tamper resistant creation of integrity tokens for
play

Tamper-resistant creation of integrity tokens for trustworthy - PowerPoint PPT Presentation

Jan 02, 2023 •482 likes •740 views

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Tamper-resistant creation of integrity tokens for trustworthy communication in cyber-physical systems Intermediate talk for the Masters

  1. Chair of Network Architectures and Services Department of Informatics Technical University of Munich Tamper-resistant creation of integrity tokens for trustworthy communication in cyber-physical systems Intermediate talk for the Master’s Thesis by Christoph Rudolf advised by Dr. Holger Kinkelin and Richard von Seck Wednesday 17 th July, 2019 Chair of Network Architectures and Services Department of Informatics Technical University of Munich

  2. Motivation Problem statement by example • Cars communicating via ad-hoc networks • Received data impacts traffic behavior Christoph Rudolf — Tamper-resistant creation of integrity tokens 2

  3. Motivation Problem statement by example Christoph Rudolf — Tamper-resistant creation of integrity tokens 3

  4. Solution Proposal Integrity Token Enable vehicles, cyber-physical systems or generic entities to sign their data • Similar to a certificate issuance process • Attestation of integrity and trustworthiness of the entity • Issue generic integrity token as integrity proof towards peers • Generalize process as much as possible Christoph Rudolf — Tamper-resistant creation of integrity tokens 4

  5. Solution Proposal Research Questions Q1 How can multiple collaborators work together in order to verify the validity of an entity? Q2 How can the necessary data for such an attestation be exchanged in a generic and secure manner? Q3 How is the distributed integrity data maintained to have a scalable solution? Q4 How can the privacy of entities be ensured despite public verification? Q5 What can we do to ensure the integrity of the validating system itself? Christoph Rudolf — Tamper-resistant creation of integrity tokens 5

  6. Solution Proposal Requirements R1 Offline Integrity Check R2 Multi-Party Authorization R3 Permissioned System R4 Process Tracing R5 Privacy R6 Distributability Christoph Rudolf — Tamper-resistant creation of integrity tokens 6

  7. Solution Proposal Related Work • Related work on traditional PKI utilizing DLT exists [7, 1] • Previous work at the Chair targets two specific scenarios: • PKI in the DFN (Deutsches Forschungsnetz, German Research Network ) [3, 6] • Configuration Management for Networked Devices [2, 5, 4] Christoph Rudolf — Tamper-resistant creation of integrity tokens 7

  8. Solution Proposal Related Work • Related work on traditional PKI utilizing DLT exists [7, 1] • Previous work at the Chair targets two specific scenarios: • PKI in the DFN (Deutsches Forschungsnetz, German Research Network ) [3, 6] • Configuration Management for Networked Devices [2, 5, 4] → solutions are highly domain-specific and cannot be adapted to new environments (e.g. automotive systems) → Good: Some of the concepts can be adapted Christoph Rudolf — Tamper-resistant creation of integrity tokens 7

  9. Solution Proposal Design Distributed Ledger Platform (e. g. Hyperledger Fabric) {} Entity 1 Signer 1 Node 1 {} Entity 2 Node 2 Proxy Signer 2 Node 3 Entity 3 {} Node 4 Signer 3 Node 5 Administration Data Storage Approver 1 Approver 2 Approver 3 different thesis Christoph Rudolf — Tamper-resistant creation of integrity tokens 8

  10. Solution Proposal Process Entity 1 Approvers Signers Proxy Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9

  11. Solution Proposal Process Entity 1 Approvers Signers Proxy event r 1 pending Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9

  12. Solution Proposal Process Entity 1 Approvers Signers Proxy event r 1 a 1 pending Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9

  13. Solution Proposal Process Entity 1 Approvers Signers Proxy event enough approvals? ✗ r 1 a 1 pending Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9

  14. Solution Proposal Process Entity 1 Approvers Signers Proxy event enough approvals? ✗ r 1 a 1 a 2 pending Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9

