Improving Security Protocols
In 2013, Edward Snowden, a former Central Intelligence Agency employee, revealed the extent of government surveillance of our electronic communications and this has undoubtedly led to a much greater public interest in the issues surrounding encryption and securing our emails and messages. Subsequently, there has been increased focus on so-called end-to-end encryption: essentially any means of ensuring that third parties are not required for the encryption process so only the people communicating can read the messages. One practical means of providing end-to-end encryption is through the use of human-interactive security protocols.
To attack end-to-end encryption, an intruder’s best strategy is to impersonate one or more of the message recipients during the process of establishing secure communications. This known as a man-in-the-middle attack.
Oxford researchers have developed improvements to human-interactive security protocols which allow users to distinguish between an innocent communication failure and an attacker attempting to mount a man-in-the-middle attack.
Sorry, wrong number
In the image below, five people (shown in blue) are trying to communicate with each other on a network which is under attack from a “man-in-the-middle” (shown in black). To A, B and C the attacker is masquerading as D and E (shown as D’ and E’). To D and E the attacker similarly appears as A’, B’ and C’ (having intercepted communications from A, B and C). Ad hoc networks such as these can be secured by the use of human-interactive security protocols which employ an out-of-band communication channel (sometimes known as an “empirical channel”) without the need for trusted third parties or pre-existing public key infrastructures. The involvement of humans does, however, place a practical limit on the amount of data which can be communicated and compared via the out-of-band channel. That said, even a random 4-digit PIN only gives an attacker a 1/10,000 chance of guessing correctly if two PINs are being compared to secure communication. With standard protocols the man-in-the-middle can typically compare values and if there is no match simply decline to relay the failed response giving the appearance of a communication failure.
Unmasking the man-in-the-middle
Researchers at the University of Oxford have used their expertise in human-interactive security protocols, and in particular the HCBK protocol family, to provide for the first time an “audit” function allowing the cases of failed communication and failed attack to be disambiguated. This has a number of significant benefits:
- Protocol end users are aware of failed attempts to disrupt their communications: they can take countermeasures
- Service providers can now audit protocol usage and track attempted attacks
- Potential intruders are deterred as their attempts to attack protocols will be revealed
- Fail safe: if the audit function is temporarily unavailable then performance reverts to the standard protocol model and remains secure.
The underlying invention is the subject of a UK patent application. Modifications of the best-known and most widely-adopted protocols – such as HCBK, ZRTP and Bluetooth – have been proposed to demonstrate how the new audibility function can be implemented. The project will be of interest to companies commercializing software implementing human-interactive security protocols to create secured networks for authenticated users. Example application areas are secure messaging and financial transactions. To learn more please contact the Technology Transfer Manager.
about this technology