time is power quantuminsert
play

TIME IS POWER - QUANTUMINSERT 1 Learning Goals The Following - PowerPoint PPT Presentation

Jul 11, 2023 •273 likes •615 views

create your own exercise Mario Silaci, Lucas Wolf TIME IS POWER - QUANTUMINSERT 1 Learning Goals The Following Learning Goals are Covered in the Lecture PreLab Lab What are requirements to perform the QUANTUM X X X INSERT (QI)? How does

  1. create your own exercise Mario Silaci, Lucas Wolf TIME IS POWER - QUANTUMINSERT 1

  2. Learning Goals The Following Learning Goals are Covered in the Lecture PreLab Lab What are requirements to perform the QUANTUM X X X INSERT (QI)? How does the QI work in general? X X X Background: NSA, FISC and Snowden X X Which protocols are used in the QI? X X X Which tools are necessary for the QI? X X How do you forge correct packets? X X Related Work? X X 2

  3. Connection via Internet 0 3

  4. QUANTUMINSERT: Requirements 0 4

  5. QUANTUMINSERT: Requirements 0 Ability to monitor the traffic between the victim and the responding server 5

  6. QUANTUMINSERT: Requirements 0 Timing Attack Faster connection Slower connection 6

  7. QUANTUMINSERT: Victim Requests Website 1 GET 7

  8. QUANTUMINSERT: Shooter Gets Notified 2 ! GET GET 8

  9. QUANTUMINSERT: Shooter Injects Malicious Response 3 INJ 9

  10. QUANTUMINSERT: Server Sends Legitimate Response 4 RES INJ 10

  11. QUANTUMINSERT: Result 5 Injection packet Attackvector (INJ) Gets interpreted as the HTTP response Partial HTTP response (RES) 11

  12. QUANTUMINSERT: Result 5 Injection packet Attackvector (INJ) Gets interpreted as First fragments get the HTTP response dropped (Sequence number Partial HTTP response Duplicates) (RES) 12

  13. QUANTUMINSERT: Result 5 Injection packet Attackvector (INJ) Gets interpreted as the HTTP response Partial HTTP response (RES) 13

  14. The Responsibles: NSA and GCHQ [1] [2] agent victim “The early bird catches the worm.” 14

  15. The Responsibles: Tailored Access Operations Division NSA‘s hacker division Implemented several QUANTUM attacks Motto: "Your data is our data, your equipment is our equipment - anytime, any place, by any legal means.“ [3] 15

  16. The Advocates: Foreign Intelligence Surveillance Court(FISC) • secret court which makes secret rulings with gag orders • Was empowered after the Foreign Intelligence Surveillance Act (FISA) and has been called "almost a parallel Supreme Court.“ [4] FISC denied 11 requests out of ~33.900 in 33 years, i.e. approved ~99,97% 16

  17. [5] 17

  18. Whistleblower: Edward Snowden • Former secret service system administrator and agent • Worked as contractor for NSA and CIA • Is against mass surveillance in the internet  2013: Leaked sensitive information(e.g. NSA‘s surveillance techniques) in cooperation with Glenn Greenwald and Laura Poitras [6] 18

  19. 7 Layer ISO/OSI model Application Layer Application Layer Presentation Layer Presentation Layer Session Layer Session Layer Transport Layer Transport Layer Network Layer Network Layer Data Link Layer Data Link Layer Physical Layer Physical Layer 19

  20. QUANTUMINSERT: Relevant Protocols HTTP HTTP TCP TCP Network Layer Network Layer Data Link Layer Data Link Layer Physical Layer Physical Layer 20

  21. Reminder: Transmission Control Protocol(TCP) Handshake 21

  22. TCP Handshake with QUANTUMINSERT 1 2 3 4 22

  23. TCP Handshake with QUANTUMINSERT 1 2 3 4 Identical sequence and acknowledge numbers 23

  24. Hypertext Transfer Protocol (HTTP) Server Client 24

  25. Hypertext Transfer Protocol (HTTP) Server Client Request Response 25

  26. Hypertext Transfer Protocol (HTTP) Server Client Statuscode: Defines the functionality of the response 26

  27. 27 [7]

