Entries Tagged "academic papers"

Page 64 of 86

Identifying Speakers in Encrypted Voice Communication

I’ve already written how it is possible to detect words and phrases in encrypted VoIP calls. Turns out it’s possible to detect speakers as well:

Abstract: Most of the voice over IP (VoIP) traffic is encrypted prior to its transmission over the Internet. This makes the identity tracing of perpetrators during forensic investigations a challenging task since conventional speaker recognition techniques are limited to unencrypted speech communications. In this paper, we propose techniques for speaker identification and verification from encrypted VoIP conversations. Our experimental results show that the proposed techniques can correctly identify the actual speaker for 70-75% of the time among a group of 10 potential suspects. We also achieve more than 10 fold improvement over random guessing in identifying a perpetrator in a group of 20 potential suspects. An equal error rate of 17% in case of speaker verification on the CSLU speaker recognition corpus is achieved.

Posted on September 16, 2011 at 12:31 PMView Comments

Sharing Security Information and the Prisoner's Dilemma

New paper: Dengpan Liu, Yonghua Ji, and Vijay Mookerjee (2011), “Knowledge Sharing and Investment Decisions in Information Security,” Decision Support Systems, in press.

Abstract: We study the relationship between decisions made by two similar firms pertaining to knowledge sharing and investment in information security. The analysis shows that the nature of information assets possessed by the two firms, either complementary or substitutable, plays a crucial role in influencing these decisions. In the complementary case, we show that the firms have a natural incentive to share security knowledge and no external influence to induce sharing is needed. However, the investment levels chosen in equilibrium are lower than optimal, an aberration that can be corrected using coordination mechanisms that reward the firms for increasing their investment levels. In the substitutable case, the firms fall into a Prisoners’ Dilemma trap where they do not share security knowledge in equilibrium, despite the fact that it is beneficial for both of them to do so. Here, the beneficial role of a social planner to encourage the firms to share is indicated. However, even when the firms share in accordance to the recommendations of a social planner, the level of investment chosen by the firms is sub-optimal. The firms either enter into an “arms race” where they over-invest or reenact the under-investment behavior found in the complementary case. Once again, this sub-optimal behavior can be corrected using incentive mechanisms that penalize for over-investment and reward for increasing the investment level in regions of under-investment. The proposed coordination schemes, with some modifications, achieve the socially optimal outcome even when the firms are risk-averse. Implications for information security vendors, firms, and social planner are discussed.

Posted on September 15, 2011 at 12:45 PMView Comments

Risk Tolerance and Culture

This is an interesting study on cultural differences in risk tolerance.

The Cultures of Risk Tolerance

Abstract: This study explores the links between culture and risk tolerance, based on surveys conducted in 23 countries. Altogether, more than 4,000 individuals participated in the surveys. Risk tolerance is associated with culture. Risk tolerance is relatively low in countries where uncertainty avoidance is relatively high and in countries which are relatively individualistic. Risk tolerance is also relatively low in countries which are relatively egalitarian and harmonious. And risk tolerance is relatively high in countries where trust is relatively high. Culture is also associated with risk tolerance indirectly, through the association between culture and income-per-capita. People in countries with relatively high income-per-capita tend to be relatively individualistic, egalitarian, and trusting. Risk tolerance is relatively high in countries with relatively low income-per-capita.

Posted on September 14, 2011 at 2:02 PMView Comments

The Legality of Government Critical Infrastructure Monitoring

Mason Rice, Robert Miller, and Sujeet Shenoi (2011), “May the US Government Monitor Private Critical Infrastructure Assets to Combat Foreign Cyberspace Threats?International Journal of Critical Infrastructure Protection, 4 (April 2011): 3–13.

