Security Protocols Vitaly Shmatikov CS 6431

Security Protocols  Use cryptography to achieve some higher-level security objective Authentication, confidentiality, integrity, key distribution or establishment, payment…  Examples: SSL/TLS, IPsec, Kerberos, SSH, b and i, Skype, hundreds of others New protocols constantly proposed, standardized, implemented, and deployed  Critical component of modern Web and mobile applications slide 2

 Needham and Schroeder. “Using Encryption for Authentication in Large Networks of Computers” (CACM 1979)  Initiated the field of cryptographic protocol design Led to Kerberos, IPsec, SSL, and all modern protocols  Observed the need for rigorous protocol analysis “Protocols … are prone to extremely subtle errors that are unlikely to be detected in normal operation… The need for techniques to verify the correctness of such protocols is great, and we encourage those interested in such problems to consider this area.” slide 3 Needham-Schroeder Protocols

 Many simple attacks against protocols have been discovered over the years Even carefully designed, widely deployed protocols... often years after the protocol has been deployed –Examples: SSL, SSH, b, GSM Simple = attacks do not involve breaking crypto!  Why is the problem difficult? Concurrency + distributed participants + (often incorrect) use of cryptography Active attackers in full control of communications Implicit assumptions and goals behind protocols slide 4 Things Goes Wrong

Design Principles (1) 1. Every message should say what it means 2. The conditions for a message to be acted on should be clearly set out 3. Mention the principal’s name explicitly in the message if it is essential to the meaning 4. Be clear as to why encryption is being done 5. Don’t assume a principal knows the content of encrypted material that is signed by that principal slide 5 [Abadi and Needham. “Prudent Engineering Practice for Cryptographic Protocols ”. Oakland 1994]

Design Principles (2) 6. Be clear on what properties you are assuming about nonces 7. Predictable quantities used for challenge- response should be protected from replay 8. Timestamps must take into account local clock variation and clock maintenance mechanisms 9. A key may have been used recently, yet be old slide 6 [Abadi and Needham]

Design Principles (3) 10. If an encoding is used to present the meaning of a message, then it should be possible to tell which encoding is being used 11. The protocol designer should know which trust relations his protocol depends on slide 7 [Abadi and Needham]

slide 8 NS Symmetric-Key Protocol AliceBob {Kc, A} Kb  Goal: A and B establish a fresh, shared, secret key Kc with the help of a trusted key server Trusted key server A, B, NonceA { NonceA, B, Kc, {Kc, A} Kb } Ka Ka Kb Ka, Kb {NonceB} Kc {NonceB-1} Kc

Denning-Sacco Attack  Attacker recorded an old session and compromised session key Kx used in that session  B now believes he shares a fresh secret Kx with A  Moral: use timestamps to detect replay of old messages slide 9 Bob {Kx, A}Kb {NonceB} Kx {NonceB-1} Kx

AB A’s identityFresh random number generated by A B’s reasoning: The only way to learn NonceB is to decrypt the second message Only A can decrypt second message Therefore, A is on the other end A is authenticated! Kb { NonceB} Ka { NonceA, NonceB } Kb { A, NonceA } Encrypted with B’s public key slide 10 A’s reasoning: The only person who could know NonceA is the person who decrypted the first message Only B can decrypt message encrypted with Kb Therefore, B is on the other end of the line B is authenticated! NS Public-Key Protocol

What Does This Protocol Achieve? AB Kb { NonceB } Ka { NonceA, NonceB } Kb { A, NonceA }  Protocol aims to provide both authentication and secrecy  After this exchange, only A and B know NonceA and NonceB  they can be used to derive a shared key slide 11

B can’t decrypt this message, but he can replay it AB { A, Na } Kc C { A, Na } Kb { Na, Nc } Ka { Na, Nc } Ka { Nc } Kb Evil participant B tricks honest A into revealing C’s nonce Nc C is convinced that he is talking to A! Evil B pretends that he is A Lowe’s Attack on NSPK slide 12 [Lowe. “Breaking and Fixing the Needham-Schroeder Public-Key Protocol using FDR”. TACAS 1996]

AB { A, Na } Kc C { A, Na } Kb { Na, Nc } Ka { Na, Nc } Ka Abadi-Needham Principle #1 slide 13 Every message should say what it means Who sent this message?

