Jedes Semester wird das HGI-Kolloquium zu aktuellen Themen der IT-Sicherheit angeboten. Es wird von den Lehrstühlen des Institutes organisiert und ist für alle interessierten Personen offen, externe Gäste sind immer willkommen. Wenn Sie den HGI-Newsletter abonnieren, bekommen Sie die Vortragsankündigungen rechtzeitig per E-Mail (Newsletter abbonieren).
Das Seminar findet in der Regel donnerstags um 12:00 Uhr im Gebäude ID auf Etage 03 in Raum 463 statt (Wegbeschreibung).
Dieses Semester wird das Seminar vom Lehrstuhl für Netz- und Datensicherheit organisiert. Untenstehend finden Sie eine Liste der geplanten Termine und Vorträge für das ganze Semester. Falls nicht anders angekündigt, finden alle Vorträge um 12.00 Uhr s.t. statt.
|16.04.2015||Michael Franz||UC Irvine||Software Defenses Inspired by Biodiversity||ID 03/463||12:00 Uhr|
|12.05.2015||Felix Schuster||RUB||VC3: Trustworthy Data Analytics in the Cloud using SGX und Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications (Probevorträge für IEEE Security & Privacy 2015)||ID 04/401||11:00 Uhr|
|12.05.2015||Jannik Pewny||RUB||Cross-Architecture Bug Search in Binary Executables (Probevortrag für IEEE Security & Privacy 2015)||ID 04/401||11:00 Uhr|
|21.05.2015||Allison Lewko||Columbia University||Function Hiding Inner Product Encryption||ID 03/463||12:00 Uhr|
|25.06.2015||Ricardo Chaves||TULisbon/IST||Secure partial dynamic reconfiguration of reconfigurable devices||ID 03/463||12:00 Uhr|
|14.07.2015||Daniele Venturi||Sapienza University of Rome||Security of Signature Schemes under Tampering and Subversion Attacks||ID 04/401||12:00 Uhr|
|16.07.2015||Begül Bilgin||KU Leuven||Theoretical and Practical Aspects of Threshold Implementation||ID 03/463||12:00 Uhr|
Software Defenses Inspired by Biodiversity
Today's software monoculture creates asymmetric threats. An attacker needs to find only one way in, while defenders need to guard a lot of ground. Adversaries can fully debug and perfect their attacks on their own computers, exactly replicating the environment that they will later be targeting. Software diversity raises the bar to attackers. A diversification engine automatically generates a large number of different versions of the same program, potentially one unique version for every computer. These all behave in exactly the same way from the perspective of the end-user, but they implement their functionality in subtly different ways. As a result, a specific attack will succeed on only a small fraction of targets and a large number of different attack vectors would be needed to take over a significant percentage of them. Because an attacker has no way of knowing a priori which specific attack will succeed on which specific target, this method also very significantly increases the cost of attacks directed at specific targets. We have built such a diversification engine which is now available as a prototype. We can diversify large software distributions such as the Firefox and Chromium web browsers or a complete Linux distribution. Some preliminary insights will be presented as well as some practical issues, such as the problem of reporting errors when every binary is unique.
VC3: Trustworthy Data Analytics in the Cloud using SGX
We present VC3, the first system that allows users to run distributed MapReduce computations in the cloud while keeping their code and data secret, and ensuring the correctness and completeness of their results. VC3 runs on unmodified Hadoop, but crucially keeps Hadoop, the operating system and the hypervisor out of the TCB; thus, confidentiality and integrity are preserved even if these large components are compromised. VC3 relies on SGX processors to isolate memory regions on individual computers, and to deploy new protocols that secure distributed MapReduce computations. VC3 optionally enforces region self-integrity invariants for all MapReduce code running within isolated regions, to prevent attacks due to unsafe memory reads and writes. Experimental results on common benchmarks show that VC3 performs well compared with unprotected Hadoop; VC3’s average runtime overhead is negligible for its base security guarantees, 4.5% with write integrity and 8% with read/write integrity.
Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications
Code reuse attacks such as return-oriented programming (ROP) have become prevalent techniques to exploit memory corruption vulnerabilities in software programs. A variety of corresponding defenses has been proposed, of which some have already been successfully bypassed—and the arms race continues. In this paper, we perform a systematic assessment of recently proposed CFI solutions and other defenses against code reuse attacks in the context of C++. We demonstrate that many of these defenses that do not consider object-oriented C++ semantics precisely can be generically bypassed in practice. Our novel attack technique, denoted as counterfeit object-oriented programming (COOP), induces malicious program behavior by only invoking chains of existing C++ virtual functions in a program through corresponding existing call sites. COOP is Turing complete in realistic attack scenarios and we show its viability by developing sophisticated, real-world exploits for Internet Explorer 10 on Windows and Firefox 36 on Linux. Moreover, we show that even recently proposed defenses (CPS, T-VIP, vfGuard, and VTint) that specifically target C++ are vulnerable to COOP. We observe that constructing defenses resilient to COOP that do not require access to source code seems to be challenging. We believe that our investigation and results are helpful contributions to the design and implementation of future defenses against control-flow hijacking attacks.
Cross-Architecture Bug Search in Binary Executables
In this paper, we propose a system to derive bug signatures for known bugs. We then use these signatures to find bugs in binaries that have been deployed on different CPU architectures (e.g., x86 vs. MIPS). The variety of CPU architectures imposes many challenges, such as the incomparability of instruction set architectures between the CPU models. We solve this by first translating the binary code to an intermediate representation, resulting in assignment formulas with input and output variables. We then sample concrete inputs to observe the I/O behavior of basic blocks, which grasps their semantics. Finally, we use the I/O behavior to find code parts that behave similarly to the bug signature, effectively revealing code parts that contain the bug. Our prototype currently supports three instruction set architectures (x86, ARM, and MIPS) and can find vulnerabilities in buggy binary code for any of these architectures. We show that we can find Heartbleed vulnerabilities, regardless of the underlying software instruction set. Similarly, we apply our method to find backdoors in closed-source firmware images of MIPS- and ARM-based routers.
Function Hiding Inner Product Encryption
We present a functional encryption scheme for dot products over finite fields that allows a key holder to learn a dot product between two hidden vectors and nothing else. The scheme is proven secure from the SXDH assumption in asymmetric bilinear groups. We view this as a step towards functional encryption schemes appropriate for applications on encrypted databases and relying only on relatively simple computational assumptions. Joint work with Abhishek Jain and Luke Kowalczyk.
Secure partial dynamic reconfiguration of reconfigurable devices
Reconfigurable systems are becoming a key component in dedicated and embedded computing systems, providing a high adaptability to the computation requirements. However, the existing solutions for secure partial dynamic reconfiguration on SRAM based FPGAs impact the reconfiguration process and the available resources. This talk presents an overview on partial dynamic reconfiguration and the security issues related with it. This discussion will take into account the native features of the devices, the existing state of the art, and a novel approach allowing to securely store the configuration bitstreams on external non secure memories.
Security of Signature Schemes under Tampering and Subversion Attacks
Signature schemes are amongst the most basic and fundamental cryptographic primitives. In this talk we survey recent work on models and constructions for signature schemes under memory tampering, randomness tampering, and subversion attacks.
This line of work is inspired by the proliferation of side channel and malware attacks, and by Snowden's recent revelations about NSA surreptitiously sabotaging cryptographic implementations.
Based on joint works with Sebastian Faust, Pratyay Mukherjee, Ivan Damgaard, Giuseppe Ateniese and Bernardo Magri.
Theoretical and Practical Aspects of Threshold Implementation
Threshold Implementation (TI) is a masking method based on secret sharing and multi-party computation. It has been shown that it provides security against higher-order DPA in a rather efficient way. The security of this method is based on the correctness, the non-completeness and the uniformity of the shared function in addition to the uniformity of the input shares. In this talk, we describe these properties and how they can be achieved on certain cryptographic algorithms in detail. Moreover, we discuss the implication of each property on the implementation requirements.