Skip to main content

2014 | Buch

Network and System Security

8th International Conference, NSS 2014, Xi’an, China, October 15-17, 2014, Proceedings

herausgegeben von: Man Ho Au, Barbara Carminati, C.-C. Jay Kuo

Verlag: Springer International Publishing

Buchreihe : Lecture Notes in Computer Science

insite
SUCHEN

Über dieses Buch

This book constitutes the proceedings of the 8th International Conference on Network and System Security, NSS 2014, held in Xi'an, China, in October 2014. The 35 revised full papers and 12 revised short papers presented were carefully reviewed and selected from 155 initial submissions. The papers are organized in topical sections on cloud computing, access control, network security, security analysis, public key cryptography, system security, privacy-preserving systems and biometrics, and key management and distribution.

Inhaltsverzeichnis

Frontmatter

Cloud Computing

An Approach for the Automated Analysis of Network Access Controls in Cloud Computing Infrastructures

This paper describes an approach for automated security analysis of network access controls in operational Infrastructure as a Service (IaaS) cloud computing environments. Our objective is to provide automated and experimental methods to analyze firewall access control mechanisms aiming at protecting cloud architectures. In order to determine the accessibilities in virtual infrastructure networks and detect unforeseen misconfigurations, we present an approach combining static and dynamic analyses, along with the analysis of discrepancies in the compared results. Our approach is sustained by experiments carried out on a VMware-based cloud platform.

Thibaut Probst, Eric Alata, Mohamed Kaâniche, Vincent Nicomette
Adopting Provenance-Based Access Control in OpenStack Cloud IaaS

Provenance-based Access Control

(PBAC) has recently risen as an effective access control approach that can utilize readily provided history information of underlying systems to enhance various aspects of access control in a computing environment. The adoption of PBAC capabilities to the authorization engine of a multi-tenant cloud Infrastructure-as-a-Service (IaaS) such as OpenStack can enhance the access control capabilities of cloud systems. Toward this purpose, we introduce tenant-awareness to the

PBAC

C

[14] model by capturing tenant as contextual information in the attribute provenance data. Built on this model, we present a cloud service architecture that provides PBAC authorization service and management. We discuss in depth the variations of PBAC authorization deployment architecture within the OpenStack platform and implement a proof-of-concept prototype. We analyze the initial experimental results and discuss approaches for potential improvements.

Dang Nguyen, Jaehong Park, Ravi Sandhu
Identity Privacy-Preserving Public Auditing with Dynamic Group for Secure Mobile Cloud Storage

With mobile cloud storage, mobile users can enjoy the advantages of both mobile networks and cloud storage. However, a major concern of mobile users is how to guarantee the integrity of the remote data. Taking into account the mobility of mobile devices, in this paper, we propose an identity privacy-preserving public auditing protocol in mobile cloud storage for dynamic groups. In our proposal, a dynamic group key agreement is employed for key sharing among mobile users group and the idea of proxy re-signatures is borrowed to update tags efficiently when users in the group vary. In addition, the third party auditor (TPA) is able to verify the correctness of cloud data without the knowledge of mobile users’ identities during the data auditing process. We also analyze the security of the proposed protocol.

Yong Yu, Yi Mu, Jianbing Ni, Jiang Deng, Ke Huang
A Formal Model for Isolation Management in Cloud Infrastructure-as-a-Service

Datacenters for cloud infrastructure-as-a-service (IaaS) consist of a large number of heterogeneous virtual resources, such as virtual machines (VMs) and virtual local area networks (VLANs). It takes a complex process to manage and arrange these virtual resources to build particular computing environments. Misconfiguration of this management process increases possibility of security vulnerability in this system. Moreover, multiplexing virtual resources of disjoint customers upon same physical hardware leads to several security concerns, such as cross-channel and denial-of-service attacks. Trusted Virtual Datacenter (TVDc) is a commerical product which informally presents a process to manage strong isolation among these virtual resources in order to mitigate these issues. In this paper, we formally represent this TVDc management model. We also develop an authorization model for the cloud administrative-user privilege management in this system.

Khalid Zaman Bijon, Ram Krishnan, Ravi Sandhu

Access Control

Extending OpenStack Access Control with Domain Trust

OpenStack has been rapidly established as the most popular open-source platform for cloud Infrastrusture-as-a-Service in this fast moving industry. In response to increasing access control requirements from its users, the OpenStack identity service Keystone has introduced several entities, such as domains and projects in addition to roles, resulting in a rather complex and somewhat obscure authorization model. In this paper, we present a formalized description of the core OpenStack access control (OSAC). We further propose a domain trust extension for OSAC to facilitate secure cross-domain authorization. We have implemented a proof-of-concept prototype of this trust extension based on Keystone. The authorization delay introduced by the domain trusts is 0.7 percent on average in our experiments.

Bo Tang, Ravi Sandhu
Hierarchical Solution for Access Control and Authentication in Software Defined Networks

Software defined network(SDN) one of most popular and influential technique is an emerging network architecture. It has attracted great attention to reform its performance and extend its applications in recent years. Although this new architecture provides all parties with a common programming environment to drive differentiation, almost all studies focus on efficiency and utility. Few efforts have been made to enforce authentications or access control in SDN. In this paper, we propose a hierarchical attribute-based access control scheme by incorporating the hierarchical identity based encryption and cipherpolicy attribute based encryption(CP-ABE) system. Combing the hierarchical structure and the characteristic inherited from CP-ABE, the prosed scheme gains not only scalability, but also flexibility and fine-gained access control. Based on this we then present an authentication protocol for this special architecture to enhance the ability of controllers in SDN for managing the users, devices and data flows flexibly.

