05 Fakultät Informatik, Elektrotechnik und Informationstechnik

Permanent URI for this collectionhttps://elib.uni-stuttgart.de/handle/11682/6

Browse

Filters

2021 - 202437

Settings

Institute: search.filters.UBSInstitut.Institut für InformationssicherheitStart date: 2021

Search Results

Now showing 1 - 10 of 37
  • Thumbnail Image
    ItemOpen Access
    Informelle Sicherheitsanalyse der Sequent Tech Identitäts- und Zugriffsmanagementkomponente
    (2022) Vatic, Amel
    Die IAM-Komponente wurde von Sequent Tech Inc. für ihre E-Voting-Anwendung entwickelt und anschließend als eigenständige Software-Komponente veröffentlicht. Sie bietet Funktionalität zur Authentifizierung und Autorisierung von Benutzern in einem Anwendungssystem. In dieser Arbeit wird eine informelle Sicherheitsanalyse der IAM-Komponente und der in der Komponente definierten Authentifizierungsprotokolle angefertigt. Die Authentifizierungsprotokolle legen dabei jeweils fest, wie sich die Benutzer bei der IAM-Komponente authentisieren müssen. Die Grundlage dieser Analyse bildet dabei eine ausführliche Beschreibung dieser Komponente und ihrer Authentifizierungsprotokolle, die im Rahmen dieser Arbeit ebenfalls angefertigt wird. Von besonderer Interesse ist dabei das Single-Sign-On Authentifizierungsprotokoll SmartLink. Nachdem wir die Beschreibung angefertigt haben, werden die IAM-Komponente und ihre Authentifizierungsprotokolle informell analysiert. Dabei beginnen wir mit der Identifikation der Annahmen und der Angreifermodelle, die für die Sicherheitsanalyse zu Grunde gelegt werden. Die drei Sicherheitsziele, die in von der IAM-Komponente erfüllt werden müssen sind dabei Authentifizierung, Autorisierung und Session Integrity. In der darauffolgenden Sicherheitsanalyse werden die Komponente und die Authentifizierungsprotokolle bezüglich allen Sicherheitsdefinitionen überprüft.
  • Thumbnail Image
    ItemOpen Access
    Beschreibung und Analyse der W3C Browser Push APIs
    (2024) Lüers, Alina
    Die W3C Push API bietet die Möglichkeit der asynchronen Kommunikation zwischen einem Browser und einem Anwendungsserver. Der Anwendungsserver kann Push Nachrichten an einen Push Service senden. Der Push Service speichert die Nachricht bis der Browser erreichbar ist oder die Nachricht verfällt. Wenn der Browser die Push Nachricht erhält, wird die Push Nachricht an den Service Worker weitergeleitet, der die Nachricht verarbeitet und gegebenenfalls dem Nutzer anzeigt. In dieser Arbeit wird die W3C Push API zunächst abstrakt beschrieben und darauf aufbauend eine informelle Sicherheitsanalyse durchgeführt. Dafür werden zunächst die der Analyse zu Grunde liegenden Angreifermodelle und Annahmen definiert. Anschließend werden die Sicherheitsziele Vertraulichkeit, Privacy, Verfügbarkeit, Authentifizierung, Autorisierung und Session Integrität untersucht. In der Analyse konnten dabei keine neuen, gravierenden Sicherheitsprobleme festgestellt werden. Anschließend wird die Implementierung der Push API in Firefox näher betrachtet. Dabei wird der Push Service autopush beschrieben und es werden die zusätzlichen Sicherheitsmaßnahmen aufgezählt.
  • Thumbnail Image
    ItemOpen Access
    XSS in issue tracking systems
    (2021) Hildebrand, Moritz
    Today, virtually every software project, especially in a collaborative and distributed setting, is managed through an issue tracking system (ITS). As developers rely heavily on ITSs, the risk of cyberattacks and their associated impact increases. An interesting particularity of ITSs is that, compared to conventional web applications, the attack surface is extended through additional input interfaces such as email or version control systems (VCSs).This bachelor thesis develops a methodology to test ITSs for Cross-site scripting (XSS) vulnerabilities via these ITS-specific input interfaces. Exemplarily, we implement the developed methodology for the input interfaces email and Git and test it on the three open-source ITSs Redmine, MantisBT, and Trac.
  • Thumbnail Image
    ItemOpen Access
    Verifiable tally-hiding remote electronic voting
    (2023) Liedtke, Julian; Küsters, Ralf (Prof. Dr.)
