TCE 2016 Summer School on Computer Security

  • Date/Time
    Date(s) - 04/09/2016 - 08/09/2016
    9:00 am - 4:00 pm

    Location
    Room 1003, EE Meyer Building

    Categories No Categories


    logo_Cyber_Cente

    The 5th Summer School on Computer Security  –

    TCE 2016 summer school will present security technologies integrated into current computing solutions and future technologies not yet in the market.

    Please feel free to watch the videofootage of the presentations. 

     

    Speakers  Agenda  Registration


    Speakers Confirmed Speakers:

    George Danezis, University College London
    Sharon Goldberg, Boston University
    David Naccache, École Normale Supérieure
    Margarita Osadchy, University of Haifa
    Kenny Paterson, Royal Holloway, University of London
    Moti Yung, Snaptchat Ltd.


    Proudly sponsored by:
    Nokia

     

     


    Agenda Agenda

    Download a pdf version: Here

    Sunday - September 4Monday - September 5Tuesday - September 6Wednesday - September 7Thursday - September 8

    9:00-9:30 Gathering

    9:30-11:00

    Sharon Goldberg, Boston University
    Why is it Taking so Long to Secure BGP?
    Part 1: Vulnerabilities and Defenses

    The Border Gateway Protocol (BGP) is the global Internet's routing protocol, enabling data communications between large networks operated by different organizations. BGP is responsible for setting up routes for traffic between edge networks, Internet Service Providers (ISPs), residential networks, or enterprise networks. While BGP plays a crucial role in enabling Internet communications, it remains surprisingly vulnerable to simple attacks. This talk provides an introduction to BGP's security vulnerabilities and discusses how they can be mitigated with common defenses (RPKI, prefix filtering), as well as the newly-standardized BGPSEC protocol.

    Presentation

    11:00-11:15 Coffee break
    11:15-12:45

    Sharon Goldberg, Boston University
    Why is it Taking so Long to Secure BGP?
    Part 2: Deployment Challenges

    This talk provides an overview of the challenges involved in deploying the RPKI and BGPSEC. We explain why the RPKI does much to improve BGP security. Next, We argue that the transition to BGPSEC is expected to be long and slow, with BGPSEC coexisting in "partial deployment" along-side networks that deploy only the RPKI (but not BGPSEC) for a long period of time. We then present results that indicate that BGPSEC can provide only meagre security improvements during this transition period. We conclude with deployment challenges for the RPKI. The RPKI provide security via a set of trusted authorities, in a threat model that supposes that authorities are trusted and routing is under attack. We will discuss the risks that arise when this threat model is flipped: when RPKI authorities are faulty, misconfigured, compromised, or compelled to misbehave.

    Presentation

    12:45-13:45 Lunch break
    13:45-15:15

    Moti Yung, Snaptchat Ltd.
    A Foot in the Cloud’s Door: Cryptography for Evolving Ecosystems

    Computational paradigms nowadays change, and global systems over the wordwide networks evolve. Systems have to take this into account numerous factors, like: scale, growth, software agility, and increased scope. 
    Building and maintaining active systems is an important part of the cloud, network computing, web services, etc. Cryptography as part of an active software system (rather than cryptography as usually designed, as an essentially mathematical field by itself or as a general tools to be further used in systems) has to consider the existing and future constraints, the scale, the evolution, and the enhanced scope of successful systems, as part of delivering a product or a service. Actual customized cryptographic components that are secure, based on solid theory, yet are suitable for the new style of system global nature and evolution are needed (beyond existing black-box crypto), while, on the other hand, no methodology for such components actually exists (the often recited "designing security from the start," hardly applies!) In this talk, I will review my experience regarding how the cryptographic protection of Google's global platform for display ads auctions (AdX) has been designed and evolved over the last few years and will cover general principles that can be drawn from this.
    Joint work with the ADX engineering team, Google.

    15:15-15:30 Coffee break
    15:30-17:00

    Moti Yung, Snaptchat Ltd.
    Ephemeral Identifiers: Mitigating Tracking & Spoofing Threats to BLE Beacons

    Bluetooth Smart (also known as Bluetooth Low Energy) beacons broadcast their presence in order to enable proximity-based applications by observer devices. This results in a privacy and security exposure: broadcast devices are typically susceptible to tracking and spoofing based on the IDs used by the beacons. It seems, therefore, that we lost all privacy given these device modus operandi (and similar broadcasting “things”) due to the global exposure of mobile units to many possible tracking readers. 
    To resolve this situation we introduce a scheme consisting of cloud-based Ephemeral Identifiers (EID) which allows only authorized parties to properly identify the beacons broadcast. The scheme mitigates the basic tracking and security threats while keeping high utility and utilize a global reach of a trusted agent as a resource over the cloud (applying the principle of “fighting fire (global exposure) with fire (global agent)”). 
    We outline a formal model of privacy which is obtained with our scheme, present its implementation, and discuss possible extensions. The proposal is the basis for Google’s Eddystone standard, supported by about thirty industry partners for privacy critical applications. 
    Joint work with: Avinatan Hassidim, Yossi Matias, and Alon Ziv (Google, Israel)

