• • Jayamine Alupotha

  • Sanduni Prasadi

  • Mohamed Fawsan

Header compression is desirable for network applications as it saves bandwidth and reduces latency. However, when data is compressed before being encrypted, the amount of compression leaks information about the amount of redundancy in the plaintext. In web requests, headers contain secret web cookies. Therefore, compression of headers before encryption will reveal the information about the secret web cookies. This side-channel has led to Compression Ratio Info-leak Made Easy (CRIME) attack on web traffic protected by the SSL/TLS protocols. In order to mitigate the CRIME attack, compression is completely disabled at the TLS/SSL layer, which in return increases the bandwidth consumption and latency. In a previous work (Financial Cryptography and Data Security 2015), two countermeasures are presented with formal security proofs, against compression side-channel attacks, namely (1)–separating secret cookies from user inputs and (2)–using a static compression dictionary. In this work we create a test environment to replicate the CRIME attack and verify the attack. Moreover, we implement a proven-secure countermeasure against the CRIME attack, in a real world client/server setup, following the aforementioned two countermeasures. Our implementation achieves better compression ratio (closer to the original TLS/SSL compression), and hence reduces the bandwidth usage and latency significantly (therefore cost-effective). To the best of our knowledge, this is the first proven-secure and cost-effective countermeasure implementation against the CRIME attack.

Publications:

• Alupotha, J.; Prasadi, S.; Fawzan, M.; Alawatugoda, J. and Ragel, R. Implementing a Proven-secure and Cost-effective Countermeasure against the Compression Ratio Info- leak Mass Exploitation (CRIME) Attack. In Proceedings of the 12th IEEE International Conference on Industrial and Information Systems (ICIIS 2017), IEEE Press, 2017. Funding: NRC 16-020

• • Seralahthan Vivekaananthan

  • Nishen Peiris

  • Chamith Shanaka

Security models for two-party authenticated key exchange (AKE) protocols have developed over time to capture the security of AKE protocols even when the adversary learns certain secret values by some means (leakage due to weak random number generators, malware attacks, man-in-the-middle attacks, insider attacks etc). LaMacchia, Lauter and Mityagin presented a strong security model for AKE protocols, namely the extended Canetti–Krawczyk (eCK) model  (ProvSec 2007), addressing wide range of real-world attack scenarios. They constructed a protocol, known as the NAXOS protocol. In order to satisfy the definition of eCK security, the NAXOS protocol uses a hash function to combine the longterm and the ephemeral secret keys, which is widely known as NAXOS-trick. However, for protocols based on the NAXO-Strick, the way of leakage modelled in the eCK security model leads to an unnatural assumption of leak-free computation of the hash of the long-term secret key and the ephemeral secret key; because the eCK model allows the attacker to reveal ephemeral key while the NAXOS-trick computation output remains safe. In a recent work of Alawatugoda, Stebila and Boyd (IMA Cryptography and Coding 2015), a NAXOS- trick-free eCK-secure AKE protocol is presented, namely the protocol P1. In this work we implement the protocol P1 to be used with the widely-used cryptographic library, the OpenSSL library. OpenSSL implementations are widely used with the real-world security protocol suites, such as Security Socket Layer (SSL) and Transport Layer Security (TLS). As per best of our knowledge, this implementation is the first OpenSSL implementation of an eCK-secure key exchange protocol. Thus, we open up the direction to use the recent advancements of cryptography for real-world Internet communication.

Publications:

• Alawatugoda, J.; Seralathan, V.; Peiris, N.; Wickramasinghe, C. and Chuah, C.W. Implementation of an eCK-secure Key Exchange Protocol for OpenSSL. In International Journal on Advanced Science, Engineering and Information Technology, Volume 8, Issue 5, pages 2205-2210, INSIGHT – Indonesian Society for Knowledge and Human Development, 2018. Funding: H082

• • Rosen Silva

  • Asela Rukmal

  • Nadith Malinda

Wireless Sensor Networks (WSN) are being widely used for sensing physical parameters in a broad geographical area. The person who needs WSN will only have a pictorial idea about how many sensor nodes are needed and what are they going to measure and how are they should be connected. The problem in the traditional method is that the person who needs the WSN should explain the pictorial view of the sensor network to a commercial vendor and buy it from them or they should design it from the scratch. What we proposed in our solution is that to create a platform so that the person who needs the WSN can directly draw the pictorial view on a canvas and then the platform will automatically generate all the required firmware

for the microcontrollers and wiring diagrams. The user is required only to follow few instructions to complete the real world implementation of the WSN. So basically this project is about developing a visual platform to design WSN. The WSN designing platform was built as a web application, so it can

manage a large number of supported sensors and microcontrollers, which means if one user adds the device driver for any a sensor or a microcontroller the rest of the world can directly use it from the platform without worrying about the hardware programming. Also if anyone needs a new sensor or microcontroller to be supported by this visual design platform, this will have interfaces to directly add new sensors and microcontrollers. Also, the designers will be able to switch the networking technology as per the requirement. This method is affordable to develop custom wireless sensor networks and increase the productivity, health, and economy accordingly.

• • Rangana De Silva

  • Iranga Navaratna

  • Malitha Kumarasiri

Power analysis attacks are a relatively new type of attack which measures and analyses the power consumption of electronic circuits to extract secret information. These attacks have become a huge threat to the security of embedded systems. Therefore, identifying ciphers which are vulnerable against these type of attacks and developing countermeasures is of paramount importance. Many studies have been done on this topic. However, most of them are on block ciphers. This paper presents an attack done on Trivium, which is a stream cipher. Correlation power analysis (CPA) is used in this attack to analyze the power consumption of the cryptosystem and figure out the secret key.

Publications:

• [In Press] de Silva, R.; Navarathna, I.; Kumarasiri, M.; Alawatugoda, J. and Chuah, C.W. On Power Analysis Attacks against Hardware Stream Ciphers. In International Journal of Information and Computer Security (IJICS), Volume xx, Issue xx, pp xxx-xxx, Inderscience, 2019. Funding: H082 and URG 2018/19/E