Joseph Bonneau
Publications
I am currently focusing on and authentication and identity systems for the web, as well as privacy and security in online social networks. In the past I have worked on crypto protocols, side-channel attacks, software obfuscation, and reverse engineering. I make full text available for all publications accepted into acacemic conferences and workshops.
Human Authentication
- You can never have too many passwords: techniques for evaluating a huge corpus
(pre-proceedings draft, still under revision) (paper)
Joseph Bonneau. 2012 IEEE Symposium on Security and Privacy. San Francisco, CA, USA, May 21 2012.
Abstract Citationto be completed
@article{B12, title={{You can never have too many passwords: techniques for evaluating a huge corpus}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/B12-IEEESP-evaluating_a_huge_password_corpus.pdf", journal="2012 IEEE Symposium on Security and Privacy", author="Joseph Bonneau", month="May", location="San Francisco, CA, USA", year="2012", } - User Authentication on the Web: Framework and Evaluation of Password-replacement Schemes
(still under pre-proceedings revision)
Frank Stajano, Joseph Bonneau, Cormac Herley and Paul van Oorschot. 2012 IEEE Symposium on Security and Privacy. San Francisco, CA, USA, May 21 2012.
Abstract Citationto be completed
@article{SBHO12, title={{User Authentication on the Web: Framework and Evaluation of Password-replacement Schemes}}, journal="2012 IEEE Symposium on Security and Privacy", author="Frank Stajano and Joseph Bonneau and Cormac Herley and Paul van Oorschot", month="May", location="San Francisco, CA, USA", year="2012", } - Linguistic properties of multi-word passphrases
(paper)
Joseph Bonneau and Ekaterina Shutova. USEC '12: Workshop on Usable Security. Kralendijk, Bonaire, Netherlands, Mar 02 2012.
Abstract CitationWe examine patterns of human choice in a passphrase-based authentication system deployed by Amazon, a large online merchant. We tested the availability of a large corpus of over 100,000 possible phrases at Amazon's registration page, which prohibits using any phrase already registered by another user. A number of large, readily-available lists such as movie and book titles prove effective in guessing attacks, suggesting that passphrases are vulnerable to dictionary attacks like all schemes involving human choice. Extending our analysis with natural language phrases extracted from linguistic corpora, we find that phrase selection is far from random, with users strongly preferring simple noun bigrams which are common in natural language. The distribution of chosen passphrases is less skewed than the distribution of bigrams in English text, indicating that some users have attempted to choose phrases randomly. Still, the distribution of bigrams in natural language is not nearly random enough to resist offline guessing, nor are longer three- or four-word phrases for which we see rapidly diminishing returns.
@article{BS12, title={{Linguistic properties of multi-word passphrases}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BS12-USEC-passphrase_linguistics.pdf", journal="USEC '12: Workshop on Usable Security", author="Joseph Bonneau and Ekaterina Shutova", month="March", location="Kralendijk, Bonaire, Netherlands", year="2012", } - A birthday present every eleven wallets? The security of customer-chosen banking PINs
(paper under media embargo, please email the author if a copy is needed for research purposes)
Joseph Bonneau, Sören Preibusch and Ross Anderson. FC '12: Proceedings of the the Sixteenth International Conference on Financial Cryptography. Kralendijk, Bonaire, Netherlands, Mar 01 2012.
Abstract CitationWe provide the first published estimates of the difficulty of guessing a human-chosen 4-digit PIN. We begin with two large sets of 4-digit sequences chosen outside banking for online passwords and smartphone unlock-codes. We use a regression model to identify a small number of dominant factors influencing user choice. Using this model and a survey of over 1,100 banking customers, we estimate the distribution of banking PINs as well as the frequency of security-relevant behaviour such as sharing and reusing PINs. We find that guessing PINs based on the victims' birthday, which nearly all users carry documentation of, will enable a competent thief to gain use of an ATM card once for every 11-18 stolen wallets, depending on whether banks prohibit weak PINs such as 1234. The lesson for cardholders is to never use one's date of birth as a PIN. The lesson for card-issuing banks is to implement a denied PIN list, which several large banks still fail to do. However, blacklists cannot effectively mitigate guessing given a known birth date, suggesting banks should move away from customer-chosen banking PINs in the long term.
@article{BPA12, title={{A birthday present every eleven wallets? The security of customer-chosen banking PINs}}, journal="FC '12: Proceedings of the the Sixteenth International Conference on Financial Cryptography", author="Joseph Bonneau and S{\"{o}}ren Preibusch and Ross Anderson", month="March", location="Kralendijk, Bonaire, Netherlands", year="2012", } - Getting web authentication right: a best-case protocol for the remaining life of passwords
(paper)
Joseph Bonneau. Nineteenth International Workshop on Security Protocols. Cambridge, UK, Mar 28 2011.
Abstract CitationWe outline an end-to-end password authentication protocol for the web designed to be stateless and as secure as possible given legacy limitations of the web browser and performance constraints of commercial web servers. Our scheme is secure against very strong but passive attackers able to observe both network traffic and the server's database state. At the same time, our scheme is simple for web servers to implement and requires no changes to modern, HTML5-compliant browsers. We assume TLS is available for initial login and no other public-key cryptographic operations, but successfully defend against cookie-stealing and cookie-forging attackers and provide strong resistance to password guessing attacks.
@article{B11, title={{Getting web authentication right: a best-case protocol for the remaining life of passwords}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/B11-SPW-web_auth_right.pdf", journal="Nineteenth International Workshop on Security Protocols", author="Joseph Bonneau", month="March", location="Cambridge, UK", year="2011", } - The Password Game: negative externalities from weak password practices
(paper)
Sören Preibusch and Joseph Bonneau. GameSec 2010: Conference on Decision and Game Theory for Security. Berlin, Germany, Nov 23 2010.
Abstract CitationThe combination of username and password is widely used as a human authentication mechanism on the Web. Despite this universal adoption and despite their long tradition, password schemes exhibit a high number of security flaws which jeopardise the confidentiality and integrity of personal information. As Web users tend to reuse the same password for several sites, security negligence at any one site introduces a negative externality into the entire password ecosystem. We analyse this market inefficiency as the equilibrium between password deployment strategies at security-concerned Web sites and indifferent Web sites. The game-theoretic prediction is challenged by an empirical analysis. By a manual inspection of 150 public Web sites that offer free yet password-protected sign-up, complemented by an automated sampling of 2184 Web sites, we demonstrate that observed password practices follow the theory: Web sites that have little incentive to invest in security are indeed found to have weaker password schemes, thereby facilitating the compromise of other sites. We use the theoretical model to explore which technical and regulatory approaches could eliminate the empirically detected inefficiency in the market for password protection.
@article{PB10, title={{The Password Game: negative externalities from weak password practices}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/PB09-GS-password_game.pdf", journal="GameSec 2010: Conference on Decision and Game Theory for Security", author="S{\"{o}}ren Preibusch and Joseph Bonneau", month="November", location="Berlin, Germany", year="2010", } - The password thicket: technical and market failures in human authentication on the web
(paper) (dataset)
Joseph Bonneau and Sören Preibusch. WEIS '10: Proceedings of the Ninth Workshop on the Economics of Information Security. Boston, MA, USA, Jun 25 2010.
