THE USENIX MAGAZINE

December 2003 • volume 28 • number 6 { inside:

SECURITY Perrine: The End of crypt() Passwords . . . Please? Wysopal: Learning Security QA from the Vulnerability Researchers Damron: Identifiable Fingerprints in Network Applications Balas: Sebek: Covert Glass-Box Host Analysis Jacobsson & Menczer: Untraceable Email Cluster Bombs Mudge: Insider Threat Singer: Life Without Firewalls Focus Issue: Security Deraison & Gula: Nessus Guest Editor: Rik Farrow Forte: Coordinated Incident Response Procedures Russell: How Are We Going to Patch All These Boxes? Kenneally: Evidence Enhancing Technology

BOOK REVIEWS AND HISTORY USENIX NEWS # CONFERENCE REPORTS 12th USENIX Security Symposium

The Advanced Computing Systems Association conference reports

12th USENIX Security tification. In addition, the link between Symposium identity and reputation is not addressed OUR THANKS TO THE SUMMARIZERS: in conventional systems. August 4–8, 2003 Scott A. Crosby This led to the next phase of the talk: Catherine Dodge Washington, D.C. Clif Flynt reputation. Black Unicorn’s most appro- Seung Won Jun KEYNOTE ADDRESS: REFLECTIONS priate definition is a specific characteris- David Molnar ON A DECADE OF PSEUDONYMITY tic or trait ascribed to a person or thing: Chris Ries Black Unicorn a reputation for courtesy. The value of Gelareh Taban reputation is as a predictor of behavior, Tara Whalen Summarized by Tara Whalen Black Unicorn, aka A.S.L. von Bern- as a means of valuation, and as a means hardi, kicked off the conference with his for third-party assessment. Black Uni- talk on the relationships between iden- corn took issue with the notion of repu- NOTE tation as a behavior-predictor. Reports for BSDCon ’03 arrived too late tity, reputation, and trust. Anonymity to be included in this issue. They are has negative connotations, or “sunny Black Unicorn then discussed trust; he available at http://www.usenix.org/ climes attract shady characters.”He presented several definitions, choosing publications/library/proceedings/ chose his pseudonym when the cypher- “reliance on something in the future; bsdcon03/confrpts. punks list was being archived, and sug- hope” as the most appropriate for this gested that anybody who doesn’t want to talk. The value of trust has several com- attract undue attention should probably ponents: as a means of inexpensive due diligence; as a delegation enabler; as a means to reduce robustness of envi- ronmental security; and as an indication of risk toler- ance. Black Unicorn then dis- cussed the relationships between trust, identity, and reputation, showing how factors such as credentials, Black Unicorn and Vern Paxson third-party attestation, and pick a benign pseudonym, such as “Bill certification affect trust. Smith.” Identity information can be augmented by due diligence, consequence augmen- He then launched into a detailed discus- tation (e.g., penalties for crimes), and sion of identity: its definition, its value, third-party attestation. and some common fallacies. The defini- tion he prefers is “the distinct personal- Q: Given the reticence of Americans to ity of an individual regarded as a persist- use ID cards, how will we be able to ing entity; individuality.” identify people? The value of identity encompasses both A: This problem is likely to remain. its use as a unique identifier and in There is no good answer; identity is establishing the uniqueness of a reputa- always going to be nebulous. We have tional assertion. different roles that we play, and we tend not to like third-party assertions about The problems with identity are a lack of our identities. a standard unique identifier, reliance on third-party attestation, and the absence Q: How is the use of third-party attesta- of static physical characteristics for iden- tions different from due diligence?

70 Vol. 28, No. 6 ;login: A: We often look at collections of attes- expected to fail, and the time it takes to 802.11 DENIAL-OF-SERVICE ATTACKS: REAL tations, which is better than looking at reject each query is measured. Rejecting VULNERABILITIES AND PRACTICAL SOLUTIONS EPORTS only one attestation. The problem with a query requires that the server perform John Bellardo and Stefan Savage, Uni- R third-party attestations is that these par- several math operations. Depending on versity of California, San Diego ties have limited motivation to do the organization of the 1s and 0s in the While many members of the audience

proper due diligence (to save money), query, different speed optimizations may were connected to the outside world via ONFERENCE C

and their own liability is limited by be performed. A program can deduce their laptops and 802.11b wireless links, insurance, which makes them less likely the positions of 1s and 0s from the time Stefan Savage demonstrated just how to be appropriately diligent. Direct expe- required to perform the math opera- insubstantial that link can be. He rience and/or lore may be better guides. tions. opened his talk by showing a graph of current network activity and then Q: Do you want different ID documents The timing attacks have been done attacked John Bellardo’s link, halting his for different purposes? many times in the past, but previous download. When this attack was started, work was done against “simple” devices A: Definitely. You have to look at the the graph showed that traffic to Bel- like smartcards. Boneh and Brumley’s agency making the attestation—what are lardo’s laptop was reduced to nearly 0 work shows that a surprising level of they qualified to say? Probably not a lot. packets, and Bellardo concurred that he noise can be introduced into the timing When looking at ID documents, you was no longer downloading any data. data without degrading it beyond have to look at what the agency is good Savage then extended the attack to the usability. Complex systems with multi- at attesting. rest of the audience, and I can confirm ple applications running simultaneously, that my connection to the outside world Q: Considering this issue from a cultural or even the variance of network latency, was gone. This lasted a few seconds after perspective: Identity is partially defined do not produce enough noise to disguise which Savage discontinued the attack, by race, religion, etc., and this affects the time difference required to perform and service was restored. one’s reputation. Comment? the analysis. He then described the two denial-of-ser- A: I agree. A lot of reputation is tied up OpenSSL was chosen for this work vice attacks he used, both of which use in name, for example, and differs from because the package is used in many legitimate features of the 802.11b proto- culture to culture (e.g., Europe vs. US). other applications, including mod_SSL, col. The first attack, which disabled only Look at what’s used for credibility: in stunnel, sNFS, and more. Of the applica- a single 802.11b user, used a deauthenti- Europe, it’s family history, unlike in the tions examined, only the Mozilla NSS cation attack. In a normal conversation US. packages defaulted to secure behavior. between an 802.11b client and access Because the RSA algorithm requires point, the client requests and receives an REFEREED PAPERS: ATTACKS many multiplications of very large num- authentication. At any point in the con- Summarized by Clif Flynt bers, most implementations use arith- versation, the client can request that the REMOTE TIMING ATTACKS ARE PRACTICAL metic optimization techniques to speed session be deauthenticated. The deau- David Brumley and Dan Boneh, up encrypting and decrypting. These thentication request is not a secure mes- Stanford University techniques are sensitive to certain bit sage; thus one client can send a message The authors received the Best Paper patterns in the test and real key, making to deauthenticate another client. Once a award for their report on the viability of a message rejection faster or slower session has been deauthenticated, the timing attacks on the RSA algorithm as depending on how closely the bit pat- original client must return to the begin- implemented in OpenSSL. They proved terns of the test key match the real key. A ning of the conversation with the AP that they could extract RSA private keys, defense against this attack is to use RSA before transmitting any more informa- not only when running on the same blinding, in which the client and server tion. should decrypt a random string as well hardware as the secure application, but He described a simple technique to pro- as the actual encrypted text to provide a also across a network including several tect against this attack. When the AP random decryption time. This produces routers. receives a deauthenticate request, it a 2–10% hit in performance. Brumley should hold the request for a period of Dan Boneh described how a timing found that this was sufficient to prevent time before implementing it. If a fresh attack works and how to defend against a successful timing analysis. This is data packet from the deauthenticating it. In a timing attack, the secure server is implemented by default in versions of sent many different queries that are OpenSSL after version 0.9.7b.

December 2003 ;login: 12TH USENIX SECURITY SYMPOSIUM 71 client is received, the AP will not process into the packets and modify it. The tory entry cache, and others. Since the the deauthenticate request. defense against this attack is simply to paper was written, the Bro IDS and the reject unreasonably large values in the Linux vulnerabilities have been Savage described other potential attacks NAV field. In actual use, legitimate val- addressed. based on fields designed to enable power ues are always under 3 ms. conservation and reduce packet colli- Crosby described several alternative

sions. However, when they implemented DENIAL OF SERVICE VIA ALGORITHMIC hash implementations and discussed some of these attacks they discovered COMPLEXITY ATTACKS their strengths and weaknesses. The uni- that current implementations of most Scott A. Crosby and Dan S. Wallach, versal hashing algorithm described by 802.11b interface cards don’t implement Rice University Carter & Wegman in 1979 is about as these features, and data in those fields is Scott Crosby pointed out that algo- fast as the Perl 5 hash algorithm. The ignored. rithms have best-case, normal-case, and UMAC hash generator is optimized for modern compilers. A new hashing As the use of 802.11b becomes more worst-case behaviors. When we imple- library dubbed UHASH was developed widespread and quality-of-service ment algorithms, we rely on normal- based on the Carter & Wegman code demands become greater, we can expect case behavior. A system with malicious and UMAC code with further optimiza- new cards to implement these features, users may be forced to demonstrate tions and generalizations to make it use- so Savage simulated a network of cards worst-case behavior. ful for applications with unknown A hash algorithm dis- length strings (CGI applications that plays a constant time to may hash on user input), as well as access an element applications where a key length can be (O(1)), unless there are determined (compilers where the key- many collisions. As the word size is fixed). number of collisions increases, the behavior of The UHASH library is slower than the the hash access Perl hash algorithm for strings of fewer approaches linear (O(n)). than 60 characters, but faster for longer By discovering a few sets strings. of letters that hash to “zero,”an attacker can INVITED TALK: DISTRIBUTING easily generate a large SECURITY: DEFENDING WEB SITES number of collisions. WITH 13,000 SERVERS Andy Ellis, Akamai Crosby demonstrated Summarized by Seung Won Jun A book-signing party that thousands of colli- sions are required before Andy Ellis showed the audience some numbers to give an idea of the scale of that implement the specifications cor- the linear nature of the hashtable search the Akamai network: 14,000 servers that rectly, and simulated attacks on that net- becomes run 100 applications and are distributed work. One of these specifications is the a problem, but that this can be achieved in 2,400 different locations. They collec- Network Allocation Vector (NAV) field. in six minutes with a typical dialup tively serve 25 billion connections and The NAV field allows an AP-client pair modem. In an attack on a Perl applica- 200 terabytes per day. Securing such a to reserve a period of time for their tion, he generated 90,000 collisions. system is a challenge. exclusive use. This allows a large packet After these collisions, retrieving a value to use up the bandwidth without having for a key with no collision took about A traditional Web service model may another unit collide with it. This time two seconds, while retrieving a value for provide confidentiality and integrity via period can be as long as 31.5 millisec- a key that had collisions took about two the separation of application/database onds. The NAV bit is maintained by the hours. servers guarded by firewalls and IDSes, firmware and, in theory, can’t be modi- This vulnerability was found in Perl, but it does not provide availability very fied by a user program. Savage described Squid, the Bro Intrusion Detection Sys- well. Availability can be compromised how an attacking application can scan tem, the Linux routing cache and direc- when flash crowds or denial-of-service the SRAM to find the value being placed attacks occur. Akamai addresses it by

