Connecting Academic Security Research to Applied Systems in the Field Dr. Danny De Cock 6 October 2016
COSIC Staff Department Electrical Engineering-ESAT COSIC = COmputer Security and Industrial Cryptography ( o 1978) • 5 full-time 90 professors 80 zap • 21 postdocs 70 atp 60 • 41 researchers postdoc 50 • 5 support staff phd 40 • 8 visitors 30 researcher 20 visiting 10 VMW 20 nationalities 0 20092010201120122013201420152016
Organizational Chart KU Leuven Science, Humanities and Biomedical engineering social sciences sciences and technology Bioscience Engineering Engineering Sciences engineering science technology Electrical Computer Engineering- Science ESAT MICAS COSIC STADIUS TELEMIC ELECTA
COSIC - Research • Software: high end and embedded • Hardware: FPGA and ASIC Efficient and secure • Side-channel attacks: power, timing, implementations and electromagnetic analysis, fault attacks Cryptographic protocols: Entity authentication, credentials, oblivious transfer… Design and cryptanalysis Block ciphers, stream ciphers, hash Cryptographic algorithms: functions, MAC algorithms, (hyper)- elliptic curve cryptography Design and cryptanalysis e.g.: AES, RIPEMD-160, HAMSI Number theoretic algorithms, Boolean Fundamental research in functions, secure multi-party computation, discrete mathematics secret sharing
COSIC – Applied Research Creating electronic equivalent of the real world: Confidentiality, digital signature, anonymity, payments, DRM, elections Technologies: Internet of Things: distance bounding, key management Anonymous communications and services Trusted platforms: hardware/software Software tamper resistance and obfuscation Biometrics Multimedia security Applications: Payment and e-commerce e-Government: electronic ID card, e-voting e-Health – medical devices Smart energy Automotive
Example: Rijndael/AES: FIPS 197 > 3100 NIST-certified products S S S S S S S S S S S S S S S S round Key Schedule S S S S S S S S S S S S S S S S round MixColumns MixColumns MixColumns MixColumns • Key length: 16/24/32 bytes round • Block length: 16 bytes . . . . . round
TRUST! Resilience Dependability Trust4Cloud Security4IoT Availability Security Performance Data Protection & Privacy & Privacy Robustness
Three Major Research Challenges Trust4Cloud Cloud is about outsourcing, about trusting third parties • Secure processing of data in the cloud • Platforms: robust, dependable, available, featuring security and privacy • Key management Security4IoT Researching and developing up-to-date security solutions for IoT • 26 - 50 billion units by 2020 !!!! • Tactical and strategic approach needed • Need for new security architectures, solutions and new security primitives Data Protection & Privacy Deep engagement in the digital revolution demands for precaution • Investment in data protection and privacy becomes a business enabler • Towards individuals, towards partners, towards governments and regulators 8
Cloud and Mobile Security • Biometrics and Identity Management • Enhancing fraud resistance of eID documents • User-centric privacy enhancements • Seamless roaming with security preferences • Mobile Authentication / payments • Mitigating security risks of the cloud
Challenge of the Internet of Things (IoT) Source: Gartner (July 2015) 10
Advanced Cryptographic Techniques for IoT & Cloud EU H2020/ECRYPT-NET PERIOD From 01/03/2015 till 28/02/2019 OBJECTIVE To develop advanced cryptographic techniques for the Internet of Things and the Cloud and to create efficient and secure implementations of those techniques on a broad range of platforms. PARTNERS Marie Skłodowska -Curie ITN (Integrated Training Network) 11
The Hype Cycle for Privacy 12
Privacy • Tracking on the web: large scale studies • Including a specific study on cookie-less tracking: hard to detect and prevent • Location privacy: developing solutions • Cryptographic solutions for privacy-friendly location sharing • Design of privacy-enhanced location based services • Private web search • Analysis and evaluation of obfuscation-based solutions
FACEBOOK TRACKING REPORT COSIC, CiTip (former ICRI) and DistriNet wrote a technical report on online tracking by Facebook Social Plug-ins, such as the “Like Button”. The 23 - page technical report titled “Facebook Tracking Through Social Plug - ins” is prepared at the request of the Belgian Privacy Commission in the context of its Facebook investigation. 14
Identity Management Integrating biometrics and cryptography Device Fingerprinting: • Featuring device and behavioural fingerprinting • Enabling low threshold authentication (security benefit) • Enabling privacy preservation • Management of user consent • Integration with IAM and identity management 15
