Don’t shoot the demonstrators

Academic papers, Legal issues, Politics, Security economics, Security psychology

Jim Graves, Alessandro Acquisti and I are giving a paper today at WEIS on Experimental Measurement of Attitudes Regarding Cybercrime, which we hope might nudge courts towards more rational sentencing for cybercrime.

At present, sentencing can seem somewhere between random and vindictive. People who commit a fraud online can get off with a tenth of what they’d get if they’d swindled the same amount of money face-to-face; yet people who indulge in political activism – as the Anonymous crowd did – can get hammered with much harsher sentences than they’d get for a comparable protest on the street.

Is this just the behaviour of courts and prosecutors, or does it reflect public attitudes?

We did a number of surveys of US residents and found convincing evidence that it’s the former. Americans want fraudsters to be punished on two criteria: for the value of the damage they do, with steadily tougher punishments for more damage, and for their motivation, where they want people who hack for profit to be punished more harshly than people who hack for political protest.

So Americans, thankfully, are rational. Let’s hope that legislators and prosecutors start listening to their voters.

A Study of Whois Privacy and Proxy Service Abuse

Academic papers, Security economics

Long time readers will recall that last year ICANN published the draft report of our study into the abuse of privacy and proxy services when registering domain names.
At WEIS 2014 I will present our academic paper summarising what we have found — and the summary (as the slides for the talk indicate) is very straightforward:

  • when criminals register domain names for use in online criminality they don’t provide their names and addresses;
  • we collected substantial data to show that this is generally true;
  • in doing so we found that the way in which contact details are hidden varies somewhat depending upon the criminal activity and this gives new insights;
  • meantime, people calling for changes to domain ‘privacy’ and ‘proxy’ services “because they are used by criminals” must understand:
    • the impact of such a policy change on other registrants
    • the limitations of such a policy change on criminals

To give just one example, the registrants of the domain names used for fake pharmacies are the group that uses privacy and proxy services the most (55%) : that’s because a key way in which such pharmacy domains are suppressed is to draw attention to invalid details having been provided when the domain was registered. Privacy and proxy services hide this fakery. In contrast, the registrants of domains that are used to supply child sexual images turn to privacy and proxy services just 29% of the time (only just higher than banks — 28%)… but drawing attention to fallacious registration details is not the approach that is generally taken for this type of content.

Our work provides considerable amounts of hard data to inform the debates around changing the domain Whois system to significantly improve accuracy and usefulness and to prevent misuse. Abolishing privacy and proxy services, if this was even possible, would affect a substantial amount of lawful activity — while criminals currently using these services might be expected to adopt the methods of their peers and instead provide incomplete and inaccurate data. However, insisting that domain registration data was always complete and accurate would mean a great many lawful registrations would need to be updated.

Why bouncing droplets are a pretty good model of quantum mechanics – seminar

Academic papers, News coverage, Seminars

Today Robert Brady and I will be giving a seminar in Cambridge where we will explain Yves Couder’s beautiful bouncing droplet experiments. Droplets bouncing on a vibrating fluid bath show many of the weird phenomena of quantum mechanics including tunneling, diffraction and quantized orbits.

We published a paper on this in January and blogged it at the time, but now we have more complete results. The two-dimensional model of electromagnetism that we see in bouncing droplets goes over to three dimensions too, giving us a better model of transverse sound in superfluids and a better explanation of the Bell test results. Here are the slides.

The talk will be at 4pm in the Centre for Mathematical Sciences.

Security and Human Behaviour 2014

Academic papers, Politics, Security economics, Security psychology, Social networks

I’m liveblogging the Workshop on Security and Human Behaviour which is being held here in Cambridge. The participants’ papers are here and the programme is here. For background, see the liveblogs for SHB 2008-13 which are linked here and here. Blog posts summarising the talks at the workshop sessions will appear as followups below, and audio files will be here.

PhD studentship: Model-based assessment of compromising emanations

Hardware & signals, Jobs

We have a fully funded 3.5-year PhD Studentship on offer, from October 2014, for a research student to work on “Model-based assessment of compromising emanations”. The project aims to improve our understanding of electro-magnetic emissions that are unintentionally emitted by computing equipment, and the eavesdropping risks they pose. In particular, it aims to improve test and measurement procedures (TEMPEST) for computing equipment that processes extremely confidential data. We are looking for an Electrical Engineering, Computer Science or Physics graduate with an interest in electronics, software-defined radio, hardware security, side-channel cryptanalysis, digital signal processing, electromagnetic compatibility, or machine learning.

Check the full advert and contact Dr Markus Kuhn for more information if you are interested in applying, quoting NR03517. Application deadline: 23 June 2014.

Light Blue Touchpaper now on HTTPS

Authentication, Cryptology, Meta, Web security

Light Blue Touchpaper now supports TLS, so as to protect passwords and authentication cookies from eavesdropping. TLS support is provided by the Pound load-balancer, because Varnish (our reverse-proxy cache) does not support TLS.

