cs259: security analysis of network protocols winter 2008
DESCRIPTION
CS259: Security Analysis of Network Protocols Winter 2008. Project Presentations 2 Day 2 – Feb. 21, 2008. Anthony Ho, Sharada Sundaram with Adam Barth, John Mitchell, Steve Nguyen, Nicole Taheri. HIPAA. More HIPAA Background. Covered entity Protected Health Information - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/1.jpg)
CS259: Security Analysis of Network ProtocolsWinter 2008
Project Presentations 2Day 2 – Feb. 21, 2008
![Page 2: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/2.jpg)
HIPAA
Anthony Ho, Sharada Sundaram
withAdam Barth, John Mitchell, Steve Nguyen, Nicole
Taheri
![Page 3: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/3.jpg)
More HIPAA Background
• Covered entity• Protected Health Information• Administrative Simplification provisions• 164.502 Uses and disclosure of Protected
Health Information. (This talks about rules of PHI disclosure depending on the type of data, its uses, the end user, the covered entity, the person whose data it is, etc.)
![Page 4: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/4.jpg)
164.502
• Standard Disclosure
• Minimum Necessary
• De-Identified Information Disclosure
• Disclosure to Business Associates
• Personal representatives
• Whistle blowers
![Page 5: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/5.jpg)
Prolog
• Facts• Rules• Queries• Prolog is declarative.• Given a set of facts and rules, deduce if
queries hold.
![Page 6: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/6.jpg)
Plan
• Translate 164.502 portion of HIPAA that regulates the distribution of protected health information into a set of Prolog rules
• Model the Hospital's environment and different Agents. (Ex Scrubs)
• Write queries to test properties of model
![Page 7: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/7.jpg)
Covered Entity
Covered Entity
Business Associates
Patient
Parents
Minors
Relatives
Public Release
![Page 8: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/8.jpg)
ExampleHIPAA LAW:164.502.a.1 (ii) For treatment, payment, or health care
operations, as permitted by and in compliance with §164.506;
PROLOG TRANSLATION:permitted_by_164_502_a_1_ii(A):- satisfy_164_502_a_1_ii(A), permitted_by_164_506(A).
satisfy_164_502_a_1_ii(A):- has_purpose(A, healthcare); has_purpose(A, payment); has_purpose(A, treatment).
![Page 9: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/9.jpg)
Properties
• Develop a set of queries that will individually test each clause of the law implemented.
• Verify that no unauthorized person gains access to the Medical records of any patient.
• Test the answers produced for existing HIPAA lawsuits.
• Rational Reconstruction
![Page 10: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/10.jpg)
Challenges
• Difficult for engineers to interpret law• What do we model?• How much detail should we model?• Is it complete?• Is there a strategy for a patient to get his
questions answered?• Is one translation better than other?
![Page 11: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/11.jpg)
Analysis of Remote Attestation
Lavina Jain Jayesh Vyas
![Page 12: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/12.jpg)
Hardware
CRTM
BIOS
OS
Application
Reset PCR
Extend PCR with BIOS image
Extend PCR with OS image
Pre
- bo
ot
Remote Attestation (Recap)
Integrity of kernel,applications,libraries, files
Dynamic/Run-timemeasurements
Pos
t -
boot
TPM
PCR
Hardware
Keys
Measurementlist (ML)
Kernel
Client/Attestator
Server/Challenger
RemoteAttestation
TrustedThird Party
(AIK)EK
AIK Credential
AuthValidate
![Page 13: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/13.jpg)
Integrity Management Architecture (IMA)
Kernel Hooks(Measurement
Agents)
Kernel
Hardware
CRTM
BIOS
PCR_Extend(BIOS)
Measurementlist
Insmod Loader /bin/sh, /bin/perl
PCR
TPM
Reset PCR
Boot Up
PCR_Extend(OS)
PCR_Extend
Update
![Page 14: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/14.jpg)
Remote Attestation ProtocolClient/Attestator
Ver (SigAIK (PCR, N), AIKpub) = true/false
TPMPCR
Keys
Attestationservice Challenger
1. 160-bit Nonce, N2.
Quo
te R
eque
st
3. Q
uote
Res
pons
e 4. Integrity Response
5. Integrity Validation
{ SigAIK (PCR, N), ML, AIKpub, AIKcert }N
Sig
AIK
(PC
R, N
)
- Validate AIKpub and AIKcert- Verify Signature- Verify freshness of Nonce- Match HASH(ML) against PCR- Validate measurement list, ML
Assumption: A secure session is set up between the client and the server.
![Page 15: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/15.jpg)
Threat Model and Security Properties1. Replay Attack:
A malicious attesting system can replay old values of measurements and PCR Quote that correspond to a valid platform (before the system was corrupted).Protection – Fresh Nonce.
2. Masquerading:An attacker can send measurement list and PCR Quote of another valid system.Protection – Nonce and signature.Can an attacker learn any nonce and corresponding signature pair?
3. Tampering:An attacker may tamper with measurement list: modify, truncate.Protection: SIG (PCR)
4. Malicious measurement agent: may report and extend incorrect integrity values.Protection: Measure and validate integrity of measurement agent.
