Peer-to-peer Sender Authentication for . Vivek Pathak and Liviu Iftode Rutgers University

Similar documents
Robust Decentralized Authentication for Public Keys and Geographic Location

Byzantine Fault Tolerant Public Key Authentication in Peer-to-Peer Systems

Improving Trustworthiness through Peer-to-peer Sender Authentication

Process groups and message ordering

Presented By: Devarsh Patel

ROBUST DECENTRALIZED AUTHENTICATION FOR PUBLIC KEYS AND GEOGRAPHIC LOCATION

Sleep/Wake Aware Local Monitoring (SLAM)

Distributed Systems. 09. State Machine Replication & Virtual Synchrony. Paul Krzyzanowski. Rutgers University. Fall Paul Krzyzanowski

Security for Structured Peer-to-peer Overlay Networks. Acknowledgement. Outline. By Miguel Castro et al. OSDI 02 Presented by Shiping Chen in IT818

Session key establishment protocols

Session key establishment protocols

Replication in Distributed Systems

Practical Byzantine Fault Tolerance. Miguel Castro and Barbara Liskov

SCP: A Computationally Scalable Byzantine Consensus Protocol for Blockchains

Basic vs. Reliable Multicast

X X C 1. Recap. CSE 486/586 Distributed Systems Gossiping. Eager vs. Lazy Replication. Recall: Passive Replication. Fault-Tolerance and Scalability

On Demand secure routing protocol resilient to Byzantine failures

Distributed Systems (ICE 601) Fault Tolerance

An On-demand Secure Routing Protocol Resilient to Byzantine Failures

CS 138: Practical Byzantine Consensus. CS 138 XX 1 Copyright 2017 Thomas W. Doeppner. All rights reserved.

Practical Byzantine Fault Tolerance. Castro and Liskov SOSP 99

An On-demand Secure Routing Protocol Resilient to Byzantine Failures. Routing: objective. Communication Vulnerabilities

Practical Byzantine Fault Tolerance (The Byzantine Generals Problem)

Practical Byzantine Fault

On the Effective Prevention of TLS Man-in-the-Middle Attacks in Web Applications

BitBill: Scalable, Robust, Verifiable Peer-to-Peer Billing for Cloud Computing

Trust-Propagation Based Authentication Protocol in Multihop Wireless Home Networks

System Models for Distributed Systems

Intuitive distributed algorithms. with F#

Curriculum 2013 Knowledge Units Pertaining to PDC

Security (and finale) Dan Ports, CSEP 552

Secure Routing and Transmission Protocols for Ad Hoc Networks

Semi-Passive Replication in the Presence of Byzantine Faults

CIS 5373 Systems Security

Atomicity. Bailu Ding. Oct 18, Bailu Ding Atomicity Oct 18, / 38

C 1. Today s Question. CSE 486/586 Distributed Systems Failure Detectors. Two Different System Models. Failure Model. Why, What, and How

Distributed Systems COMP 212. Lecture 19 Othon Michail

Dep. Systems Requirements

Fault Tolerance. Distributed Software Systems. Definitions

Kunal Mahajan Microsoft Corporation

The Tor Network. Cryptography 2, Part 2, Lecture 6. Ruben Niederhagen. June 16th, / department of mathematics and computer science

Authenticated Byzantine Fault Tolerance Without Public-Key Cryptography

System Models. 2.1 Introduction 2.2 Architectural Models 2.3 Fundamental Models. Nicola Dragoni Embedded Systems Engineering DTU Informatics

How Bitcoin achieves Decentralization. How Bitcoin achieves Decentralization

Credit-based Network Management

Capacity of Byzantine Agreement: Complete Characterization of Four-Node Networks

Chapter 4: Distributed Systems: Replication and Consistency. Fall 2013 Jussi Kangasharju

E-companion. Quiz for IT-knowledge

Managing SonicWall Gateway Anti Virus Service

SmarterMail Edition Comparison

2017 Paul Krzyzanowski 1

OUROBOROS PRAOS: AN ADAPTIVELY-SECURE, SEMI-SYNCHRONOUS

C 1. Recap. CSE 486/586 Distributed Systems Failure Detectors. Today s Question. Two Different System Models. Why, What, and How.