Abstract CitationWe report the results of the first large-scale empirical analysis of password implementations deployed on the Internet. Our study included 150 websites which offer free user accounts for a variety of purposes, including the most popular destinations on the web and a random sample of e-commerce, news, and communication websites. Although all sites evaluated relied on user-chosen textual passwords for authentication, we found many subtle but important technical variations in implementation with important security implications. Many poor practices were commonplace, such as a lack of encryption to protect transmitted passwords, storage of cleartext passwords in server databases, and little protection of passwords from brute force attacks. While a spectrum of implementation quality exists with a general correlation between implementation choices within more-secure and less-secure websites, we find a surprising number of inconsistent choices within individual sites, suggesting that the lack of a standards is harming security. We observe numerous ways in which the technical failures of lower-security sites can compromise higher-security sites due to the well-established tendency of users to re-use passwords. Our data confirms that the worst security practices are indeed found at sites with few security incentives, such as newspaper websites, while sites storing more sensitive information such as payment details or user communication implement more password security. From an economic viewpoint, password insecurity is a negative externality that the market has been unable to correct, undermining the viability of password-based authentication. We also speculate that some sites deploying passwords do so primarily for psychological reasons, both as a justification for collecting marketing data and as a way to build trusted relationships with customers. This theory suggests that efforts to replace passwords with more-secure protocols or federated identity systems may fail because they don't recreate the entrenched ritual of password authentication.
@article{BP10, title={{The password thicket: technical and market failures in human authentication on the web}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BP10-WEIS-password_thicket.pdf", journal="WEIS '10: Proceedings of the Ninth Workshop on the Economics of Information Security", author="Joseph Bonneau and S{\"{o}}ren Preibusch", month="June", location="Boston, MA, USA", year="2010", } - What's in a Name? Evaluating Statistical Attacks on Personal Knowledge Questions
(paper) (dataset)
Joseph Bonneau, Mike Just and Greg Matthews. FC '10: Proceedings of the the Fourteenth International Conference on Financial Cryptography. Tenerife, Spain, Jan 25 2010.
Abstract CitationWe study the efficiency of statistical attacks on human authentication systems relying on personal knowledge questions. We adapt techniques from guessing theory to measure security against a trawling attacker attempting to compromise a large number of strangers' accounts. We then examine a diverse corpus of real-world statistical distributions for likely answer categories such as the names of people, pets, and places and find that personal knowledge questions are significantly less secure than graphical or textual passwords. We also demonstrate that statistics can be used to increase security by proactively shaping the answer distribution to lower the prevalence of common responses.
@article{BJM10, title={{What's in a Name? Evaluating Statistical Attacks on Personal Knowledge Questions}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BJM10-FC-name_guessing_statistics.pdf", journal="FC '10: Proceedings of the the Fourteenth International Conference on Financial Cryptography", author="Joseph Bonneau and Mike Just and Greg Matthews", month="January", location="Tenerife, Spain", year="2010", }
Security and Privacy in the Social Web
- The privacy landscape: product differentiation on data collection
(paper) (dataset)
Sören Preibusch and Joseph Bonneau. WEIS '11: Proceedings of the Tenth Workshop on the Economics of Information Security. Washington, DC, USA, Jun 14 2011.
Abstract CitationWhilst the majority of online consumers do not seem to take the privacy characteristics of goods and services into account with their consumption choices, a sizeable proportion consider differences in data collection and processing amongst alternative suppliers when deciding where to buy. Meeting their heterogeneous privacy preferences would require varied privacy regimes between different suppliers. Based on an empirical evaluation of 140 Web sites across five industries, we consider two questions: (1) can privacy-conscious consumers find a privacy-friendly seller/provider? (2) is this alternative associated with higher prices? We interpret the empirical evidence using the economic model of horizontal differentiation. As an overarching conclusion, differentiation on privacy is more prevalent in markets where consumption is priced—an observation that confirms the prediction from theory. Surprisingly, sellers that collect less data charge lower prices, with high significance. Implications for regulation and for further study are discussed.
@article{PB11, title={{The privacy landscape: product differentiation on data collection}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/PB11-WEIS-privacy_landscape.pdf", journal="WEIS '11: Proceedings of the Tenth Workshop on the Economics of Information Security", author="S{\"{o}}ren Preibusch and Joseph Bonneau", month="June", location="Washington, DC, USA", year="2011", } - Don't Tread on Me: Moderating Access to OSN Data with SpikeStrip
(paper)
Christo Wilson, Alessandra Sala, Joseph Bonneau, Robert Zablit and Ben Zhao. WOSN 2010: The Third Workshop on Online Social Networks. Boston, Massachussets, Jun 22 2010.
Abstract CitationOnline social networks rely on their valuable data stores to attract users and produce income. Their survival depends on the ability to protect users’ profiles and disseminate it to other users through controlled channels. Given the sparse user adoption of privacy policies, however, there is increasing incentive and opportunity for malicious parties to extract these datasets for profit using automated “crawlers” and “screen-scrapers.” With the arrival of distributed botnets and low-cost hosted VMs, attackers can perform fast, distributed crawls that evade traditional detectors and rate limiters. We propose SpikeStrip, a server add-on that uses light-weight link encryption to isolate and rate limit crawlers. We experiment with real OSN data, and show that SpikeStrip successfully curtails sophisticated, distributed crawlers while imposing minimal server throughput overhead and inconvenience to end-users.
@article{WSBZZ09, title={{Don't Tread on Me: Moderating Access to OSN Data with SpikeStrip }}, url="http://www.cs.ucsb.edu/~ravenben/publications/pdf/spikestrip-wosn10.pdf", journal="WOSN 2010: The Third Workshop on Online Social Networks", author="Christo Wilson and Alessandra Sala and Joseph Bonneau and Robert Zablit and Ben Zhao", month="June", location="Boston, Massachussets", year="2010", } - Privacy-Enhanced Public View for Social Graphs
(paper)
Hyoungshick Kim and Joseph Bonneau. SWSM '09: The 2nd Workshop on Social Web Search and Mining. Hong Kong, China, Nov 02 2009.
Abstract CitationWe consider the problem of releasing a limited public view of a sensitive graph which reveals at least k edges per node. We are motivated by Facebook’s public search listings, which ex- pose user profiles to search engines along with a fixed number of each user’s friends. If this public view is produced by uniform random sampling, an adversary can accurately approximate many sensitive features of the original graph, including the degree of individual nodes. We propose several schemes to produce public views which hide degree informa- tion. We demonstrate the practicality of our schemes using real data and show that it is possible to mitigate inference of degree while still providing useful public views.
@article{KB09, title={{Privacy-Enhanced Public View for Social Graphs}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/KB09-SWSM-privacy_public_view.pdf", journal="SWSM '09: The 2nd Workshop on Social Web Search and Mining", author="Hyoungshick Kim and Joseph Bonneau", month="November", location="Hong Kong, China", year="2009", } - Privacy Preserving Social Networking Over Untrusted Networks
(paper)
Jonathan Anderson, Claudia Diaz, Joseph Bonneau and Frank Stajano. WOSN 2009: The Second ACM SIGCOMM Workshop on Online Social Networks. Barcelona, Spain, Aug 17 2009.
Abstract CitationCurrent social networks require users to place absolute faith in their operators, and the inability of operators to protect users from malicious agents has led to sensitive private in formation being made public. We propose an architecture for social networking that protects users’ social information from both the operator and other network users. This archi tecture builds a social network out of smart clients and an untrusted central server in a way that removes the need for faith in network operators and gives users control of their privacy.
