05 Fakultät Informatik, Elektrotechnik und Informationstechnik

Permanent URI for this collectionhttps://elib.uni-stuttgart.de/handle/11682/6

Browse

Filters

2017 - 201962020 - 202418

Settings

Institute: search.filters.UBSInstitut.Institut für InformationssicherheitPublication Type: search.filters.UBSTyp.Abschlussarbeit (Master)

Search Results

Now showing 1 - 10 of 24
  • Thumbnail Image
    ItemOpen Access
    Verifiable tally-hiding E-voting with fully homomorphic encryption
    (2020) Hasler, Sebastian
    An E-voting system is end-to-end verifiable if arbitrary external parties can check whether the result of the election is correct or not. It is tally-hiding if it does not disclose the full election result but rather only the relevant information, such as e.g. the winner of the election. In this thesis we pursue the goal of constructing an end-to-end verifiable tally-hiding E-voting system using fully homomorphic encryption. First we construct an alteration of the GSW levelled fully homomorphic encryption scheme based on the learning with errors over rings assumption. We utilize a key homomorphic property of this scheme in order to augment the scheme by a distributed key generation and distributed decryption. This leads to a passively secure 4-round multi-party computation protocol in the common random string model that can evaluate arithmetic circuits of arbitrary size. The complexity of this protocol is quasi-linear in the number of parties, polynomial in the security parameter and polynomial in the size of the circuit. By using Fiat-Shamir-transformed discrete-log-based zero-knowledge proofs we achieve security against active adversaries in the random oracle model while preserving the number of 4 rounds. Based on this actively secure protocol we construct an end-to-end verifiable tally-hiding E-voting system that has quasi-linear time complexity in the number of voters.
  • Thumbnail Image
    ItemOpen Access
    Critical infrastructure security in the age of cyberwarfare
    (2023) Sliwa, Robin
    Our modern critical infrastructure of the 21st century is not only digited; it is also more interconnected than ever before. While this progress has provided many improvements in efficiency, functionality and maintainability, it also introduced new attack vectors. It subsequently has become a target for coordinated attacks by cybercriminal and government-affiliated hacking groups. Especially current circumstances such as the Russian invasion of Ukraine have made the protection of critical infrastructure a central topic of (inter-)national security. This thesis provides an overview over critical infrastructure security in the context of cybersecurity. To that end, modern critical infrastructure is introduced and put in the context of legislative frameworks through the lens of European Union regulations. The central part of this thesis explores landmark attacks and incidents in form of Stuxnet and NotPetya. Followed by this, the adversaries behind such attacks and the resources available by them are analyzed; correspondingly, potential countermeasures and paths to enhanced cybersecurity are introduced. Overall, this thesis finds that critical infrastructure cybersecurity requires a much higher priority by public and private organizations. More than that, it suggests the pursuit of more holistic approaches over isolated measures - and a consideration of cybersecurity implications during all stages of business design and operation.
  • Thumbnail Image
    ItemOpen Access
    Analysis of selected cryptographic protocols with DY*
    (2023) Holderbach, Samuel
    DY* is a framework implemented in the proof-oriented programming language F*, aiming at symbolic analysis of cryptographic protocols on the structural and on the implementation level. In this master's thesis, we analyse three selected authentication and key exchange protocols with DY*: the Otway-Rees protocol, the Yahalom protocol and the Denning-Sacco protocol with public keys. Each of these protocols is designed to establish a secure channel between two users while involving a trusted third party in the authentication process. The Otway-Rees and Yahalom protocols rely on pre-shared symmetric keys with this trusted third party, while the Denning-Sacco protocol relies on digital signatures and public key encryption. In addition, the Denning-Sacco protocol proposes the use of timestamps in messages to provide users with guarantees about the timeliness of the conversation, a protocol feature that has not yet been attempted to be modeled and analyzed in DY*. We developed accurate models for each of the three protocols in DY*, documented possible attacks and proposed improvements to prevent them, and finally proved the security of the protocol or its improved version. We found several attacks on the