The Experts below are selected from a list of 978 Experts worldwide ranked by ideXlab platform
Hiroaki Kikuchi - One of the best experts on this subject based on the ideXlab platform.
-
Secure hierarchical Bitcoin wallet scheme against Privilege Escalation attacks
International Journal of Information Security, 2019Co-Authors: Chun-i Fan, Yi-fan Tseng, Hui-po Su, Ruei-hau Hsu, Hiroaki KikuchiAbstract:As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to manage the keys for spending or receiving funds. Instead of generating randomly pairs of keys, which may need higher space complexity for key management, hierarchical deterministic (HD) wallets derive all the keys from a single seed, which is sufficient to recover all the keys, to reduce the complexity of key management. In an HD wallet, it allows users to generate child public keys from the parent public keys without knowing any of the corresponding private keys. This feature allows a permitted auditor to derive all the public keys for auditing. However, this feature makes HD wallets suffered from so-called Privilege Escalation attacks, where the leakage of any child private key along with its parent public key will expose the other child private keys. To confront with this security flaw, we propose a novel HD wallet scheme that gives out a signature with trapdoor hash functions instead of directly giving private keys for signing. Since it conceals private keys from any child nodes, it can prevent from Privilege Escalation attacks. Nevertheless, the proposed scheme also provides unlinkability between two public keys to achieve anonymity of user identities and high scalability to the derivations of huge amount of keys. Thus, the proposed scheme achieves user anonymity, public key derivation, and high scalability.
-
secure hierarchical bitcoin wallet scheme against Privilege Escalation attacks
IEEE Conference Dependable and Secure Computing, 2018Co-Authors: Chun-i Fan, Yi-fan Tseng, Ruei-hau Hsu, Hiroaki KikuchiAbstract:As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to managing the keys for spending or receiving funds. Instead of generating pairs of keys randomly which are hard to be stored, hierarchical deterministic (HD) wallets derive all the keys from a single seed, thus storing that seed is sufficient to recover keys. In an HD wallet, it allows users to generate child public keys from parent public keys without knowledge of any private key. A suitable case for this feature is that an auditor is permitted to derive all the public keys for auditing, However, this impressive feature makes HD wallets suffered from so-called Privilege Escalation attacks that the leakage of any one of child private key along with its parent public key will cause the exposure of the other child private keys. To confront with this severe problem, we propose a novel HD wallet scheme that gives out a signature with trapdoor hash functions instead of directly giving anyone private keys for signing. Since it conceals private keys from any child nodes, it can prevent from Privilege Escalation attacks. Nevertheless, the proposed scheme also provides unlinkability between two public keys in order to achieve anonymity of user identity and high scalability to the derivations of keys. Thus, the proposed scheme achieves user anonymity, public key derivation and high scalability.
-
DSC - Secure Hierarchical Bitcoin Wallet Scheme Against Privilege Escalation Attacks
2018 IEEE Conference on Dependable and Secure Computing (DSC), 2018Co-Authors: Chun-i Fan, Yi-fan Tseng, Ruei-hau Hsu, Hiroaki KikuchiAbstract:As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to managing the keys for spending or receiving funds. Instead of generating pairs of keys randomly which are hard to be stored, hierarchical deterministic (HD) wallets derive all the keys from a single seed, thus storing that seed is sufficient to recover keys. In an HD wallet, it allows users to generate child public keys from parent public keys without knowledge of any private key. A suitable case for this feature is that an auditor is permitted to derive all the public keys for auditing, However, this impressive feature makes HD wallets suffered from so-called Privilege Escalation attacks that the leakage of any one of child private key along with its parent public key will cause the exposure of the other child private keys. To confront with this severe problem, we propose a novel HD wallet scheme that gives out a signature with trapdoor hash functions instead of directly giving anyone private keys for signing. Since it conceals private keys from any child nodes, it can prevent from Privilege Escalation attacks. Nevertheless, the proposed scheme also provides unlinkability between two public keys in order to achieve anonymity of user identity and high scalability to the derivations of keys. Thus, the proposed scheme achieves user anonymity, public key derivation and high scalability.
Ahmad-reza Sadeghi - One of the best experts on this subject based on the ideXlab platform.
