (TTS) engine for vocalizing a robust-sounding and syntactically-correct (English-like) sentence derived from the hash of a device’s public key. By coupling vocalization on one device with the display of the same information on another device, we demonstrate that L&C is suitable for secure device pairing (e.g., key exchange) and similar tasks. We also describe several common use cases, provide some performance data for our prototype implementation and discuss the security properties of L&C.

Using audio in secure device pairing

Secure pairing of electronic devices is an important issue that must be addressed in many contexts. In the absence of prior security context, the need to involve the user in the pairing process is a prominent challenge. In this paper, we investigate the use of the audio channel for human-assisted device pairing. First we assume a common (insecure) wireless channel between devices. We then obviate the assumption of a pre-existing common channel with a single-channel device pairing approach only based on audio. Both approaches are applicable to a wide range of devices and place light burden on the user.

Leveraging Social Contacts for Message Confidentiality in Delay Tolerant Networks

Delay- and disruption-tolerant networks (DTNs) can bring much-needed connectivity to rural areas and other settings with limited or non-existing infrastructures. High node mobility and infrequent connectivity inherent to DTNs make it challenging to implement simple and traditional security services, e.g., message integrity and confidentiality.In this paper, we focus on the problem of initial secure context establishment in DTNs. Concretely, we design a scheme that allows users to leverage social contact information to exchange confidential and authentic messages. We then evaluate the proposed scheme by analyzing real-world social network data, simulating communication scenarios, and through an informal security analysis.

A Theoretical Analysis: Physical Unclonable Functions and the Software Protection Problem

Physical Unclonable Functions (PUFs) or Physical One Way Functions (P-OWFs) are physical systems whose responses to input stimuli are easy to measure but hard to clone. The unclonability property is due to the accepted hardness of replicating the multitude of uncontrollable manufacturing characteristics and makes PUFs useful in solving problems such as device authentication, software protection and licensing, and certified execution. In this paper, we investigate the effectiveness of PUFs for software protection in hostile offline settings. We show that traditional non-computational (black-box) PUFs cannot solve the software protection problem in this context. We provide two real-world adversary models (weak and strong variants) and security definitions for each. We propose schemes secure against the weak adversary and show that no scheme is secure against a strong adversary without the use of trusted hardware. Finally, we present a protection scheme secure against strong adversaries based on trusted hardware.

Privacy-preserving revocation checking

Digital certificates signed by trusted certification authorities (CAs) are used for multiple purposes, most commonly for secure binding of public keys to names and other attributes of their owners. Although a certificate usually includes an expiration time, it is not uncommon that a certificate needs to be revoked prematurely. For this reason, whenever a client (user or program) needs to assert the validity of another party’s certificate, it performs a certificate revocation check. There are several revocation techniques varying in both the operational model and underlying data structures. One common feature is that a client typically contacts some third party (whether trusted, untrusted or semi-trusted) and obtains some evidence of either revocation or validity (non-revocation) for the certificate in question. While useful, revocation checking can leak sensitive information. In particular, third parties of dubious trustworthiness can discover the identity of the party performing the revocation check, as well as the target of the check. The former can be easily remedied with techniques such as onion routing or anonymous web browsing. Whereas, hiding the target of the query is not obvious. This paper focuses on the privacy in revocation checking, explores the loss of privacy in current revocation checking techniques and proposes simple and efficient privacy-preserving techniques for two well-known revocation methods.

Poster: making the case for intrinsic personal physical unclonable functions (IP-PUFs)

Physical Unclonable Functions (PUFs) are physical systems whose responses to input stimuli (i.e., challenges) are easy to measure but difficult to clone. The unclonability property is due to the accepted hardness of replicating the multitude of uncontrollable manufacturing characteristics and makes PUFs useful in solving problems such as authentication, software protection/licensing, and certified execution. In this abstract, we claim that any multi-core computer is usable as a timing-PUF and can be measured via simple benchmarking tools (i.e., no specialized hardware required). We investigate several characterstics of standard off-the-shelf computers and present initial experimental results justifying our claim. Additionally, we argue that PUFs which are intrinsically involved in computations over sensitive data are preferable to peripheral device PUFs -- especially for intellectual property protection and continuous device authentication.

On Source Code Transformations for Steganographic Applications

The amount of publicly available source code on the Internet makes it attractive as a potential message carrier for steganographic applications. Unfortunately, it is often overlooked since embedding information in an undetectable way is challenging. We investigate term rewriting as a method for embedding messages into programs via transformations on source code. We elaborate on several possible transformation strategies and discuss how they might be applied in a steganographic setting. We continue with a discussion on (a) the implications and trade-offs of preserving semantic properties, (b) the relationship between messages and transformations, and (c) how to incorporate existing natural language processing techniques. The goal of this work is to elicit constructive feedback and present ideas that stimulate future work.

Best-effort authentication for opportunistic networks

A “best-effort” authentication method, which is easier to attack than generic authentication methods (but requires fewer computations for benign nodes), may be sufficient for certain networking scenarios. We illustrate this point by examining the case of fragment authentication by intermediaries in an opportunistic network. We describe mechanisms for implementing best-effort authentication, with the caveat that an authentication strength sufficient in one scenario may be unfit for another.