AB Kb { NonceB} Ka { NonceA, B, NonceB } Kb { A, NonceA } slide 14 Does this solve the problem? How? Lowe’s Fix to NSPK

Lessons of Lowe’s Attack  Attacker is a legitimate protocol participant!  Exploits participants’ reasoning to fool them A is correct that B must have decrypted {A,Na} Kb message, but this does not mean that the {Na,Nb} Ka message came from B The attack does not rely on breaking cryptography!  It is important to realize limitations of protocols The attack requires that A willingly talk to adversary In the original setting, each workstation is assumed to be well-behaved, and the protocol is correct!  Discover attacks like this automatically? slide 15

slide 16 Cashier-as-a-Service PayPal, Amazon Payments, Google Checkout, etc. Web store Shopper communication about the order communication about the payment Joint decision: is an order appropriately paid? [Wang et al. “How to Shop for Free Online: Security Analysis of Cashier-as-a-Service Based Web Stores”. Oakland 2011]

nopCommerce + Amazon Simple Pay [Wang et al.] (and seller Mark) Jeff, I want to buy this DVD. Shopper Chuck Amazon (CaaS) Jeff Chuck, pay in Amazon with this signed letter: Dear Amazon, order#123 is $10, when it is paid, text me at [Jeff’s signature] Amazon, I want to pay with this letter Dear Amazon, order#123 is $10, when it is paid, text me at [Jeff’s signature] [Mark’s signature] Hi, $10 has been paid for order#123. [Amazon’s signature] Great, I will ship order#123! Anyone can register an Amazon seller account, so can Chuck Purchase a $25 MasterCard gift card by cash, register under a fake address and phone number Create seller accounts in PayPal, Amazon and Google using the card Chuck’s trick Check out from Jeff, but pay to “Mark” (Chuck himself) Amazon tells Jeff that payment has been successful Jeff is confused, ships product slide 17

slide 18 Interspire + PayPal Express Message A redirects to store.com/finalizeOrder?[orderID1] store Session 1: pay for a cheap order (orderID1), but prevent the merchant from finalizing it by holding Message B Expensive order is checked out but the cheap one is paid! Message A Message B Message B calls store.com/finalizeOrder?[orderID1] store [orderID2] store store Session 2: place an expensive order (orderID2), but skip the payment step Message A Message A redirects to store.com/finalizeOrder?[orderID2] store store [Wang et al.]

slide 19 Side-Channel Leaks [Chen et al. “Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow”. Oakland 2010] encrypted! privacy problems solved? Attacker can still see the number of packets, size of each packet, time between packets…

 Search using encrypted Wi-Fi (WPA / WPA2)  Example: user types “l-i-s-t” on his laptop… slide 20 [Chen et al.] 821         1007 Query suggestion Consequence: any eavesdropper knows our search queries Attacker’s effort linear in the size of query Each additional letter of query… …different size of suggestion list

 Entering health records By typing – auto-suggestion By mouse – a tree structure of elements  Finding a doctor Dropdown list slide 21 [Chen et al.] Online Medical Application 2000x reduction in ambiguityUniquely identify the specialty

 Wizard-style questionnaire Tailor the questions based on previous inputs  Which forms you work on reveal filing status, big medical bills, adjusted gross income…  Knowing the state machine of the application the eavesdropper can infer sensitive information Especially by combining information learned from multiple state machines slide 22 [Chen et al.] Tax Preparation Application

slide 23 [Chen et al.] Child Credit State Machine Entry page of deductions & credits Summary of deductions & credits Full credit Not eligible Partial credit All transitions have unique traffic patterns Consult the IRS instruction: $1000 for each child Phase-out starting from $110,000. For every $1000 income, lose $50 credit.

slide 24 [Chen et al.] Student Loan Interest State Machine Entry page of deductions & credits Summary of deductions & credits Full credit Not eligible Partial credit Enter your paid interest Even worse, most decision procedures for credits/deductions have asymmetric paths: eligible – more questions, not eligible – no more questions

slide 25 [Chen et al.] Some Identifiable AGI Thresholds Disabled Credit $24999 Retirement Savings $53000 IRA Contribution $85000$ College Expense $ $ Student Loan Interest $ First-time Homebuyer Credit $ $ Earned Income Credit $41646 Child Credit $ Adoption Expense $ $ $ or $ or $ … $0

slide 26 [Chen et al.] Online Investments Which funds you invest in?  Each price history curve is a GIF image from MarketWatch Anyone in the world can get them from this website  Just compare the image sizes! Your investment allocation?  Can see the size of the pie chart, but hundreds of pie charts have the same image…

slide 27 [Chen et al.] Change Over Time Is Revealing!  800 charts  80 charts  8 charts 1 chart Size of day 1 Size of day 2; Prices of the day Size of day 3; Prices of the day Size of day 4; Prices of the day  charts Financial institution updates your pie chart every day after market close. Mutual fund prices are public knowledge.

 Still have the asymmetric path problem  Google’s responses are compressed, destination networks may or may not uncompress responses For example, Microsoft gateways uncompress and inspect Web traffic, but university does not Round before compression – university still sees distinguishable sizes; after compression – Microsoft does  Random padding is not appropriate If user checks several times, repeated random padding of the same responses quickly degrades effectiveness Images come from MarketWatch, not site itself slide 28 [Chen et al.] Rounding? Padding?