    Electronic voting (e-voting) refers to casting and counting votes electronically, typically through computers or other digital interfaces. E-voting systems aim to make voting secure, efficient, convenient, and accessible. Modern e-voting systems are designed to keep the votes confidential and provide verifiability, i.e., everyone can check that the published election result corresponds to how voters intended to vote. Several verifiable e-voting systems have been proposed in the literature, with Helios being one of the most prominent ones. However, almost all verifiable e-voting systems reveal not just the voting result but also the tally, consisting of the exact number of votes per candidate or even all single votes. Publishing the tally causes several issues. For example, in elections with only a few voters (e.g., boardroom or jury votings), exposing the tally prevents ballots from being anonymous, thus deterring voters from voting for their actual preference. Furthermore, attackers can exploit the tally for so-called Italian attacks that allow for easily coercing voters. Often, the voting result merely consists of a single winner or a ranking of candidates, so disclosing only this information, not the tally, is sufficient. Revealing the tally unnecessarily embarrasses defeated candidates and causes them a severe loss of reputation. For these reasons, there are several real-world elections where authorities do not publish the tally but only the result - while the current systems for this do not ensure verifiability. We call the property of disclosing the tally tally-hiding. Tally-hiding offers entirely new opportunities for voting. However, a secure e-voting system that combines tally-hiding and verifiability does not exist in the literature. Therefore, this thesis presents the first provable secure e-voting systems that achieve both tally-hiding and verifiability. Our Ordinos framework achieves the strongest notion of tally-hiding: it only reveals the election result. Many real-world elections follow an alternative variant of tally-hiding: they reveal the tally to the voting authorities and only publish the election result to the public - so far without achieving verifiability. We, for the first time, formalize this concept and coin it public tally-hiding. We propose Kryvos, which is the first provable secure e-voting system that combines public tally-hiding and verifiability. Kryvos offers a new trade-off between privacy and efficiency that differs from all previous tally-hiding systems and allows for a radically new protocol design, resulting in a practical e-voting system. We implemented and benchmarked Ordinos and Kryvos, showing the practicability of our systems for real-world elections for significant numbers of candidates, complex voting methods, and result functions. Moreover, we extensively analyze the impact of tally-hiding on privacy compared to existing practices for various elections and show that applying tally-hiding improves privacy drastically.
  • Thumbnail Image
    ItemOpen Access
    Critical infrastructure security in the age of cyberwarfare
    (2023) Sliwa, Robin
    Our modern critical infrastructure of the 21st century is not only digited; it is also more interconnected than ever before. While this progress has provided many improvements in efficiency, functionality and maintainability, it also introduced new attack vectors. It subsequently has become a target for coordinated attacks by cybercriminal and government-affiliated hacking groups. Especially current circumstances such as the Russian invasion of Ukraine have made the protection of critical infrastructure a central topic of (inter-)national security. This thesis provides an overview over critical infrastructure security in the context of cybersecurity. To that end, modern critical infrastructure is introduced and put in the context of legislative frameworks through the lens of European Union regulations. The central part of this thesis explores landmark attacks and incidents in form of Stuxnet and NotPetya. Followed by this, the adversaries behind such attacks and the resources available by them are analyzed; correspondingly, potential countermeasures and paths to enhanced cybersecurity are introduced. Overall, this thesis finds that critical infrastructure cybersecurity requires a much higher priority by public and private organizations. More than that, it suggests the pursuit of more holistic approaches over isolated measures - and a consideration of cybersecurity implications during all stages of business design and operation.
  • Thumbnail Image
    ItemOpen Access
    A formal analysis of hashgraph and its accountability properties
    (2022) Flinspach, Marcel