Group Key Establishment Protocols

CS /29/17. Paul Krzyzanowski 1. Fall 2016: Question 2. Distributed Systems. Fall 2016: Question 2 (cont.) Fall 2016: Question 3

Lecture 12. Application Layer. Application Layer 1

Distributed Systems Multicast & Group Communication Services

Best Practice - Protect Against TCP SYN Flooding Attacks with TCP Accept Policies

Early Measurements of a Cluster-based Architecture for P2P Systems

Fault Tolerance via the State Machine Replication Approach. Favian Contreras

Distributed systems. Lecture 6: distributed transactions, elections, consensus and replication. Malte Schwarzkopf

Ruminations on Domain-Based Reliable Broadcast

CIS Controls Measures and Metrics for Version 7

Communication. Distributed Systems IT332

Twitter Adaptation Layer Submitted for Drexel University s CS544

CIS Controls Measures and Metrics for Version 7

Wireless Network Security Spring 2015

A Scalable Smart Contracts Platform

Agreement in Distributed Systems CS 188 Distributed Systems February 19, 2015

Distributed Algorithms (PhD course) Consensus SARDAR MUHAMMAD SULAMAN

Virtual Multi-homing: On the Feasibility of Combining Overlay Routing with BGP Routing

Distributed Storage Systems: Data Replication using Quorums

Practical Byzantine Fault Tolerance

DISTRIBUTED SYSTEMS [COMP9243] Lecture 8a: Cloud Computing WHAT IS CLOUD COMPUTING? 2. Slide 3. Slide 1. Why is it called Cloud?

Problems in Reputation based Methods in P2P Networks

Blockchain. CS 240: Computing Systems and Concurrency Lecture 20. Marco Canini

Very Fast Containment of Scanning Worms. Nicholas Weaver, Stuart Staniford, Vern Paxson ICSI, Nevis Networks, ICSI & LBNL

Rule based Forwarding (RBF): improving the Internet s flexibility and security. Lucian Popa, Ion Stoica, Sylvia Ratnasamy UC Berkeley Intel Labs

Failures, Elections, and Raft

Problem: Equivocation!

Middleware and Distributed Systems. System Models. Dr. Martin v. Löwis

Wireless Network Security Spring 2016

Distributed Systems 11. Consensus. Paul Krzyzanowski

Fault Tolerance. Basic Concepts

MANRS. Mutually Agreed Norms for Routing Security. Jan Žorž

Secure Algorithms and Data Structures for Massive Networks

The Timed Asynchronous Distributed System Model By Flaviu Cristian and Christof Fetzer

Mutually Agreed Norms for Routing Security NAME

MDaemon Vs. SmarterMail Enterprise Edition

Byzantine fault tolerance. Jinyang Li With PBFT slides from Liskov

System models for distributed systems

Deployment Guides. Help Documentation

Beyond Blind Defense: Gaining Insights from Proactive App Sec

Efficient Content Authentication in Peer-to-peer Networks

CUSTOMER CONTROL PANEL... 2 DASHBOARD... 3 HOSTING &

Consensus Problem. Pradipta De

MDaemon Vs. SmarterMail Enterprise Edition

CSE 486/586 Distributed Systems

Replication and Consistency. Fall 2010 Jussi Kangasharju

Q.1. (a) [4 marks] List and briefly explain four reasons why resource sharing is beneficial.

Transcription:

Peer-to-peer Sender Authentication for Email Vivek Pathak and Liviu Iftode Rutgers University

Email Trustworthiness Sender can be spoofed

Need for Sender Authentication Importance depends on sender

Update on Spam Filters Circumvention of content based spam classification False positives

End-to-end Issues Can the mail server decide importance for the receiver?