  28. Teaser Practical Part: Setup 28

  29. Teaser Practical Part: Intended Connection 29

  30. Teaser Practical Part: Redirection Injection 30

  31. Teaser Practical Part: Manipulated Connection 31

  32. Teaser Practical Part: Real Life Analogy 32 [8]

  33. Teaser Practical Part: Closer Look Transatlantic GCHQ‘s shooter wire endpoint (North America) You (probably Transatlantic unaware) wire endpoint (Europe) NSA‘s server Facebook (Foxacid) headquarter 33 [8]

  34. THANKS! Sources: • [1]: Seal of the United States National Security Agency, https://commons.wikimedia.org/wiki/File:Seal_of_the_United_States_National_Security_Agency.svg • [2]: EFF NSA-Logo Parody https://www.flickr.com/photos/electronicfrontierfoundation/12225935484 • [3]: Question mark head https://commons.wikimedia.org/wiki/File:No_image.JPG • [4]: How the NSA collects data http://www.theverge.com/2013/7/17/4517480/nsa-spying-prism-surveillance-cheat-sheet • [5]: Court house https://upload.wikimedia.org/wikipedia/commons/b/b0/Garrett_Prettyman_district_court.jpg • [6]: Edward Snowden https://upload.wikimedia.org/wikipedia/commons/6/60/Edward_Snowden-2.jpg • [7]: There is more than one way to QUANTUM https://theintercept.com/document/2014/03/12/one-way-quantum/ • [8]: World map https://pixabay.com/de/weltkarte-global-geographie-1958134/ • All other figures were made by ourselves 34

Recommend

Today Power and Energy Review Power management Energy is power integrated over time

Today Power and Energy Review Power management Energy is power integrated over time

Today Power and Energy Review Power management Energy is power integrated over time Hardware capabilities 1 Watt == 1 Joule / second Software management strategies Heat depends on power consumption Battery life depends

282 views • 5 slides
Modulation 2 Power Recall (or learn) that Power is a measure of: Energy per unit time

Modulation 2 Power Recall (or learn) that Power is a measure of: Energy per unit time

1 EE 109 Unit 10 - Pulse Width Modulation 2 Power Recall (or learn) that Power is a measure of: Energy per unit time In an electronic circuit, P = I * V Power = Current & Voltage (each may be varying w/ time) A

185 views • 16 slides
Power Recall (or learn) that Power is a measure of: Energy per unit time In an

Power Recall (or learn) that Power is a measure of: Energy per unit time In an

E.1 E.2 Power Recall (or learn) that Power is a measure of: Energy per unit time In an electronic circuit, P = I * V EE 109 Unit E - Pulse Width Power = Current & Voltage (each may be varying w/ time) A circuit that

260 views • 5 slides
We Well-Be Being; its about the the D Dos, no not D t Don nts ts The Power of

We Well-Be Being; its about the the D Dos, no not D t Don nts ts The Power of

We Well-Be Being; its about the the D Dos, no not D t Don nts ts The Power of Small Steps The last time you tried to make a change, but it didnt work. What happened? Willpower Time Motivation Skills

441 views • 20 slides
From power to energy Power is an instantaneous quantity (W), which we denote p Energy is the

From power to energy Power is an instantaneous quantity (W), which we denote p Energy is the

From power to energy Power is an instantaneous quantity (W), which we denote p Energy is the result of integrating power generation over time (Wh), i.e., t + t E t t + t = p d t 2/6 Capacity and reservation At any time

739 views • 6 slides
Why Time Synchronization? Event Ordering Low Duty Cycle Networking Time Division

Why Time Synchronization? Event Ordering Low Duty Cycle Networking Time Division

Low-Power Clock Synchronization using Electromagnetic Energy Radiating from AC Power Lines Energy Radiating from AC Power Lines (Apply Directly Where it Hertz ) Anthony Rowe, Vikram Gupta, Raj Rajkumar Electrical and Computer Engineering