72 Vol. 28, No. 6 ;login: delivering contents from the edge. While performance or reliability; it is all about Don’t scare the user. The certificate some servers on the edge may be over- “screwing the neighbors” or “not having request forms should only require EPORTS whelmed, plenty of others can still serve your bits on my network.”Though Aka- information they will actually use R the requests. The principle of delivering mai is across the street from MIT, Inter- (username, password), not unneces- from the edge applies to almost all pro- net traffic requires 15 hops and is routed sary information such as passport

tocols Akamai supports, including DNS through New York. On September 11, number. ONFERENCE

C

traffic as well as Web traffic. this became 54 hops, with traffic routed It must be possible to bootstrap the through Israel. To mitigate BGP’s rout- procedure with no previous certifi- Several management techniques were ing, Akamai uses some servers to relay cate. Username/password should be presented. Given so many servers and so the traffic, which is especially effective all that’s required to get a basic cer- few administrators (about 30), installing for transcontinental traffic, producing tificate. software could be a headache without an up to 40% improvement in round-trip The user can submit the certificate automated process, which is called “net time. to the CA to get it signed. The CA deploy.”Automated installation gives will return a signed certificate to the flexibility for managing servers. If a sus- Ellis concluded the talk by giving three user. picious event occurs, the relevant servers lessons he had learned: plan for failure, can be wiped out and freshly reinstalled use heavy automation, and make a deci- The system Gutmann developed relies rather than examined and patched. Key sion in advance. on a few assumptions: (1) The user has management is done cooperatively by some existing relationship with the cer- several components: key generation cen- REFEREED PAPERS: COPING WITH tificate-issuing agency. He proposes that ter, key distribution center, access con- THE REAL WORLD banks offer CA services, since a user can trol database, and audit server. An Auth- Summarized by Clif Flynt be assumed to have a relationship with Gate is a gateway for access manage- a bank that has already been verified. PLUG-AND-PLAY PKI: A PKI YOUR MOTHER ment. Administrators ssh to the Auth- (2) There is a centralized server that can CAN USE Gate, which is replicated, to access edge act as a CA locator. This is much like a Peter Gutmann, Auckland University servers rather than having direct access DHCP server. In practice the HTTP 3xx to them. This way, access control policy In contrast to the many very technical Redirect message was used to redirect can be more flexible. For example, the papers regarding timing attacks, encryp- a user from a central site to the CA. policy can say that a particular user is tion, file systems, and packet protocols, (3) The resulting procedure need only allowed to access a certain number of Peter Gutmann examined the user expe- be as secure as the applications warrant. machines rather than having the list of rience of public key infrastructure (PKI) This is for online shopping, not exchang- machines that are allowed to a user. to obtain a certificate, and proposed ing nuclear missile launch codes. Edge Diagnostics is the facility to test some solutions. The first problem in obtaining a certifi- edge servers. The primary purpose is, He noted that using the current public cate is finding a certificate authority. hopefully, to show customers that the key infrastructure is more difficult than This can be implemented by having ISPs problem is not in Akamai’s servers but it should be. While obtaining a connec- provide a redirect from a common somewhere else (maybe in the network). tion to an ISP can be done in a few min- named location—for example, http:// With so many servers, it is important to utes with three pieces of information pkiboot.example.com or http://www. know what happens to which servers. (login name, password, and credit card example.com/pkiboot, and using the Event management also requires a scala- number), obtaining a certificate from a HTTP redirect to redirect a browser (or ble solution. Events from several edge public certificate authority (CA) can automated certificate acquisition pro- servers are merged into a log file, which take a skilled user between 30 minutes gram) to the proper page. Current PKI is collected by Query Aggregator. The and a month, and may or may not have systems use a baby duck security model. Monocle application automatically any verification. The user imprints on the first available checks the Query Aggregator and system, and believes it to be secure. reports any alerts to clients. In practice, most sites use the sample (clown suit) certificate that can be gen- When started, an automated certificate- While Akamai runs many servers, it does erated for testing purposes with acquisition system will be initialized to not own, or have control over, any net- OpenSSL, cryptlib, and others. What is remove existing state. It will trust the work backbone. Ellis mentioned that needed is a system with the following first certificate authority it discovers. BGP is not particularly good about prime directives:

December 2003 ;login: 12TH USENIX SECURITY SYMPOSIUM 73 This is obviously insecure, since it is a set of Mandatory Access Control number of patched sites asymptotically based on physical location. While there (MAC) rules within the Linux kernel. approaches 35%. They found that large are many PKI RFCs in existence, none of The SELinux project is developing a set installations are more responsive than them met Gutmann’s requirements, so of rules to be implemented by the LSM small sites. This can be explained by he came up with a partially home-grown framework to implement a comprehen- large installations having a full-time solution. A user simply enters his or her sive integrity policy. For each application administration staff responsible for username and password and obtains a there are policy statements which define installing upgrades. certificate. A developer can create a a particular threat model and the reac- During the question period, one person Plug-and-Play PKI session that performs tion to these threats. This can lead to involved in writing up descriptions of PKIBoot using username + password, many statements for each application on security flaws wasn’t aware that disabling generates signing key, requests signing a Linux system. The SELinux policy base SSLv2 would provide a workaround. A certificate using username_password, is composed of over 50,000 policy state- reward/punishment system for installing and generates encryption key. This can ments, making manual coverage analysis or not installing security upgrades might be used with files or smartcards for key difficult. work, but nobody knows where the storage. Gutmann commented that At a system level, the SELinux defines an money for rewards would come from. It SCEP (Simple Cert Enrollment Proto- aggregate of the application policies. was observed that the OpenSSL upgrade col), which is used in IPSec routers, is There is no coherent threat model, and was not trivial; if upgrades are not easy, somewhat quirky. The certificate mes- the application policy interactions are they won’t be installed. Rescorla was saging is done with secured messages, not examined. This leads analysts to asked what percentage of sites surveyed but certificate fetch is done via (inse- express concerns regarding the complex- were home-user systems. He replied that cure) HTTP GET. The initial bootstrap- ity and size of the system being analyzed. this was not known, and the number of ping procedure is difficult, and there is poorly administered home systems is a no provision of rMAC’d messages. The Jaeger and his associates claim that the serious problem. SCEP system also uses all-in-one certifi- complexity is necessary because it flows cates, with no separation of signing and from flexibility in the system. They also INVITED TALK: PROTECTING THE encryption. point out that while the policy base is INTERNET INFRASTRUCTURE large, they can reduce size. Only a smaller ANALYZING INTEGRITY PROTECTION IN THE policy subset is needed to express an ade- John Ioannidis, AT&T Labs–Research SELINUX EXAMPLE POLICY quate Trusted Computing Base (TCB) Summarized by Seung Won Jun Trent Jaeger, Reiner Sailer, and Xiaolan rule set. Their technique is to assess the The Internet has infrastructure, some- Zhang, IBM Research threats and evaluate the policy against thing upon which applications depend: The SELinux project is an attempt to TCB security requirements in the threat links, routers, supporting services such provide mandatory access controls to model. The goal of a Trusted Computing as DNS servers and perhaps Google, and Linux. The project includes a set of Base is to protect higher integrity data buildings where the equipment is located. example rules that are intended to pro- and applications from modification or Before getting into details, John Ioannidis vide a secure base for developing local misbehavior by lower integrity applica- mentioned several security mantras. rule sets. Jaeger described a technique tions. There is no global security solution, so for analyzing those rules to determine we must remain vigilant. Since security whether or not the example policy is SECURITY HOLES . . . WHO CARES? is always a cost-benefit trade-off, it is actually secure. This technique relies Eric Rescorla, RTFM, Inc. important to understand the threat upon the Gokyo tool, which compares a Eric Rescorla reported on research into model (who is out to get us and how set of SELinux policy rules and the user compliance with security upgrade they might get us), trust model (who are desired integrity goals and reports how notifications. They probed many friends and from whom can we get well the rules implement these goals. machines to see what versions of help), and available tools (or, in the end, This work is done as part of the Linux OpenSSL were installed. They discov- money, which is not sufficient but is Analysis Tools project, housed at ered that most sites that will install an necessary for security). http://www.research.ibm.com/vali. upgrade (about 40%) do so immediately Infrastructure consists of several layers. when an update is released. The next The Linux Security Modules project Physical infrastructure includes fiber, surge in updates (about 20% of sites) provides a framework for implementing wires, routers, buildings, and electric happens when an exploit is released. The

74 Vol. 28, No. 6 ;login: power. To protect the physical infra- Microsoft that you intend? Availability is Rubin, the first speaker, and Dan Wal- structure against intruders, natural and still not addressed, and the key manage- lach, the moderator. EPORTS manmade disasters, and other accidents, ment for DNSSec will be a nightmare. R Aviel Rubin started with highlights from we can use hardening and replicating in The configuration of DNSSec is more the report and a rebuttal from Diebold. conjunction with traditional measures difficult than DNS, and we have little He discussed high-profile disclosures

such as alarms, locks, traps, and armed operational experience. ONFERENCE

and the risks of these disclosures: legal C

guards. Another component of control infra- action against the researchers, restrain- Bit transport is the infrastructure in structure is routing, particularly focused ing orders against publishing, PR blitzes which bits travel. Links are characterized on BGP.As BGP is arguably the most to discredit the researchers, and jeopar- by capacity, delay, and bit-error rate. distributed routing protocol, its compli- dizing one’s job or career. He also made Attacks are typically on capacity, that is, cation is aggravated by the policy con- some firsthand observations of the denial of service. According to a four- flicts among ISPs. Route announcements response he experienced: people criticiz- year-old survey of attacks, the DoS are not authenticated, which can lead to ing the paper without reading it, people attacks are fairly crude and anisotropic, a problem. Considering the effectiveness calling his boss to complain, and detrac- which means that attacks are directional of such a simple measure as filtering out tors lying to the press and playing on rather than pervasive, probably because all BGP packets whose TTL is lower than emotion. attackers can take control of only a lim- 254, it is a pity that not all BGP routers The next speaker was Doug Jones, a ited number of hosts. What can we do follow such a practice. S-BGP, So-BGP, computer scientist who also sits on the about the DoS attack? We can detect the and IRV address the security issue of Iowa Board of Examiners for voting attack by monitoring traffic carefully or BGP, but security is always harder to bolt machines. As part of that duty, he has even marking some traffic. Upon detec- on later than to build in from the begin- assessed voting machines presented by tion, although we may not completely ning. various vendors, including Global Elec- stop the attack traffic, we can reduce its tion Systems (later bought by Diebold). collateral damage. A “blackhole” router, PANEL: ELECTRONIC VOTING He said that in 1997 he talked to the which is configured manually or semi- SECURITY head developer at GES about its flawed automatically, swallows the attack traffic Summarized by Scott A. Crosby use of a static constant as an encryption rather than forwarding it to the victim. The panel for electronic voting security key, a flaw that still existed over five As a result, other parts of the network included Dan Wallach as moderator, Jim years later in the code examined by Avi are saved from the attack. Going even Adler from VoteHere, David Dill from Rubin. He spent most of his presenta- further, we can “push back” the attack Stanford, David Elliot from Washington tion documenting that claim and how it traffic by making a router tell its up- State’s Office of Secretary of State, Dou- shows that the voting machine certifica- stream routers not to forward the attack glas W. Jones from University of Iowa, tion system is demonstrably flawed. packets. Sanford Morganstein from Populex, and After Doug Jones came Jim Adler. Vote- A major component of control infra- Aviel Rubin from Johns Hopkins Uni- Here does not make voting machines, structure is DNS. There are many points versity. but it creates software technology for where DNS can go wrong. While the The panel started off root and TLD DNS servers are critical, with a warning by Dan there are so few of them that they can stating that “no blood be, and are, DoS-attacked. The DNS will be spilled,”and response, which is carried on UDP, is asked if anyone from not authenticated and, hence, can be Diebold was in the audi- spoofed. Cache poisoning (corruption of ence. This was timely local DNS servers) can misdirect the because two weeks traffic, and the servers are prone to be before the conference, a misconfigured. Although DNSSec tries highly critical report on to address some security aspects in DNS, Diebold voting it still leaves many problems unsolved. machines was released. A semantic problem is fundamental: L. to R.: Aviel Rubin, Dan Wallach, David Elliott, Jim The authors of that Adler, Douglas W. Jones, Sanford Morganstein Does microsoft.com represent “the” report included Avi