    9:00-9:30 Gathering

    9:30-11:00

    Sharon Goldberg, Boston University
    On the Security of the Network Time Protocol (NTP)

    Millions of hosts use the Network Time Protocol (NTP) to synchronize their computer clocks to public Internet timeservers (using NTP's client/server mode), to neighboring peers (using NTP's symmetric mode), or to broadcast timeservers (using NTP's broadcast mode). This talk discusses the security of the datagram protocol that NTP clients, servers, and peers use to exchange time. We present several newly-discovered time-shifting attacks that can be used to maliciously change a target's time. We discuss why these attacks undermine the security of other protocols like TLS, DNSSEC, Kerberos, HSTS, bitcoin, system loggers. We then argue that these attacks follow because the NTP protocol standardized in RFC5905 is underspecified and flawed, and discuss ongoing efforts to improve the security of the protocol. We also provide actionable suggestions for hardening current NTP deployments.

    Presentation

    11:00-11:15 Coffee break
    11:15-12:45

    Sharon Goldberg, Boston University
    Securing the Domain Name System (DNS): Challenges and Pitfalls

    DNSSEC was introduced in the late 1990s to protect the Domain Name System (DNS) from network attacks. With DNSSEC, the response to a DNS query is authenticated with a digital signature; in this way, the resolver that issues the DNS query (“What is the IP address for www.example.com?”) can be certain that the response
    (“155.41.24.251”) was sent by the authoritative nameserver, rather than an arbitrary attacker. This talk overviews some of the attacks that have necessitated the deployment of DNSSEC, including Kaminski's famous cache-poisoning attack. We then discuss why the road to DNSSEC deployment has been rocky, with a variety of technical issues have forcing the Internet community to rewrite the DNSSEC standard several times. We survey some of these issues, including zone enumeration and DDoS amplification attacks, and discuss new efforts to add privacy to the DNS.

    Presentation

    12:45-13:45 Lunch break
    13:45-15:15

    Kenny Paterson, Royal Holloway, University of London
    Secure Channels — Theory and Practice

    In these talks, I'll talk about the theory and practice of secure channels, focussing on symmetric cryptographic aspects. I'll cover the following topics: what secure channels are and why they are important; how they are built in practice from cryptographic algorithms, focusing on SSL/TLS and SSH as examples; how secure channels can be modelled using formal security definitions and how their security properties can be formally established using security proofs; what some of the issues are that arise in the gaps between theory and practice.

    Presentation

    15:15-15:30 Coffee break
    15:30-17:00

    Kenny Paterson, Royal Holloway, University of London
    Secure Channels — Theory and Practice

    In these talks, I'll talk about the theory and practice of secure channels, focussing on symmetric cryptographic aspects. I'll cover the following topics: what secure channels are and why they are important; how they are built in practice from cryptographic algorithms, focusing on SSL/TLS and SSH as examples; how secure channels can be modelled using formal security definitions and how their security properties can be formally established using security proofs; what some of the issues are that arise in the gaps between theory and practice.

    Presentation

    9:00-9:30 Gathering

    9:30-11:00

    Moti Yung, Snaptchat Ltd.
    Crossing the Theory–Practice Chasm: on Deploying Secure Computations Commercially

    Technological innovations in security and privacy are critical to advancing modern computing in our time. I will present an experimental effort involving deployment of commercial applications designed and built as a ‘secure multi-party computation protocol for specific tasks, to be used repetitively to achieve a number of concrete ubiquitous business goals. In these applications, the outputs are calculated in the presence of privacy constraints which prevent parties from sharing their individual inputs directly and openly. I will also discuss what I think are the reasons for the inherent difficulty of developing such routines in general (for achieving business goals). In particular, I will survey what I believe to be the reasons that ~38 years since secure computation protocols was invented as a basic theoretical notion, capturing specific and then general computational tasks, and in spite of its theoretical and even more recent commendable experimentation success, the notion has not yet been widely and seriously used in achieving routine relevant business goals (in contrast with symmetric key and public key cryptosystems and protocols, which were also proposed ~40 years ago and are used extensively, primarily to implement secure authenticated channels). I will cover some of the basic methodology taken to deploy the technology. 
    Joint work with Google Privacy Team NYC.

