Tag Archives: Security

11/10/2017 – Talk by Stefano Calzavara

Title: CCSP: Controlled relaxation of content security policies by runtime policy composition
Time: 12:00 (noon)
Location: ACADIA Lab., Ed. Zeta
Type: Research Result
Speaker: Stefano Calzavara
Abstract: Content Security Policy (CSP) is a W3C standard designed to prevent and mitigate the impact of content injection vulnerabilities on websites by means of browser-enforced security policies. Though CSP is gaining a lot of popularity in the wild, previous research questioned one of its key design choices, namely the use of static white-lists to define legitimate content inclusions. In this talk we present Compositional CSP (CCSP), an extension of CSP based on runtime policy composition. CCSP is designed to overcome the limitations arising from the use of static white-lists, while avoiding a major overhaul of CSP and the logic underlying policy writing. We perform an extensive evaluation of the design of CCSP by focusing on the general security guarantees it provides, its backward compatibility and its deployment cost. We then assess the potential impact of CCSP on the web and we implement a prototype of our proposal, which we test on major websites. In the end, we conclude that the deployment of CCSP can be done with limited efforts and would lead to significant benefits for the large majority of the websites.

CISPA – Meeting 10/10/2017, 10:30

CISPA SEMINARS

When: Tuesday 10 October, at 10:30 in the morning
Where: Università Ca’ Foscari, Via Torino, 155 – 30170 Venezia Mestre Sala Conferenze del campus scientifico

First seminar:
Speaker: Dr. Giancarlo Pellegrino, Research Group Leader at CISPA
Title: Automated Vulnerability Analysis for Modern Application Software
Abstract:The complexity and pervasiveness of application software are growing rapidly. Nowadays, application software encompasses multiple devices, e.g., mobile and IoT,  and web services to perform operations ranging from online shopping and managing household appliances to controlling manufacturing processes. Like any other programs, application software has vulnerabilities that, when exploited,  can be used for financial fraud, stealing confidential data, and industrial espionage. Unfortunately, existing automated vulnerability analysis techniques are inadequate to tackle the complexity reached by these programs, thus leaving them exposed to attackers. My main research topic intends to stop this emerging trend and lay the foundation for the next-generation automated vulnerability analysis techniques. This talk focuses on the detection power and attack surface coverage challenges and presents two recent advances in the field. The first part of the talk presents Deemon, a tool that combines dynamic analysis and property graphs to mine Cross-Site Request Forgery, a long-neglected severe vulnerability. The second part of the talk presents jAEk, a new generation web application crawler that uses JavaScript dynamic analysis to increase the covered attack surface of web applications by 80%.
Short bio: Giancarlo Pellegrino is currently a research group leader at CISPA. His main research interests include all aspects of application security especially web security and automated vulnerability analysis. He has been selected for the CISPA-Stanford Center for Cybersecurity, and he will be soon appointed to a visiting assistant professor at Stanford University. Prior to that, Giancarlo was a postdoctoral researcher at CISPA and TU Darmstadt, Germany. During his doctoral stud- ies, Giancarlo was a member of the S3 group at EURECOM, in France, under the supervision of Prof. Davide Balzarotti. Until August 2013, he was a researcher associate in the “Security and Trust” research group at SAP SE.
Contact: gpellegrino@cispa.saarland

Second seminar:

Speaker: Sandra Strohbach, Dr. Giancarlo Pellegrino
Title: CISPA – One of Europe’s leading research sites of IT security
Abstract: The public presentation offers an overview of the Center for IT security, Privacy, and Accountability – CISPA located on the Saarland Informatics Campus in Saarbrücken, Germany. Founded in 2011, CISPA has become an important address of IT security and privacy.
You can learn more about the different research areas, excellent education programmes, and career opportunities. The examples of current research projects provide an insight into our daily work.
Short bio:  After her studies in translation science, Sandra Strohbach did her PhD in applied linguistics at Saarland University. At the same time, she worked as research assistant and lecturer in the department of Romanic languages. Since 2010, Sandra Strohbach has worked in the field of science management. She is an expert in the field of funding programmes and international cooperation as well as strategic development. She joined CISPA in 2017 and coordinates na- tional and international projects, among them the CISPA-Stanford Center for Cybersecurity.

