Project 2 - COMP 5407 (fall 2004)
Research Project (survey/optional implementation)
Last updated: 26 Oct. 2004, 1:00pm
Last day for area topic approval by instructor (see details below):
Tuesday Oct.26 2004.
Oral class presentations due: Nov.17-Dec.6.
Written report due: Dec.6 in class. No extensions.
Give a short oral presentation (approx. 25 minutes),
and submit a formal written report (maximum 20 pages)
on a course-related topic of current interest in the research community.
To avoid substantial overlap in class presentations,
topics must be approved by the instructor
(first-come first-served basis; see topics below).
Based on relevant papers, the written report
should provide a research survey including:
The oral part should include a subset of the above, and
as a minimum a clear description of the main problems being addressed
in the area, and solid motivation (e.g. why the problems are important).
It may involve use of an overhead projector,
data projector, handouts, etc. (all arranged by the student).
an outline and summary of the problem(s) and existing solutions in the area;
identification of important recent results and trends; and
discussion of important open problems and future research directions.
Grades will be awarded for demonstrating a solid understanding of the area,
insight (e.g. filling in explanatory gaps or smoothly
integrating results of several papers), and conciseness and clarity.
Extra marks will be awarded for novel extensions to existing research.
A written report on its way to being a publishable paper will receive an A+.
Both technical content and editorial style are important;
grades will be deducted for poor presentation
(grammar, spelling, punctuation), poor organization, and ambiguity / vagueness.
Proper academic citation of all sources relied on is required.
This is an individual project.
Read the "Policy re: Unethical Behaviour" on the course web page.
All specific ideas obtained from other students or sources must be
cited as such.
Projects involving programming:
Some projects may benefit from software implementations.
In these cases,
marks for the implementation aspect will be dependent on communicating
clearly and consisely what was learned from the implementation,
and explaining its novelty or importance to the project.
Prior consultation with the intructor is strongly recommended.
The selected topic and an initial list of reference papers
must be approved by the instructor.
For many of the proposed topics below, a few suggested references are given.
If not, or if you have trouble obtaining references for
a topic area you are interested in, please discuss with the instructor.
Note: the following topics/oral dates are already taken
(other students wanting the same topic must make
a proposal substantially different from the first).
Nov.17: Paul Boone (#5), Claude Van Ham (#11 subset), Hao Chen (#12)
Nov.22: William Elazmeh (#3 subset), Evan Hughes (#2), Ervin Ruci (#1)
Nov.24: Deholo Nali (#7 subset), Hai Tao (#7 subset), Frank Akujobi (#17)
Nov.29: Brad Metz (#6), Dan Calvert (#16 subset), Behzad Malak (#9)
Dec.1: James Kelly (#1), Fuwaz Alsulaiman (#1), Scott Hollett (?)
Dec.6: final lecture
Propose your own topic (related to the course outline).
Specify your major references.
Extend the research from the client-side phishing-detector plugin
paper discussed in class, or explore solutions to online identity theft.
Memory mismanagement exploits.
In addition to stack-based buffer overflows, many related problems are known
(e.g. heap and static memory overflows, integer overflows,
double-free errors, format string vulnerabilities, ...).
Explore and classify exploitable software vulnerabilities
involving memory management, and recently proposed solutions.
Suggested main references for problems:
for solutions: see references section of "Address Obfuscation" paper
Examples of more specialized articles:
(For Issue#NN of Phrack Magazine, see http://www.phrack.org/show.php?p=NN )
Security in peer-to-peer software systems.
Report on security vulnerabilities existing in current P2P software systems.
Possible starting points (others may be more recent):
[P2Pwg], [Couch], [McKean], [Good], [Wallach].
Security in Instant Messaging.
Survey the security of Instant Messaging protocols and products.
Give a threat model, outline security risks in practice, and propose
mechanisms to mitigate the risks. Refer to actual
(commercial or free) software products where possible.
Starting point: [Mannan].
Software tamper resistance.
Survey recent research on software tamper resistance;
compare different approaches and explore which are complementary.
