time is power quantuminsert
play

TIME IS POWER - QUANTUMINSERT 1 Learning Goals The Following - PowerPoint PPT Presentation

Jul 11, 2023 •273 likes •615 views

create your own exercise Mario Silaci, Lucas Wolf TIME IS POWER - QUANTUMINSERT 1 Learning Goals The Following Learning Goals are Covered in the Lecture PreLab Lab What are requirements to perform the QUANTUM X X X INSERT (QI)? How does

  1. create your own exercise Mario Silaci, Lucas Wolf TIME IS POWER - QUANTUMINSERT 1

  2. Learning Goals The Following Learning Goals are Covered in the Lecture PreLab Lab What are requirements to perform the QUANTUM X X X INSERT (QI)? How does the QI work in general? X X X Background: NSA, FISC and Snowden X X Which protocols are used in the QI? X X X Which tools are necessary for the QI? X X How do you forge correct packets? X X Related Work? X X 2

  3. Connection via Internet 0 3

  4. QUANTUMINSERT: Requirements 0 4

  5. QUANTUMINSERT: Requirements 0 Ability to monitor the traffic between the victim and the responding server 5

  6. QUANTUMINSERT: Requirements 0 Timing Attack Faster connection Slower connection 6

  7. QUANTUMINSERT: Victim Requests Website 1 GET 7

  8. QUANTUMINSERT: Shooter Gets Notified 2 ! GET GET 8

  9. QUANTUMINSERT: Shooter Injects Malicious Response 3 INJ 9

  10. QUANTUMINSERT: Server Sends Legitimate Response 4 RES INJ 10

  11. QUANTUMINSERT: Result 5 Injection packet Attackvector (INJ) Gets interpreted as the HTTP response Partial HTTP response (RES) 11

  12. QUANTUMINSERT: Result 5 Injection packet Attackvector (INJ) Gets interpreted as First fragments get the HTTP response dropped (Sequence number Partial HTTP response Duplicates) (RES) 12

  13. QUANTUMINSERT: Result 5 Injection packet Attackvector (INJ) Gets interpreted as the HTTP response Partial HTTP response (RES) 13

  14. The Responsibles: NSA and GCHQ [1] [2] agent victim “The early bird catches the worm.” 14

  15. The Responsibles: Tailored Access Operations Division NSA‘s hacker division Implemented several QUANTUM attacks Motto: "Your data is our data, your equipment is our equipment - anytime, any place, by any legal means.“ [3] 15

  16. The Advocates: Foreign Intelligence Surveillance Court(FISC) • secret court which makes secret rulings with gag orders • Was empowered after the Foreign Intelligence Surveillance Act (FISA) and has been called "almost a parallel Supreme Court.“ [4] FISC denied 11 requests out of ~33.900 in 33 years, i.e. approved ~99,97% 16

  17. [5] 17

  18. Whistleblower: Edward Snowden • Former secret service system administrator and agent • Worked as contractor for NSA and CIA • Is against mass surveillance in the internet  2013: Leaked sensitive information(e.g. NSA‘s surveillance techniques) in cooperation with Glenn Greenwald and Laura Poitras [6] 18

  19. 7 Layer ISO/OSI model Application Layer Application Layer Presentation Layer Presentation Layer Session Layer Session Layer Transport Layer Transport Layer Network Layer Network Layer Data Link Layer Data Link Layer Physical Layer Physical Layer 19

  20. QUANTUMINSERT: Relevant Protocols HTTP HTTP TCP TCP Network Layer Network Layer Data Link Layer Data Link Layer Physical Layer Physical Layer 20

  21. Reminder: Transmission Control Protocol(TCP) Handshake 21

  22. TCP Handshake with QUANTUMINSERT 1 2 3 4 22

  23. TCP Handshake with QUANTUMINSERT 1 2 3 4 Identical sequence and acknowledge numbers 23

  24. Hypertext Transfer Protocol (HTTP) Server Client 24

  25. Hypertext Transfer Protocol (HTTP) Server Client Request Response 25

  26. Hypertext Transfer Protocol (HTTP) Server Client Statuscode: Defines the functionality of the response 26

  27. 27 [7]

