Chair of Network Architectures and Services Department of Informatics Technical University of Munich Tamper-resistant creation of integrity tokens for trustworthy communication in cyber-physical systems Intermediate talk for the Master’s Thesis by Christoph Rudolf advised by Dr. Holger Kinkelin and Richard von Seck Wednesday 17 th July, 2019 Chair of Network Architectures and Services Department of Informatics Technical University of Munich
Motivation Problem statement by example • Cars communicating via ad-hoc networks • Received data impacts traffic behavior Christoph Rudolf — Tamper-resistant creation of integrity tokens 2
Motivation Problem statement by example Christoph Rudolf — Tamper-resistant creation of integrity tokens 3
Solution Proposal Integrity Token Enable vehicles, cyber-physical systems or generic entities to sign their data • Similar to a certificate issuance process • Attestation of integrity and trustworthiness of the entity • Issue generic integrity token as integrity proof towards peers • Generalize process as much as possible Christoph Rudolf — Tamper-resistant creation of integrity tokens 4
Solution Proposal Research Questions Q1 How can multiple collaborators work together in order to verify the validity of an entity? Q2 How can the necessary data for such an attestation be exchanged in a generic and secure manner? Q3 How is the distributed integrity data maintained to have a scalable solution? Q4 How can the privacy of entities be ensured despite public verification? Q5 What can we do to ensure the integrity of the validating system itself? Christoph Rudolf — Tamper-resistant creation of integrity tokens 5
Solution Proposal Requirements R1 Offline Integrity Check R2 Multi-Party Authorization R3 Permissioned System R4 Process Tracing R5 Privacy R6 Distributability Christoph Rudolf — Tamper-resistant creation of integrity tokens 6
Solution Proposal Related Work • Related work on traditional PKI utilizing DLT exists [7, 1] • Previous work at the Chair targets two specific scenarios: • PKI in the DFN (Deutsches Forschungsnetz, German Research Network ) [3, 6] • Configuration Management for Networked Devices [2, 5, 4] Christoph Rudolf — Tamper-resistant creation of integrity tokens 7
Solution Proposal Related Work • Related work on traditional PKI utilizing DLT exists [7, 1] • Previous work at the Chair targets two specific scenarios: • PKI in the DFN (Deutsches Forschungsnetz, German Research Network ) [3, 6] • Configuration Management for Networked Devices [2, 5, 4] → solutions are highly domain-specific and cannot be adapted to new environments (e.g. automotive systems) → Good: Some of the concepts can be adapted Christoph Rudolf — Tamper-resistant creation of integrity tokens 7
Solution Proposal Design Distributed Ledger Platform (e. g. Hyperledger Fabric) {} Entity 1 Signer 1 Node 1 {} Entity 2 Node 2 Proxy Signer 2 Node 3 Entity 3 {} Node 4 Signer 3 Node 5 Administration Data Storage Approver 1 Approver 2 Approver 3 different thesis Christoph Rudolf — Tamper-resistant creation of integrity tokens 8
Solution Proposal Process Entity 1 Approvers Signers Proxy Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9
Solution Proposal Process Entity 1 Approvers Signers Proxy event r 1 pending Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9
Solution Proposal Process Entity 1 Approvers Signers Proxy event r 1 a 1 pending Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9
Solution Proposal Process Entity 1 Approvers Signers Proxy event enough approvals? ✗ r 1 a 1 pending Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9
Solution Proposal Process Entity 1 Approvers Signers Proxy event enough approvals? ✗ r 1 a 1 a 2 pending Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9
Solution Proposal Process Entity 1 Approvers Signers Proxy event enough approvals! ✓ r 1 a 1 a 2 a 3 approved Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9
Solution Proposal Process Entity 1 Approvers Signers Proxy r 1 a 1 t 1 a 2 a 3 finished Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9
Solution Proposal Process Entity 1 Approvers Signers Proxy r 1 a 1 t 1 a 2 a 3 finished Ledger – Assets for one process run Christoph Rudolf — Tamper-resistant creation of integrity tokens 9
