Department of Computer Science and Technology

Security Group

2007 seminars

Expand all Collapse all

View original pageView slides/notes

18 December 16:15Towards interactive belief, knowledge, and provability: possible application to zero-knowledge proofs / Simon Kramer, École Polytechnique Paris

Lecture Theatre 2, Computer Laboratory, William Gates Building

We argue that modal operators of interactive belief, knowledge, and provability are definable as natural generalisations of their non-interactive counterparts, and that zero-knowledge proofs (from cryptography) have a natural (modal) formulation in terms of interactive individual knowledge, non-interactive propositional knowledge and interactive provability. Our work is motivated by van Benthem's investigation into rational agency and dialogue and our attempt to redefine modern cryptography in terms of modal logic.

This ongoing work builds on Chapter 5 of my thesis Logical Concepts in Cryptography http://library.epfl.ch/en/theses/?nr=3845

View original pageView slides/notes

11 December 16:15Tracking the Russian Business Network (RBN) / Jart Armin

Lecture Theatre 2, Computer Laboratory, William Gates Building

This talk concerns the methodology, techniques and experiences of tracking and ultimately exposing the workings of the Russian Business Network (RBN).

According to many within the Internet Security arena RBN is a Russian Internet Service Provider based in St. Petersburg which is notorious for its hosting of illegal and dubious businesses, including; child pornography, phishing, spam bot operation, and malware distribution sites. Despite more recent public awareness the RBN is still an excellent example of a covert criminal community with no known leadership or physical locations.

The author in collaboration with several other researchers approached the task from an alternative perspective. This was to study the RBN from an organizational and business perspective, investigate and uncover its nodes of operation, its necessary interaction with its victims and clients. The question now remains; knowing and exposing RBN is a useful objective but surely the main goal is to stop them?

View original page

07 December 16:00Graphical passwords: some recent results / Jeff Yan, University of Newcastle

Lecture Theatre 2, Computer Laboratory, William Gates Building

Cognitive and psychological studies have revealed that humans perform far better at remembering pictures than words. This has inspired fast growing research into the design of graphical password systems in both the security and the HCI communities, in the expectation of delivering a graphical alternative to the ubiquitous textual password scheme (which has long suffered from usability problems). However, much work must be done to realise the benefits of the picture superiority effect, and make graphical passwords a usable and robust security solution. In this talk, I will present our recent work on designing graphical passwords that are both secure and usable for hand-held devices.

View original pageView slides/notes

04 December 16:15The Anti-Bank: the privatized delivery of social grants using biometric encrypted smart-cards in southern Africa / Keith Breckenridge, Professor of History and Internet Studies, University of KwaZulu-Natal, South Africa

Lecture Theatre 2, Computer Laboratory, William Gates Building

The South African company Net1 / Aplitec has filled the space left by the collapse of the HANIS smart card. Currently some 13 million people receive monthly grants using biometrically authenticated smart-cards. Aplitec have also built up a system of point-of-sale, microlending and insurance products that deliberately challenge the EMV system. The Aplitec encryption system uses a biometric key to encrypt card data -- it is strictly proprietary, and deliberately incompatible with the banking infrastructure. (Serge Belamont, the spirit behind Aplitec, designed the SASWITCH interbank switch in the early 1980s). The company is listed on the NASDAQ, with a current market capitalization of about R10 billion. All of its revenues are taken from the welfare system.

View original pageView slides/notes

27 November 16:15Networked information processing and privacy in Japan / Andrew A. Adams, School of Systems Engineering, University of Reading

Lecture Theatre 2, Computer Laboratory, William Gates Building

Dr Andrew A. Adams has just spent nine months visiting Meiji University in Tokyo, funded by a Global Research Award from the Royal Academy of Engineering. He has been studying the legal and social approach to privacy of electronic data in Japan and will present some of the results of his study.

There is a myth amongst researchers that there is no such thing as "Privacy" in Japan. Dr Adams refutes that and shows that the advent of networked information processing of personal data has brought Japanese attitudes to information privacy to a highly similar position to Western attitudes.

Grounded in the social and psychological literature about Japan, this work explains the emergence of Japanese legal protection for personal data in
recent years.

View original pageView slides/notes

13 November 16:15Authentication protocols based on human interaction in security pervasive computing / Nguyen Hoang Long, Oxford University Computing Laboratory

Lecture Theatre 2, Computer Laboratory, William Gates Building

A big challenge in pervasive computing is to establish secure communication over the Dolev-Yao network without a PKI. An approach studied by researchers is to build security though human work creating a low-bandwidth empirical channel (physical contact, human conversation) where the transmitted information is
authentic and cannot be faked /modified. In this talk, we give a brief survey of authentication protocols of this type as well as concentrating on our contribution which is group-protocol.

