Abstract

A fundamental problem of trust is a receiver’s decision of whether to accept input from an unknown sender in a protocol where the sender and receiver cooperation benefits both, whereas lack of cooperation benefits only the sender; e.g., in a classic trust game of behavioral economics. In this setting, we define a model that allows receivers to accept attributes (e.g., identity, credentials, certificates) of unknown senders as authentic based on recommendations received from social relations (e.g., from friends, relatives, collaborators, co-conspirators). We use the notion of social collateral as a measure of both social relations and of  “tie strength” among individuals to provide different degrees of accountability for accepting attribute information from strangers on an ad hoc basis, namely in the absence of authentication infrastructures; e.g., hierarchies of certification authorities, forests of peer-linked certificate authorities, and web of trust. Our model is robust in the face of well-defined attacks, such as impersonation and tie-strength-amplification attacks, and expressive in the sense that it can capture the underlying authentication-trust relations of all major authentication infrastructures. We use the model to enhance the semantics of well-known logics of authentication in ad hoc settings.  Preliminary experiments with visualization of measured tie strength among users of a social network indicate that the model is useable by ordinary users. This is talk is based on joint work with Tiffany Hyun-Jin Kim and Adrian Perrig.

Bio

Virgil D. Gligor is Professor in the Department of Electrical and Computer Engineering at Carnegie Mellon University and co-Director of the University’s CyLab. Professor Gligor received his B.Sc., M.Sc., and Ph.D. degrees from the University of California at Berkeley. Prior to joining Carnegie Mellon, he was a Professor of Electrical and Computer Engineering at the University of Maryland (1976 – 2007). He was a consultant to the Burroughs (1977-1981) and IBM (1984-1999) Corporations, and has served on Microsoft’s Trusted Computing Academic Advisory Board (since 2002), and SAP’s Security Advisory Board (since 2011).

For nearly four decades, Gligor’s research interests have ranged from access control mechanisms, penetration analysis, and denial-of-service protection to cryptographic protocols and applied cryptography. His research addresses problems of trustworthy computing in the presence of a active adversaries (e.g., malware, malicious insiders) and Internet security.

The Association for Computing Machinery (ACM) named Professor Gligor as the recipient of its 2011 Outstanding Innovation Award for security and privacy research. Professor Gligor also received the 2006 National Information Security Award for pioneering research in information security, an award jointly given by the National Security Agency and National Institute of Standards and Technology in the US.

TLS is the de facto protocol of choice for securing Internet communications, while DTLS is an increasingly important variant of TLS that was designed for use in lightweight applications. In this talk, I will provide an overview of what is known about the security of the TLS and DTLS protocols. I'll discuss the BEAST attack on TLS and what its implications are.

I'll also talk about a recently discovered vulnerability in TLS 1.2, as well as what we know about the provable security of the protocol. I'll then explain how DTLS implementations turn out to be more vulnerable than TLS to padding oracle attacks. The talk will assume basic knowledge of cryptography and networking, but will be as self-contained as possible.