Data Pseudonymization • Context: Centralization of Data • e.g. big data for e-health • De-identification techniques, while considering side channels • New frontiers and trade-offs • Utility vs. privacy 16
Secured Smart Grid Metering Architecture KIC InnoEnergy - SAGA PERIOD From 01/01/2014 till 31/03/2017 OBJECTIVE To develop security services and privacy solutions for the next generations of smart meters. PARTNERS 17
Specialised and focused training for Industry SECAPPDEV March 2017 – 1 week training How to develop secure software applications. The organising committee comprises several faculty members of COSIC and DistriNet and some free- lance software security trainers and consultants. COSIC INTERNATIONAL COURSE Biannual 4-day training, Q2 2017 Offers a broad overview of cryptography and industrial applications in banking, government, e-health, .. IPICS 2016: July 4-11 Introductory course for advanced Master students and beginning PhD students as well as industry experts 18
Real-life Use Case – TruBliss Search Engine
TruBliss – Trustworthy Belgian Key Internet Services iMinds/TruBliss PERIOD From 01/04/2014 till 31/03/2016 OBJECTIVE The TruBliss project aims to support financial institutions in optimizing their security capabilities. This comprehensive approach encompasses innovation on the technical, procedural and legal levels PARTNERS 20
Interactive Investigation Case Query Tool • Initial trigger: • Need to analyze daily feed of new information • E.g., DNS-registrations, confiscated data from suspects • Automated screening of daily feed • DNS registrations that are similar to set of watch list of key words • Statistical summary of analysis • Helps interactive identification of individual cases that may require further analysis 21
Interactive Case Query Tool • Tool based on Apache/Tapestry • Search engine based on MG4J (Managing Gigabytes for Java) • Extracts text from image files using Tesseract and GOCR • Automatically screens office files, Adobe PDF files, images, emails… • Supports interactive querying for fuzzy searches • Approximate search • Informs investigators automatically when specific hits are encountered 22
TruBliss Architecture Investigator Investigator TB Indexer TB Indexer TB Indexer NAS TruBliss Engine TB Indexer TB Indexer TB Indexer Investigator Investigator Investigator 23
Trubliss Approach – Analysis 1. Researchers upload information to NAS 2. Trubliss Indexers perform analysis for each file • Identifies files based on cryptographic hash values • Extracts meta data • Images: all information stored into image files • Office documents: author, abstract, file history… • Extract text data from documents • Office documents, PDF • Extract text data from images using CAPTCHA-recovery tools • Image files containing printed text • Extracted information is in text format and can be easily analyzed • Compound files are analyzed recursively • Archive files are extracted and content analyzed: zip, tar, arj, 7zip… • Mounts forensic bitwise copies and analyzes recursively 24
Trubliss Approach – Open Source Tools 1. Text extraction tools based on open-source tools available free of charge • Images using Tesseract & GOCR • Office files using LibreOffice • PDF files using pdftotext • Emails using grepmail, readpst • Any other file type when necessary using open source conversion and extraction tools 2. Text search • Fuzzy/approximate search • Find words similar to search terms – agrep • Searchable index of all text information per case • File content + meta data – MG4J (Managing Gigabytes for Java) • Search index produced automatically on case data • Searches performed interactively 25
Advantages 1. Files are analyzed only once • Researchers do not waste time analyzing identical files several times • Cryptographic hash value guarantees uniqueness of analysis – researchers do not waste All information is 2. Search terms of interest are processed in batch • Notifications are emailed when matches are found 3. Open source & versatile • Information extraction using freely available tools • Search database supports huge volumes of data 26
Questions? Dr. Danny De Cock Senior Research Manager Applied Cryptography KULeuven ESAT/COSIC Contact: danny.decock@esat.kuleuven.be
Internet of Things
Recommend
More recommend
![Connecting declarative software tools Declarative tools [for] connecting software Salvador Lucas](https://c.sambuz.com/676127/connecting-declarative-software-tools-s.jpg)
