InfoSec 2015 Summer School on Information Security Bilbao Privacy in an Electronic World A Lost Cause? Dr. Jan Camenisch Cryptography & Privacy Principal Research Staff Member Member, IBM Academy of Technology jca@zurich.ibm.com @JanCamenisch ibm.biz/jancamenisch
We all have lots of data, and many are personal 2 2015 Information Security Summer School - Bilbao
use them with different devices, store them anywhere and leave collateral data while doing so to make things worse: it's en vogue to let users manage their data :-( 3 2015 Information Security Summer School - Bilbao
...but how can we protect them????? 4 2015 Information Security Summer School - Bilbao
Houston, we have a problem! ᄅ 5 2015 Information Security Summer School - Bilbao
Houston, we have a problem! ᄅ Buzz Aldrin's footprints are still up there (Robin Wilton) 6 2015 Information Security Summer School - Bilbao
Computers don't forget! Data storage ever cheaper store by default also collateral collection, surveillance cameras, Google Street View with wireless traffic, Apple location history,...! Data mining ever better self-training algorithms cleverer than their designers not just trend detection, even prediction, e.g., flu pandemics, ad clicks, purchases, what about health insurance, criminal behavior?! The world as we know it Humans forget most things too quickly Paper collects dust in drawers We build apps with the paper-based world in mind :-( if it works it works security too often still an afterthought implementors too often have no crypto education 7 2015 Information Security Summer School - Bilbao
Where's all my data? The ways of data are hard to understand! Devices, operating systems, & apps are getting more complex and intertwined Mashups, Ad networks Not visible to users, and experts Data processing changes constantly! And the cloud makes it worse... Processing machines can be moved around w/out borders Far too easy to lose (control over) data and to collect data! 8 2015 Information Security Summer School - Bilbao
You have no privacy, get over it...?!? The NSA has all our data anyway I have nothing to hide!! Huge security problem! Millions of hacked passwords (100'000 followers $115-2013) Stolen identities ($150-2005, $15-2009, $5 2013)! Difficult to put figures down Credit card fraud Spam & marketing Manipulating stock ratings, etc.. (Industrial) espionage! We know secret services can do it easily, but they are not the only ones but this is not about homeland security and there are limits to the degree of protection that one can achieve! last but not least: data are the new money, so they need to be protected! 9 2015 Information Security Summer School - Bilbao
Privacy a lost case? No, but we need paradigm shift & build stuff for the moon rather than the sandy beach! 10 2015 Information Security Summer School - Bilbao
What does that mean?! Apply Data Minimization Privacy & Security by Design Require (users to reveal) only the data that are really needed Do not design with the sandy beach beach in mind! Encrypt every bit Data should never ever be in the clear process it in the encrypted domain still need to manage keys carefully Needs to support switching of cryptographic algorithms symmetric key crypto gets broken at times beware of quantum computers! Attach usage & access control policy to every bit enforce need to know honest but curious probably good enough 11 2015 Information Security Summer School - Bilbao
What does it mean: the electronic gap! Strong security requires strong cryptographic authentication! Humans rarely can remember cryptographic keys let alone compute with them! From Humans to Keys the electronic gap Smart cards, HW tokens: a nuisance! Passwords: are dead?! Biometrics: cannot change them, too easily fooled?? 12 2015 Information Security Summer School - Bilbao
What does that mean? We do have the technology/crypto, but it is hardly used! Deemed too expensive! Too hard to manage all the keys, fear of loosing keys! Protecting data is considered futile! Often required by law, but these are w/out teeth! Debate about legality of encryption V2.0 On the positive side! Importance of security and privacy increasingly recognized! Laws are revised 13 2015 Information Security Summer School - Bilbao
Cryptography to the Aid 14 2015 Information Security Summer School - Bilbao
I. Human Computer Authentication Done Right PW PW correct? Password-based cryptography Off-line vs on-line attacks Solution: distributed password verification Done s.t. no info depends solely on password Must work even for short passwords (mobile) 15 2015 Information Security Summer School - Bilbao