Contact: strohbach@cispa.saarland

 

CISPA MEETING

One of Europe’s leading research sites for IT security

When: Tuesday 10 October, at 12.30 in the afternoon
Where: Università Ca’ Foscari, Via Torino, 155 – 30170 Venezia Mestre Sala Conferenze del campus scientifico

What to expect:

  • Insight into the CISPA goals
  • High Level Study courses and exchange programmes
  • Excellent Research environment
  • Various job opportunities for qualified individuals

 

 

19/07/2017 – Talks by Mauro Tempesta, Francesco Palmarini, Heider Wahsheh, Marco Squarcina

The program of the day will be:

11.00 Mauro Tempesta
11.20 Francesco Palmarini
11.40 Heider Wahsheh
14.00 Marco Squarcina

Titles and abstracts follow:

Title: Run-time Attack Detection in Cryptographic APIs
Speaker: Marco Squarcina
Abstract:
Cryptographic APIs are often vulnerable to attacks that compromise
sensitive cryptographic keys. In the literature we find many proposals
for preventing or mitigating such attacks but they typically require to
modify the API or to configure it in a way that might break existing
applications. This makes it hard to adopt such proposals, especially
because security APIs are often used in highly sensitive settings, such
as financial and critical infrastructures, where systems are rarely
modified and legacy applications are very common. In this talk we
propose a different approach. We introduce an effective method to
monitor existing cryptographic systems in order to detect, and possibly
prevent, the leakage of sensitive cryptographic keys. The method
collects logs for various devices and cryptographic services and is able
to detect, offline, any leakage of sensitive keys, under the assumption
that a key fingerprint is provided for each sensitive key. We define key
security formally and we prove that the method is sound, complete and
efficient. We also show that without key fingerprinting completeness is
lost, i.e., some attacks cannot be detected. We discuss possible
practical implementations and we develop a proof-of-concept log analysis
tool for PKCS#11 that is able to detect, on a significant fragment of
the API, all key-management attacks from the literature.

14/07/2017 – Talk by Matus Namec

Title: Measuring Popularity of Cryptographic Libraries in Internet-Wide Scans Fingerprinting
Time: 11:00
Location: Skype call
Type: Research Result
Speaker: Matus Nemec
Abstract:
We measure the popularity of cryptographic libraries in large datasets of RSA public keys. We do so by improving a recently proposed method based on biases introduced by alternative implementations of prime selection in different cryptographic libraries. We extend the previous work by applying statistical inference to approximate a share of libraries matching an observed distribution of RSA keys in an inspected dataset (e.g., Internet-wide scan of TLS handshakes). The sensitivity of our method is sufficient to detect transient events such as a periodic insertion of keys from a specific library into Certificate Transparency logs and inconsistencies in archived datasets.

We apply the method on keys from multiple Internet-wide scans collected in years 2010 through 2017, on Certificate Transparency logs and on separate datasets for PGP keys and SSH keys. The results quantify a strong dominance of OpenSSL with more than 84% TLS keys for Alexa 1M domains, steadily increasing since the first measurement. OpenSSL is even more popular for GitHub client-side SSH keys, with a share larger than 96%. Surprisingly, new certificates inserted in Certificate Transparency logs on certain days contain more than 20% keys most likely originating from Java libraries, while TLS scans contain less than 5% of such keys.

Since the ground truth is not known, we compared our measurements with other estimates and simulated different scenarios to evaluate the accuracy of our method. To our best knowledge, this is the first accurate measurement of the popularity of cryptographic libraries not based on proxy information like web server fingerprinting, but directly on the number of observed unique keys.

