27 January 16:15Human factors and security – Beyond the interface / M. Angela Sasse, University College London
Many security researchers and practitioners treat usability of security as a user interface (UI) problem. It is no co-incidence that the most widely known and cited paper on usability and security is Whitten & Tygar's "Why Johnny Can't Encrypt", a study of the user interface to PGP 5.0. Whilst there is no argument that many UIs to security tools are unusable, and that unusable UIs are bad for usability and security, I will argue that there are other pressing usability issues that need to be addressed. For instance:
- Users often bypass security mechanisms because they interfere with production tasks.
- Users often bypass security mechanisms because they behaviour that conflicts with their values and social norms.
- In many organisations, there is a discrepancy between security policies and security behaviour, which leads to a deteriorating security culture.
- The complexity of current security systems creates problems – and fosters bad decisions – not just among end-users, but other – technically able – stakeholders, such system administrators and software developers.
In conclusion, I will put forward a research agenda for usable and effective security.
M. Angela Sasse is the Professor of Human-Centred Technology in the Department of Computer Science at University College London. Since 1996, she has been researching usability issues of security systems in collaboration with a number of Ph.D. students, and published research on effectiveness and usability of authentication mechanisms, user attitudes and perceptions to computer security, and human and financial cost of security mechanisms, and related work on user-centred approaches to trust and privacy.
2 December 16:15Faster hardware designs for modular arithmetic / Martin Kochanski
A refreshing thing about modern number-theoretic cryptography is that it shows how bad at sums computers really are. Even the most advanced primary-school techniques of long multiplication and long division cannot provide useful speeds when faced with 300-digit modular exponentiations.
This talk will cover the problems of designing hardware for large-integer arithmetic and the ways round them, and will describe a new design for a modular multiplication chip.
Long division is made of subtractions and it needs the result of each subtraction when deciding what to do next; but in silicon, binary subtraction (like addition) is an inescapably slow operation. The algorithm described here takes a ruthless approach: don't get it right slowly, get it wrong fast; and hope that the resulting errors (which double on every clock tick) will be noticeable before they are too large to correct. This balancing act leads to a design that is fast, economical in silicon, easily verifiable, and, unusually in this field, is as efficient for modular multiplication as it is for modular exponentiation.
Martin Kochanski is the inventor of Cardbox, a respected and widely used flat-file text database for DOS and Windows. He has been involved in cryptography since 1979, breaking several commercial encryption products as well as the Lu-Lee public-key cryptosystem; he has also designed and implemented FAP4, the world's first commercially available RSA encryption chip. He is the publisher of Universalis, which provides the daily Liturgy of the Hours through the Web, on palmtops, and through mobile phones.
25 November 16:15Latest trends in serious and organised identity fraud / Gareth Jones, Experian
Your identity is your most valuable asset. It is the key to unlocking your rights, rewards and privileges, qualifications, employment opportunities, citizenship and trust, medical history, benefits and reputation. Albeit intangible, it clearly has a high value, and therefore it is no surprise that identity fraud is one of the UK's fastest growing crimes. It leaves in it's wake considerable disruption for consumers to regain their identity, and significant losses to business.
In this lecture, Gareth Jones, a former Detective Sergeant, with experience in managing fraud risks in banking and currently directing the development of fraud prevention products for Experian – the UK's largest consumer credit reference agency, will cover:
- The methodology used by the fraudsters with reference to case examples
- The impact of the fraud in terms of value of loss and spread of victims
- Good practice in the management of mass-multiple fraud cases of this sort
- Gaps in the fraud detection process that could be improved upon
- Opportunities for fraud prevention
- Taking care of the victim
19 November 16:15Reasoning about VPN Integrity / Tim Griffin, Intel Research Lab
Virtual Private Networks (VPNs) should provide users with the isolation and security associated with private networks, but at a lower cost made possible by the use of a shared infrastructure. One type of VPN currently enjoying wide deployment is described in RFC 2547. From the customer's point of view, RFC 2547 VPNs represent an outsourcing of routing to Internet Service Providers (ISPs). From the ISP's perspective, this represents (at long last) a chance to "add value" to IP services. However, it also represents a network configuration nightmare. I'll talk about one attempt to tame the complexity of these VPNs using network invariants - maintained by bits of implementation - that can be composed to reason about the global correctness of VPN various implementations. The approach quickly reveals some rather nasty problems with RFC 2547 VPNs. I'll mention these and a few possible fixes.
