Stephan Wesemeyer,Christopher J.P. Newton,Helen Treharne,Liqun Chen,Ralf Sasse,Jorden Whitefield

DOI: https://doi.org/10.1145/3320269.3372197

2020-10-05

Abstract:Direct Anonymous Attestation (Daa) is a set of cryptographic schemes used to create anonymous digital signatures. To provide additional assurance, Daa schemes can utilise a Trusted Platform Module (Tpm) that is a tamper-resistant hardware device embedded in a computing platform and which provides cryptographic primitives and secure storage. We extend Chen and Li's Daa scheme to support: 1) signing a message anonymously, 2) self-certifying Tpm keys, and 3) ascertaining a platform's state as recorded by the Tpm's platform configuration registers (PCR) for remote attestation, with explicit reference to Tpm2.0 API calls. We perform a formal analysis of the scheme and are the first symbolic models to explicitly include the low-level Tpm call details. Our analysis reveals that a fix pro-posed by Whitefield et al. to address an authentication attack on an Ecc-Daa scheme is also required by our scheme. Developing a fine-grained, formal model of a Daa scheme contributes to the growing body of work demonstrating the use of formal tools in supporting security analyses of cryptographic protocols. We additionally provide and benchmark an open-source C++implementation of this Daa scheme supporting both a hardware and a software Tpm and measure its performance.

Yanjiao Chen,Rui Guan,Xueluan Gong,Jianshuo Dong,Meng Xue

DOI: https://doi.org/10.1109/sp46215.2023.10179406

2023-01-01

Abstract:Recent studies show that machine learning models are vulnerable to model extraction attacks, where the adversary builds a substitute model that achieves almost the same performance of a black-box victim model simply via querying the victim model. To defend against such attacks, a series of methods have been proposed to disrupt the query results before returning them to potential attackers, greatly degrading the performance of existing model extraction attacks. In this paper, we make the first attempt to develop a defensepenetrating model extraction attack framework, named D- DAE, which aims to break disruption-based defenses. The linchpins of D- DAE are the design of two modules, i.e., disruption detection and disruption recovery, which can be integrated with generic model extraction attacks. More specifically, after obtaining query results from the victim model, the disruption detection module infers the defense mechanism adopted by the defender. We design a meta-learning-based disruption detection algorithm for learning the fundamental differences between the distributions of disrupted and undisrupted query results. The algorithm features a good generalization property even if we have no access to the original training dataset of the victim model. Given the detected defense mechanism, the disruption recovery module tries to restore a clean query result from the disrupted query result with well-designed generative models. Our extensive evaluations on MNIST, FashionMNIST, CIFAR-10, GTSRB, and ImageNette datasets demonstrate that D- DAE can enhance the substitute model accuracy of the existing model extraction attacks by as much as 82.24% in the face of 4 state-of-the-art defenses and combinations of multiple defenses. We also verify the effectiveness of D-DAE in penetrating unknown defenses in real-world APIs hosted by Microsoft Azure and Face++.

Rongwei Yu,Lina Wang,Xiao-yan Ma,Bo Kuang

DOI: https://doi.org/10.1109/CSE.2009.73

2009-01-01

Abstract:Virtualization makes virtual machines with a wide range of security requirements run simultaneously on the same commodity hardware. Direct Anonymous Attestation (DAA) for virtual machine is a cryptographic mechanism that enables remote attestation of virtual machine instances ( VMIs ) while preserving privacy under the user’s control. However, Trusted Platform Module (TPM) with only limited storage space and communication capability is an indispensable component in remote attestation of multiply VMIs. In this paper, an optimized direct anonymous attestation protocol is proposed based on a hierarchical group signature without random oracles from asymmetric pairing. The analysis result of the proposed protocol shows that cost of TPM is lower than the most efficient CMS-DAA scheme to date, the computational cost of host and verifier are highly reduced. Furthermore, security of the proposed scheme is similar to CMS-DAA.