-
Financial Cryptography - DroidAuditor: Forensic Analysis of Application-Layer Privilege Escalation Attacks on Android (Short Paper)
Financial Cryptography and Data Security, 2017Co-Authors: Stephan Heuser, Marco Negro, Praveen Kumar Pendyala, Ahmad-reza SadeghiAbstract:Smart mobile devices process and store a vast amount of security- and privacy-sensitive data. To protect this data from malicious applications mobile operating systems, such as Android, adopt fine-grained access control architectures. However, related work has shown that these access control architectures are susceptible to application-layer Privilege Escalation attacks. Both automated static and dynamic program analysis promise to proactively detect such attacks. Though while state-of-the-art static analysis frameworks cannot adequately address native and highly obfuscated code, dynamic analysis is vulnerable to malicious applications using logic bombs to avoid early detection.
-
droidauditor forensic analysis of application layer Privilege Escalation attacks on android short paper
Financial Cryptography, 2016Co-Authors: Stephan Heuser, Marco Negro, Praveen Kumar Pendyala, Ahmad-reza SadeghiAbstract:Smart mobile devices process and store a vast amount of security- and privacy-sensitive data. To protect this data from malicious applications mobile operating systems, such as Android, adopt fine-grained access control architectures. However, related work has shown that these access control architectures are susceptible to application-layer Privilege Escalation attacks. Both automated static and dynamic program analysis promise to proactively detect such attacks. Though while state-of-the-art static analysis frameworks cannot adequately address native and highly obfuscated code, dynamic analysis is vulnerable to malicious applications using logic bombs to avoid early detection.
-
towards taming Privilege Escalation attacks on android
Network and Distributed System Security Symposium, 2012Co-Authors: Sven Bugiel, Ahmad-reza Sadeghi, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, Bhargava ShastryAbstract:Android's security framework has been an appealing subject of research in the last few years. Android has been shown to be vulnerable to application-level Privilege Escalation attacks, such as confused deputy attacks, and more recently, attacks by colluding applications. While most of the proposed approaches aim at solving confused deputy attacks, there is still no solution that simultaneously addresses collusion attacks. In this paper, we investigate the problem of designing and implementing a practical security framework for Android to protect against confused deputy and collusion attacks. We realize that defeating collusion attacks calls for a rather system-centric solution as opposed to application-dependent policy enforcement. To support our design decisions, we conduct a heuristic analysis of Android's system behavior (with popular apps) to identify attack patterns, classify different adversary models, and point out the challenges to be tackled. Then we propose a solution for a system-centric and policy-driven runtime monitoring of communication channels between applications at multiple layers: 1) at the middleware we control IPCs between applications and indirect communication via Android system components. Moreover, inspired by the approach in QUIRE, we establish semantic links between IPCs and enable the reference monitor to verify the call-chain; 2) at the kernel level we realize mandatory access control on the file system (including Unix domain sockets) and local Internet sockets. To allow for runtime, dynamic low-level policy enforcement, we provide a callback channel between the kernel and the middleware. Finally, we evaluate the efficiency and effectiveness of our framework on known confused deputy and collusion attacks, and discuss future directions.
-
NDSS - Towards Taming Privilege-Escalation Attacks on Android
2012Co-Authors: Sven Bugiel, Ahmad-reza Sadeghi, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, Bhargava ShastryAbstract:Android's security framework has been an appealing subject of research in the last few years. Android has been shown to be vulnerable to application-level Privilege Escalation attacks, such as confused deputy attacks, and more recently, attacks by colluding applications. While most of the proposed approaches aim at solving confused deputy attacks, there is still no solution that simultaneously addresses collusion attacks. In this paper, we investigate the problem of designing and implementing a practical security framework for Android to protect against confused deputy and collusion attacks. We realize that defeating collusion attacks calls for a rather system-centric solution as opposed to application-dependent policy enforcement. To support our design decisions, we conduct a heuristic analysis of Android's system behavior (with popular apps) to identify attack patterns, classify different adversary models, and point out the challenges to be tackled. Then we propose a solution for a system-centric and policy-driven runtime monitoring of communication channels between applications at multiple layers: 1) at the middleware we control IPCs between applications and indirect communication via Android system components. Moreover, inspired by the approach in QUIRE, we establish semantic links between IPCs and enable the reference monitor to verify the call-chain; 2) at the kernel level we realize mandatory access control on the file system (including Unix domain sockets) and local Internet sockets. To allow for runtime, dynamic low-level policy enforcement, we provide a callback channel between the kernel and the middleware. Finally, we evaluate the efficiency and effectiveness of our framework on known confused deputy and collusion attacks, and discuss future directions.