December 2003 ;login: 12TH USENIX SECURITY SYMPOSIUM 75 machines. Doug classified attackers as ticular program was what was actually readily available; and “the Bad Guys are insiders and outsiders and pointed out being run in the machine. There was giving us lots of practice.” the need for threat analysis and open disagreement between panelists over the Cheswick pointed out that a cost vs. technology. He described his company’s need for a paper trail. Jim Adler was crit- benefit analysis must be performed: We voting system which uses cryptographic ical of a proposed bill that required one, need to figure out the value of our magic to construct ballots and secure claiming that it would be stupid and assets, and how much an attacker is will- shuffles to preserve anonymity. He proscriptive; his design uses cryptogra- ing to spend. Security is not perfect but emphasized the importance of looking phy that would make paper obsolete. only needs to be “good enough.”There at requirements, design, and risk analy- Aviel Rubin disagreed; a mechanism are some problems that resist easy solu- sis. only Ph.D.s understand will be less tions, such as buggy software, poor pass- trusted by the general public than paper. David Elliot described the problems of word choices, and social engineering. the current system as the result of Also, even experts can’t always get things INVITED TALKS: INTERNET SECURITY: benign neglect. It’s designed with secu- right. To illustrate this point, Cheswick AN OPTIMIST GROPES FOR HOPE rity based on controlled access to the displayed some passwords that had been system. He noted that there were no BILL CHESWICK, LUMETA sniffed during the conference from the security standards until 1990, and even Summarized by Tara Whalen USENIX wireless network. those are voluntary. The current testing Bill Cheswick provided a historical per- To mitigate these problems, he proposed methodology is hardware stress tests like spective on computer security, explain- several security strategies. First, stay out heat and vibration, not security. ing why he remains optimistic that good of the game if possible (“best block is security is possible (despite his state- Next came Sanford Morganstein, a rep- not be there”), through such means as ment that “an optimistic security person resentative from Populex, a company avoiding the monoculture of homoge- may be an anti-job requirement”). Back that actually manufactures voting neous systems. Second, deploy defense in 1993, when he and Steve Bellovin machines and is brand new to the field. in depth by engineering redundancies were writing the first edition of Firewalls Their system is a reimplementation into your systems. Third, make security and Internet Security, the Web had not based on the Mercuri Method, in which as simple as possible: Set up secure yet arrived on the scene and most net- a computer voting machine prints out a defaults and use hardware tokens. work attacks were theoretical. There was human-readable receipt with a bar code. Finally, design security into a system no wide-scale sniffing, no massive denial from the start, because it can’t simply be The final panelist was David Dill. He of service attacks, not many worms. But added later. focused on the cultural gap between fast-forward only a few years, and these computer scientists and voting officials. attacks have become prevalent, coupled Cheswick continued his talk with a dis- Voting officials believe that black-box with a rapid rise in the use of the Inter- cussion on firewalls. Although they are testing can detect malicious code and net. Cheswick stated that “there are lot useful in many situations, they have cer- refuse to listen to computer scientists more players, and on average they are a tain drawbacks. For example, people go who say differently. Short-term prob- lot less secure.” around them, and they offer no protec- lems required fixing the regulatory and tion from insiders. Another problem is However, there are also a lot of tools certification framework and stopping that firewalls are often used as perimeter available that weren’t around in 1994, the acquisition of paperless voting defense around very large perimeters; such as widely available crypto, SSH, machines. He described the long-term Cheswick believes that smaller enclaves firewalls, and intrusion detection sys- problem as satisfying the requirements are much safer. Note that you don’t have tems. Many of these can be easily that lead to touch-screen voting, such as to use a firewall. Cheswick stated that deployed, as you don’t have to “roll your a dislike of paper. this is like “skinny-dipping on the Inter- own” security tools anymore. net: somewhat exciting, but with an ele- The panel then opened to questions. There are a number of reasons why ment of danger.”Such an approach One questioner inquired whether open Cheswick remains optimistic: Reliable requires secure host technology, like the source is necessary for secure design. systems can be built from unreliable current efforts in *BSD and Linux. One The response from Jim Adler was that all parts; we have control over the rules we technique is to jail servers (and clients), that is needed is verifiability of results. A set on our hosts; good encryption is for example, through chroot. Cheswick point was made that even if open source provided a list of “routes to root” that was used, no one could know that a par- should be minimized (such as root net-

76 Vol. 28, No. 6 ;login: work services and setuid programs), and REFEREED PAPERS: HARDENING I Another major problem, preventing stated that chroot is the only standard- Summarized by Chris Ries cleartext leaks when register values are EPORTS ized layer of defense that we currently stored on the stack to free them up for R POINTGUARD: PROTECTING POINTERS FROM have. He described his experiences with other purposes, will be prevented in BUFFER OVERFLOW VULNERABILITIES jailing programs, outlined some practi- future implementations. Crispin Cowan, Steve Beattie, John

cal difficulties of this approach, and ONFERENCE

Johansen, and Perry Wagle, WireX The authors were surprised to discover C

listed some of the programs he has jailed Communications that in some situations code compiled (Web servers, Samba) and those that The goal of most attackers in exploiting with PointGuard actually performed probably should be jailed (Apache, vulnerabilities is to execute code that better than code that was not. This is NTP). they provide, commonly known as shell- probably because PointGuard uses regis- Cheswick next provided an interesting code. Usually this is done by overwriting ters more heavily than the normal com- diversion about “spook networks,” a pointer and aiming it at their own code piler. Other performance costs varied telling the audience to talk to spooks for that has been placed somewhere within from less than 1% to 21% overhead. their advice (rather than their secrets). the attack space. Different approaches He said that they seem to have a great can be taken to protect these pointers, ADDRESS OBFUSCATION: AN EFFICIENT deal of success running secure networks, such as surrounding them by canary val- APPROACH TO COMBAT A BROAD RANGE and have adopted good practices for ues that expose an attack if they are OF MEMORY ERROR EXPLOITS maintaining secure systems (e.g., using overwritten. The authors, however, take Sandeep Bhatkar, Daniel C. DuVarney, enclaves and restricting client software). the approach that pointers are danger- and R. Sekar, Stony Brook University Cheswick finished his talk with a secu- ous until they are loaded into a register, Using a language such as C or C++ rity wish list, which included more work and so their method involves encrypting allows the programmer to have greater on chroot, formal analysis of crypto, and the pointer until this occurs. During an control over memory with tools such as sandboxes for browsers. He concluded attack, when the pointer is de-referenced pointers, but this opens programs up to with his contention that things can get after being overwritten, it will not jump memory errors such as buffer overflow better, with enough work and diligence. to where it was intended, since the value vulnerabilities. One possible solution is The audience responded to this talk with it was overwritten with will be decrypted. to use a type-safe language, but C is too anecdotes and opinions, as well as a few Instead, it points off into some “crazy widely used today to be completely questions: space” and the program crashes. Point- abandoned. Other solutions involve Guard works at compile time and essen- educating the programmer or ensuring Q: What’s the worst thing you could do tially XORs pointers stored in memory that the programmer’s assumptions to the Internet? with a secret key. This key is kept on its about input are always valid. Instead, the A: I don’t want to give specifics, but the own page, and the page is marked read- authors provide a solution that involves worst thing I can think of would take it only so that the attacker cannot over- directly stopping the attacker. In order down for weeks. As in the past, I expect write it. It can be implemented at differ- to exploit these memory errors to gain that experts would step in to respond ent times during the compilation process control of the program, the attackers immediately, but they’d probably all – either at the pre-processor stage, inter- need to know such data as the distance have to phone each other. mediate representation, or the architec- between the buffer their input is placed ture-dependent stage – but the authors into and the return address or the mem- Q: You didn’t mention how to help users decided to implement at the intermedi- ory address of the buffer itself. By ran- operate security tools correctly. ate level. This stage is late enough to domizing the virtual addresses of the A: I don’t think that users are going to avoid most chance of the defenses being memory the program uses, the attacker become more competent. My hand-wav- optimized away, and early enough to still will jump to a random location and ing answer is to use tools like USB don- have type information to distinguish crash the program most of the time, gles, obtained from a trusted source. between pointer and non-pointer data. which provides a telltale sign of the There are some difficult issues that arise attack. Similar solutions are being used while using PointGuard, such as mixing in both the PaX project and PointGuard. PointGuard-compiled code with code Address obfuscation is performed dur- that was compiled without it. For this, ing linking, loading, and execution. the authors added compiler directives. The authors’ method essentially involves