He Shuangyu, Liu Jianwei, Mao Jian, Chen Jie
A Limited Proxy Re-encryption with Keyword Search for Data Access Control in Cloud Computing

In this paper, we introduce a new concept of limited proxy re-encryption with keyword search (LPREKS) for fine-grained data access control in cloud computing, which combines the function of limited proxy re-encryption (LPRE) and that of public key encryption with keyword search (PEKS). However, an LPREKS scheme cannot be obtained by directly combining those two schemes since the resulting scheme is no longer proven secure in our security model. Our scheme is proven semantically secure under the modified Bilinear Diffie-Hellman (mBDH) assumption and the

q

-Decisional Bilinear Diffie-Hellman inversion (

q

-DBDHI) assumption in the random oracle model.

Our proposal realizes three desired situations as follows: (1) the proxy cloud server can re-encrypt the delegated data containing some keyword which matches the trapdoor from delegatee, (2) the proxy can only re-encrypt a limited number of delegated data to the delegatee; otherwise, the private key of the proxy will be exposed, and (3) the proxy cloud server learns nothing about the contents of data and keyword.

Zhenhua Chen, Shundong Li, Yimin Guo, Yilei Wang, Yunjie Chu

Network Security

psOBJ: Defending against Traffic Analysis with pseudo-Objects

When visiting a web page, a sequence of request-response transactions will be introduced. On one hand, the browser issues requests for objects in order. On the other hand, the server responses with required object contents. This makes the traffic of a specified web page demonstrate pattern features different from other pages. Traffic analysis techniques can extract these features to identify web pages effectively even if the traffic is encrypted. In this paper, we propose a countermeasure method, psOBJ, to defend against traffic analysis by introducing pseudo-objects in browser-server communications. We compose some object fragments into a constructed object, the pseudo-object, and force the object requests and responses on pseudo-objects. By randomly composing pseudo-objects with different number of object fragments with different sizes, the traffic for a given web page could be variable and exhibits different traffic patterns in different visits. We have implemented a proof of concept prototype and validate the psOBJ countermeasure with some state of the art traffic analysis techniques.

Yi Tang, Piaoping Lin, Zhaokai Luo
Universally Composable Secure TNC Protocol Based on IF-T Binding to TLS

Trusted Network Connect (TNC) requires both user authentication and integrity validation of an endpoint before it connects to the internet or accesses some web service. However, as the user authentication and integrity validation are usually done via independent protocols, TNC is vulnerable to the Man-in-the-Middle (MitM) attack. This paper analyzes TNC which uses keys with Subject Key Attestation Evidence (SKAE) extension to perform user authentication and the IF-T protocol binding to TLS to carry integrity measurement messages in the Universally Composable (UC) framework. Our analysis result shows that TNC using keys with SKAE extension can resist the MitM attack. In this paper, we introduce two primitive ideal functionalities for TNC: an ideal dual-authentication certification functionality which binds messages and both the user and platform identities, and an ideal platform attestation functionality which formalizes the integrity verification of a platform. We prove that the SKAE extension protocol and the basic TCG platform attestation protocol, both of which are defined by TCG specifications, UC-realizes the two primitive functionalities respectively. In the end, we introduce a general ideal TNC functionality and prove that the complete TNC protocol, combining the IF-T binding to TLS which uses keys with SKAE extension for client authentication and the basic TCG platform attestation platform protocol, securely realizes the TNC functionality in the hybrid model.

Shijun Zhao, Qianying Zhang, Yu Qin, Dengguo Feng
Revisiting Node Injection of P2P Botnet

Botnet armed with P2P protocol is especially robust against various attacks used to be very effective against centralized network. It’s especially significant to enhance our understanding of unstructured P2P Botnets which prove to be resilient against various dismantle efforts. Node injection technique is quite effective in enumerating infected hosts from P2P Botnets, but no previous work has investigated the effectiveness of this method in a quantitative manner. In this paper, we propose a peer popularity boosting algorithm to put the popularity of injected peer under control, and a method to tune the node injection rate to achieve better compromise between consumed bandwidth and completeness of node enumeration. Furthermore, we evaluate our methods with varied level of node injections on three live P2P Botnets, the result shows that our method is quite effective in boosting and manipulating injected peer’s popularity. In contrast to other methods without manipulation of injected peer’s magnitude of dispersion in network, our method not only unlock the full potential of node injections, but also could be adapted to measurements of various needs.

Jia Yan, Lingyun Ying, Yi Yang, Purui Su, Qi Li, Hui Kong, Dengguo Feng
On Addressing the Imbalance Problem: A Correlated KNN Approach for Network Traffic Classification

With the arrival of big data era, the Internet traffic is growing exponentially. A wide variety of applications arise on the Internet and traffic classification is introduced to help people manage the massive applications on the Internet for security monitoring and quality of service purposes. A large number of Machine Learning (ML) algorithms are introduced to deal with traffic classification. A significant challenge to the classification performance comes from imbalanced distribution of data in traffic classification system. In this paper, we proposed an Optimised Distance-based Nearest Neighbor (ODNN), which has the capability of improving the classification performance of imbalanced traffic data. We analyzed the proposed ODNN approach and its performance benefit from both theoretical and empirical perspectives. A large number of experiments were implemented on the real-world traffic dataset. The results show that the performance of “small classes” can be improved significantly even only with small number of training data and the performance of “large classes” remains stable.