  15. Solution Proposal Process Entity 1 Approvers Signers Proxy event enough approvals! ✓ r 1 a 1 a 2 a 3 approved Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9

  16. Solution Proposal Process Entity 1 Approvers Signers Proxy r 1 a 1 t 1 a 2 a 3 finished Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9

  17. Solution Proposal Process Entity 1 Approvers Signers Proxy r 1 a 1 t 1 a 2 a 3 finished Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9

  18. Solution Proposal System Integrity Research questions Q5 asks what we can do to ensure the integrity of the system itself. Christoph Rudolf — Tamper-resistant creation of integrity tokens 10

  19. Solution Proposal System Integrity Research questions Q5 asks what we can do to ensure the integrity of the system itself. V 1 Hardware or system software • Analysis of attack vectors on the system V 2 Network communication V 3 DLT framework System V 4 DLT participants V 5 Business logic V 6 External components Christoph Rudolf — Tamper-resistant creation of integrity tokens 10

  20. Solution Proposal System Integrity Research questions Q5 asks what we can do to ensure the integrity of the system itself. V 1 Hardware or system software • Analysis of attack vectors on the system V 2 Network communication • Suggestions for mitigations per vector V 3 DLT framework • Multi-party authorization on multiple levels System V 4 DLT participants V 5 Business logic V 6 External components Christoph Rudolf — Tamper-resistant creation of integrity tokens 10

  21. Solution Proposal System Integrity Research questions Q5 asks what we can do to ensure the integrity of the system itself. V 1 Hardware or system software • Analysis of attack vectors on the system V 2 Network communication • Suggestions for mitigations per vector V 3 DLT framework • Multi-party authorization on multiple levels System • Critical: Business Logic (Chaincode) V 4 DLT participants • Using tools for static analysis [8] V 5 Business logic • Unit tests aiming for high coverage • Use- and misuse-cases V 6 External components Christoph Rudolf — Tamper-resistant creation of integrity tokens 10

  22. Status Current state and progress Currently in implementation phase: • Implementation using Hyperledger Fabric • Starting from scratch with most recent Fabric version • done: Chaincode implementation of features for standard operation • todo: Unit testing and other system integrity measures Christoph Rudolf — Tamper-resistant creation of integrity tokens 11

  23. Timeline Apr May Jun Jul Aug Sep Oct Problem analysis Precise definition of requirements Studying previous and related work Design of the solution concept Setup of a test network Implementation Conducting a case study Writing the thesis Today Deadline Christoph Rudolf — Tamper-resistant creation of integrity tokens 12

  24. Bibliography [1] L. Axon. and M. Goldsmith. PB-PKI: A Privacy-aware Blockchain-based PKI. In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications – Volume 6: SECRYPT, (ICETE 2017) , pages 311–318. INSTICC, SciTePress, 2017. [2] V. J. Hauner. Trustworthy Configuration Management with Distributed Ledgers. Master’s thesis, Technische Universität München, 2018. [3] J. F. Hoops. A Tamper-Proof Certificate Issuance Process Based on Distributed Ledger Technology. Bachelor’s thesis, Technische Universität München, 2018. [4] H. Kinkelin, V. Hauner, H. Niedermayer, and G. Carle. Trustworthy configuration management for networked devices using distributed ledgers. CoRR , abs/1804.04798, 2018. [5] M. Müller. Trustworthy and Tamperproof Configuration Management for Networked Devices. Masters’s thesis, Technische Universität München, 2019. [6] J. G. Roos. Modelling Organizational Structures for a Distributed Ledger-Based Federated Certificate Managment System. Bachelor’s thesis, Technische Universität München, 2019. [7] A. Yakubov, W. M. Shbair, A. Wallbom, D. Sanda, and R. State. A blockchain-based PKI management framework. In NOMS 2018 – 2018 IEEE/IFIP Network Operations and Management Symposium , pages 1–6, April 2018. [8] K. Yamashita, Y. Nomura, E. Zhou, B. Pi, and S. Jun. Potential Risks of Hyperledger Fabric Smart Contracts. In 2019 IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE) , pages 1–10, Feb 2019. Christoph Rudolf — Tamper-resistant creation of integrity tokens 13

