We present a system in which a user leverages a personal mobile device to establish trust on a public computing device, or kiosk, prior to revealing personal information to that kiosk. We have designed and implemented a protocol by which the mobile device determines the identity and integrity of the software running on the kiosk. A similar protocol simultaneously allows a kiosk owner to verify that the kiosk is running only approved software. Our system combines a number of emerging security technologies, including the Trusted Platform Module, the Integrity Measurement Architecture, and new support in x86 processors for establishing a dynamic root of trust. In ongoing work, we plan to use virtual machines to support the important case where the user wishes to run personal software on the kiosk. We are also continuing to explore several open issues we have identified surrounding trust in a kiosk scenario. 1

Abstract: We propose a novel entity authentication approach for pervasive computing environments. A person uses a single device, the Master Key, which aggregates all his digital forms of access tokens for entity authentication. The Master Key discovers and selects proper tokens for its owner. With an emphasis on usability, the Master Key secures authentication, protects privacy information from outsiders and insiders, and supports various claimant-verifier relations. We analyze privacy and security properties of our approach and protocols, and we investigate the overhead. Performance measurements show that our protocols are efficient. 1.

Man-in-the-middle attacks pose a serious threat to SSL/TLS based electronic commerce applications, such as Internet banking. In this paper, we argue that most deployed user authentication mechanisms fail to provide protection against this type of attack, even when they run on top of SSL/TLS. As a possible countermeasure, we introduce the notion of SSL/TLS session-aware user authentication, and present different possibilities for implementing it. More specifically, we start with a basic implementation that employs impersonal authentication tokens. Afterwards, we address extensions and enhancements and discuss possibilities for implementing SSL/TLS session-aware user authentication in software.

Limited Distribution Notice: This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). Some reports are available at

RFID technology is the prevalent method for implementing proximity identification in a number of security sensitive applications. The perceived proximity of a token serves as a measure of trust and is often used as a basis for granting certain privileges or services. Ensuring that a token is located within a specified distance of the reader is therefore an important security requirement. In the case of high-frequency RFID systems the limited operational range of the near-field communication channel is accepted as implicit proof that a token is in close proximity to a reader. In some instances, it is also presumed that this limitation can provide further security services. The first part of this dissertation presents attacks against current proximity identification systems. It documents how eavesdropping, skimming and relay attacks can be implemented against HF RFID systems. Experimental setups and practical results are provided for eavesdropping and skimming attacks performed against RFID systems adhering to the ISO 14443 and ISO 15693 standards. These attacks illustrate that the limited operational range cannot prevent unauthorised access to stored information on the token, or ensure that transmitted data remains confidential. The practical implementation of passive and

Abstract—Man in the middle attacks involve the interception and retransmission of electronic messages in a way that the original parties will presume that their communication is secure. Such an attack could be a threat to any electronic voting scenario. This paper proposes a novel method for preventing this kind of attacks by including in the transaction a challenge-response test. The human end-user is asked to vote through an image-based challenge that will foil a typical automated software-based attack. The image is crafted so as to include multiple challenge nonces as a way to select the user’s vote. The approach’s strength is based on the difficulty of malicious software to falsify the image or emulate the user’s response. I.

As society rushes to digitize sensitive information and services, it is imperative to adopt adequate security protections. However, such protections fundamentally conflict with the benefits we expect from commodity computers. In other words, consumers and businesses value commodity computers because they provide good performance and an abundance of features at relatively low costs. Meanwhile, attempts to build secure systems from the ground up typically abandon such goals, and hence are seldom adopted [8, 72, 104]. In this dissertation, I argue that we can resolve the tension between security and features by leveraging the trust a user has in one device to enable her to securely use another commodity device or service, without sacricing the performance and features expected ofcommodity systems. At a high level, we support this premise by developing techniques to allow a user to employ a small, trusted, portable device to securely learn what code is executing on her local computer. Rather than entrusting her data to the mountain of buggy code likely running on her computer, we construct an on-demand secure execution environment which can perform security-sensitive tasks and handle private data in complete isolation from all other softŸware (and most hardware) on the system. Meanwhile, non-security-sensitive soŸftware retains the same abundance of features and performance it enjoys today. Having established an environment for secure code execution on an individual computer, we then show how to extend trust in this environment to network elements in a secure and effi›cient manner. This allows us to reexamine the design of network protocols and defenses, since we can now execute code on endhosts and trust the results within the network. Lastly, we extend the user’s trust one more step to encompass computations performed on a remote host (e.g., in the cloud). We design, analyze, and prove secure a protocol that allows a user to outsource arbitrary computations to commodity computers run by an untrusted remote party (or parties) who may subject the computers to both soŸware and hardware attacks. Our protocol guarantees that the user can both verify that the results returned are indeed the correct results of the specified computations on the inputs provided, and protect the secrecy of both the inputs and outputs of the computations. These guarantees are provided in a non-interactive, asymptotically optimal (with respect to CPU and bandwidth) manner. Thus, extending a user’s trust, via softŸware, hardware, and cryptographic techniques, allows us to provide strong security protections for both local and remote computations on sensitive data, while still preserving the performance and features of commodity computers.

Wireless networking is widespread in public places such as cafés. Unsuspecting users may become victims of attacks based on “evil twin ” access points. These rogue access points are operated by criminals in an attempt to launch man-in-the-middle attacks. We present a simple protection mechanism against binding to an evil twin. The mechanism leverages short authentication string protocols for the exchange of cryptographic keys. The short string verification is performed by encoding the short strings as a sequence of colors, rendered sequentially by the user’s device and by the designated access point of the café. The access point must have a light capable of showing two colors and must be mounted prominently in a position where users can have confidence in its authenticity. We conducted a usability study with patrons in several cafés and participants found our mechanism very usable.