Di Wu, Xiao Chen, Chao Chen, Jun Zhang, Yang Xiang, Wanlei Zhou

Security Analysis

Exploiting the Hard-Wired Vulnerabilities of Newscast via Connectivity-Splitting Attack

Newscast is a model for information dissemination and membership management in large-scale, agent-based distributed systems. It deploys a simple, peer-to-peer data exchange protocol. The Newscast protocol forms an overlay network and keeps it connected by means of an epidemic algorithm, thus featuring a complex, spatially structured, and dynamically changing environment. It has recently become very popular due to its inherent resilience to node volatility as it exhibits strong self-healing properties. In this paper, we analyze the robustness of the Newscast model when executed in a distributed environment subjected to malicious acts. More precisely, we evaluate the resilience of Newscast against

cheating faults

and demonstrate that even a few naive cheaters are able to defeat the protocol by breaking the network connectivity. Concrete experiments are performed using a framework that implements both the protocol and the cheating model considered in this work.

Jakub Muszyński, Sébastien Varrette, Juan Luis Jiménez Laredo, Pascal Bouvry
A Meet-in-the-Middle Attack on Round-Reduced mCrypton Using the Differential Enumeration Technique

This paper describes a meet-in-the-middle (MITM) attack against the round reduced versions of the block cipher mCrypton-64/96/ 128. We construct a 4-round distinguisher and lower the memory requirement from 2

100

to 2

44

using the differential enumeration technique. Based on the distinguisher, we launch a MITM attack on 7-round mCrypton-64/96/128 with complexities of 2

44

64-bit blocks and 2

57

encryptions. Then we extend the basic attack to 8 rounds for mCrypton-128 by adding some key-bridging techniques. The 8-round attack on mCrypton-128 requires a time complexity 2

100

and a memory complexity 2

44

. Furthermore, we construct a 5-round distinguisher and propose a MITM attack on 9-round mCrypton-128 with a time complexity of 2

115

encryptions and a memory complexity of 2

113

64-bit blocks.

Yonglin Hao, Dongxia Bai, Leibo Li
Improving Impossible Differential Cryptanalysis with Concrete Investigation of Key Scheduling Algorithm and Its Application to LBlock

Impossible differential cryptanalysis has been proved to be one of the most powerful techniques to attack block ciphers. Based on the impossible differential paths, we can usually add several rounds before or after to launch a key recovery attack. Impossible differential cryptanalysis is powerful not only because the number of rounds it can break is very competitive compared to other attacks, but also unlike differential attacks which are statistical attacks in the essential, impossible differential analysis does not require many statistical assumptions. In this paper, we investigate the key recovery attack part of the impossible differential cryptanalysis. We point out that when taking the (non-linear) key scheduling algorithm into consideration, we can further derive the redundancy among the subkeys, and thus can filter the wrong key at a rather early stage. This can help us control the time complexity and increase the number of rounds we can attack. As an application, we analyze recently proposed lightweight block cipher LBlock, and as a result, we can break 23 rounds with complexity 2

77.4

encryptions without using the whole code block, which is by far the best attack against this cipher.

Jiageng Chen, Yuichi Futa, Atsuko Miyaji, Chunhua Su
Cryptanalysis on the Authenticated Cipher Sablier

Sablier is an authenticated cipher submitted by B. Zhang et al to the CAESAR competition, which is composed of the encryption Sablier v1 and the authentication Au. In this work we first present a state recovery attack against the encryption Sablier v1 with time complexity about 2

44

operations and data complexity about 24 of 16-bit key words, which is practical in a small workstation. Based on the above attack, we further deduce a key recovery attack and a forgery attack against Sablier. The results show that Sablier is far from the goal of its security design (80-bits security level).

Xiutao Feng, Fan Zhang
A Stochastic Cyber-Attack Detection Scheme for Stochastic Control Systems Based on Frequency-Domain Transformation Technique

Based on frequency-domain transformation technique, this paper proposes an attack detection scheme for stochastic control systems under stochastic cyber-attacks and disturbances. The focus is on designing an anomaly detector for the stochastic control systems. First, we construct a model of stochastic control system with stochastic cyber-attacks which satisfy the Markovian stochastic process. And we also introduced the stochastic attack models that a control system is possibly exposed to. Next, based on the frequency-domain transformation technique and linear algebra theory, we propose an algebraic detection scheme for a possible stochastic cyber-attack. We transform the detector error dynamic equation into an algebraic equation. By analyzing the rank of the stochastic matrix

$E\left( Q(z_{0})\right) $

in the algebraic equation, residual information is obtained and anomalies in the stochastic system are detected. In addition, sufficient and necessary conditions guaranteeing the detectability of the stochastic cyber-attacks are obtained. The presented detection approach in this paper is simple, straightforward and more ease to implement. Finally, the results are applied to some physical systems that are respectively subject to a stochastic data denial-of-service (DoS) attack and a stochastic data deception attack on the actuator. The simulation results underline that the detection approach is efficient and feasible in practical application.