    11:00-11:15 Coffee break
    11:15-12:45

    Moti Yung, Snaptchat Ltd.
    The Give-and-Take Protocol:  Implementing Opaque Cloud Data Service

    In many apps users keep content in the server (cloud) and at the same time want this content to be kept exclusively by the user (security against the cloud itself and others). T the same time,  many apps support easy device flexibility of the user (mobility), and need to be easy on the user to avoid her/ his frustration (usability). Given the security/ mobility/ usability constraints pose a challenge (and this is not even taking into 
    account other engineering constraints like performance and operational environment constraints). I will describe a solution that has been deployed, and how the tradeoff  were analysed and what was  achieved by a special protocol of multi-party collaborating to implement the goal in the best possible way. If time permits I will also cover my personal view on how the applied cryptography/ secure systems area  (as part of actual system/ 
    engineering) evolved over the years and how it is related to crypto practices and theory, and theory in general. Further, I will talk about how this view has helped shape my view of how to approach actual engineering projects with useful and impactful research contributions.
    Joint work with Snapchat Security team.

    12:45-13:45 Lunch break
    13:45-15:15

    Kenny Paterson, Royal Holloway, University of London
    Secure Channels — Theory and Practice

    In these talks, I'll talk about the theory and practice of secure channels, focussing on symmetric cryptographic aspects. I'll cover the following topics: what secure channels are and why they are important; how they are built in practice from cryptographic algorithms, focusing on SSL/TLS and SSH as examples; how secure channels can be modelled using formal security definitions and how their security properties can be formally established using security proofs; what some of the issues are that arise in the gaps between theory and practice.

    Presentation

    15:15-15:30 Coffee break
    15:30-17:00

    Kenny Paterson, Royal Holloway, University of London
    Secure Channels — Theory and Practice

    In these talks, I'll talk about the theory and practice of secure channels, focussing on symmetric cryptographic aspects. I'll cover the following topics: what secure channels are and why they are important; how they are built in practice from cryptographic algorithms, focusing on SSL/TLS and SSH as examples; how secure channels can be modelled using formal security definitions and how their security properties can be formally established using security proofs; what some of the issues are that arise in the gaps between theory and practice.

    Presentation

    9:00-9:30 Gathering

    9:30-11:00

    George Danezis, University College London
    Anonymous Communications Beyond Tor

    The Onion Routing system (Tor) has become very popular since its inception in 2004. However, it has become apparent that the security it provides is fragile against powerful adversaries. We will review the basics of how anonymous communications, and resistance to traffic analysis is achieved in traditional mix network and onion routing; then we will review modern anonymous communications proposals that attempt to obscure communication patterns from pervasive surveillance.

    11:00-11:15 Coffee break
    11:15-12:45

    George Danezis, University College London
    Anonymous Communications Beyond Tor

    The Onion Routing system (Tor) has become very popular since its inception in 2004. However, it has become apparent that the security it provides is fragile against powerful adversaries. We will review the basics of how anonymous communications, and resistance to traffic analysis is achieved in traditional mix network and onion routing; then we will review modern anonymous communications proposals that attempt to obscure communication patterns from pervasive surveillance.

    12:45-13:45 Lunch break
    13:45-14:45 Margarita Osadchy, University of Haifa
    Adversarial Examples: From Machine Learning to Computer Security
    14:45-15:45 David Naccache, École Normale Supérieure
    How To Prove Security?
    15:45-16:00 Coffee break
    16:00-17:00 David Naccache, École Normale Supérieure
    How To Prove Security?

    9:00-9:30 Gathering

    9:30-11:00

    George Danezis, University College London
    Privacy Enhancing Technologies in the Infrastructure​

    A key design advice to build privacy friendly systems consists of understanding the purpose of the data collections, and ensuring that no more data than necessary is every collected. Such advice, however, is not applicable to infrastructures that necessarily have to serve many purposes including future unknown ones. In this talk I discuss our experiences designing privacy technologies for a number of infrastructures, including automotive location services, smart metering electricity infrastructures, and statistics pipelines for network monitoring. They illustrate how privacy technologies can be implemented in a flexible manner to provide a platform that is privacy enabled.

    11:00-11:15 Coffee break
    11:15-12:45

    George Danezis, University College London
    Privacy Enhancing Technologies in the Infrastructure​

    A key design advice to build privacy friendly systems consists of understanding the purpose of the data collections, and ensuring that no more data than necessary is every collected. Such advice, however, is not applicable to infrastructures that necessarily have to serve many purposes including future unknown ones. In this talk I discuss our experiences designing privacy technologies for a number of infrastructures, including automotive location services, smart metering electricity infrastructures, and statistics pipelines for network monitoring. They illustrate how privacy technologies can be implemented in a flexible manner to provide a platform that is privacy enabled.

    12:45-13:45 Lunch break
    13:45-15:15 David Naccache, École Normale Supérieure
    When Primitive Design Goes Bad…
    15:15-15:30 Coffee break
    15:30-17:00 David Naccache, École Normale Supérieure
    When Primitive Design Goes Bad…


    Registration Registration
     

    Participation is free, but registration is required 

    You may enter the Technion by car, please state at the gate you are coming to the conference.
    Please park in any legal spot available.