Despite the best efforts of application designers, security configuration interfaces are hard to ... more Despite the best efforts of application designers, security configuration interfaces are hard to use. The conventional wisdom for designing consumer applications does not work for designing security applications. Using 802.11 networks as a case study, we present a set of principles for the design of configuration interfaces. The key insight is that users have a difficult time translating their goals for wireless network security into specific feature configurations. We design and implement a configuration interface that guides users through an 802.11 wireless network configuration. We overcome users' configuration difficulties by automating the translation from high-level goals to low-level feature configurations. The design empowers non-expert users to securely configure their networks as well as expert users. We also design and conduct a user study which demonstrates that users perform dramatically better using our prototype, as compared with the two most popular commercial ac...
Extensible Authentication Protocol (EAP) Method Requirements for Wireless LANs Status of this Mem... more Extensible Authentication Protocol (EAP) Method Requirements for Wireless LANs Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2005). The IEEE 802.11i MAC Security Enhancements Amendment makes use of IEEE 802.1X, which in turn relies on the Extensible Authentication Protocol (EAP). This document defines requirements for EAP methods used in IEEE 802.11 wireless LAN deployments. The material in this document has been approved by IEEE 802.11 and is being presented as an IETF RFC for informational purposes.
2016 IEEE First International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE), 2016
A logger in the cloud capable of keeping a secure, time-synchronized and tamper-evident log of me... more A logger in the cloud capable of keeping a secure, time-synchronized and tamper-evident log of medical device and patient information allows efficient forensic analysis in cases of adverse events or attacks on interoperable medical devices. A secure logger as such must meet requirements of confidentiality and integrity of message logs and provide tamper-detection and tamper-evidence. In this paper, we propose a design for such a cloud-based secure logger using the Intel Software Guard Extensions (SGX) and the Trusted Platform Module (TPM). The proposed logger receives medical device information from a dongle attached to a medical device. The logger relies on SGX, TPM and standard encryption to maintain a secure communication channel even on an untrusted network and operating system. We also show that the logger is resilient against different kinds of attacks such as Replay attacks, Injection attacks and Eavesdropping attacks.
This document defines a set of vendor-specific RADIUS Attributes designed to allow both the secur... more This document defines a set of vendor-specific RADIUS Attributes designed to allow both the secure transmission of cryptographic keying material and strong authentication of any RADIUS message. These attributes have been allocated from the Cisco vendor-specific space and have been implemented by multiple vendors. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6218. IESG Note The IESG has concluded that this work is related to IETF work done in the RADEXT WG, but this relationship does not prevent publishing. The IESG recommends that the RADEXT WG proceed with the work for an interoperable modern key wrap solution using attributes from the standard space as part of its charter.
Securing Block Storage Protocols over IP Status of this Memo This document specifies an Internet ... more Securing Block Storage Protocols over IP Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
Status of This Memo This document specifies an Internet standards track protocol for the Internet... more Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
Status of this Memo This memo provides information for the Internet community. It does not specif... more Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
Multi‐hop routing is essential to the operation of wireless ad hoc networks. Unfortunately, it is... more Multi‐hop routing is essential to the operation of wireless ad hoc networks. Unfortunately, it is very easy for an adversary to forge or modify routing messages to inflict severe damage on the underlying routing protocol. In this paper, we present SEAR, a secure efficient ad hoc routing (SEAR) protocol for ad hoc networks that is mainly based on efficient symmetric cryptography, with asymmetric cryptography used only for the distribution of initial key commitments. SEAR uses one‐way hash functions to protect the propagation of the routing messages. Intermediate nodes verify the routing messages by applying one‐way functions, while malicious nodes cannot construct beneficial false routing messages when forwarding them. Route error (RERR) messages are protected through a variation of the TESLA broadcast authentication scheme. The SEAR protocol does not require any additional routing packet formats, and thus follows the same basic design as ad hoc on‐demand distance vector (AODV). We s...
