Topics of interest

Cryptographic Research and Programs

Dan Boneh and M. Franklin's Identity Based Encryption scheme.: This allows extremely flexible use of public key encryption. The mathematics behind it involve an original way of using Weil-pairings of points on elliptic curves (which are an interesting topic on their own).
The Pairing-Based Crypto Lounge has a list of crypto schemes that use Weil/Tate/Frey-Pairings.
CryptoMail: is an open-source Web mail program with automatic encryption. It is practically the same as Hushmail, but all the sources are free, so you can build your on server, modify it, etc.
Self-certifying File System: is a networked filesystem with strong encryption and authentication. A nice feature is that locations like /sfs/faui1s.informatik.uni-erlangen.de:ppvbuvs4h5sq47ky63xxrkkck63f5awd/bauerm/ include a hash of the server's pubkey, so by simply providing a symbolic link on your own server to the location of another server you certify that server's key. (A not-so-nice feature is, that the sources are an example of OOO (Obejct Oriented Obfuscation) and a stress-test for C++ compilers.)

Software

Berkley Unix-like OS, runs on various hardware platforms. Has a strong emphasis on security and crypto. All the system sources are in /usr/src, so no fiddling with rpm. OpenBSD has build in support for crypto hardware, e.g. the Soekris crypto accelerator. Most outstanding features IMHO are

Clean code: All user-space programs are compiled with the gcc options -Wall -Werror. That means, if there was anything that looks dubious to gcc (strange casts, pointer-juggling,..), the program would not compile at all (warnings are treated as errors).
Propolice GCC: Propolice is a stack smashing protector built inside gcc. This should catch most buffer-overflow attacks.
Privilege Separation: Many critical processes that need root privileges (portmap, sshd, X and others) are split into two processes. A very small one that runs as root and does only the stuff which needs root-privileges, and another process which runs as a sort of nobody and is chrooted in a empty directory. The privileged part checks carefully what is requested by the unprivileged part. In case of security problems in the more complex part of the program, only the unprivileged part can be subverted --> No cigar!.
System Call Policies: The systrace command allows root to formulate filters for all system calls, per process. The rules are checked by the kernel itself (not by a ptraceing user-space program as in similar proposals), so this is fast. This allows e.g. extremely restrictive policies for network daemons. In case of a buffer overflow in e.g. ftpd, an attacker would be unable start a shell with exec(2), if ftpd was not allowed to call exec.

Screen

is one of the most useful programs ever written. It allows you to run several pseudo-terminals inside an arbitrary terminal, e.g. xterm, /dev/console, the old vt220. It allows to switch between these ptys, copy/paste between them, scroll back even if the surrounding terminal has no scrollbar, have an alarm ring if something happens in one of them, and a lot of other cool and useful things. It is also the most widely known accomplishment of this computer science department :-) .

OpenSSH

is an open implementation of the SSH protocol, versions 1 and 2, by the OpenBSD people. In addition of being the best reviewed and least bug-ridden implementation, it has a number of rather interesting features, like for example Firewall Piercing.

Wireless

Grid: Ad hoc mobile networking: Grid allows laptops (Linux, FreeBSD, OpenBSD) to route traffic for other mobile users. Their route-update protocol is said to allow the mobile net to grow up to 600 machines, all of them mobile.
Papers on Ad-hoc Multihop Wireless Networks Oehm, meta-link: A list of papers about wireless networking where hosts route traffic for each other.
Mobile Mesh Discovery Protocol: This routing protocol allows, among other things, that hosts with a non-wireless internet uplink in addition to their wireless interface announce their capability to work as wormholes between wireless hosts.