  28. Teaser Practical Part: Setup 28

  29. Teaser Practical Part: Intended Connection 29

  30. Teaser Practical Part: Redirection Injection 30

  31. Teaser Practical Part: Manipulated Connection 31

  32. Teaser Practical Part: Real Life Analogy 32 [8]

  33. Teaser Practical Part: Closer Look Transatlantic GCHQ‘s shooter wire endpoint (North America) You (probably Transatlantic unaware) wire endpoint (Europe) NSA‘s server Facebook (Foxacid) headquarter 33 [8]

  34. THANKS! Sources: • [1]: Seal of the United States National Security Agency, https://commons.wikimedia.org/wiki/File:Seal_of_the_United_States_National_Security_Agency.svg • [2]: EFF NSA-Logo Parody https://www.flickr.com/photos/electronicfrontierfoundation/12225935484 • [3]: Question mark head https://commons.wikimedia.org/wiki/File:No_image.JPG • [4]: How the NSA collects data http://www.theverge.com/2013/7/17/4517480/nsa-spying-prism-surveillance-cheat-sheet • [5]: Court house https://upload.wikimedia.org/wikipedia/commons/b/b0/Garrett_Prettyman_district_court.jpg • [6]: Edward Snowden https://upload.wikimedia.org/wikipedia/commons/6/60/Edward_Snowden-2.jpg • [7]: There is more than one way to QUANTUM https://theintercept.com/document/2014/03/12/one-way-quantum/ • [8]: World map https://pixabay.com/de/weltkarte-global-geographie-1958134/ • All other figures were made by ourselves 34

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Today Power and Energy Review Power management Energy is power integrated over time

Today Power and Energy Review Power management Energy is power integrated over time

Today Power and Energy Review Power management Energy is power integrated over time Hardware capabilities 1 Watt == 1 Joule / second Software management strategies Heat depends on power consumption Battery life depends

282 views • 5 slides
Modulation 2 Power Recall (or learn) that Power is a measure of: Energy per unit time

Modulation 2 Power Recall (or learn) that Power is a measure of: Energy per unit time

1 EE 109 Unit 10 - Pulse Width Modulation 2 Power Recall (or learn) that Power is a measure of: Energy per unit time In an electronic circuit, P = I * V Power = Current & Voltage (each may be varying w/ time) A

185 views • 16 slides
Power Recall (or learn) that Power is a measure of: Energy per unit time In an

Power Recall (or learn) that Power is a measure of: Energy per unit time In an

E.1 E.2 Power Recall (or learn) that Power is a measure of: Energy per unit time In an electronic circuit, P = I * V EE 109 Unit E - Pulse Width Power = Current & Voltage (each may be varying w/ time) A circuit that

260 views • 5 slides
We Well-Be Being; its about the the D Dos, no not D t Don nts ts The Power of

We Well-Be Being; its about the the D Dos, no not D t Don nts ts The Power of

We Well-Be Being; its about the the D Dos, no not D t Don nts ts The Power of Small Steps The last time you tried to make a change, but it didnt work. What happened? Willpower Time Motivation Skills

441 views • 20 slides
From power to energy Power is an instantaneous quantity (W), which we denote p Energy is the

From power to energy Power is an instantaneous quantity (W), which we denote p Energy is the

From power to energy Power is an instantaneous quantity (W), which we denote p Energy is the result of integrating power generation over time (Wh), i.e., t + t E t t + t = p d t 2/6 Capacity and reservation At any time

739 views • 6 slides
Why Time Synchronization? Event Ordering Low Duty Cycle Networking Time Division

Why Time Synchronization? Event Ordering Low Duty Cycle Networking Time Division

Low-Power Clock Synchronization using Electromagnetic Energy Radiating from AC Power Lines Energy Radiating from AC Power Lines (Apply Directly Where it Hertz ) Anthony Rowe, Vikram Gupta, Raj Rajkumar Electrical and Computer Engineering