Abstract: The government “owns” the entire US airspace–it can install radar systems, enforce no-fly zones and interdict hostile aircraft. Since the critical infrastructure and the associated cyberspace are just as vital to national security, could the US government protect major assets–including privately-owned assets–by positioning sensors and defensive systems? This paper discusses the legal issues related to the government’s deployment of sensors in privately owned assets to gain broad situational awareness of foreign threats. This paper does not necessarily advocate pervasive government monitoring of the critical infrastructure; rather, it attempts to analyze the legal principles that would permit or preclude various forms of monitoring.

Posted on September 7, 2011 at 2:32 PMView Comments

Stealing ATM PINs with a Thermal Camera

It’s easy:

Researchers from UCSD pointed thermal cameras towards plastic ATM PIN pads and metal ATM PIN pads to test how effective they were at stealing PIN numbers. The thermal cams didn’t work against metal pads but on plastic pads the success rate of detecting all the digits was 80% after 10 seconds and 60% after 45 seconds. If you think about your average ATM trip, that’s a pretty wide window and an embarrassingly high success rate for thieves to take advantage of.

Paper here. More articles.

Posted on August 24, 2011 at 7:13 AMView Comments

New Attack on AES

Biclique Cryptanalysis of the Full AES,” by Andrey Bogdanov, Dmitry Khovratovich, and Christian Rechberger.

Abstract. Since Rijndael was chosen as the Advanced Encryption Standard, improving upon 7-round attacks on the 128-bit key variant or upon 8-round attacks on the 192/256-bit key variants has been one of the most difficult challenges in the cryptanalysis of block ciphers for more than a decade. In this paper we present a novel technique of block cipher cryptanalysis with bicliques, which leads to the following results:

  • The first key recovery attack on the full AES-128 with computational complexity 2126.1.
  • The first key recovery attack on the full AES-192 with computational complexity 2189.7.
  • The first key recovery attack on the full AES-256 with computational complexity 2254.4.
  • Attacks with lower complexity on the reduced-round versions of AES not considered before, including an attack on 8-round AES-128 with complexity 2124.9.
  • Preimage attacks on compression functions based on the full AES versions.

In contrast to most shortcut attacks on AES variants, we do not need to assume related-keys. Most of our attacks only need a very small part of the codebook and have small memory requirements, and are practically verified to a large extent. As our attacks are of high computational complexity, they do not threaten the practical use of AES in any way.

This is what I wrote about AES in 2009. I still agree with my advice:

Cryptography is all about safety margins. If you can break n round of a cipher, you design it with 2n or 3n rounds. What we’re learning is that the safety margin of AES is much less than previously believed. And while there is no reason to scrap AES in favor of another algorithm, NST should increase the number of rounds of all three AES variants. At this point, I suggest AES-128 at 16 rounds, AES-192 at 20 rounds, and AES-256 at 28 rounds. Or maybe even more; we don’t want to be revising the standard again and again.

And for new applications I suggest that people don’t use AES-256. AES-128 provides more than enough security margin for the forseeable future. But if you’re already using AES-256, there’s no reason to change.

The advice about AES-256 was because of a 2009 attack, not this result.

Again, I repeat the saying I’ve heard came from inside the NSA: “Attacks always get better; they never get worse.”

Posted on August 18, 2011 at 6:12 AMView Comments

Search Redirection and the Illicit Online Prescription Drug Trade

Really interesting research.

Search-redirection attacks combine several well-worn tactics from black-hat SEO and web security. First, an attacker identifies high-visibility websites (e.g., at universities) that are vulnerable to code-injection attacks. The attacker injects code onto the server that intercepts all incoming HTTP requests to the compromised page and responds differently based on the type of request:
Requests from search-engine crawlers return a mix of the original content, along with links to websites promoted by the attacker and text that makes the website appealing to drug-related queries.

  • Requests from users arriving from search engines are checked for drug terms in the original search query. If a drug name is found in the search term, then the compromised server redirects the user to a pharmacy or another intermediary, which then redirects the user to a pharmacy.
  • All other requests, including typing the link directly into a browser, return the infected website’s original content.
  • The net effect is that web users are seamlessly delivered to illicit pharmacies via infected web servers, and the compromise is kept hidden from view of the affected host’s webmaster in nearly all circumstances.