498 views • 17 slides
Operational Perspective Michael Burke Power System Control EirGrid Real Time Power System

Operational Perspective Michael Burke Power System Control EirGrid Real Time Power System

Operational Perspective Michael Burke Power System Control EirGrid Real Time Power System Operation 50 Hz: Safe, Secure and Economic Operation of Power System Generation = Demand Control Centres: NCC & CHCC Bulk Transfer of Power on

1.12k views • 32 slides
Mobile Marketing with Channel Mobile Its time to harness the power of mobile!! The Power of

Mobile Marketing with Channel Mobile Its time to harness the power of mobile!! The Power of

Mobile Marketing with Channel Mobile Its time to harness the power of mobile!! The Power of Mobile In the past 5 years, mobile penetration has grown from Operator The 30% to wel 30% ell over er revenues - $5.4 4 ha half of the

534 views • 41 slides
New power electronics enable compact, cool and efficient xEV power train inverters FOR THE

New power electronics enable compact, cool and efficient xEV power train inverters FOR THE

New power electronics enable compact, cool and efficient xEV power train inverters FOR THE FIRST TIME IN TRANSPORTATION SEMICONDUCTORS ARE RESPONSIBLE FOR THE KEY VALUES OF VEHICLE Driving Refuel Driving 0 to 60 Cost Distance time

331 views • 22 slides
The power and weakness of randomness (when you are short on time) Avi Wigderson Institute for

The power and weakness of randomness (when you are short on time) Avi Wigderson Institute for

The power and weakness of randomness (when you are short on time) Avi Wigderson Institute for Advanced Study Plan of the talk Computational complexity -- efficient algorithms, hard and easy problems, P vs. NP The power of randomness

284 views • 24 slides
This is a Header Using Power Query Builder THIS IS A SUBTITLE Save Time Connecting to D365/CDS

This is a Header Using Power Query Builder THIS IS A SUBTITLE Save Time Connecting to D365/CDS

This is a Header Using Power Query Builder THIS IS A SUBTITLE Save Time Connecting to D365/CDS Data with Power Query Builder swoloshin@pragmaticworks.com Agenda Create a Report Connection in minutes Deeper Dive Why use Power Query Builder

512 views • 15 slides
An Efficient Algorithm for Computing the Time Resolved Full Sky Cross Power in an Interferometer

An Efficient Algorithm for Computing the Time Resolved Full Sky Cross Power in an Interferometer

An Efficient Algorithm for Computing the Time Resolved Full Sky Cross Power in an Interferometer with Omni-directional Elements Kipp Cannon, University of Wisconsin Milwaukee December 20, 2006 Abstract Both time- and frequency-domain

296 views • 16 slides
OK GLASS HOW NERVOUS AM I? REAL-TIME FEEDBACK IN ROWING EXAMPLE : FEEDBACK ON POWER LOSS

OK GLASS HOW NERVOUS AM I? REAL-TIME FEEDBACK IN ROWING EXAMPLE : FEEDBACK ON POWER LOSS

OK GLASS HOW NERVOUS AM I? REAL-TIME FEEDBACK IN ROWING EXAMPLE : FEEDBACK ON POWER LOSS DUE TO VELOCITY FLUCTUATIONS Lotte Lintmeijer CONTENT Project: the bigger picture Background Aim Feedback Power

358 views • 21 slides
Today Power management Hardware capabilities Software management strategies Power and

Today Power management Hardware capabilities Software management strategies Power and

Today Power management Hardware capabilities Software management strategies Power and Energy Review Energy is power integrated over time 1 Watt == 1 Joule / second Heat depends on power consumption Battery life depends

534 views • 28 slides
Power and Energy Charles Li and Deepak Pallerla Power: A First-Class Architectural Design

Power and Energy Charles Li and Deepak Pallerla Power: A First-Class Architectural Design

Power and Energy Charles Li and Deepak Pallerla Power: A First-Class Architectural Design Constraint Motivations IT was 8% of US electricity usage in 2000 Increasing over time Chip die power density increasing linearly

521 views • 31 slides
The Big O Lecture 19 How it scales In analysing running time (or memory/power consumption) of

