|
My UW
|
UW Search
Computer Science Home Page
|
 |
| |
Computer Security and Cryptography Reading Group
September 2004 List
Wednesday, September 1, 2004
11:30 AM - 12:30 PM
5331 CS
|
|
Wednesday, September 8, 2004
11:30 AM - 12:30 PM
5331 CS
|
Rob Johnson
David Wagner
R. Johnson, D. Wagner
UC Berkeley
Finding User/Kernel Pointer Bugs with Type Inference
USENIX Security 2004
URL: http://www.cs.berkeley.edu/~rtjohnso/papers/cquk.ps
Local copy: http://www.cs.wisc.edu/areas/sec/cquk.ps
Today's operating systems struggle with
vulnerabilities from careless handling of user space
pointers. User/kernel pointer bugs have serious
consequences for security: a malicious user could
exploit a user/kernel pointer bug to gain elevated
privileges, read sensitive data, or crash the
system. We show how to detect user/kernel pointer
bugs using type-qualifier inference, and we apply
this method to the Linux kernel using CQUAL, a
type-qualifier inference tool. We extend the basic
type-inference capabilities of CQUAL to support
context-sensitivity and greater precision when
analyzing structures so that CQUAL requires fewer
annotations and generates fewer false
positives. With these enhancements, we were able to
use CQUAL to find 17 exploitable user/kernel pointer
bugs in the Linux kernel. Several of the bugs we
found were missed by careful hand audits, other
program analysis tools, or both.
|
Monday, September 13, 2004
2:30 PM - 3:30 PM
3331 CS
|
Leah H. Jamieson
R. Kennell, L. H. Jamieson
Purdue
Establishing the Genuinity of Remote Computer Systems
USENIX Security 2003
URL: http://www.usenix.org/events/sec03/tech/kennell/kennell.pdf
Local copy: http://www.cs.wisc.edu/areas/sec/kennell.pdf
A fundamental problem in distributed computing
environments involves determining whether a remote
computer system can be trusted to autonomously
access secure resources via a network. In this
paper, we describe a means by which a remote
computer system can be challenged to demonstrate
that it is genuine and trustworthy. Upon passing a
test, it can be granted access to distributed
resources and can serve as a general-purpose host
for distributed computation so long as it remains
in contact with some certifying authority. The
test we describe is applicable to consumer-grade
computer systems with a conventional network
interface and requires no additional hardware. The
results of the test can be conveyed over an
unsecured network; no trusted human intermediary
is needed to relay the results. We examine
potential attacks and weaknesses of the system and
show how they can be avoided. Finally, we describe
an implementation of a genuinity test for a
representative set of computer systems.
Monica Chew
Doug Tygar
U. Shankar, M. Chew, J. D. Tygar
Berkeley
Side Effects Are Not Sufficient to Authenticate Software
USENIX Security 2004
URL: http://www.cs.berkeley.edu/~ushankar/research/side-effects/side-effects.pdf
Local copy (with page numbers): http://www.cs.wisc.edu/areas/sec/side-effects.pdf
Kennell and Jamieson recently introduced the
Genuinity system for authenticating trusted
software on a remote machine without using trusted
hardware. Genuinity relies on machine-specific
computations, incorporating side effects that
cannot be simulated quickly. The system is
vulnerable to a novel attack, which we call a
substitution attack. We implement a successful
attack on Genuinity, and further argue this class
of schemes are not only impractical but unlikely
to succeed without trusted hardware.
|
Monday, September 20, 2004
1:30 PM - 2:30 PM
3331 CS
|
Dahlia Malkhi
Noam Nisan
Benny Pinkas
D. Malkhi, N. Nisan, B. Pinkas, Y. Sella
Hebrew University / HP Labs
Fairplay - Secure Two-Party Computation System
USENIX Security 2004
URL: http://www.pinkas.net/PAPERS/MNPS.pdf
Local copy (with page numbers): http://www.cs.wisc.edu/areas/sec/MNPS.pdf
Advances in modern cryptography coupled with rapid
growth in processing and communication speeds make
secure two-party computation a realistic
paradigm. Yet, thus far, interest in this paradigm
has remained mostly theoretical.
This paper introduces Fairplay, a full-fledged
system that implements generic secure function
evaluation (SFE). Fairplay comprises a high level
procedural definition language called SFDL tailored
to the SFE paradigm; a compiler of SFDL into a
one-pass Boolean circuit presented in a language
called SHDL; and Bob/Alice programs that evaluate
the SHDL circuit in the manner suggested by Yao.
This system enables us to present the first
evaluation of an overall SFE in real settings, as
well as examining its components and identifying
potential bottlenecks. It provides a test-bed of
ideas and enhancements concerning SFE, whether by
replacing parts of it, or by integrating with it. We
exemplify its utility by examining several
alternative implementations of oblivious transfer
within the system, and reporting on their effect on
overall performance.
|
< Back to the Sec & Crypto reading group page
Created and maintained by Mihai Christodorescu ( http://www.cs.wisc.edu/~mihai)
Created: Wed Aug 13 10:30:10 CDT 2003
Last modified: Fri Jul 02 10:08:55 2004
|
|
|
|