We start with non-interactive schemes, for example: the one proposed by Gehrmann, Mitchell and Nyberg, and point out that it does not optimise the human work, and then present our improved version of the scheme. We then move on to analyse strategies used to build interactive pair-wise and group protocols that minimise the human work relative to the amount of security
obtained. Many of the protocols are based on the human comparison of a single short string.

Speaker's website:
http://web.comlab.ox.ac.uk/oucl/work/long.nguyen/

View original page

30 October 16:15Key amplification in unstructured networks / Shishir Nagaraja, Computer Laboratory, University of Cambridge

Lecture Theatre 2, Computer Laboratory, William Gates Building

There are a number of scenarios where users wishing to communicate, share a weak secret. Often, they are also part of a common social network. Connections (edges) from the social network are represented as shared link keys between participants (vertices). We propose several mechanisms that utilise the graph topology of such a network, to increase the entropy of weak pre-shared secrets. Our proposals are based on using random walks to efficiently identify a chain of common acquaintances between Alice and Bob, each of which contribute entropy to the final key. Our mechanisms exploit one-wayness and convergence properties of Markovian random walks to, firstly, maximize the set of potential entropy contributors, and second, to resist any contribution from dubious sources by exploiting the community information characteristically present in real world network topologies.

View original page

16 October 16:15Synergy of crime science and security engineering / Shaun Whitehead

Lecture Theatre 2, Computer Laboratory, William Gates Building

This talk discusses the links between crime science and security engineering, drawing on experience of research into designing out mobile phone theft and current investigations into the theft and misuse of electronic services.

View original page

02 October 16:15High security locks: illusion or reality / Marc Weber Tobias

Lecture Theatre 2, Computer Laboratory, William Gates Building

A case study in compromising the most popular high security lock in America: The Medeco m3.

In the United States two standards organizations rate cylinders for their ability to withstand forced and covert attack and certify these locks as suitable for high security installations. Yet are the standards actually what they represent and are consumers really secure if they rely upon them especially if high value commercial or government targets are involved?


Many high security lock manufacturers claim that their cylinders will be impervious to covert methods of entry including picking and bumping and that they offer high levels of key control, effectively preventing the illegal or unauthorized duplication of their keys.

In this presentation, Marc Weber Tobias offers a detailed analysis of how the Medeco lock; of one of the most respected manufacturers in the United States and Europe was compromised by his research team. These cylinders are utilized to protect the most secure areas of commerce and government, not only in America but also in many other countries. This is a serious case in which there has been a basic failure of imagination on the part of design engineers to properly assess the security of the locks that they produce. This has resulted in the exposure of facilities to serious potential vulnerabilities.

Bio: Marc Weber Tobias is an investigative attorney and a physical security expert in locks and safes. He was trained as both a lawyer and criminal investigator and has been a certified polygraph examiner for the past twenty years, employed by government agencies and private clients. He works in the United States and has conducted thousands of polygraph or lie detector examinations in both criminal and civil investigations involving cases of kidnapping and murder to employee theft from commercial businesses. The polygraph is utilized throughout the world by police and intelligence agencies for a variety of purposes, including the verification of statements by suspects and victims, plea bargains in criminal cases, and vetting of government employees and intelligence agents to obtain and maintain security clearances. Marc Tobias has worked several high-profile cases and in one investigation, he conducted the polygraph examination of the career criminal in Sweden that provided the gun that killed the prime minister of that country in 1986.

View original page

30 July 16:15The economics of revealing and protecting private information: Evidence from human subject experiments and surveys / Jens Grossklags, School of Information, University of California Berkeley

Lecture Theatre 2, Computer Laboratory, William Gates Building

Privacy and security decision-making depends not only on technological, but also economic, behavioral, and legal factors. The resulting privacy choices by individuals often appear puzzling and contradictory in comparison to results from opinion surveys indicating high concern for the sanctity of private information. In this talk I will discuss results from two studies
that shed light on the underlying drivers of these observations.

First, I will report on a study of software installations assessing the effectiveness of different notices for helping people to make better decisions on which software to install. Our study of 222 users showed that providing a short summary notice, in addition to the End User License Agreement (EULA), reduced the number of potentially harmful software
installations significantly. However, even with the introduction of short and conspicuous notices, as recommended by consumer interest groups and government agencies, many users installed programs and later expressed regret for doing so.