Characteristics of Email Social networks of collaborating users Usability expectation Limited trust infrastructure Automatic authentication Asynchronous Delayed authentication is better than none

Outline Byzantine fault tolerant public key authentication Application to Email Basis of sender authentication for email Thunderbird sender authentication plugin Usability Micro-benchmark Simulation on University and Industry mail trace

Public-key Authentication Model Mutually authenticating peers Associate network end-point to public key Asynchronous network No partitioning Eventual delivery after retransmissions Disjoint message transmission paths Man-in-the-middle attack on Ø fraction of peers

Attack Model Malicious peers Honest majority At most t of the n peers are faulty or malicious peers where t = 1-6Ø/3 n Passive adversaries Active adversaries Relax network-is-the-adversary model Unlimited spoofing Limited power to prevent message delivery

Authentication Sketch Challenge-response protocol B A No active attacks Man in the middle attack KA Limited number of attacks Proof of possession of Ka KA(NB) NB {b,a,challenge,ka(nb)}b, {a,b,response, Nb}a

Authentication Sketch Distributed Authentication Challenge response from multiple peers Gather proofs of possession Lack of consensus on authenticity D Malicious peers Man-in-the-middle attack B C A E F Detect and correct through Byzantine agreement on authenticity of KA

Scalability of Authentication Authentication cost and group size Scale to large peer-to-peer network Tolerate bad group selection Operate on local trusted group Periodic recycling of group members Eventual authentication Operate through epidemic algorithm Eliminate direct connectivity requirement Improve messaging cost

Outline Byzantine fault tolerant public key authentication Application to Email Basis of sender authentication for email Thunderbird sender authentication plugin Usability Micro-benchmark Simulation on University and Industry mail trace

Sender Authentication Design Backward Compatibility SMTP ignores user defined fields Operate as an overlay on SMTP

Overlay Limits Size limit 32Kb on SMTP header High compression for XML format protocol messages 300 message limit

Authentication Load About 20% emails are to new peers

Trusted Group Size Authentication messages per email Peers to authenticate per email System limitation 300 Mailbox observation 1/5 Quota of 1500 messages per peer Protocol messaging cost analysis Trusted group size limit 75

Sender Authentication Plugin Thunderbird mail client XPCOM layer Implements Public-key authentication Javascript layer Transfer protocol messages to and from SMTP extension fields

Sender Authentication Plugin Thunderbird Mail Client User Interface Shared Object nsisupports Events Authentication Interface Scripted Extension Access Authentication Adapter XPCOM Byzantine Fault Tolerant Authentication Library Authentication Data

Bootstrapping Trusted Group University mail trace shows Receiving bias

Bootstrapping Trusted Group Required for automatic operation Select trusted group Two-way Outgoing Selected 53 peers with 10 or more trusted peers using Two-way

Implementation Status Email application Automatic sender authentication Overlay authentication protocol on SMTP Available as Thunderbird extension module Tested on 32bit and 64bit Linux http://discolab.rutgers.edu/sam

Implementation Screenshot

Outline Byzantine fault tolerant public key authentication Application to Email Basis of sender authentication for email Thunderbird sender authentication plugin Usability Micro-benchmark Simulation on University and Industry mail trace

Micro-benchmarks Record the processing time overhead Average over multiple messages Operational parameters Public key length Trusted group size

Overhead with Trusted Group Size Increasing on Sender Serialization and compression of larger messages

Overhead with Key Length Increasing on receiver Digital signature verification Responding to challenges

Micro-benchmark Summary Sending path overhead of 250ms Receiving path overhead of 500ms Can be done asynchronously Acceptable level of overhead

Simulation Study Process the entire email trace on a single machine Anonymous log records from mail server Exact times have been removed University trace of 92 days and 1.19M messages Industry trace of 56 days and 2.5M messages

Overhead on Email Size Recover the designed 10KB overhead

Disk Space Usage Epidemic algorithm overhead Trusted group size is 100 Overhead about 10MB per peer

Completion of Authentication University Trace Partial completion on 92 day trace About 40% of peers authenticated

Completion of Authentication Industry Trace Reduced progress Trace collected upstream of spam filter Effectiveness of Authentication is near 40%

Trace Analysis Study Achieve 40% completion on about 3 months of email traffic Using two way bootstrapping group Effectiveness depends on bootstrapping group selection Modest cache overhead Message overhead is respected as designed

