The TClouds Platform - Concept, architecture and instantiations
to appear in: Proceedings of DISCCO ’13, Braga, Portugal, 2013. Bessani, A.; Cutillo, L. A.; Ramunno, G.; Schirmer, N. and Smiraglia, P.
TClouds is a EU project targeted at improving the security and the high-availability of the cloud infrastructures and services, especially for supporting critical applications. This paper presents the TClouds platform, the main outcome of the project, in an integrated way.
The TClouds platform: concept, architecture and instantiations
Application of Wireless Sensor Networks in Critical Infrastructure Protection - Challenges and Design Options
to appear in the Special Issue on Security and Privacy in Emerging Wireless Networks of the IEEE Wireless Communications Magazine, 2010 Levente Buttyán, Dennis Gessner, Alban Hessler, Peter Langendörfer
The protection of Critical Infrastructures (CI) provides an interesting application area for Wireless Sensor Networks (WSN). Threats such as natural catastrophes, criminal or terrorist attacks against CIs are increasingly reported. The large scale nature of CIs requires a scalable and low cost technology for improving CI monitoring and surveillance. WSNs are a promising candidate to fulfil these requirements, but if the WSN becomes part of the CI in order to improve its reliability, then the dependability of the WSN itself needs to be significantly improved first.In this paper, we discuss the challenges and potential solutions to achieve dependability of WSNs taking into account accidental failures as well as intentional attacks. We inspect the whole system starting from individual sensor nodes via the protocol stack to the middleware layer above.
µTSS - A Simplified Trusted Software Stack (Extended Version)
Proceedings of the 3rd International Conference on Trust and Trustworthy Computing (TRUST'10), LNCS 6101, pp. 124-140, 2010 Christian Stüble and Anoosheh Zaerin
The TCG Software Stack (TSS) specifies the software layer for application developers to use functions provided by a Trusted Platform Module (TPM). However, the current TSS interface is highly complex, which makes its usage very difficult and error-prone, and the high complexity makes it unsuitable for embedded devices or security kernels. We present a simplified TSS design and implementation (TSS) providing a lightweight and intuitive programming interface for developers based on the TPM main specification. The major principles of the TSS design are a reduced complexity, obtaining type safety, object encapsulation, and a simple error handling. These principles ensure that the resulting TSS ismaintainable and easy to use. Moreover, the modular architecture of the TSS allows using only a subset of the provided functionality as it is required, e.g., for embedded systems, mobile devices, or in the context of a security kernel. This paper discusses experiences with the TSS, based on several projects such as the TCG TPM compliance test suite and a Mobile Trusted Module (MTM) implementation.
Towards Automated Security Policy Enforcement in Multi-Tenant Virtual Data Centers
Journal of Computer Security, IOS Press, Vlo. 18, Number 1, pp. 89-121, 2010
Serdar Cabuk, Chris I. Dalton, Konrad Eriksson, Dirk Kuhlmann, Hari Govind V. Ramasamy, Gianluca Ramunno, Ahmad-Reza Sadeghi, Matthias Schunter and Christian Stüble
Virtual data centers allow the hosting of virtualized infrastructures (networks, storage, machines) that belong to several customers on the same physical infrastructure. Virtualization theoretically provides the capability for sharing the infrastructure among different customers. In reality, however, this is rarely (ifever) done because of security concerns. A major challenge in allaying such concerns is the enforcement of appropriate customer isolation as specified by high-level security policies. At the core of this challenge is the correct configuration of all shared resources on multiple machines to achieve this overall security objective. To address this challenge, this paper presents a security architecture for virtual data centers based on virtualization and Trusted Computing technologies. Our architecture aims at automating the instantiation of a virtual infrastructure while automatically deploying the corresponding security mechanisms. This deployment is driven by a global isolation policy, and thus guarantees overall customer isolation acrossall resources. We have implemented a prototype of the architecture based on the Xen hypervisor.
A Practical Property-based Bootstrap Architecture
Workshop on Scalable Trusted Computing (STC), Chicago, IL, November 2009
René Korthaus, Ahmad-Reza Sadeghi, Christian Stüble and Jing Zhan
Binary attestation, as proposed by the Trusted Computing Group (TCG), is a pragmatic approach for software integrity protection and verification. However, it has also various short comings that cause problems for practical deploymentsuch as scalability, manageability and privacy: On the onehand, data bound to binary values remain inaccessible after a software update and the verifier of an attestation result has to manage a huge number of binary versions. On the other hand, the binary values reveal information on platform configuration that may be exploited maliciously. In this paper we focus on property-based bootstrap architectures with an enhanced boot loader. Our proposal improves the previous work in a way that allows a practical and efficient integration into existing IT infrastructures. We propose a solution of the version rollback problem that,in contrast to the existing approaches, is secure even if the TPM owner of the attested platform is untrusted without requiring an interaction with a trusted third party. Finally, we show how our architecture can be applied to secure boot mechanisms of Mobile Trusted Modules (MTM)to realize a ”Property-Based Secure Boot”. This is especially important for human users, since with secure boot, users can rely on the fact that a loaded system also is in a trustworthy state.
Twister - A Framework for Secure and Fast Hash Functions
Information Security Practise and Experience Conference (ISPEC), Xi'an (China), 2009.