Yumei Li, Holger Voos, Albert Rosich, Mohamed Darouach
Security Analysis and Improvement of Femtocell Access Control

Recently, femtocell solutions have been attracting increasing attention since coverage for broadband radios can effectively eliminate wireless notspots. Typically, a femtocell is designed for use in a home or small business. In 2009, 3GPP (3rd Generation Partnership Program) announced and published the first femtocell standard. In this paper, we first point out that the user equipment (UE) registration procedure, which defined in 3GPP standard, is vulnerable to the denial-of-service (DoS) attack. Then, we propose a mechanism to defend against this attack. For compatibility, the proposed mechanism utilizes the well-defined control message in the 3GPP standard, and modifies the UE registration procedure as little as possible.

Chien-Ming Chen, Tsu-Yang Wu, Raylin Tso, Mu-En Wu

Public Key Cryptography

Identity Based Threshold Ring Signature from Lattices

In the graded encoding systems that can be used to construct multilinear maps, the graded Computational Deffie-Hellman problem

gGCDHP

problem is assumed to be hard. We present an equivalent problem, called the variant graded Computational Deffie-Hellman problem

vGCDHP

, and make generalization to get the general graded Computational Deffie-Hellman problem

gGCDHP

. Based on the hardness assumption of

gGCDHP

, we construct the first ID-based threshold ring signature scheme from lattices. The scheme is proved in the random oracle model to be existentially unforgeable and signer anonymous.

Baodian Wei, Yusong Du, Huang Zhang, Fangguo Zhang, Haibo Tian, Chongzhi Gao
Identity-Based Transitive Signcryption

Transitive signatures allow a signer to authenticate a graph in such a way that given two signatures on adjacent edges (

i

,

j

) and (

j

,

k

), anyone with public information can compose a signature on edge (

i

,

k

). In all existing transitive signature schemes, to prevent signature exposure, a secure channel is required between the signer and the recipient to transfer the signature. To eliminate this need, in this paper we introduce a new notion called Identity-Based Transitive Signcryption (IBTSC) by integrating transitive signatures and identity-based signcryption. We present formal definitions and a concrete construction of IBTSC. In the random oracle model, we prove that the proposed IBTSC scheme is secure in the proposed models of confidentiality and unforgeability for IBTSC. Our design not only preserves all desirable properties of transitive signatures but also prevents signature exposure in an efficient way.

Shuquan Hou, Xinyi Huang, Li Xu
GO-ABE: Group-Oriented Attribute-Based Encryption

We introduce a new variant of attribute-based encryption called Group-Oriented Attribute-Based Encryption (

GO-ABE

for short). In a

GO-ABE

scheme, each user belongs to a specific group. Users from the same group can pool their attributes and private keys to “match” the decryption policy. That is, if the union of their attributes matches the policy, they can cooperate together to decrypt the ciphertext. But users from different groups cannot make it. We give a security model and an efficient construction of this new notion, with rigorous security and efficiency analysis.

Mengting Li, Xinyi Huang, Joseph K. Liu, Li Xu
Jhanwar-Barua’s Identity-Based Encryption Revisited

In FOCS’07, Boneh, Gentry and Hamburg presented an identity-based encryption (IBE) system (BasicIBE) based on the quadratic residuosity (QR) assumption. A BasicIBE encryption of an

l

-bit message has a short ciphertext of log

2

N

 + 2

l

bits where N is a Blum integer. However, it is not time-efficient due to solving

l

 + 1 equations in the form

$Rx^{2}+Sy^{2}\equiv1\pmod N$

. Jhanwar and Barua presented a variant of BasicIBE in which the encryptor only solves

$2\sqrt{l}$

such equations. The decryptor decrypts the message without solving any such equations. In addition, the decryption key is decreased to only one element in ℤ

N

. However, the ciphertext size increases from a single element to

$2\sqrt{l}$

elements in ℤ

N

. In this paper, we revisit the Jhanwar-Barua (JB) system and review its security. We prove that this system is not IND-ID-CPA secure and present a solution to the security flaw of this system. We also point out a flaw in the security proof of the JB system and propose two different security proofs for the fixed system. We prove that it has the same security as the original BasicIBE system.

Ibrahim Elashry, Yi Mu, Willy Susilo
Lightweight Universally Composable Adaptive Oblivious Transfer

We propose an efficient universally composable (UC) adaptive

k

-out-of-

N

oblivious transfer (

${\sf OT}_{k\times 1}^{N }$

) protocol over composite order bilinear group employing Groth-Sahai proofs, Boneh-Boyen signature and Bresson, Catalano and Pointcheval (BCP) encryption. Our scheme is proven to be UC secure in the presence of malicious adversary in static corruption model under decision Diffie-Hellman (DDH), subgroup decision (SD) and

l

-strong Diffie-Hellman (SDH) assumption. The proposed protocol is lightweight in the sense that it is storage-efficient with low communication and computation overheads as compared to the existing UC secure similar schemes.

Vandana Guleria, Ratna Dutta
Certificate-Based Conditional Proxy Re-Encryption

A proxy re-encryption scheme (PRE) allows a semi-trusted proxy to convert a ciphertext encrypted under one key into an encryption of the same plaintext under another key. In the process of the arithmetic processing, proxy should be able to learn as little information about the plaintext as possible. Conditional proxy re-encryption (CPRE) is a primitive which only those ciphertexts satisfying one condition set by the delegator can be re-encrypted correctly by the proxy. In this paper, we combine the conditional proxy re-encryption with certificate-based encryption and propose a certificate-based conditional proxy re-encryption scheme. The proposed scheme is proved secure against chosen-ciphertext security (CCA) in the random oracle model.