  25. Discussion Distributed Ledger Platform (e. g. Hyperledger Fabric) {} Entity 1 Signer 1 Node 1 {} Entity 2 Node 2 Proxy Signer 2 Node 3 Entity 3 {} Node 4 Signer 3 Node 5 Administration Data Storage Approver 1 Approver 2 Approver 3 different thesis Christoph Rudolf — Tamper-resistant creation of integrity tokens 14

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing G. Edward Suh, Dwaine

AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing G. Edward Suh, Dwaine

AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, Srinivas Devadas Massachusetts Institute of Technology L C S Cases for Physical Security Applications

519 views • 23 slides
Anomaly Detection Algorithms for Malware Traffic Analysis using Tamper Resistant Features Dr.

Anomaly Detection Algorithms for Malware Traffic Analysis using Tamper Resistant Features Dr.

Anomaly Detection Algorithms for Malware Traffic Analysis using Tamper Resistant Features Dr. Patrick McDaniel Berkay Celik Fall 2015 Introduction Motivation Related Work Data Approach Experimental Results Comparison

391 views • 25 slides
Strong Authentication without Tamper-Resistant Hardware and Application to Federated Identities

Strong Authentication without Tamper-Resistant Hardware and Application to Federated Identities

Strong Authentication without Tamper-Resistant Hardware and Application to Federated Identities Zhenfeng Zhang , Yuchen Wang , Kang Yang Institute of Software, Chinese Academy of Sciences; The Joint Academy of Blockchain

869 views • 25 slides
Publius: A robust, tamper-evident, censorship-resistant web publishing system M Waldman, A Rubin

Publius: A robust, tamper-evident, censorship-resistant web publishing system M Waldman, A Rubin

Publius: A robust, tamper-evident, censorship-resistant web publishing system M Waldman, A Rubin and L Cranor Ranjit Randhawa Department of Computer Science Virginia Tech Outline Overview of Publius Anonymity tools Publius in

414 views • 13 slides
http://www.cl.cam.ac.uk/~mgk25/sc99-tamper[-slides].pdf Classes of Attacks on Security Modules

http://www.cl.cam.ac.uk/~mgk25/sc99-tamper[-slides].pdf Classes of Attacks on Security Modules

Design Principles for Tamper-Resistant Smartcard Processors Oliver Kmmerling Markus G. Kuhn ADSR Computer Laboratory http://www.cl.cam.ac.uk/~mgk25/sc99-tamper[-slides].pdf Classes of Attacks on Security Modules Microprobing Open the

465 views • 22 slides
Tamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn University of Cambridge

Tamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn University of Cambridge

Tamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn University of Cambridge University of Erlangen/ Computer Laboratory Purdue University Applications of Tamper Resistant Modules Security of cryptographic applications is based

149 views • 12 slides
True2F: Backdoor-resistant authentication tokens Emma Dauterman , Henry Corrigan-Gibbs, David

True2F: Backdoor-resistant authentication tokens Emma Dauterman , Henry Corrigan-Gibbs, David

True2F: Backdoor-resistant authentication tokens Emma Dauterman , Henry Corrigan-Gibbs, David Mazires, Dan Boneh, Dominic Rizzo Stanford and Google IEEE Security & Privacy 2019 U2F: Effective hardware 2FA 2 U2F: Effective hardware 2FA

781 views • 65 slides
SRM Space Tokens SRM Space Tokens SRM Space Tokens SRM Space Tokens Scalla/xrootd Andrew

SRM Space Tokens SRM Space Tokens SRM Space Tokens SRM Space Tokens Scalla/xrootd Andrew

SRM Space Tokens SRM Space Tokens SRM Space Tokens SRM Space Tokens Scalla/xrootd Andrew Hanushevsky Stanford Linear Accelerator Center Stanford University Stanford University 27-May-08 http://xrootd slac stanford edu

