Identity Theft Abhilasha Bhargav Spantzel bhargav cerias purdue edu Some comments from last time Properties of Identity System Narrow identifiers to pin point a specific subject e g no collision Audit and non repudiation Security crypto etc privacy Access control Seems like there may be a contradiction b w the property of consistent context plus the idea of central identity management Passport was trying to make identity consistent 2 Outline Motivation of Identity Theft Problem Crypto Background Zero Knowledge Proofs Distributed Hash Tables Our Recent Work will be presented in ACM CCS Digital Identity Management workshop Other Related Work Liberty Alliance Identity Theft workgroup if there is time 3 Identity Theft http www idthefts info What is Identity Theft IDENTITY THEFT is the use of personally identifying information belonging to one individual by another individual for financial or personal gain 4 Problems Lose Control of Your Own Identity Easy for identity thieves to assert they are someone else with the right data Difficult for Identity Theft victims to prove that they are themselves once compromised There is already a lot of information of an individual available at different places 5 How bad is it Numbers Two of the largest card issuing banks Losses 600 000 000 Between them 300 million cards THAT S ONLY 2 PER CARD Gartner says that 30 000 000 people received phishing emails and 1 780 000 responded 12 months ended Apr 2003 6 Attacks and Mitigations For your notes Objective Obtain Individual Identity Type Attack Trojan Keystro Description Mitigations Pharming DNS spoofing DNS cache poisoning proxy attacks Spyware malware placed via hacking as payload in a virus or ke 1 3 4 downloaded from an attacker s Web site Logging Wireless Open access points AirSnarfing Evil Twin 5 6 Intercept Technical 23 Scrape Web Site Gather personal data from Web sites to use as verifiers Network Sniffing Collect targeted network packets 7 23 Theft Stolen mail wallets purses laptops 2 5 6 Shoulder Surfing Direct observation of personal confidential information Physical Dumpster Diving Gather discarded documents or hardware disks Trusted Insiders Identity information misused by individuals with access Phishing Luring individuals to reveal confidential information Family Members Identity information misused by family members Social Legal IdentityObtain identity information fraudulently from credit bureaus Sources government agencies etc Engineering 419 Scams Obtain money and or account information 2 2 8 5 9 10 1 20 2 1 2 2 Obtain identity information from service providers doctors Trusted Insiders 1 2 21 22 dentists lawyers etc 8 Objective Obtain Multiple Identities Type Attack Description Mitigations Hacking Gain privileged access for further attacks and or data harvesting 10 12 13 14 15 16 17 Data Attacks Technical Physical SQL injection XSS attacks Database Attacks Login attacks inference attacks SQL scanners 7 18 19 1 5 15 Password Cracking Acquire admin passwords to servers 1 15 Theft and Loss Backup data tapes disks laptops etc 5 7 11 Firewall Breaches Connect and map internal network s 15 16 Dumpster DivingObtain discarded documents disks systems etc 8 Trusted Insiders Access individuals take data with removable media e mail 1 2 21 22 Gain Physical Computer Access rooms server farms wiring closets switches routers Trusted Insiders DBAs employees contractors individuals with access Social Phone RequestsObtain confidential information to facilitate attacks Engineering 1 2 1 2 21 22 2 9 Mitigations and Compensating Controls 1 Multi factor authentication 2 User education 3 Anti virus package s 4 Anti spyware package s 5 Encryption 6 Secure configuration 7 Encrypted payload 8 Shredding 9 Enforce need to know 10 Access controls and user privileges 11 Policy and enforcement 12 n tier architecture 13 Real time monitoring 14 Honey pots honey nets 15 HIPS Host Intrusion Protection Systems 16 NIDS Network Intrusion Detection Systems 17 Well configured firewall s 18 Server side validation 19 Secure coding techniques 20 Browser toolbars 21 Separation of duties 22 Audit controls 23 SSL TLS 10 Introducing 2 Crypto Concepts Zero Knowledge Proofs Distributed Hash Tables Zero Knowledge Proofs Prover tries to prove a certain fact to the other party called the verifier An interactive proof usually takes the form of a challenge response protocol Zero knowledge The verifier learns nothing about the fact being proved except that it is correct from the prover that he could not already learn without the prover Verifier cannot even later prove the fact to anyone else 12 Basic Definitions The ZKP is formulated by saying that anything that is feasibly computable from a ZKP is also feasibly computable from the assertion itself Variants on the basic def are Consideration of Auxiliary inputs Mandating of universal and black box simulations Restricting attention to honest verifiers The level of Similarity required for simulation Zero Knowledge proofs exist for any NP set provided One way functions exist for that set 13 A typical round in a zeroknowledge proof 1 2 3 Commitment message from the Prover Challenge from the Verifier Response to the challenge from the Prover The protocol may be repeated for many rounds why Based on the Prover s responses in all the rounds the Verifier decides whether to accept or reject the proof 14 What is a Commitment Scheme An electronic way to temporarily hide a value that cannot be changed Hiding no adversarial receiver learns information about the committed value Binding no adversarial sender can successfully convince reveal two different values 15 E g 1 Ali Baba s Cave 16 E g 2 G3C Graph 3 Coloring Common Input A graph Prover can color the graph using 3 colors Prover must keep the coloring secret 1 2 3 4 5 17 G3C is in Zero Knowledge Construction ZK interactive protocol for G3C Prover chooses a random color permutation Prover puts all the vertices colors inside envelopes 11 22 33 44 55 And sends them to the verifier 18 G3C is in ZK cont Verifier receives envelopes supposedly containing a legal 3 coloring of the graph Verifier chooses an edge at random 11 22 33 44 55 And asks Prover to open the 2 envelopes 19 G3C is in ZK cont Prover opens the envelopes revealing the colors 11 22 Verifier accepts if the colors are different 33 4 5 20 Formally G V E is 3 colorable if there exists a mapping V 1 2 3 so that u v for every u v E Let be a 3 coloring of G and let be a permutation over 1 2 3
View Full Document
Unlocking...