Faculty Candidate: Tadayoshi Kohno/Computer Science and Engineering Dept. University of California at San Diego SSH Security TCP Leaks and Not-so-AccuVotes: Computer Security from Proofs to People in ACES 2.302

Contact Name: 
Jenna Whitney
Date: 
Apr 13, 2006 11:00am - 12:00pm


There is a signup schedule for this
event.

Speaker Name/Affiliation: Tadayoshi Kohno/Computer Science

and Engineering Dept. University of California at San Diego

Talk Ti

tle: SSH Security TCP Leaks and Not-so-AccuVotes: Computer Security fro

m Proofs to People

Date/Time: April 13 2006 at 11:00 a.m.

C

offee: 10:45 a.m.

Location: ACES 2.302

Host: Vitaly Shmatik

ov

Talk Abstract:
Computer security research is a broad field wi

th research efforts
ranging from the design and analysis of low-level cr

yptographic
building blocks to the design and analysis of complex and so

cially
important systems. My research illustrates how weak links and
important issues often arise at the boundaries between different but
re

latively well-studied sub-areas. I provide three examples. My
first ex

ample focuses on how results about authenticated encryption
in standard

cryptographic models lift to real systems. I show that
although the pop

ular Secure Shell (SSH) protocol uses the
Encrypt-and-MAC method which

cryptographers have shown to be
generically insecure within SSH it is n

ot only secure but provably
so. In contrast I show that although recent
versions of the popular
WinZip application use the Encrypt-then-MAC met

hod which
cryptographers have proven to be secure within WinZip it is<

br>actually insecure. I emphasize that these results are not due to
any
weakness in the theory but rather call for the the need to be
careful

when applying theoretical results to real systems. My
second example sh

ows that one cannot ascertain the security of a
system by studying that

system''s software in isolation but must
rather study the complete syst

em (software and hardware) as a
whole. Specifically I describe a new p

rivacy issue with the TCP
protocol that only arises once one considers t

he interaction between
a device''s TCP software implementation and the d

evice''s underlying
hardware. For my third example I describe my disco

very of attacks
against the Diebold AccuVote-TS electronic voting machin

es. I then
describe some social and technical implications of my result

s.