Muhammad Bilal,Can Wang,Zhi Yu,Abid Bashir

DOI: https://doi.org/10.1109/icsess49938.2020.9237635

2020-01-01

Abstract:Identity management (IdM) plays a significant role in managing user identities (IDs). However, IdM is challenging to handle the rapidly rising numerous kinds of Web-based applications nowadays. The OpenID 2.0 communication protocol is an improved solution for managing a user's IDs based on the OpenID URL identity. OpenID URL identity is not very much secure in specific Web-based attacks; for instance, session hijacking and phishing attacks often occur. The earlier OpenID-based methods secure OpenID URL identity with single, double, and triple authentication schemes. But Identity Provider (IdP) side is still not secure in Web attacks: if an attacker steals the IdP-side legal user information, then existing OpenID-based security techniques are unreliable. The anticipated OpenID Reverse Authentication Authorizing and Accounting (RAAA) user authentication-based protocol secured OpenID URL identity by providing two beneficial fields Secret Alphanumeric String (SAS) and Special Innovative PIN (SIP) that utilize in testing website both sides in reverse and cost-effective way. In this experiment, IdP and Relying Party (RP), both sides are being used secretly. Therefore, experimental websites also test to check the proposed triple authentication protocol. In this paper, we have compared our RAAA user authentication protocol with already available SSO protocol methods. The tested websites and comparative results represent that the anticipated design protocol is very much secure and reliable solution. The advanced cryptographic Single-Sign-On (SSO) secure protocol reduces the higher-level session hijacking and phishing attacks risk in an OpenID-based environment. We suggest future SSO protocol methods will be needed more in terms of the authorized user's identity authentication in Web-based applications.

Wenchao Huang,Yan Xiong,Depin Chen

DOI: https://doi.org/10.1109/CSE.2009.87

2009-01-01

Abstract:Many approaches have been proposed to secure various ad hoc routing protocols. However, many attacks such as wormhole attacks, vertex cut attacks, and traffic-analysis based attacks are still not well addressed. In this paper, we propose a novel secure routing protocol DAAODV which is based on Ad-hoc On-demand Distance Vector routing (AODV). DAAODV takes full advantage of trusted computing technology, particularly the Direct Anonymous Attestation (DAA) and Property-based Attestation (PBA) protocols. DAAODV is an anonymous protocol without requirement of Trusted Third Party (TTP). Moreover, we propose an efficient signing and verification scheme to overcome the potential DoS attacks triggered by the low efficiency of DAA and PBA. In the simulation, the results show that DAAODV is still efficient in discovering secure routes compared with AODV protocol.

Qianying Zhang,Shijun Zhao,Li Xi,Wei Feng,Dengguo Feng

DOI: https://doi.org/10.1007/978-3-319-21966-0_3

2015-01-01

Abstract:In this paper, we investigate how to implement Direct Anonymous Attestation (DAA) on mobile devices, whose processing and storage capabilities are limited. We propose a generic framework providing a secure and efficient DAA functionality based on ARM TrustZone. Our framework is flexible enough to support multiple DAA schemes, and is efficient by leveraging the powerful ARM processor in secure mode to perform computations originally delegated to the Trusted Platform Module (TPM). Besides, our framework uses an SRAM PUF commonly available in the On-Chip Memory (OCM) of mobile devices for secure storage of user signing keys, which achieves a low-cost design. We present a prototype system that supports four DAA schemes on real TrustZone hardware, and give evaluations on its code size and performance together with comparisons of the four schemes with different curve parameters. The evaluation results indicate that our solution is feasible, efficient, and well-suited for mobile devices.

XIE Qi,CHEN De-ren,YU Xiu-yuan

IF: 2.034

2010-01-01

Systems Engineering

Abstract:In 2009, Park, et al. proposed an efficient remote user authentication protocol. They claimed that their protocol was the first password and smart card based remote user authentication scheme which can resist the off-line password guessing attack, and had many advantages over existing solutions such as no password tables and timestamp, low communication and computational costs. However, this paper shows that their protocol cannot resist the forgery attack and off-line password guessing attack. To overcome the security weaknesses, two improved schemes based on either nonce or timestamp without affecting the merits of the Park, et al. scheme are proposed. Technical discussions are provided to show that the improved protocol is secure, efficient and practical.