-
poster the quest for security against Privilege Escalation attacks on android
Computer and Communications Security, 2011Co-Authors: Sven Bugiel, Ahmad-reza Sadeghi, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, Bhargava ShastryAbstract:In this paper we present the design and implementation of a security framework that extends the reference monitor of the Android middleware and deploys a mandatory access control on Linux kernel (based on Tomoyo [9]) aiming at detecting and preventing application-level Privilege Escalation attacks at runtime. In contrast to existing solutions, our framework is system-centric, efficient, detects attacks that involve communication channels controlled by both, Android middleware and the Linux kernel (particularly, Binder IPC, Internet sockets and file system). It can prevent known confused deputy attacks without false positives and is also flexible enough to prevent unknown confused deputy attacks and attacks by colluding applications (e.g., Soundcomber [11]) at the cost of a small rate of false positives.
Chun-i Fan - One of the best experts on this subject based on the ideXlab platform.
-
Secure hierarchical Bitcoin wallet scheme against Privilege Escalation attacks
International Journal of Information Security, 2019Co-Authors: Chun-i Fan, Yi-fan Tseng, Hui-po Su, Ruei-hau Hsu, Hiroaki KikuchiAbstract:As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to manage the keys for spending or receiving funds. Instead of generating randomly pairs of keys, which may need higher space complexity for key management, hierarchical deterministic (HD) wallets derive all the keys from a single seed, which is sufficient to recover all the keys, to reduce the complexity of key management. In an HD wallet, it allows users to generate child public keys from the parent public keys without knowing any of the corresponding private keys. This feature allows a permitted auditor to derive all the public keys for auditing. However, this feature makes HD wallets suffered from so-called Privilege Escalation attacks, where the leakage of any child private key along with its parent public key will expose the other child private keys. To confront with this security flaw, we propose a novel HD wallet scheme that gives out a signature with trapdoor hash functions instead of directly giving private keys for signing. Since it conceals private keys from any child nodes, it can prevent from Privilege Escalation attacks. Nevertheless, the proposed scheme also provides unlinkability between two public keys to achieve anonymity of user identities and high scalability to the derivations of huge amount of keys. Thus, the proposed scheme achieves user anonymity, public key derivation, and high scalability.
-
secure hierarchical bitcoin wallet scheme against Privilege Escalation attacks
IEEE Conference Dependable and Secure Computing, 2018Co-Authors: Chun-i Fan, Yi-fan Tseng, Ruei-hau Hsu, Hiroaki KikuchiAbstract:As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to managing the keys for spending or receiving funds. Instead of generating pairs of keys randomly which are hard to be stored, hierarchical deterministic (HD) wallets derive all the keys from a single seed, thus storing that seed is sufficient to recover keys. In an HD wallet, it allows users to generate child public keys from parent public keys without knowledge of any private key. A suitable case for this feature is that an auditor is permitted to derive all the public keys for auditing, However, this impressive feature makes HD wallets suffered from so-called Privilege Escalation attacks that the leakage of any one of child private key along with its parent public key will cause the exposure of the other child private keys. To confront with this severe problem, we propose a novel HD wallet scheme that gives out a signature with trapdoor hash functions instead of directly giving anyone private keys for signing. Since it conceals private keys from any child nodes, it can prevent from Privilege Escalation attacks. Nevertheless, the proposed scheme also provides unlinkability between two public keys in order to achieve anonymity of user identity and high scalability to the derivations of keys. Thus, the proposed scheme achieves user anonymity, public key derivation and high scalability.