Jiguo Li, Xuexia Zhao, Yichen Zhang
A Secure Obfuscator for Encrypted Blind Signature Functionality

This paper introduces a new obfuscation called obfuscation of encrypted blind signature. Informally, Alice is Signer and Bob is Recipient. Bob needs Alice to sign a message, but he does not want Alice to know what the message is. Furthermore, Bob doesn’t want anyone to know the interactive process. So we present a secure obfuscator for encrypted blind signature which makes the interactions process unintelligible for any third party, while still keeps the original functionality of encrypted blind signature. We use schnorr’s blind signature scheme and linear encryption scheme as blocks to construct a new obfuscator. Moreover, we propose two new security definitions: blindness w.r.t encrypted blind signature (EBS) obfuscator and one-more unforgeability(OMU) w.r.t EBS obfuscator, and prove them under Decisional Linear (DL) assumption and the hardness of discrete logarithm, respectively. We also demonstrate that our obfuscator satisfies the Average-Case Virtual Black-Box Property(ACVBP) w.r.t dependent oracle, it is indistinguishable secure. Our paper expands a new direction for the application of obfuscation.

Xiao Feng, Zheng Yuan
Attribute-Based Signing Right Delegation

Attribute-based signature and proxy signature are both very useful in many real-world applications. In this paper, we combine the special features of both signatures and propose an attribute-based proxy signature scheme, where the original signer, who possesses a set of attributes, can delegate his/her signing right to a designated proxy signer. By verifying the signature, a verifier can be convinced that the signature is generated by the proxy signer who has obtained the delegation from a legitimate signer whose attributes satisfy a predicate. However, the verifier cannot tell from the signature who is the original signer. We provide the formal definition and adversarial models for attribute-based proxy signature, and an efficient scheme that supports threshold predicates.

Weiwei Liu, Yi Mu, Guomin Yang

System Security

Countering Ballot Stuffing and Incorporating Eligibility Verifiability in Helios

Helios is a web-based end-to-end verifiable electronic voting system which has been said to be suitable for low-coercion environments. Although many Internet voting schemes have been proposed in the literature, Helios stands out for its real world relevance. It has been used in a number of elections in university campuses around the world and it has also been used recently by the IACR to elect its board members. It was noted that a dishonest server in Helios can stuff ballots and this seems to limit the claims of end-to-end verifiability of the system. In this work, we investigate how the issue of ballot stuffing can be addressed with minimum change to the current vote casting experience in Helios and we argue formally about the security of our techniques. Our ideas are intuitive and general enough to be applied in the context of other Internet voting scheme and they also address recent attacks exploiting the malleability of ballots in Helios.

Sriramkrishnan Srinivasan, Chris Culnane, James Heather, Steve Schneider, Zhe Xia
iCryptoTracer: Dynamic Analysis on Misuse of Cryptography Functions in iOS Applications

Cryptography is the common means to achieve strong data protection in mobile applications. However, cryptographic misuse is becoming one of the most common issues in development. Attackers usually make use of those flaws in implementation such as non-random key/IV to forge exploits and recover the valuable secrets. For the application developers who may lack knowledge of cryptography, it is urgent to provide an efficient and effective approach to assess whether the application can fulfill the security goal by the use of cryptographic functions. In this work, we design a cryptography diagnosis system

iCryptoTracer

. Combined with static and dynamic analyses, it traces the iOS application’s usage of cryptographic APIs, extracts the trace log and judges whether the application complies with the generic cryptographic rules along with real-world implementation concerns. We test

iCryptoTracer

using real devices with various version of iOS. We diagnose 98 applications from Apple App Store and find that 64 of which contain various degrees of security flaws caused by cryptographic misuse. To provide the proof-of-concept, we launch ethical attacks on two applications respectively. The encrypted secret information can be easily revealed and the encryption keys can also be restored.

Yong Li, Yuanyuan Zhang, Juanru Li, Dawu Gu
Formal Verification of Finite State Transactional Security Policy

Security policy helps to ensure that system always takes the desired input action sequence and works in a proper manner. Formal verification of finite state transactional security policy is necessary to check whether the given policy conforms to the specification. One way to specify finite state transactional security policy is by using a filter automaton. A filter automaton is an action sequence transformer that maps an input action sequence into another, so that the output action sequence obeys the specified policy. A method for verification of finite state transactional security policy enforced by filter automata is being proposed. The observable actions finite security automaton and the observable actions finite truncation automaton are used to verify a finite state transactional security policy.

N. Rajamanickam, R. Nadarajan, Atilla Elçi

Privacy-Preserving Systems and Bio-metrics

Fingerprint Indexing Based on Combination of Novel Minutiae Triplet Features

Fingerprint indexing is a process of pre-filtering the template database before matching. The most common features used for fingerprint indexing are based on minutiae triplets. In this paper, we investigated the indexing performance based on some commonly used features of minutiae triplets and proposed to combine these features with some novel features of minutiae triplets for fingerprint indexing. Experiments on FVC 2000 DB2a and 2002 DB1a show that the proposed indexing method can perform better than state-of-the-art schemes for full fingerprint indexing, meanwhile, experimental results on NIST SD 14 show that the performance is improved significantly after the new features are added to the feature space, and is fairly good even for partial fingerprint indexing.