    The Hashgraph algorithm is a distributed ledger technology (DLT) consensus algorithm that is an alternative to conventional blockchains. Generally, a distributed ledger can be seen as a database of transactions that is replicated across serveral locations, typically run by multiple parties. In order to reach an agreement on the validity and order of transactions, DLTs typically rely on consensus protocols as a key component. Participants of the Hashgraph algorithm locally manage a hashgraph. This is a directed acyclic graph of events. All events include, among other (meta)data, mainly transactions that were submitted by clients. In order to reach a consens, Hashgraph utilizes so-called virtual voting so that parties with different hashgraphs assign all events the same position in the total order of events. We call this desirable property consistency, which allows different participants to calculate and agree on the same order of transactions. Accountability is a well-known concept in distributed systems and cryptography but new to blockchains and DLTs in general. With this concept, misbehaving parties violating predefined security goals can be identified and held accountable with undeniable cryptographic evidence to incentivize participants to behave honestly. In this work, we put forward a rigorous proof that Hashgraph does achieve accountability w.r.t. consistency. That is, participants that misbehave by calculating a different order of transactions, by not following the Hashgraph protocol, can always be identified and rightfully blamed. To achieve this, we construct an iUC model of the hashgraph protocol with the necessary additions to hold dishonest participants accountable. In particular, we prove under relatively mild assumptions that honest participants, following the Hashgraph algorithm, will always assign events in their hashgraph the same order. That is, honest participants can reach a consens on the total order of events and transactions. Due to the real-world applications of Hashgraph, we believe this result is of independent interest.
  • Thumbnail Image
    ItemOpen Access
    Analysis of selected cryptographic protocols with DY*
    (2023) Holderbach, Samuel
    DY* is a framework implemented in the proof-oriented programming language F*, aiming at symbolic analysis of cryptographic protocols on the structural and on the implementation level. In this master's thesis, we analyse three selected authentication and key exchange protocols with DY*: the Otway-Rees protocol, the Yahalom protocol and the Denning-Sacco protocol with public keys. Each of these protocols is designed to establish a secure channel between two users while involving a trusted third party in the authentication process. The Otway-Rees and Yahalom protocols rely on pre-shared symmetric keys with this trusted third party, while the Denning-Sacco protocol relies on digital signatures and public key encryption. In addition, the Denning-Sacco protocol proposes the use of timestamps in messages to provide users with guarantees about the timeliness of the conversation, a protocol feature that has not yet been attempted to be modeled and analyzed in DY*. We developed accurate models for each of the three protocols in DY*, documented possible attacks and proposed improvements to prevent them, and finally proved the security of the protocol or its improved version. We found several attacks on the Otway-Rees protocol that allow an adversary to impersonate one or possibly both of the users involved in the protocol, and based on these attacks, presented improvements to prevent them. For the Yahalom protocol, we show that it satisfies security goals derived from its formal specification, and draw parallels to other approaches with similar results. We also comment on the differences between our results and those of other analyses that describe the Yahalom protocol as flawed. Moreover, we developed an extension to DY* for modeling time-based properties of protocols with timestamps and demonstrated it on the Denning-Sacco protocol. As a result, we provide the first symbolic security proof, including timestamp-dependent security properties, of the Denning-Sacco protocol in DY*.
  • Thumbnail Image
    ItemOpen Access
    Formal security analysis of the OpenID FAPI 2.0 Security Profile with FAPI 2.0 Message Signing, FAPI-CIBA, Dynamic Client Registration and Management : technical report
    (2023) Hosseyni, Pedram; Küsters, Ralf; Würtele, Tim
    Building on our recent formal security analysis of the FAPI 2.0 Security Profile, we here extend the analysis effort to FAPI 2.0 Message Signing, combined with Dynamic Client Registration, Dynamic Client Management, and FAPI-CIBA. Overall, we model an ecosystem which uses all these profiles and extensions in parallel. Like the previous work on the FAPI 2.0 Security Profile, this analysis is based on the Web Infrastructure Model, a Dolev-Yao style model of the web infrastructure - in fact, it is the most comprehensive and detailed model of the web infrastructure to date. We identify several attacks, propose fixes and prove the fixed protocols secure with respect to authorization, authentication, session integrity for both authorization and authentication, and non-repudiation for the messages covered by FAPI 2.0 Message Signing. The attacks and proposed fixes have been reported to the responsible FAPI Working Group at the OpenID Foundation, and fixes have since been incorporated into the specifications.