Ewan Fleischmann, Christian Forler and Michael Gorski and Stefan Lucks
In this paper we present Twister , a new framework for hash functions.Twister incorporates the ideas of wide pipe and sponge functions. The core of this framework is a --- very easy to analyze ---Mini-Round providing both extremely fast diffusion as well as collision-freeness for one Mini-Round . The total security level is claimed to be not below 2 n /2 for collision attacks and 2 n for 2nd pre-image attacks. Twister instantiations are secure against all known generic attacks. We also propose three instances Twister -n for hash output sizes n = 224,256,384,512. These instantiations are highly optimized for 64-bit architectures and run very fast in hardware and software, e.g Twister -256 is faster than SHA2-256 on 64-bit platforms and Twister -512 is faster than SHA2-512 on 32-bit platforms. Furthermore,Twister scales very well on low-end platforms.
Parallel filtering of large sparse matrices for index calculus
Conference on Hyperelliptic curves, discrete Logarithms, Encryption, (CHiLE), 2009
Roberto Avanzi, Nicolas Thériault and Anoosheh Zaerin
We describe a filtering technique improving the performance of index-calculus algorithms for hyperelliptic curves. Filtering is a stage taking place between the relation search and the linear algebra. Its purpose is to eliminate redundant or duplicate relations,as well as reducing the size of the matrix, thus decreasing the time required for the linear algebra step. This technique, which we call harvesting, is in fact a new strategy that subtly alters the whole index calculus algorithm. In particular, it changes the relation search to find manytimes more relations than variables, after which a selection process is applied to the set of the relations – the harvesting process. The aim of this new process is to extract a (slightly) over determined submatrix which is as small as possible. Furthermore, the size of the factor base also has to be read justed, in order to keep the (extended) relation search faster than it would have been in an index calculus algorithm without harvesting. The size of the factor base must also be chosen to guarantee that the final matrix will be indeed smaller than it would be in an optimised index calculus without harvesting, thus also speeding up the linear algebra step. The version of harvesting presented here is an improvement over an earlier version by the same authors. By means of a new selection algorithm, time-complexity can be reduced from quadratic to linear (in the size of the input), thus making its running time effectively negligible with respect to the rest of the index calculus algorithm. At the same time we make the process of harvesting more effective – in the sense that the final matrix should (on average) be smaller than with the earlier approach. We present an analysis of the impact of harvesting (for instance, we show that its usage can improve index calculus performance by more than 30% in some cases), we show that the impact on matrix size is essentially independent on the genus of the curve considered, and provide an heuristic argument in support of the effectiveness of harvesting as one parameter (which defines how far the relation search is pushed) increases.
Flexible and Secure Enterprise Rights Management based on Trusted Virtual Domains
Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing (STC 2008), ACM, Oxford (England), 2008
Yacine Gasmi, Rani Husseiki, Ahmad-Reza Sadeghi, Patrick Stewin, Christian Stüble, Martin Unger, Marcel Winandy
The requirements for secure document workows in enterprises become increasingly sophisticated, with employees performing different tasks under different roles using the same proprietary platform. Particularly, ne-grained access control to document information is necessary in certain scenarios where the integrity and condentiality of parts of documents is of high priority.In this paper, we present a secure and exible Enterprise Rights Management (ERM) system based on a version of the Trusted Virtual Domains (TVDs) security model that allows to establish isolated execution environments spanning over virtual entities across separate physical resources. Our security concept achieves a two-layered policy enforcement on documents: a TVD Policy ensuring isolation of the workow from other tasks on the user platforms,and a role-based document- policy ensuring both con dentiality and integrity of document parts. Moreover, in contrast to existing solutions, our architecture o ers advanced features for secure document workows such as o ine access to documents and transparent encryption of documents exchanged via USB, external storage or VPN communication between peer platforms. We also shed the light on keymanagement, document structure and document policy enforcement mechanisms to support the ERM infrastructure. Finally, we prove our concept based on an implementation.
Property-Based TPM Virtualization
Information Security Conferene (ISC' 08), Taipei (Taiwan) 2008
Ahmad-Reza Sadeghi and Christian Stüble and Marcel Winandy
Today, virtualization technologies and hypervisors celebrate their rediscovery. Especially migration of virtual machines (VMs) between hardware platforms provides a useful and cost-e ective means to manage complex IT infrastructures. A challenge in this context is the virtualization of hardware security modules like the Trusted Platform Module (TPM) since the intended purpose of TPMs is to securely link software and the underlying hardware. Existing solutions for TPM virtualization ,however, have various shortcomings that hinder the deployment to a wide range of useful scenarios. In this paper, we address these short comings by presenting a flexible and privacy-preserving design of avirtual TPM that in contrast to existing solutions supports different approaches for measuring the platform's state and for key generation, anduses property-based attestation mechanisms to support software updates and VM migration. Our solution improves the maintainability and applicability of hypervisors supporting hardware security modules like TPM.
Breaking the Shin-Shin-Rhee - Remotely Keyed Encryption Schemes
Information Processing Letters 105(6):236-240, 2008
Remotely keyed encryption (RKE) schemes provide fast symmetric encryption and decryption using a small-bandwidth security module and a powerful host. Such schemes keep the key inside the security module to prevent key compromise. Shin, Shin, and Rhee proposed a length-preserving as well as a length-increasing RKE scheme that both use only a single round of interaction between host and security module. With the length-preserving scheme they claim to answer an open problem of Blaze, Feigenbaum and Naor. However, in the present paper we show that both their schemes are completely insecure. Further, we present heuristic arguments on why a one-round length-preserving RKE scheme might be impossible.