- Share
- Share on Facebook
- Share on X
- Share on LinkedIn
Forum
From January 28, 2020 to January 30, 2020
Keynote
Do you trust your TLS certificate? (Professor Philippe Elbaz-Vincent - Institut Fourier) - Wednesday, January 29, 2020 10:30 AM - 11:30 AM - Poster area
ABSTRACT - Over the last 20 years, there has been a flurry of vulnerabilities of all types on protocols such as SSL/TLS, SSH, OpenPGP or on certificates meant to protect critical infrastructures. Since 2010 and the advent of the SSL Observatory of the EFF (Electronic Frontier Foundation), systematic analyses have been conducted by research teams around the world on the public cryptographic data of these certificates, most often coming from network components such as routers, firewalls, various connected objects (including video surveillance cameras), and have revealed multiple vulnerabilities that generally lead to the recovery of private keys and, as such, completely compromise the security infrastructure. Similar studies have been conducted on certificates coming from physical components (eg. based on smart cards) with similar results.
These vulnerabilities are often caused by algorithmic errors in the generation of cryptographic parameters or problems related to the random seed used when generating the certificate. Studies on TLS certificates and other cryptographic data are regularly updated and despite numerous notifications to manufacturers and competent authorities (eg. CERT), these vulnerabilities are still massively present, easily exploitable with a minimum of mathematical knowledge and reasonable computational resources, and thus represent a goldmine for cybercriminals!
We will present a state of the art survey by 2020 of these vulnerabilities, which will be illustrated by recent studies of our team over several million different network components, and discuss their practical consequences for infrastructures. We will also present the latest feedback from manufacturers and provide a 10-year review of these analyses and what they illustrate in terms of "bad" cryptographic practices.
The geopolitics behind the routes data travels (Kave Salamatian - Université Savoie Mont-Blanc) - Wednesday, January 29, 2020 4:00 PM - 5:00 PM - Poster area
This presentation examines the geopolitical underpinnings of data routing through some case studies. The Internet is a network of networks where each network is an Autonomous System (ASes). ASes are independent administrative entities controlled by a variety of actors such as governments, companies, universities. Their administrators have to agree on the path followed by packets to travel across the Internet, which is done by the intermediary of the Border Gateway Protocol (BGP). Therefore, BGP requires neighboring ASes to interact in order to coordinate routing, through connectivity update messages announcing the availability (or withdrawal) of a sequence of ASes that can be followed to reach an IP address prefix. BGP hence defines the shape and the topology of the Internet. An AS announces a path through its network that can be taken to reach a destination only if there is a contractual obligation or a benefit for doing so. BGP provides, therefore, a novel setting to observe economic, regulatory and geopolitical tensions which would usually be concealed, but have to surface to enforce concretely political and economic constraints. In this presentation, we will show how the specifics of different BGP structures and connectivity structure enables active measures (such as censorship), both internally and externally, on the network. Through different examples, we will illustrate how routing can reveal hidden economic, political and power relationships between different actors. Combining the dynamic nature of AS graphs and geopolitical analysis, we provide a panoramic view of international's current-day interconnectivity.
Medias
Research in cybersecurity (Philippe Elbaz-Vincent - IF) - Interview for Acteurs Publics TV
Director Philippe Elbaz-Vincent will answer a few questions for Acteurs Publics TV regarding research in cybersecurity on January 29 afternoon.
Internet-wide Measurements for Cybersecurity: The Case of DNS Zone Poisoning (Maciej Korczynski - LIG) - Article in the FIC Newsletter
ABSTRACT - Current communication networks are increasingly becoming pervasive, complex, and ever-evolving due to factors like enormous growth in the number of network users, continuous appearance of network applications, increasing amount of data transferred, and diversity of user behavior. Therefore, there is a great need for comprehensive Internet-wide measurements for cybersecurity. Critical facts about the Internet security, such as “Which domain registries are abused by the cybercriminals the most?” or "Which Internet Service Providers do not deploy source IP address filtering, facilitating massive DDoS attacks?" remain poorly quantified.