Wei Zhou, Jiankun Hu, Song Wang, Ian Petersen, Mohammed Bennamoun
Privacy Preserving Biometrics-Based and User Centric Authentication Protocol

We propose a privacy preserving biometrics-based authentication protocol by which users can authenticate to different service providers from their own devices without involving identity providers in the transactions. Authentication is performed through a zero-knowledge proof of knowledge protocol which is based on a cryptographic identity token created using the unique, repeatable and revocable biometric identifier of the user and a secret provided by the user which enables two-factor authentication as well. Our approach for generating biometric identifiers from the user’s biometric image is based on the support vector machine classification technique in conjunction with a mechanism for feature extraction from the biometric image. The paper includes experimental results on a dataset of iris images and a security and privacy analysis of the protocol.

Hasini Gunasinghe, Elisa Bertino
A Dynamic Matching Secret Handshake Scheme without Random Oracles

Secret handshake schemes allow mutually anonymous authentication between members of organizations. In this paper, a new unlinkable secret handshake scheme with dynamic matching is proposed (which is named

USH-DM

). Considering the existence of multiple different groups, the implementation of

USH-DM

achieves dynamic matching between members among completely different groups. In particular,

USH-DM

enhances the privacy of group members, which enables the transcripts of group members to remain unlinkable and untraceable. Without using the random oracle,

USH-DM

is proved secure by assuming the intractability of the decisional bilinear Diffie-Hellman and subgroup decision problems.

Yamin Wen, Zheng Gong
Formal Analysis of DAA-Related APIs in TPM 2.0

Direct Anonymous Attestation (DAA) is a signature scheme that provides a balance between user privacy and authentication in a reasonable way. Various DAA schemes are now supported by the latest TPM 2.0 specification. We propose a general symbolic model for DAA schemes and formalize DAA-related APIs in TPM 2.0 specification in applied pi calculus. We present new symbolic definitions of user-controlled traceability and non-frameability. Then we propose a novel property of DAA called forward anonymity. The application of our definitions is demonstrated by analyzing the implementation of an ECC-based DAA protocol using APIs proposed by the TPM 2.0 specification. Our analysis finds a weakness in an API which leads to attack against forward anonymity. We propose modifications to the API and verify our properties for the modified API.

Li Xi, Dengguo Feng

Key Management and Distribution

eCK Secure Single Round ID-Based Authenticated Key Exchange Protocols with Master Perfect Forward Secrecy

Recently, extended Canetti-Krawczyk (eCK) model for Authenticated Key Exchange (AKE) protocol, proposed by LaMacchia, Lauter and Mityagin, is considered to be one of the stronger security models that covers many attacks on existing models. Unfortunately, it does not capture the very sensitive security barricades, the

Perfect Forward Secrecy

(PFS) and the

Master Perfect Forward Secrecy

(MPFS) in ID-based setting. An ID-based AKE protocol with PFS (resp. MPFS) ensures that the revealing of

static keys

of the parties (resp. the

master secret key

of the private key generator), must not compromise even a single bit of the session keys of the past sessions between the parties. In the current status, to the best of our knowledge, there is no ID-based eCK secure single round AKE protocol with either PFS or MPFS. Proposed here, are the ID-based eCK secure single round AKE protocols with PFS and MPFS in the random oracle model. Towards achieving this goal, we also construct ID-based eCK secure single round AKE protocols, one without Master Forward Secrecy (MFS) and the remaining one with MFS, almost at the same computational cost as the existing efficient ID-based eCK Secure Single Round AKE protocols. All of our protocols are secure under the

Gap Bilinear Diffie-Hellman (GBDH)

problem.

Tapas Pandit, Rana Barua, Somanath Tripathy
Efficient Sub-/Inter-Group Key Distribution for ad hoc Networks

People need to communicate each other in many emerging networks, i.e., in

ad hoc

networks. To ensure the security for group communication, group key management as a fundamental cryptographic primitive has been proposed. Although many proposals with regard to group key managemet have been introduced, they cannot be efficiently applied to realize secure subgroup and intergroup communications. In this paper, we propose two group key distribution schemes providing efficient solutions to these two problems. Our protocols do not require interaction between users. Storage and computation analyses show that our proposals are secure and efficient, compared with existing schemes. Based on those basic schemes, we further present extensions for multipartite groups, by which the efficiency is greatly improved in this scenario.

Bo Qin, Linxiao Wang, Yujue Wang, Qianhong Wu, Wenchang Shi, Bin Liang
A Novel Hybrid Key Revocation Scheme for Wireless Sensor Networks

As sensor nodes are deployed in an open and hostile environment, they are vulnerable to various attacks. It is of critical importance to be able to revoke compromised nodes in order to ensure the confidentiality of data traversing in the network. In this work, we propose a novel key revocation scheme which is a hybrid of centralized and distributed methods. The design of our scheme is based on Chan et al. (2005) but eliminates the requirement of prior knowledge. It mainly consists of a voting procedure among nodes and a global revocation by the base station. We also modify existing distributed revocation properties in Chan et al. (2005)’s protocol and extend them to key revocation properties of any hybrid schemes based on the voting process.