The problem with passwords password salted PW hash correct? correct? correct? correct? correct? correct? correct!!! Passwords are symmetric and get lost too often! Password (hashes) useless against offline attacks Human-memorizable passwords are inherently weak NIST: 16-character passwords have 30 bits of entropy 1 billion possibilities Rig of 25 GPUs tests 350 billion possibilities / second, so 3ms for 16 chars 60% of LinkedIn passwords cracked within 24h! More expensive hash functions provide very little help only increases verification time as well does not work for short passwords such as pins etc! Single-server solutions inherently vulnerable to offline attacks Server / administrator / hacker can always guess & test 16 2015 Information Security Summer School - Bilbao
Solution: distributed password protocols Basic idea: multi-server password verification protocols split password for verification no server alone can test password no piece of information depends on password E= Enc X (p) X 1 E' = Enc X (1/p') E = Enc X (p/p') E' E' p' = p? Dec X (E') = 1? E=Enc X (p) Off-line attacks no longer possible! X 2 On-line attacks detectable and handleable (throttling) 17 2015 Information Security Summer School - Bilbao
Many different protocols [CLN'12,CLLN'14,CEN'15] Extensions: Servers could send key share to user if p=p': password to strong crypto key Many servers Asymmetric setting: user device plus one server (or many server) PW Password verification Password protected decryption of stored data (hard disk etc) Password-protect joint signing... Virtual Smart Card/Security Token 18 2015 Information Security Summer School - Bilbao
II. Data Minimizing Authorization & Authentication w/ ABCs (Public Verification Key) Are you > 12?! Service provider tells user what attribute are required! User transforms credentials into a token with just these attributes! Service provider can verify token w.r.t. issuers' verification keys More on this: www.zurich.ibm.com/idemix and later today 19 2015 Information Security Summer School - Bilbao
III. Protecting our information using keys Encrypt and Authenticate Users (to Users):! Technology available (mostly) Storage (Hard disk encryption, encrypted volumes) Transmission (Email, SSL/Browsers, ) Instant messaging, depends on implementation! But more research is needed PKI/CA problematic (Diginotar) need better approaches Dealing with keys still hard for users need apps & better solutions Backup & syncing between the devices could use the cloud, but that reveals tons of co-lateral information use our own cloud / router 20 2015 Information Security Summer School - Bilbao
III. Protecting our information using keys Encrypt and Authentication Users to Service Providers! Authentication still username & password :-( And still gets broken Alternatives available (c.f. slides before) FIDO Identity Mixer :-)! Encryption (e.g., user documents stored on servers) Mostly out of control of user but solvable with std crypto & key mgmt Often password based (linked to authentication) Encrypt and Authentication Devices (IoT)! The Good: Browser, VPNs,! The Bad: (or rather research topics ;-) Hardly any device to device authentication VPN not flexible enough need to know basis Washing machine does not need access to my music Music player does not need access to my health record 21 2015 Information Security Summer School - Bilbao
IV. Securing the Cloud data f(data) First of all: cloud is (also) a deployment model! Virtual machines! Software as services! Allows for easier composition and deployment of services 22 2015 Information Security Summer School - Bilbao
IV. Securing the Cloud Secure computation in the cloud (and your servers)! Fully homomorphic encryption works only for rather small comp.! Multiparty computation secret share data distributed computation can compile programs! Open research multi-party protocols revisited (honest but curious w/ auditability) key management (protection, distribution, updates) (oblivious) security services (justifiable & minimal TTPs) data f(data) 23 2015 Information Security Summer School - Bilbao
Further Research Needed!! Securing the infrastructure & IoT ad-hoc establishment of secure authentication and communication audit-ability & privacy (where is my information, crime traces) security services, e.g., better CA, oblivious TTPs, anon. routing,!usability HCI Infrastructure (setup, use, changes by end users)! Provably secure protocols Properly modeling protocols (UC, realistic attacks models,...) Verifiable security proofs Retaining efficiency 24 2015 Information Security Summer School - Bilbao
Further Research Needed!! Quantum Computers Lots of new crypto needed still Build apps algorithm agnostic! Towards a secure information society Society gets shaped by quickly changing technology Consequences are hard to grasp yet We must inform and engage in a dialog 25 2015 Information Security Summer School - Bilbao
Conclusion Let engage in some rocket science!! Much of the needed technology exists! need to use them & build apps for the moon! and make apps usable & secure for end users Thank you! jca@zurich.ibm.com @JanCamenisch ibm.biz/jancamenisch 26 2015 Information Security Summer School - Bilbao