Upon inspecting search results, we identified 7,000 websites that had been compromised in this manner between April 2010 and February 2011. One quarter of the top ten search results were observed to actively redirect to pharmacies, and another 15% of the top results were for sites that no longer redirected but had previously been compromised. We also found that legitimate health resources, including authorized pharmacies, were largely crowded out of the top results by search-redirection attacks and blog and forum spam promoting fake pharmacies.

And the paper.

Posted on August 16, 2011 at 10:47 AMView Comments

Security Flaws in Encrypted Police Radios

Why (Special Agent) Johnny (Still) Can’t Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio System,” by Sandy Clark, Travis Goodspeed, Perry Metzger, Zachary Wasserman, Kevin Xu, and Matt Blaze.

Abstract: APCO Project 25a (“P25”) is a suite of wireless communications protocols used in the US and elsewhere for public safety two-way (voice) radio systems. The protocols include security options in which voice and data traffic can be cryptographically protected from eavesdropping. This paper analyzes the security of P25 systems against both passive and active adversaries. We found a number of protocol, implementation, and user interface weaknesses that routinely leak information to a passive eavesdropper or that permit highly efficient and difficult to detect active attacks. We introduce new selective subframe jamming attacks against P25, in which an active attacker with very modest resources can prevent specific kinds of traffic (such as encrypted messages) from being received, while emitting only a small fraction of the aggregate power of the legitimate transmitter. We also found that even the passive attacks represent a serious practical threat. In a study we conducted over a two year period in several US metropolitan areas, we found that a significant fraction of the “encrypted” P25 tactical radio traffic sent by federal law enforcement surveillance operatives is actually sent in the clear, in spite of their users’ belief that they are encrypted, and often reveals such sensitive data as the such sensitive data as the names of informants in criminal investigations.

I’ve heard Matt talk about this project several times. It’s great work, and a fascinating insight into the usability problems of encryption in the real world.

News article.

Posted on August 11, 2011 at 6:19 AMView Comments

Identifying People by their Writing Style

The article is in the context of the big Facebook lawsuit, but the part about identifying people by their writing style is interesting:

Recently, a team of computer scientists at Concordia University in Montreal took advantage of an unusual set of data to test another method of determining e-mail authorship. In 2003, the Federal Energy Regulatory Commission, as part of its investigation into Enron, released into the public domain hundreds of thousands of employee e-mails, which have become an important resource for forensic research. (Unlike novels, newspapers or blogs, e-mails are a private form of communication and aren’t usually available as a sizable corpus for analysis.)

Using this data, Benjamin C. M. Fung, who specializes in data mining, and Mourad Debbabi, a cyber-forensics expert, collaborated on a program that can look at an anonymous e-mail message and predict who wrote it out of a pool of known authors, with an accuracy of 80 to 90 percent. (Ms. Chaski claims 95 percent accuracy with her syntactic method.) The team identifies bundles of linguistic features, hundreds in all. They catalog everything from the position of greetings and farewells in e-mails to the preference of a writer for using symbols (say, “$” or “%”) or words (“dollars” or “percent”). Combining all of those features, they contend, allows them to determine what they call a person’s “write-print.”

It seems reasonable that we have a linguistic fingerprint, although 1) there are far fewer of them than finger fingerprints, 2) they’re easier to fake. It’s probably not much of a stretch to take that software that “identifies bundles of linguistic features, hundreds in all” and use the data to automatically modify my writing to look like someone else’s.

EDITED TO ADD (8/3): A good criticism of the science behind author recognition, and a paper on how to evade these systems.

Posted on August 3, 2011 at 6:08 AMView Comments

1 62 63 64 65 66 86

Sidebar photo of Bruce Schneier by Joe MacInnis.