The Big O Lecture 19 How it scales In analysing running time (or memory/power consumption) of

Design & Analysis of Algorithms The Big O Lecture 19 How it scales In analysing running time (or memory/power consumption) of an algorithm, we are interested in how it scales as the problem instance grows in size Running time on

507 views • 17 slides
DX 3 offer Accessories MCB Isolators RCCB RCBO Measure Time- Contactor AC AC AC Power

DX 3 offer Accessories MCB Isolators RCCB RCBO Measure Time- Contactor AC AC AC Power

DX 3 offer Accessories MCB Isolators RCCB RCBO Measure Time- Contactor AC AC AC Power Switch DC A HPI Multi power Digital RDSO HPI Astro 2 C.Tamhankar/Marketing DX 3 a global offer Global range R&D in France,

552 views • 26 slides
(Spring 2020 Project) E.2 Power Recall (or learn) that Power is a measure of: Energy

(Spring 2020 Project) E.2 Power Recall (or learn) that Power is a measure of: Energy

E.1 EE 109 Unit E Pulse Width Modulation (Spring 2020 Project) E.2 Power Recall (or learn) that Power is a measure of: Energy per unit time In an electronic circuit, P = I * V Power = Current & Voltage (each may be

422 views • 8 slides
Crossing Over the Bounded Domain: From Exponential To Power-law Inter- meeting time in MANET Han

Crossing Over the Bounded Domain: From Exponential To Power-law Inter- meeting time in MANET Han

Crossing Over the Bounded Domain: From Exponential To Power-law Inter- meeting time in MANET Han Cai, Do Young Eun Department of Electrical and Computer Engineering North Carolina State University Motivation inter-meeting time

720 views • 35 slides
The Twenty-Sixth Sunday in Ordinary Time Welcome Home Gathering Song: All Hail the Power of

The Twenty-Sixth Sunday in Ordinary Time Welcome Home Gathering Song: All Hail the Power of

Empowered by the Eucharist Today we celebrate The Twenty-Sixth Sunday in Ordinary Time Welcome Home Gathering Song: All Hail the Power of Jesus Name All hail the power of Jesus name! Let angelsprostrate fall; Bring forth the royal

507 views • 24 slides
S et the Bar Low. Be a WINNER every time. Public Power Matters Public Power Matters Innovation

S et the Bar Low. Be a WINNER every time. Public Power Matters Public Power Matters Innovation

S et the Bar Low. Be a WINNER every time. Public Power Matters Public Power Matters Innovation Workforce Advocacy Y our S tory Rates Matter Matters Matters Matters Matters Its the Rates, S tupid! Innovation Matters We must

280 views • 26 slides
Dissecting Design Choices for Power Efficient Continuous-time DS Converters Shanthi Pavan Indian

Dissecting Design Choices for Power Efficient Continuous-time DS Converters Shanthi Pavan Indian

Dissecting Design Choices for Power Efficient Continuous-time DS Converters Shanthi Pavan Indian Institute of Technology, Madras Chennai, India Outline Introduction Architectural design choices Circuit techniques for low power

947 views • 94 slides
Time Series Based Semi-Analytical Solution of Power Systems and its Application in Direct Methods

Time Series Based Semi-Analytical Solution of Power Systems and its Application in Direct Methods

Time Series Based Semi-Analytical Solution of Power Systems and its Application in Direct Methods Eric Abreut Bin Wang Dr. Kai Sun Final Presentation July 14, 2016 Knoxville, Tennessee Stability Problem 2 Time Domain Simulation vs. Direct

251 views • 22 slides
THE POWER OF SELF SERVICE Save time, get better documentation and reduce paper costs

THE POWER OF SELF SERVICE Save time, get better documentation and reduce paper costs

MCO Provider Portal Webinar 6/13/18 THE POWER OF SELF SERVICE Save time, get better documentation and reduce paper costs PCA-1-009199-12222017_03152018 Proprietary information of UnitedHealth Group. Do not distribute or reproduce without express

359 views • 20 slides

More recommend