  • Thumbnail Image
    ItemOpen Access
    OpenID for Verifiable Credentials : formal security analysis using the Web Infrastructure Model
    (2023) Hauck, Fabian
    In our increasingly connected world, digital identities play a fundamental role in delivering secure online services around the globe. To enable the seamless exchange of identification data among various entities, the adoption of standardized protocols is essential. The protocol family OpenID for Verifiable Credentials (OID4VC) is ideally suited for exchanging identities. The two most important protocols in this family are OpenID for Verifiable Credential Issuance (OID4VCI) and OpenID for Verifiable Presentations (OID4VP) with a wide range of applications in e-government as well as in the private sector. A prominent example is the European Digital Identity Framework, which includes these two protocols, among others. This means that any future wallet in the European Union will implement OID4VCI and OID4VP. Therefore, it is extremely important to guarantee their security. This thesis performs a rigorous formal security analysis of both the OpenID for Verifiable Credential Issuance and the OpenID for Verifiable Presentations protocols. In particular, we focus on analyzing the security of both protocols when they interact in an ecosystem. It is not sufficient to consider the two protocols separately, because the interaction between them may introduce new vulnerabilities. Therefore, the formal model created in this thesis models both protocols simultaneously. The model is based on the Web Infrastructure Model (WIM), which closely follows existing web technologies. To describe what security means in this context, we define an authentication security property and a session integrity security property for OID4VCI and OID4VP. We prove that the model is secure with respect to the security properties under the assumption of a vigilant user. If this assumption is violated, we have discovered a number of attacks. This work makes several contributions to the protocol specifications: First, the discovered vulnera- bilities were brought to the attention of the working group. Second, several issues were filed to improve the quality and security of the specifications. Lastly, we engaged in ongoing discussions on related issues.
  • Thumbnail Image
    ItemOpen Access
    Improved usability of differential privacy in machine learning : techniques for quantifying the privacy-accuracy trade-off
    (2022) Bernau, Daniel; Küsters, Ralf (Prof.)
    Differential privacy allows bounding the influence that training data records have on a neural network. To use differential privacy in machine learning with neural networks, data scientists must choose privacy parameter epsilon. Choosing meaningful privacy parameters is key since differentially private neural networks that have been trained with weak privacy parameters might result in excessive privacy leakage, while strong privacy parameters might overly degrade model utility. However, privacy parameter values are difficult to choose for two main reasons. First, the theoretical upper bound on privacy loss epsilon might be loose, depending on the chosen sensitivity and data distribution of practical datasets. Second, legal requirements and societal norms for anonymization often refer to individual identifiability, to which epsilon is only indirectly related. Within this thesis, we address the problem of choosing epsilon from two angles. First, we quantify the empirical lower bound on the privacy loss under empirical membership inference attacks to allow data scientists to compare the empirical privacy-accuracy trade-off between local and central differential privacy. Specifically, we consider federated and non-federated discriminative models, as well as generative models. Second, we transform the privacy loss under differential privacy into an analytical bound on identifiability map legal and societal expectations w.r.t. identifiability to corresponding privacy parameters. The thesis contributes techniques for quantifying the trade-off between accuracy and privacy over epsilon. The techniques provide information for interpreting differentially private training datasets or models trained with the differentially private stochastic gradient descent to improve usability of differential privacy in machine learning. In particular, we identify preferable ranges for privacy parameter epsilon and compare local and central differential privacy mechanisms for training differentially private neural networks under membership inference adversaries. Furthermore, we contribute an implementable instance of the differential privacy adversary that can be used to audit trained models w.r.t. identifiability.