Related papers: Bytes to Schlep? Use a FEP: Hiding Protocol Metadata with Fully Encrypted Protocols

Bytes to Schlep? Use a FEP: Hiding Protocol Metadata with Fully Encrypted Protocols

URL: http://arxiv.org/abs/2405.13310v2
Date: Fri, 6 Sep 2024 09:03:28 GMT
Title: Bytes to Schlep? Use a FEP: Hiding Protocol Metadata with Fully Encrypted Protocols
Authors: Ellis Fenske, Aaron Johnson,
Abstract summary: Fully Encrypted Protocols (FEPs) produce messages that appear completely random. FEPs have relevance well beyond censorship circumvention, as protecting protocol metadata has security and privacy benefits. We provide novel security definitions that capture the metadata-protection goals of FEPs.
Score: 2.225268436173329
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: Fully Encrypted Protocols (FEPs) have arisen in practice as a technique to avoid network censorship. Such protocols are designed to produce messages that appear completely random. This design hides communications metadata, such as version and length fields, and makes it difficult to even determine what protocol is being used. Moreover, these protocols frequently support padding to hide the length of protocol fields and the contained message. These techniques have relevance well beyond censorship circumvention, as protecting protocol metadata has security and privacy benefits for all Internet communications. The security of FEP designs depends on cryptographic assumptions, but neither security definitions nor proofs exist for them. We provide novel security definitions that capture the metadata-protection goals of FEPs. Our definitions are given in both the datastream and datagram settings, which model the ubiquitous TCP and UDP interfaces available to protocol designers. We prove relations among these new notions and existing security definitions. We further present new FEP constructions and prove their security. Finally, we survey existing FEP candidates and characterize the extent to which they satisfy FEP security. We identify novel ways in which these protocols are identifiable, including their responses to the introduction of data errors and the sizes of their smallest protocol messages.

Related papers

Protocols to Code: Formal Verification of a Next-Generation Internet Router [9.971817718196997]
SCION routers run a cryptographic protocol for secure packet forwarding in an adversarial environment. We verify both the protocol's network-wide security properties and low-level properties of its implementation. This paper explains our approach, summarizes the main results, and distills lessons for the design and implementation of verifiable systems.
arXiv Detail & Related papers (2024-05-09T19:57:59Z)
DT-SIM: Property-Based Testing for MPC Security [2.0308771704846245]
Property-based testing is effective for detecting security bugs in secure protocols. We specifically target Secure Multi-Party Computation (MPC) We devise a test that can detect various flaws in a bit-level implementation of an MPC protocol.
arXiv Detail & Related papers (2024-03-08T02:02:24Z)
Coding-Based Hybrid Post-Quantum Cryptosystem for Non-Uniform Information [53.85237314348328]
We introduce for non-uniform messages a novel hybrid universal network coding cryptosystem (NU-HUNCC) We show that NU-HUNCC is information-theoretic individually secured against an eavesdropper with access to any subset of the links.
arXiv Detail & Related papers (2024-02-13T12:12:39Z)
A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z)
Ejafa_protocol: A custom INC secure protocol [0.0]
The protocol incorporates modern cryptographic primitives, including X25519 for key exchange and ChaCha20 for encryption. A key feature of the protocol is its adaptability to resource-constrained environments without compromising on security.
arXiv Detail & Related papers (2024-01-05T12:51:19Z)
Tamper-Evident Pairing [55.2480439325792]
Tamper-Evident Pairing (TEP) is an improvement of the Push-Button configuration (PBC) standard. TEP relies on the Tamper-Evident Announcement (TEA), which guarantees that an adversary can neither tamper a transmitted message without being detected, nor hide the fact that the message has been sent. This paper provides a comprehensive overview of the TEP protocol, including all information needed to understand how it works.
arXiv Detail & Related papers (2023-11-24T18:54:00Z)
SemProtector: A Unified Framework for Semantic Protection in Deep Learning-based Semantic Communication Systems [51.97204522852634]
We present a unified framework that aims to secure an online semantic communications system with three semantic protection modules. Specifically, these protection modules are able to encrypt semantics to be transmitted by an encryption method, mitigate privacy risks from wireless channels by a perturbation mechanism, and calibrate distorted semantics at the destination. Our framework enables an existing online SC system to dynamically assemble the above three pluggable modules to meet customized semantic protection requirements.
arXiv Detail & Related papers (2023-09-04T06:34:43Z)
Byzantine-Robust Federated Learning with Optimal Statistical Rates and Privacy Guarantees [123.0401978870009]
We propose Byzantine-robust federated learning protocols with nearly optimal statistical rates. We benchmark against competing protocols and show the empirical superiority of the proposed protocols. Our protocols with bucketing can be naturally combined with privacy-guaranteeing procedures to introduce security against a semi-honest server.
arXiv Detail & Related papers (2022-05-24T04:03:07Z)
Remote quantum-safe authentication of entities with physical unclonable functions [0.0]
We discuss the requirements that an entity authentication protocol has to offer in order to be useful for remote entity authentication in practice. We propose a protocol, which can operate over large distances, and offers security against both classical and quantum adversaries.
arXiv Detail & Related papers (2021-08-01T15:03:23Z)
Twin-field quantum digital signatures [4.503555294002338]
Digital signature is a key technique in information security, especially for identity authentications. Quantum digital signatures (QDSs) provide a considerably higher level of security, i.e., information-theoretic security.
arXiv Detail & Related papers (2020-03-25T08:04:59Z)
CryptoSPN: Privacy-preserving Sum-Product Network Inference [84.88362774693914]
We present a framework for privacy-preserving inference of sum-product networks (SPNs) CryptoSPN achieves highly efficient and accurate inference in the order of seconds for medium-sized SPNs.
arXiv Detail & Related papers (2020-02-03T14:49:18Z)

This list is automatically generated from the titles and abstracts of the papers in this site.