@article{ADBS09, title={{Privacy Preserving Social Networking Over Untrusted Networks}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/ADBS09-WOSN-privacy_enabling_sns.pdf", journal="WOSN 2009: The Second ACM SIGCOMM Workshop on Online Social Networks", author="Jonathan Anderson and Claudia Diaz and Joseph Bonneau and Frank Stajano", month="August", location="Barcelona, Spain", year="2009", } - Prying Data out of a Social Network
(paper)
Joseph Bonneau, Jonathan Anderson and George Danezis. ASONAM 09: The First International Conference on Advances in Social Networks Analysis and Mining. Athens, Greece, Jul 20 2009.
Abstract CitationPreventing adversaries from compiling significant amounts of user data is a major challenge for social network operators. We examine the difficulty of collecting profile and graph information from the popular social networking website Facebook and report two major findings. First, we describe several novel ways in which data can be extracted by third parties. Second, we demonstrate the efficiency of these methods on crawled data. Our findings highlight how the current pro tection of personal data is inconsistent with users’ expectations of privacy.
@article{BAD09, title={{Prying Data out of a Social Network}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BAS09-ASONAM-prying_sns_data.pdf", journal="ASONAM 09: The First International Conference on Advances in Social Networks Analysis and Mining", author="Joseph Bonneau and Jonathan Anderson and George Danezis", month="July", location="Athens, Greece", year="2009", } - Privacy Stories: Confidence in Privacy Behaviors through End User Programming (poster)
(poster) (abstract)
Luke Church, Jonathan Anderson, Joseph Bonneau and Frank Stajano. SOUPS 2009: The Fifth Symposium On Usable Privacy and Security. Mountain View, CA, USA, Jul 15 2009.
Abstract CitationIn [2] we argued that, in the search to give users meaningful control over their information, we should consider End User Programming techniques as a possible replacement for either opaque, expert determined choices or the endless proliferation of options that arises from a simplistic application of direct manipulation principles. We describe a work in progress to study the viability of this approach for improving the usability of social network privacy configuration. As suggested in [2] we make use of analytical usability techniques to discuss the usability challenges of the current Facebook interface and to inform the design of our proposed alternative. We then report on a very small (two user) pilot study and look at challenges that we will address in future design iterations.
@article{CABS09, title={{Privacy Stories: Confidence in Privacy Behaviors through End User Programming (poster)}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/CABS09-SOUPS-poster-privacy_stories.pdf", journal="SOUPS 2009: The Fifth Symposium On Usable Privacy and Security", author="Luke Church and Jonathan Anderson and Joseph Bonneau and Frank Stajano", month="July", location="Mountain View, CA, USA", year="2009", } - Privacy Suites: Shared Privacy for Social Networks (poster)
(poster) (abstract)
Joseph Bonneau, Jonathan Anderson and Luke Church. SOUPS 2009: The Fifth Symposium On Usable Privacy and Security. Mountain View, CA, USA, Jul 15 2009.
Abstract CitationCreating privacy controls for social networks that are both expressive and usable is a major challenge. Lack of user understanding of privacy settings can lead to unwanted disclosure of private information and, in some cases, to material harm. We propose a new paradigm which allows users to easily choose “suites” of privacy settings which have been specified by friends or trusted experts, only modifying them if they wish. Given that most users currently stick with their default, operator-chosen settings, such a system could dramatically increase the privacy protection that most users experience with minimal time investment.
@article{BAC09d, title={{Privacy Suites: Shared Privacy for Social Networks (poster)}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/ADBS09-WOSN-privacy_enabling_sns.pdf", journal="SOUPS 2009: The Fifth Symposium On Usable Privacy and Security", author="Joseph Bonneau and Jonathan Anderson and Luke Church", month="July", location="Mountain View, CA, USA", year="2009", } - Security APIs for Online Applications
(paper)
Jonathan Anderson, Joseph Bonneau and Frank Stajano. Third International Workshop on Analysis of Security APIs. Port Jefferson, NY, USA, Jul 10 2009.
Abstract CitationOnline social networks, in their current form, require users to place a vast amount of trust in the operators of both the core network and the third-party applications they use. Since both of these actors have shown themselves to be untrustworthy in the past [1], [2], [3], [4], [5], we have proposed a model for social networks in which client software runs on the user’s computer, encrypted blocks are stored on a “dumb” server and third-party applications are sandboxed to avoid the leakage of personal information [6]. In this scheme, the interface between applications and the core client software resembles a system call API in which a kernel offers applications the means to perform privileged operations. We have begun exploring this API to determine its functional requirements and desired security properties, but we welcome comments from and engagement with the security API community in order to provide the users of social networks with meaningful promises of personal privacy.
@article{ABS09, title={{Security APIs for Online Applications}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/ABS09-ASA-security_apis_online_apps.pdf", journal="Third International Workshop on Analysis of Security APIs", author="Jonathan Anderson and Joseph Bonneau and Frank Stajano", month="July", location="Port Jefferson, NY, USA", year="2009", } - The Privacy Jungle: On the Market for Privacy in Social Networks
(paper) (abridged paper) (dataset)
Joseph Bonneau and Sören Preibusch. WEIS '09: Proceedings of the Eighth Workshop on the Economics of Information Security. London, UK, Jun 25 2009.
Abstract CitationWe have conducted the first thorough analysis of the market for privacy practices and policies in online social networks. From an evaluation of 45 social networking sites using 260 criteria we find that many popular assumptions regarding privacy and social networking need to be revisited when considering the entire ecosystem instead of only a handful of well-known sites. Contrary to the common perception of an oligopolistic market, we find evidence of vigorous competition for new users. Despite observing many poor security practices, there is evidence that social network providers are making efforts to implement privacy enhancing technologies with substantial diversity in the amount of privacy control offered. However, privacy is rarely used as a selling point, even then only as auxiliary, non-decisive feature. Sites also failed to promote their existing privacy controls within the site. We similarly found great diversity in the length and content of formal privacy policies, but found an opposite promotional trend: though almost all policies are not accessible to ordinary users due to obfuscating legal jargon, they conspicuously vaunt the sites’ privacy practices. We conclude that the market for privacy in social networks is dysfunctional in that there is significant variation in sites’ privacy controls, data collection requirements, and legal privacy policies, but this is not effectively conveyed to users. Our empirical findings motivate us to introduce the novel model of a privacy communication game, where the economically rational choice for a site operator is to make privacy control available to evade criticism from privacy fundamentalists, while hiding the privacy control interface and privacy policy to maximise sign-up numbers and encourage data sharing from the pragmatic majority of users.
@article{BP09, title={{The Privacy Jungle: On the Market for Privacy in Social Networks}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BP09-WEIS-privacy_jungle.pdf", journal="WEIS '09: Proceedings of the Eighth Workshop on the Economics of Information Security", author="Joseph Bonneau and S{\"{o}}ren Preibusch", month="June", location="London, UK", year="2009", } - Eight Friends Are Enough: Social Graph Approximation via Public Listings
(paper)
Joseph Bonneau, Jonathan Anderson, Frank Stajano and Ross Anderson. SNS '09: Proceedings of the 2nd ACM Workshop on Social Network Systems. Nuremberg, Germany, Mar 31 2009.
Abstract CitationThe popular social networking website Facebook exposes a “public view” of user profiles to search engines which includes eight of the user’s friendship links. We examine what interesting properties of the complete social graph can be inferred from this public view. In experiments on real social network data, we were able to accurately approximate the degree and centrality of nodes, compute small dominating sets, find short paths between users, and detect community structure. This work demonstrates that it is difficult to safely reveal limited information about a social network.