498 views • 17 slides
Operational Perspective Michael Burke Power System Control EirGrid Real Time Power System

Operational Perspective Michael Burke Power System Control EirGrid Real Time Power System

Operational Perspective Michael Burke Power System Control EirGrid Real Time Power System Operation 50 Hz: Safe, Secure and Economic Operation of Power System Generation = Demand Control Centres: NCC & CHCC Bulk Transfer of Power on

1.12k views • 32 slides
Mobile Marketing with Channel Mobile Its time to harness the power of mobile!! The Power of

Mobile Marketing with Channel Mobile Its time to harness the power of mobile!! The Power of

Mobile Marketing with Channel Mobile Its time to harness the power of mobile!! The Power of Mobile In the past 5 years, mobile penetration has grown from Operator The 30% to wel 30% ell over er revenues - $5.4 4 ha half of the

534 views • 41 slides
New power electronics enable compact, cool and efficient xEV power train inverters FOR THE

New power electronics enable compact, cool and efficient xEV power train inverters FOR THE

New power electronics enable compact, cool and efficient xEV power train inverters FOR THE FIRST TIME IN TRANSPORTATION SEMICONDUCTORS ARE RESPONSIBLE FOR THE KEY VALUES OF VEHICLE Driving Refuel Driving 0 to 60 Cost Distance time

331 views • 22 slides
The power and weakness of randomness (when you are short on time) Avi Wigderson Institute for

The power and weakness of randomness (when you are short on time) Avi Wigderson Institute for

The power and weakness of randomness (when you are short on time) Avi Wigderson Institute for Advanced Study Plan of the talk Computational complexity -- efficient algorithms, hard and easy problems, P vs. NP The power of randomness

284 views • 24 slides
This is a Header Using Power Query Builder THIS IS A SUBTITLE Save Time Connecting to D365/CDS

This is a Header Using Power Query Builder THIS IS A SUBTITLE Save Time Connecting to D365/CDS

This is a Header Using Power Query Builder THIS IS A SUBTITLE Save Time Connecting to D365/CDS Data with Power Query Builder swoloshin@pragmaticworks.com Agenda Create a Report Connection in minutes Deeper Dive Why use Power Query Builder

512 views • 15 slides
An Efficient Algorithm for Computing the Time Resolved Full Sky Cross Power in an Interferometer

An Efficient Algorithm for Computing the Time Resolved Full Sky Cross Power in an Interferometer

An Efficient Algorithm for Computing the Time Resolved Full Sky Cross Power in an Interferometer with Omni-directional Elements Kipp Cannon, University of Wisconsin Milwaukee December 20, 2006 Abstract Both time- and frequency-domain

296 views • 16 slides
OK GLASS HOW NERVOUS AM I? REAL-TIME FEEDBACK IN ROWING EXAMPLE : FEEDBACK ON POWER LOSS

OK GLASS HOW NERVOUS AM I? REAL-TIME FEEDBACK IN ROWING EXAMPLE : FEEDBACK ON POWER LOSS

OK GLASS HOW NERVOUS AM I? REAL-TIME FEEDBACK IN ROWING EXAMPLE : FEEDBACK ON POWER LOSS DUE TO VELOCITY FLUCTUATIONS Lotte Lintmeijer CONTENT Project: the bigger picture Background Aim Feedback Power

358 views • 21 slides
Today Power management Hardware capabilities Software management strategies Power and

Today Power management Hardware capabilities Software management strategies Power and

Today Power management Hardware capabilities Software management strategies Power and Energy Review Energy is power integrated over time 1 Watt == 1 Joule / second Heat depends on power consumption Battery life depends

534 views • 28 slides
Power and Energy Charles Li and Deepak Pallerla Power: A First-Class Architectural Design

Power and Energy Charles Li and Deepak Pallerla Power: A First-Class Architectural Design

Power and Energy Charles Li and Deepak Pallerla Power: A First-Class Architectural Design Constraint Motivations IT was 8% of US electricity usage in 2000 Increasing over time Chip die power density increasing linearly

521 views • 31 slides
The Big O Lecture 19 How it scales In analysing running time (or memory/power consumption) of