5. A malicious application may be loaded on the client after the remote attestation protocol completes.
6. The order in which the following 3 operations are performed of may have an effect on integrity.- reporting hash value to PCR.- storing it in kernel measurement list.- executing the process which is being measured.
7. Hardware attacks: Reset PCR, and store new value corresponding to modified measurement list.
8. Analysis of protocol:Significance of Nonce, keys (EK, AIK), and certificates.
9. Tool to analyze the protocol: Murphi
![Page 16: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/16.jpg)
Analysis of Direct Anonymous Attestation (DAA)
Sudip RegmiIlya Pirkin
![Page 17: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/17.jpg)
Trusted computing
• Developed by TCG– Applications
• Secure Input and Output• Sealed Storage• Remote Attestation
– Main Component• Trusted Platform Module
![Page 18: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/18.jpg)
Trusted Platform Module (TPM)
• A microcontroller that stores keys, passwords and digital certificates.
• Typically is affixed to the motherboard of a PC
• These secrets inside the TPM are secure from external software attacks/physical theft.
![Page 19: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/19.jpg)
Remote Attestation
• Remote Attestation allows the system containing the TPM to prove a particular set of software and configurations to an interested verifier.
• Problem: If the TPM is widely used then there are concerns for Privacy and Availability.
• DAA tries to solve those issues
![Page 20: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/20.jpg)
Direct Anonymous Attestation
• Direct – Doesn’t require highly available Privacy CA
• Anonymous - Based on the Camenisch-Lysyanskaya Group Signature Schema without anonymity revocation
• Attestation - Interactive protocol between the verifier and the host containing the TPM
![Page 21: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/21.jpg)
Players• Issuer – authenticates TPM and generates DAA
Credential (zero-knowledge proof of TPM secret)• TPM – stores the secret and DAA Credential signed by
Issuer, together with Host generated DAA signatures• Host – generate DAA signatures for Verifier• Verifier – authenticates Host as containing some
authentic TPM authenticated and authorized by Issuer; requests DAA signature
• PKI – not part of DAA protocol but assumed
![Page 22: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/22.jpg)
Primitives
• Conventional RSA encryption• PseudonymBase• Pseudonym(f, bsn)• Blind(f, nonce)• DAA-Credential (f)• DAA-Signature (m, DAA-Credential, bsn)
![Page 23: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/23.jpg)
Join protocol
• Init: TPM generates secret f• Outcome: If Issuer authorizes TPM, the latter obtains
a non-interactive proof of the Issuer’s authorization (“DAA Credential”).
• Notes:– Channel is one-way authenticated channel but not
encrypted!– TPM is not anonymous and uses its Endorsement Key to
authenticate itself
![Page 24: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/24.jpg)
Join protocol
IssuerbsnI
Host TPMf
Choose: nonce v1
PseudonymBase(bsnI)U=Blind(f, v1), SPK(U)
DAA Public Key PKI
Choose: RSA e ,
nonce v2
v2
DAA Public Key PKI
PseudonymBase(bsnI)
e,A={blind(v2)}e, SPK(A)Secret part of DAA Credent
v = v1+v2
![Page 25: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/25.jpg)
Sign and Verify
• Init: TPM has a DAA-Credential• Outcome: Verifier has Anonymous Signature
on m generated by TPM• Notes
– TPM is anonymous and may use pseudonyms– Verifier decides whether or not to reuse
pseudonyms
![Page 26: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/26.jpg)
Sign and Verify Diagram
VerifierbsnV
Host(A, e)
TPM(f, v)
Request, bsnV,[m] PseudonymBase(bsnV)
m, NV=Pseudonym(f, bsnV)DAA Signature (m, NV)
![Page 27: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/27.jpg)
Tool
• Murphi– Known attacks appear to be good candidates for
Murphi– Looking for similar attacks
• Approach– Model security primitives in messages by sending
components they are generated from– Trust security primitives but look for unexpected use
or parameter combinations
![Page 28: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/28.jpg)
Adversary’s Capabilities
• Can intercept messages between any two players
• Can replay encrypted messages (or parts) even if it cannot decrypt them
• Can create security primitives from known data and insert them into messages
![Page 29: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/29.jpg)
Security properties
1. Correctness 2. Anonymity3. Unlinkability4. Secrecy
![Page 30: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/30.jpg)
Correctness
• Informally - An honest TPM is able to authenticate and attest.
• Formally - If a verifier completes the protocol for message m:– m was signed by an honest TPM using a DAA-
Credential(f) and verifier’s basename;– DAA-Credential(f) was issued by an honest Issuer for
the TPM and its f before signing message m.– TPM is not on the rogue list (blacklist)
![Page 31: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/31.jpg)
Informally
– Anonymity - A user transaction of an honest platform is anonymous, i.e., it cannot be linked with its Endorsement Key(EK).
– Unlinkability - User transactions of an honest platform with different Verifiers are not linkable.
