Helmholtz Center for Information Security
CISPA – Helmholtz-Zentrum für InformationssicherheitNot a member yet
3406 research outputs found
Sort by
Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks
The transient-execution attack Meltdown leaks sensitive information by transiently accessing inaccessible data during out-of-order execution. Although Meltdown is fixed in hardware for recent CPU generations, most currently-deployed CPUs have to rely on software mitigations, such as KPTI. Still, Meltdown is considered non-exploitable on current systems.
In this paper, we show that adding another layer of indirection to Meltdown transforms a transient-execution attack into a side-channel attack, leaking metadata instead of data. We show that despite software mitigations, attackers can still leak metadata from other security domains by observing the success rate of Meltdown on non-secret data. With LeakIDT, we present the first cache-line granular monitoring of kernel addresses. LeakIDT allows an attacker to obtain cycle-accurate timestamps for attacker-chosen interrupts. We use our attack to get accurate inter-keystroke timings and fingerprint visited websites. While we propose a low-overhead software mitigation to prevent the exploitation of LeakIDT, we emphasize that the side-channel aspect of transient-execution attacks should not be underestimated
On the Node-Averaged Complexity of Locally Checkable Problems on Trees
Over the past decade, a long line of research has investigated the distributed complexity landscape of locally checkable labeling (LCL) problems on bounded-degree graphs, culminating in an almost-complete classification on general graphs and a complete classification on trees. The latter states that, on bounded-degree trees, any LCL problem has deterministic worst-case time complexity O(1), Θ(log* n), Θ(log n), or Θ(n^(1/k)) for some positive integer k, and all of those complexity classes are nonempty. Moreover, randomness helps only for (some) problems with deterministic worst-case complexity Θ(log n), and if randomness helps (asymptotically), then it helps exponentially.
In this work, we study how many distributed rounds are needed on average per node in order to solve an LCL problem on trees. We obtain a partial classification of the deterministic node-averaged complexity landscape for LCL problems. As our main result, we show that every problem with worst-case round complexity O(log n) has deterministic node-averaged complexity O(log* n). We further establish bounds on the node-averaged complexity of problems with worst-case complexity Θ(n^(1/k)): we show that all these problems have node-averaged complexity Ω^~(n^(1 / (2^k - 1))), and that this lower bound is tight for some problems
Investigating Verification Behavior and Perceptions of Visual Digital Certificates
This paper presents a qualitative study to explore how individuals perceive and verify visual digital certificates with QR codes. During the COVID-19 pandemic, such certificates have been used in the EU to provide standardized proof of vaccination.
We conducted semi-structured interviews with N=17 participants responsible for verifying COVID-19 certificates as part of their job. Using a two-fold thematic analysis approach, we, among other things, identified and classified multiple behavioral patterns, including inadequate reliance on visual cues as a proxy for proper digital verification.
We present design and structural recommendations based on our findings, including conceptual changes and improvements to storage and verification apps to limit shortcut opportunities. Our empirical findings are hence essential to improve the usability, robustness, and effectiveness of visual digital certificates and their verification
A Systematic Study of the Consistency of Two-Factor Authentication User Journeys on Top-Ranked Websites
Heuristics for user experience state that users will transfer their expectations from one product to another. A lack of consistency between products can increase users' cognitive friction, leading to frustration and rejection. This paper presents the first systematic study of the external, functional consistency of two-factor authentication user journeys on top-ranked websites. We find that these websites implement only a minimal number of design aspects consistently (e.g., naming and location of settings) but exhibit mixed design patterns for setup and usage of a second factor. Moreover, we find that some of the more consistently realized aspects, such as descriptions of two-factor authentication, have been described in the literature as problematic and adverse to user experience. Our results advocate for more general UX guidelines for 2FA implementers and raise new research questions about the 2FA user journeys
Perceptions of Distributed Ledger Technology Key Management - An Interview Study with Finance Professionals
Key management is an integral part of using distributed ledger technology (DLT). Previous work has primarily focused on key management for single-user scenarios on Bitcoin. Over the last decade, DLT has evolved to commercial and financial sectors; for example, a new German law allows the trading of a variety of financial securities via DLT. Instead of a single-user paradigm, financial institutions follow a multi-user paradigm. Combining multi-user key management with single-user key management solutions leads to unique challenges with usability and security.
We extend current research through a two-stage qualitative interview study with 13 finance professionals. We investigate how the technical reality contrasts with perceptions of key management practices in corporate financial organizations. Our interdisciplinary study shows, among other things, that DLT does not meet real-world requirements in this particular domain. Moreover, it introduces additional challenges in terms of authentication and auditing.
Our findings suggest that corporate financial institutions strongly support the adoption of blockchain solutions. However, to comply with regulatory and operational requirements, they face additional usability and security challenges, e.g., authentication and access control. Better mechanisms or novel design approaches are required to cover professional environments. This includes how multiple users can access the same assets and approve joint transactions
Blind Concealment from Reconstruction-based Attack Detectors for Industrial Control Systems via Backdoor Attacks
Industrial Control Systems (ICS) are responsible for the safety and operations of critical infrastructure such as power grids.
Attacks on such systems threaten the well-being of societies, and the lives of human operators, and pose huge financial risks.
Due to their reliance on insecure legacy protocols and hosts, the systems cannot be protected easily.
Fortunately, detailed process data is available and can be leveraged by process-aware attack detectors that verify inherent physical correlations.
In commercial products, such detectors will be trained by the vendors on process data from the target system, which might allow malicious manipulations of the training process to later evade detection at runtime.
