Jefferson's Wheel

Today (August 30th) we are hosting the Kickoff Meeting for our new NSF-funded 5-year project, Practical Secure Two-Party Computation: Techniques, Tools, and Applications. This is a collaborative research project with abhi shelat and Aaron Mackey at UVa, Michael Hicks and Jonathan Katz at the University of Maryland, and Steven Myers at Indiana University. The goal of the project is to make privacy-preserving computation practical and accessible enough to be used routinely in applications such as personalized genetics, medical research, and privacy-preserving biometrics. For more, see http://securecomputation.org.

The Computer Science department has moved into Rice Hall, our beautiful new building next to our former home in Olsson Hall.

Here are some pictures of the lab space for the Secure Research Group in Rice 442:

Yikan Chen and I are releasing a paper today on Auditing Information Leakage for Distance Metrics. The paper is a first step towards the goal of developing self-auditing secure computations that can determine when the output of a secure computation would leak too much information to be safe to release. Yikan will present the paper at the Third IEEE Conference on Privacy, Security, Risk and Trust in Boston, 9-11 October 2011.

Abstract. Many useful scenarios involve allowing untrusted users to run queries against secret data, so long as the results do not leak too much information. This problem has been studied widely for statistical queries, but not for queries with more direct semantics. In this paper, we consider the problem of auditing queries where the result is a distance metric between the query input and some secret data. We develop an efficient technique for estimating a lower bound on the entropy remaining after a series of query-responses that applies to a class of distance functions including Hamming distance. We also present a technique for ensuring that no individual bits of the secret sequence is leaked. In this paper, we formalize the information leakage problem, describe our design for a query auditor, and report on experiments showing the feasibility and effectiveness of our approach for sensitive sequences up to thousands of bits.

Full paper: [PDF, 10 pages]

Muzzammil Zaveri (BACS 2011), who worked in our group 2010-2011, and Ethan Fast (BACS 2011) have launched a new company, Proxino, that provides developers with a way of finding bugs in their site’s JavaScript code, as well as optimizing the loading and performance of scripts. Ethan and Muzzammil were funded by Y Combinator, starting in Summer 2011 (right after finishing their BACS degrees). Here’s an article about Proxino:
YC-Funded Proxino: Automated Error Reporting For Your Client-Side JavaScript, TechCrunch, 22 August 2011.

While he was a student here, Muzzammil worked on the GuardRails secure web application framework. Ethan worked in Westley Weimer‘s group on automated program repair.

Videos from all the talks at USENIX Security are now available on the conference site.

Here are the talks by UVa people:

• Peter Chapman (HotSec Workshop): Privacy-Preserving Applications on Smartphones and Q & A (extensive discussion session, including the other two talks in the session)
• Pieter Hooimeijer: Fast and Precise Sanitizer Analysis with BEK
• Adrienne Porter Felt (now at UC Berkeley): Permission Re-Delegation: Attacks and Defenses
• Michael Dietz (now at Rice University): QUIRE: Lightweight Provenance for Smart Phone Operating Systems
• Yan Huang: Faster Secure Two-Party Computation Using Garbled Circuits

I would also highly recommend Collin Jackson’s invited talk on Crossing the Chasm: Pitching Security Research to Mainstream Browser Vendors.

Forbes has an excellent interview with Karsten Nohl: Codebreaker Karsten Nohl: Why Your Phone Is Insecure By Design, Andy Greenberg, Forbes, 12 August 2011.

Nohl’s findings aren’t only meant to demonstrate that Nohl is an uber-skilled codebreaker. He argues that his work shows, more importantly, that phone encryption is made to be broken. Whether intentionally or unintentionally, he says, GPRS included flaws that its designers must have known about.

[Added 21 August] The Economist’s Babbage Blog also has an interesting article summarizing Karsten’s work on mobile phone security over the past few years: Living on the EDGE, 18 August 2011.

Dr Nohl stresses that the 11 minutes was just a first pass at writing the cracking software, and that his group used only modest equipment with no financial motive. Criminals, by contrast, could benefit mightily from accelerating the crack, he says, one reason his group has refrained from expounding the technique in detail. It has, however, pointed to some specific holes which ought to be plugged. The group found some networks disabled all security features, relying on the highly misguided notion that traffic could not be easily intercepted except by mobile operators. Having no security from the phone to a base station on a mast makes it easier to filter and monitor traffic.