December 2003 ;login: 12TH USENIX SECURITY SYMPOSIUM 77 three different ways to obfuscate: stage, such as specifying actual input to basic functionality. This is not news to (1) Randomize the base address of the check for bugs. Since the method will the IT sector, but it was news to the stack, heap, and code memory regions, find a bug even if a dangerous value is media (particularly the music industry). as well as the starting address of dynam- not input, it only needs to be used dur- Content companies did not expect ically linked libraries; (2) add random ing the software testing phase. When duplication of digital media; the music gaps within the stack between allocated testing is complete, it is no longer used, industry is an object lesson for the rest memory on the heap, and to routines, to and therefore there is no performance of the content industry (TV, movies) – be just jumped over; and (3) permute penalty. The authors’ method involves they are looking at file trading, fear it the order of local variables on the stack, shadowing any variables that contain will destroy them, and want to stop it. static variables, and the routines of user input. For example, integers are In the summer of 2000, Michael Eisner dynamically linked libraries and of the shadowed by a variable that stores its told Congress there was a need for more program itself. Such obfuscations make lower and upper bound, strings are legislation to protect copyrighted works. exploits that rely either on absolute shadowed by a variable that stores its Only two years earlier, Jack Valenti said, addresses (stack smashing, return-into- size and whether it is null-terminated, “We aren’t going to need legislation, libc, heap overflows, double free, data and array references are shadowed by a because DCMA will protect us.”But Eis- modification) or on relative addresses variable containing possible ranges. ner felt that more legislation was neces- (partial overwrites and data modifica- These shadow variables are adjusted at sary, stating, “The problem for us is tion) much more difficult. Many attacks any control points, such as loops, if computers.”Not file trading, or broad- are very unlikely to be successful when statements, and arithmetic operations. casting, but computers. As usual, media this method of obfuscation is used (the At any use of the input that is potentially players wanted targeted legislation, which authors report a 4*10-5 success probabil- dangerous, the possible range of the is never as narrow as they think it is. ity with return-into-libc attacks). It also input, not the input itself, is checked, so involves no change to source code, and even if a dangerous value is not input Hollywood can’t say, “We have to stop very little overhead. errors can be detected. Using their imple- the computer revolution.”This won’t mentation, the authors tested eight dif- work at all. But they can propose sys- HIGH COVERAGE DETECTION OF ferent programs and discovered 16 bugs, tems that have the effect of slowing INPUT-RELATED SECURITY FAULTS including three in the popular OpenSSH down the pace of the computer revolu- Eric Larson and Todd Austin, University program. Most of these were the result tion. For example, in the mid-1990s, of Michigan of unbounded integers used in loops. Hollywood proposed legislation to pro- Many software vulnerabilities, such as Their method does have some limita- tect video content through a scheme the latest MS RPC DCOM vulnerability, tions, such as only checking the execu- that marked every small set of frames. arise from the failure to perform proper tion paths taken during runtime, and it You’d play the video and the computer boundary checking on data. Data received also has high runtime performance would look for the marks – if marks not from a network, for example, is often penalties. Some of their future work will there, then okay to copy, else abide by trusted and put into a buffer without first involve optimizing their current imple- copyright rules. This is a very inefficient checking that the buffer is big enough. mentation. solution from a computer perspective: Other bugs occur when string library You need to dedicate resources to check functions are improperly used, and these INVITED TALK: WHEN POLICIES for copyright marks. After extensive IT bugs can lead to serious security vulner- COLLIDE: WILL THE COPYRIGHT and media debate, they eventually abilities, such as stack overflows and for- WARS ROLL BACK THE COMPUTER derived the DVD standard. This stan- mat string bugs. Searching for these bugs REVOLUTION? dard (a) doesn’t need to look for a mark, can occur at several different stages. It Mike Godwin, Public Knowledge and besides which (b) DVD turned out can be done at compile time, in which Summarized by Tara Whalen to be a huge windfall. case there is no dependence on what input is actually used, but this makes Mike Godwin described how legislation Godwin went on to say that this experi- things like keeping track of data on the put forward by content providers ence taught different lessons to IT and heap difficult. Instead, the authors (media interests) will impede progress media. IT companies concluded that if decided to take the approach of check- in the computer sector. The fundamen- they negotiate with Hollywood, they can ing at runtime, but eliminated many tal issue is that computers are very good get a good compromise. What Holly- common weaknesses of doing it at this at making copies: this is part of their wood concluded is that if they muscle

78 Vol. 28, No. 6 ;login: hard enough, they can drag IT to the A: The best compromise is probably to bilities” of already existing systems and table and get largely what they want. tell Hollywood to encrypt content at spot some of these attacks. The authors’ EPORTS

Fast-forward to the Hollings Senate bill. source and restrict the decoding to soft- idea was to implement an intrusion R It would have required a copyrighted- ware decoding, such as with the DVD detection system on a host used for stor- work-detecting chip built into every dig- model. age by multiple computers. With this

ital device. For this approach to work, setup, the intrusion detection system ONFERENCE

Q: But studios aren’t happy with the C

there would need to be a regulatory but- sees all persistent activity, and is also on DVD model – can we hold them to it so tress supporting it, because you can beat a separate self-contained host, so it is they won’t keep demanding changes? this scheme fairly easily. This now moves not susceptible to being disabled after the debate into the arena of policy deci- A: When we negotiate compromises, we one of the hosts that uses it is compro- sions, which would require re-architect- need to include consumer interests, not mised. It monitors changes to static files ing the digital world from top to bot- just studio interests. or corruption of well-understood files tom. such as /etc/passwd, unexpected changes Q: This situation reminds me of the to the middle of a log file, or any suspi- Godwin is concerned that such legisla- crypto wars, with lots of regulation set cious content. The authors state that the tion will hamper progress: IT has been up against a small group of geeks. storage IDS is no “silver bullet” and has built on open architectures, which cre- Progress went ahead only when business limitations and weaknesses like any ated opportunities and investment. “If came forward as an ally – who’s the new other IDS. One unique limitation is that Hollywood had its way, computers ally in this arena? it only sees storage traffic, so other traf- would be more like consumer electronic A: I’m happy to work with any company fic such as denial-of-service attempts devices, with limited, controlled func- who wants to work with me on these will not be detected. It is also susceptible tionality....What’s troubling to me is proposals. There are IT people who are to general IDS weaknesses, such as false that the content guys don’t seem to see suspicious of Microsoft or Intel, and you positives and misconfiguration. It does, what harm they may be doing. They shouldn’t assume that they are your ene- however, add another level of detection. know that marking schemes require mies: use their muscle. The authors concluded that storage making devices untamperable, but they IDSes provide a new vantage point to don’t seem to realize this has a high cost REFEREED PAPERS: DETECTION watch from, with minimum space and – to us, but also to them. They will slow performance costs. down the computer revolution that they Summarized by Chris Ries themselves use for their business.” STORAGE-BASED INTRUSION DETECTION: DETECTING MALICIOUS JAVA CODE USING WATCHING STORAGE ACTIVITY FOR SUSPI- Godwin added that this is about making VIRTUAL MACHINE AUDITING CIOUS BEHAVIOR computer platforms acceptable to the Sunil Soman, Chandra Krintz, and Adam Pennington, John Strunk, John content industries. We value user control Giovanni Vigna, University of Califor- Griffin, Craig Soules, Garth Goodson, nia, Santa Barbara in the IT community, and we don’t want and Gregory Ganger, Carnegie Mellon One of the original goals of Java was to to give that up, but this model is now at University provide dynamic content embedded into risk. He concluded his talk by asking: Current intrusion detection systems are a Web page. Since then its use has spread What do we tell Hollywood? The glib often implemented at either the host much further, due to such strengths as answer is, “Develop another business level or the network level. There are sce- security, flexibility, and portability. Cur- model.”A better answer is, “If you are narios, however, where both of these can rently, Java security consists of type sys- concerned about content, we can design fail. If an attack is too new and there is tem and verification mechanisms, as a more secure system that is leaky but no signature for it, or worse yet, if it is well as mechanisms that can be used for overall will still make you money [like misconfigured, a network intrusion authentication and access control. Fine- the DVD model].” detection can fail to spot an intruder. grained auditing and intrusion detection Host intrusion detection systems can The talk was followed by extensive audi- could improve the existing security built also be disabled by rootkits after a host ence commentary and questions: into Java, but running a host-based IDS has been compromised, and logs can be as a separate process will not be effec- Q: We seem to be losing the Hollywood scrubbed to cover the attacker’s foot- tive, since multiple Java applications are battle. What position can we actually steps. Adding storage-based intrusion run within the same virtual machine. hold? detection could help “augment the capa- The goal of the authors was to add an

December 2003 ;login: 12TH USENIX SECURITY SYMPOSIUM 79 event stream at the JVM level with fine- techniques such as register renaming, having it look for different types of grained response, which would allow for and the good guys countered this by malicious code, such as trojans. intrusion detection within the JVM. To using regex signatures that were essen- create their built-in event stream, the tially templates that allowed the signa- INVITED TALK: PHYSICAL SECURITY: authors first began with JikesRVM and tures to have gaps. Next, the bad guys THE GOOD, THE BAD, AND THE UGLY extended it to associate a user ID and IP started packing and encrypting the mali- Mark Seiden, MSB Associates address with each thread. They also built cious code, and the good guys countered Summarized by David Molnar in an auditing system that consists of an this by using emulation and heuristics. Mark Seiden began by talking about the event driver, an event queue, and an Now the bad guys have started to use basics of physical security. In the physi- event logger thread that runs as a system code reordering and integration to try to cal world, unlike online, the concept of thread and reports to an external audit keep their malicious code from being “secure perimeter” is real and meaning- log. This audit log is then processed by detected, and this type of obfuscation is ful. Security audits begin by talking an external IDS based on the STAT not always detected. The authors obfus- about security analyses. Unfortunately, framework developed by the authors in cated four viruses using NOP-insertion it’s important to make sure that a secu- a prior work. They extended that STAT and code transposition, and then scanned rity analysis is realistic. Too often, when- core with a language-extension module, them using three popular antivirus tools. ever someone says, “I did a security an event provider that collects the The viruses that they used were Cher- analysis and determined that it was not a events, and a response module for react- nobyl, zombie-6.b, f0sf0r0, and Hare, threat,”“it” ends up being something ing to attacks. To test their IDS they cre- and none of the scanners detected the they didn’t think about. ated various attack scenarios and obfuscated versions. Their tool, however, showed the reports generated from called SAFE (Static Analyzer for Exe- Seiden went over the basics of establish- them. They demonstrated harmful cutables), detected all four of them. A ing a secure perimeter. Check doors, thread intercommunication, unautho- malicious binary is first loaded into windows, and also roof and tunnel access. rized access detection, and privileged SAFE, then a control flow graph (CFG) As an undergraduate at Columbia Uni- information leakage. The alerts gener- is created for each procedure. A program versity in the late 1960s, he reported on ated from these attacks included time, annotator then reads a CFG and a set of student demonstrations and police reac- action, source thread ID and UID, inter- abstraction patterns from a library. The tions to them by sneaking into the main nal network and remote address, sensor output is an annotated CFG that has library at Columbia through the sewers. that detected the attack, result of the patterns associated with each node of Because the police had chained and attack, and message-specific data. They the graph. For example, a NOP instruc- locked the front door, they thought it also tested the performance with both tion would have a pattern matched with was “secure.” partial and full logging enabled: perfor- it that states that it is an irrelevant Another case dealt with a supposedly mance time increased from 1 to 2.5 sec- instruction. A pattern consists of a list of “ultra secure” co-location facility Seiden onds (on an Intel Xeon 2.4GHz with typed variables, a sequence of instruc- had visited as part of his work. The facil- 1GB RAM). In the future they plan to tions, and Boolean expressions. A detec- ity boasted motion detectors, alarms, reduce this overhead. tor then reads this annotated CFG and and other measures for notifying secu- compares it to a malicious-code rity when a breach had occurred. Unfor- STATIC ANALYSIS OF EXECUTABLES TO DETECT automaton to decide whether it contains tunately, it also had pull-up floors. Sei- MALICIOUS PATTERNS any malicious code. The advantage of den and a colleague attempted to trip Mihai Christodorescu and Somesh Jha, their approach is that SAFE is able to the response system by first going under University of Wisconsin detect malicious code even if it has been the floor to come up in a server room Mihai Christodorescu began by dis- obfuscated. As was pointed out during and then tripping the motion detector. cussing how malicious code detection, the Q & A, as long as there is a mali- Instead of calling security, the motion like many other areas of computer secu- cious-code auto-maton for that type of detector simply opened the locked door, rity, has really become an arms race behavior, obfuscation will not fool a common setup to prevent someone between the good guys and the bad guys. SAFE. The performance of their imple- from accidentally being locked inside. Detection of viruses and other malicious mentation seemed to be successful, as no code began with the use of signatures to false positives or negatives were encoun- Seiden also talked about the divergent identify the malicious code. To foil this tered. They plan to improve SAFE by security philosophies of the physical and detection, the bad guys started using network security communities. For the

80 Vol. 28, No. 6 ;login: physical security community, security by trol events, because panels did not keep ized browser (e.g., S-HTTP, SFSRO), obscurity is valid – it means an adver- records after the first attempt to send thus leading to the depreciation of their EPORTS sary has to put in more work to deter- events to the main system. At the worst, deployment, or the protocol operates at R mine the layout of your installation, and password guessing or eavesdropping the channel level and not the file level. this may buy you time after a break-in. could be used to take complete control An example of the latter protocol is the