Previously proposed attacks in this direction rely on detailed process knowledge to predict the exact attack features to be concealed.
In this work, we show that even without any process knowledge, it is possible to launch training time attacks against such attack detectors. Our backdoor attacks achieve this by identifying `alien' actuator state combinations that never occur in the training samples and injecting them with legitimate sensor data into the training set.
At runtime, the attacker spoofs one of those alien actuator state combinations, which triggers (regardless of current process sensor values) the classification as `normal'.
To demonstrate this, we design and implement five backdoor attacks against autoencoder-based anomaly detectors for 14 attacks from the BATADAL dataset collection. Out of these five variations, four implementations have been found to be effective. Our evaluation also shows that our best backdoor attack implementation can achieve perfect attack concealment and accomplish an average accuracy of 0.19.
Compared to the performance of the detector for anomalies that are not concealed by inserted triggers, our attacks decrease the detector's accuracy by 0.39
Get Your Cyber-Physical Tests Done! Data-Driven Vulnerability Assessment of Robotic Vehicle
The rapid growth of robotic aerial vehicles (RAVs) has attracted extensive interest in numerous public and civilian applications, from flying drones to quadrotors. Security of RAV systems has become increasingly challenging as RAV controller software becomes more complex, exposing a growing attack surface. Memory isolation separates the memory space and enforces memory access control via privilege separation to limit the attacker’s capability so that the attacker cannot compromise other software components by exploiting one memory corruption vulnerability. Memory isolation has been adopted into the resource-constrained systems such as RAVs by lightweight privilege mode switching to meet real-time requirements.
In this paper, we propose ARES, a new variable-level vulnerability excavation framework to find deeper bugs from a combined cyber-physical perspective. We present a data-driven method to illustrate that, despite state-of-the-art memory isolation efforts, RAV systems are still vulnerable to adversarial data manipulation attacks. We augment RAV control states with intermediate controller variables by tracing accessible control parameters and vehicle dynamics within the same isolated memory regions. With this expanded state variable space, we apply multivariate statistical analysis to investigate inter-variable quantitative data dependencies and search for vulnerable state variables. ARES utilizes a learning-based method to show how an attacker can exploit memory corruption bugs in a legitimate memory view and elaborately craft adversarial variable values to disrupt a RAV’s safe operations. We demonstrate the feasibility and capability of ARES on the widely-used Ardupilot RAV framework. Our extensive empirical evaluation shows that the attacker may leverage these vulnerable state variables to achieve various RAV failures during its real-time operations, and even evade existing defense solutions
Token meets Wallet: Formalizing Privacy and Revocation for FIDO2
The FIDO2 standard is a widely-used class of challenge-response type protocols that allows to authenticate to an online service using a hardware token. Barbosa et al. (CRYPTO ‘21) provided the first formal security model and analysis for the FIDO2 standard. However, their model has two shortcomings: (1) It does not include privacy, one of the key features claimed by FIDO2. (2) It only covers tokens that store all secret keys locally. In contrast, due to limited memory, most existing FIDO2 tokens either derive all secret keys from a common seed or store keys on the server (the latter approach is also known as key wrapping).
In this paper, we revisit the security of the WebAuthn component of FIDO2 as implemented in practice. Our contributions are as follows. (1) We adapt the model of Barbosa et al. so as to capture authentication tokens using key derivation or key wrapping. (2) We provide the first formal definition of privacy for the WebAuthn component of FIDO2. We then prove the privacy of this component in common FIDO2 token implementations if the underlying building blocks are chosen appropriately. (3) We address the unsolved problem of global key revocation in FIDO2. To this end, we introduce and analyze a simple revocation procedure that builds on the popular BIP32 standard used in cryptocurrency wallets and can efficiently be implemented with existing FIDO2 servers
PrivTrace: Differentially Private Trajectory Synthesis by Adaptive Markov Model
Publishing trajectory data (individual’s movement information) is very useful, but it also raises privacy concerns. To handle the privacy concern, in this paper, we apply differential privacy, the standard technique for data privacy, together with Markov chain model, to generate synthetic trajectories. We notice that existing studies all use Markov chain model and thus propose a framework to analyze the usage of the Markov chain model in this problem. Based on the analysis, we come up with an effective algorithm PrivTrace that uses the first-order and second-order Markov model adaptively. We evaluate PrivTrace and existing methods on synthetic and real-world datasets to demonstrate the superiority of our method
Computing Square Colorings on Bounded-Treewidth and Planar Graphs
A {\em square coloring} of a graph is a coloring of the square of , that is, a coloring of the vertices of such that any two vertices that are at distance at most in receive different colors.
We investigate the complexity of finding a square coloring with a given number of colors.
We show that the problem is polynomial-time solvable on graphs of bounded treewidth by presenting an algorithm with running time n^{2^{\ttw + 4}+O(1)} for graphs of treewidth at most \ttw.
The somewhat unusual exponent 2^\ttw in the running time is essentially optimal: we show that for any , there is no algorithm with running time f(\ttw)n^{(2-\epsilon)^\ttw} unless the Exponential-Time Hypothesis (ETH) fails.
We also show that the square coloring problem is NP-hard on planar graphs for any fixed number of colors.
Our main algorithmic result is showing that the problem (when the number of colors is part of the input) can be
solved in subexponential time on planar graphs. The result
follows from the combination of two algorithms. If the number
of colors is small (), then we can exploit a
treewidth bound on the square of the graph to solve the problem in
time . If the number of colors is large
(), then an algorithm based on protrusion
decompositions and building on our result for the bounded-treewidth case solves the problem in time