Mengmeng Ge, Kim-Kwang Raymond Choo

Short Papers

Rational Secure Two-party Computation in Social Cloud

Rational parties in secure two-party computation (STPC) are willing to maximize their utilities. However, they have no incentives to cooperate in STPC under correctness and exclusivity assumptions since cooperation will bring them inferior utilities. Consequently, both parties will not participate in STPC. Therefore, new methods must be introduced to make parties cooperate such that they can complete this computation task. In this paper, we redefine utility considering the notion of reputation derived from social cloud to promote cooperation. In social cloud, parties form their reputation when they interact with others. Parties will get a higher utility if they have a higher cooperative reputation. Therefore they have incentives to cooperate. The computation of reputation is completed in the social cloud, which reduce the computation work for parties. Furthermore, we prove that given proper parameters in rational STPC, it is possible to construct an efficient computation protocol, where only one exchanging round in the second stage of the hybrid protocol.

Yilei Wang, Zhe Liu, Tao Li, Qiuliang Xu
How to Evaluate Trust Using MMT

Trust evaluation is becoming a more and more active and critical area mainly for guaranteeing secure interoperation between communicating systems. One of the basic parameters used to evaluate the trust in a remote entity (user or system) is the previous experience, i.e. the interactions already performed between the truster and the trustee. However the monitoring of the trustee behavior and the analysis of the collected data and events are not an easy task. First of all, we need to define relevant patterns that describe the desired behaviors to be monitored and check them using a dedicated tool.

Within this paper, we extended an open source tool (MMT ) to monitor users’ behavior and define behavior patterns using temporal properties. We also design some evaluation strategies and illustrate the whole approach by the application to a real case study related to a collaborative programming project.

Khalifa Toumi, Wissam Mallouli, Edgardo Montes de Oca, César Andrés, Ana Cavalli
A Proposed Approach to Compound File Fragment Identification

One of the biggest challenges in file fragment classification is the low classification rate of compound files known as high entropy files that contain different types of data, such as images and compressed text. It is seen that current methods for file fragment classification may not work for classifying these compound files. In this paper we propose a novel approach based on detecting deflate-encoded data in compound file fragments then decompress that data before applying a machine learning technique for classification. We apply our proposed method to classify Adobe portable document format (PDF) file type. Experiments showed high classification rate for the proposed method.

Khoa Nguyen, Dat Tran, Wanli Ma, Dharmendra Sharma
Geo-Social-RBAC: A Location-Based Socially Aware Access Control Framework

The ubiquity of low-cost GPS-enabled mobile devices and the proliferation of online social networks have enabled the collection of rich geo-social information that includes the whereabouts of the users and their social connections. This information can be used to provide a rich set of access control policies that ensure that resources are utilized securely. Existing literature focuses on providing access control systems that control the access solely based on either the location of the users or their social connections. In this paper, we argue that a number of real-world applications demand an access control model that effectively captures both the geographic as well as the social dimensions of the users in a given location. We propose, Geo-social-RBAC, a new role based access control model that allows the inclusion of geo-social constraints as part of the access control policy. Our model, besides capturing the locations of a user requesting access and her social connections, includes geo-social cardinality constraints that dictate how many people related by a particular social relation need to be present in the required locations at the time of an access. The model also allows specification of geo-social and location trace constraints that may be used to dictate if an access needs to be granted or denied.

Nathalie Baracaldo, Balaji Palanisamy, James Joshi
A New Approach to Executable File Fragment Detection in Network Forensics

Network forensics known as an extended phase of network security plays an essential role in dealing with cybercrime. The performance of a network forensics system heavily depends on the network attack detection solutions. Two main types of network attacks are network level and application level. Current research methods have improved the detection rate but this is still a challenge. We propose a Shannon entropy approach to this study to identify executable file content for anomaly-based network attack detection in network forensics systems. Experimental results show that the proposed approach provides high detection rate.

Khoa Nguyen, Dat Tran, Wanli Ma, Dharmendra Sharma
Tighter Security Bound of MIBS Block Cipher against Differential Attack

Automatically calculating a lower bound of the number of differentially active S-boxes by mixed-integer linear programming (MILP) is a technique proposed by Mouha

et al.

in 2011 and it can significantly reduce the time spent on security evaluation of a cipher and decrease the possibility of human errors in cryptanalysis. In this paper, we apply the MILP method to analyze the security of MIBS, a lightweight block cipher proposed by Izadi

et al.

in 2009. By adding more constraints in the MILP problem, we get tighter lower bounds on the numbers of differentially active S-boxes in MIBS. We show that for MIBS, 18 rounds of iterations are sufficient to resist against single-key differential attack, and 39 rounds are secure against related-key differential cryptanalysis.

Xiaoshuang Ma, Lei Hu, Siwei Sun, Kexin Qiao, Jinyong Shan
A New Multivariate Based Threshold Ring Signature Scheme

In CRYPTO 2011, Sakumoto et al. presented a 3-pass identification protocol whose security is solely based on the MQ problem. This identification protocol was extended to a threshold ring signature scheme by Petzoldt et al. via Fiat-Shamir transformation in AAECC 2013. In this paper, we present a multivariate based Γ-protocol based on Sakumoto et al.’s work, and extend it to a threshold ring signature scheme by applying Γ-transformation (TIFS 2013). Compared with Petzoldt et al.’s work, our scheme reduces signature length and rounds by 21% and 29% respectively to achieve 80-bit security. What’s more, our scheme has higher level provable security, enjoys much better performance on power limited devices, and can be flexible deployed in interactive protocols. To the best of our knowledge, it is the first application of Γ-transformation in post-quantum cryptography.