-
DSC - Secure Hierarchical Bitcoin Wallet Scheme Against Privilege Escalation Attacks
2018 IEEE Conference on Dependable and Secure Computing (DSC), 2018Co-Authors: Chun-i Fan, Yi-fan Tseng, Ruei-hau Hsu, Hiroaki KikuchiAbstract:As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to managing the keys for spending or receiving funds. Instead of generating pairs of keys randomly which are hard to be stored, hierarchical deterministic (HD) wallets derive all the keys from a single seed, thus storing that seed is sufficient to recover keys. In an HD wallet, it allows users to generate child public keys from parent public keys without knowledge of any private key. A suitable case for this feature is that an auditor is permitted to derive all the public keys for auditing, However, this impressive feature makes HD wallets suffered from so-called Privilege Escalation attacks that the leakage of any one of child private key along with its parent public key will cause the exposure of the other child private keys. To confront with this severe problem, we propose a novel HD wallet scheme that gives out a signature with trapdoor hash functions instead of directly giving anyone private keys for signing. Since it conceals private keys from any child nodes, it can prevent from Privilege Escalation attacks. Nevertheless, the proposed scheme also provides unlinkability between two public keys in order to achieve anonymity of user identity and high scalability to the derivations of keys. Thus, the proposed scheme achieves user anonymity, public key derivation and high scalability.
Yi-fan Tseng - One of the best experts on this subject based on the ideXlab platform.
-
Secure hierarchical Bitcoin wallet scheme against Privilege Escalation attacks
International Journal of Information Security, 2019Co-Authors: Chun-i Fan, Yi-fan Tseng, Hui-po Su, Ruei-hau Hsu, Hiroaki KikuchiAbstract:As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to manage the keys for spending or receiving funds. Instead of generating randomly pairs of keys, which may need higher space complexity for key management, hierarchical deterministic (HD) wallets derive all the keys from a single seed, which is sufficient to recover all the keys, to reduce the complexity of key management. In an HD wallet, it allows users to generate child public keys from the parent public keys without knowing any of the corresponding private keys. This feature allows a permitted auditor to derive all the public keys for auditing. However, this feature makes HD wallets suffered from so-called Privilege Escalation attacks, where the leakage of any child private key along with its parent public key will expose the other child private keys. To confront with this security flaw, we propose a novel HD wallet scheme that gives out a signature with trapdoor hash functions instead of directly giving private keys for signing. Since it conceals private keys from any child nodes, it can prevent from Privilege Escalation attacks. Nevertheless, the proposed scheme also provides unlinkability between two public keys to achieve anonymity of user identities and high scalability to the derivations of huge amount of keys. Thus, the proposed scheme achieves user anonymity, public key derivation, and high scalability.
-
secure hierarchical bitcoin wallet scheme against Privilege Escalation attacks
IEEE Conference Dependable and Secure Computing, 2018Co-Authors: Chun-i Fan, Yi-fan Tseng, Ruei-hau Hsu, Hiroaki KikuchiAbstract:As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to managing the keys for spending or receiving funds. Instead of generating pairs of keys randomly which are hard to be stored, hierarchical deterministic (HD) wallets derive all the keys from a single seed, thus storing that seed is sufficient to recover keys. In an HD wallet, it allows users to generate child public keys from parent public keys without knowledge of any private key. A suitable case for this feature is that an auditor is permitted to derive all the public keys for auditing, However, this impressive feature makes HD wallets suffered from so-called Privilege Escalation attacks that the leakage of any one of child private key along with its parent public key will cause the exposure of the other child private keys. To confront with this severe problem, we propose a novel HD wallet scheme that gives out a signature with trapdoor hash functions instead of directly giving anyone private keys for signing. Since it conceals private keys from any child nodes, it can prevent from Privilege Escalation attacks. Nevertheless, the proposed scheme also provides unlinkability between two public keys in order to achieve anonymity of user identity and high scalability to the derivations of keys. Thus, the proposed scheme achieves user anonymity, public key derivation and high scalability.
-
DSC - Secure Hierarchical Bitcoin Wallet Scheme Against Privilege Escalation Attacks
2018 IEEE Conference on Dependable and Secure Computing (DSC), 2018Co-Authors: Chun-i Fan, Yi-fan Tseng, Ruei-hau Hsu, Hiroaki KikuchiAbstract:As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to managing the keys for spending or receiving funds. Instead of generating pairs of keys randomly which are hard to be stored, hierarchical deterministic (HD) wallets derive all the keys from a single seed, thus storing that seed is sufficient to recover keys. In an HD wallet, it allows users to generate child public keys from parent public keys without knowledge of any private key. A suitable case for this feature is that an auditor is permitted to derive all the public keys for auditing, However, this impressive feature makes HD wallets suffered from so-called Privilege Escalation attacks that the leakage of any one of child private key along with its parent public key will cause the exposure of the other child private keys. To confront with this severe problem, we propose a novel HD wallet scheme that gives out a signature with trapdoor hash functions instead of directly giving anyone private keys for signing. Since it conceals private keys from any child nodes, it can prevent from Privilege Escalation attacks. Nevertheless, the proposed scheme also provides unlinkability between two public keys in order to achieve anonymity of user identity and high scalability to the derivations of keys. Thus, the proposed scheme achieves user anonymity, public key derivation and high scalability.