By contrast, the network security com- of an access panel. ONFERENCE

widely deployed browser support for the C

munity does not value security by The speaker and his team also took a SSL protocol. The author splits the obscurity nearly as much and therefore look at the source code of the access server end of the SSL connection by will share information at conferences control system. It turned out that the introducing a proxy between the server such as this one. As a concrete example, source code contained #ifdefs specific to and the client, such that the proxy is not the speaker pointed to Matt Blaze’s each customer of the system. From the privy to the shared client-server key. In recent work on rights amplification in code snippets, much could be inferred this scheme, the proxy caches the data master-keyed locks. The physical secu- about the structure of these customers’ content of the server. In response to a rity community had known about this access control needs. The audit also request from the client, the server sends issue for a long time, but their culture uncovered several cache-consistency the proxy the unique identifier of the was to keep it secret and not talk about issues between panels and the main sys- requested data as well as a message it. The network security culture pub- tem. When questioned, the manufac- authentication code (MAC) for the data, lished it so as to effect systematic turer claimed that everything was oper- using the shared secret key. The proxy change. ating “exactly as designed.” then sends the cached data and associ- Another side effect of the culture of ated MAC to the client. The server thus secrecy is the suppression of informa- REFEREED PAPERS: APPLIED CRYPTO is able to offload bandwidth to mirrored tion regarding incompatibilities that Summarized by Gelareh Taban sites while maintaining the integrity and affect security. For example, the most authenticity of the data. The problem SSL SPLITTING: SECURELY SERVING DATA popular deadbolt and the most popular with this scheme, however, is that there FROM UNTRUSTED CACHES electric strike (a device that allows elec- is no end-to-end confidentiality; the Chris Lesniewski-Laas and M. Frans tric operation of a lock, such as by a server only distributes bandwidth load Kaashoek, MIT computerized access control system) are and not CPU. This presentation focused on the prob- incompatible. Installing the strike dis- lem of reducing bandwidth load from a In short, SSL splitting reduces band- ables the deadbolt-locking mechanism, server Web site while still allowing high- width load while guaranteeing end-to- degrading the lock to the security of just content throughput to its clients. One end data integrity and offering trans- an ordinary house lock. possible solution is to use mirror sites. parency to the client. For more informa- As a case study of the boundary between That is, the server can ask a group of tion, visit http://pdos.lcs.mit.edu/ computer and physical security, the volunteers to proxy the contents of the barnraising/. speaker talked about a magstripe access site and so distribute the bandwidth control system he had audited. The sys- load. However, this scheme has potential A NEW TWO-SERVER APPROACH FOR tem consisted of panels and a central for mischief, whereby an adversary can AUTHENTICATION WITH SHORT SECRETS access control list system. Panels had pose as a volunteer and serve modified John Brainard, Ari Juels, Burt Kaliski, limited memory and communicated contents to the clients. So this scheme and Michael Szydlo, RSA Laboratories with the main system via dialup modem. requires trust in the proxy from both the Ari Juels opened his presentation by The system then pushed lists of client and the server. recalling the other name of the project, approved users and pulled access events “Nightingale,”explaining, “It was a mid- A cryptographic solution is for the (such as attempted unauthorized night project.”He went on, “The project server to attach a signature to the data access). Unfortunately, the dialup con- began as an inquiry into the mind of the being served and allow the client to nection was not authenticated in any hacker.”What does a hacker want? Fame, ensure the integrity and authenticity of way; anyone could call up the panel or wealth, love . . ? Alas, the hacker wants this content by verifying the signature. alternatively interpose and pretend to be “root access”! Existing protocols that deal with this the main access control system. At the problem are not practical, since they least, such a compromise could be used The sensitive data the project “Nightin- either require the client to use a special- to flush the panel’s record of access con- gale” is intended for are short secrets

December 2003 ;login: 12TH USENIX SECURITY SYMPOSIUM 81 and “life” questions, commonly used on DOMAIN-BASED ADMINISTRATION OF IDEN- implemented by using time expiry for the Internet today to authenticate users. TITY-BASED CRYPTOSYSTEMS FOR SECURE the keys. DNSIBC is easily deployed and How are these data stored securely on EMAIL AND IPSEC incorporated in S/MIME and IPSec. the application server? There are two main D.K. Smetters and Glen Durfee, PARC types of protections: frontline defenses How do we make public keys more INVITED TALK: THE INTERNET AS THE such as up-to-date security configura- usable? ULTIMATE SURVEILLANCE NETWORK tion, authentication, and intrusion Richard M. Smith Deployment of cryptographic tech- detection, and cryptographic rearguards Summarized by David Molnar such as hashing and encryption. How- niques today in such applications as From the abstract, I expected that the ever, due to the architecture of the secure email and IPSec has been ham- talk would be about the current uses of scheme, there exists a “single point of pered by the distribution of keys in a the Internet for surveillance. Instead, the compromise.”This means that once public key infrastructure (PKI). More speaker gave a more speculative talk access is obtained to the server, all data specifically, the sender has to ensure that about how the Internet could be used in on the server is compromised. The the receiver has generated a certified key the future to enable global tracking and adversary is able to launch various pair, and the sender must also obtain an surveillance of individuals. This specula- attacks, exploiting the weaknesses of the authenticated copy of the receiver’s pub- tive talk managed to provoke a great deal cryptographic techniques employed. lic key. This means that trust must exist between the sender and the certificate of discussion, particularly in the area of Nightingale eliminates the weaknesses of authority (CA) of the receiver. However, radio frequency identification (RFID) a single point of compromise by distrib- there are many difficulties involved in technology. uting the secret data between two servers, establishing a large-scale PKI, most Smith began by pointing out that more the application server and the Nightin- importantly the question of large-scale and more devices will become IP- gale server, so that compromise of a sin- trust between users. enabled, including phones, laptops, and gle server does not compromise the data. PDA devices. He then defined devices The authors automate key distribution The data can be shared using threshold analogous to a URL but intended to in a PKI setting by combining the idea cryptography and can be used to per- encapsulate information about a target’s of limited trust in the existing hierarchi- form distributed (or blind) secret verifi- physical location. These location mark- cal DNS server infrastructure (using cation, remote reconstruction of data ers could be generated and then sent DNSSec to ensure security) with the shares, or management of cryptographic surreptitiously through any Internet- usability advantages of identity-based keys. enabled device to a central database. The cryptography (IBC). The main idea of result would be a pervasive infrastruc- The architecture of the system is impor- IBC is to make the private key a function ture for keeping track of the locations of tant. Instead of allowing both servers to of the public key and some IBC parame- people and passing the information back be equally accessible by the client, it is ters, thereby allowing the “identity” of a through other devices to a central data- proposed that the Nightingale server be user to be her public key. In practice, base. placed behind the application server, however, the global scope of trust and allowing better security protection as namespace needed in a large-scale infra- How can a device recognize what person well as client transparency of the servers. structure is unacceptable for most appli- has come in contact with it? The speaker Furthermore, different implementations cations. The proposed DNS-based IBC pointed to several methods, but the of the servers allows different levels of (DNSIBC) allows limited but usable method that excited the most comment security and protection for the secret scope. was that of keeping track of a person by data. his or her personal RFID profile. The The authors bootstrap trust from speaker outlined the current state of Presently, Nightingale is being integrated DNSSec such that clients are authenti- RFID technology and future trends. into the RSA Security Inc. product lines. cated in their own local domain. This For more information on the Nightin- means that key-escrow, an automatic Passive RFID tags consist of small chips gale system, please refer to http:// side effect of IBC, will also be limited to connected to antennae. The chips are developer.rsasecurity.com/labs/nightingale. the local domain. The scheme requires powered by a radio broadcast from a no secure servers on the Internet, and special RFID reader. These passive RFIDs only IBC parameters need be stored carry an ID number and not much on DNS. Key revocation can be easily more, which allows them to be used to

82 Vol. 28, No. 6 ;login: replace barcodes and to perform remote Metzger about the feasibility of an active Microsoft. In his presentation, he tracking. Currently, passive tags cost less device that could “burn” out RFIDs by focused on how NGSCB is being devel- EPORTS than 50 cents (US) per tag, but the even- sending them too much power. oped to meet customer concerns about R tual goal is to reduce costs by another the erosion of their IT security perime- During the question and answer session, order of magnitude, to five cents, to ter. Increasingly, mobile computers, cell much discussion focused on the nature

enable per-item RFID tagging. Active phones, PDAs, and other wireless ONFERENCE

of RFID technology and its implications. C

RFID tags are more expensive, have their devices are accessing the network, often Some audience members questioned the own internal battery, and are generally bypassing outdated security measures speaker’s assertion that per-item RFID used for containers or other aggregates not designed to handle these new tech- tagging would be driven by shoplifting of goods. nologies. He cited the occurrence of protection, since shoplifting is just “part Xbox tournaments over the Microsoft One of the envisaged applications for of the cost of doing business.”Others corporate network as evidence that per-item RFID tagging is theft reduc- wanted to know if the RFID reader administrators have less and less control tion. The speaker talked about a recent demonstrated would catch all RFIDs that over the ways their IT systems are being field trial of RFIDs in Gillette Mach3 might be on their person; the speaker used. This has led to customers wanting razors. Mach3s are easily resellable and, replied that was not true, because multi- a means of doing application-to-appli- consequently, often shoplifted. The trial ple standards for RFID currently exist. A cation authentication that will protect combined RFIDs on each razor package reader for one standard may not read intellectual property information, be it a with a “smart shelf” that took a picture tags for another. A great deal of discus- clinical trial database or a secret recipe. of a customer whenever he or she sion involved the range of RFID readers Along with this protection, customers removed “too many” packages of razors. and the possibility of RFID “burners,” are asking for technologies that will The idea here is that if the razors are but without much agreement. allow them to share select information later found to have been shoplifted, Summarizer’s note: Readers who desire and systems with suppliers, partners, there is a picture of the perpetrator. more information on RFIDs may find and customers in a secure and con- Smith then demonstrated a Texas the following links helpful: trolled way. Micro-soft’s vision is that Instruments RFID reader and invited Silicon Valley RFID Yahoo! Group: applications must have third-party veri- audience members to come up after- http://groups.yahoo.com/group/sv_rfid/; fication before running, which would wards to check whether their devices MIT Auto-ID Center: http://www. prevent an application that has had a carried RFID. The reader connected to a autoidcenter.org/ keystroke logger added to it, or a bogus laptop; associated display software RFID Privacy Symposium at MIT, user account, from running. Biddle’s picked up RFIDs in several items carried November 15: http://www.rfidprivacy. final point was that Microsoft has heard by the speaker and displayed them on the org/ and associated Web log http://www. loud and clear that customers do not screen. The audience could then clearly rfidprivacy.org/blog. want to be “locked in,”having once see how some innocuous-looking items deployed this technology. For further from the speaker’s wallet in fact turned PANEL: REVISITING TRUSTED reading, consult a paper on authenti- out to contain RFID tags. COMPUTING cated operation of operating systems (http://cs-people.bu.edu/mpe/acisp.pdf ) The discussion of RFIDs turned out to Panelists: Douglas Barnes, Dave Saf- and white papers about the NGSCB be controversial even before the ques- ford, William Arbaugh, and Peter Biddle architecture (http://www.microsoft.com/ tion and answer session. Perry Metzger Summarized by Catherine Dodge resources/ngscb/productinfo.mspx). interrupted the speaker at several points The panel began with short comments to underline potential threats involved from each of the panelists: Peter Biddle Dave Safford began his comments by in pervasive RFID. For example, would from Microsoft, Dave Safford from IBM, holding up the August 2003 issue of it be possible to build a device that William Arbaugh from the University of Linux Journal, which includes an article allows someone to travel through a Maryland, and Douglas Barnes founder on the open source tools for TCPA that crowd and read off the RFID informa- of the Government Open Technology IBM has developed. His perspective is tion of all passersby? Metzger claimed Information Project. that no matter what the vendors say, such a device was easy with current nothing can convince a skeptical user base technology, while the speaker was not so In his comments, Biddle referred to a that TCPA isn’t “evil,”therefore any solu- sure. The speaker also disagreed with technology as NGSCB (pronounced ink- tion must be open source. He noted scab), its current moniker within