@article{BASA09, title={{Eight Friends Are Enough: Social Graph Approximation via Public Listings}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BASA09-SNS-eight_friends.pdf", journal="SNS '09: Proceedings of the 2nd ACM Workshop on Social Network Systems", author="Joseph Bonneau and Jonathan Anderson and Frank Stajano and Ross Anderson", month="March", location="Nuremberg, Germany", year="2009", }
Side Channel Cryptanalysis
- Robust Final-Round Cache-Trace Attacks Against AES
(paper)
Joseph Bonneau. Oct 29 2006.
Abstract CitationThis paper describes an algorithm to attack AES using side-channel information from the final round cache lookups performed by the encryption, specifically whether each access hits or misses in the cache, building off of previous work by Aciicmez and Koc. It is assumed that an attacker could gain such a trace through power consumption analysis or electromagnetic analysis. This information has already been shown to lead to an effective attack. This paper interprets cache trace data available as binary constraints on pairs of key bytes then reduces key search to a constraint-satisfaction problem. In this way, an attacker is guaranteed to perform as little search as is possible given a set of cache traces, leading to a natural tradeoff between online collection and offline processing. This paper also differs from previous work in assuming a partially pre-loaded cache, proving that cache trace attacks are still effective in this scenario with the number of samples required being inversely related to the percentage of cache which is pre-loaded.
@techreport{B06, title={{Robust Final-Round Cache-Trace Attacks Against AES}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/B06-eprint-aes_cache_trace.pdf", author="Joseph Bonneau", number="2006/374", month="October", year="2006", institution="Cryptology ePrint Archive", } - Cache Collision Timing Attacks Against AES
(paper)
Joseph Bonneau and Ilya Mironov. CHES '06: Proceedings of 2006 Workshop on Cryptographic Hardware and Embedded Systems. Boston, MA, USA, Oct 12 2006.
Abstract CitationThis paper describes several novel timing attacks against the common table-driven software implementation of the AES cipher. We define a general attack strategy using a simplified model of the cache to predict timing variation due to cache-collisions in the sequence of lookups performed by the encryption. The attacks presented should be applicable to most high-speed software AES implementations and computing platforms, we have implemented them against OpenSSL v. 0.9.8.(a) running on Pentium III, Pentium IV Xeon, and UltraSPARC III+ machines. The most powerful attack has been shown under optimal conditions to reliably recover a full 128-bit AES key with 2^13 timing samples, an improvement of almost four orders of magnitude over the best previously published attacks of this type [Ber05]. While the task of defending AES against all timing attacks is challenging, a small patch can significantly reduce the vulnerability to these specific attacks with no performance penalty.
@article{BM06, title={{Cache Collision Timing Attacks Against AES}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BM06-CHES-aes_cache_timing.pdf", journal="CHES '06: Proceedings of 2006 Workshop on Cryptographic Hardware and Embedded Systems", author="Joseph Bonneau and Ilya Mironov", month="October", location="Boston, MA, USA", year="2006", }
Miscellaneous
- Scrambling for lightweight censorship resistance
(paper)
Joseph Bonneau and Rubin Xu. Nineteenth International Workshop on Security Protocols. Cambridge, UK, Mar 28 2011.
Abstract CitationIn this paper we propose scrambling as a lightweight method of censorship resistance, in place of the traditional use of encryption. We consider a censor which can only block banned content by scanning it while in transit (for example using deep-packet inspection), instead of attacking the communication endpoints (for example using address filtering or taking servers offline). Our goal is to greatly increase the workload of the censor by scrambling all data during communication, while maintaining reasonable workloads for the endpoints of the communication network. In particular, our goal is to make it impossible for the censor to effectively accelerate the de-scrambling procedure over what may be achieved by commodity PCs or mobile phones at the endpoints, a goal which we term \emph{high-inertia} scrambling. We also aim to achieve this using the standard JavaScript runtime environment of modern browsers, requiring no distribution or installation of censorship-resistance software.
@article{BX11, title={{Scrambling for lightweight censorship resistance}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BX11-SPW-scrambling_censorship.pdf", journal="Nineteenth International Workshop on Security Protocols", author="Joseph Bonneau and Rubin Xu", month="March", location="Cambridge, UK", year="2011", } - Inglourious Installers: Security in the Application Marketplace
(paper)
Jonathan Anderson, Joseph Bonneau and Frank Stajano. WEIS '10: Proceedings of the Ninth Workshop on the Economics of Information Security. Boston, MA, USA, Jun 25 2010.
Abstract CitationFrom mobile phones to social networks, installing and running third-party applications can be risky. Installing applications often requires running unverified, untrustworthy code with the privilege of a system administrator, allowing it to compromise the security of user data and the operating system. Once installed, applications on most platforms can access anything that a user can: a web browser can read users’ e-mail and an e-mail client can access browsing history. Computer scientists have been developing systems for decades which follow the “principle of least authority,” yet few consumer computing platforms adopt their techniques. In this paper, we examine the application markets for ten computing platforms, including personal computers, mobile phones, social networks and web browsers. We identify economic causes for the wide variation in their installation and sandboxing techniques, and we propose measures to align the incentives of market actors such that providing better application security guarantees is in everyone’s interest.
@article{ABS10, title={{Inglourious Installers: Security in the Application Marketplace}}, url="http://www.cl.cam.ac.uk/~jra40/publications/2010-WEIS-application-markets.pdf", journal="WEIS '10: Proceedings of the Ninth Workshop on the Economics of Information Security", author="Jonathan Anderson and Joseph Bonneau and Frank Stajano", month="June", location="Boston, MA, USA", year="2010", } - Digital immolation: new directions in online protest
(paper)
Joseph Bonneau. Eighteenth International Workshop on Security Protocols. Cambridge, UK, Mar 25 2010.
Abstract CitationThe current literature and experience of online activism assumes two basic uses of the Internet for social movements: straightforward extensions of offline organising and fund-raising using online media to improve efficiency and reach, or “hacktivism” using technical knowledge to illegally deface or disrupt access to online resources. We propose a third model which is non-violent yet proves commitment to a cause by enabling a group of activists to temporarily or permanently sacrifice valuable online identities such as email accounts, social networking profiles, or gaming avatars. We describe a basic cryptographic framework for enabling such a protest, which provides an additional property of binding solidarity which is not normally possible offline.
@article{B10, title={{Digital immolation: new directions in online protest}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/B10-SPW-online_protest.pdf", journal="Eighteenth International Workshop on Security Protocols", author="Joseph Bonneau", month="March", location="Cambridge, UK", year="2010", } - Alice and Bob's life stories: Cryptographic communication using shared experiences
(paper)
Joseph Bonneau. Seventeeth International Workshop on Security Protocols. Cambridge, UK, Apr 02 2009.
Abstract CitationWe propose a protocol for confidential one-way communication between two parties who know each other well using only pre-existing knowledge from their shared life experience. This could enable, for example, lovers or close friends to communicate without prior key exchange. Our system uses a flexible secret-sharing mechanism to accommodate personal knowledge of variable guessing resistance and memorability with reasonable overhead in terms of computation and storage.
