Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks最新文献

筛选

英文中文

Shatter: Using Threshold Cryptography to Protect Single Users with Multiple Devices 粉碎:使用阈值加密保护单个用户与多个设备

Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2016-07-18 DOI: 10.1145/2939918.2939932

Erinn Atwater, U. Hengartner

{"title":"Shatter: Using Threshold Cryptography to Protect Single Users with Multiple Devices","authors":"Erinn Atwater, U. Hengartner","doi":"10.1145/2939918.2939932","DOIUrl":"https://doi.org/10.1145/2939918.2939932","url":null,"abstract":"The average computer user is no longer restricted to one device. They may have several devices and expect their applications to work on all of them. A challenge arises when these applications need the cryptographic private key of the devices' owner. Here the device owner typically has to manage keys manually with a \"keychain\" app, which leads to private keys being transferred insecurely between devices -- or even to other people. Even with intuitive synchronization mechanisms, theft and malware still pose a major risk to keys. Phones and watches are frequently removed or set down, and a single compromised device leads to the loss of the owner's private key, a catastrophic failure that can be quite difficult to recover from. We introduce Shatter, an open-source framework that runs on desktops, Android, and Android Wear, and performs key distribution on a user's behalf. Shatter uses threshold cryptography to turn the security weakness of having multiple devices into a strength. Apps that delegate cryptographic operations to Shatter have their keys compromised only when a threshold number of devices are compromised by the same attacker. We demonstrate how our framework operates with two popular Android apps (protecting identity keys for a messaging app, and encryption keys for a note-taking app) in a backwards-compatible manner: only Shatter users need to move to a Shatter-aware version of the app. Shatter has minimal impact on app performance, with signatures and decryption being calculated in 0.5s and security proofs in 14s.","PeriodicalId":387704,"journal":{"name":"Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134412786","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 13

Profiling the Strength of Physical-Layer Security: A Study in Orthogonal Blinding 描述物理层安全强度:正交盲法的研究

Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2016-07-18 DOI: 10.1145/2939918.2939933

Yao Zheng, Matthias Schulz, W. Lou, Y. T. Hou, M. Hollick

{"title":"Profiling the Strength of Physical-Layer Security: A Study in Orthogonal Blinding","authors":"Yao Zheng, Matthias Schulz, W. Lou, Y. T. Hou, M. Hollick","doi":"10.1145/2939918.2939933","DOIUrl":"https://doi.org/10.1145/2939918.2939933","url":null,"abstract":"Physical layer security for wireless communication is broadly considered as a promising approach to protect data confidentiality against eavesdroppers. However, despite its ample theoretical foundation, the transition to practical implementations of physical-layer security still lacks success. A close inspection of proven vulnerable physical-layer security designs reveals that the flaws are usually overlooked when the scheme is only evaluated against an inferior, single-antenna eavesdropper. Meanwhile, the attacks exposing vulnerabilities often lack theoretical justification. To reduce the gap between theory and practice, we posit that a physical-layer security scheme must be studied under multiple adversarial models to fully grasp its security strength. In this regard, we evaluate a specific physical-layer security scheme, i.e. orthogonal blinding, under multiple eavesdropper settings. We further propose a practical \"ciphertext-only attack\" that allows eavesdroppers to recover the original message by exploiting the low entropy fields in wireless packets. By means of simulation, we are able to reduce the symbol error rate at an eavesdropper below 1% using only the eavesdropper's receiving data and a general knowledge about the format of the wireless packets.","PeriodicalId":387704,"journal":{"name":"Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131301322","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 8

首页上一页