Vault: A Secure Binding Service Guor-Huar Lu, Changho Choi, Zhi-Li Zhang University of Minnesota.

Slides:

Advertisements

Similar presentations

Security Issues In Mobile IP

Advertisements

Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Luca Maria Aiello, Università degli Studi di Torino, Computer Science department 1 Tempering Kademlia with a robust identity based system.

Scalable Content-Addressable Network Lintao Liu

Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.

TAP: A Novel Tunneling Approach for Anonymity in Structured P2P Systems Yingwu Zhu and Yiming Hu University of Cincinnati.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

A Survey of Secure Wireless Ad Hoc Routing

Chord: A scalable peer-to- peer lookup service for Internet applications Ion Stoica, Robert Morris, David Karger, M. Frans Kaashock, Hari Balakrishnan.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Public Key Management and X.509 Certificates

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.

IPv4 and IPv6 Mobility Support Using MPLS and MP-BGP draft-berzin-malis-mpls-mobility-00 Oleg Berzin, Andy Malis {oleg.berzin,

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

A Scalable Content-Addressable Network Authors: S. Ratnasamy, P. Francis, M. Handley, R. Karp, S. Shenker University of California, Berkeley Presenter:

Design, Implementation, and Experimentation on Mobile Agent Security for Electronic Commerce Applications Anthony H. W. Chan, Caris K. M. Wong, T. Y. Wong,

CSCI 4550/8556 Computer Networks Comer, Chapter 19: Binding Protocol Addresses (ARP)

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

1 PLuSH – Mesh Tree Fast and Robust Wide-Area Remote Execution Mikhail Afanasyev ‧ Jose Garcia ‧ Brian Lum.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

Data Structures Hash Table (aka Dictionary) i206 Fall 2010 John Chuang Some slides adapted from Marti Hearst, Brian Hayes, Andreas Veneris, Glenn Brookshear,

Security Management.

Domain Name System Security Extensions (DNSSEC) Hackers 2.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

Hashing it Out in Public Common Failure Modes of DHT-based Anonymity Schemes Andrew Tran, Nicholas Hopper, Yongdae Kim Presenter: Josh Colvin, Fall 2011.

8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.

MASY: Management of Secret keYs in Mobile Federated Wireless Sensor Networks Jef Maerien IBBT DistriNet Research Group Department of Computer Science Katholieke.

Content Overlays (Nick Feamster). 2 Content Overlays Distributed content storage and retrieval Two primary approaches: –Structured overlay –Unstructured.

Registration Processing for the Wireless Internet Ian Gordon Director, Market Development Entrust Technologies.

An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.

GZ06 : Mobile and Adaptive Systems A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG.

An Integrated QoS, Security and Mobility Framework for Delivering Ubiquitous Services Across All IP-based Networks Haitham Cruickshank University of Surrey.

Freenet: A Distributed Anonymous Information Storage and Retrieval System Presenter: Chris Grier ECE 598nb Spring 2006.

Information-Centric Networks06a-1 Week 6 / Paper 1 Untangling the Web from DNS –Michael Walfish, Hari Balakrishnan and Scott Shenker –Networked Systems.

10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.

Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.

Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :

1 Julien Laganier MEXT WG, IETF-79, Nov Authorizing MIPv6 Binding Update with Cryptographically Generated Addresses

Peer-to-Peer Name Service (P2PNS) Ingmar Baumgart Institute of Telematics, Universität Karlsruhe IETF 70, Vancouver.

Evoting using collaborative clustering Justin Gray Osama Khaleel Joey LaConte Frank Watson.

Attacks Overview Nguyen Cao Dat 1. BK TP.HCM Outline  Cryptographic Attacks ▫ Frequency analysis ▫ Brute force attack ▫ Meet-in-the-middle attack ▫ Birthday.

1 Peer-to-Peer Technologies Seminar by: Kunal Goswami (05IT6006) School of Information Technology Guided by: Prof. C.R.Mandal, School of Information Technology.

Rendezvous Regions: A Scalable Architecture for Service Location and Data-Centric Storage in Large-Scale Wireless Sensor Networks Karim Seada, Ahmed Helmy.

Authentication Issues and Solutions CSCI 5857: Encoding and Encryption.

Freenet “…an adaptive peer-to-peer network application that permits the publication, replication, and retrieval of data while protecting the anonymity.

1. Outline  Introduction  Different Mechanisms Broadcasting Multicasting Forward Pointers Home-based approach Distributed Hash Tables Hierarchical approaches.

Security Mechanisms for Delivering Ubiquitous Services in Next Generation Mobile Networks Haitham Cruickshank University of Surrey workshop on Ubiquitous.

1. Efficient Peer-to-Peer Lookup Based on a Distributed Trie 2. Complex Queries in DHT-based Peer-to-Peer Networks Lintao Liu 5/21/2002.

Security Mechanisms and Key Refresh for P2PSIP Overlays draft-birkos-p2psip-security-key-refresh-00 Konstantinos Birkos University of Patras, Greece

Freenet: Anonymous Storage and Retrieval of Information

HIP & MIP V 6 SECURITY Research: Security Architecture IRT Lab, Columbia University.

By Chris Zachor CS 650.  Introduction  SSH Overview  Scenarios  How To:  Results  Conclusion.

Integrating Identity based Cryptosystem (IBC) with CGA in Mobile IPv6 draft-cao-mipshop-ibc-cga-00.txt Zhen Cao Hui Deng IETF #67.

Mobile IP 순천향대학교 전산학과 문종식

Large Scale Sharing Marco F. Duarte COMP 520: Distributed Systems September 19, 2004.

1 Secure Key Exchange: Diffie-Hellman Exchange Dr. Rocky K. C. Chang 19 February, 2002.

Fall 2006CS 395: Computer Security1 Key Management.

Whatsapp Security Ahmad Hijazi Systèmes de Télécommunications & Réseaux Informatiques (STRI) 20 April 2016.

1 Example security systems n Kerberos n Secure shell.

Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.

SOSIMPLE: A Serverless, Standards- based, P2P SIP Communication System David A. Bryan and Bruce B. Lowekamp College of William and Mary Cullen Jennings.

INFSO-RI Enabling Grids for E-sciencE Sofia, 17 March 2009 Security, Authentication and Authorisation Mike Mineter Training, Outreach.

Security Issues with Domain Name Systems

Presentation transcript:

Vault: A Secure Binding Service Guor-Huar Lu, Changho Choi, Zhi-Li Zhang University of Minnesota

What are binding services?  A binding service: Stores bindings (a pair) Translates (binding) key into (binding) values.  DNS is a good example maps hostnames into IP addresses Reverse lookup maps IP addresses into hostnames  Other example: SIP registrars, location service in MANET, etc.

Outline  Binding Services  Motivation, Challenges and Approach  Vault  Evaluation  Conclusion

Generic Binding Services  What is generic binding services? Internet-scale infrastructure service Allows arbitrary key-value pairs Many applications can use the same infrastructure  Why is it different from typical lookup service? Ownership is essential E.g., in reverse DNS lookup the key (IP address) gives no indication of the owner.  Security is important!

Secure Binding Services  Two minimum requirements: Only the owner can update or delete its bindings The binding returned must be the correct one deposited by the owner  Must be robust against “ man-in-the- middle ” attacks An attacker between users and the service can intercept and modify messages

Objective  A generic binding service that is Scalable Robust Secure  Distributed Hash Table (DHT) Takes care of scalability and robustness Semantic free, flat id space allows generality  What about security? RSA/PKI enough? Not really.. Other crypto-mechanisms?

Example: Binding service using DHT  Similar to DHT ’ s put/get operations.  B=(k,v), id k =H(k) root(id k )  Question: how to make it secure? put(id k, B) get(id k ) Return OK or B User

RSA/PKI approach  Not robust against “ man-in-the-middle ” attacks  Users can sign their requests Signatures can be easily replaced  Using Certificates? only if the binding key is part of the owner id.  Key problem: need to verify the association between user id and public key Need another secure binding service!

Our approach: using IBE  In identity-based encryption (IBE) identity is the public key! Private key can be generated on-demand  Key idea: use IBE to establish secure channels between users and the system.  Robust against MITM attacks

DHT+IBE: an example DHT System User root(id k ) Encrypt data and s k using id k Send encrypted data to the service Return response encrypted with s k Retrieves the private key for id k

Outline  Introduction  Motivation, Challenges and Approach  Vault  Evaluation  Conclusion

Vault: Architecture overview  Two-level architecture Better control over the service Efficient key management  Pillars: issue keys  Columns: handle users and store bindings.

Vault: Design principles  Secures user to service communication Use IBE to establish secure channels  Focus on the basic mechanism But provide hooks for namespace management  Secures internal system operations Only active columns should serve user requests

Vault: basic operations  User Operations: Registration for owners  Provides necessary hooks for namespace management  Establish owner credential with its user id. Insertion Update and delete Query  Internal Operations: Key retrieval between column and pillars

User operation example: insertion  Binding is sent to home column first.  Home column verifies ownership and forwards to root(id k )  root(id k ) returns encrypted response.

Internal operations  Secure Key retrieval process  Two way hash- chains allows the pillar to: Verify a node is currently active Verify a node ’ s id space range

Outline  Introduction  Motivation, Challenges and Approach  Vault  Evaluation  Conclusion

Local Testbed: System response time The more nodes the better the performance. IBE operations are expensive, the price we pay for added security.

Planetlab System response time does not change much. Some other factors?

Planetlab  Wide area network latency has large impact.  Local proxy should help

Conclusion  New approach in constructing generic secure binding services. DHT+IBE  Cornerstone for future networks and applications.  Currently building more applications using Vault.

Thank You Questions?

Extras  Extra slides follows

Example: Binding Service using DHT  Basic operation  To insert a binding B=(k,v) Compute id k =H(k) The owner “ puts ” B at a node responsible for id k  To query B Again, compute id k =H(k) The Querier “ gets ” B from the node responsible for id k  Question: how to make it secure?

DHT+IBE: an example

DHT+IBE  Encrypts data and a symmetric key s k with id k  Sends encrypted data to the service  The root node of id k (root(id k )) requests a key for id k  root(id k ) decrypts the data, returns a reply encrypted using s k

User Operation: Update and Delete  Two modes: direct if symmetric key is still valid, indirect if it expires.  No IBE in direct mode: efficient!  Indirect mode is similar to the insert operation.

User Operations: Query  Queriers: No need to register  Queries: Delivered to root(id k ) directly.  Symmetric key: Prevents MITM attacks  Nonce: Prevents reply attacks.

Evaluations  Evaluate computational overhead and system response time  Computation overhead for local testbed Computational overhead for crypto-primitives Computational overhead for binding operations

Additional Enhancement  Local Vault Proxy Reduce latency  Binding Delegation Reduce Flash crowd effect  Timed permit Defend against DoS attacks