30/11/2016 – Talk by Moreno Ambrosin (University of Padova)

Title: Secure and Scalable Services for the Internet of Things, and Past and Ongoing Effort in the Security of Software-Defined Networking
Time: 13:00
Location: Meeting room, Building Zeta
Type: Research Result
Speaker: Moreno Ambrosin
Abstract:
In recent years, the advent of Internet of Things (IoT) is populating the world with billions of low cost heterogeneous interconnected devices. IoT devices are quickly penetrating in many aspects of our daily lives, and enabling new innovative services, ranging from fitness tracking, to factory automation. Unfortunately, their wide use, as well as their low-cost nature, make IoT devices also an attractive target for attackers, which may exploit them to perform DoS attacks, or violate the privacy of end users. Furthermore, the potentially very large scale of IoT systems makes the use of existing security solutions unfeasible.
In this talk I will give an overview of our research effort in defining secure and scalable protocols and mechanisms for IoT services, and in particular for: (1) efficient and secure device management at large scale (commands and software distribution, and device sanity check); and (2) privacy-preservation in three representative IoT-enabled services and tasks: location-based services, advanced metering infrastructures, and decentralized consensus in a multi-agent systems. Finally, in the last part of this talk I will briefly introduce past, and ongoing research work of our group in Software-Defined Networking security.

05/10/2016 – Talk by Stefano Calzavara

Title: Theory and Practice of CSP
Time: 13:00
Location: Meeting room, Building Zeta
Type: Research Result
Speaker: Stefano Calzavara
Abstract:Content Security Policy (CSP) is a recent W3C standard introduced to prevent and mitigate the impact of content injection vulnerabilities on websites. In this talk we present a systematic, large-scale analysis of the effectiveness of the current CSP deployment, focusing on four key aspects: browser support, website adoption, correct configuration and constant maintenance. Our analysis shows that browser support for CSP is largely satisfactory, with the exception of few notable issues, but unfortunately there are several shortcomings relative to the other three aspects. CSP appears to have a rather limited deployment as yet and, more crucially, existing policies exhibit a number of weaknesses and misconfiguration errors. Moreover, content security policies are not regularly updated to ban insecure practices and remove unintended security violations. We finally discuss how formal methods are an effective tool to substantiate the claims of our empirical evaluation.

28/10/2016 – Talk by Matteo Maffei

Title: Security and Privacy for Cloud Storage
Time: 13:00
Location: Meeting room
Type: Research Result
Speaker: Matteo Maffei (Saarland University)
Abstract: Cloud storage has rapidly become a cornerstone of many IT infrastructures, constituting a seamless solution for the backup, synchronization, and sharing of large amounts of data. Putting user data in the direct control of cloud service providers, however, raises security and privacy concerns related to the integrity of outsourced data, the accidental or intentional leakage of sensitive information, the profiling of user activities and so on. Furthermore, even if the cloud provider is trusted, users having access to outsourced files might be malicious and misbehave. These concerns are particularly serious in sensitive applications like personal health records and credit score systems.
To tackle this problem, we present GORAM, a cryptographic system that protects the secrecy and integrity of outsourced data with respect to both an untrusted server and malicious clients, guarantees the anonymity and unlinkability of accesses to such data, and allows the data owner to share outsourced data with other clients, selectively granting them read and write permissions. GORAM is the first system to achieve such a wide range of security and privacy properties for outsourced storage. In the process of designing an efficient construction, we developed two new, generally applicable cryptographic schemes, namely, batched zero-knowledge proofs of shuffle and an accountability technique based on chameleon signatures, which we consider of independent interest. We implemented GORAM in Amazon Elastic Compute Cloud (EC2) and ran a performance evaluation demonstrating the scalability and efficiency of our construction.

15/09/2016 – Talk by Matus Nemec

Title: The Million-Key Question – Investigating the Origins of RSA Public Keys
Time: 10:45
Location: Meeting room
Type: Research Result
Speaker: Matus Nemec
Abstract: Can bits of an RSA public key leak information about design and implementation choices such as the prime generation algorithm? We analysed over 60 million freshly generated key pairs from 22 open- and closed source libraries and from 16 different smartcards, revealing significant leakage. The bias introduced by different choices is sufficiently large to classify a probable library or smartcard with high accuracy based only on the values of public keys. Such a classification can be used to decrease the anonymity set of users of anonymous mailers or operators of linked Tor hidden services, to quickly detect keys from the same vulnerable library or to verify a claim of use of secure hardware by a remote party.