The proliferation of advanced technologies has been altering our lifestyle and social interaction... more The proliferation of advanced technologies has been altering our lifestyle and social interactions-the next frontier is the digital home. Although the future of smart homes is promising, many technical challenges must be addressed to achieve convenience and security. In this paper, we delineate the unique combination of security challenges specically for access control and consider the challenges of how to simply and securely assign access control policies to visitors for home devices and resources. We present a set of intuitive access control policies and suggest four access control settings based on our in-person interview results. Furthermore, we propose the automated Clairvoyant access right assignment (CARA) mechanism that utilizes home owners' social relationship to automatically deduce to which class a visitor belongs. The combination of CARA and the suggested mapping provides a promising rst step for home policy assignment such that nonexpert home owners can let visitors use their home network with condence. We anticipate that future research can build on our proposed mechanisms to provide condence to non-expert home owners for letting visitors use their home network.
International Journal of Security and Networks, 2009
Spontaneous interactions between end users and devices are generally secured by human actions. Ev... more Spontaneous interactions between end users and devices are generally secured by human actions. Evaluating whether end users are able to perform these actions correctly can be challenging. Basic, textbook-style user study methods make assumptions that may not hold for security applications. In this piece, we outline five major user study assumptions. Using 802.11 network configuration as a case study, we also show how to adapt existing user study methods for evaluating security applications. We model how security experts might approach the configuration of their own home networks. Next, we combine several methods to design a study that pinpoints where end users encounter difficulties during configuration. Finally, we discuss the findings from our user study.
Understanding the difficulties in security protocol design and attempting to relocate the struggl... more Understanding the difficulties in security protocol design and attempting to relocate the struggle between hacker and defender to a different protocol layer.
The IEEE 802.11 standard [1] defines the Wired Equivalent Privacy, or WEP, encapsulation of 802.1... more The IEEE 802.11 standard [1] defines the Wired Equivalent Privacy, or WEP, encapsulation of 802.11 data frames. The goal of WEP is to provide data privacy to the level of a wired network. The 802.11 design community generally concedes that the WEP encapsulation fails to meet its design goal, but widely attributes this failure to WEP's use of 40-bit RC4 (see [2] or [3] for a description of RC4) as its encryption mechanism. Even at this late date, it is still repeatedly suggested, asserted, and assumed that WEP could meet its design goal by migrating from 40-bit to 104-or 128-bit RC4 keys instead.
Skein is a new family of cryptographic hash functions. Its design combines speed, security, simpl... more Skein is a new family of cryptographic hash functions. Its design combines speed, security, simplicity, and a great deal of flexibility in a modular package that is easy to analyze. Skein is fast. Skein-512-our primary proposal-hashes data at 6.1 clock cycles per byte on a 64-bit CPU. This means that on a 3.1 GHz x64 Core 2 Duo CPU, Skein hashes data at 500 MBytes/second per core-almost twice as fast as SHA-512 and three times faster than SHA-256. An optional hashtree mode speeds up parallelizable implementations even more. Skein is fast for short messages, too; Skein-512 hashes short messages in about 1000 clock cycles. Skein is secure. Its conservative design is based on the Threefish block cipher. Our current best attack on Threefish-512 is on 25 of 72 rounds, for a safety factor of 2.9. For comparison, at a similar stage in the standardization process, the AES encryption algorithm had an attack on 6 of 10 rounds, for a safety factor of only 1.7. Additionally, Skein has a number of provably secure properties, greatly increasing confidence in the algorithm. Skein is simple. Using only three primitive operations, the Skein compression function can be easily understood and remembered. The rest of the algorithm is a straightforward iteration of this function. Skein is flexible. Skein is defined for three different internal state sizes-256 bits, 512 bits, and 1024 bits-and any output size. This allows Skein to be a drop-in replacement for the entire SHA family of hash functions. A completely optional and extendable argument system makes Skein an efficient tool to use for a very large number of functions: a PRNG, a stream cipher, a key derivation function, authentication without the overhead of HMAC, and a personalization capability. All these features can be implemented with very low overhead. Together with the Threefish large-block cipher at Skein's core, this design provides a full set of symmetric cryptographic primitives suitable for most modern applications. Skein is efficient on a variety of platforms, both hardware and software. Skein-512 can be implemented in about 200 bytes of state. Small devices, such as 8-bit smart cards, can implement Skein-256 using about 100 bytes of memory. Larger devices can implement the larger versions of Skein to achieve faster speeds. Skein was designed by a team of highly experienced cryptographic experts from academia and industry, with expertise in cryptography, security analysis, software, chip design, and implementation of real-world cryptographic systems. This breadth of knowledge allowed them to create a balanced design that works well in all environments.