Second, I will present experimental results that support the assumption that protecting information is not only based on different marketplace activities
than giving away information but that there is a significant gap between consumers' valuation for protecting and giving up privacy. These results
have implications for the accurate measurement of privacy losses in legal proceedings, and should be taken into consideration when evaluating the
desirability of consumer protection regulation.

Speaker's homepage:

http://www.ischool.berkeley.edu/~jensg/

View original page

30 May 14:15Smart-card based authentication on an insecure network / Peter Sweeney, Centre for Communication Systems Research, University of Surrey.

Lecture Theatre 1, Computer Laboratory

Standard means of authentication use PINs over secure terminals or secure networks. However there are many applications where proper authentication would be valuable, but the user may be connected to an insecure network, particularly the internet. In such circumstances, use of a PIN is inappropriate because of the ease of eavesdropping.

The work reported arose from an FP5 project to create a new 32-bit USB smart card and associated applets. The requirements are discussed and an image-based authentication method is described. Experimental work showed that the method was usable, but it has the potential disadvantage that no proof exists for its security. Moreover, it requires connection to an online database of images.

As an alternative, a method of provable security is put forward, which is potentially very suitable for implementation on a smart card. However the usability of the method is in question. There is also a potential active attack against this method, even though no strategy for the attack has yet been designed.

Speaker:
Peter Sweeney is a Reader in the Centre for Communication Systems Research at the University of Surrey. His main interests have always been in error-control coding, but as a side line he has also pursued research in other aspects of information theory, particularly cryptology and steganography.

View original page

15 May 16:15Realities of online banking fraud / Matthew Pemble, Vizuri

Lecture Theatre 2, Computer Laboratory, William Gates Building

The UK banking industry's response to online fraud is regularly criticised by both journalists and by more informed commentators. The seminar will look at the economic and practical realities of current fraud issues - phishing and its variants, advanced fee, internationalisation of fraud and (the general lack of) law enforcement response. Technical and procedural measures to improve matters will be discussed, including the complexities of the proper use of "strong authentication" technologies.

Slides can be found <a href="http://www.cl.cam.ac.uk/research/security/seminars/2007/2007-5-15_pemble.pdf">here</a>.

View original page

15 May 14:30Alertme.com - implementing wireless home security 2.0 / Amyas Phillips, Alertme.com

Room FW11, Computer Laboratory, William Gates Building

Alertme.com is a Cambridge based startup developing home security as an internet appliance. ZigBee based wireless sensors and actuators communicate with an internet-connected gateway, through which remote
servers provide services to customers' homes. The service is configured via a web based UI, with a simple in-home interface for daily use. We will present a brief overview of the system architecture followed by a selection of technical challenges and our solutions, on which we would welcome criticisms and suggestions. Depending on our audience's interests, these could include deployment, coexistence and energy considerations of wireless sensor networks, the UI, digital security, distributed system design, networking in the home, manufacturing, and _ad-hoc_ any other topics of interest.

View original page

08 May 16:15Towards open trusted computing frameworks / Matt Barrett

Lecture Theatre 2, Computer Laboratory, William Gates Building

This talk will summarise the results of, and motivation for, my master's thesis, which looked at the feasibility of a trusted computing framework built from entirely open components. Each component was required to be as inspect-able and verifiable as possible, and therefore be trusted by its users.

I will discuss in some detail a novel insertion attack against certain trusted computing frameworks built upon the Trusted Computing Group's Trusted Computing Module. Our insertion attack makes use of a vulnerability that arises due to the architecture of the TPM itself, and was published at COMPSAC 2006.

Bio:

Matt Barrett graduated from the University of Auckland's Computer Science Department (http://www.cs.auckland.ac.nz) with a MSc (Hons, 1st Class) in 2005. His thesis was titled 'Towards an Open Trusted Computing Framework,' available at http://www.cs.auckland.ac.nz/~cthombor/Students/mbarrett/mbarrettThesis.htm. Since then, he has been living and working in London. Previous research has included Microsoft's now defunct Next-Generation Secure Computing Base.

View original page

01 May 16:15The commercial malware industry / Peter Gutmann, University of Auckland

Lecture Theatre 2, Computer Laboratory, William Gates Building

Malware has come a long way since it consisted mostly of small-scale (if prolific) nuisances perpetrated by script kiddies. Today, it's increasingly being created by professional programmers and managed by international criminal organisations. This talk looks at the methods and technology employed by the professional malware industry, which is turning out "product" that matches (and in some cases even exceeds) the sophistication of standard commercial software, but with far more sinister applications.