550 views • 23 slides
KILOBAR KILOBAR KILOBAR INTEGRITY KILOBAR KILOBAR KILOBAR KILOBAR INTEGRITY KILOBAR

KILOBAR KILOBAR KILOBAR INTEGRITY KILOBAR KILOBAR KILOBAR KILOBAR INTEGRITY KILOBAR

KILOBAR KILOBAR KILOBAR INTEGRITY KILOBAR KILOBAR KILOBAR KILOBAR INTEGRITY KILOBAR INTEGRITY INTEGRITY INTEGRITY INTEGRITY INTEGRITY INTEGRITY Blockchain & Security Ruth Crowell, Chief Executive Asia Pacific Precious Metals

460 views • 10 slides
Optimized or Balanced Mix Design Crack Resistant Rut Resistant Resistant to Moisture

Optimized or Balanced Mix Design Crack Resistant Rut Resistant Resistant to Moisture

Optimized or Balanced Mix Design Crack Resistant Rut Resistant Resistant to Moisture Damage 1 Balanced Mix Design: ETG Definition Asphalt mix design using performance tests on appropriately conditioned specimens that address

480 views • 46 slides
Anonymous Tokens Michele Orr ia.cr/2020/072 1 Anonymous Tokens Michele Orr joint work

Anonymous Tokens Michele Orr ia.cr/2020/072 1 Anonymous Tokens Michele Orr joint work

Anonymous Tokens Michele Orr ia.cr/2020/072 1 Anonymous Tokens Michele Orr joint work with Ben Kreuter, Tancrde Lepoint, Mariana Raykova ia.cr/2020/072 1 Definition Anonymous tokens are lightweight, single-use anonymous credentials.

657 views • 61 slides
Efficient Data Structures for Tamper-Evident Logging Scott A. Crosby Dan S. Wallach Rice

Efficient Data Structures for Tamper-Evident Logging Scott A. Crosby Dan S. Wallach Rice

Efficient Data Structures for Tamper-Evident Logging Scott A. Crosby Dan S. Wallach Rice University Everyone has logs Tamper evident solutions Current commercial solutions Write only hardware appliances Security depends on

1.32k views • 82 slides
2/13/2014 What is Tamper Resistance? Resistance to tampering the device by either normal

2/13/2014 What is Tamper Resistance? Resistance to tampering the device by either normal

2/13/2014 What is Tamper Resistance? Resistance to tampering the device by either normal users or systems or others with physical Physical Attacks and Tamper Resistance access to it

449 views • 11 slides
Servers can't be trusted, and thanks to tamper-proof Servers can't be trusted, and thanks to

Servers can't be trusted, and thanks to tamper-proof Servers can't be trusted, and thanks to

Servers can't be trusted, and thanks to tamper-proof Servers can't be trusted, and thanks to tamper-proof journals EteSync doesn't need to! journals EteSync doesn't need to! stosb.com/talks Tom Hacohen tom@stosb.com FOSDEM 2018 @TomHacohen

498 views • 30 slides
An introduction to using slip-resistant flooring from Altro discover altro.com/slip-resistant

An introduction to using slip-resistant flooring from Altro discover altro.com/slip-resistant

An introduction to using slip-resistant flooring from Altro discover altro.com/slip-resistant Typical applications Healthcare Education Back-of-house High traffic areas Manufacturing and industrial areas General

536 views • 43 slides
R&D on graphite based oxidation resistant materials and radiation resistant tungsten J

R&D on graphite based oxidation resistant materials and radiation resistant tungsten J

The High Power Targetry R&D Roadmap for High Energy Physics Workshop @Fermilab, USA 31st May, 2017 R&D on graphite based oxidation resistant materials and radiation resistant tungsten J PARC Center, High Energy Accelerator Research

625 views • 23 slides
Relational Document Time Series Amazon Aurora Amazon DocumentDB Amazon Timestream Graph