Vireshwar Kumar,He Li,Noah Luther,Pranav Asokan,Jung-Min (Jerry) Park,Kaigui Bian,Martin B. H. Weiss,Taieb Znati

DOI: https://doi.org/10.1145/3196494.3196497

2018-01-01

Abstract:For a computing platform that is compliant with the Trusted Platform Module (TPM) standard, direct anonymous attestation (DAA) is an appropriate cryptographic protocol for realizing an anonymous subscription system. This approach takes advantage of a cryptographic key that is securely embedded in the platform's hardware, and enables privacy-preserving authentication of the platform. In all of the existing DAA schemes, the platform suffers from significant computational and communication costs that increase proportionally to the size of the revocation list. This drawback renders the existing schemes to be impractical when the size of the revocation list grows beyond a relatively modest size. In this paper, we propose a novel scheme called Lightweight Anonymous Subscription with Efficient Revocation (LASER) that addresses this very problem. In LASER, the computational and communication costs of the platform's signature are multiple orders of magnitude lower than the prior art. LASER achieves this significant performance improvement by shifting most of the computational and communication costs from the DAA's online procedure (i.e., signature generation) to its offline procedure (i.e., acquisition of keys/credentials). We have conducted a thorough analysis of LASER's performance related features. We have implemented LASER on a laptop with an on-board TPM. To the best of our knowledge, this is the first implementation of a DAA scheme on an actual TPM cryptoprocessor that is compliant with the most recent TPM specification, viz., TPM 2.0.

Kai Bu,Zhixin Sun

DOI: https://doi.org/10.1109/ICYCS.2008.324

2008-01-01

Abstract:The emergence of Distributed Denial of Service (DDoS) attack increases the destructive force of Denial of Service (DoS) attack drastically. Besides bringing more terrible threats, the attack from far and near and the employment of internet protocol (IP) spoofing make the abnormal traffic detection harder and harder. This paper proposes a mechanism defined as AMHI (Address Matching and Hash Inspection) and a method based on it for DDoS attacks detection and defense. Through the simulation experiment, the Address Matching and backup Hash Inspection operations to the suspicious traffic implemented on router interface for local subnet can detect and defend DDoS attacks effectively even when using IP Spoofing. In addition, this method can also decrease a mass of statistical work for the routers, and to some extent ease the pressure of heavy traffic caused by attacks.

Xiaoyan Yang,Han Jiang,Qiuliang Xu,Mengbo Hou,Xiaochao Wei,Minghao Zhao,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1109/trustcom.2016.0124

2016-01-01

Abstract:Anonymous password-based authenticated key exchange (APAKE) protocols are a topic of ongoing research interest. However, the security of existing APAKE protocols is generally provided in the random oracle model, and in these protocols, passwords are stored in cleartext on the server. However, proofs of security in the random oracle model do not necessarily imply security in the real world. Recent high profile incidents also indicate the real risk of a server being compromised and information stored on the server leaked. Verifier-based password-authenticated key exchange (VPAKE) protocols have been identified as a viable solution to overcome such limitations. In this paper, we propose a novel verifier-based anonymous password-authenticated key exchange (VAPAKE) protocol constructed using smooth projective hashing function. The proposed protocol only involves two-round interactions for mutual implicit authentication. We then prove the security of the protocol in the standard model.

HAO Li-ming,YANG Shu-tang,LU Song-nian,CHEN Gong-liang

DOI: https://doi.org/10.3321/j.issn:1006-2467.2008.02.001

2008-01-01

Abstract:To the anonymity problem in P2P(Peer-to-Peer) reputation system,an anonymity mechanism was proposed using DAA(Direct Anonymous Attestation) protocol based on trusted computing technology.The analysis result shows that this mechanism ensures all the peers' anonymity in fully distributed P2P reputation systems.The security of this mechanism is ensured and it has good ability to withstand(malicious) peers' behaviors.