Extend the existing analysis on graphical passwords (see class paper),
and/or make new proposals (e.g. an alternate grid scheme for converting
diagrams into password encodings); implement if appropriate.
Or review and extend the analysis in [Thorpe04].
Generating crypto keys from voice.
Explore and summarize work on generating keys from voice [MonReiter01],
building on earlier work related to keystroke dynamics [Monrose01].
Digital rights management.
Propose a project related to software-based digital rights management (DRM).
You may include software obfuscation if you wish (but try to avoid
direct overlap with the topic "Software tamper resistance").
Finding cryptographic keys in memory.
(includes software implementation)
Van Someren and Shamir [VanS] have noted
cryptographic keys are easily found in computer memory,
being easily distinguished from other data items
by their abnormal randomness. Indpendently verify their work,
and/or extend it. (Run tests only on your own machines, or with the
permission of others; do not break any laws!)
Human factors in computer security.
Explore and summarize recent research in the area of
human-computer interface (HCI) and computer security.
References: see [HCISecbibli].
Browser security and spoofing.
Explore the difficulty (or ease) of malicious web servers spoofing
legitimate web sites.
Suggested starting references: [YeYuanSmith02], [Felten97].
Browser-based certificate problems.
Explore, summarize, and discuss implications of the following
major browser certificate problems from 2000-2002:
flaw in certificate chain processing (2002) [zcertificate1];
erroneously-issued certificate (2001) [zcertificate2];
Y2K certificate expiry problem (2000) [zcertificate 3].
(Warning: be a cautious judge of the technical credibility
of non-scientific online articles).
Non-browser certificate infrastructures.
Explore issues related to non-browser-based PKIs.
Recommended references: [Branchaud04], [Hesse02], [Elley01].
Password protocols resisting on-line dictionary attack.
Propose alternatives or extensions to the Pinkas-Sander paper and protocol
from class, or review and extend related ideas from [Stubblebine04].
Password protocols resisting off-line dictionary attack
(including software implementation if appropriate).
Perform an independent analysis, including efficiency comparisons
(message exchanges; efficiency for parameters offering practical security;
security guarantees), of some subset of:
EKE (from class) and similar password-based protocols: e.g.
SPEKE [Jablon, Zhang04], SRP [Wu], AMP [Kwon] (see also [SPA]),
OKE and related protocols (e.g. see [MacKenzie00]).
If you carry out implementations to aid timing comparisons,
save time by using publicly available big-integer crypto-math packages.
Web client authentication reality.
Explore and summarize issues related to current practice of web authentication.
Main reference (more recent work may also be available): [Fu01].
Trends in malicious code.
Summarize major malicious code incidents from the past few years
(e.g. Code Red; Nimda; Sircam; Slammer; Blaster; Witty; etc.),
discuss apparent trends in depth,
and predictions made by experts such as Staniford et al.
(see class reading), and CERT (see http://www.cert.org).
Determining safety of externally-supplied binary code.
Explore and summarize Necula's seminal work [Necula96]
on proof-carrying-code (PCC), and more recent progress in this area.
Crypto schemes limiting damage due to compromised keys.
Long-term keys in standard cryptographic algorithms are vulnerable to
key compromise (e.g. see [VanS]).
Explore and summarize the problem of undetected key compromise [Just],
and related work including forward-secure signatures [Bell99]
and key-insulated cryptosystems [Dodis].
Practical acceptance of cryptographic infrastructures.
Examine the challenges of digital signature systems being accepted
in practice. Issues include: perceived and actual security threats,
the veracity of public-key bindings to real-world identities,
certificate revocation issues,
relationships between signatures and authorization.
Example references (see instructor also): [VanS]; [Winn]; [Cryptogram].
Non-technical barriers to digital signatures in practice.
Carry out a detailed analysis of non-technical barriers to the success of
digital signature systems in practice (e.g. societal and cultural factors,
legal issues, user interfaces, etc.) Propose solutions for removing the
barriers, or arguments as to why they are not likely to be eliminated.