@article{B09, title={{Alice and Bob's life stories: Cryptographic communication using shared experiences}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/B09-SPW-experience_encryption.pdf", journal="Seventeeth International Workshop on Security Protocols", author="Joseph Bonneau", month="April", location="Cambridge, UK", year="2009", }
2012
- You can never have too many passwords: techniques for evaluating a huge corpus
(pre-proceedings draft, still under revision) (paper)
Joseph Bonneau. 2012 IEEE Symposium on Security and Privacy. San Francisco, CA, USA, May 21 2012.
Abstract Citationto be completed
@article{B12, title={{You can never have too many passwords: techniques for evaluating a huge corpus}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/B12-IEEESP-evaluating_a_huge_password_corpus.pdf", journal="2012 IEEE Symposium on Security and Privacy", author="Joseph Bonneau", month="May", location="San Francisco, CA, USA", year="2012", } - User Authentication on the Web: Framework and Evaluation of Password-replacement Schemes
(still under pre-proceedings revision)
Frank Stajano, Joseph Bonneau, Cormac Herley and Paul van Oorschot. 2012 IEEE Symposium on Security and Privacy. San Francisco, CA, USA, May 21 2012.
Abstract Citationto be completed
@article{SBHO12, title={{User Authentication on the Web: Framework and Evaluation of Password-replacement Schemes}}, journal="2012 IEEE Symposium on Security and Privacy", author="Frank Stajano and Joseph Bonneau and Cormac Herley and Paul van Oorschot", month="May", location="San Francisco, CA, USA", year="2012", } - Linguistic properties of multi-word passphrases
(paper)
Joseph Bonneau and Ekaterina Shutova. USEC '12: Workshop on Usable Security. Kralendijk, Bonaire, Netherlands, Mar 02 2012.
Abstract CitationWe examine patterns of human choice in a passphrase-based authentication system deployed by Amazon, a large online merchant. We tested the availability of a large corpus of over 100,000 possible phrases at Amazon's registration page, which prohibits using any phrase already registered by another user. A number of large, readily-available lists such as movie and book titles prove effective in guessing attacks, suggesting that passphrases are vulnerable to dictionary attacks like all schemes involving human choice. Extending our analysis with natural language phrases extracted from linguistic corpora, we find that phrase selection is far from random, with users strongly preferring simple noun bigrams which are common in natural language. The distribution of chosen passphrases is less skewed than the distribution of bigrams in English text, indicating that some users have attempted to choose phrases randomly. Still, the distribution of bigrams in natural language is not nearly random enough to resist offline guessing, nor are longer three- or four-word phrases for which we see rapidly diminishing returns.
@article{BS12, title={{Linguistic properties of multi-word passphrases}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BS12-USEC-passphrase_linguistics.pdf", journal="USEC '12: Workshop on Usable Security", author="Joseph Bonneau and Ekaterina Shutova", month="March", location="Kralendijk, Bonaire, Netherlands", year="2012", } - A birthday present every eleven wallets? The security of customer-chosen banking PINs
(paper under media embargo, please email the author if a copy is needed for research purposes)
Joseph Bonneau, Sören Preibusch and Ross Anderson. FC '12: Proceedings of the the Sixteenth International Conference on Financial Cryptography. Kralendijk, Bonaire, Netherlands, Mar 01 2012.
Abstract CitationWe provide the first published estimates of the difficulty of guessing a human-chosen 4-digit PIN. We begin with two large sets of 4-digit sequences chosen outside banking for online passwords and smartphone unlock-codes. We use a regression model to identify a small number of dominant factors influencing user choice. Using this model and a survey of over 1,100 banking customers, we estimate the distribution of banking PINs as well as the frequency of security-relevant behaviour such as sharing and reusing PINs. We find that guessing PINs based on the victims' birthday, which nearly all users carry documentation of, will enable a competent thief to gain use of an ATM card once for every 11-18 stolen wallets, depending on whether banks prohibit weak PINs such as 1234. The lesson for cardholders is to never use one's date of birth as a PIN. The lesson for card-issuing banks is to implement a denied PIN list, which several large banks still fail to do. However, blacklists cannot effectively mitigate guessing given a known birth date, suggesting banks should move away from customer-chosen banking PINs in the long term.
@article{BPA12, title={{A birthday present every eleven wallets? The security of customer-chosen banking PINs}}, journal="FC '12: Proceedings of the the Sixteenth International Conference on Financial Cryptography", author="Joseph Bonneau and S{\"{o}}ren Preibusch and Ross Anderson", month="March", location="Kralendijk, Bonaire, Netherlands", year="2012", }
2011
- The privacy landscape: product differentiation on data collection
(paper) (dataset)
Sören Preibusch and Joseph Bonneau. WEIS '11: Proceedings of the Tenth Workshop on the Economics of Information Security. Washington, DC, USA, Jun 14 2011.
Abstract CitationWhilst the majority of online consumers do not seem to take the privacy characteristics of goods and services into account with their consumption choices, a sizeable proportion consider differences in data collection and processing amongst alternative suppliers when deciding where to buy. Meeting their heterogeneous privacy preferences would require varied privacy regimes between different suppliers. Based on an empirical evaluation of 140 Web sites across five industries, we consider two questions: (1) can privacy-conscious consumers find a privacy-friendly seller/provider? (2) is this alternative associated with higher prices? We interpret the empirical evidence using the economic model of horizontal differentiation. As an overarching conclusion, differentiation on privacy is more prevalent in markets where consumption is priced—an observation that confirms the prediction from theory. Surprisingly, sellers that collect less data charge lower prices, with high significance. Implications for regulation and for further study are discussed.
@article{PB11, title={{The privacy landscape: product differentiation on data collection}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/PB11-WEIS-privacy_landscape.pdf", journal="WEIS '11: Proceedings of the Tenth Workshop on the Economics of Information Security", author="S{\"{o}}ren Preibusch and Joseph Bonneau", month="June", location="Washington, DC, USA", year="2011", } - Getting web authentication right: a best-case protocol for the remaining life of passwords
(paper)
Joseph Bonneau. Nineteenth International Workshop on Security Protocols. Cambridge, UK, Mar 28 2011.
Abstract CitationWe outline an end-to-end password authentication protocol for the web designed to be stateless and as secure as possible given legacy limitations of the web browser and performance constraints of commercial web servers. Our scheme is secure against very strong but passive attackers able to observe both network traffic and the server's database state. At the same time, our scheme is simple for web servers to implement and requires no changes to modern, HTML5-compliant browsers. We assume TLS is available for initial login and no other public-key cryptographic operations, but successfully defend against cookie-stealing and cookie-forging attackers and provide strong resistance to password guessing attacks.
@article{B11, title={{Getting web authentication right: a best-case protocol for the remaining life of passwords}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/B11-SPW-web_auth_right.pdf", journal="Nineteenth International Workshop on Security Protocols", author="Joseph Bonneau", month="March", location="Cambridge, UK", year="2011", } - Scrambling for lightweight censorship resistance
(paper)
Joseph Bonneau and Rubin Xu. Nineteenth International Workshop on Security Protocols. Cambridge, UK, Mar 28 2011.
Abstract CitationIn this paper we propose scrambling as a lightweight method of censorship resistance, in place of the traditional use of encryption. We consider a censor which can only block banned content by scanning it while in transit (for example using deep-packet inspection), instead of attacking the communication endpoints (for example using address filtering or taking servers offline). Our goal is to greatly increase the workload of the censor by scrambling all data during communication, while maintaining reasonable workloads for the endpoints of the communication network. In particular, our goal is to make it impossible for the censor to effectively accelerate the de-scrambling procedure over what may be achieved by commodity PCs or mobile phones at the endpoints, a goal which we term \emph{high-inertia} scrambling. We also aim to achieve this using the standard JavaScript runtime environment of modern browsers, requiring no distribution or installation of censorship-resistance software.
