Paper-Conference

How to Respect Bystanders' Privacy in Smart Homes - A Co-Creation Study

Abstract

As technology advances, homes become more digitalized and evolve into smart homes. Bystanders, e.g. guests in smart homes, are often unaware of the smart home devices and the associated privacy risks that make them especially vulnerable. However, so far there is limited research on how the guests can be made aware of smart home devices in the household and how their resulting privacy preferences can be addressed while respecting the smart home owners’ preferences as well. To close this gap, we conducted three co-creation workshops with ten participants (N=10) developing various design solutions. Through a thematic analysis of our data, we identified design solutions for smart home devices and beyond, like higher-level applications for regulating privacy and inherent responsibility. We recommend a multi-modal approach focusing not only on the design of the devices but also on the higher-level management of privacy in smart homes.

Sara Hahn, Nusaibah Al-Amrani, Sara Allagah, He Rong Huang, Eva Kircher, Cornelia Rehs, Joachim Vogt, Karola Marky, Nina Gerber

PMMP-PQC Migration Management Process

Abstract

Organizations have to plan on migrating to quantum-resilient cryptographic measures, also known as PQC. However, this is a difficult task, and to the best of our knowledge, there is no generalized approach to manage such a complex migration for cryptography used in IT systems that explicitly integrates into organizations’ steering mechanisms and control systems. We present PMMP, a risk-based process for managing the migration of organizations from classic cryptography to PQC and establishing crypto-agility. Having completed the initial design phase, as well as a theoretical evaluation, we now intend to promote PMMP. Practitioners are encouraged to join the effort in order to enable a comprehensive practical evaluation and further development.

Nils Von Nethen, Alexander Wiesmaier, Nouri Alnahawi, Johanna Henrich

Ways for confidential and authenticated hop-by-hop key establishment in QKDN

Abstract

Asymmetric cryptography, specifically key exchange and digital signatures, enables secure digital communication. However, sufficiently powerful Quantum Computers, which could be available within a few years , would be able to break classical primitives like Elliptic-Curve Diffie–Hellman (ECDH) and RSA in polynomial time. Moreover, the „harvest-then-decrypt“-attack poses the danger that stored encrypted data can be decrypted later. Thus, alternative approaches are urgently needed. Besides Post Quantum Cryptography (PQC), which is based on mathematical problems, Quantum Key Distribution (QKD) uses quantum effects, to establish keys in an information-theoretically secure way. Nevertheless, there are no reliable QKD modules that bridge distances of more than 150 km. Therefore, a QKD Network (QKDN) uses a concatenation of QKD links. End users are connected to each other via a series of QKD nodes performing a hop-by-hop key forwarding. All nodes involved have access to the final shared secret. If a node cannot be trusted the security of the system is no longer guaranteed. Physical protection or key hybridization can mitigate this risk, where hybridization refers to the combination of QKD and PQC. By using both schemes appropriately, the security objectives are met as long as at least one of the schemes used has not been compromised. Nonetheless, there is a lack of concrete concepts and analyzes to enable a secure and efficient key forwarding process. In the following, ’secure’ implies the security objectives of confidentiality and authenticity. ’Efficient’ refers to the time taken to complete the process, the amount of data transferred and the amount of computing required. The analyses available often only consider specific sub-processes, e.g., forwarding between two directly adjacent nodes. The integration into the entire system and its resulting effects are disregarded. A systematic comparison of different options is missing. When implementing a QKDN, it is unclear which variant is suitable for one’s own intentions. This PhD project aims to address the problem by defining the key establishment process, analyzing security requirements, designing and implementing corresponding schemes, and evaluating these approaches.

Johanna Henrich

On Criteria and Tooling for Cryptographic Inventories

Abstract

When cryptography becomes insecure, a migration to new schemes is required. Often the migration process is very complicated, but the time available is very limited. Only if the used cryptographic algorithms, protocols and configurations are known can a system be efficiently and fully adapted to changed security situations. This creates the need for a crypto-inventory that gathers this knowledge. Consequently, the question arises what criteria a crypto-inventory must fulfill to support this adaptation. It also highlights the need for tools to assist compilation. We therefore conducted a literature survey and extracted key requirements. Missing content was supplemented by expanding existing requirements or adding new ones. Furthermore, appropriate metrics were assigned to assess the fulfillment of the requirements for a certain crypto-inventory implementation. Regarding the tooling, we identified five major areas of interest — installed software, connected hardware, communication, stored data and source code scanning — and provide prototypes for semi-automatic creation of crypto-inventories for three of them. This provides organizations with a starting point to understand their cryptographic landscape as a prerequisite for crypto-agility and crypto-migration. However, theoretical design and prototypes have not yet been evaluated. This will be done as a follow-up to this work. All types of organizations are invited to participate.