Jingwan Zhang, Yiming Zhao
Capturing Android Malware Behaviour Using System Flow Graph

This article uses a new data structure namely System Flow Graph (SFG) that offers a compact representation of information dissemination induced by an execution of an application to characterize malicious application behavior and lead some experiments on 4 malware families DroidKungFu1, DroidKungFu2, jSMSHider, BadNews. We show how SFG are relevant to exhibit malware behavior.

Radoniaina Andriatsimandefitra, Valérie Viet Triem Tong
Evaluating Host-Based Anomaly Detection Systems: Application of the Frequency-Based Algorithms to ADFA-LD

ADFA Linux data set (ADFA-LD) is released recently for substituting the existing benchmark data sets in the area of host-based anomaly detection which have lost most of their relevance to modern computer systems. ADFA-LD is composed of thousands of system call traces collected from a contemporary Linux local server, with six types of up-to-date cyber attack involved. Previously, we have conducted a preliminary analysis of ADFA-LD, and shown that the frequency-based algorithms can be realised at a cheaper computational cost in contrast with the short sequence-based algorithms, while achieving an acceptable performance. In this paper, we further exploit the potential of the frequency-based algorithms, in attempts to reduce the dimension of the frequency vectors and identify the optimal distance functions. Two typical frequency-based algorithms, i.e., k-nearest neighbour (kNN) and k-means clustering (kMC), are applied to validate the effectiveness and efficiency.

Miao Xie, Jiankun Hu, Xinghuo Yu, Elizabeth Chang
A New Public Key Encryption with Equality Test

We proposed a new public key encryption scheme with equality test (PKEET), which stands for a public key encryption scheme with comparable ciphertext. The equivalence among ciphertext under PKEET schemes can be verified without decryption. In some PKEET algorithms like Tang’s AoN-PKEET, which is called authorization-based PKEET, the equality test functionality is restricted to some authorized users: only users who own authorities are able to perform equality test functions. For the best of our knowledge, the authorities of all existing authorization-based PKEET schemes are valid for all ciphertext encrypted under the same public key. Accurately, we propose a CBA-PKEET scheme following Tang’s AoN-PKEET scheme, which means a PKEET scheme with ciphertext-binded authorities (CBA). Each ciphertext-binded authority is valid for a specific ciphertext, rather than all ciphertext encrypted under the same public key. Then, we compare the features and efficiency between our CBA-PKEET and some existing authorization-based PKEET schemes. Finally, the security of CBA-PKEET is proved in the random oracle model based on the some hard problems.

Kaibin Huang, Raylin Tso, Yu-Chi Chen, Wangyu Li, Hung-Min Sun
A Probabilistic Algebraic Attack on the Grain Family of Stream Ciphers

In 2005, Hell, Johansson and Meier submitted a stream cipher proposal named Grain v1 to the estream call for stream cipher proposals and it also became one estream finalists in the hardware category. The output function of Grain v1 connects its 160 bits internal state divided equally between an LFSR and an NFSR, using a non-linear filter function in a complex way. Over the last years many cryptanalyst identified several weaknesses in Grain v1. As a result in 2011 the inventors modified Grain v1 and published a new version of Grain named Grain-128a which has a similar structure as Grain v1 but with a 256 bits internal state with an optional authentication is the latest version of Grain family resisting all known attacks on Grain v1. However both these ciphers are quite resistant against the classical algebraic attack due to the rapid growth of the degree of the key-stream equations in subsequent clockings caused by the NFSR. This paper presents a probabilistic algebraic attack on both these Grain versions. The basic idea of our attack is to develop separate probabilistic equations for the LFSR and the NFSR bits from each key-stream equations. Surprisingly it turns out that in case of Grain-128a our proposed equations hold with all most sure probability, which makes the sure retrieval of the LFSR bits. We also outline a technique to reduce the growth of degree of the equations involving the NFSR bits for Grain v1. Further we highlight that the concept of probabilistic algebraic attack as proposed in this paper can be considered as a generic attack strategy against any stream cipher having similar structure of the output function as in case of the Grain family.

Pratish Datta, Dibyendu Roy, Sourav Mukhopadhyay
Multi-domain Direct Anonymous Attestation Scheme from Pairings

In trusted computing, a Trusted Platform Module(TPM) is used to enhance the security of the platform. When the TPM proofs his identity to a remote verifier, the Direct Anonymous Attestation (DAA) method is adopted by the Trusted Computing Group(TCG) to provide anonymous authentication. But the original DAA scheme in TCG specifications can only work well in a single domain, which can not be used in multi domains directly. It is necessary to improve the single domain DAA to be available in multi domains. In this paper, we proposed a multi-domain DAA scheme, which is based on proxy signature and a pairings based DAA method. The proxy signature is used to delegate the trusted relationship and domain authentication, while the pairings based DAA method is used for the computation platform authentication when a trusted platform accessing another domain. Then the DAA authentication protocol is also designed. Finally, the analysis on the protocol are given, the results show that the proposed scheme is secure and effective.

Li Yang, Jianfeng Ma, Wei Wang, Chunjie Cao
Backmatter
Metadaten
Titel
Network and System Security
herausgegeben von
Man Ho Au
Barbara Carminati
C.-C. Jay Kuo
Copyright-Jahr
2014
Verlag
Springer International Publishing
Electronic ISBN
978-3-319-11698-3
Print ISBN
978-3-319-11697-6
DOI
https://doi.org/10.1007/978-3-319-11698-3