Peer to Peer Networking

Decentralized Resource Discovery in Large Peer Based Networks: Scalable resource discovery is a problem. This article discusses the techniques used by the Alpine project.
Extending WWW for Synchronous Collaboration: This is the earliest appearance of the term ''Peer to Peer`` in the meaning implied now.
Electronic Proceedings for the 1st International Workshop on Peer-to-Peer Systems (IPTPS '02): Most of the papers are concerned with extensions and applications of Chord (see below). Interesting all the same.
The O'Reilly Peer-to-Peer and Web Services Conference: This was the first conference on P2P technology. The pages contains links to all the presentations, related work, literature and press coverage.
CodeCon 2002: This was a true hands-on workshop on P2P technology, security and network architecture. The page has links to most of the projects presented.
OpenP2P: O'Reilly's electronics magazine on P2P technology.
Chord: Chord is a P2P location lookup service that cleverly uses distributed hashtables. Load is automatically balanced and flooding is hard.
Circle: Circle is very similiar to Chord above. There's an implementation available, with some services already added on top of the core.
Naming (comments and links): Naming of resources, locations etc. in distributed, specially Peer2Peer systems is a hard problem, related to resource location, collision avoidance, trademark law and philosophical considerations. This is a call for discussion, listing many articles, projects and related work.

Anonymity in Cyberspace

Anonymous and Pseudonymous communications and systems research: Bibliography: A bibliography maintained by George Danezis
GNUnet: GNUnet is an anonymous, distributed, reputation based network. And it has been implemented, in contrast to dozens of similiar projects.

People

Niels Provos: Niels is a fellow with many talents. He is one of the OpenSSH authors, did a lot of work on IPsec and wrote loads of useful and interesting programs and libraries.
Ross Anderson: Prof. Anderson wrote one of the best books on security in general and network security. His sparkling wit and creativity impressed me deeply.
Peter Gutmann: Peter was and is involved in a lot of security related projects, discussions and programs. His Ph.D. thesis has a wonderful chapter on formal verification of software, which should be standard reading for every computer scientist.
Marc Rössler: Marc is a public surveillance specialist, among other things. He has written a description of different types of surveillance cameras and how to find them. This includes electric schemata for a detector device.

Articles

Spass mit Hashes(.ps)

A short introduction in German to cryptographic hash functions and their applications, including some examples which could appear in Schneier's Esoteric Protocols chapter.

Anonymität

A nine-page description in German of anonymity (or lack thereof) on the Internet and attempts to provide it. It's some years old now and does not include newer advances like JAP, GNUnet, etc..

Elliptische Kurven in der Kryptographie

My diploma thesis, in German. It's about the Menezes-Okamoto-Vanstone attack on supersingular elliptic curve cryptosystems.
If you want to study elliptic curve crypto I would recommend to peruse the following books, in that order:

Rational Points on Elliptic Curves (Springer Undergraduate Texts in Mathematics), by Joseph H. Silverman and John Tate, 1992.
Elliptic curve public key cryptosystems by Alfred J. Menezes. Kluwer, 1993.
Elliptic Curves in Cryptography by I. Blake, G. Seroussi, Nigel P. Smart. Cambridge University Press, 2000.

Distributed Intrusion Detection reveals fragmented attacks and portscans over multiple routes

Joint paper with Stefan Wieseckel and Bernd Schnitzer.
We present an extension of the widely-used snort to detect portscan attacks that try to reach machines via different gateways. The extension also helps to detect fragmented malicious packets coming through different gateways.

TransCrypt - a Crypto Layer above the File System

Joint paper with Roland Schulz.
Some transparently encrypting filesystems already exist for the Linux operating system. The scope of this work is designing and implementing a proof of concept system that does not depend on the use of a special filesystem, is multiuser capable and interfaces with the user in a way not inhibiting normal day to day w ork.

Hacks

Crypt::CFB

Cipher Feedback Mode of operation for almost arbitrary block ciphers and hash functions. It is sufficiently object oriented to derive Crypt::Ctr (Counter Mode) in 16 lines of code.

Crypt::OpenSSL::RSA

This Perl module by Ian Robertson provides a Perl interface for the RSA crypto functions in OpenSSL.
I contributed a patch to add support for signatures with various underlying hash algorithms and for encyption without padding. The patch also improved error reporting.