Nicolai Schmitt, Johanna Henrich, Dominik Heinz, Nouri Alnahawi, Alexander Wiesmaier

Performance Impact of PQC KEMs on TLS 1.3 Under Varying Network Characteristics

Abstract

Widely used asymmetric primitives such as RSA or Elliptic Curve Diffie Hellman (ECDH), which enable authentication and key exchange, could be broken by Quantum Computers (QCs) in the coming years. Quantum-safe alternatives are urgently needed. However, a thorough investigation of these schemes is crucial to achieve sufficient levels of security, performance, and integrability in different application contexts. The integration into Transport Layer Security (TLS) plays an important role, as this security protocol is used in about 90% of today’s Internet connections and relies heavily on asymmetric cryptography. In this work, we evaluate different Post Quantum Cryptography (PQC) key establishment schemes in TLS 1.3 by extending the framework of Paquin et al.. We analyze the TLS handshake performance under variation of network parameters such as packet loss. This allows us to investigate the suitability of PQC KEMs in specific application contexts. We observe that Kyber and other structured lattice-based algorithms achieve very good overall performance and partially beat classical schemes. Other approaches such as FrodoKEM, HQC and BIKE show individual disadvantages. For these algorithms, there is a clear performance decrease when increasing the security level or using a hybrid implementation, e.g., a combination with ECDH. This is especially true for FrodoKEM, which, however, meets high security requirements in general. It becomes clear that performance is strongly influenced by the underlying network processes, which must be taken into account when selecting PQC algorithms.

Johanna Henrich, Andreas Heinemann, Alexander Wiesmaier, Nicolai Schmitt

Crypto-Agile Design and Testbed for QKD-Networks

Johanna Henrich, Andreas Heinemann, Martin Stiemerling, Fabian Seidl

Towards a maturity model for crypto-agility assessment

Crypto-agility promises agile replacement of cryptographic building blocks and therewith supports context-aware and long-term security. …

Julian Hohm, Andreas Heinemann, Alexander Wiesmaier

cryptolib: comparing and selecting cryptography libraries

Abstract

Selecting a library out of numerous candidates can be a laborious and resource-intensive task. We present the cryptolib index, a tool for decision-makers to choose the best fitting cryptography library for a given context. To define our index, 15 library attributes were synthesized from findings based on a literature review and interviews with decision-makers. These attributes were afterwards validated and weighted via an online survey. In order to create the index value for a given library, the individual attributes are assessed using given evaluation criteria associated with the respective attribute. As a proof of concept and to give a practical usage example, the derivation of the cryptolib values for the libraries BouncyCastle and Tink are shown in detail. Overall, by tailoring the weighting of the cryptolib attributes to their current use case, decision-makers are enabled to systematically select a cryptography library fitting best to their software project at hand in a guided, repeatable and reliable way.

Jan Wohlwender, , Andreas Heinemann, Alexander Wiesmaier

On the State of Crypto Agility

Abstract

Cryptographic primitives and protocols require constant modifications and adaptations in order to maintain the security of IT-systems. Many researchers argue that applying the notion of crypto-agility provides more feasible and practical updating of cryptographic systems, especially in the light of the expected transition to PQC. However, there is no unified definition for this notion, nor a common understanding of the requirements that can enable it. Moreover, it is not entirely clear what measures need to be taken in order to apply crypto-agility in practice, and which aspects and challenges exist towards this endeavor. We compare the various definitions of crypto-agility including its requirements and varying facets, and investigate the state of readiness of crypto-agility by surveying works dealing with general challenges and recommendations in this regard. We present the survey and discuss discovered challenges and solutions and utilize our findings to evaluate the state of readiness for crypto-agility.

Nouri Alnahawi, Nicolai Schmitt, Alexander Wiesmaier, Andreas Heinemann, Tobias Graßmeyer

It is not as simple as that: Playing out password security trainings in order to nudge password changes

Abstract

The COVID-19 pandemic forced a number of companies to place their staff into home office. In terms of security awareness measures, this means that content or training can only be played out remotely. Within this work, we report about a security awareness campaign focusing on password security that was carried out at a German mid-size company (2000 employees). We compare the effect of remotely played out training content on user behavior, i.e, on getting employees to change their password. The first content was directly embedded into an e-mail, the second was compiled on an intranet web page, and the third content was embedded into a video. Password changes were observed solely within the IT backend on the basis of events and timestamps generated by the company’s Active Directory service. For the campaign four representative samples (140 employees per sample) among the staff were selected and assigned to the different training contents. A fourth group served as a control group. During a period of 6 weeks, the content was played out two times. Unexpectedly, the measured password change rate observed was very low. Further, compared to the control group’s behavior, none of the different content formats played out led to significant more password changes. Clearly, the campaign failed according to its aim. Based on our observations, we provide several possible explanations for which there is some evidence from the literature.

Fabian Sterk, Andreas Heinemann