Peter Gutmann's webpage:
http://www.cs.auckland.ac.nz/~pgut001/

View original page

01 May 14:15Phishing tips and techniques: tackle, rigging, and how and when to phish / Peter Gutmann, University of Auckland

Lecture Theatre 2, Computer Laboratory, William Gates Building

Despite the crypto wars having mostly ended some years ago, we don't seem to be any better off now that good crypto is widely available. The reason for this is that attackers are exploiting the weakest link in the interface and doing an end-run around the crypto. This talk looks at the technical and psychological backgrounds behind why phishing works, and how this can be exploited to make phishing attacks more effective. To date, apart from the occasional use of psychology grads by 419 scammers, no-one has really looked at the wetware mechanisms that make phishing successful. Security technology doesn't help here, with poorly-designed user interfaces playing right into the phishers hands.

After covering the psychological nuts and bolts of how users think and make decisions, the talk goes into specific examples of user behaviour clashing with security user interface design, and how this could be exploited by attackers to bypass security speedbumps that might be triggered by phishing attacks. Depending on your point of view, this is either a somewhat hair-raising cookbook for more effective phishing techniques, or a warning about how these types of attacks work and what needs to be defended against.

Peter Gutmann's webpage:
http://www.cs.auckland.ac.nz/~pgut001/

View original page

06 March 16:15Alternative security mechanisms for WiFi networks / Daniel Cvrcek, Computer Laboratory, University of Cambridge

Lecture Theatre 2, Computer Laboratory, William Gates Building

Wireless networks (WiFi) constitute a cheap option for accessing Internet in some countries. Such networks are called 'community WiFi networks' as a group of people must establish a form of cooperation allowing them to agree on the terms of usage and to collect money for paying Internet connection fees. Such environment introduces strong threat of insider attacks. This is one of the reasons why any security mechanisms based on shared key are hard to effectively deploy. The talk will introduce approach based on reputation systems - analysing properties of network clients in relation to WiFi access points. We have implemented the system and deployed it in a community network with some 200 members in a very basic form so we give some results of the deployment. We will also overview our current directions for improvements of the system.

View original page

27 February 16:15Power analysis attacks / Elisabeth Oswald, Department of Computer Science, University of Bristol

Lecture Theatre 2, Computer Laboratory, William Gates Building

Power analysis attacks allow extracting keys from cryptographic devices with low effort. While so called differential power analysis attacks assume only very limited knowledge about the device under attack,
template-based power analysis attacks assume much more knowledge. Naturally, this leads to better attacks. This talk will survey existing power analysis techniques briefly, but will have its emphasis on template-based power analysis attacks.

View original page

13 February 16:15Anonymity in the wild: Mixes on unstructured networks / Shishir Nagaraja, Computer Laboratory, University of Cambridge

Lecture Theatre 2, Computer Laboratory, William Gates Building

With the growth in decentralised systems, unstructured networks including social networks are natural candidates for mix network topologies that are resilient against a well funded adversary who blocks access to a centralised mix-network. We consider mix topologies where mixes are placed on the nodes of a social network. We analyse the anonymity such networks provide under high latency conditions, and compare it with other sparsely connected mix networks. We prove that real network topologies such as scale-free networks mix efficiently. We also analyse mix topologies from the Klienberg small world and scale-free random graphs, using simulations and compare their performance with expander graphs. We also show that mix networks over unstructured topologies are resilient to vertex-order attacks of Barabasi-Albert, however batch sizes required for preventing intersection attacks could be a challenging requirement to meet.

Shishir Nagaraja's webpage can be found <a href='http://www.cl.cam.ac.uk/~sn275'>here</a>

View original page

06 February 16:15Data sharing and privacy in multi-agency working / Adam Warren, Department of Information Science, Loughborough University

Lecture Theatre 2, Computer Laboratory, William Gates Building

This paper analyses empirical data from a major, ESRC-funded research project concerning data-sharing and privacy in multi-agency working. The study provides the first systematic evidence about the ways in which local partnerships working in sensitive policy fields – including Mental Health and Crime and Disorder - attempt to strike settlements between sharing and confidentiality, Over 200 interviews were conducted in 77 organisations, covering four policy sectors, across England and Scotland. The analysis was framed by theory developed from the neo-Durkheimian tradition, and the research demonstrates that this theory has the power to identify and explain patterns of information sharing styles adopted in local collaborative working.

The overall conclusion is that the stronger formal regulation by national government may well be leading to the greater prominence of hierarchical institutional forms. However, the findings demonstrate that reliance on such policy tools does not always lead to consistent and acceptable outcomes, not least because of unresolved conflicts of values and aims.