Solution Proposal System Integrity Research questions Q5 asks what we can do to ensure the integrity of the system itself. Christoph Rudolf — Tamper-resistant creation of integrity tokens 10
Solution Proposal System Integrity Research questions Q5 asks what we can do to ensure the integrity of the system itself. V 1 Hardware or system software • Analysis of attack vectors on the system V 2 Network communication V 3 DLT framework System V 4 DLT participants V 5 Business logic V 6 External components Christoph Rudolf — Tamper-resistant creation of integrity tokens 10
Solution Proposal System Integrity Research questions Q5 asks what we can do to ensure the integrity of the system itself. V 1 Hardware or system software • Analysis of attack vectors on the system V 2 Network communication • Suggestions for mitigations per vector V 3 DLT framework • Multi-party authorization on multiple levels System V 4 DLT participants V 5 Business logic V 6 External components Christoph Rudolf — Tamper-resistant creation of integrity tokens 10
Solution Proposal System Integrity Research questions Q5 asks what we can do to ensure the integrity of the system itself. V 1 Hardware or system software • Analysis of attack vectors on the system V 2 Network communication • Suggestions for mitigations per vector V 3 DLT framework • Multi-party authorization on multiple levels System • Critical: Business Logic (Chaincode) V 4 DLT participants • Using tools for static analysis [8] V 5 Business logic • Unit tests aiming for high coverage • Use- and misuse-cases V 6 External components Christoph Rudolf — Tamper-resistant creation of integrity tokens 10
Status Current state and progress Currently in implementation phase: • Implementation using Hyperledger Fabric • Starting from scratch with most recent Fabric version • done: Chaincode implementation of features for standard operation • todo: Unit testing and other system integrity measures Christoph Rudolf — Tamper-resistant creation of integrity tokens 11
Timeline Apr May Jun Jul Aug Sep Oct Problem analysis Precise definition of requirements Studying previous and related work Design of the solution concept Setup of a test network Implementation Conducting a case study Writing the thesis Today Deadline Christoph Rudolf — Tamper-resistant creation of integrity tokens 12
Bibliography [1] L. Axon. and M. Goldsmith. PB-PKI: A Privacy-aware Blockchain-based PKI. In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications – Volume 6: SECRYPT, (ICETE 2017) , pages 311–318. INSTICC, SciTePress, 2017. [2] V. J. Hauner. Trustworthy Configuration Management with Distributed Ledgers. Master’s thesis, Technische Universität München, 2018. [3] J. F. Hoops. A Tamper-Proof Certificate Issuance Process Based on Distributed Ledger Technology. Bachelor’s thesis, Technische Universität München, 2018. [4] H. Kinkelin, V. Hauner, H. Niedermayer, and G. Carle. Trustworthy configuration management for networked devices using distributed ledgers. CoRR , abs/1804.04798, 2018. [5] M. Müller. Trustworthy and Tamperproof Configuration Management for Networked Devices. Masters’s thesis, Technische Universität München, 2019. [6] J. G. Roos. Modelling Organizational Structures for a Distributed Ledger-Based Federated Certificate Managment System. Bachelor’s thesis, Technische Universität München, 2019. [7] A. Yakubov, W. M. Shbair, A. Wallbom, D. Sanda, and R. State. A blockchain-based PKI management framework. In NOMS 2018 – 2018 IEEE/IFIP Network Operations and Management Symposium , pages 1–6, April 2018. [8] K. Yamashita, Y. Nomura, E. Zhou, B. Pi, and S. Jun. Potential Risks of Hyperledger Fabric Smart Contracts. In 2019 IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE) , pages 1–10, Feb 2019. Christoph Rudolf — Tamper-resistant creation of integrity tokens 13
Discussion Distributed Ledger Platform (e. g. Hyperledger Fabric) {} Entity 1 Signer 1 Node 1 {} Entity 2 Node 2 Proxy Signer 2 Node 3 Entity 3 {} Node 4 Signer 3 Node 5 Administration Data Storage Approver 1 Approver 2 Approver 3 different thesis Christoph Rudolf — Tamper-resistant creation of integrity tokens 14
Recommend
More recommend