ysis SecureVolunteer Computing for Distributed Cryptanal Nils Kopal Secure Volunteer Computing for Distributed Cryptanalysis ISBN 978-3-7376-0426-0 kassel university 9 783737 604260 Nils Kopal press kassel university press ! "# $ %& & &'& #( )&&*+ , #()&- ( ./0 12.3 - 4 # 5 (!!&& & 6&( 7"#&7&12./ 5 -839,:,3:3/,2;1/,2% ' 5 -839,:,3:3/,2;13,3% ,' 05( (!!<& &!.2&.81..!")839:3:3/2;133 "=( (!!, #& !(( (2221,;2;13/ '12.97 # ?@7 & &, & ) ? “With magic, you can turn a frog into a prince. With science, you can turn a frog into a Ph.D. and you still have the frog you started with.” Terry Pratchett Abstract Volunteer computing offers researchers and developers the possibility to distribute their huge computational jobs to the computers of volunteers. So, most of the overall cost for computational power and maintenance is spread across the volunteers. This makes it possible to gain computing resources that otherwise only expensive grids, clusters, or supercomputers offer. Most volunteer computing solutions are based on a client-server model. The server manages the distribution of subjobs to the computers of volunteers, the clients, which in turn compute the subjobs and return the results to the server. The Berkeley Open Infrastructure for Network Computing (BOINC) is the most used middleware for volunteer computing. A drawback of any client-server architecture is the server being the single point of control and failure. To get rid of the single point of failure, we developed different distribution algorithms (epoch distribution algorithm, sliding-window distribution algorithm, and extended epoch distribution algorithm) based on unstructured peer-to-peer networks. These algorithms enable the researchers and developers to create volunteer computing networks without any central server. The thesis is structured into two different parts. The first is the distribution part and discusses the aforementioned new distribution algorithms and their usage for distributed cryptanalysis. The second part is the cheating part which extends our system with solutions for cheat detection in unstructured peer-to-peer networks. In this thesis, we focus on volunteer computing for distributed cryptanalysis. Since the compu- tational effort to break many classical as well as most modern ciphers is very huge, hundreds to thousands of computers are often needed for executing successful attacks. We show in this thesis that our solutions are well-suited for attacking classical as well as modern ciphers. Some of our algorithms have been implemented for distributed cryptanalysis, e.g. brute-force and heuristics, to solve real-world ciphers. Additionally, we evaluated all of our distribution solutions with self- written simulators and with real-world tests over the Internet in CrypTool 2. By combining 50 off-the-shelf computers, we achieved a search speed of about 615 millions AES keys per second. A single of these computers, an Intel i5-3570 with 3.4 GHz and 4 CPU cores, is able to search at a rate between 12 and 13 millions AES keys per second. The distribution is self-organized by our algorithms. Additionally, we achieved a speedup for the cryptanalysis of the classical M-94 cipher of about 6.82, with respect to using only a single computer, enabling us to break original M-94 messages within 2 hours and 56 minutes with 6 standard computers. Cheating is a well-known threat in any volunteer computing project. Cheaters aim at computing less work as demanded by the creator of the project but they try to gain the same reward, i.e. credit points, as non-cheaters deserve. Cheated results are mostly incomplete or wrong, disturb- ing or even destroying the final result of the volunteer computing project. This can make weeks, months, and years of computational work useless. To fight cheaters, detection and prevention v mechanisms are needed. A BOINC server assigns the same subjob to different clients and uses majority voting to determine the correctness of results. Since we base our volunteer computing and our distribution algorithms on unstructured peer- to-peer networks, where all peers are equal in role, majority voting is not possible. No central server is available to assign same subjobs to different peers. Thus, we developed new cheat detection mechanisms for decentralized peer-to-peer networks. We spread the detection of a cheated result over all peers of the network. Each peer has a small probability of detecting a cheated result but the network in sum reaches a high detection rate. In this thesis, we differentiate between two cheat detection approaches: static detection, with each peer performing the same amount of detection effort, and adaptive detection, with each peer dynamically adapting his