Connecting Academic Security Research to Applied Systems in the - - PowerPoint PPT Presentation

connecting academic
SMART_READER_LITE
LIVE PREVIEW

Connecting Academic Security Research to Applied Systems in the - - PowerPoint PPT Presentation

Jan 13, 2023 202 likes •507 views

Connecting Academic Security Research to Applied Systems in the Field Dr. Danny De Cock 6 October 2016 COSIC Staff Department Electrical Engineering-ESAT COSIC = COmputer Security and Industrial Cryptography ( o 1978) 5 full-time 90

slide-1
SLIDE 1

Connecting Academic Security Research to Applied Systems in the Field

  • Dr. Danny De Cock

6 October 2016

slide-2
SLIDE 2

COSIC Staff

10 20 30 40 50 60 70 80 90 20092010201120122013201420152016 zap atp postdoc phd researcher visiting VMW

  • 5 full-time

professors

  • 21 postdocs
  • 41 researchers
  • 5 support staff
  • 8 visitors

20 nationalities

Department Electrical Engineering-ESAT

COSIC = COmputer Security and Industrial Cryptography (o1978)

slide-3
SLIDE 3

Organizational Chart

KU Leuven Humanities and social sciences Science, engineering and technology Sciences Bioscience engineering Engineering science Computer Science Electrical Engineering- ESAT MICAS COSIC STADIUS TELEMIC ELECTA Engineering technology Biomedical sciences

slide-4
SLIDE 4

COSIC - Research

Fundamental research in discrete mathematics Cryptographic algorithms: Design and cryptanalysis Cryptographic protocols: Design and cryptanalysis Efficient and secure implementations

Number theoretic algorithms, Boolean functions, secure multi-party computation, secret sharing Block ciphers, stream ciphers, hash functions, MAC algorithms, (hyper)- elliptic curve cryptography e.g.: AES, RIPEMD-160, HAMSI Entity authentication, credentials,

  • blivious transfer…
  • Software: high end and embedded
  • Hardware: FPGA and ASIC
  • Side-channel attacks: power, timing,

and electromagnetic analysis, fault attacks

slide-5
SLIDE 5

COSIC – Applied Research

Creating electronic equivalent of the real world:

Confidentiality, digital signature, anonymity, payments, DRM, elections

Technologies:

  • Internet of Things: distance bounding, key management
  • Anonymous communications and services
  • Trusted platforms: hardware/software
  • Software tamper resistance and obfuscation
  • Biometrics
  • Multimedia security

Applications:

  • Payment and e-commerce
  • e-Government: electronic ID card, e-voting
  • e-Health – medical devices
  • Smart energy
  • Automotive
slide-6
SLIDE 6

Example: Rijndael/AES: FIPS 197

Key Schedule round

. . . . .

round round round S S S S S S S S S S S S S S S S S S S S S S S S S S S S S S S S

MixColumns MixColumns MixColumns MixColumns

  • Key length: 16/24/32 bytes
  • Block length: 16 bytes

> 3100 NIST-certified products

slide-7
SLIDE 7

Trust4Cloud Security4IoT Data Protection & Privacy Resilience Security & Privacy Dependability Performance Robustness Availability TRUST!

slide-8
SLIDE 8

8

Three Major Research Challenges

Trust4Cloud

Cloud is about outsourcing, about trusting third parties

  • Secure processing of data in the cloud
  • Platforms: robust, dependable, available, featuring security and privacy
  • Key management

Security4IoT

Researching and developing up-to-date security solutions for IoT

  • 26 - 50 billion units by 2020 !!!!
  • Tactical and strategic approach needed
  • Need for new security architectures, solutions and new security primitives

Data Protection & Privacy

Deep engagement in the digital revolution demands for precaution

  • Investment in data protection and privacy becomes a business enabler
  • Towards individuals, towards partners, towards governments and regulators
slide-9
SLIDE 9

Cloud and Mobile Security

  • Biometrics and Identity Management
  • Enhancing fraud resistance of eID documents
  • User-centric privacy enhancements
  • Seamless roaming with security preferences
  • Mobile Authentication / payments
  • Mitigating security risks of the cloud
slide-10
SLIDE 10

10

Challenge of the Internet of Things (IoT)

Source: Gartner (July 2015)

slide-11
SLIDE 11

11

Advanced Cryptographic Techniques for IoT & Cloud

EU H2020/ECRYPT-NET

PERIOD

From 01/03/2015 till 28/02/2019

OBJECTIVE

To develop advanced cryptographic techniques for the Internet of Things and the Cloud and to create efficient and secure implementations of those techniques on a broad range of platforms.

