Pekka Nikander

DOS-Resistant Authentication with Client Puzzles

Denial of service by server resource exhaustion has become a major security threat in open communications networks. Public-key authentication does not completely protect against the attacks because the authentication protocols often leave ways for an unauthenticated client to consume a servers memory space and computational resources by initiating a large number of protocol runs and inducing the server to perform expensive cryptographic computations. We show how stateless authentication protocols and the client puzzles of Juels and Brainard can be used to prevent such attacks.

Towards Network Denial of Service Resistant Protocols

Networked and distributed systems have introduced a new significant threat to the availability of data and services: network denial of service attacks. A well known example is the TCP SYN flooding. In general, any statefull handshake protocol is vulnerable to similar attacks. This paper examines the network denial of service in detail and surveys and compares different approaches towards preventing the attacks. As a conclusion, a number of protocol design principles are identified essential in designing network denial of service resistant protocols, and examples provided on applying the principles.

Users and Trust in Cyberspace

I did my PhD in decentralised authorisation, but I guess now I’m jumping right through the rat hole of this conference by speaking about trust. I’m trying to look at trust from a psychological point of view, not so much from the technical point of view, and trying to point out some of the observations that have been made about how users perceive trust in cyberspace. I am presenting work that I am doing with one of my PhD students, Kristiina Karvonen. She is doing research on what trust is from the user’s point of view in the Web, but I am more interested in how we could generalise these issues to uses of computer communications other than the Web, and how we could possibly make computers understand trust in some limited sense. First I am going to speak a little bit about our motivations, then try and define what wemean with the word trust (and I hope it is an acceptable definition even though it’s a limited one), and then I’m going to tread on thin ice and try to contemplate whether we could make computers understand trust in this limited sense. It seems to be a fact that the Web is getting everywhere and, at least in Finland, everybody these days has to have a cellular telephone. Teenagers are the most active cell phone user group in Finland, sending short messages to each other all the time, and some schools have banned cell phones altogether. Even primary school kids have cell phones, and this has a number of privacy concerns that make me think really hard. How could I change the world so that when my daughter comes to the age that she wants to have a cell phone that the operator doesn’t get all the information about her habits and friendships and so on? And in the more distant future it seems to be that these kind of devices will get integrated into our clothing and jewellery and maybe some people will turn into cyborgs! Now when we are starting to look at security concepts from that point of view, instead of an organisational point of view, so we are speaking about protecting the personal data and privacy in this kind of connected world, then we get quite a different view to what is trust, and whom should we trust, and whom have we to trust. That’s what we are trying to address. From this point of view it seems that when we are speaking about trust, it’s first that trust implies lack of knowledge; so trust is a special kind of belief meaning that when we make a trust decision, when we decide to believe, it has quite a heavy emotional load from the psychological point of view. We make a commitment in trusting and we make ourselves more vulnerable when we decide to trust something or somebody. So we made ourselves dependent and when we are speaking about computers it seems that trust implies that we made a decision that our attitudes or perception towards the computer system is that we decide

Exploring the Pub/Sub Routing & Forwarding Space

We envision an information-centric future Internet where the network is built around named pieces of data instead of explicitly addressable hosts. One clear way of implementing information-centric networking is using publish and subscribe (pub/sub) operations instead of the send and receive primitives. Internet-like pub/sub networking requires completely different routing protocols and forwarding mechanisms compared to those that are extensively used today. Consequently, we are facing a clean-slate design exercise, where we should start our adventure by exploring the new design space. We identify four key metrics (signalling overhead, state in nodes, information in packets and routing stretch) to help us evaluating the different proposals. We present a general five-step approach for routing in pub/sub networks. The presented approach is recursive, so it can be repeated as many times as necessary until we reach manageable sized problem instances. The final part of the mechanism is to glue together the created and assigned forwarding structures to the publication to ensure that all interested subscribers at any domains in the network will get the requested data.

Applying host identity protocol to tactical networks

We describe the current status of the host identity protocol and discuss how it could be applied to tactical networks, including mobile ad hoc networks. The host identity protocol (HIP) is a protocol proposal at the IETF for separating the end-point identifier and locator nature of IP addresses. It introduces a new name space, consisting of public cryptographic keys, and uses these keys to identify hosts. All applications deal with the public keys instead of IP addresses; with a backward compatibility layer, most current applications continue to work unchanged. A new layer in the kernel dynamically maps the public keys in outgoing packets into IP addresses, and vice versa for incoming packets.

Policy and Trust in Open Multi-Operator Networks

In the future telecommunications network, more and more services are based on open protocols and architectures. In such an environment, there is a clear need for controlling the access of users and other operators to the network services. If the network is based on internetworked facilities, traditional address based access control may not be sufficient due to the possibility of address spoofing attacks. Thus, the usage of strong cryptography is often the only possibility for providing authenticity and integrity. However, in such a setting both key management and trust management become challenging problems.

Decentralized authorization with ECDSA on a Java smart card

Traditionally, smart cards have been used as secure tokens in identity based access control. That is, a smart card has been used as an intelligent storage of protected cryptographic information, such as a shared secret or a private key in a public key system. The cryptographic information is then used to prove the possession of the card in a secure way either locally or remotely over telecommunication links. In this paper we present a basis for another type of use for smart cards, where smart cards are not used as identification tokens but as authorization tokens. Our approach is based on SPKI-like authorization certificates along with ECDSA based public key cryptography. The ECDSA algorithms provide us the benefits of smaller key sizes, potentially better running times in software-only implementations, and the possibility to create new key pairs on the card in a reasonable time. The latter feature can be used, as we show, to provide additional protection to the user in the form of enhanced privacy. Our current prototype implementation uses the Java Card specification, and we also compare our card implementation with an earlier ECDSA implementation written for a workstation environment.