December 2003 ;login: 12TH USENIX SECURITY SYMPOSIUM 83 that the current working document the technology will amplify existing Another interesting point brought to (http://www.trustedcomputergroup.org) market power, while ending the sense of light was how humans interact with for the TCG consists of over 320 pages “ownership” users have come to feel over security. Most panelists agreed that it is a of dense language. Because of this, most content and software. He also views any problem without a good solution at this people engaged in the debate over TCPA espoused “choices” as an illusion, since point. Some technical details of the have not actually read the specification. third-party validation cannot be done TCPA were also covered. The panelists The Trusted Platform Module (TPM, or with just anyone if the second party noted that the system is not designed to TCPA chip) upon which the platform is (namely, the one constructing the be secure against a physical attack. Saf- based is essentially an RSA chip, with the TCPA) does not allow the user to com- ford said that IBM’s goal is to get the key never leaving the chip. A diagram of municate with them. To ensure that this TCPA platform to interact with virtual the chip can be found in the Linux Jour- is not what the future of trusted com- machines. Many in the audience were nal article. Safford kept emphasizing puting looks like, Barnes urged users to also concerned about how third-party that solutions to the trusted computing demand that their own benefits take software would be able to run on the problem should and will be open source. precedence over the more profit-driven platform. Biddle said that the default Further information, including white benefits to be reaped by commercial setting would be to allow any software to papers and source code for a TPM parties. Users should also not feel pres- run. This can then be configured by the device driver, can be found at http:// sured to buy until proper safeguards and user to narrow down the kinds of cre- www.research.ibm.com/gsal/tcpa. assurances are in place. The discussion dentials the user accepts. His comments that followed was mainly fueled by ques- indicated that the issue of how a small Prof. William Arbaugh drove home the tions around who will ultimately control software developer can “certify” their point that any new technology can have how a trusted platform is utilized – the software comes down to how the major- unintended or dual uses, a perspective vendors or the user? Repeatedly ques- ity of users configure their security poli- which placed him fairly middle-of-the- tioned as to how we can be sure that cies under the TCPA. road in the debate. While everyone lumps Microsoft won’t “do it,”interpreted to all trusted computing platform concepts REFEREED PAPERS: HARDENING II mean that the company will not sud- together, in his view this is incorrect. denly limit the types of policies that can There had been very emotional debate Summarized by Clif Flynt be implemented on NGSCB, Biddle around these platform proposals, PREVENTING PRIVILEGE ESCALATION stated that Microsoft would be bound by namely, concerns voiced by users that the contracts it had entered into regard- Niels Provos, Peter Honeyman, Univer- they will become “locked-in” to the plat- sity of Michigan; Markus Friedl, ing the NGSCB. They would likely be form, that free software will be excluded GeNUA mbH bound by the most strict of the contracts from the playing field, and that the pri- Two problems with secure computing they had signed. Pressed on develop- vacy of users will be seriously violated. are bad design and bad implementation. ment aspects of the NGSCB project, While a trusted platform could support Even with a good, secure design, a pro- Biddle provided some details. Microsoft such usage, the technology alone cannot gram that has a buffer overrun or other is writing the code in C and has people do these things. The issues raised above implementation error can be compro- doing formal methods proofs for the result from the policy that the trusted mised. If that program runs in a privi- project. They will not prove the entire platform would enforce, not from the leged state, it opens the door for all code but will evaluate key components, platform itself. And just as there are kinds of trouble. Provos described an such as the memory management mod- potential drawbacks, there are also many application architecture that reduces the ule. Additionally, the team maintains potential benefits, such as protected potential for trouble by separating those two development trees, one for code yet storage and proof of configuration to a sections of an application that require to be examined and validated and one third party. Ultimately, users should privileges from the rest of the applica- for production. The development team have the choice of what kind of policy to tion. This reduces both the amount of is also utilizing tools that do not allow use – and a policy language and inter- code that must be carefully examined to changes to the code interface without face that enables them to understand the create a secure application and the making the appropriate changes to the policy choices they make. impact of implementation errors in the specification. Biddle emphasized that if application. For example, applications Douglas Barnes gave his perception of they do not end up with a system that is that perform user validation require what life would be like once a TCPA-like comprehensible by a single individual, access to files that users are not allowed platform became prevalent. In his view, they will consider the project a failure.

84 Vol. 28, No. 6 ;login: to read (/etc/shadow) and thus must be SSH client, and to check the SSH client ated and added to the rule set. With this run as SUID root. response. Thus, all determination of technique, one can start with a fully EPORTS

identity of client is done in the monitor; locked down system that can’t be used R Provos described how the OpenSSH if a malicious user can manage to com- for anything, and develop a set of rules application can be split into a small promise the slave with a buffer overrun that permit work to be done quickly. monitor section that runs with privi-

or a similar attack, the application won’t The Systrace system is implemented as a ONFERENCE leges and a larger slave section that per- C

allow malicious login. hybrid of kernel and user-space func- forms most of the interaction with a tions to provide for portability and effi- user. The downside to this is that there is IMPROVING HOST SECURITY WITH SYSTEM ciency. Provos notes that a good policy is no automated way to split an application CALL POLICIES one that allows only the actions neces- into privileged and unprivileged sec- Niels Provos, University of Michigan sary for the intended functionality of the tions. Provos’ implementation of this Niels Provos discussed techniques for application and denies everything else. concept separates the monitor and slave preventing applications from perfor- We can generate policies automatically, into two applications, which use a socket ming unexpected actions by reducing or a user can define policies interactively to exchange requests and data. He their access to system library functions. via a GUI dialog. In practice, he found explained that processes under UNIX He pointed out that it’s not possible for that policies with a subset defined, and are protected entities, and only the anyone to have intimate knowledge of dialogs when something unknown owner can send signals, debug, or other- all the applications running on their comes in, converge to good policy fairly wise interact with a process. Requests a computer. Even given source code, and quickly. slave may send to the monitor include assuming enough time to examine it Information (request challenge, provide completely, there’s no guarantee that the INVITED TALK: THE INTERNET IS TOO response from remote, monitor com- running application is actually compiled SECURE ALREADY pares) and Capabilities (may access file from that code. We must assume that Eric Rescorla, RTFM, Inc. system for slave). When a slave dies and any vulnerability in a system is known to Summarized by David Molnar a monitor creates a new slave with a new an attacker, even if it’s not known to the ID, there may be state information that user. Any damage to a system must be Note: Slides from the talk are available at must be saved and loaded into the new done through the system call library. http://www.rtfm.com/TooSecure-usenix. slave. In this case, the slave exports state Intercepting these calls will prevent a pdf. to the parent before terminating, and the malicious program from modifying a Despite nearly two decades of open new slave imports state without the file system, overwriting memory, invok- research in security and cryptography, monitor evaluating the data. In practice, ing other programs, or other unpleasant the state of real-world system security exporting the state is pretty messy. This actions. Provos’s work resulted in the does not seem to have improved much. uses XDR-like data marshaling for Systrace system, which catches all system Why is this and what can we do about it? Global Structures; to handle dynami- function calls on the fly and determines Eric Rescorla placed the responsibility cally allocated state, the application uses which calls are allowed (or require per- for this state of affairs on an incorrect shared memory. The master keeps the mission) to an application. When using threat model and lack of attention to shared memory open and lets a new Systrace, no applications need to be run real-world security problems. Practical slave attach to shared memory. Provos with root privileges (SUID root). Instead, software security is much less glamorous noted that this required a new malloc to applications that require privilege esca- than coming up with a new crypto- allocate memory in shared mem space lation to invoke system functions at a graphic hole. As a result, perhaps we are instead of normal heap. The reimple- superuser level are granted access to the focusing on the wrong areas of research mentation of OpenSSH using this tech- only necessary subset of the system for practical protocols. nique included a list of permitted functions, without exposing other func- requests; if a slave’s request is unrecog- tions to possible abuse. Provos solved The rest of the talk developed this point nized, the master immediately termi- the problem of rule complexity by put- with specific examples. The speaker con- nates the slave. In this implementation, ting a user-friendly front end on Sys- sidered the SSH, SSL/TLS, IPSec, PKIX, the slave owns the SSH session socket trace that pops up a query when an S/MIME, and WEP protocols. These and sends Information requests to the application tries to do something the were divided into “wins,”“draws,”and master for server signature, testing pass- rules don’t allow. If the user is willing to “losses.”SSL/TLS and SSH count as word validity, a challenge to send the allow this operation, a new rule is gener-