PARTNERS

Marie Skłodowska-Curie ITN (Integrated Training Network)

slide-12
SLIDE 12

12

The Hype Cycle for Privacy

slide-13
SLIDE 13

Privacy

  • Tracking on the web: large scale studies
  • Including a specific study on cookie-less tracking: hard to

detect and prevent

  • Location privacy: developing solutions
  • Cryptographic solutions for privacy-friendly location sharing
  • Design of privacy-enhanced location based services
  • Private web search
  • Analysis and evaluation of obfuscation-based solutions
slide-14
SLIDE 14

14

FACEBOOK TRACKING REPORT

COSIC, CiTip (former ICRI) and DistriNet wrote a technical report on online tracking by Facebook Social Plug-ins, such as the “Like Button”. The 23-page technical report titled “Facebook Tracking Through Social Plug-ins” is prepared at the request of the Belgian Privacy Commission in the context of its Facebook investigation.

slide-15
SLIDE 15

15

Identity Management

Integrating biometrics and cryptography Device Fingerprinting:

  • Featuring device and behavioural fingerprinting
  • Enabling low threshold authentication (security benefit)
  • Enabling privacy preservation
  • Management of user consent
  • Integration with IAM and identity management
slide-16
SLIDE 16

16

Data Pseudonymization

  • Context: Centralization of Data
  • e.g. big data for e-health
  • De-identification techniques, while considering

side channels

  • New frontiers and trade-offs
  • Utility vs. privacy
slide-17
SLIDE 17

17

Secured Smart Grid Metering Architecture

KIC InnoEnergy - SAGA

PERIOD

From 01/01/2014 till 31/03/2017

OBJECTIVE

To develop security services and privacy solutions for the next generations of smart meters.

PARTNERS

slide-18
SLIDE 18

18

Specialised and focused training for Industry

COSIC INTERNATIONAL COURSE Biannual 4-day training, Q2 2017 Offers a broad overview of cryptography and industrial applications in banking, government, e-health, .. SECAPPDEV March 2017 – 1 week training How to develop secure software

  • applications. The organising committee

comprises several faculty members of COSIC and DistriNet and some free- lance software security trainers and consultants. IPICS 2016: July 4-11 Introductory course for advanced Master students and beginning PhD students as well as industry experts

slide-19
SLIDE 19

Real-life Use Case – TruBliss Search Engine

slide-20
SLIDE 20

20

TruBliss – Trustworthy Belgian Key Internet Services

iMinds/TruBliss

PERIOD

From 01/04/2014 till 31/03/2016

OBJECTIVE

The TruBliss project aims to support financial institutions in optimizing their security capabilities. This comprehensive approach encompasses innovation on the technical, procedural and legal levels

PARTNERS

slide-21
SLIDE 21

Interactive Investigation Case Query Tool

  • Initial trigger:
  • Need to analyze daily feed of new information
  • E.g., DNS-registrations, confiscated data from

suspects

  • Automated screening of daily feed
  • DNS registrations that are similar to set of watch list of

key words

  • Statistical summary of analysis
  • Helps interactive identification of individual cases that

may require further analysis

21

slide-22
SLIDE 22

Interactive Case Query Tool

  • Tool based on Apache/Tapestry
  • Search engine based on MG4J (Managing

Gigabytes for Java)

  • Extracts text from image files using Tesseract and

GOCR

  • Automatically screens office files, Adobe PDF files,

images, emails…

  • Supports interactive querying for fuzzy searches
  • Approximate search
  • Informs investigators automatically when specific hits

are encountered

22

slide-23
SLIDE 23

TruBliss Architecture

23

NAS Investigator TruBliss Engine Investigator Investigator Investigator Investigator TB Indexer TB Indexer TB Indexer TB Indexer TB Indexer TB Indexer

slide-24
SLIDE 24

Trubliss Approach – Analysis

1. Researchers upload information to NAS 2. Trubliss Indexers perform analysis for each file

  • Identifies files based on cryptographic hash values
  • Extracts meta data
  • Images: all information stored into image files
  • Office documents: author, abstract, file history…
  • Extract text data from documents
  • Office documents, PDF
  • Extract text data from images using CAPTCHA-recovery tools
  • Image files containing printed text
  • Extracted information is in text format and can be easily analyzed
  • Compound files are analyzed recursively
  • Archive files are extracted and content analyzed: zip, tar, arj,

7zip…

  • Mounts forensic bitwise copies and analyzes recursively

24

slide-25
SLIDE 25

Trubliss Approach – Open Source Tools

1. Text extraction tools based on open-source tools available free of charge

  • Images using Tesseract & GOCR
  • Office files using LibreOffice
  • PDF files using pdftotext
  • Emails using grepmail, readpst
  • Any other file type when necessary using open source conversion

and extraction tools 2. Text search

  • Fuzzy/approximate search
  • Find words similar to search terms – agrep
  • Searchable index of all text information per case
  • File content + meta data – MG4J (Managing Gigabytes for Java)
  • Search index produced automatically on case data
  • Searches performed interactively

25

slide-26
SLIDE 26

Advantages

1. Files are analyzed only once

  • Researchers do not waste time analyzing identical

files several times

  • Cryptographic hash value guarantees uniqueness
  • f analysis – researchers do not waste All

information is 2. Search terms of interest are processed in batch

  • Notifications are emailed when matches are found

3. Open source & versatile

  • Information extraction using freely available tools
  • Search database supports huge volumes of data

26

slide-27
SLIDE 27

Questions?

  • Dr. Danny De Cock

Senior Research Manager Applied Cryptography KULeuven ESAT/COSIC Contact: danny.decock@esat.kuleuven.be

slide-28
SLIDE 28

Internet of Things