@article{BX11, title={{Scrambling for lightweight censorship resistance}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BX11-SPW-scrambling_censorship.pdf", journal="Nineteenth International Workshop on Security Protocols", author="Joseph Bonneau and Rubin Xu", month="March", location="Cambridge, UK", year="2011", }
2010
- The Password Game: negative externalities from weak password practices
(paper)
Sören Preibusch and Joseph Bonneau. GameSec 2010: Conference on Decision and Game Theory for Security. Berlin, Germany, Nov 23 2010.
Abstract CitationThe combination of username and password is widely used as a human authentication mechanism on the Web. Despite this universal adoption and despite their long tradition, password schemes exhibit a high number of security flaws which jeopardise the confidentiality and integrity of personal information. As Web users tend to reuse the same password for several sites, security negligence at any one site introduces a negative externality into the entire password ecosystem. We analyse this market inefficiency as the equilibrium between password deployment strategies at security-concerned Web sites and indifferent Web sites. The game-theoretic prediction is challenged by an empirical analysis. By a manual inspection of 150 public Web sites that offer free yet password-protected sign-up, complemented by an automated sampling of 2184 Web sites, we demonstrate that observed password practices follow the theory: Web sites that have little incentive to invest in security are indeed found to have weaker password schemes, thereby facilitating the compromise of other sites. We use the theoretical model to explore which technical and regulatory approaches could eliminate the empirically detected inefficiency in the market for password protection.
@article{PB10, title={{The Password Game: negative externalities from weak password practices}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/PB09-GS-password_game.pdf", journal="GameSec 2010: Conference on Decision and Game Theory for Security", author="S{\"{o}}ren Preibusch and Joseph Bonneau", month="November", location="Berlin, Germany", year="2010", } - The password thicket: technical and market failures in human authentication on the web
(paper) (dataset)
Joseph Bonneau and Sören Preibusch. WEIS '10: Proceedings of the Ninth Workshop on the Economics of Information Security. Boston, MA, USA, Jun 25 2010.
Abstract CitationWe report the results of the first large-scale empirical analysis of password implementations deployed on the Internet. Our study included 150 websites which offer free user accounts for a variety of purposes, including the most popular destinations on the web and a random sample of e-commerce, news, and communication websites. Although all sites evaluated relied on user-chosen textual passwords for authentication, we found many subtle but important technical variations in implementation with important security implications. Many poor practices were commonplace, such as a lack of encryption to protect transmitted passwords, storage of cleartext passwords in server databases, and little protection of passwords from brute force attacks. While a spectrum of implementation quality exists with a general correlation between implementation choices within more-secure and less-secure websites, we find a surprising number of inconsistent choices within individual sites, suggesting that the lack of a standards is harming security. We observe numerous ways in which the technical failures of lower-security sites can compromise higher-security sites due to the well-established tendency of users to re-use passwords. Our data confirms that the worst security practices are indeed found at sites with few security incentives, such as newspaper websites, while sites storing more sensitive information such as payment details or user communication implement more password security. From an economic viewpoint, password insecurity is a negative externality that the market has been unable to correct, undermining the viability of password-based authentication. We also speculate that some sites deploying passwords do so primarily for psychological reasons, both as a justification for collecting marketing data and as a way to build trusted relationships with customers. This theory suggests that efforts to replace passwords with more-secure protocols or federated identity systems may fail because they don't recreate the entrenched ritual of password authentication.
@article{BP10, title={{The password thicket: technical and market failures in human authentication on the web}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BP10-WEIS-password_thicket.pdf", journal="WEIS '10: Proceedings of the Ninth Workshop on the Economics of Information Security", author="Joseph Bonneau and S{\"{o}}ren Preibusch", month="June", location="Boston, MA, USA", year="2010", } - Inglourious Installers: Security in the Application Marketplace
(paper)
Jonathan Anderson, Joseph Bonneau and Frank Stajano. WEIS '10: Proceedings of the Ninth Workshop on the Economics of Information Security. Boston, MA, USA, Jun 25 2010.
Abstract CitationFrom mobile phones to social networks, installing and running third-party applications can be risky. Installing applications often requires running unverified, untrustworthy code with the privilege of a system administrator, allowing it to compromise the security of user data and the operating system. Once installed, applications on most platforms can access anything that a user can: a web browser can read users’ e-mail and an e-mail client can access browsing history. Computer scientists have been developing systems for decades which follow the “principle of least authority,” yet few consumer computing platforms adopt their techniques. In this paper, we examine the application markets for ten computing platforms, including personal computers, mobile phones, social networks and web browsers. We identify economic causes for the wide variation in their installation and sandboxing techniques, and we propose measures to align the incentives of market actors such that providing better application security guarantees is in everyone’s interest.
@article{ABS10, title={{Inglourious Installers: Security in the Application Marketplace}}, url="http://www.cl.cam.ac.uk/~jra40/publications/2010-WEIS-application-markets.pdf", journal="WEIS '10: Proceedings of the Ninth Workshop on the Economics of Information Security", author="Jonathan Anderson and Joseph Bonneau and Frank Stajano", month="June", location="Boston, MA, USA", year="2010", } - Don't Tread on Me: Moderating Access to OSN Data with SpikeStrip
(paper)
Christo Wilson, Alessandra Sala, Joseph Bonneau, Robert Zablit and Ben Zhao. WOSN 2010: The Third Workshop on Online Social Networks. Boston, Massachussets, Jun 22 2010.
Abstract CitationOnline social networks rely on their valuable data stores to attract users and produce income. Their survival depends on the ability to protect users’ profiles and disseminate it to other users through controlled channels. Given the sparse user adoption of privacy policies, however, there is increasing incentive and opportunity for malicious parties to extract these datasets for profit using automated “crawlers” and “screen-scrapers.” With the arrival of distributed botnets and low-cost hosted VMs, attackers can perform fast, distributed crawls that evade traditional detectors and rate limiters. We propose SpikeStrip, a server add-on that uses light-weight link encryption to isolate and rate limit crawlers. We experiment with real OSN data, and show that SpikeStrip successfully curtails sophisticated, distributed crawlers while imposing minimal server throughput overhead and inconvenience to end-users.
@article{WSBZZ09, title={{Don't Tread on Me: Moderating Access to OSN Data with SpikeStrip }}, url="http://www.cs.ucsb.edu/~ravenben/publications/pdf/spikestrip-wosn10.pdf", journal="WOSN 2010: The Third Workshop on Online Social Networks", author="Christo Wilson and Alessandra Sala and Joseph Bonneau and Robert Zablit and Ben Zhao", month="June", location="Boston, Massachussets", year="2010", } - Digital immolation: new directions in online protest
(paper)
Joseph Bonneau. Eighteenth International Workshop on Security Protocols. Cambridge, UK, Mar 25 2010.
Abstract CitationThe current literature and experience of online activism assumes two basic uses of the Internet for social movements: straightforward extensions of offline organising and fund-raising using online media to improve efficiency and reach, or “hacktivism” using technical knowledge to illegally deface or disrupt access to online resources. We propose a third model which is non-violent yet proves commitment to a cause by enabling a group of activists to temporarily or permanently sacrifice valuable online identities such as email accounts, social networking profiles, or gaming avatars. We describe a basic cryptographic framework for enabling such a protest, which provides an additional property of binding solidarity which is not normally possible offline.