Our broad inspection provides a sanity check and deep insight regarding which of the recommendations for RSA key pair generation are followed in practice, including closed-source libraries and smartcards. The classification of the key origins of more than 10 million RSA-based IPv4 TLS keys and 1.4 million PGP keys also provides an independent estimation of the libraries that are most commonly used to generate the keys found on the Internet.

Talk based on: https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/svenda

Title: EACirc – Advancing cryptanalytic methods through evolutionary computing
Time: 11:30
Location: Meeting room
Type: Research Result
Speaker: Matus Nemec
Abstract:Cryptographic algorithms (primitives and protocols) always have to go through elaborate testing by skilled experts to assert their overall security. The history carries many examples of serious flaws in cryptographic algorithms that rise concerns about the design and strength of the primitives.

Some automation is possible in the first phases of a cryptanalysis, e.g., by using randomness testing suites. These tools can be applied to check statistical properties of cryptographic algorithm output, to look for a deviation from randomness. Such a defect signalizes a potential flaw in the algorithm design. Yet such testing suites are limited only to predefined pattern testing for certain statistical defects, therefore others will go unnoticed.

We propose a more open approach based on an automatically generated distinguisher in the form of a multiple-output logic function (MOLF) designed by evolutionary algorithms to search for undesired statistical anomalies in the algorithm output. With contrast to the fixed sets of tests, our approach builds a distinguisher automatically, on-the-fly and adaptively to the evaluated algorithm output. This opens up new possibilities for discovering potential weaknesses that remained hidden from statistical tests and even cryptanalyst sights.

15/09/2016 – Talk by Francesco Palmarini

Title: APDU-level attacks in PKCS#11 devices
Time: 10:00
Location: Meeting room
Type: Research Result
Speaker: Francesco Palmarini
Abstract: We describe attacks on PKCS#11 devices that we successfully mounted by interacting with the low-level APDU protocol, used to communicate with the device. They exploit proprietary implementation weaknesses which allow attackers to bypass the security enforced at the PKCS#11 level. Some of the attacks leak, as cleartext, sensitive cryptographic keys in devices that were previously considered secure. We present a new threat model for the PKCS#11 middleware and we discuss the new attacks with respect to various attackers and application configurations. All the attacks presented in this paper have been timely reported to manufacturers following a responsible disclosure process

Note: The work will presented at the 19th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2016) next week.

27/07/2016 – Talk by Enrico Steffinlongo

Title:  Efficent Static Detection of Collusion Attacks in ARBAC-based Workflow Systems
Time: 14:45
Location: Acadia Lab
Type: Research Result
Speaker: Enrico Steffinlongo
Abstract:
Authorization in workflow systems is usually built on top of role-based access control (RBAC); security policies on workflows are then expressed as constraints on the users performing a set of tasks and the roles assigned to them. Unfor-tunately, when role administration is distributed and potentially untrusted users contribute to the role assignment process, like in the case of Administrative RBAC (ARBAC), collusions may take place to circumvent the intended workflow security policies. In a collusion attack, a set of users of a workflow system collaborates by changing the user-to-role assignment, so as to sidestep the security policies and run up to completion a workflow they could not complete otherwise.
In this paper, we study the problem of collusion attacks in a formal model of workflows based on stable event structures and we define a precise notion of security against collusion. We then propose a static analysis technique based on a reduction to a role reachability problem for ARBAC, which can be used to prove or disprove security for a large class of workflow systems. We also discuss how to aggressively optimise the obtained role reachability problem to ensure its tractability. Finally, we implement our analysis in a tool, WARBAC, and we experimentally show its effectiveness on a set of publicly available examples, including a realistic case study.