additional cheat-detection effort to the growing and shrinking size of the peer-to-peer network. Both approaches work but the static does not scale while the adaptive scales well. We show that we can achieve detection rates above 99.8% with both, the static cheat detection approach as well as the adaptive cheat detection approach. With the adaptive cheat detection approach the needed detection effort is constant throughout the network when increasing the amount of connected nodes. Acknowledgments I would like to thank my supervisor, Prof. Dr. Arno Wacker, for giving me the opportunity to work on my thesis, for his ongoing help, and for his support over the last eight years from when I first met him during my studies in Duisburg, introducing me to IT security and cryptology, till me being his employee and PhD student in Kassel today. I would also like to thank Prof. Bernhard Esslinger, for initiating the CrypTool project and the MysteryTwister C3 project and for his valuable advice and support over the last years. Working on CrypTool 2 and MysteryTwister C3 was very inspiring since it brought me closer to the fascinating topic of both, modern and classical cryptology. I am very grateful to my colleagues Olga Kieselmann and Henner Heck from our research group “Applied Information Security” for their ongoing support, help, and the work spent together on several papers and projects. I would also like to thank my other co-authors: George Lasry, for his incredible work on the cryptanalysis of classical ciphers where I had the honor to work together with him on six brilliant publications. Dr. Angelo Liguori, for the three wonderful years he spent as guest researcher at our research group and bringing his fascinating topics multi-level security and side channels with him, allowing us to work together on two exciting publications. Dr. Matthaus¨ Wander for his great support and work on our publication about the adaptive cheat detection. Then, I am very proud of all of my students that I had the opportunity to supervise their bach- elor’s and master’s projects and theses over the last five years at the University of Kassel. Es- pecially, I would like to thank the students that directly worked for me on topics supporting the work presented in this thesis: Christopher Konze, for the work on VoluntLib in his bachelor’s thesis and the work on CrypCloud in his master’s project. Dimitrij Borisov for the work on our peer-to-peer simulator SimPeerfect in his master’s project and thesis. Bastian Heuser and Nils Rehwald for the work on VoluntCloud in their master’s project. And finally, Roman Dinkel for his work on extending VoluntLib with cheat detection mechanisms in his bachelor’s thesis. Last but not least, I would like to thank my parents Sunhild and Werner Kopal for supporting me in my education, studies, and my idea in going to Kassel for doing a PhD as well as my loving partner Janina Koprionik supporting me in everything I do. vii Contents Abstract v Acknowledgments vii Contents ix List of Figures xiii List of Tables xvii List of Listings xix I Foundations 1 1 Introduction 3 1.1 Challenges ..................................... 5 1.2 Contributions ................................... 6 1.3 Structure of Thesis ................................ 6 2 Cryptology 9 2.1 Cryptography ................................... 11 2.2 Cryptanalysis ................................... 24 2.3 CrypTool 2 .................................... 30 3 Distributed Computing 33 3.1 Overview ..................................... 33 3.2 Peer-to-Peer Computing ............................. 34 3.3 Volunteer Computing ............................... 37 3.4 Cloud Computing ................................. 39 3.5 Security and Cheating ............................... 39 3.6 Distributable Problems – A Datasize-Driven Taxonomy ............. 40 II Distribution 43 4 System Model 45 4.1 General Network Structure ............................ 45 4.2 Jobs, Subjobs, and Slices ............................. 47 ix Contents x 4.3 User Model .................................... 48 5 Design Rationale 49 5.1 Decision Graph .................................. 49 5.2 From Cryptanalysis to Unstructured Peer-to-Peer Overlays ........... 49 5.3 From Unstructured Overlays to New Distribution Algorithms .......... 52 5.4 Implementation .................................. 54 5.5 Evaluation ..................................... 55 6 Implementation 57 6.1 General System Architecture ........................... 57 6.2 Our new Distribution Algorithms ......................... 59 6.3 Management Protocol ............................... 67 6.4 Decentralized Reservation
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages263 Page
-
File Size-