@article{B10, title={{Digital immolation: new directions in online protest}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/B10-SPW-online_protest.pdf", journal="Eighteenth International Workshop on Security Protocols", author="Joseph Bonneau", month="March", location="Cambridge, UK", year="2010", } - What's in a Name? Evaluating Statistical Attacks on Personal Knowledge Questions
(paper) (dataset)
Joseph Bonneau, Mike Just and Greg Matthews. FC '10: Proceedings of the the Fourteenth International Conference on Financial Cryptography. Tenerife, Spain, Jan 25 2010.
Abstract CitationWe study the efficiency of statistical attacks on human authentication systems relying on personal knowledge questions. We adapt techniques from guessing theory to measure security against a trawling attacker attempting to compromise a large number of strangers' accounts. We then examine a diverse corpus of real-world statistical distributions for likely answer categories such as the names of people, pets, and places and find that personal knowledge questions are significantly less secure than graphical or textual passwords. We also demonstrate that statistics can be used to increase security by proactively shaping the answer distribution to lower the prevalence of common responses.
@article{BJM10, title={{What's in a Name? Evaluating Statistical Attacks on Personal Knowledge Questions}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BJM10-FC-name_guessing_statistics.pdf", journal="FC '10: Proceedings of the the Fourteenth International Conference on Financial Cryptography", author="Joseph Bonneau and Mike Just and Greg Matthews", month="January", location="Tenerife, Spain", year="2010", }
2009
- Privacy-Enhanced Public View for Social Graphs
(paper)
Hyoungshick Kim and Joseph Bonneau. SWSM '09: The 2nd Workshop on Social Web Search and Mining. Hong Kong, China, Nov 02 2009.
Abstract CitationWe consider the problem of releasing a limited public view of a sensitive graph which reveals at least k edges per node. We are motivated by Facebook’s public search listings, which ex- pose user profiles to search engines along with a fixed number of each user’s friends. If this public view is produced by uniform random sampling, an adversary can accurately approximate many sensitive features of the original graph, including the degree of individual nodes. We propose several schemes to produce public views which hide degree informa- tion. We demonstrate the practicality of our schemes using real data and show that it is possible to mitigate inference of degree while still providing useful public views.
@article{KB09, title={{Privacy-Enhanced Public View for Social Graphs}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/KB09-SWSM-privacy_public_view.pdf", journal="SWSM '09: The 2nd Workshop on Social Web Search and Mining", author="Hyoungshick Kim and Joseph Bonneau", month="November", location="Hong Kong, China", year="2009", } - Privacy Preserving Social Networking Over Untrusted Networks
(paper)
Jonathan Anderson, Claudia Diaz, Joseph Bonneau and Frank Stajano. WOSN 2009: The Second ACM SIGCOMM Workshop on Online Social Networks. Barcelona, Spain, Aug 17 2009.
Abstract CitationCurrent social networks require users to place absolute faith in their operators, and the inability of operators to protect users from malicious agents has led to sensitive private in formation being made public. We propose an architecture for social networking that protects users’ social information from both the operator and other network users. This archi tecture builds a social network out of smart clients and an untrusted central server in a way that removes the need for faith in network operators and gives users control of their privacy.
@article{ADBS09, title={{Privacy Preserving Social Networking Over Untrusted Networks}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/ADBS09-WOSN-privacy_enabling_sns.pdf", journal="WOSN 2009: The Second ACM SIGCOMM Workshop on Online Social Networks", author="Jonathan Anderson and Claudia Diaz and Joseph Bonneau and Frank Stajano", month="August", location="Barcelona, Spain", year="2009", } - Prying Data out of a Social Network
(paper)
Joseph Bonneau, Jonathan Anderson and George Danezis. ASONAM 09: The First International Conference on Advances in Social Networks Analysis and Mining. Athens, Greece, Jul 20 2009.
Abstract CitationPreventing adversaries from compiling significant amounts of user data is a major challenge for social network operators. We examine the difficulty of collecting profile and graph information from the popular social networking website Facebook and report two major findings. First, we describe several novel ways in which data can be extracted by third parties. Second, we demonstrate the efficiency of these methods on crawled data. Our findings highlight how the current pro tection of personal data is inconsistent with users’ expectations of privacy.
@article{BAD09, title={{Prying Data out of a Social Network}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BAS09-ASONAM-prying_sns_data.pdf", journal="ASONAM 09: The First International Conference on Advances in Social Networks Analysis and Mining", author="Joseph Bonneau and Jonathan Anderson and George Danezis", month="July", location="Athens, Greece", year="2009", } - Privacy Stories: Confidence in Privacy Behaviors through End User Programming (poster)
(poster) (abstract)
Luke Church, Jonathan Anderson, Joseph Bonneau and Frank Stajano. SOUPS 2009: The Fifth Symposium On Usable Privacy and Security. Mountain View, CA, USA, Jul 15 2009.
Abstract CitationIn [2] we argued that, in the search to give users meaningful control over their information, we should consider End User Programming techniques as a possible replacement for either opaque, expert determined choices or the endless proliferation of options that arises from a simplistic application of direct manipulation principles. We describe a work in progress to study the viability of this approach for improving the usability of social network privacy configuration. As suggested in [2] we make use of analytical usability techniques to discuss the usability challenges of the current Facebook interface and to inform the design of our proposed alternative. We then report on a very small (two user) pilot study and look at challenges that we will address in future design iterations.
@article{CABS09, title={{Privacy Stories: Confidence in Privacy Behaviors through End User Programming (poster)}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/CABS09-SOUPS-poster-privacy_stories.pdf", journal="SOUPS 2009: The Fifth Symposium On Usable Privacy and Security", author="Luke Church and Jonathan Anderson and Joseph Bonneau and Frank Stajano", month="July", location="Mountain View, CA, USA", year="2009", } - Privacy Suites: Shared Privacy for Social Networks (poster)
(poster) (abstract)
Joseph Bonneau, Jonathan Anderson and Luke Church. SOUPS 2009: The Fifth Symposium On Usable Privacy and Security. Mountain View, CA, USA, Jul 15 2009.
Abstract CitationCreating privacy controls for social networks that are both expressive and usable is a major challenge. Lack of user understanding of privacy settings can lead to unwanted disclosure of private information and, in some cases, to material harm. We propose a new paradigm which allows users to easily choose “suites” of privacy settings which have been specified by friends or trusted experts, only modifying them if they wish. Given that most users currently stick with their default, operator-chosen settings, such a system could dramatically increase the privacy protection that most users experience with minimal time investment.
@article{BAC09d, title={{Privacy Suites: Shared Privacy for Social Networks (poster)}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/ADBS09-WOSN-privacy_enabling_sns.pdf", journal="SOUPS 2009: The Fifth Symposium On Usable Privacy and Security", author="Joseph Bonneau and Jonathan Anderson and Luke Church", month="July", location="Mountain View, CA, USA", year="2009", } - Security APIs for Online Applications
(paper)
Jonathan Anderson, Joseph Bonneau and Frank Stajano. Third International Workshop on Analysis of Security APIs. Port Jefferson, NY, USA, Jul 10 2009.