The project, Joined-up Public Services: Data-sharing and Privacy in Multi-Agency Working, was a £230,000 ESRC-funded study concerning the tensions between collaborative working and respect for confidentiality in the spheres of health and criminal justice. It was co-managed by Professors Chris Bellamy (Nottingham Trent University), Perri 6 (Nottingham Trent University) and Charles Raab (Edinburgh University). It has produced a number of outputs, including conference papers, book chapters and journal articles. A co-authored book, Partnership and privacy in the information state, will be published by Palgrave-MacMillan in 2007.

Dr Adam Warren has been a Research Officer at the Department of Information Science (DIS), Loughborough University since September 2005 He completed his PhD thesis Fully Compliant? A Study of Data Protection Policy in Public Organisations at DIS in June 2003. He was subsequently employed for two years as a Research Fellow on the Data sharing and privacy project.

Dr. Adam Warren's <a href='http://www.lboro.ac.uk/departments/dis/people/awarren.html'>homepage</a>

View original page

30 January 16:15A reciprocation-based economy for multiple services in P2P grids / Miranda Mowbray, HP Labs Bristol UK

Lecture Theatre 2, Computer Laboratory, William Gates Building

Designers of peer-to-peer grids aim to construct computational grids encompassing thousands of sites. To achieve this scale, the systems cannot rely on trust or off-line negotiations among participants. Moreover, without incentives for donation, there is a danger that free riding will prevail, leading the grid to collapse. Reciprocation-based incentive mechanisms have been proposed to deal with this problem. However, they have only been studied for the case in which a single service - processing power - is shared. In this paper we give a reciprocation-based mechanism for the case when multiple services, such as processing power and data transfers, are shared. In simulations of scenarios in which the services shared are combinations of two different basic services, the mechanism performs very well, even when the cost to peers of donating a service is nearly as large as the utility gained by receiving it.

Mini-bio:
Miranda Mowbray is a Technical Contributor at Hewlett-Packard Laboratories, Bristol. She studied political philosophy in the United States before obtaining an MA in Mathematics from Cambridge University and a PhD in Algebra from London University. She co-founded e-mint, the UK Association of Online Community Professionals. Miranda is at present a principal investigator for peer-to-peer technologies at HP Labs.

View original page

23 January 16:15Privacy preserving censorship / Yvo Desmedt, Department of Computer Science, University College London

Lecture Theatre 2, Computer Laboratory, William Gates Building

In many Western countries information is being censored or plans are being made. In Australia, the Australian Communications Minister Helen Coonan has suggested to censor the internet TV program Big Brother. Moreover two books are censored. In Belgium the Information Minister Peter Vanvelthoven is looking into "censoring websites with illegal content or with illegal services" (translated from the official Belgian memorandum) or at least to "inform customers that they entered a black listed site". Critics remember that before 1966 it was hard in small Belgian villages to buy books that were on the Vatican "Index Librorum Prohibitorum" blacklist. Other examples of censorship in the West include the censorship: by the church of ``non-traditional'' gospels, Hitler's ``Mein Kampf'' in countries as France and Germany, and the Rolling Stones performance during the 2006 superbowl on 5 February 2006 in the US. Texts describing in details the construction of atomic bombs, or other classified information, are also censored.

Whether censorship is a benefit to mankind or not, is a non-scientific topic, and therefore not the focus of the presentation. In this talk we discuss methods that can be used to censor networks. A problem with a straightforward solution is that censorship techniques might be used by terrorist or hackers who want to perform a denial of service attack. We therefore analyze how telecommunication providers can guarantee privacy on how to censor (i.e. protecting against hackers with limited resources using it to perform a denial of service) while at the same time being able to demonstrate to the authorities the capability to censor. Above is impossible when using traditional models to describe network reliability. We discuss an alternative model in which it can be achieved. We propose a zero-knowledge interactive proof for this problem.

No background information is required to be able to understand most of the lecture. This presentation is based on joint work with Yongge Wang and Mike Burmester and presented at the First International Workshop on Critical Information Infrastructures Security.

SHORT BIO:

Yvo Desmedt received his Ph.D. (Summa cum Laude) from the University of Leuven, Belgium (1984). He is presently the BT Chair of Information Security at University College London, UK. He is also a courtesy professor at Florida State University. His interests include cryptography, network security and computer security. He is program chair of the Workshop on Information Theoretic Security 2007, was co-program chair of CANS 2005, program chair of PKC 2003, the 2002 ACM Workshop on Scientific Aspects of Cyber Terrorism and Crypto '94. He is editor-in-chief of the IEE Proceedings of Information Security, editor of the Journal of Computer Security, of Information Processing Letters and of Advances in Mathematics of Communications. He has given invited lectures at several conferences and workshop in 5 different continents.