Otway-Rees protocol that allow an adversary to impersonate one or possibly both of the users involved in the protocol, and based on these attacks, presented improvements to prevent them. For the Yahalom protocol, we show that it satisfies security goals derived from its formal specification, and draw parallels to other approaches with similar results. We also comment on the differences between our results and those of other analyses that describe the Yahalom protocol as flawed. Moreover, we developed an extension to DY* for modeling time-based properties of protocols with timestamps and demonstrated it on the Denning-Sacco protocol. As a result, we provide the first symbolic security proof, including timestamp-dependent security properties, of the Denning-Sacco protocol in DY*.
  • Thumbnail Image
    ItemOpen Access
    OpenID for Verifiable Credentials : formal security analysis using the Web Infrastructure Model
    (2023) Hauck, Fabian
    In our increasingly connected world, digital identities play a fundamental role in delivering secure online services around the globe. To enable the seamless exchange of identification data among various entities, the adoption of standardized protocols is essential. The protocol family OpenID for Verifiable Credentials (OID4VC) is ideally suited for exchanging identities. The two most important protocols in this family are OpenID for Verifiable Credential Issuance (OID4VCI) and OpenID for Verifiable Presentations (OID4VP) with a wide range of applications in e-government as well as in the private sector. A prominent example is the European Digital Identity Framework, which includes these two protocols, among others. This means that any future wallet in the European Union will implement OID4VCI and OID4VP. Therefore, it is extremely important to guarantee their security. This thesis performs a rigorous formal security analysis of both the OpenID for Verifiable Credential Issuance and the OpenID for Verifiable Presentations protocols. In particular, we focus on analyzing the security of both protocols when they interact in an ecosystem. It is not sufficient to consider the two protocols separately, because the interaction between them may introduce new vulnerabilities. Therefore, the formal model created in this thesis models both protocols simultaneously. The model is based on the Web Infrastructure Model (WIM), which closely follows existing web technologies. To describe what security means in this context, we define an authentication security property and a session integrity security property for OID4VCI and OID4VP. We prove that the model is secure with respect to the security properties under the assumption of a vigilant user. If this assumption is violated, we have discovered a number of attacks. This work makes several contributions to the protocol specifications: First, the discovered vulnera- bilities were brought to the attention of the working group. Second, several issues were filed to improve the quality and security of the specifications. Lastly, we engaged in ongoing discussions on related issues.
  • Thumbnail Image
    ItemOpen Access
    Security analysis of a machine-to-machine messaging system
    (2017) Kraus, Wolfgang
    With the increasing popularity of small embedded devices, self-organizing and self-repairing networks are preferable. One such choice are peer-to-peer (P2P) systems which create an overlay network in the application layer to achieve a de-centralized and resilient communication system. Neuropil builds an encryption layer on top of a Pastry/Tapestry P2P network to provide confidentiality and integrity to a certain degree. This thesis analyzes the protocol used by Neuropil in its default implementation and explores some possibilities to improve the security.
  • Thumbnail Image
    ItemOpen Access
    Sicherheit in Gitter-basierten Kryptosystemen
    (2021) Schwab, Jonas
    In dieser Arbeit wird das Commitment-Verfahren von Baum et al.[1] betrachtet und ein ausführlicher Reduktionsbeweis der Binding-Eigenschaft angegeben. Dafür wird das SIS-Problem, ähnlich wie von Langlois et al.[4] auf die Sicherheit von Gitterproblemen zurückgeführt. Zudem werden mögliche Angriffe auf das Commitment-Verfahren angegeben und die resultierenden Sicherheitsgarantien beschrieben.
  • Thumbnail Image
    ItemOpen Access
    Host firewall on AUTOSAR Adaptive based vehicle computers & domain ECUs
    (2022) Schneider, Eric