In this paper, we will discuss a number of examples of measurement studies of the domain name space. In particular, we will explore an attack against configuration files of poorly maintained name servers allowing, for example, domain hijacking. We refer to this type of attack as to "zone poisoning". The attack is as simple as sending a single RFC compliant DNS dynamic update packet to a misconfigured server. In the simplest version of an attack, a miscreant could replace an existing A or MX DNS resource record in a zone file of a server and point the domain name to an IP address under control of an attacker. We will present the global measurement study of the vulnerability. To assess the potential impact of non-secure dynamic updates, we scanned 290 million domains worldwide and found that among the vulnerable domains are governments, banks and health care providers, demonstrating that the threat impacts important services.
We have also issued notifications for website owners, DNS service providers, and network operators, suffering from non-secure DNS dynamic updates to assess which mechanisms are more effective at remediating the vulnerability. After the introduction of the General Data Protection Regulation (GDPR) some registration information is, however, no longer displayed in the public WHOIS data. Therefore, we also assessed the effectiveness of alternative communication channels and issued notifications to national CERTs.
Via our study of the zone poisoning attack and subsequent notifications to affected parties and respective intermediaries, we aimed to improve the security of the global DNS ecosystem and test alternative methods to contact affected parties after the introduction of the GDPR regulation.
Demos
Attacking the UWB localization system using forged acknowledge responses (presented by Baptiste Pestourie - LCIS)
Nowadays, UWB technology (Ultra Wide Band) is widespread in applications such as drone/robot navigation thanks to its high performance for indoor positioning (reaching a precision of 10cm). Despite the existence of several security mechanisms in the 802.15.4 UWB standard, several flaws remain exploitable by attackers, including the absence of cryptographic signatures for acknowledge responses. In this demo, we will demonstrate how an attacker can take control over the position of a node within a standard UWB localization system using a simple 10 euros tag. Several simple countermeasures to prevent such attacks will also be proposed.January 28 | 13:00, 15:30 |
January 29 | 10:00, 14:00, 16:30 |
January 30 | 10:00, 13:00 |
Performance of the MPHELL Library integrated to MbedTLS (presented by Romain Xu-Darme and Ph. Elbaz-Vincent – Univ. Grenoble Alpes)
MPHELL is a library - working on x86, X86-64, ARM 32bits and STM32 architectures - which proposes cryptographic primitives such as scalar multiplication of points on an elliptic curve. These operations are implemented on standard curves - with good performance and security against SPA with respect to existing libraries (Intel PPCP, libSodium, MbedTLS, OpenSSL, libECC) - and are also opened to others curves for which fast and secure implementations are possible. This library has been integrated as an optional module to MbedTLS in order to boost performance and security of its underlying cryptographic mechanisms. This demo will showcase the live performance of a secure TLS connection with and without our library.January 28 | 14:00, 16:30 |
January 29 | 15:00, 17:30 |
January 30 | 12:00, 15:00 |
Lazart: code evaluation against fault injection (presented by Marie-Laure Potet – Vérimag)
We present Lazart, a tool based on symbolic execution allowing to evaluate the robustness of a source code against fault injections. This state-of-the-art tool handles multiples fault injections and is meant to be used by both developers and evaluators. It also allows to evaluate the effectiveness of countermeasures aiming at detecting such attacks. Finally, this tool is presented along the first public benchmark on fault injection - called FISCC - which was developed as part of the ANR project Astrid Sertif.January 28 | 15:00, 17:30 |
January 29 | 12:00, 16:00, 18:30 |
January 30 | 11:30, 14:30 |
Cyberdefense of industrial systems: a virtualization platform with hardware-in-the-loop (presented by Stéphane Mocanu – LIG)
In this demo, we present an electronic system for the virtualization of sensors and actuators allowing to plug real control & command equipments into a simulated industrial process. This platform allows the design of realistic test scenarios for the study of the cybersecurity of industrial systems: tests and visualization of the effects of an attack, pentesting, calibration of countermeasures.January 28 | 14:30, 17:00 |
January 29 | 11:30, 15:30, 18:00 |
January 30 | 11:00, 14:00 |
Strategy Challenge
This year, Cyber@Alps - in partnership with the Université Grenoble Alpes - is presenting two teams to the FIC Strategy Challenge :Team Error404 | Juliette Biau, Elisa Coustillet, Florian Carrio, Antoine Trostiansky |
---|---|
Team WannaWin | Chloé Bouvart, Arthur Coppin, Eugénie Dumas, Quentin Guerre-Berthelot |
Date
- Share
- Share on Facebook
- Share on X
- Share on LinkedIn