Relational Document Time Series Amazon Aurora Amazon DocumentDB Amazon Timestream Graph

Relational Document Time Series Amazon Aurora Amazon DocumentDB Amazon Timestream Graph Key-value Amazon RedShi Amazon Neptune Amazon DynamoDB Amazon RDS Ledger In-memory Amazon Quantum AWS Database Migration Amazon ElastiCache

612 views • 6 slides
Hyperledger Fabric Saravanan Vijayakumaran sarva@ee.iitb.ac.in Department of Electrical

Hyperledger Fabric Saravanan Vijayakumaran sarva@ee.iitb.ac.in Department of Electrical

Hyperledger Fabric Saravanan Vijayakumaran sarva@ee.iitb.ac.in Department of Electrical Engineering Indian Institute of Technology Bombay November 2, 2018 1 / 15 Hyperledger Collaborative blockchain effort hosted by Linux Foundation

432 views • 15 slides
Is there a Term Structure in Land Lease Rates? Martin Odening Silke H uttel Matthias Ritter

Is there a Term Structure in Land Lease Rates? Martin Odening Silke H uttel Matthias Ritter

Motivation Theoretical Background Empirical Analysis Conclusion Is there a Term Structure in Land Lease Rates? Martin Odening Silke H uttel Matthias Ritter Viacheslav Esaulov Humboldt-Universit at zu Berlin Energy Finance Workshop

204 views • 16 slides
Dennis Smith Freddie Mac Allison Freeman, PhD University of North Carolina FREDDIE MACS

Dennis Smith Freddie Mac Allison Freeman, PhD University of North Carolina FREDDIE MACS

Dennis Smith Freddie Mac Allison Freeman, PhD University of North Carolina FREDDIE MACS SURVEY AND REPORT ON THE LOAN SHOPPING EXPERIENCES OF MANUFACTURED HOME OWNERS: WHAT WE KNOW ALLISON FREEMAN UNC CENTER FOR COMMUNITY CAPITAL 6% of

187 views • 18 slides
Generalizing BlockSci to Cross-Chain Analyses of Forked Ledgers Masters Thesis Defensio ,

Generalizing BlockSci to Cross-Chain Analyses of Forked Ledgers Masters Thesis Defensio ,

Generalizing BlockSci to Cross-Chain Analyses of Forked Ledgers Masters Thesis Defensio , September 14 th 2020 Martin Plattner, Universitt Innsbruck martin@mplattner.at Agenda Motivation Implementing the Multi-Chain Mode for

833 views • 54 slides
Introduction to Bitcoin and Distributed Systems Prof. Tom Austin San Jos State University

Introduction to Bitcoin and Distributed Systems Prof. Tom Austin San Jos State University

Cryptocurrencies & Security on the Blockchain Introduction to Bitcoin and Distributed Systems Prof. Tom Austin San Jos State University Review Lab HW1: DigiCash Lite (DCL) So why did DigiCash fail? Poor business decisions?

572 views • 17 slides
The Use of Rule Languages for Policy and Legal Compliance Jeffrey B. Ritter jritter@klng.com

The Use of Rule Languages for Policy and Legal Compliance Jeffrey B. Ritter jritter@klng.com

The Use of Rule Languages for Policy and Legal Compliance Jeffrey B. Ritter jritter@klng.com This presentation represents my personal views and is not the expression of the views of Kirkpatrick & Lockhart Nicholson Graham LLP or any of the

411 views • 8 slides
The Sunshine Law The Sunshine Law Hawaiis Open Meetings Law Hawaiis Open Meetings Law

The Sunshine Law The Sunshine Law Hawaiis Open Meetings Law Hawaiis Open Meetings Law

Office of Information Practices The Sunshine Law The Sunshine Law Hawaiis Open Meetings Law Hawaiis Open Meetings Law Part I of Chapter 92, HRS Part I of Chapter 92, HRS Whats the purpose? Whats the purpose? Protect

328 views • 10 slides

More recommend