Abstract CitationOnline social networks, in their current form, require users to place a vast amount of trust in the operators of both the core network and the third-party applications they use. Since both of these actors have shown themselves to be untrustworthy in the past [1], [2], [3], [4], [5], we have proposed a model for social networks in which client software runs on the user’s computer, encrypted blocks are stored on a “dumb” server and third-party applications are sandboxed to avoid the leakage of personal information [6]. In this scheme, the interface between applications and the core client software resembles a system call API in which a kernel offers applications the means to perform privileged operations. We have begun exploring this API to determine its functional requirements and desired security properties, but we welcome comments from and engagement with the security API community in order to provide the users of social networks with meaningful promises of personal privacy.
@article{ABS09, title={{Security APIs for Online Applications}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/ABS09-ASA-security_apis_online_apps.pdf", journal="Third International Workshop on Analysis of Security APIs", author="Jonathan Anderson and Joseph Bonneau and Frank Stajano", month="July", location="Port Jefferson, NY, USA", year="2009", } - The Privacy Jungle: On the Market for Privacy in Social Networks
(paper) (abridged paper) (dataset)
Joseph Bonneau and Sören Preibusch. WEIS '09: Proceedings of the Eighth Workshop on the Economics of Information Security. London, UK, Jun 25 2009.
Abstract CitationWe have conducted the first thorough analysis of the market for privacy practices and policies in online social networks. From an evaluation of 45 social networking sites using 260 criteria we find that many popular assumptions regarding privacy and social networking need to be revisited when considering the entire ecosystem instead of only a handful of well-known sites. Contrary to the common perception of an oligopolistic market, we find evidence of vigorous competition for new users. Despite observing many poor security practices, there is evidence that social network providers are making efforts to implement privacy enhancing technologies with substantial diversity in the amount of privacy control offered. However, privacy is rarely used as a selling point, even then only as auxiliary, non-decisive feature. Sites also failed to promote their existing privacy controls within the site. We similarly found great diversity in the length and content of formal privacy policies, but found an opposite promotional trend: though almost all policies are not accessible to ordinary users due to obfuscating legal jargon, they conspicuously vaunt the sites’ privacy practices. We conclude that the market for privacy in social networks is dysfunctional in that there is significant variation in sites’ privacy controls, data collection requirements, and legal privacy policies, but this is not effectively conveyed to users. Our empirical findings motivate us to introduce the novel model of a privacy communication game, where the economically rational choice for a site operator is to make privacy control available to evade criticism from privacy fundamentalists, while hiding the privacy control interface and privacy policy to maximise sign-up numbers and encourage data sharing from the pragmatic majority of users.
@article{BP09, title={{The Privacy Jungle: On the Market for Privacy in Social Networks}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BP09-WEIS-privacy_jungle.pdf", journal="WEIS '09: Proceedings of the Eighth Workshop on the Economics of Information Security", author="Joseph Bonneau and S{\"{o}}ren Preibusch", month="June", location="London, UK", year="2009", } - Alice and Bob's life stories: Cryptographic communication using shared experiences
(paper)
Joseph Bonneau. Seventeeth International Workshop on Security Protocols. Cambridge, UK, Apr 02 2009.
Abstract CitationWe propose a protocol for confidential one-way communication between two parties who know each other well using only pre-existing knowledge from their shared life experience. This could enable, for example, lovers or close friends to communicate without prior key exchange. Our system uses a flexible secret-sharing mechanism to accommodate personal knowledge of variable guessing resistance and memorability with reasonable overhead in terms of computation and storage.
@article{B09, title={{Alice and Bob's life stories: Cryptographic communication using shared experiences}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/B09-SPW-experience_encryption.pdf", journal="Seventeeth International Workshop on Security Protocols", author="Joseph Bonneau", month="April", location="Cambridge, UK", year="2009", } - Eight Friends Are Enough: Social Graph Approximation via Public Listings
(paper)
Joseph Bonneau, Jonathan Anderson, Frank Stajano and Ross Anderson. SNS '09: Proceedings of the 2nd ACM Workshop on Social Network Systems. Nuremberg, Germany, Mar 31 2009.
Abstract CitationThe popular social networking website Facebook exposes a “public view” of user profiles to search engines which includes eight of the user’s friendship links. We examine what interesting properties of the complete social graph can be inferred from this public view. In experiments on real social network data, we were able to accurately approximate the degree and centrality of nodes, compute small dominating sets, find short paths between users, and detect community structure. This work demonstrates that it is difficult to safely reveal limited information about a social network.
@article{BASA09, title={{Eight Friends Are Enough: Social Graph Approximation via Public Listings}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BASA09-SNS-eight_friends.pdf", journal="SNS '09: Proceedings of the 2nd ACM Workshop on Social Network Systems", author="Joseph Bonneau and Jonathan Anderson and Frank Stajano and Ross Anderson", month="March", location="Nuremberg, Germany", year="2009", }
2006
- Robust Final-Round Cache-Trace Attacks Against AES
(paper)
Joseph Bonneau. Oct 29 2006.
Abstract CitationThis paper describes an algorithm to attack AES using side-channel information from the final round cache lookups performed by the encryption, specifically whether each access hits or misses in the cache, building off of previous work by Aciicmez and Koc. It is assumed that an attacker could gain such a trace through power consumption analysis or electromagnetic analysis. This information has already been shown to lead to an effective attack. This paper interprets cache trace data available as binary constraints on pairs of key bytes then reduces key search to a constraint-satisfaction problem. In this way, an attacker is guaranteed to perform as little search as is possible given a set of cache traces, leading to a natural tradeoff between online collection and offline processing. This paper also differs from previous work in assuming a partially pre-loaded cache, proving that cache trace attacks are still effective in this scenario with the number of samples required being inversely related to the percentage of cache which is pre-loaded.
@techreport{B06, title={{Robust Final-Round Cache-Trace Attacks Against AES}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/B06-eprint-aes_cache_trace.pdf", author="Joseph Bonneau", number="2006/374", month="October", year="2006", institution="Cryptology ePrint Archive", } - Cache Collision Timing Attacks Against AES
(paper)
Joseph Bonneau and Ilya Mironov. CHES '06: Proceedings of 2006 Workshop on Cryptographic Hardware and Embedded Systems. Boston, MA, USA, Oct 12 2006.
Abstract CitationThis paper describes several novel timing attacks against the common table-driven software implementation of the AES cipher. We define a general attack strategy using a simplified model of the cache to predict timing variation due to cache-collisions in the sequence of lookups performed by the encryption. The attacks presented should be applicable to most high-speed software AES implementations and computing platforms, we have implemented them against OpenSSL v. 0.9.8.(a) running on Pentium III, Pentium IV Xeon, and UltraSPARC III+ machines. The most powerful attack has been shown under optimal conditions to reliably recover a full 128-bit AES key with 2^13 timing samples, an improvement of almost four orders of magnitude over the best previously published attacks of this type [Ber05]. While the task of defending AES against all timing attacks is challenging, a small patch can significantly reduce the vulnerability to these specific attacks with no performance penalty.
@article{BM06, title={{Cache Collision Timing Attacks Against AES}}, url="http://www.cl.cam.ac.uk/~jcb82/doc/BM06-CHES-aes_cache_timing.pdf", journal="CHES '06: Proceedings of 2006 Workshop on Cryptographic Hardware and Embedded Systems", author="Joseph Bonneau and Ilya Mironov", month="October", location="Boston, MA, USA", year="2006", }