1 / 23

Future Issues in Computer Security

Future Issues in Computer Security. Information Assurance Fall 2005. Outline. New Cryptographic/Encoding Issues Quantum Computing Chaos Identity Online storage and computation Ubiquitous computing Virtual communities Spam. Quantum Computing: Theory. Does photon go to A or B?

kendis
Download Presentation

Future Issues in Computer Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Future Issues in Computer Security Information Assurance Fall 2005

  2. Outline • New Cryptographic/Encoding Issues • Quantum Computing • Chaos • Identity • Online storage and computation • Ubiquitous computing • Virtual communities • Spam

  3. Quantum Computing: Theory • Does photon go to A or B? • QP says it goes to both • In fig B, photon is always detected at A • Proof that photon takes both paths • Interferes with itself at 2nd splitter

  4. Quantum Computing: The Big Idea • Encode data in Qubits • Unlike regular deterministic bits, qubits use quantum effects to superimpose multiple states • N bits can represent the superposition of 2n states. • Generally use electron spin encode data • Build computer that uses qubits for storage • Computation can follow many paths at once since qubit register can encode many values at once • Like the difference between a deterministic finite state machine and a non-deterministic finite state machine • If you could build one of these, would cause much havoc for today’s cryptography • One-way functions may turn out not to be really one way • E.g., factoring products of large prints and finding discrete logarithms. • Tutorial at http://www.cs.caltech.edu/~westside/quantum-intro.html

  5. Quantum Factoring • Algorithm proposed by Peter Shor in 1994 • http://ieeexplore.ieee.org/iel2/2955/8384/00365700.pdf?tp=&arnumber=365700&isnumber=8384 • In 2001 IBM researchers created a 7 qubit implementation • Can factor 15 • http://cryptome.org/shor-nature.htm

  6. Details from a 7 bit Quantum Computer Logic Diagram for Factoring Program Pulse “program” for first three bits (marked as n)

  7. The Molecule Containing the Qubits

  8. Measurements of the First Three Qubits

  9. Why No Quantum Computer’s Yet • Decoherence • Tendency of quantum state to decay as it interacts with the environment • Error Correction • Caused by decoherence • Phase coherence: Use reference values to fix up errors • Spread values over multiple qbits • Hardware Architecture • Direct measurement causes collapse of superposition. Can only measure at the end • Nuclear Magnetic Resonance (NMR)

  10. Security of Quantum Computers • One of the first papers on attacks on and defenses for quantum computers recently published • http://arxiv.org/abs/quant-ph/0505126 • Once quantum computers become real, many basic assumptions change • Much fundamental work will need to be redone • Interesting to see if quantum computers are available to all or only to deep-pocketed elite

  11. Chaos Encryption • Chaos looks random, but it does have some pattern • Can use physical materials to create chaotic signal • Embed your data on that signal • Partner device will go into same chaotic state • Allows you to remove the chaotic carrier signal to retrieve your data

  12. Chaotic Encryption • Recently proved over 120 km of optical fiber • Nov 19 New Scientist article

  13. Chaotic Encryption Pros and Cons • Pros • Very fast • Hard for attacker to catcher high volume data to analyize • Cons • Chaos contains patterns. Can be used to break encryption • Generally agreed this is probably “good enough” for transport encryption, but perhaps not archival encryption

  14. Physical One-Way Functions • Use physical media to create large numbers of seemingly random identifiers • http://web.media.mit.edu/~brecht/papers/02.PapEA.powf.pdf • Create physical token made out of inhomegenous material • Take an image of portion of the 3D token to get a 2D speckle • Pick angles to measure to get 1D key

  15. Physical one-way functions

  16. Changes in Identity Technology • Identification in person • Relatively small, fixed community • Can rely on physical presence • Face recognition • Signature • Personal idiosyncrasies • No longer true in many situations with widespread travel • Not true for online identification

  17. Improvements in Identification • Next generation passports and ID cards will include far more information in smart cards and RFID’s • New Scientist articles Sept 13 and 17 • Biometrics can be more accurate way to verify identity in person • Need multiple biometric measure to reduce error • Need to re-measure person every decade or so • Difficult for uncooperative target

  18. Concerns about identification extensions • What if biometric information is sent across the wire to verify person not physically present? • Identity theft becomes more direct • Radio Frequency ID Systems (RFID) • Proposed use in smart passports (http://www.epic.org/privacy/rfid/) • Will respond when queried • Can be queried discretely at a distance

  19. Online identification • Original internet design assuming trustworthy users • Small university networks • Protocols reflected that assumption • SMTP, Telnet, RSH had only nominal authentication • Additional authentication has evolved • Encryption protocols and SSH • Multiple passwords • Use of personal information like mother’s maiden name • Some smart cards

  20. Online identification • Certification technology exists • Not taken off for individuals • Cost. Complexity. Multiple roots of trust • Different ways of proving identity to different services • Microsoft and yahoo have tried to introduce common identification tokens • MS Passport

  21. Controlling identification • Don’t always want to reveal full identification • Might be sufficient to reveal that you are a student of UIUC • May want to have multiple avatars • Pen names for authors • Fake personality for less savory purposes • Trust negotiation • Active area of research • Working on algorithms and frameworks for determining how to limit revealing personal information • But not practical until there are common or widespread identity schemes

  22. Why will anything change? • Ad hoc online identification schemes have worked well enough so far? Why will this change? • Need to control information that reaches you • Identification or roots of trust could control spam or more easily categorize your mail • More of your life moves online • Need for agents operating on your behalf • Concern for higher security if your financial data is accessible online • IPv6 brings requirement for end-to-end encryption • Automated ID systems would simplify key negotiations • May also control who you are wiling to talk to

  23. Key points • These are guesses at the future • Potential for technological advances to change our assumptions about everything • Many of the issues are not technological • Policy • Design • Societal Acceptance

More Related