![Page 32: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/32.jpg)
Unlinkability - formalized• No data should appear in sign/verify protocol transcript
so that it is a value of a deterministic 1-1 function M (f, AKV), which adversary can calculate, and which only depend on:– f – TPM secret– AKV – already known [by adversary] values (nonces, public keys
etc)• We will have to come up with good candidates for M and
program them manually
![Page 33: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/33.jpg)
Anonymity - formalized• No data D1 should appear in sign/verify protocol transcript
which depends only on TPM secret f and values known to adversary (such as nonces)
• No data D2 should appear in Join protocol transcript which depends only on TPM ID and values known to adversary
• So that there are two deterministic 1-1 functions M1 and M2: M1(D1)=M2(D2) that Adversary can calculate
• We will have to come up with good candidates for M1 and M2 and code each of them manually
![Page 34: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/34.jpg)
Secrecy
• Given attacker’s capabilities, TPM secret f cannot be computed.
• Implied unforgeability (TPM has to be physically broken to extract f)
• A corrupt TPM’s secrets are in the rogue’s list
![Page 35: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/35.jpg)
Attacks
• Carsten Rudolph DAA Attack on Anonymity– Use PK’ to tag a particular TPM
• Corrupt Administrators (Smyth, Ryan, Chen) attack on Anonymity– Same entity behaves as Issuer and Verifier, ie. Bsni = bsnv.
• Issues with Verifier’s Basenames– Adversary matches bsnv with a Verifier to find all TPMs it has
attested. • Issues with Rogue Tagging Feature in Join
– Protocol checks for secret f against a Rogue List• List is not verified (in the sign/verify protocol, it is)• Corrupt TPM can generate new secret, f.
![Page 36: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/36.jpg)
Pynchon Network Analysis
Fred Wulff
![Page 37: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/37.jpg)
PynGP 1.0
Nym ServerCollator
Client
1 2 3 4 5
![Page 38: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/38.jpg)
PynGP 2.0
Nym ServerCollator
Client
1 2 3 4 Validator
![Page 39: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/39.jpg)
Attacks (Part 1)
• Suppose we can figure out a way to remove the crypto on the messages in the database. Can we remove information theoretic security? (i.e. can we get P(client = id_1) != P(client = id_2)?)
• Thoughts and extensions
![Page 40: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/40.jpg)
Attacks (Part 2)
• Original Denial of Service Attack “Byzantine Postman”
• Provides detection but not solution• Start with different sets of colluders• Find out P(colluder being caught)• Find out estimated time for
communicartion
![Page 41: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/41.jpg)
Attacks (Part 3)
• Short/Long Messages• Does this mean compromising crypto
compromises information theoretic security? How quickly?
![Page 42: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/42.jpg)
Other Interesting Properties
• Given various starting parameters in PynGP 2.0, what’s the expected value for bandwidth used by the validator?
• What’s the maximum amount that a server can delay under the various protocols? What if we just pick a random subset of servers?
![Page 43: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/43.jpg)
If I Have Way Too Much Time On My Hands
• Horribly complex PynGP 1.5• Depends on Shamir Secret Sharing,
Paillier Crypto, multiple recovery methods.• Check the same properties as 2.0. See if it
does any better (vs. O(k) blow up).• Check properties for what can break.
![Page 44: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/44.jpg)
Tools
• PRISM• APMC? (Approximate Probabilistic Model
Checker) - continuous time, clusters, other interesting thing
![Page 45: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/45.jpg)
802.16g-2007 (WiMAX)(Management Plane Procedures and Services)
• Matt Bravo• [email protected]
Does one compromised base station compromise security for the whole
network?
![Page 46: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/46.jpg)
WiMAX
• Wireless broadband• IEEE 802.16 aka WirelessMAN
aka WirelessHUMAN• Both fixed (like wifi) and mobile
(like a cell phone) network specification
• I focus on the Network Control and Management System (NCMS)
![Page 47: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/47.jpg)
Handoff
• Occurs when a mobile station (MS) is moving out of a base stations (BS) coverage
• For QoS, this should be seemless
• Target BS must receive the crypto information and authorization information from the serving BS
![Page 48: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/48.jpg)
Handoffs come from everywhere!
• MS initiated Handoff
• NCMS initiated Handoff
• BS initiated Handoff
• “Fast Base Station Switching”
![Page 49: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/49.jpg)
Now lets suppose...
• We compromise a single base station
• Can we gain the crypto info of any MS on the network?
• Can we eavesdrop on the connection?
• Can we disconnect the MS
![Page 50: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/50.jpg)
Hypothesis
• Can grab crypto for any MS on the network (provided have the MAC)
• How to get a MAC address, is there a procedure for that?
• Should be some simply rules that an implementation can add to guard against this attack
![Page 51: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/51.jpg)
Tools
• Implement in Murphi the procedures and the network
• Read the spec, implement procedures as needed
• Add additional fixes or rules to Murphi to fix holes that are found
![Page 52: CS259: Security Analysis of Network Protocols Winter 2008](https://reader035.vdocuments.net/reader035/viewer/2022062501/56815d2c550346895dcb2349/html5/thumbnails/52.jpg)
Questions
• Please say questions and comments, I’ll hear them when I watch the lecture
• email me [email protected]
• call me 650-862-8756
• no letters please :)