The Big O Lecture 19 How it scales In analysing running time (or memory/power consumption) of

Design & Analysis of Algorithms The Big O Lecture 19 How it scales In analysing running time (or memory/power consumption) of an algorithm, we are interested in how it scales as the problem instance grows in size Running time on

507 views • 17 slides
Non-linearity in Davenport-Schinzel Sequences Seth Pettie University of Michigan Isomorphism

Non-linearity in Davenport-Schinzel Sequences Seth Pettie University of Michigan Isomorphism

Non-linearity in Davenport-Schinzel Sequences Seth Pettie University of Michigan Isomorphism and Subsequences Political Isomorphism BUSH is isomorphic to GO BUSH GORE C is isomorphic to A THOMAS is isomorphic to SOUTER THOMAS ,NSA,DOD is

673 views • 65 slides
ECE 550D Fundamentals of Computer Systems and Engineering Fall 2016 Finite State Machines Tyler

ECE 550D Fundamentals of Computer Systems and Engineering Fall 2016 Finite State Machines Tyler

ECE 550D Fundamentals of Computer Systems and Engineering Fall 2016 Finite State Machines Tyler Bletsch Duke University Slides are derived from work by Andrew Hilton (Duke) Last time Who can remind us what we did last time? Storage

645 views • 42 slides
The unreasonable effectiveness of Nonstandard Analysis Sam Sanders CCC, Kochel, Sept. 2015

The unreasonable effectiveness of Nonstandard Analysis Sam Sanders CCC, Kochel, Sept. 2015

The unreasonable effectiveness of Nonstandard Analysis Sam Sanders CCC, Kochel, Sept. 2015 Introduction: NSA 101 Mining NSA Additional results Aim and motivation Aim: To show that proofs of theorems of PURE Nonstandard Analysis can be mined

1.43k views • 129 slides
Privacy versus government surveillance where network effects meet public choice Ross Anderson

Privacy versus government surveillance where network effects meet public choice Ross Anderson

Privacy versus government surveillance where network effects meet public choice Ross Anderson Cambridge Two views of money and power The Bay Area view: money and power are all about network effects, which help you create a platform to

393 views • 16 slides
Secure Intersection with MapReduce R. Ciucanu 1 M. Giraud 2 P. Lafourcade 2 L. Ye 3 1 LIFO, INSA

Secure Intersection with MapReduce R. Ciucanu 1 M. Giraud 2 P. Lafourcade 2 L. Ye 3 1 LIFO, INSA

Secure Intersection with MapReduce R. Ciucanu 1 M. Giraud 2 P. Lafourcade 2 L. Ye 3 1 LIFO, INSA Centre Val de Loire Universit e dOrl eans 2 3 School of Computer Science and Technology Harbin Institute of Technology, China 26 July 2019

397 views • 29 slides
Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About Cryptographic Standards History of post-quantum cryptography 2003 Daniel J. Bernstein introduces term Post-quantum cryptography. PQCrypto 2006:

623 views • 23 slides
The SJGAD Used Most in NSA Reporting --- Overview Derived From: NSAIC$SM IS2 Datoo : 20070103

The SJGAD Used Most in NSA Reporting --- Overview Derived From: NSAIC$SM IS2 Datoo : 20070103

~ c ~ Coogle pal tal kl/7. IOPSECRET/ISJII ORCON // NOJ -- ~ Hotma ll" You lim il liiiiil YAHoo' tl .... ' I 21' - PRISM/US-984XN Overview OR The SJGAD Used Most in NSA Reporting --- Overview Derived From: NSAIC$SM IS2 Datoo :

191 views • 4 slides
Above My Pay Grade: Incident Response at the National Level Jason Healey Atlantic Council

Above My Pay Grade: Incident Response at the National Level Jason Healey Atlantic Council

Above My Pay Grade: Incident Response at the National Level Jason Healey Atlantic Council Traditional Incident Response But at the national level, incident response is a different game Implications for Misunderstandings between geeks and

541 views • 27 slides

More recommend