Ruei-hau Hsu - One of the best experts on this subject based on the ideXlab platform.
-
Secure hierarchical Bitcoin wallet scheme against Privilege Escalation attacks
International Journal of Information Security, 2019Co-Authors: Chun-i Fan, Yi-fan Tseng, Hui-po Su, Ruei-hau Hsu, Hiroaki KikuchiAbstract:As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to manage the keys for spending or receiving funds. Instead of generating randomly pairs of keys, which may need higher space complexity for key management, hierarchical deterministic (HD) wallets derive all the keys from a single seed, which is sufficient to recover all the keys, to reduce the complexity of key management. In an HD wallet, it allows users to generate child public keys from the parent public keys without knowing any of the corresponding private keys. This feature allows a permitted auditor to derive all the public keys for auditing. However, this feature makes HD wallets suffered from so-called Privilege Escalation attacks, where the leakage of any child private key along with its parent public key will expose the other child private keys. To confront with this security flaw, we propose a novel HD wallet scheme that gives out a signature with trapdoor hash functions instead of directly giving private keys for signing. Since it conceals private keys from any child nodes, it can prevent from Privilege Escalation attacks. Nevertheless, the proposed scheme also provides unlinkability between two public keys to achieve anonymity of user identities and high scalability to the derivations of huge amount of keys. Thus, the proposed scheme achieves user anonymity, public key derivation, and high scalability.
-
secure hierarchical bitcoin wallet scheme against Privilege Escalation attacks
IEEE Conference Dependable and Secure Computing, 2018Co-Authors: Chun-i Fan, Yi-fan Tseng, Ruei-hau Hsu, Hiroaki KikuchiAbstract:As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to managing the keys for spending or receiving funds. Instead of generating pairs of keys randomly which are hard to be stored, hierarchical deterministic (HD) wallets derive all the keys from a single seed, thus storing that seed is sufficient to recover keys. In an HD wallet, it allows users to generate child public keys from parent public keys without knowledge of any private key. A suitable case for this feature is that an auditor is permitted to derive all the public keys for auditing, However, this impressive feature makes HD wallets suffered from so-called Privilege Escalation attacks that the leakage of any one of child private key along with its parent public key will cause the exposure of the other child private keys. To confront with this severe problem, we propose a novel HD wallet scheme that gives out a signature with trapdoor hash functions instead of directly giving anyone private keys for signing. Since it conceals private keys from any child nodes, it can prevent from Privilege Escalation attacks. Nevertheless, the proposed scheme also provides unlinkability between two public keys in order to achieve anonymity of user identity and high scalability to the derivations of keys. Thus, the proposed scheme achieves user anonymity, public key derivation and high scalability.
-
DSC - Secure Hierarchical Bitcoin Wallet Scheme Against Privilege Escalation Attacks
2018 IEEE Conference on Dependable and Secure Computing (DSC), 2018Co-Authors: Chun-i Fan, Yi-fan Tseng, Ruei-hau Hsu, Hiroaki KikuchiAbstract:As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to managing the keys for spending or receiving funds. Instead of generating pairs of keys randomly which are hard to be stored, hierarchical deterministic (HD) wallets derive all the keys from a single seed, thus storing that seed is sufficient to recover keys. In an HD wallet, it allows users to generate child public keys from parent public keys without knowledge of any private key. A suitable case for this feature is that an auditor is permitted to derive all the public keys for auditing, However, this impressive feature makes HD wallets suffered from so-called Privilege Escalation attacks that the leakage of any one of child private key along with its parent public key will cause the exposure of the other child private keys. To confront with this severe problem, we propose a novel HD wallet scheme that gives out a signature with trapdoor hash functions instead of directly giving anyone private keys for signing. Since it conceals private keys from any child nodes, it can prevent from Privilege Escalation attacks. Nevertheless, the proposed scheme also provides unlinkability between two public keys in order to achieve anonymity of user identity and high scalability to the derivations of keys. Thus, the proposed scheme achieves user anonymity, public key derivation and high scalability.
