-
Towards Intelligent Context-Aware 6G Security
Authors:
André N. Barreto,
Stefan Köpsell,
Arsenia Chorti,
Bertram Poettering,
Jens Jelitto,
Julia Hesse,
Jonathan Boole,
Konrad Rieck,
Marios Kountouris,
Dave Singelee,
Kumar Ashwinee
Abstract:
Imagine interconnected objects with embedded artificial intelligence (AI), empowered to sense the environment, see it, hear it, touch it, interact with it, and move. As future networks of intelligent objects come to life, tremendous new challenges arise for security, but also new opportunities, allowing to address current, as well as future, pressing needs. In this paper we put forward a roadmap t…
▽ More
Imagine interconnected objects with embedded artificial intelligence (AI), empowered to sense the environment, see it, hear it, touch it, interact with it, and move. As future networks of intelligent objects come to life, tremendous new challenges arise for security, but also new opportunities, allowing to address current, as well as future, pressing needs. In this paper we put forward a roadmap towards the realization of a new security paradigm that we articulate as intelligent context-aware security. The premise of this roadmap is that sensing and advanced AI will enable context awareness, which in turn can drive intelligent security mechanisms, such as adaptation and automation of security controls. This concept not only provides immediate answers to burning open questions, in particular with respect to non-functional requirements, such as energy or latency constraints, heterogeneity of radio frequency (RF) technologies and long life span of deployed devices, but also, more importantly, offers a viable answer to scalability by allowing such constraints to be met even in massive connectivity regimes. Furthermore, the proposed roadmap has to be designed ethically, by explicitly placing privacy concerns at its core. The path towards this vision and some of the challenges along the way are discussed in this contribution.
△ Less
Submitted 17 December, 2021;
originally announced December 2021.
-
Efficiency Improvements for Encrypt-to-Self
Authors:
Jeroen Pijnenburg,
Bertram Poettering
Abstract:
Recent work by Pijnenburg and Poettering (ESORICS'20) explores the novel cryptographic Encrypt-to-Self primitive that is dedicated to use cases of symmetric encryption where encryptor and decryptor coincide. The primitive is envisioned to be useful whenever a memory-bounded computing device is required to encrypt some data with the aim of temporarily depositing it on an untrusted storage device. W…
▽ More
Recent work by Pijnenburg and Poettering (ESORICS'20) explores the novel cryptographic Encrypt-to-Self primitive that is dedicated to use cases of symmetric encryption where encryptor and decryptor coincide. The primitive is envisioned to be useful whenever a memory-bounded computing device is required to encrypt some data with the aim of temporarily depositing it on an untrusted storage device. While the new primitive protects the confidentiality of payloads as much as classic authenticated encryption primitives would do, it provides considerably better authenticity guarantees: Specifically, while classic solutions would completely fail in a context involving user corruptions, if an encrypt-to-self scheme is used to protect the data, all ciphertexts and messages fully remain unforgeable.
To instantiate their encrypt-to-self primitive, Pijnenburg et al propose a mode of operation of the compression function of a hash function, with a carefully designed encoding function playing the central role in the serialization of the processed message and associated data. In the present work we revisit the design of this encoding function. Without questioning its adequacy for securely accomplishing the encrypt-to-self job, we improve on it from a technical/implementational perspective by proposing modifications that alleviate certain conditions that would inevitably require implementations to disrespect memory alignment restrictions imposed by the word-wise operation of modern CPUs, ultimately leading to performance penalties. Our main contributions are thus to propose an improved encoding function, to explain why it offers better performance, and to prove that it provides as much security as its predecessor. We finally report on our open-source implementation of the encrypt-to-self primitive based on the new encoding function.
△ Less
Submitted 6 September, 2020;
originally announced September 2020.
-
Cryptographic Enforcement of Information Flow Policies without Public Information via Tree Partitions
Authors:
Jason Crampton,
Naomi Farley,
Gregory Gutin,
Mark Jones,
Bertram Poettering
Abstract:
We may enforce an information flow policy by encrypting a protected resource and ensuring that only users authorized by the policy are able to decrypt the resource. In most schemes in the literature that use symmetric cryptographic primitives, each user is assigned a single secret and derives decryption keys using this secret and publicly available information. Recent work has challenged this appr…
▽ More
We may enforce an information flow policy by encrypting a protected resource and ensuring that only users authorized by the policy are able to decrypt the resource. In most schemes in the literature that use symmetric cryptographic primitives, each user is assigned a single secret and derives decryption keys using this secret and publicly available information. Recent work has challenged this approach by developing schemes, based on a chain partition of the information flow policy, that do not require public information for key derivation, the trade-off being that a user may need to be assigned more than one secret. In general, many different chain partitions exist for the same policy and, until now, it was not known how to compute an appropriate one.
In this paper, we introduce the notion of a tree partition, of which chain partitions are a special case. We show how a tree partition may be used to define a cryptographic enforcement scheme and prove that such schemes can be instantiated in such a way as to preserve the strongest security properties known for cryptographic enforcement schemes. We establish a number of results linking the amount of secret material that needs to be distributed to users with a weighted acyclic graph derived from the tree partition. These results enable us to develop efficient algorithms for deriving tree and chain partitions that minimize the amount of secret material that needs to be distributed.
△ Less
Submitted 30 August, 2016;
originally announced August 2016.
-
Cryptographic Enforcement of Information Flow Policies without Public Information
Authors:
Jason Crampton,
Naomi Farley,
Gregory Gutin,
Mark Jones,
Bertram Poettering
Abstract:
Cryptographic access control has been studied for over 30 years and is now a mature research topic. When symmetric cryptographic primitives are used, each protected resource is encrypted and only authorized users should have access to the encryption key. By treating the keys themselves as protected resources, it is possible to develop schemes in which authorized keys are derived from the keys expl…
▽ More
Cryptographic access control has been studied for over 30 years and is now a mature research topic. When symmetric cryptographic primitives are used, each protected resource is encrypted and only authorized users should have access to the encryption key. By treating the keys themselves as protected resources, it is possible to develop schemes in which authorized keys are derived from the keys explicitly assigned to the user's possession and publicly available information. It has been generally assumed that each user would be assigned a single key from which all other authorized keys would be derived. Recent work has challenged this assumption by developing schemes that do not require public information, the trade-off being that a user may require more than one key. However, these new schemes, which require a chain partition of the partially ordered set on which the access control policy is based, have some disadvantages. In this paper we define the notion of a tree-based cryptographic enforcement scheme, which, like chain-based schemes, requires no public information. We establish that the strong security properties of chain-based schemes are preserved by tree-based schemes, and provide an efficient construction for deriving a tree-based enforcement scheme from a given policy that minimizes the number of keys required.
△ Less
Submitted 30 May, 2015; v1 submitted 21 October, 2014;
originally announced October 2014.