Ding Wang,Debiao He,Ping Wang,Chao-Hsien Chu

DOI: https://doi.org/10.1109/tdsc.2014.2355850

2015-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Despite two decades of intensive research, it remains a challenge to design a practical anonymous two-factor authentication scheme, for the designers are confronted with an impressive list of security requirements (e.g., resistance to smart card loss attack) and desirable attributes (e.g., local password update). Numerous solutions have been proposed, yet most of them are shortly found either unable to satisfy some critical security requirements or short of a few important features. To overcome this unsatisfactory situation, researchers often work around it in hopes of a new proposal (but no one has succeeded so far), while paying little attention to the fundamental question: whether or not there are inherent limitations that prevent us from designing an “ideal” scheme that satisfies all the desirable goals? In this work, we aim to provide a definite answer to this question. We first revisit two foremost proposals, i.e. Tsai et al.'s scheme and Li's scheme, revealing some subtleties and challenges in designing such schemes. Then, we systematically explore the inherent conflicts and unavoidable trade-offs among the design criteria. Our results indicate that, under the current widely accepted adversarial model, certain goals are beyond attainment. This also suggests a negative answer to the open problem left by Huang et al. in 2014. To the best of knowledge, the present study makes the first step towards understanding the underlying evaluation metric for anonymous two-factor authentication, which we believe will facilitate better design of anonymous two-factor protocols that offer acceptable trade-offs among usability, security and privacy.

Saru Kumari,Xiong Li,Fan Wu,Ashok Kumar Das,Vanga Odelu,Muhammad Khurram Khan

DOI: https://doi.org/10.3837/tiis.2016.09.026

2016-01-01

KSII Transactions on Internet and Information Systems

Abstract:Widespread use of wireless networks has drawn attention to ascertain confidential communication and proper authentication of an entity before granting access to services over insecure channels. Recently, Truong et al. proposed a modified dynamic ID-based authentication scheme which they claimed to resist smart-card-theft attack. Nevertheless, we find that their scheme is prone to smart-card-theft attack contrary to the author's claim. Besides, anyone can impersonate the user as well as service provider server and can breach the confidentiality of communication by merely eavesdropping the login request and server's reply message from the network. We also notice that the scheme does not impart user anonymity and forward secrecy. Therefore, we present another authentication scheme keeping apart the threats encountered in the design of Truong et al.'s scheme. We also prove the security of the proposed scheme with the help of widespread BAN (Burrows, Abadi and Needham) Logic.

Liu Dongxi,Li Xiaoyong,Bai Yingcai

DOI: https://doi.org/10.1007/bf02943285

IF: 1.871

2002-01-01

Journal of Computer Science and Technology

Abstract:This paper proposes an, automatic attack construction algorithm in order to find potential attacks on security protocols. It is based on a dynamic strand space model, which enhances the original strand space model by introducing active nodes on strands so as to characterize the dynamic procedure of protocol execution. With exact causal dependency relations between messages considered in the model, this algorithm can avoid state space explosion caused by asynchronous composition. In order to get a finite state space, a new method called strand-added on demand is exploited, which extends a bundle in an incremental manner without requiring explicit configuration of protocol execution parameters. A finer granularity model of term structure is also introduced, in which subterms are divided into check subterms and data subterms. Moreover, data subterms can be further classified based on the compatible data subterm relation to obtain automatically the finite set of valid acceptable terms for an honest principal. In this algorithm, terms core is designed to represent the intruder’s knowledge compactly, and forward search technology is used to simulate attack patterns easily. Using this algorithm, a new attack on the Dolve-Yao protocol can be found, which is even more harmful because the secret is revealed before the session terminates.

Li Zang,Yong Yu,Liang Xue,Yannan Li,Yujie Ding,Xiaoling Tao

DOI: https://doi.org/10.1007/s00779-017-1052-y

2017-01-01

Personal and Ubiquitous Computing

Abstract:Smart city has been greatly promoted by the adoption of information and communication technology. At the same time, data integrity becomes an urgent necessity in cloud storage scenario. When smart city meets cloud, if the data are damaged or corrupted, it will be a serious security loophole of smart city. Recently, numerous remote data auditing (RDA) protocols have been presented, among which Sookhak et al. put forward a dynamic remote data auditing protocol to deal with this major concern. In this paper, we found that this protocol has inherent security flaws, thus fails to achieve its original goal. Specifically, this protocol is vulnerable to two types of attacks, namely replace attack and replay attack. We show the details that how a malicious server can deceive data owners to believe that the data are maintained well by launching such attacks. Then, we describe an improved RDA protocol with provable security by utilizing algebraic signature to fix those security flaws. We employ the rank-based Merkle Hash Tree to achieve verifiable dynamic data operations for our RDA protocol. We also provide detailed security proof of the proposed RDA protocol.

