We've just concluded the first "working" day of ACNS 2012 (this year in its 10th installment and taking place in Singapore). There have been quite a few interesting talks regarding practical security applications.
Hao and Clarke have analyzed a multi-factor authenticated key exchange protocol (using passwords, tokens, and biometric data) and have shown it to be insecure once only one of the authentication factors (in this case the password) is learned by an attacker. As similar multi-factor authentication protocols have been shown to be insecure in the past, it seems that the design of such protocols is trickier as one would expect.
Another work by Nguyen et al. analyzed the security of an animated CAPTCHA scheme and showed with successful attacks that the introduction of animation does not improve the security of such systems.
Apart from giving the first keynote talk on 10 years of ACNS (and an outlook to the next 10 years), Moti Yung (currently Research Scientist with Google) presented joint work with Ben-David et al. on extending current one-time password (OTP) systems to counter more powerful man-in-the-middle (MITM) attacks (current OTP systems are susceptible to active MITM attacks). Their proposed extended OTP (XOTP) systems takes some additional contextual information about the communication channel into account, which must be recognized by the communicating parties and which must differ for each communication session. They also propose to use smartphones as OTP generators (and use their wireless communication capabilities as a means to convey the OTP) in order to relieve users from carrying around a number of custom-build OTP generators from a number of different companies.
Zhang et al. propose to merge public-key encryption and identity-based encryption to add a feature of key escrow (which would usually conflict with non-repudiation). Their basic idea is to employ the user's PKI certificate as an identity in IBE to generate a second (escrowed) key pair. All traditional PKI mechanisms (like certificate validation and revocation) can still be applied as usual and the new system (called RIKE for Revocable Identities to Support Key Escrow) can be used with little changes from a traditional PKI.
Mueller et al. presented the implementation of platform independent full disk-encryption (called TreVisor) which utilizes many features of advanced 64-bit CPUs (like VT-x/VT-d and AES-NI) and which is resistant to both DMA-attacks and cold-boot attacks.
No comments:
Post a Comment