The proliferation of advanced technologies has been altering our lifestyle and social interaction... more The proliferation of advanced technologies has been altering our lifestyle and social interactions–the next frontier is the digital home. Although the future of smart homes is promising, many technical challenges must be addressed to achieve convenience and security. In this paper, we delineate the unique combination of security challenges specifically for access control and consider the challenges of how to simply and securely assign access control policies to visitors for home devices and resources. As an initial ...
Securing Block Storage Protocols over IP Status of this Memo This document specifies an Internet ... more Securing Block Storage Protocols over IP Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document discusses how to secure block storage and storage discovery protocols running over IP (Internet Protocol) using IPsec and IKE (Internet Key Exchange). Threat models and security protocols are developed for iSCSI (Internet Protocol Small Computer System Interface), iFCP (Internet Fibre Channel Storage Networking) and FCIP (Fibre Channel over TCP/IP), as well as the iSNS (Internet Storage Name Server) and SLPv2 (Service Location Protocol v2) discovery protocols. Performance issues and resource constraints are analyzed.
Despite the best efforts of application designers, security configuration interfaces are hard to ... more Despite the best efforts of application designers, security configuration interfaces are hard to use. The conventional wisdom for designing consumer applications does not work for designing security applications. Using 802.11 networks as a case study, we present a set of principles for the design of configuration interfaces. The key insight is that users have a difficult time translating their goals for wireless network security into specific feature configurations. We design and implement a configuration interface that guides users through an 802.11 wireless network configuration. We overcome users' configuration difficulties by automating the translation from high-level goals to low-level feature configurations. The design empowers non-expert users to securely configure their networks as well as expert users. We also design and conduct a user study which demonstrates that users perform dramatically better using our prototype, as compared with the two most popular commercial ac...
Extensible Authentication Protocol (EAP) Method Requirements for Wireless LANs Status of this Mem... more Extensible Authentication Protocol (EAP) Method Requirements for Wireless LANs Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2005). The IEEE 802.11i MAC Security Enhancements Amendment makes use of IEEE 802.1X, which in turn relies on the Extensible Authentication Protocol (EAP). This document defines requirements for EAP methods used in IEEE 802.11 wireless LAN deployments. The material in this document has been approved by IEEE 802.11 and is being presented as an IETF RFC for informational purposes.
2016 IEEE First International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE), 2016
A logger in the cloud capable of keeping a secure, time-synchronized and tamper-evident log of me... more A logger in the cloud capable of keeping a secure, time-synchronized and tamper-evident log of medical device and patient information allows efficient forensic analysis in cases of adverse events or attacks on interoperable medical devices. A secure logger as such must meet requirements of confidentiality and integrity of message logs and provide tamper-detection and tamper-evidence. In this paper, we propose a design for such a cloud-based secure logger using the Intel Software Guard Extensions (SGX) and the Trusted Platform Module (TPM). The proposed logger receives medical device information from a dongle attached to a medical device. The logger relies on SGX, TPM and standard encryption to maintain a secure communication channel even on an untrusted network and operating system. We also show that the logger is resilient against different kinds of attacks such as Replay attacks, Injection attacks and Eavesdropping attacks.