Fagen Li,Tsuyoshi Takagi

DOI: https://doi.org/10.1007/s11277-012-0640-4

IF: 2.017

2012-01-01

Wireless Personal Communications

Abstract:A deniable authentication protocol enables a receiver to identify the source of a given message, but the receiver cannot prove the source of the message to a third party. Recently, Yoon et al. (Wirel Pers Commun 55:81–90, 2010) proposed a robust deniable authentication protocol based on ElGamal cryptosystem. Although they proved that their protocol satisfies the deniable authentication, mutual authentication and confidentiality, we show that their protocol does not satisfy the deniable authentication property. The receiver can prove the source of a given message to a third party. In addition, we propose an improved protocol that removes this weakness.

Haonan Feng,Jingjing Guan,Hui Li,Xuesong Pan,Ziming Zhao

DOI: https://doi.org/10.1109/tdsc.2022.3217259

2023-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:The FIDO protocol suite aims at allowing users to log in to remote services with a local and trusted authenticator. With FIDO, relying services do not need to store user-chosen secrets or their hashes, which eliminates a major attack surface for e-business. Given its increasing popularity, it is imperative to formally analyze whether the security promises of FIDO hold. In this paper, we present a comprehensive and formal verification of the FIDO UAF protocol by formalizing its security assumptions and goals and modeling the protocol under different scenarios in ProVerif. Our analysis identifies the minimal security assumptions required for each of the security goals of FIDO UAF to hold. We confirm previously manually discovered vulnerabilities in an automated way and disclose several new attacks. Guided by the formal verification results, we also discovered two practical attacks on two popular Android FIDO apps, which we responsibly disclosed to the vendors. In addition, we offer several concrete recommendations to fix the identified problems and weaknesses in the protocol.

Chunhua Jin,Chunxiang Xu,Xiaojun Zhang,Qianna Xie,Fagen Li

DOI: https://doi.org/10.1080/1206212x.2016.1188564

2015-01-01

Abstract:Deniable authenticate is a different and attractive authenticate mechanism compared with the traditional authentication. It allows the appointed receiver to identify the identity of the sender, but not to prove the source of a given message to a third party even if the appointed receiver is willing to reveal its private key. Certificateless public key cryptography can solve both the public key certificate management problem of public key infrastructure-based cryptography and the key escrow problem of identity-based cryptography. In this paper, we first define a security model for certificateless deniable authentication protocols. Then we propose a non-interactive certificateless deniable authentication protocol. In addition, we prove its security in the random oracle model. Our protocol can be applied in many actual application scenarios, such as electronic voting, electronic tendering, and online shopping.

Chunbo Ma,Jun Ao,Jianhua Li

DOI: https://doi.org/10.1007/978-3-540-73257-0_14

2007-01-01

Abstract:As a useful means of safeguarding privacy of communications, deniable authentication has received much attention. A Chameleon-based deniable authenticated key agreement protocol is presented in this paper. The protocol has following properties. Any one of the two participants can't present a digital proof to convince a third party that a claimed agreement has really taken place. Once a forgery occurs, the original entity can present a digital proof to disclose the forgery.

Xie Jun,Sun Wei,Gu Dawu,Guo Zheng,Liu Junrong,Bao Sigang,Ma Bo

DOI: https://doi.org/10.2991/csic-15.2015.24

2015-01-01

Abstract:The HMAC algorithm is widely used to provide authentication and message integrity in digital communications. However, if the HMAC cryptographic algorithm is implemented in cryptographic circuit, it is vulnerable to side-channel attacks. A typical example is that in 2007, McEvoy proposed an attack strategy for hardware-based implementation of HMAC-SHA2. In this paper, we research on SM3 cryptographic hash algorithm and propose a DPA attack strategy for the software-based implementation of HMAC-SM3. In the experiment, we launch a successful DPA attack on the practical cryptographic circuit and then discuss the security issues about the software-based implementation of HMAC-SM3.