References: see instructor.
Recent authentication proposals.
Critically analyze (two or more) and/or extend (one)
novel recent authentication mechanisms or engineered approaches.
ink-blot authentication [Stubblefield],
wireless token-based authentication [Corner02].
Browser trust anchors and chains.
Explore, document, and critically analyze
the built-in "root certificate" (trust anchor) mechanisms in
common browsers (e.g. IE, Netscape, Firefox, Opera), and the certificate
chaining mechanisms actually used (e.g. by SSL) by browsers to "trust"
server certificates. For example: how many trust anchors are built in to
each browser? How long are typically certificate chains, and what
intermediate parties do they typically involve? What are the implications if
the private key of a single browser trust anchor is compromised? Etc.
Trust management, security policy and KeyNote.
Propose a project related to
trust management, security policy and KeyNote (see Matt Blaze's home page).
"Smashing The Stack For Fun And Profit",
Phrack Magazine, Issue 49, Article 14 (Nov. 1996),
[Bell99] M. Bellare, S.Miner,
A forward-secure digital signature scheme, Crypto’99.
[Birget03] J.-C. Birget et al.,
Robust discretization, with an application
to graphical passwords.
Cryptology ePrint Archive,
Report 2003/168, http://eprint.iacr.org
M. Branchaud, S. Flinn,
xTrust: A scalable trust management infrastructure,
pp.207-218, proceedings of Privacy, Security and Trust 2004,
Bulba and Kil3r,
"Bypassing Stackguard and Stackshield",
Phrack Magazine, Issue 56 Article 5 (May 2000),
Chang and Atallah, "Protecting Software by Code Guards",
ACM CCS-9 workshop DRM 2001 (available online).
Chen at al.,
"Oblivious Hashing: A Stealthy Software Integrity Verification Primitive",
Information Hiding - 5th International Workshop (Oct. 2002).
Cohen, "Operating System Protection Through Program Evolution",
Computers and Security, Oct. 1993 (available online).
Conover and w00w00 Security Team,
"w00w00 on Heap Overflows",
[Corner02] Mark Corner, Brian Noble, Zero-Interaction Authentication,
MOBICOM'02 (Sept. 2002).
[Couch] Couch, "Peer-to-Peer File-Sharing Networks: Security Risks",
(Sept. 8, 2002), http://www.sans.org/rr/policy/peer.php
[Cryptogram] Various articles in Schneier's monthly newsletter,
[Dodis] Y.Dodis, J.Katz, S.Xu, M.Yung,
Key-insulated public key cryptosystems, Eurocrypt 2002.
[Elley01] Elley et al.,
"Building Certification Paths: Forward vs. Reverse", NDSS'01,
Felten et al.,
"Web spoofing: an Internet con game",
20th National Information Systems Security Conference (Oct 1997),
[Fu01], Fu et al., "Do's and Don'ts of Client Authentication on the Web",
2001 USENIX Security.
FX of Phenoelit,
"Burning the bridge: Cisco IOS exploits" (heap overflow in ios),
Phrack Magazine, Issue 60, Article 7 (Dec. 2002),
gera and riq,
"Advances in format string exploitation",
Phrack Magazine, Issue 59, Article 7 (July 2002),
[Good] Good and Krekelberg,
"Usability and privacy: a study of Kazaa P2P file-sharing", http://www.hpl.hp.com/shl/papers/kazaa/KazaaUsability.pdf
[Hesse02] Hesse and Lemire,
"Managing Interoperability in Non-Hierarchical Public-Key Infrastructures",
Bibliography on human factors in computer security:
Horne et al.,
"Dynamic Self-Checking Techniques for Improved Tamper Resistance",
ACM CCS-9 workshop DRM 2001 (available online).
[Jablon] Jabon, "Strong password-only authenticated key exchange",
ACM Computer Communcations Review, Oct. 1996 (available online).
[Just] M. Just, P.C. Van Oorschot,
Addressing the problem of undetected signature key compromise, NDSS’99.