December 2003 ;login: 12TH USENIX SECURITY SYMPOSIUM 85 “wins,”IPSec, PKIX, and S/Mime as bility in the padding used by SSL; his influencing the reliability of the transac- “draws,”and WEP as a security “loss.” name is well known, despite the fact that tion. The key question is what you are his attack has never been seen outside relying on the software to do. The audi- In each of these protocols, the threat the lab. In contrast, the discoverer of the ence member commented that attesta- models assume that endpoints are invio- buffer overflow exploited by the Slapper tions of software quality will come to late and links are completely controlled worm, which compromised thousands play a greater role in protocols; parties by an adversary. The speaker then argued of servers, is practically unknown. This may require certificates stating that the that in the real world, most of today’s difference in credit leads to a difference software of the other party has been problems come from endpoints com- in research emphasis. More recent exam- audited to an acceptable level before promised by virus, worm, or DDoS ples of “theoretical” holes in cryptogra- entrusting data. attack. Therefore these threat models are phy that were given great attention not well matched to today’s real vulnera- Another audience member commented included Serge Vaudenay’s padding attack bilities in protocols. In particular, the that the speaker’s view of cryptographic on CBC and Phil Rogaway’s attack on practice of requiring public-key certifi- considerations in the design of security padding. cates and certificate authorities to pro- protocols might be colored by the spe- tect against man-in-the-middle attacks Many of these theoretical attacks can be cific issues of the Internet Engineering adds significant complexity to deploy- prevented with good “crypto hygiene”; Task Force (IETF), where many of the ment. for example, timing attacks are resisted examples originated. The speaker replied by using the blinding code in OpenSSL. that he had seen similar issues outside In SSL, this complexity is mitigated Operational solutions such as this can IETF and in other organizations. because only servers need certificates, avoid the need to upgrade the entire but in the case of encrypted email, the David Larochelle mentioned that SSH protocol to deal with a weakness. This is requirement seems to have significantly also added functionality with regard to important because the protocol revision hindered adoption. The speaker also xterm forwarding, which helped it dom- process is time-consuming and often made the point that perhaps people inate its market segment. He then refer- bogs down. Necessary functionality don’t actually want encrypted email, enced his paper on the subject ( improvements are held up because secu- despite the fact that everyone says they http://www.cpppe.umd.edu/ rity issues are considered in the same want encrypted email and there are rhsmith3/papers/Final_session3_ committee. A secondary point was made plenty of startups past and present for farahmand.navathe.sharp.enslow.pdf ). about the efficiency (or lack thereof) of the concept. After all, we are on our standards committees; for example, SSH David Molnar asked if the speaker had a third generation (counting from MOSS) was introduced to the IETF several years good place to learn about crypto or more, and still no one uses it. ago and is only now becoming standard- hygiene. The speaker replied he was too The SSH “leap of faith” model, in con- ized, IKE is two years overdue for a busy to write a paper on the subject but trast, was held up as a good example of a rewrite, etc. invited others to do so. “Maybe you can usable model that manages to resist do it.” The speaker ended by discussing end- most attacks. The speaker noted that user requirements for security. For SSH key management was considered a REFEREED PAPERS: THE ROAD LESS example, when they say “security is very bad idea at the time, but now every- TRAVELED important,”they tend to mean “I need to one thinks it’s the right way to go! know what to tell my boss.”This led to a Summarized by Scott A. Crosby Rescorla then discussed the difference in discussion of methods for fixing our SCRASH: A SYSTEM FOR GENERATING SECURE credit and glamour for flaws in cryptog- security research practice and getting CRASH INFORMATION raphy and flaws in software quality. He market feedback on what is important Peter Broadwell, Matt Harren, and made the point that we will review the to fix and what is not. Finally, he left the Naveen Sastry, University of California, entire protocol to deal with one padding audience with a list of questions for Berkeley attack that has never been implemented, shaping future research in security. This presentation dealt with crash as far as anyone knows, but that we seem dumps. When a program crashes, it may One audience member commented that to invest comparatively little work in leave behind a dump of its stack, vari- he was from the NSA, and that in the dealing with buffer overflows or usabil- ables, and memory contents to aid in classified community they had paid a lot ity enhancements. For example, in 1998, debugging. Many popular programs are of attention to issues of software quality Daniel Bleichenbacher found a vulnera- now including automated reporting so

86 Vol. 28, No. 6 ;login: that users can easily send these dumps to patches can be available for months and He gave as an extreme example remote developers. Such dumps are valuable yet tens of thousands of computers may NFS clients. NFSv3 depends on client- EPORTS debugging and development aids, but remain unpatched and infectable. Signa- side trust to be a secure distributed envi- R may contain sensitive information such ture-based worm detection also doesn’t ronment. He asked whether clients can as passwords, bank account numbers, work. Worm signatures – e.g., ports they be trusted, including remote ones, on an

keys, trade secrets, or PINs. Users may scan – require prior knowledge or active insecure network with ordinary hard- ONFERENCE C

want to send these dumps to developers infection to determine. By that time it is ware and with no trusted human to look but don’t because they don’t want to dis- too late. over the remote machine. He then close their secrets. described how an authority could be This paper proposes a different scheme: able to trust remote entities. This paper outlines how to make still detecting a worm based on its network useful crash dumps available to develop- behavior, in this case, outgoing traffic. The authority can know if the entity is ers without disclosing user secrets. The The response to detecting adverse executing the correct code by requesting approach used is to annotate some of a behavior is benign – it delays traffic but a checksum over it. Unfortunately, the program’s variables as “sensitive” and does not drop it. The detector is based remote host can lie. The authority can then to apply a data-flow analysis from on the idea that most hosts will only reg- resist this by combining the checksum CQual to identify all other variables that ularly contact a small working set of with a hardware test that can detect may become tainted with sensitive data. hosts; worms will contact many hosts. If whether the checksum operation was Those variables are also marked as sensi- a host attempts to contact a host that is actually run. Since computers can simu- tive. A custom malloc library that sup- in the working set, the connection goes late other computers, a right answer is ports region-aware allocation is used to through immediately. The working set store sensitive data in one region, sepa- size is set to five hosts. Otherwise, the rated from nonsensitive data, which is connection is delayed. The host can stored normally. When a crash dump assume it is infected if the queue of happens, the sensitive region is wiped so delayed connections grows too long. that it won’t contain any data that was Because connections are delayed, this tainted as being sensitive. mechanism does not create false posi- In the performance analysis, a micro- tives, and because it detects scanning benchmark implementing a recursive behavior, it can work without knowing GCD solver shows a 22% degradation, much about a worm. The authors while the time taken by scp to transfer showed that this scheme takes seconds 100 megabytes of data degraded by 6%. to stop both simulated and real worms They also tested two interactive pro- on their test network, and that only a grams, the GNOME calendar applica- slim portion of their normal desktop Rick Kennell and Vern Paxson tion and a Palm Pilot synchronization traffic was delayed at all. not enough. The authority must find a program. For these applications, under hardware test that is deterministic, but 25% of the stack variables were marked ESTABLISHING THE GENUINITY OF REMOTE hard to simulate quickly and accurately, as possibly containing sensitive informa- COMPUTER SYSTEMS such as implicit parallelism, data-cache tion and no impact on performance was Rick Kennell and Leah Jamieson, updates, or other aspects of the memory observed. Purdue University This won the Best Student Paper award. hierarchy. Once such a test is found, its IMPLEMENTING AND TESTING A VIRUS Rick Kennel started his talk with a pro- response is regularly included as part of THROTTLE nunciation guide to genuinity, then the checksum. The authority checks to Jamie Twycross and Matthew W. Willia, described why it is desirable. In current make sure that the checksum is both HP Labs, Bristol systems, forgery is a classic problem. correct and timely. Any attempt to virtu- Jamie Twycross started this talk by Users can masquerade as other users, alize hardware or alter the program is showing the infamous movie of the Sap- computers may be substituted for other almost guaranteed to alter those hard- phire worm infecting tens of thousands computers, and simulators can masquer- ware values and create a bad checksum. of hosts in minutes. He then reminded ade as physical machines. us that patching systems don’t work;

December 2003 ;login: 12TH USENIX SECURITY SYMPOSIUM 87 INVITED TALK: THE CASE FOR there are not enough customers for GM methods, as the tools to support their ASSURANCE IN SECURITY PRODUCTS to build tanks to sell at their dealerships. usage have gotten better. Hardware fea- Brian Snow, National Security Agency Yet he does wish that commercial prod- tures are also essential to creating assur- Summarized by Catherine Dodge ucts at least had the same level of secu- ance, since they can create isolation in a rity as a car built in 2003 does. While way that software cannot. The major Brian Snow spoke about the need for popular wisdom often says otherwise, issue with hardware then becomes trust greater assurance in commercial off-the- Snow argued that quality and reliability in the person you are purchasing from. shelf products. Snow discussed two dis- can sell software. The example he gave Additionally, systems engineering is a tinct threat categories: generic and tar- was how Toyota and Honda moved into key component of assurance. Questions geted. A generic threat, for example, is the US car market in the ’70s, based that need to be answered in this arena one posed by a burglar who wants to solely on such attributes. Yet this kind of include: How can products of unknown steal a VCR. The algorithm for such a assurance cannot simply be slapped on quality be used safely? How can compo- task is relatively simple: find house; if top of a product at the end of the devel- nents be composed in such a way that house is dark, check door; if door is opment cycle. Software engineering too the assurance level is a synergistic result unlocked, go in; if locked, try next often assumes a benign environment. of the parts, and not be reduced to a house. The subject of a generic attack Developers must move beyond this “weakest link in the chain” situation? must only invest in enough defense to assumption and factor in malice at Third-party testing is another area that make it cheaper and easier for the bur- design time. Above all, Snow was con- can help address assurance, since it pro- glar to rob the neighbors. On the other cerned that in another 10 years we’ll vides something beyond “emphatic hand, if a burglar were after your Picasso, have more features but not more assur- assertion” that a product provides the the algorithm would become much ance, a state of affairs which led him to desired level of security. A current major more sophisticated: find house; if dark, exclaim, “Am I depressed? Yes!”These failing of such certification processes is check door; if door is unlocked, go in; if features may include the ability to that the results are not easily understood locked, break window and go in; if alarm counter many hacker attacks, yet tar- by users. Ultimately, though, it may be visible on windows, rip off siding, punch geted attacks will still be overwhelm- legal constraints that convince software through gypsum, rip out insulation, ingly successful. “We will think we are companies to invest in assurance. Estab- punch through dry wall and go in; if secure, but we will not be.” lishing a fitness-for-use criteria and lia- motion detectors present, cut phone line bility beyond the media that the soft- that dials the police upon alarm and go After finishing this self-described ware is distributed on would go a long in via the above methods. The point is “polemic,”Snow outlined six areas in way toward raising the bar in the soft- that defense against a well-funded, which vendors can address his concerns: ware industry. And more insurers determined adversary is difficult and operating systems, software modules, may do what some have already done, must be similarly well thought out and hardware features, systems engineering, namely, charge different rates to insure a well funded. While the NSA would like third-party testing, and legal constraints. company based on which operating sys- to be able to recommend commercial Snow advocated improvements in oper- tem and applications they use. Whether products to its Department of Defense ating systems, such as digital signature these changes really do come about customers, Snow expressed his frustra- checks on modules prior to execution, depends on these three aspects: training, tion that “I still haven’t found what I’m utilization of the principle of least privi- research, and assurance built in from the looking for” and wondered “when will I lege, and enforcement of security poli- ground up. be secure, nobody knows for sure” (via a cies. He also sees room for improvement video of song commissioned by Jim Bid- Someone asked how those who develop in software modules. They need to be zos for RSA ’99, to the tune of the U2 free software can have their products well documented, be created in certified song by the same name). Snow likened certified, in light of the considerable development environments, and use the state of today’s computer security to expense this requires. Snow replied that separate design and review teams. Snow cars built in the ’30s, with no anti-lock there is no way of getting around the pointed out that a contractor with brakes, no air bags, not even seat belts. fact that a certification will cost money. uncleared foreign national employees Assurance, like an air bag, while gener- He thought the best path for free soft- could apply good principles by having a ally invisible to the user, becomes ware would be to create a foundation German team design the project and a prominent on failure. Snow extended which would raise money specifically for French team review it. Included in this the car analogy and recognized that process should be some degree of formal

88 Vol. 28, No. 6 ;login: funding the certification of such soft- ties are invited to contact the author at the cumbersome key management for ware projects. [email protected]. PGP and the impossibility of obtaining EPORTS

S/MIME certificates. Therefore, the R WORK-IN-PROGRESS REPORTS LINK CUT ATTACK speaker created a new opportunistic Summarized by David Molnar Steve Bellovin encryption layer called Stream. The aim

Note: A draft version of the associated is for deployment as transparently and ONFERENCE

