18th Seminar Artzi on Systems
     

The 18th Seminar Artzi

 on Computer Systems and Engineering 

 

Time:April 6, 2000, at 14:30 PM
Note special time: Thursday afternoon
Place:Lev Hall, Kaplun Bldg., Tel-Aviv University
Faculty of Exact Sciences (where the School of Physics is)
Chair:Dr. Dahlia Malkhi, Hebrew University

Program

14:30-15:15The Proactive Security Toolkit and Applications
Amir Herzberg, IBM abstract
15:15-16:00IP Multicast security
Amit Kleinman, NDS abstract
16:00-16:15Break
16:15-17:00Establishing and Managing Proactive Content Security
Shimon Gruper, Aladdin abstract
17:00-17:45Data Authentication at Gigabits per Second Speeds
Hugo Krawczyk, Technion abstract

Abstracts

The Proactive Security Toolkit and Applications

Boaz Barak, Amir Herzberg, Dalit Naor and Eldad Shai

IBM Haifa Research Lab, Tel-Aviv Site
E-Commerce and Technologies Group
{barak,amir,dalit,eldad}@haifa.vnet.ibm.com

`You can't cheat all people at the same time.` -- (anonymous)

Existing security mechanisms focus on prevention of penetrations, detection of a penetration and (manual) recovery tools. Indeed attackers focus their penetration efforts on breaking into critical modules, and on avoiding detection of the attack. As current security mechanisms are imperfect and existing systems often implement them poorly, it is well recognized that attacker are in fact able to penetrate. Security tools and procedures may cause the attackers to lose control over a specific module (computer, account), since the attacker would rather lose control than risk detection of the attack. However, while controlling the module, attacker may learn critical secret information or modify the module (plant trapdoors) that make it much easier for the attacker to regain control over that module later, or to defeat the overall security goal (even without regaining control of that module).

Recent results in cryptography give some hope of improving this situation. These results show that many fundamental security tasks can be achieved with proactive security. Proactive security does not assume that there is any module completely secure against penetration. Instead, we assume that at any given time period (day, week,...), a sufficient number of the modules in the system are secure (not penetrated). The results obtained so far include some of the most important cryptographic primitives such as signatures, secret sharing, and secure communication. However, there was no usable implementation, and several critical issues (for actual use) were not addressed.

In this work we report on a practical toolkit implementing the key proactive security mechanisms. The toolkit provides secure interfaces to make it easy for applications to recover from penetrations. The toolkit also addresses other critical implementation issues, such as the initialization of the proactive secure system. We describe the toolkit and discuss some of the potential applications. Some applications require minimal enhancements to the existing implementations - e.g. for secure logging (especially for intrusion detection), secure end-to-end communication and timestamping. Other applications require more significant enhancements, mainly distribution over multiple servers; examples are certification authority, key recovery, and secure file system or archive.

IP Multicast security: requirements, the search for solutions and the remaining challenges

Amit Kleinman
NDS Jerusalem

Multicast security is a necessity, not an option. This is particularly true in consideration of mission-critical or commercial use. Content must be protected, and user access to multicast content should be controlled. There are various service models each with its own characteristics. In this session I'll provide an overview of the multicast security requirements for commercial-grade application usage. I will survey the relevancy of existing security and discuss some of the approaches derived from the current models on cable and satellite television. I'll describe the work that is done in the IP multicast security research group of the IRTF (Internet Research Task Force) and eventually I'll provide a system approach to multicast security.

Establishing and Managing Proactive Content Security

Shimon Gruper
Executive VP, Aladdin Knowledge Systems, Ltd.
shimong@eAladdin.com

The advent of innovative Internet technologies has opened up new frontiers along with battlefields against malicious vandal programs that try to wreak havoc and jeopardize our dependence on the information superhighway.

Unfortunately, existing reactive anti-virus software products are limited in their ability to deal with Internet-specific vandal threats. Unlike viruses, vandal applications are Internet-aware and they do not linger in the users' computer in order to replicate because they use the Internet as their replication conduit. Vandals can replicate on the Internet, almost at the speed of light. Therefore there is no time for reactive solutions, such as virus definition updates.

Proactive Content Security means identifying all possible points of entry and securing them by inspecting all known threats, enforcing strict corporate content security policies and weeding out the unknown.

This paper will investigate ways to establish Proactive Content Security Policies for various Internet activities and propose effective means to maintain and manage such policies on an enterprise-wide scale.

Data Authentication at Gigabits per Second Speeds

Hugo Krawczyk, Technion

The physically-remote nature of electronic communications is changing the ways we verify the authenticity of things. The traditional use of human senses for determining authenticity is not available anymore in the new electronic medium. At the same time, in highly vulnerable networks such as in the Internet, authentication is an essential enabler of secure communications. Cryptography is addressing these needs by providing a variety of authenticity verification tools. One main mechanism, called a MAC (for "message authentication code"), allows two parties that share a secret key to communicate in a way that any unauthorized change to the transmitted information (either malicious or accidental) is detected with very high probability. MAC algorithms are becoming the most used cryptographic functions (when measured by the amount of information they process) even surpassing the use of encryption.

Due to this new reality we have seen in last years a considerable research effort in developing and analyzing MAC schemes that are at the same time secure and very fast. One particularly effective methodology for building these algorithms is the use of universal hashing, an approach suggested more than 20 years ago by Carter and Wegman but which has been neglected in practical authentication algorithms until very recently. In this talk we will survey some of the principles behind this methodology and provide an overview of the UMAC function which achieves well-analyzed security and is an order of magnitud faster than today's popular MAC algorithms. The core of UMAC is a super-fast universal hash family whose analysis is purely algebraic/combinatorial and which may well find additional non-cryptographic applications in traditional data structure applications, Web search tools, etc.

(The UMAC function has been developed in joint work with John Black, Shai Halevi, Ted Krovetz and Phil Rogaway.)