[Kwon] Kwon, "Authentication and key agreement via memorable password",
NDSS'01 (available online).
[MacKenzie00] MacKenzie, Patel, Swaminathan,
Password-Authenticated Key Exchanged Based on RSA,
[Mannan] M. Mannan, P.C. van Oorschot,
"Secure Instant Messaging: A Survey",
PST'04 (Privacy, Security and Trust 2004 Conference), Oct.2004.
"Peer-to-Peer Security and Intel’s Peer-to-Peer Trusted Library"
(Aug. 20, 2001), http://www.sans.org/rr/threats/peer.php
Monrose, Reiter et al.,
"Cryptographic Key Generation from Voice",
2001 IEEE Symp. Security and Privacy (available online);
see also http://www.bell-labs.com/user/fabian/shortcut.html;
and Monrose et al.,
"Toward speech-generated cryptographic keys on resource constrained devices",
2002 Usenix Security Symp.
Monrose et al., Password Hardening based on Keystroke Dynamics,
International Journal of Information Security (2001),
[Necula96] Necula and Lee, "Safe kernel extensions without run-time checking",
OSDI'96 (availabe online).
See also later papers by same authors, including 1997:
"Proof-carrying code" (CMU technical report, and POPL'97 paper).
scut and team teso,
"Exploiting Format String Vulnerabilities" (March 2001),
[SPA] List of research papers on Strong Password Authentication:
Stubblebine, van Oorschot,
"Addressing Online Dictionary Attacks with Login Histories
and Humans-in-the-Loop", Financial Cryptography 2004.
[Stubblefield] Adam Stubblefield, Dan Simon,
Microsoft Research Technical Report MSR-TR-2004-85 (August 2004).
See USENIX Security 2004 and ACSAC 2004 papers on graphical passwords at
"Taking Advantage of Non-Terminated Adjacent Memory Spaces",
Phrack Magazine, Issue 56 Article 14 (May 2000),
[VanS] N. van Someren, A. Shamir,
Playing Hide and Seek with Keys, Financial Crypto’99.
A survey of peer-to-peer security issues, 2002.
[Winn] J. Winn, The emperor’s new clothes: the shocking truth
about digital signatures and Internet commerce,
pp.353-388 in 37 Idaho Law Review, no.2 (2001).
[Wu] Wu, "The secure remote password protocl", NDSS'98 (available online).
Ye, Yuan and Smith,
"Web spoofing revisited: SSL and beyond",
Technical Report TR2002-417 (Feb.1 2002),
M. Zhang, Analysis of the SPEKE Password-Authenticated Key Exchange Protocol,
IEEE Communications Letters vol.8 no.1 (Jan.2004), pp.63-65.
[zcertificate1] Articles related to 2002 flaw in certificate chain processing:
Microsoft security bulletin MS02-050
(Sept.04 2002; updated Sept.9 2002 and Nov.20 2002),
Certificate Validation Flaw Could Enable Identity Spoofing (Q329115),
"Security Flaw Found in Microsoft Web Browser", 13 August 2002,
(CAN-2002-0862 - candidate for inclusion in the CVE list);
bugtraq list posting (Aug.12 2002),
[zcertificate2] Articles related to 2001 erroneously-issued certificate:
Microsoft Security Bulletin MS01-017
(March 22, 2001; updated March 28, 2001),
Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard,
Slashdot thread (long): http://slashdot.org/articles/01/03/22/1947233.shtml;
Gregory L. Guerin, "Microsoft, VeriSign, and Certificate Revocation"
(20 Apr 2001; revised: 13 May 2001),
(includes discussion of Schneier’s "Fake Microsoft Certificates",
Apr.15 2001, http://www.counterpane.com/crypto-gram-0104.html#7 );
"The End of Trust as We Know It?
Analysis of the Microsoft/VeriSign Digital Certificate Incident" (July 2001),
[zcertificate3] Articles related to year 2000 certificate expiry problem:
Pete Loshin, "Y2K browser bug to affect e-commerce"
(CNN.com, May 31 1999),
"Technical Information - Root Expiry",