ANALYSIS OF ELECTRONIC VOTING SYSTEM C

paper is available at http://www.research. as widely as possible. Keys are placed in Adam Stubblefield att.com/~smb/papers/reroute.ps.As of the headers, where they aren’t noticed by Note: For more information, go to this writing, the paper stated, “Please do mail agents. The speaker showed a plug http://www.avirubin.com/vote. not mirror or distribute.” in running with Eudora that talked to a Stream proxy responsible for key man- The speaker discussed his and Avi The speaker opened by pointing out agement and encryption. Rubin’s experiences auditing the source how we are close to deploying secure code of a widely used voting machine. BGP and secure OSPF. These protocols One audience member asked if the soft- Among the issues they discovered were address attacks where nodes lie to each ware would be freely available. The that key management is handled by a other in advertisements about what speaker responded that it could be single #define DES_KEY “XXXX” in the routes they can provide. Unfortunately, downloaded right now from his Web code, where “XXXX” is an ASCII string; there is an attack that these protocols page. Precompiled binaries are available this key appears to be the same across all will not address: cutting links to force for FreeBSD, Linux, and Mac OS X; instances of the machine. Another issue routing protocols to route through source is also available. was that the code did not appear to have adversary-controlled nodes. been audited at all for correctness or A FRAMEWORK FOR RECEIPT ISSUING, security; long stretches of code appear Suppose that the adversary controls a CONTENDABLE REMOTE POLL-SITE VOTING without any comments whatsoever. node N that is in the same network as Prashanth Bungale two communicating nodes S and T and Audit features in the code were The speaker presented a new design for that N is not initially on the path extremely weak; while changes do an electronic voting system. A key fea- selected for routing between S and T. appear in an audit log, nothing seems to ture of this voting system is receipt-free- Further, suppose the adversary can cut a protect the log itself from being ness while maintaining voter verifiabil- limited number of edges in the graph. changed. In response to a write-up on ity. Voters can verify that their vote was Then the adversary can use some graph these issues, the company claimed that cast correctly but cannot prove which theory to figure out the edges to cut the “voting system works exactly as way they voted to a third party. This pre- such that the resulting shortest path designed.” vents them from selling their vote and between S and T runs through the com- then making good on the promise. In One audience member asked if source promised node N. The graph theory is addition, voters can vote at any poll site. code was still available. The speaker fairly simple, and the resulting algo- Unlike previous receipt-free solutions, replied that it was the last time he rithm runs quickly on graphs obtained the framework allows a voter to contest checked. from real network topologies. Because his or her vote and ensure that it was the attack changes the real topology of VALIDATOR – TESTING FIREWALLS counted correctly. The framework also the network, mechanisms for preventing allows for multiple independent tallying Clif Flynt false advertisement have no effect. A agents. Flynt’s framework for firewall testing, worked example was shown in which Validator, allows for defining “interac- an adversary caused the shortest path One audience member asked what the tions” and “monitors” for firewalls. The between two network nodes to run provisions were for a third party, such as framework also allows for the creation through the node it controlled. a candidate, to contest a user’s vote with- of “golems,”autonomous agents that out their consent. The speaker replied take scripted actions for firewall testing, STREAM that such a party can act as a tallier and “probes,”which test firewalls with Simson L. Garfinkel (because any number of talliers are pos- known good or known bad packet URL: http://stream.simson.net/ sible) and tally votes according to their traces. own policy. The speaker raised the question, “Why, The system is in late beta; it consists after all these years, do we not yet have mostly of expect scripts. Interested par- encrypted email?” The answer lies in

December 2003 ;login: 12TH USENIX SECURITY SYMPOSIUM 89 WLAN LOCATION SENSING FOR SECURITY A network. The answer was yes, contigu- Another audience member asked APPLICATIONS ous and globally announced. whether you can do decoding in the Algis Rudys handset. The speaker replied that this Another audience member asked about was for the next phone generation. Note: The associated paper is available at trends in spoofed source addresses; how http://www.cs.rice.edu/~arudys/papers/ many are spoofed vs. real? The speaker wise2003.html. REKEYING replied that there was a general trend David Molnar toward DoS adversaries noticing when At USENIX ’01, someone mounted an Slides: http://www.cs.berkeley.edu/ they are monitored. As a result, the effi- active attack and took over the wireless ~dmolnar/tiny-rekey-wip.ppt network. People who tried to connect ciency of the method was beginning to were rerouted to a Web page proclaim- decrease. The speaker gave a short overview of the ing “ALL YOUR WAP BELONG TO US.” Berkeley mote sensor network platform What if we could track the perpetrator SONICKEY and the TinySEC mechanism for link by triangulating signal strength? Thanks Greg Rose layer authentication and encryption in to Algis Rudys and his collaborators, The speaker demonstrated a system in mica2. The main problem with TinySEC now you can! which a public key, challenge-response, is that keys are baked into motes at code or other data is encoded as a sound image flash time and cannot be changed Their implementation can handle both playable over a phone or computer afterwards. The speaker presented a pro- single and multiple adversaries. The speaker. With this system, when you tocol for rekeying these sensor nodes speaker showed a jitter diagram and want to send your public key to some- and outlined its applications in imple- claimed that even in the presence of one, you just play it for them; their com- menting “secure transient associations.” multiple adversaries their implementa- puter or phone receives it via the micro- tion can get location claims within 3.5 phone, decodes it, and obtains your HONEYFARM meters. A full version will be presented public key. A similar mechanism can be Nicholas C. Weaver at WISE 2003. used to allow the phone to answer chal- URL: http://www.cs.berkeley.edu/ lenge-response queries from a PC ~nweaver/ TRENDS IN DOS ATTACKS equipped with speaker and microphone. Jose Nazario The speaker addressed the question of The speaker is employed by Qualcomm, automatic detection of fast worms. After URL: http://www.monkey.org/~jose/ a major cellular phone software com- seeing Sapphire, Slammer, and other presentations/ddos.d/ pany – the SonicKey system is in use at quick-spreading worms, we know that it the Qualcomm head office for access The speaker detailed the preliminary really is possible to own the Internet in control to the building. results of an experiment in monitoring 15 minutes. What can we do about this? Internet traffic for traces of DoS events. One audience member asked whether The speaker introduced a “honeyfarm” Over the past few years, 117K events transaction details were necessary before as a method for automatic detection of were monitored using blackhole collec- creating a response. The speaker replied quick-spreading worms. In a honeyfarm, tion with a view of roughly 1/256 of the that the system could be deployed just multiple machines running honeyd can Internet. The monitoring view consisted like SecureID. act as targets for quick worms and pro- of targets geographically distributed vide researchers with early warning and Another audience member asked about over the world on a Class A network. analysis traces. The speaker also outlined the range of the system. The speaker Overall, there was a 50–50 split between the idea of “wormholes,”or network seg- replied that it was spread spectrum, with spoofed and real source addresses. The ments designed to draw and contain a range of 8–9 feet. speaker showed graphs of TCP vs. UDP worm activity. The goal of such a system traffic year by year, and noted that there Someone asked whether there was dedi- is to give researchers early warning and, has been a dramatic shift: In 2003 nearly cated hardware in the phone. The more important, provide a platform for all DoS traffic has been UDP with very speaker replied that the prototype plat- automatic response to new worms. little TCP, while the opposite was true in form phone does have some dedicated One audience member asked how many 2002. The presentation also showed a hardware for speeding up RSA public- distinct physical machines were in the graph of durations of DoS attacks. key crypto operations, but not specifi- honeyfarm. The speaker replied that he cally for the encoding itself. One audience member asked if the had about 1000 endpoints in the current monitor network was a contiguous Class deployment.

90 Vol. 28, No. 6 ;login: HONEYD attack on individuals using SpamAssas- is supposed to be a gathering of the best Niels Provos sin. of the best security experts. Are we prac- EPORTS

ticing what we preach in security? The R http://www.citi.umich.edu/u/provos/ Someone asked if you could avoid the speaker mounted active and passive honeyd/ problem by converting the regexp to an attacks on the (open, unencrypted) con- The speaker gave an update on the hon- NFA and parsing from the equivalent

ference wireless network. Tools used ONFERENCE eyd virtual network host daemon. A DFA. The speaker noted that the conver- C

included dsniff, honeyd, and netics. In sion to DFA introduces an exponential machine running honeyd looks like addition, the speaker worked with Niels blowup in the size of the state machine. multiple hosts on a network; adversaries Provos to create an “SSH mirage” – a probing a network will attempt to attack Readers who want more background on fake AP that trapped SSH connections these hosts, leading to valuable analysis NFAs and DFAs may want to look at and attempted to mount a man-in-the- traces. More work is needed, so potential Lewis and Papadimitriou’s Elements of middle attack on unwary conference users and volunteers should check out the Theory of Computation for a theoret- goers. the honeyd page. ical perspective. For a practical perspec- After discussing the methods, the tive on regular expressions and their DOS THROUGH REGEXPS speaker posted a slide full of passwords. matching, readers may wish to consult Scott Crosby “If you see your password up here, you Freidl’s O’Reilly book Mastering Regular might want to change it.”No usernames URL: http://www.cs.rice.edu/~scrosby/ Expressions. hash/slides/USENIX-RegexpWIP.2.ppt were provided at that time, to allow vic- PORTING TRUSTED BSD TO DARWIN tims to change their passwords. Unen- The speaker introduced the idea of caus- The speaker discussed Apple’s approach crypted Web authentication provided ing denial of service by forcing applica- to migrating mandatory access control many of the passwords, as well as AOL tions to take a long time matching and other security features from recent Instant Messenger and other IM clients. inputs to regular expressions; this is an BSDs to Darwin, and the challenges extension of the idea presented by the In a point of good news, no Telnet traffic involved. These features have also speaker and others in a regular confer- was observed, only SSH. In addition, appeared in systems such as SELinux ence paper on “Algorithmic Denial of only one conference attendee fell for the and Flask/TE. The presentation pro- Service Attacks.”The key here is that SSH mirage; the others heeded the vided a short overview of the Darwin instead of converting regexps to Nonde- warning “HOST KEY HAS CHANGED” architecture: Darwin = NextStep, recent terministic Finite Automata (NFA), and thought better of it (or maybe peo- Mach (monolithic Mach), parts of determinizing to form Deterministic ple just didn’t get close enough to the FreeBSD 3 and 4, and IOKit. The Finite Automata (DFA), and then run- fake AP?). The speaker’s conclusion was speaker then went over new security fea- ning, many implementations simply that many people, even at USENIX tures added to BSD since the creation of attempt to match regexps nondetermin- Security, are not yet taking wireless secu- Darwin, such as sbuf. One of the key istically directly. In naive implementa- rity seriously enough, even though there issues involved is the treatment of IPC tions, this can lead to exponential time. are some marginal improvements over and threaded processes; Darwin man- Perl has optimizations that claim to 2001. ages a mapping between BSD and Mach limit the running time, but it’s not clear notions of processes, and some of the At the end of the talk, one audience whether these are correct. work requires working around the Mach member pointed out that encrypted The speaker then gave a simple example IPC model. instant messaging is available via Jabber of a regexp that could take exponential or the Trillian AIM client. time, namely a*[ab]*O, and walked STILL CLEARTEXT AFTER ALL THESE YEARS through the process by which the regexp This talk was a follow-up to Dug Song’s parsing could take this much time. Then presentation at the USENIX Security the speaker gave an example of a regexp WiP session in 2001. At that talk, Song “in the wild” that could take exponential showed that many conference attendees time in the worst case – this one from were divulging passwords over the open SpamAssassin. The key issue was the 802.11b network. The presenter asked number of “.”in the regexp. In theory a the question, “Have we learned anything spammer could use this to cause a DoS since then?” After all, USENIX Security

December 2003 ;login: 12TH USENIX SECURITY SYMPOSIUM 91