230 likes | 380 Views
Dynamic Locations: Secure Mobile Services Discovery and Dynamic Group Membership. Ryan Lackey <ryan@metacolo.com> www.metacolo.com. Who?. Interest in “cypherpunk” technologies from 1992 to present, particularly anonymized communications, agents, and electronic cash
E N D
Dynamic Locations:Secure Mobile Services Discovery and Dynamic Group Membership Ryan Lackey <ryan@metacolo.com> www.metacolo.com Ryan Lackey http://www.metacolo.com/
Who? • Interest in “cypherpunk” technologies from 1992 to present, particularly anonymized communications, agents, and electronic cash • Ultimate goal: anonymous secure infrastructure from end to end: clients, servers, networks, pro • Founded HavenCo/ran 2000-2002 • metacolo: offshore colo in 9 markets, related projects, including secure mobile systems Ryan Lackey http://www.metacolo.com/
Introduction • Lots of work has been done to network fixed equipment, and to secure fixed network connections, but most mobile apps are just slightly modified versions of fixed applications • Most mobile networked systems have simplified security models; some link security but little application specific security end to end • Fundamentally new kinds of applications are possible with secure mobile systems Ryan Lackey http://www.metacolo.com/
Fundamental Constraints • Power and bandwidth limited • Many nodes in continual motion and appear/disappear rapidly • Much infrastructure is closed and long cycles to upgrade and deploy • UI complicated by devices and use cases (user attention not dedicated) Ryan Lackey http://www.metacolo.com/
Platform • HP/Compaq iPaq running Linux • Laptops running Linux and FreeBSD • 802.11b and 1xRTT IP-based communications • Open systems for easy development, python for rapid development Ryan Lackey http://www.metacolo.com/
Applications of Interest • “Matchmaking” – letting parties meet with similar interests meet up • Secure messaging (communications and message-based low-overhead protocols, including payment systems) • Secure streams (VoIP, VPN) Ryan Lackey http://www.metacolo.com/
“Matchmaking” • Demo app is letting people define a set of interests, then announce to the world, without risk of being “interrogated” by third parties • Useful for service discovery too – announce that you’re running certain services to others in the set, but not to the public (RIAA, MPAA, Government, etc) • Attestations, with optional protection from traffic analysis as well Ryan Lackey http://www.metacolo.com/
Secure short messages • Text messaging • Much easier technically than streams • Store/forward possibility • Also useful for many protocols, either in two way or polled mode Ryan Lackey http://www.metacolo.com/
Streams • Voice over IP is key market – encrypted cellphone using low-bandwidth channel (1xRTT or HSCSD GSM) and anonymization of calls Ryan Lackey http://www.metacolo.com/
Interaction models • True peer to peer • “Security proxy” or user selected/operated operational server • Centralized client-server operated by application developers • Centralized client-server operated by communications providers Ryan Lackey http://www.metacolo.com/
Existing p2p systems • Generally designed for high bandwidth media sharing with minimal anonymity layered over existing IP networks • Not really designed for interactive communication Ryan Lackey http://www.metacolo.com/
Existing mobile client-server systems • Designed with link encryption to the wireless hub, or to the server • Closed development environment controlled by mobile companies • Hard for users and application developers to really trust the security model Ryan Lackey http://www.metacolo.com/
Early mobile p2p systems • “lovegety” – a system to use RF to share information about membership in certain groups • Subject to “trawling”, direction finding attacks, and “corraling” small numbers of users to identify Ryan Lackey http://www.metacolo.com/
Security Implications • Confidentiality, Integrity, Authentication solvable through traditional systems • Traffic analysis is the hard problem • Complete undetectability of special traffic • Of course, reliability, availability, etc. are still major concerns, and special mobile constraints Ryan Lackey http://www.metacolo.com/
Policy Implications • Centralized systems vulnerable to technical or legal attack • Who to trust – communications provider, applications provider? • Trust is essential to enabling certain applications Ryan Lackey http://www.metacolo.com/
Central Mediation • Servers trusted by some party to take all communications and retransmit • Defeats firewalls/proxies/NAT as well as provides protection from traffic analysis • Persistence; can buffer communications for users with intermittent connectivity Ryan Lackey http://www.metacolo.com/
True Peer to Peer Cryptographic Systems • Computationally intensive on client • Bandwidth intensive; may only be able to send single bits! • Generally can put user into a “collusion set” but unless set is large, elimination can identify user Ryan Lackey http://www.metacolo.com/
Covert channels for mobile use • Masking using pre-recorded traffic • Sniffing and simulating • MITM • “Design for MITM” – Dining Cryptographer’s Networks, etc. Ryan Lackey http://www.metacolo.com/
Dining Cryptographer’s Network Due to David Chaum, described at http://cypherpunks.venona.com/date/1992/12/msg00107.html Multiple parties can communicate without revealing to one another which is initiating the communications Ryan Lackey http://www.metacolo.com/
Anonymizing remailers as model • Store and forward messaging with latency added • Complicated due to node unreliability • Send out multiple messages; tradeoff of bandwidth waste vs. latency vs. reliability Ryan Lackey http://www.metacolo.com/
Current solution • Communications with a trusted server using fixed-rate messaging (tuned for bandwidth) • Inter-server communications, allowing users to select “security proxy servers” to act on their behalf, optionally running servers themselves Ryan Lackey http://www.metacolo.com/
Conclusions • Mobile-specific (more properly, dynamic) security is a very hard problem • Key is finding applications which fit currently available technology – message based, with secure service discovery Ryan Lackey http://www.metacolo.com/
Future work • Develop an application developer’s toolkit with service discovery on top of secure message-passing and streams systems • “Killer apps” of VoIP and mobile payment – good stream based systems Ryan Lackey http://www.metacolo.com/