In 2009 Dr Nohl and colleagues pointed out significant weaknesses to the base GSM standard. Their new attack focuses on General Packet Radio Service, better known as GPRS—a modest improvement to GSM—introduced commercially in 2000. GPRS allows rates of tens of kilobits per second (Kbps), while a subsequent tweak known as EDGE allows downstream rates of 200 to 400 Kbps. GPRS and EDGE are commonly referred to as 2.5G, sitting in between 2G and 3G network speeds.

Yan Huang’s talk on Faster Secure Two-Party Computation Using Garbled Circuits at USENIX Security 2011 is now available: [PPTX] [PDF].

You can also download our framework and try our Android demo application.

University of Virginia people at USENIX Security in Union Square
San Francisco, 10 August 2011

Front row (left-to-right):

• Joseph Calandrino (UVa BS Math with CS 2004, UVa MCS 2005, soon to finish a PhD at Princeton).
• Erika Chin (UVa BSCS 2007, now a PhD student at UC Berkeley)
• Michael Dietz (UVa BSCS 2008, now a PhD student at Rice University)
• Jiamin Chen (finishing a UVa BACS in 2012, currently an undergraduate researcher on secure computation)
• Brittany Harris (finishing a UVa BACS in 2013, currently an undergraduate researcher on secure computation)
• Sang Koo (finishing UVa BSCS and BSCpE in 2013, currently an undergraduate researcher on mobile secure computation)
• Yuchen Zhou (currently PhD student in Computer Engineering at UVa, working on web security
• Yikan Chen (currently a PhD student in Computer Engineering at UVa, working on auditing information leakage)
• Pieter Hooimeijer (nearly finished PhD student at UVa, working in Westley Weimer’s group on programming languages and security)

Back row:

• Nate Paul (UVa PhD 2008, now at Associate Professor at the University of Tennessee, with a joint appointment at Oak Ridge National Labs)
• Nicholas Christin (UVa PhD 2003, now faculty at CMU Cylab)
• Adrienne Porter Felt (UVa BSCS 2008, now PhD student at UC Berkeley)
• Samee Zahur (currently a PhD student in Computer Science at UVa, working on improving secure computations using partial evaluation)
• Austin DeVinney (visiting researcher at UVa, completing a BSCS at Radford University in 2012)
• Yan Huang (currently a PhD student at UVa, working on secure computation)

UVa students book-ended the symposium, with Pieter presenting the first paper (Fast and Precise Sanitizer Analysis with BEK), and Yan presenting the last paper (Faster Secure Two-Party Computation Using Garbled Circuits). Adrienne Felt (Permission Re-Delegation: Attacks and Defenses and Michael Dietz (Quire: Lightweight Provenance for Smart Phone Operating Systems) also presented papers in a session that I was privileged to chair. Erika Chin, Joseph Calandrino, and Nicholas Christin were also co-authors of papers, and Austin, Brittany, Jiamin, Samee, Yan, and Yuchen also presented posters. Peter Chapman (BACS 2012) also presented a paper at HotSec, but wasn’t able to stay for the rest of the symposium.

Our paper on side-channel analysis of web applications is now available:

Peter Chapman and David Evans. Automated Black-Box Detection of Side-Channel Vulnerabilities in Web Applications. In 18th ACM Conference on Computer and Communications Security (CCS 2011), Chicago, IL. 17-21 October 2011. [PDF, 12 pages]

The paper describes a black-box tool for detecting side-channel vulnerabilities by analyzing network traffic over repeated crawls of a web application. Our tool quantifies the severity of side-channel leaks in a web application, and gives web application developers a measure of the risk of information leakage against different types of adversaries. The frequent and highly dynamic client-server communication that is characteristic of modern web applications leaves them vulnerable to side-channel leaks where an adversary can learn about the state of the application and visitor’s choices, even over encrypted connections. Our approach provides a new way to quantify the severity of these vulnerabilities based on analyzing the results of traces of the web traffic using the Fisher criterion.

Peter will present the paper at CCS in Chicago in October.

Project Site

Several of our students presented posters at the USENIX Security Symposium Poster Session.