This document defines a set of vendor-specific RADIUS Attributes designed to allow both the secur... more This document defines a set of vendor-specific RADIUS Attributes designed to allow both the secure transmission of cryptographic keying material and strong authentication of any RADIUS message. These attributes have been allocated from the Cisco vendor-specific space and have been implemented by multiple vendors. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6218. IESG Note The IESG has concluded that this work is related to IETF work done in the RADEXT WG, but this relationship does not prevent publishing. The IESG recommends that the RADEXT WG proceed with the work for an interoperable modern key wrap solution using attributes from the standard space as part of its charter.
Securing Block Storage Protocols over IP Status of this Memo This document specifies an Internet ... more Securing Block Storage Protocols over IP Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
Status of This Memo This document specifies an Internet standards track protocol for the Internet... more Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
Status of this Memo This memo provides information for the Internet community. It does not specif... more Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
Multi‐hop routing is essential to the operation of wireless ad hoc networks. Unfortunately, it is... more Multi‐hop routing is essential to the operation of wireless ad hoc networks. Unfortunately, it is very easy for an adversary to forge or modify routing messages to inflict severe damage on the underlying routing protocol. In this paper, we present SEAR, a secure efficient ad hoc routing (SEAR) protocol for ad hoc networks that is mainly based on efficient symmetric cryptography, with asymmetric cryptography used only for the distribution of initial key commitments. SEAR uses one‐way hash functions to protect the propagation of the routing messages. Intermediate nodes verify the routing messages by applying one‐way functions, while malicious nodes cannot construct beneficial false routing messages when forwarding them. Route error (RERR) messages are protected through a variation of the TESLA broadcast authentication scheme. The SEAR protocol does not require any additional routing packet formats, and thus follows the same basic design as ad hoc on‐demand distance vector (AODV). We s...
The proliferation of advanced technologies has been altering our lifestyle and social interaction... more The proliferation of advanced technologies has been altering our lifestyle and social interactions-the next frontier is the digital home. Although the future of smart homes is promising, many technical challenges must be addressed to achieve convenience and security. In this paper, we delineate the unique combination of security challenges specically for access control and consider the challenges of how to simply and securely assign access control policies to visitors for home devices and resources. We present a set of intuitive access control policies and suggest four access control settings based on our in-person interview results. Furthermore, we propose the automated Clairvoyant access right assignment (CARA) mechanism that utilizes home owners' social relationship to automatically deduce to which class a visitor belongs. The combination of CARA and the suggested mapping provides a promising rst step for home policy assignment such that nonexpert home owners can let visitors use their home network with condence. We anticipate that future research can build on our proposed mechanisms to provide condence to non-expert home owners for letting visitors use their home network.
International Journal of Security and Networks, 2009
Spontaneous interactions between end users and devices are generally secured by human actions. Ev... more Spontaneous interactions between end users and devices are generally secured by human actions. Evaluating whether end users are able to perform these actions correctly can be challenging. Basic, textbook-style user study methods make assumptions that may not hold for security applications. In this piece, we outline five major user study assumptions. Using 802.11 network configuration as a case study, we also show how to adapt existing user study methods for evaluating security applications. We model how security experts might approach the configuration of their own home networks. Next, we combine several methods to design a study that pinpoints where end users encounter difficulties during configuration. Finally, we discuss the findings from our user study.
Understanding the difficulties in security protocol design and attempting to relocate the struggl... more Understanding the difficulties in security protocol design and attempting to relocate the struggle between hacker and defender to a different protocol layer.
The IEEE 802.11 standard [1] defines the Wired Equivalent Privacy, or WEP, encapsulation of 802.1... more The IEEE 802.11 standard [1] defines the Wired Equivalent Privacy, or WEP, encapsulation of 802.11 data frames. The goal of WEP is to provide data privacy to the level of a wired network. The 802.11 design community generally concedes that the WEP encapsulation fails to meet its design goal, but widely attributes this failure to WEP's use of 40-bit RC4 (see [2] or [3] for a description of RC4) as its encryption mechanism. Even at this late date, it is still repeatedly suggested, asserted, and assumed that WEP could meet its design goal by migrating from 40-bit to 104-or 128-bit RC4 keys instead.
Skein is a new family of cryptographic hash functions. Its design combines speed, security, simpl... more Skein is a new family of cryptographic hash functions. Its design combines speed, security, simplicity, and a great deal of flexibility in a modular package that is easy to analyze. Skein is fast. Skein-512-our primary proposal-hashes data at 6.1 clock cycles per byte on a 64-bit CPU. This means that on a 3.1 GHz x64 Core 2 Duo CPU, Skein hashes data at 500 MBytes/second per core-almost twice as fast as SHA-512 and three times faster than SHA-256. An optional hashtree mode speeds up parallelizable implementations even more. Skein is fast for short messages, too; Skein-512 hashes short messages in about 1000 clock cycles. Skein is secure. Its conservative design is based on the Threefish block cipher. Our current best attack on Threefish-512 is on 25 of 72 rounds, for a safety factor of 2.9. For comparison, at a similar stage in the standardization process, the AES encryption algorithm had an attack on 6 of 10 rounds, for a safety factor of only 1.7. Additionally, Skein has a number of provably secure properties, greatly increasing confidence in the algorithm. Skein is simple. Using only three primitive operations, the Skein compression function can be easily understood and remembered. The rest of the algorithm is a straightforward iteration of this function. Skein is flexible. Skein is defined for three different internal state sizes-256 bits, 512 bits, and 1024 bits-and any output size. This allows Skein to be a drop-in replacement for the entire SHA family of hash functions. A completely optional and extendable argument system makes Skein an efficient tool to use for a very large number of functions: a PRNG, a stream cipher, a key derivation function, authentication without the overhead of HMAC, and a personalization capability. All these features can be implemented with very low overhead. Together with the Threefish large-block cipher at Skein's core, this design provides a full set of symmetric cryptographic primitives suitable for most modern applications. Skein is efficient on a variety of platforms, both hardware and software. Skein-512 can be implemented in about 200 bytes of state. Small devices, such as 8-bit smart cards, can implement Skein-256 using about 100 bytes of memory. Larger devices can implement the larger versions of Skein to achieve faster speeds. Skein was designed by a team of highly experienced cryptographic experts from academia and industry, with expertise in cryptography, security analysis, software, chip design, and implementation of real-world cryptographic systems. This breadth of knowledge allowed them to create a balanced design that works well in all environments.
The proliferation of advanced technologies has been altering our lifestyle and social interaction... more The proliferation of advanced technologies has been altering our lifestyle and social interactions–the next frontier is the digital home. Although the future of smart homes is promising, many technical challenges must be addressed to achieve convenience and security. In this paper, we delineate the unique combination of security challenges specifically for access control and consider the challenges of how to simply and securely assign access control policies to visitors for home devices and resources. As an initial ...
Securing Block Storage Protocols over IP Status of this Memo This document specifies an Internet ... more Securing Block Storage Protocols over IP Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document discusses how to secure block storage and storage discovery protocols running over IP (Internet Protocol) using IPsec and IKE (Internet Key Exchange). Threat models and security protocols are developed for iSCSI (Internet Protocol Small Computer System Interface), iFCP (Internet Fibre Channel Storage Networking) and FCIP (Fibre Channel over TCP/IP), as well as the iSNS (Internet Storage Name Server) and SLPv2 (Service Location Protocol v2) discovery protocols. Performance issues and resource constraints are analyzed.
Uploads
Papers by Jesse Walker