Extended Euclidian Algorihtm in dc(1)

If you think you're really bored than guess how bored I was when I wrote The Extended Euclidian Algorithm in a one-line shell script.
Ok, it's a long line (160 chars in the dc part), but it runs on every POSIX compliant system and works on arbitrarily large numbers.
Simon Kellner rolled his own ExtEuclid for GNU dc.

HashCash

Also called Client Puzzles. HashCash is used to prove expenditure of computing power. This is interesting for flooding control, e.g.

SMTP Server: You want to send this email to 10.000 recipients? Well, pay 12 bits of HashCash for each one.
Spammer's MUA: Alright, forget about it.

Adam Back proposed and implemented HashCash based on partial hash collisions. I wrote a perl module that implements charge, pay and check functions for Hashcash in interactive contexts.

Offline HashCash

In contexts like remailers it is impossible to have the originator of a message solve puzzles interactively. But with quasi-synchronous clocks (exact up to a few hours perhaps) and a small database, it is possible to implement offline Hashcash. Such a Hashcash Check looks like:

   HashCheck
   Version: 0.1
   To: provos@citi.umich.edu
   Bits: 12
   Comment: test
   Date: 1015030975
   Rand: 1530c9285266d00f260983b793861dfd
   Hash: 001110111111

It is bound to a recipient (provos@citi.umich.edu) and a date, so presenting the same check to other parties or to the same party after a certain period of validity will fail. For the period of validity the recipient has to store the Rand value and compare incoming Hashcash Checks against the list of received checks. If the Rand is on the list or the date outside the validity, the Hashcash is ignored. And it's all implemented in Perl. Adam Back has a similiar scheme with shorter messages intended to be embedded in headers of other protocols.

Transferable namespace projection in bind9

Assume that you have control over a zone somezone.net, i.e. you can add records in that zone. With this patch to bind-9.1.3 you can designate a new domain, even a TLD, e.g. .mytld. Every hostname h.mytld in that zone is CNAMEd to a hostname j in somezone.net, where j = SHA1(h . <secret>). <secret> is set in bind's config file. This allows you to assign arbitrary meaningful names in .mytld, like icannsucks.mytld. The DNS queries that leave the subnet with your modified bind refer to meaningless hostnames in somezone.net. If you want to share this local namespace with someone, you just have to send him/her the configfile entry that defines the TLD and the secret.

Keyboard bindings for 9menu

9menu is a small X11 program that displays a menu of programs to be started. It is modeled after a feature in Plan9's user interface. Since I mostly use wmx, because I do not like to take my hands off the keyboard, I added a cursor-up/cursor-down/enter event handling.

Literature

Thomas Pynchon: Author of wonderful books. The libyrinth has a nice collection of links about him and his work.
There is almost no subject that is not touched somewhere in Pynchon's narrations. The Tristero Project for example, is named after a subliminal communication network in Pynchon's The crying of lot 49, as is the W.A.S.T.E. community site.

Favorite Weblogs and Newsposts

Heise Newsticker: News service by the makers of c't. News about technology and related political tendencies. In German. Less frequently in English.
Telepolis: E-Mag on politics, society and more with a bias towards network related topics. In German, less frequently in English.
Slashdot: Well, Slashdot
Consensus at Lawyerpoint: The Electronic Frontier Foundations Weblog on Anti-Consumer/ Anti-Customer/Anti-Citizen Laws in the US.
Spin of the Day: Reports from the Public Relations frontier, like who is paying what PR firm to mislead the public about what.
Red Rock Eater Digest @ The Commons: The concentrated information from the Red Rock Eater mailing list. Mostly non-mainstream articles on politics, political jargon, international relations and technology.
Need to Know: E-Mag, British. ''Weekly high-tech sarcastic update for the uk``. Info about obscure technology, too.

Last Update: 2004/03/18 10:39:01
Revision: 1.26