Conclusion Implemented and evaluated automatic sender authentication for email Future work Data collection from deployment Improve bootstrapping group selection Address authenticity vs. importance

Q&A

Peer-to-peer Sender Authentication for Email Extra Slides

Extra Slides Outline Authentication protocol details Distributed Authentication Byzantine Agreement Trust Groups Public Key Infection Simulation results Group size Malicious peers

Authentication Model Challenge-response protocolb KA A No active attacks Man in the middle attack Limited number of attacks KA(NB) NB Proof of possession of Ka {b,a,challenge,ka(r)}b, {a,b,response,r}a

Authentication Model Distributed Authentication Challenge response from multiple peers Gather proofs of possession B A E Lack of consensus on authenticity D Malicious peers Man-in-the-middle attack C F

Authentication Correctness Validity of proofs of possession {e,a,challenge,ka(r)}e, {a,e,response,r}a All messages are signed D C B Required for proving malicious behavior Recent proofs stored by the peers From peers From A PB PC PD PE PF PB PC PD PE PF A E F

Byzantine Agreement Overview Publicize lack of consensus Each peer tries to authenticate A Authenticating peer sends proofs of possession to peers Sends its proof-of-possession vector to every peer Byzantine agreement on authenticity of KA Majority decision at every peer Identify malicious peers Complete authentication From B From C From D From E From F 1 1 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 1 1 1 1 0 1 1

Byzantine Agreement Correctness Overview Consider proofs received at a peer P t malicious peers Set of Peers of P Φn on compromised path to A Φn on compromised path to P

Byzantine Agreement Correctness Overview t + 2Øn may not arrive t + 2Øn may be faulty P receives at least n-t-2øn proofs P receives at least n-2t-4øn correct agreeing proofs P decides correctly by majority if n-2t-4øn > t + 2Øn Agreement is correct if t < 1-6Ø /3 n

Trust Groups Execute Authentication on smaller Trust groups Quadratic messaging cost Peer interest Trusted group Authenticated public keys Not (overtly) malicious Probationary group Un-trusted group Known to be malicious

Growth of Trust Groups Governed by communication patterns Discovery of new peers Authentication of discovered peers Addition to trusted set Discovery of untrusted peers

Evolution of Trust Groups Covertly malicious peers May wait until honest majority is violated Lead to incorrect authentication Periodic pruning of trusted group Unresponsive peers Remove older trusted peers from trust group Reduce messaging cost Randomize trusted group membership Group migration event Probability of violating honest majority

Bootstrapping Trust Group Authentication needs an honest trust group Initialize a Bootstrapping trust group Needed for cold start Authenticate each bootstrapping peer Size of bootstrapping trust group Recover from trusting a malicious peer n > 3/1-6Ø

Public Key Infection Optimistic trust Lazy authentication Reduced messaging cost Cache of undelivered messages Use peers for epidemic propagation of messages Anti-entropy sessions eventually deliver messages Infect peers with new undelivered messages

Public Key Infection Use logical and vector timestamps Determine messages to exchange for anti-entropy Detect message delivery Double exponential drop in number of uninfected peers with time Number of cached messages is in O(nlogn)

Extra Slides Outline Authentication protocol details Distributed Authentication Byzantine Agreement Trust Groups Public Key Infection Simulation results Group size Malicious peers

Simulation Implemented Byzantine Fault Tolerant Authentication as a C++ library Simulation program Make library calls and keeps counters Study effects of Group size Malicious peers

Effects of Group Size Constant Cost for trusted peers Probationary peers process O(n2) messages Trust graph does not affect the cost Randomized trusted sets from Bi-directional trust

Effects of Malicious Peers Rapid increase of messaging cost With group size With proportion of malicious peers Byzantine agreement has quadratic messaging cost

Conclusion Autonomous authentication without trusted third party Tolerate malicious peers Incremental approach to security Suited for low value peer-to-peer systems Suited for applications spanning multiple administrative domains Scalable to large peer-to-peer systems Eliminate total trust and single point of failure Made feasible by using stronger network assumptions Network adversary is not all powerful

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback