Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security最新文献_第3页

Hash First, Argue Later: Adaptive Verifiable Computations on Outsourced Data 先散列，后争论:外包数据的自适应可验证计算

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978368

D. Fiore, C. Fournet, Esha Ghosh, Markulf Kohlweiss, O. Ohrimenko, Bryan Parno

{"title":"Hash First, Argue Later: Adaptive Verifiable Computations on Outsourced Data","authors":"D. Fiore, C. Fournet, Esha Ghosh, Markulf Kohlweiss, O. Ohrimenko, Bryan Parno","doi":"10.1145/2976749.2978368","DOIUrl":"https://doi.org/10.1145/2976749.2978368","url":null,"abstract":"Proof systems for verifiable computation (VC) have the potential to make cloud outsourcing more trustworthy. Recent schemes enable a verifier with limited resources to delegate large computations and verify their outcome based on succinct arguments: verification complexity is linear in the size of the inputs and outputs (not the size of the computation). However, cloud computing also often involves large amounts of data, which may exceed the local storage and I/O capabilities of the verifier, and thus limit the use of VC. In this paper, we investigate multi-relation hash & prove schemes for verifiable computations that operate on succinct data hashes. Hence, the verifier delegates both storage and computation to an untrusted worker. She uploads data and keeps hashes; exchanges hashes with other parties; verifies arguments that consume and produce hashes; and selectively downloads the actual data she needs to access. Existing instantiations that fit our definition either target restricted classes of computations or employ relatively inefficient techniques. Instead, we propose efficient constructions that lift classes of existing arguments schemes for fixed relations to multi-relation hash & prove schemes. Our schemes (1) rely on hash algorithms that run linearly in the size of the input; (2) enable constant-time verification of arguments on hashed inputs; (3) incur minimal overhead for the prover. Their main benefit is to amortize the linear cost for the verifier across all relations with shared I/O. Concretely, compared to solutions that can be obtained from prior work, our new hash & prove constructions yield a 1,400x speed-up for provers. We also explain how to further reduce the linear verification costs by partially outsourcing the hash computation itself, obtaining a 480x speed-up when applied to existing VC schemes, even on single-relation executions.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132970056","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 63

Improvements to Secure Computation with Penalties 带惩罚的安全计算改进

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978421

R. Kumaresan, V. Vaikuntanathan, Prashant Nalini Vasudevan

{"title":"Improvements to Secure Computation with Penalties","authors":"R. Kumaresan, V. Vaikuntanathan, Prashant Nalini Vasudevan","doi":"10.1145/2976749.2978421","DOIUrl":"https://doi.org/10.1145/2976749.2978421","url":null,"abstract":"Motivated by the impossibility of achieving fairness in secure computation [Cleve, STOC 1986], recent works study a model of fairness in which an adversarial party that aborts on receiving output is forced to pay a mutually predefined monetary penalty to every other party that did not receive the output. These works show how to design protocols for secure computation with penalties that tolerate an arbitrary number of corruptions. In this work, we improve the efficiency of protocols for secure computation with penalties in a hybrid model where parties have access to the \"claim-or-refund\" transaction functionality. Our first improvement is for the ladder protocol of Bentov and Kumaresan (Crypto 2014) where we improve the dependence of the script complexity of the protocol (which corresponds to miner verification load and also space on the blockchain) on the number of parties from quadratic to linear (and in particular, is completely independent of the underlying function). Our second improvement is for the see-saw protocol of Kumaresan et al. (CCS 2015) where we reduce the total number of claim-or-refund transactions and also the script complexity from quadratic to linear in the number of parties. We also present a 'dual-mode' protocol that offers different guarantees depending on the number of corrupt parties: (1) when s n/2 parties are corrupt, this protocol guarantees fairness with penalties (i.e., if the adversary gets the output, then either the honest parties get output as well or they get compensation via penalizing the adversary). The above protocol works as long as t+s < n, matching the bound obtained for secure computation protocols in the standard model (i.e., replacing \"fairness with penalties\" with \"security-with-abort\" (full security except fairness)) by Ishai et al. (SICOMP 2011).","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127949721","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 80

PhishEye: Live Monitoring of Sandboxed Phishing Kits phishheye:沙箱钓鱼工具包的实时监控

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978330

Xiao Han, Nizar Kheir, D. Balzarotti

{"title":"PhishEye: Live Monitoring of Sandboxed Phishing Kits","authors":"Xiao Han, Nizar Kheir, D. Balzarotti","doi":"10.1145/2976749.2978330","DOIUrl":"https://doi.org/10.1145/2976749.2978330","url":null,"abstract":"Phishing is a form of online identity theft that deceives unaware users into disclosing their confidential information. While significant effort has been devoted to the mitigation of phishing attacks, much less is known about the entire life-cycle of these attacks in the wild, which constitutes, however, a main step toward devising comprehensive anti-phishing techniques. In this paper, we present a novel approach to sandbox live phishing kits that completely protects the privacy of victims. By using this technique, we perform a comprehensive real-world assessment of phishing attacks, their mechanisms, and the behavior of the criminals, their victims, and the security community involved in the process -- based on data collected over a period of five months. Our infrastructure allowed us to draw the first comprehensive picture of a phishing attack, from the time in which the attacker installs and tests the phishing pages on a compromised host, until the last interaction with real victims and with security researchers. Our study presents accurate measurements of the duration and effectiveness of this popular threat, and discusses many new and interesting aspects we observed by monitoring hundreds of phishing campaigns.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125364624","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 93

Message-Recovery Attacks on Feistel-Based Format Preserving Encryption 基于feistel格式保持加密的消息恢复攻击

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978390

M. Bellare, V. Hoang, Stefano Tessaro

引用次数: 30

Function Secret Sharing: Improvements and Extensions 函数秘密共享:改进和扩展

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978429

Elette Boyle, N. Gilboa, Y. Ishai

{"title":"Function Secret Sharing: Improvements and Extensions","authors":"Elette Boyle, N. Gilboa, Y. Ishai","doi":"10.1145/2976749.2978429","DOIUrl":"https://doi.org/10.1145/2976749.2978429","url":null,"abstract":"Function Secret Sharing (FSS), introduced by Boyle et al. (Eurocrypt 2015), provides a way for additively secret-sharing a function from a given function family F. More concretely, an m-party FSS scheme splits a function f : {0, 1}n -> G, for some abelian group G, into functions f1,...,fm, described by keys k1,...,km, such that f = f1 + ... + fm and every strict subset of the keys hides f. A Distributed Point Function (DPF) is a special case where F is the family of point functions, namely functions f_{a,b} that evaluate to b on the input a and to 0 on all other inputs. FSS schemes are useful for applications that involve privately reading from or writing to distributed databases while minimizing the amount of communication. These include different flavors of private information retrieval (PIR), as well as a recent application of DPF for large-scale anonymous messaging. We improve and extend previous results in several ways: * Simplified FSS constructions. We introduce a tensoring operation for FSS which is used to obtain a conceptually simpler derivation of previous constructions and present our new constructions. * Improved 2-party DPF. We reduce the key size of the PRG-based DPF scheme of Boyle et al. roughly by a factor of 4 and optimize its computational cost. The optimized DPF significantly improves the concrete costs of 2-server PIR and related primitives. * FSS for new function families. We present an efficient PRG-based 2-party FSS scheme for the family of decision trees, leaking only the topology of the tree and the internal node labels. We apply this towards FSS for multi-dimensional intervals. We also present a general technique for extending FSS schemes by increasing the number of parties. * Verifiable FSS. We present efficient protocols for verifying that keys (k*/1,...,k*/m ), obtained from a potentially malicious user, are consistent with some f in F. Such a verification may be critical for applications that involve private writing or voting by many users.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115272731","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 214

The Misuse of Android Unix Domain Sockets and Security Implications Android Unix域套接字的误用及其安全含义

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978297

Yuru Shao, Jason Ott, Yunhan Jia, Zhiyun Qian, Z. Morley Mao

引用次数: 37

All Your DNS Records Point to Us: Understanding the Security Threats of Dangling DNS Records 你所有的DNS记录都指向我们:了解悬挂DNS记录的安全威胁

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978387

Daiping Liu, Shuai Hao, Haining Wang

引用次数: 68

MiddlePolice: Toward Enforcing Destination-Defined Policies in the Middle of the Internet MiddlePolice:在互联网中间执行目标定义的策略

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978306

Zhuotao Liu, Hao Jin, Yih-Chun Hu, Michael Bailey

{"title":"MiddlePolice: Toward Enforcing Destination-Defined Policies in the Middle of the Internet","authors":"Zhuotao Liu, Hao Jin, Yih-Chun Hu, Michael Bailey","doi":"10.1145/2976749.2978306","DOIUrl":"https://doi.org/10.1145/2976749.2978306","url":null,"abstract":"Volumetric attacks, which overwhelm the bandwidth of a destination, are amongst the most common DDoS attacks today. One practical approach to addressing these attacks is to redirect all destination traffic (e.g., via DNS or BGP) to a third-party, DDoS-protection-as-a-service provider (e.g., CloudFlare) that is well provisioned and equipped with filtering mechanisms to remove attack traffic before passing the remaining benign traffic to the destination. An alternative approach is based on the concept of network capabilities, whereby source sending rates are determined by receiver consent, in the form of capabilities enforced by the network. While both third-party scrubbing services and network capabilities can be effective at reducing unwanted traffic at an overwhelmed destination, DDoS-protection-as-a-service solutions outsource all of the scheduling decisions (e.g., fairness, priority and attack identification) to the provider, while capability-based solutions require extensive modifications to existing infrastructure to operate. In this paper we introduce MiddlePolice, which seeks to marry the deployability of DDoS-protection-as-a-service solutions with the destination-based control of network capability systems. We show that by allowing feedback from the destination to the provider, MiddlePolice can effectively enforce destination-chosen policies, while requiring no deployment from unrelated parties.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132609054","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 42

POSTER: Towards Exposing Internet of Things: A Roadmap 海报:面向物联网:路线图

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2989046

V. Sachidananda, Jinghui Toh, Shachar Siboni, A. Shabtai, Y. Elovici

引用次数: 7

Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR 预取侧信道攻击:绕过SMAP和内核ASLR

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978356

D. Gruss, Clémentine Maurice, Anders Fogh, Moritz Lipp, S. Mangard

{"title":"Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR","authors":"D. Gruss, Clémentine Maurice, Anders Fogh, Moritz Lipp, S. Mangard","doi":"10.1145/2976749.2978356","DOIUrl":"https://doi.org/10.1145/2976749.2978356","url":null,"abstract":"Modern operating systems use hardware support to protect against control-flow hijacking attacks such as code-injection attacks. Typically, write access to executable pages is prevented and kernel mode execution is restricted to kernel code pages only. However, current CPUs provide no protection against code-reuse attacks like ROP. ASLR is used to prevent these attacks by making all addresses unpredictable for an attacker. Hence, the kernel security relies fundamentally on preventing access to address information. We introduce Prefetch Side-Channel Attacks, a new class of generic attacks exploiting major weaknesses in prefetch instructions. This allows unprivileged attackers to obtain address information and thus compromise the entire system by defeating SMAP, SMEP, and kernel ASLR. Prefetch can fetch inaccessible privileged memory into various caches on Intel x86. It also leaks the translation-level for virtual addresses on both Intel x86 and ARMv8-A. We build three attacks exploiting these properties. Our first attack retrieves an exact image of the full paging hierarchy of a process, defeating both user space and kernel space ASLR. Our second attack resolves virtual to physical addresses to bypass SMAP on 64-bit Linux systems, enabling ret2dir attacks. We demonstrate this from unprivileged user programs on Linux and inside Amazon EC2 virtual machines. Finally, we demonstrate how to defeat kernel ASLR on Windows 10, enabling ROP attacks on kernel and driver binary code. We propose a new form of strong kernel isolation to protect commodity systems incuring an overhead of only 0.06-5.09%.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114377658","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 217