The configuration is intended to be a reasonable trade-off between security and usability, and gets an A– on the Qualys SSL report. The cipher suite list is based on the very helpful Qualys Security Labs recommendations and Apache header re-writing sets the HttpOnly and Secure cookie flags to resist cookie hijacking.

As always, we might have missed something, so if you notice problems such as incompatibilities with certain browsers, then please let us know on <lbt-admin@cl.cam.ac.uk>. or in the comments.

Post-Snowden: the economics of surveillance

Academic papers, News coverage, Politics, Privacy technology, Security economics

After 9/11, we worked on the economics of security, in an attempt to bring back some rationality. Next followed the economics of privacy, which Alessandro Acquisti and others developed to explain why people interact with social media the way they do. A year after the Snowden revelations, it’s time to talk about the economics of surveillance.

In a new paper I discuss how information economics applies to the NSA and its allies, just as it applies to Google and Microsoft. The Snowden papers reveal that the modern world of signals intelligence exhibits strong network effects which cause surveillance platforms to behave much like operating systems or social networks. So while India used to be happy to buy warplanes from Russia (and they still do), they now share intelligence with the NSA as it has the bigger network. Networks also tend to merge, so we see the convergence of intelligence with law enforcement everywhere, from PRISM to the UK Communications Data Bill.

There is an interesting cultural split in that while the IT industry understands network effects extremely well, the international relations community pays almost no attention to it. So it’s not just a matter of the left coast thinking Snowden a whistleblower and the right coast thinking him a traitor; there is a real gap in the underlying conceptual analysis.

That is a shame. The global surveillance network that’s currently being built by the NSA, GCHQ and its collaborator agencies in dozens of countries may become a new international institution, like the World Bank or the United Nations, but more influential and rather harder to govern. And just as Britain’s imperial network of telegraph and telephone cables survived the demise of empire, so the global surveillance network may survive America’s pre-eminence. Mr Obama might care to stop and wonder whether the amount of privacy he extends to a farmer in the Punjab today might be correlated with with amount of privacy the ruler of China will extend to his grandchildren in fifty years’ time. What goes around, comes around.

The pre-play vulnerability in Chip and PIN

Academic papers, Banking security, Cryptology, Hardware & signals

Today we have published a new paper: “Chip and Skim: cloning EMV cards with the pre-play attack”, presented at the 2014 IEEE Symposium on Security and Privacy. The paper analyses the EMV protocol, the leading smart card payment system with 1.62 billion cards in circulation, and known as “Chip and PIN” in English-speaking countries. As a result of the Target data breach, banks in the US (which have lagged behind in Chip and PIN deployment compared to the rest of the world) have accelerated their efforts to roll out Chip and PIN capable cards to their customers.

However, our paper shows that Chip and PIN, as currently implemented, still has serious vulnerabilities, which might leave customers at risk of fraud. Previously we have shown how cards can be used without knowing the correct PIN, and that card details can be intercepted as a result of flawed tamper-protection. Our new paper shows that it is possible to create clone chip cards which normal bank procedures will not be able to distinguish from the real card.

When a Chip and PIN transaction is performed, the terminal requests that the card produces an authentication code for the transaction. Part of this transaction is a number that is supposed to be random, so as to stop an authentication code being generated in advance. However, there are two ways in which the protection can by bypassed: the first requires that the Chip and PIN terminal has a poorly designed random generation (which we have observed in the wild); the second requires that the Chip and PIN terminal or its communications back to the bank can be tampered with (which again, we have observed in the wild).

To carry out the attack, the criminal arranges that the targeted terminal will generate a particular “random” number in the future (either by predicting which number will be generated by a poorly designed random number generator, by tampering with the random number generator, or by tampering with the random number sent to the bank). Then the criminal gains temporary access to the card (for example by tampering with a Chip and PIN terminal) and requests authentication codes corresponding to the “random” number(s) that will later occur. Finally, the attacker loads the authentication codes on to the clone card, and uses this card in the targeted terminal. Because the authentication codes that the clone card provides match those which the real card would have provided, the bank cannot distinguish between the clone card and the real one.

Because the transactions look legitimate, banks may refuse to refund victims of fraud. So in the paper we discuss how bank procedures could be improved to detect whether this attack has occurred. We also describe how the Chip and PIN system could be improved. As a result of our research, work has started on mitigating one of the vulnerabilities we identified; the certification requirements for random number generators in Chip and PIN terminals have been improved, though old terminals may still be vulnerable. Attacks making use of tampered random number generators or communications are more challenging to prevent and have yet to be addressed.

Update (2014-05-20): There is press coverage of this paper in The Register, SC Magazine UK and Schneier on Security.
Update (2014-05-21): Also now covered in The Hacker News.