Abstract
Trusted input techniques can profoundly enhance
a variety of scenarios like online banking, electronic voting,
Virtual Private Networks, and even commands to a server
or Industrial Control System. To protect the system from
malware of the sender’s computer, input needs to be reliably
authenticated. Previous research in this field is based on fixed
assumptions about trustworthy components and is, thus, too
rigid for this use case.
We present Smart-Guard, a method to protect user input
into a system even if the attacker controls – to us unknown –
parts of the underlying system. Our approach ensures integrity
of user input even when up to two of three devices are
compromised; confidentiality holds for one malicious device.
In this way, Smart-Guard has flexible trust assumptions, and
does not require any particular part of the system to be trusted.
To prove our claims, we formally verified our protocol using
the state-of-the-art protocol verifier ProVerif. Additionally, we
define a new class of techniques, malware tolerance, which operate
securely even when the system is infected with malware.
a variety of scenarios like online banking, electronic voting,
Virtual Private Networks, and even commands to a server
or Industrial Control System. To protect the system from
malware of the sender’s computer, input needs to be reliably
authenticated. Previous research in this field is based on fixed
assumptions about trustworthy components and is, thus, too
rigid for this use case.
We present Smart-Guard, a method to protect user input
into a system even if the attacker controls – to us unknown –
parts of the underlying system. Our approach ensures integrity
of user input even when up to two of three devices are
compromised; confidentiality holds for one malicious device.
In this way, Smart-Guard has flexible trust assumptions, and
does not require any particular part of the system to be trusted.
To prove our claims, we formally verified our protocol using
the state-of-the-art protocol verifier ProVerif. Additionally, we
define a new class of techniques, malware tolerance, which operate
securely even when the system is infected with malware.
Original language | English |
---|---|
Title of host publication | 2016 Intl IEEE Conferences on Ubiquitous Intelligence & Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People, and Smart World Congress (UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld) |
Number of pages | 8 |
Publisher | IEEE |
Publication date | 8 Aug 2016 |
Pages | 502-509 |
ISBN (Print) | 978-1-5090-2770-5 |
DOIs | |
Publication status | Published - 8 Aug 2016 |
Event | The 13th IEEE International Conference on Advanced and Trusted Computing: ATC 2016 - University Paul Sabatier of Toulouse, Toulouse, France Duration: 18 Jul 2016 → 21 Jul 2016 Conference number: 13 https://atc2016.sciencesconf.org/ |
Conference
Conference | The 13th IEEE International Conference on Advanced and Trusted Computing |
---|---|
Number | 13 |
Location | University Paul Sabatier of Toulouse |
Country/Territory | France |
City | Toulouse |
Period | 18/07/2016 → 21/07/2016 |
Internet address |
Keywords
- Trusted Input Techniques
- Online Security
- Malware Tolerance
- User Input Integrity
- System Authentication