    Setting up firewalls without additional tooling can be inefficient and complicated. In this paper a prototype will be presented that allows the configuration of an ECU host firewall based on a well defined configuration file. This firewall is designed to run on vehicle computers and smart components inside cars that run the AUTOSAR Adaptive platform. The goal is to simplify firewall setup to secure these components against malicious traffic in the network and to prevent attack vectors that try to exploit physical access to the system. The presented prototype will be using nftables and the netfilter subsystem to set up both stateless and stateful filtering rules for both incoming and forwarded traffic. Packet inspection will also be evaluated in this context and approaches to filtering of the high level SOME/IP protocol will be presented. Example rulesets for both regular ECUs that are running the AUTOSAR Adaptive platform as well as an example for network separation will be provided. A short introduction to the AUTOSAR IAM concept will be given along with a comparison between it and the presented Firewall concept will be drawn. Keywords: AUTOSAR Adaptive Platform, Firewall, IAM, WSL2
  • Thumbnail Image
    ItemOpen Access
    Efficient federated learning for gaze estimation
    (2023) Kittelberger, Jonas
    Gaze estimation is the task of deciding for given face images, in which direction people are looking. It is particularly useful for various applications including psychological analysis, authentication, and eye tracking in the context of virtual or augmented reality. To reduce the error of the predictions of gaze estimators, the training data should be collected from a large number of users to ensure the ability of the model to generalize correctly during the inference phase. However, the large data collection requirements conflict with privacy concerns. Building on existing federated learning approaches, this project aims to increase the efficiency of the training process. Hence, (i) we split the model into a part owned by the client and another part owned by a server. This results in strong data protection properties as well as model privacy. In addition, only a part of the model has to be stored and run by each client leading to decreasing computational effort for the typically substantially resource-constrained clients. (ii) We further train the gaze estimation model in an unsupervised fashion and (iii) prune the model weights to enhance the training efficiency. Furthermore, we extend our approach with several privacy-preserving techniques, e.g. Multi-Party Computation (MPC) and Differential Privacy (DP) mechanisms. We empirically demonstrate the effectiveness of these mechanisms with an implemented attack on our system. Our experiments show that our implemented system manages to predict gaze angles with an average deviation of less than 6.5 degrees from the actual angle in about 10 minutes and thus outperforms other privacy-preserving gaze estimators.
  • Thumbnail Image
    ItemOpen Access
    Pairing Based Cryptography
    (2022) Koch, Daniel
    In dieser Masterarbeit untersuchen wir Pairings auf elliptischen Kurven, deren Anwendung in der Kryptographie und deren Berechnung. Pairings sind bestimmte bilineare Funktionen zwischen Gruppen, wobei wir solche Abbildungen insbesondere für die Gruppe der Punkte elliptischer Kurven finden können. Beide diese Begriffe werden in dieser Arbeit eingeführt. Diese Funktionen können für kryptographische Anwendungen, insbesondere für den Schlüsselaustausch, die digitale Signatur und Identity based Cryptography genutzt werden. Um Pairings für diese Zwecke nutzbar machen zu können, stellen wir zwei Algorithmen zur Berechnung der Pairings vor.
  • Thumbnail Image
    ItemOpen Access
    Security analysis of the OpenID financial-grade API
    (2018) Hosseyni, Pedram
    The OpenID Financial-grade API provides a mechanism for accessing data and resources that need a high degree of protection, such as in the context of financial applications. As a profile of the OAuth 2.0 Authorization Framework designed for high-risk scenarios, the Financial-grade API aims at being secure even if the procedure is attacked at several points leading to wrongly configured endpoints, the leakage of tokens and even whole requests and responses. To achieve this degree of security, several additional mechanisms are used, which protect against the usage of leaked tokens and protect messages against modification. We modeled both the Read-Only Profile and the Read-Write Profile of the Financial-grade API in the FKS Web Model, including all underlying assumptions that might affect the security of the flows. Through formal analysis, we discovered several attacks not only on mechanisms specific to the Financial-grade API but also on more general concepts of OAuth, namely, Token Binding and the Proof Key for Code Exchange extension. We provide mitigations against these attack scenarios and show that the modified flows are secure as specified by our security definitions. More precisely, these modified flows prevent an attacker from logging in under the identity of an honest user and accessing protected resources belonging to the honest user.