* Dr Tim Griffin has recently joined the Intel Research Laboratory at Cambridge. He previously worked at AT&T research investigating network management. He also has research interests in databases and programming languages.
12 November 16:15Security and complexity / Andrew Cormack, UKERNA
The media term "hacking" covers a very wide range of activities. Networked computers are subject to many different types of attack at many different technical levels and with many different motivations. Defending against such diverse threats is likely to require similarly diverse measures. This talk will examine the current threats and the measures that can be taken to defend against them, and discuss how increases in the scale and complexity of computer systems may affect the balance between attack and defence.
11 November 16:15Implementation of the Regulation of Investigatory Powers Act 2000 (RIPA) / Simon Watkin, UK Home Office
Simon Watkin will share his unique perspective of the Government's progress towards full implementation of RIPA. He will recall the conception of RIPA, describe how the imposition of regulation on public authorities' surveillance of communications data was derailed and explain the effect of the RIPA Statutory Instruments which Parliament is being invited to approve. He will also explain what has happened to Part III of RIPA. Finally he will describe what he is doing to review how best the Government can ensure respect for individual privacy and, at the same time, protect the public from crime and terrorism.
Simon Watkin joined the Home Office's Covert Investigation Policy Team in September 2002 from David Blunkett's Private Office where he was a Private Secretary. He was nominated as an Internet Hero at the UK Internet Industry Awards 2003 for "doing his best to understand the industry, tech sector interest groups and experts and to subsequently inform discussions within the Home Office".
He worked on implementation of the recommendations of the Cabinet Office Performance and Innovation Unit report on Encryption and Law Enforcement, and on the development of the National Technical Assistance Centre. In 2001 he established the Home Office's Hi-Tech Crime Team assessing the impact of new technologies upon law enforcement capabilities.
5 November 16:15Elliptic curve cryptography / Nigel Smart, University of Bristol
I will discuss elliptic curve cryptography and how it is used in a traditional public key setting. I will go on to explain some of the attacks against such systems and then show how the existance of such attacks can be used to develop new identity based encryption and signature protocols.
4 November 16:15A flexible, model-driven security framework for distributed systems / Ulrich Lang, ObjectSecurity Ltd.
The proliferation of different distributed systems platforms and security technologies complicates the integration of distributed applications. Model driven software development tries to tackle this problem by modelling the application logic undistorted by technology and using tools to map the model to the particular technology. Distributed systems security faces a similar challenge in that there are many different platforms and security technologies that need to be integrated.
This talk will present our new security framework. Its central part is the policy repository, which stores the platform-independent security policy. Once the framework is integrated, the mapping from the abstract policy to the concrete enforcement, as well as the translation of technology specific security information into abstract security attributes is automatic. We will illustrate our approach using our prototype implementation and an exemplary integration with the CORBA Component Model, which are currently being implemented as part of an EU-IST research project.
Ulrich Lang is co-founder and research director of ObjectSecurity Ltd., a leading IT security specialist company. He received his Ph.D. from the University of Cambridge (Security Group, Computer Laboratory) in 2003. His dissertation was about conceptual aspects of security policies for middleware. Before that he completed a Master's Degree (M.Sc.) in Information Security at the University of London in 1997, after studying computer science with management at the University of Munich and at Royal Holloway College (University of London). After his M.Sc. graduation, he worked as an independent security consultant on various CORBA based banking projects. He is the author of a book on Developing Secure Distributed Systems with CORBA, various articles in journals and several publications at international conferences and workshops.
4 November 14:30Using memory errors to attack a virtual machine / Sudhakar Govindavajhala, Princeton University
We present an experimental study showing that soft memory errors can lead to serious security vulnerabilities in Java and .NET virtual machines, or in any system that relies on type-checking of untrusted programs as a protection mechanism. Our attack works by sending to the JVM for execution a Java program that is designed so that almost any memory error in its address space will allow it to take control of the JVM. All conventional Java and .NET virtual machines are vulnerable to this attack. The technique of the attack is broadly applicable against other language-based security schemes such as proof-carrying code.
We measured the attack on two commercial Java Virtual Machines: Sun's and IBM's. We show that a single-bit error in the Java program's data space can be exploited to execute arbitrary code with a probability of about 70%, and multiple-bit errors with a lower probability.
Our attack is particularly relevant against smart cards or tamper-resistant computers, where the user has physical access (to the outside of the computer) and can use various means to induce faults; we have successfully used heat. Fortunately, there are some straightforward defenses against this attack.
This presentation may include a live demonstration of our attack.
7 October 16:15Hardware Security Appliances (HSA) / Simon Shiu, HP Labs, Bristol
Typically HSM's protect cryptographic keys and algorithms and have a low level (cryptographic) API. Overall security is then dependent on the accessibility of the API. A simplistic way to improve this situation is to allow generic applications to run within a secure boundary. However the complexity and interfaces of most applications mean that merely running them on secure hardware will not provide good security.
The Hardware Security Appliance (HSA) research is exploring ways to find the right model/balance of using secure hardware to achieve better system security. The HSA concept is to encapsulate simple security services that bind security functions such as decryption with authorisation and authentication. Such hardware secured services provide a functional root of trust that can be placed within the context of a wider IT solution. Running a security service within a secure hardware device with limited functional and management APIs allows suprisingly rich policies to be tightly bound to the ways cryptographic keys are used. The HSA has an RSA identity to allow remote configuration of policies – hence creating a separation of control from local system administrators.
The talk will include examples of HSA services that highlights the main aspects of the approach and (hopefully) show how "thinking in an HSA like way" leads to different kinds of security and trust solutions.
29 July 16:15Open APIs for embedded security / Carl A. Gunter, University of Pennsylvania
Embedded computer control is increasingly common in appliances, vehicles, communication devices, medical instruments, and many other systems. Some embedded computer systems enable users to obtain their own programs from parties other than the maker of the device. For instance, PDAs and some cell phones offer an open application programming interface that enables users to better customize devices to their needs and support an industry of independent software vendors. This kind of flexibility will be more difficult for other kinds of embedded devices where safety and security are a greater risk. This talk discusses some of the challenges and architectural options for open APIs for embedded systems. These issues are illustrated through an approach to implementing secure programmable payment cards based on Java Cards. This work is based on efforts of the OpEm Project at Penn.
30 June 16:15Rethinking computer architecture for cyber security / Ruby Lee, Electrical Engineering Dept., Princeton University
Cyber security provides assurances and safeguards for cyberspace interactions and services. These are built upon hardware and software technology for computing, communications and storage. In the past half century, design goals have focussed mainly on improving performance, cost and power in hardware, and on improving functionality, versatility and ease-of-use in software. Approaches to cyber security have focused on reactive measures, perimeter security and software implementations. In contrast, we propose a proactive approach to cyber security, where every component, hardware, software or networking, has secure or trustworthy operation as a primary design goal. We ask what computer architecture might look like, if cyber security is a primary design goal, rather than added on as an after-thought. What is a minimalist set of architectural components for a security-aware processor? We give some examples of faster ciphers with novel permutation instructions, defensive design for mitigating DDoS attacks, and virtual secure co-processing.
10 June 16:15Major incident planning in an NHS Acute Hospital / Marek Isalski, South Manchester University Hospitals NHS Trust
Planning for emergency incidents has become very topical with the focus on "Post-September Eleventh Threats". This seminar will give an overview of how an Acute Hospital's planning fits in with other emergency services in managing a major incident and will pay particular attention to how the skills developed by security researchers and analysts are applicable in the role of "Emergency Planning Officer".
After graduating in Computer Science from Cambridge and working as a security programmer, Marek Isalski was appointed as Data Security Manager at South Manchester University Hospitals NHS Trust. He is the lead for Data Protection, Freedom of Information and information confidentiality/security at the Trust, and his responsibilities also include business continuity planning. Together with James Bell he co-ordinates the Major Incident Planning Team currently reassessing emergency planning primarily for the Wythenshawe site, the hospital closest to Manchester Airport.
22 May 16:30Honeycomb and the current state of honeypot technology / Christian Kreibich, Computer Lab
20 May 16:15Why data protection laws don't work (and what may need to be done about that) / Douwe Korff, London Metropolitan University
Douwe Korff will explain what data protection is (and what it isn't, i.e. not data security and not privacy), what its basic principles are – and why the laws don't work. He will show that the legal rules are predicated on assumptions which do not hold, and that enforcement is haphazard and negotiable. But he will also show how something like data protection is going to be crucial if the individual is to be protected against major (public and private) institutions and interests. And he will then try and discuss with the audience how the problems can be overcome.
Douwe Korff is a Dutch human rights lawyer and data protection expert. Now a professor of international law at London Metropolitan University, he has worked in both (overlapping) fields for Amnesty International, the Council of Europe and the EU Commission as well as the direct marketing industry.
7 May 16:15The mother of all surveillance schemes / Simon Davies, London School of Economics
The UK government has launched two consultations on retention of communications data and access to data. The government's aim appears to be the creation of a comprehensive mandatory regime of data storage that will cover all aspects of location and communication traffic on almost the entire population. These proposals follow a string of initiatives designed to shift the privacy default in favour of law enforcement, revenue and national security. In this talk I will outline the threats and benefits of universal surveillance of communications, and place this assessment into the broader context of the declining state of privacy in Britain. Simon Davies is Director of Privacy International.
6 May 16:15Anonymity in practice / Len Sassaman, The Mixmaster Project
There have been many designs proposed for network anonymity systems, but only a few have seen noticeable adoption. This is due in part to the fact that there are some difficult problems to solve when designing an anonymity system, and often theses problems are "practical" in nature, and not anticipated at the design stage. This seminar will discuss the ways in which anonymity systems are being deployed, what their uses are, and where they meet or fail to meet their intended purposes. Key design points, implementation and deployment pitfalls, abuse concerns, and various attacks on existing systems will be covered.
Len Sassaman is a communication security consultant specializing in Internet privacy and anonymity technologies. Len has been a strong defender of personal rights through technology. As a volunteer, he has lent his expertise to human rights organizations, victim support groups, and civil liberties organizations.
Len is an anonymous remailer operator, and is currently project manager for Mixmaster, the most advanced remailer software available. Previously, he was a software engineer for PGP Security, the provider of the world's best known personal cryptography software. A returning Black Hat speaker, Len is also a frequent contributor to online discussions of electronic privacy issues, and has contributed to the development of free software privacy utilities.
1 May 17:30Total Information Awareness / Phil Zimmermann
The human population is not doubling every 18 months, but the ability of computers to keep track of us is. The blind force of Moore's law has been accelerated by policy since 9/11. What are the feasible, and reasonable, responses to this?
Speaker:Phil Zimmermann was the creator of PGP, the world's most popular email encryption software.
29 April 16:15Bypass of locks / Marc Weber Tobias, Investigative Law Offices
The talk will provide a summary of the security problems associated with bypass of locks and safes, and a primer of the basic locking mechanisms. A description of the process of breaking three different locks that are utilized in the hotel industry worldwide will also be provided. These case examples will demonstrate vulnerabilities and lack of proper security engineering by the manufacturers.
Marc Weber Tobias is an Investigative Attorney and polygraph examiner in the United States. He has written five law enforcement textbooks dealing with criminal law, security, and communications. Marc Tobias was employed for several years by the Office of Attorney General, State of South Dakota, as the Chief of the Organized Crime Unit. As such, he directed felony investigations involving frauds as well as violent crimes.
Mr. Tobias is the author of the 1400 page textbook and multimedia collection Locks, Safes, and Security: An International Police Reference. He consults on lock security and his law firm handles investigations for government and private clients.
slides (Powerpoint, 25 MB)
07 April 16:15An alternative approach for verifiable secret sharing / Kamil Kulesza, Polish Academy of Sciences
The speaker will present in the first part of the talk some ongoing research. The second part is about a result first presented with Zbigniew Kotulski and Josef Pieprzykat at ESORICS 2002 in Zurich about verifiable secret sharing. The approach there works for any underlying secret sharing scheme. It is based on the concept of verification sets of participants, related to authorized set of participants. The participants interact (no third party involved) in order to check validity of their shares before they are pooled for secret recovery. Verification efficiency does not depend on the number of faulty participants.
24 March 16:15Understanding security dependencies / David LeBlanc, Microsoft
18 March 16:15m-o-o-t – Securing the everyday computer, and protecting it against governments / Peter Fairbrother
Mandatory decryption and/or key access for law enforcement and other purposes is being considered by Governments as a viable alternative to key escrow.
m-o-o-t responds to this threat, which we at m-o-o-t consider useless against the well-informed, an invasion of privacy, and potentially self-incriminatory.
The implementation and integration of some techniques to make cyphertext unavailable to LEA's, to make keys unavailable to the user, and to hide files, will be covered in some detail.
These are included in the m-o-o-t CD, which boots and runs on most everyday computers – the internal hard drive need not be involved. Security measures against some non-cryptanalytic attacks are included, and functionality is optimised for the novice.
The talk will also mention some anonymity and deniability techniques which we are working on, the future of m-o-o-t at a time when the eventual implementation of RIPA Pt.3 is becoming uncertain, and some unanticipated uses for m-o-o-t.
12 March 16:15The PERMIS X.509 role based privilege management infrastructure / David Chadwick, University of Salford
Wednesday Seminar, LT1
This talk will describe a policy driven role based access control system developed under the EC PERMIS project. The user's roles, and the policy are stored in X.509 Attribute Certificates. The policy, written in XML, describes who is trusted to allocate roles to users, and what permissions each role has. The DTD has been published at XML.org. Access control decisions are made by an Access Control Decision Function consisting of just three Java methods and a constructor. The decision is made according to the requested mode of access, the user's trusted roles and the policy. We also have a tool, the Privilege Allocator, that makes ACs and stores them in an LDAP directory.
11 March 16:15Is information the new weapon of mass destruction? / Stephane Koch, Ecole de Guerre Economique & Internet Society Geneva
After the events of 11 September 2001, the past year has demonstrated how controlling publicly available information is of strategic advantage, both economically and politically. Governments find the ability to anticipate public opinion indispensable, as this permits to disseminate "appropriate" elements of information on which the public will base its decisions.
Army psychological operations units ("psy-ops") represent this new era, in which wars are won primarily in public opinion. On this new theater of operations, the different information providers and actors in the world of communication are themselves tools of influence and manipulation – willingly or unwillingly. Taking into account the speed at which data is exchanged today and the reductions in information processing time, it becomes more and more difficult to find the guide marks necessary for an independent opinion.
20 February 14:30Cryptology and physical security: rights amplification in locks / Matt Blaze, AT&T Labs Research
Computer security and cryptology takes much of its basic philosophy and language from the world of mechanical locks, and yet we often ignore the possibility that physical security systems might suffer from the same kinds of attacks that plague computers and networks. This talk examines mechanical locks from a computer scientist's viewpoint. We describe attacks for amplifying rights in mechanical pin tumbler locks. Given access to a single master-keyed lock and its associated change key, a procedure is given that allows discovery and creation of a working master key for the system. No special skill or equipment, beyond a small number of blank keys and a metal file, is required, and the attacker need engage in no suspicious behavior at the lock's location. We end with future directions for research in this area and the suggestion that mechanical locks are worthy objects of our attention and scrutiny.
19 February 16:15Quantum computation – from theory to experiments / Artur Ekert, DAMTP, University of Cambridge
Wednesday Seminar, LT1
The theory of computation, including modern cryptography, was laid down almost seventy years ago, was implemented within a decade, became commercial within another decade, and dominated the world's economy half a century later. Quantum information technology is a fundamentally new way of harnessing nature. It is too early to say how important a way this will eventually be, but we can reasonably speculate about its impact both on computation and data security. I will review the basic concepts of quantum information science and describe experimental techniques which aim to give data processing devices new functionality.
18 February 16:15The cryptographic role of the cleaning lady / Robert Morris, National Security Agency (retired)
In recent years, loss of valuable information has been due to surprisingly low tech attacks.
By the cleaning lady, I mean some person or entity that you believe could not possibly be part of your security or cryptographic system. I leave it to the reader to identify his or her own cleaning ladies in the remainder of this talk and in real life.
It is my understanding that all major countries employ cleaning ladies in this capacity.
Would the listener please think hard about 'trusted third parties' and 'woman in the middle' attacks.
14:30Fighting spam: moderately hard memory-bound
/ Mike Burrows, Microsoft Research
NetOS Seminar, LT2
04 February 16:15Administrative Scope: a foundation for role-based administrative models / Jason Crampton, University of London, Royal Holloway
The basic components of role-based access control are well understood and widely accepted. The use of RBAC principles to manage RBAC systems has been less widely studied although some advances have been made. In particular, the ARBAC97 model makes an important contribution to the understanding and modeling of administration in role-based access control. However, there are several features of the model which we believe could be improved. We introduce the concept of administrative scope in a role hierarchy and show how this can be used to control updates to the hierarchy. We then incrementally develop a model for administering the role hierarchy and compare it to the RRA97 sub-model of ARBAC97. We conclude that our model offers significant advantages over RRA97.
17 January 16:00Making NSA Security Enhanced Linux easy to use and manage / Russell Coker
MAC based security systems have not achieved much popularity because of both actually and perceived difficulties of use.
I will describe my work in adding SE Linux support to the Debian distribution including packaging policy files, and supporting live upgrades of software in a secure fashion. Given a choice between security and manageability most organizations will not choose security. Given a choice between security and ease of use most users will not choose security. I aim to make SE Linux easy enough for desktop users and manageable enough for commercial users.
Finally there are some issues regarding SE Linux management that have not been addressed adequately (IMHO). I will discuss these with the audience and I will be very interested in any suggestions for ways to approach these problems.