Presentation is loading. Please wait.

Presentation is loading. Please wait.

Real Security Threats Ross Anderson Cambridge. Peer-to-peer networks (1) Early P2P proposals included the ‘Eternity Service’ (1996) – a widely distributed.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Real Security Threats Ross Anderson Cambridge. Peer-to-peer networks (1) Early P2P proposals included the ‘Eternity Service’ (1996) – a widely distributed."— Presentation transcript:

1 Real Security Threats Ross Anderson Cambridge

2 Peer-to-peer networks (1) Early P2P proposals included the ‘Eternity Service’ (1996) – a widely distributed file store for censorship resistance Attack (1) – ‘kiddie porn’ Attack (2) – lack of motivation for participants Attack (3) – break the ring, or go for high-order nodes in the courts Attack (4) – spam out the content with trash

3 Fixes (1) Fix the motivation with a federation of clubs: Danezis/Anderson, ‘Economics of censorship resistance’, WEIS 2004 Or revolutionary cells: Nagaraja/Anderson, ‘Topology of Covert Conflict’, WEIS 2006 Instead of initial authentication, concentrate on recovery (Anderson/Chan/Perrig ‘Key Infection’ ICNP 2004; Anderson/Bond ‘Initial costs and maintenance costs of protocols’, Protocols 2005)

4 Peer-to-peer networks (2) HomePlug AV – v2 powerline networking Real problem: people connect to wrong network, set up large networks Simple connect mode – push buttons to make it work and ‘send the key in the clear’ Secure mode – type in the device’s AES key (on its label) into a network controller Can a public-key protocol do any more?

5 Why Homeplug has no PK mode Patent attorney using HomePlug as home LAN Attacker knocks out STB using jammer Net controller says ‘admit Sony STB type ABC123, cert hash = 4CA7 239C 210A 337F?’ Only safe if cert hash checked against label So better off copying key from label directly! See Newman, Gavette, Yonge, Anderson, ‘Protecting Domestic Power-line Communications’, SOUPS 2006

6 Future P2P networks We already have plenty home and personal networks (HomePlug, Bluetooth, … ) Plenty P2P apps for PCs too (Skype, … ) Sensor network apps? (see our paper later) Phone-based apps? (Haggle?) What are … incentives? … scalability? (Could Khayelitsha cope with success?)

7

8

Download ppt "Real Security Threats Ross Anderson Cambridge. Peer-to-peer networks (1) Early P2P proposals included the ‘Eternity Service’ (1996) – a widely distributed."

Similar presentations

Security in Mobile Ad Hoc Networks

Security in Mobile Ad Hoc Networks
Networks By the end of this session, you will:

Networks By the end of this session, you will:
1 Security in Wireless Protocols Bluetooth, 802.11, ZigBee.

1 Security in Wireless Protocols Bluetooth, , ZigBee.
Trust relationships in sensor networks Ruben Torres October 2004.

Trust relationships in sensor networks Ruben Torres October 2004.
DHP-W306AV is a new D-Link Powerline solution features 802.11n wireless speeds of up to 300 megabits per second and HomePlug AV data transmission speeds.

DHP-W306AV is a new D-Link Powerline solution features n wireless speeds of up to 300 megabits per second and HomePlug AV data transmission speeds.
Key Infection (smart trust for smart dust) Ross Anderson (Cambridge) Haowen Chan (CMU) Adrian Perrig (CMU)

Key Infection (smart trust for smart dust) Ross Anderson (Cambridge) Haowen Chan (CMU) Adrian Perrig (CMU)
From the Eternity Service to Suicide Bombing – a Short History of Ad-hoc Network Security Ross Anderson Cambridge.

From the Eternity Service to Suicide Bombing – a Short History of Ad-hoc Network Security Ross Anderson Cambridge.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.

Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.
Computers Networks and Networking The Data Communications Channel Wireless communication Microwave signal – sent from one transmitter to another Radio.

Computers Networks and Networking The Data Communications Channel Wireless communication Microwave signal – sent from one transmitter to another Radio.
ODISSEA Mehdi Kharrazi Kulesh Shanmugasundaram Security Issues.

ODISSEA Mehdi Kharrazi Kulesh Shanmugasundaram Security Issues.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
The Topology of Covert Conflict Shishir Nagaraja, Ross Anderson Cambridge University.

The Topology of Covert Conflict Shishir Nagaraja, Ross Anderson Cambridge University.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
Conclusions in Peer-to-Peer Systems Παρουσίαση: Τάσος Καραγιάννης, Σπυριδούλα Μαργαρίτη, Κώστας Στεφανίδης, Θοδωρής Τσώτσος.

Conclusions in Peer-to-Peer Systems Παρουσίαση: Τάσος Καραγιάννης, Σπυριδούλα Μαργαρίτη, Κώστας Στεφανίδης, Θοδωρής Τσώτσος.
COMMUNICATIONS AND NETWORKS. -2 Competencies Discuss connectivity, the wireless revolution, and communication systems Describe physical and wireless communications.

COMMUNICATIONS AND NETWORKS. -2 Competencies Discuss connectivity, the wireless revolution, and communication systems Describe physical and wireless communications.
An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks DAOJING HE, YI GAO, SAMMY CHAN, CHUN CHEN, JIAJUN BU Ad Hoc & Sensor Wireless.

An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks DAOJING HE, YI GAO, SAMMY CHAN, CHUN CHEN, JIAJUN BU Ad Hoc & Sensor Wireless.
SMUCSE 5349/49 Email Security. SMUCSE 5349/7349 Threats Threats to the security of e-mail itself –Loss of confidentiality E-mails are sent in clear over.

SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.
Introduction to Peer-to-Peer Networks. What is a P2P network Uses the vast resource of the machines at the edge of the Internet to build a network that.

Introduction to Peer-to-Peer Networks. What is a P2P network Uses the vast resource of the machines at the edge of the Internet to build a network that.

Similar presentations

Ads by Google