Welcome to the DEFCON 201 guide to Ultimate Hacker Summer Camp! This is part of a series where we are going to cover all the vairous hacker conventions and shenanigans in August. As more blog posts are uploaded, you will be able to jump through the guide via these links:
USENIX 29TH SECURITY SYMPOSIUM
Date: Tuesday, August 12sth (12:30 PM EST) —Thursday, August 14th (8:00 PM EST)
Platform(s): Unknown Custom Platform
Accesability: USENIX Security ’20 Technical Sessions will cost $125 and the adjacent SOUPS 2020 and/or Co-located Event(s) Only will cost $60. Registration for USENIX Security ’20 includes admission to the co-located events. If you would like to register for only the co-located events, you may select the “SOUPS 2020 and/or Co-located Event(s) Only” option. Talks after their formal presenation inlcuding white paper, slides and video are archived and are posted online for FREE.
Tickets (Human Plus): https://www.usenix.org/conference/222520/registration/form
Code Of Conduct: https://www.usenix.org/conferences/coc
The USENIX Association is a 501(c)(3) nonprofit organization, dedicated to supporting the advanced computing systems communities and furthering the reach of innovative research. It was founded in 1975 under the name “Unix Users Group,” focusing primarily on the study and development of Unix and similar systems. It has since grown into a respected organization among practitioners, developers, and researchers of computer operating systems more generally. Since its founding, it has published a technical journal entitled ;login:.
- Foster technical excellence and innovation
- Support and disseminate research with a practical bias
- Provide a neutral forum for discussion of technical issues
- Encourage computing outreach into the community at large
With safety in mind, the upcoming 29th USENIX Security Symposium will take place as a virtual event. It will be held on August 12–14, 2020.
USENIX Security brings together researchers, practitioners, system administrators, system programmers, and others to share and explore the latest advances in the security and privacy of computer systems and networks.
A decently priced option for the technically minded, sponsored by the EFF and organized by a long standing oraganization, we at DEFCON 201 feel that this is the midground between a Black Hat USA and a traditional DEF CON. Formal but not suit and tie, costly but not overpriced, this is a great balance with some major topics covered in detail that you will not find anywhere else.
USENIX Conference Policies
Refunds and Cancellations
They are unable to offer refunds, cancellations, or substitutions for any registrations for this event. Please contact the Conference Department at email@example.com with any questions.
For general information, call USENIX at +1 510.528.8649 or send direct queries via email:
SOUPS 2020: Sixteenth Symposium on Usable Privacy and Security (August 7–11)
CSET ’20: 13th USENIX Workshop on Cyber Security Experimentation and Test (August 10)
ScAINet ’20: 2020 USENIX Security and AI Networking Conference (August 10)
WOOT ’20: 14th USENIX Workshop on Offensive Technologies (August 11)
FOCI ’20: 10th USENIX Workshop on Free and Open Communications on the Internet (August 11)
Hack@Sec2020 :: Hard-CTF
DETAILS LINK: https://hackat.events/sec20/
What is Hack@Sec?
Participating teams in this competition try to mimic the practices of a security assurance team that is responsible for the security assurance of the hardware and firmware of the system under test. Their objective is to identify the security vulnerabilities (both microarchitectural/side-channel flaws as well as security bugs), assess their security impact, propose a mitigation, and report them. They are free to use any tools and techniques of their choosing. Participating teams will be affiliated with one of two categories: either student-only or mixed. Student-only teams comprise only of students affiliated with academic and research institutions, while mixed teams can comprise of members affiliated with industry only or both industry and academia.
The competition has two phases:
Phase I: This is a warm-up phase where participating teams are given a “buggy” SoC design which they need to analyze to identify as many security vulnerabilities as possible. We will provide specification details and the desired security properties and threat model. Freedom to choose tools and techniques is intended to minimize the barrier of entry for teams. Finalists will be selected from both team categories to participate in Phase II.
Phase II: This is a live capture-the-flag competition co-located with USENIX Security 2020 where all registered participants from Phase I as well as any other teams that choose to register anytime until Phase II can participate in. The same SoC design but with a new set of bugs are provided to the competing teams and they will need to apply their techniques (and any tools developed) to detect as many vulnerabilities, but in a limited time-frame (~48 hours). Bug submissions from the teams will be evaluated live and winners from both categories will be selected.
Participating in Phase I is not mandatory to participate in Phase II, but recommended. This gives teams a warm-up opportunity to figure their way around the SoC before the time-limited Phase II. Nevertheless, all teams are very welcome to register for Phase II any time up until the date of the competition (August 10, 2020)!
Who can participate?
Each team must meet all of the below eligibility requirements:
- A team member can be a student or a working professional.
- Provide ‘single’ e-mail address for your team.
- A team can consist of up-to 4 members (excluding the adviser).
- A team member cannot be associated with multiple teams.
- Individuals associated with Texas A&M University and TU Darmstadt are not allowed to participate in the competition to avoid conflict of interest.
- Individuals affiliated with multiple organizations can participate in one single team.
- No entry fee is required to participate in the competition.
- The organizers reserve the right to disqualify entries at their discretion.
DEFCON 201 TALK HILIGHTS FOR USENIX
This is the section where we have comb through the entire list of talks on both days and list our hilights for the talks that stand out to us. Note that this does not invalidate any talks we didn’t list, in fact, we highly recommend you take a look at the full convention scheduel beforehand and make up your own talk hilight lists. These are just the talks that for us had something stand out, either by being informative, unique or bizzare. (Sometimes, all three!)
Call Me Maybe: Eavesdropping Encrypted LTE Calls With ReVoLTE
David Rupprecht, Katharina Kohls, and Thorsten Holz, Ruhr University Bochum; Christina Pöpper, NYU Abu Dhabi
This paper is under embargo and will be released to the public on the first day of the symposium, August 12, 2020.
What Twitter Knows: Characterizing Ad Targeting Practices, User Perceptions, and Ad Explanations Through Users’ Own Twitter Data
Miranda Wei, University of Washington / University of Chicago; Madison Stamos and Sophie Veys, University of Chicago; Nathan Reitinger and Justin Goodman, University of Maryland; Margot Herman, University of Chicago; Dorota Filipczuk, University of Southampton; Ben Weinshel, University of Chicago; Michelle L. Mazurek, University of Maryland; Blase Ur, University of Chicago
Although targeted advertising has drawn significant attention from privacy researchers, many critical empirical questions remain. In particular, only a few of the dozens of targeting mechanisms used by major advertising platforms are well understood, and studies examining users’ perceptions of ad targeting often rely on hypothetical situations. Further, it is unclear how well existing transparency mechanisms, from data-access rights to ad explanations, actually serve the users they are intended for. To develop a deeper understanding of the current targeting advertising ecosystem, this paper engages 231 participants’ own Twitter data, containing ads they were shown and the associated targeting criteria, for measurement and user study. We find many targeting mechanisms ignored by prior work — including advertiser-uploaded lists of specific users, lookalike audiences, and retargeting campaigns — are widely used on Twitter. Crucially, participants found these understudied practices among the most privacy invasive. Participants also found ad explanations designed for this study more useful, more comprehensible, and overall more preferable than Twitter’s current ad explanations. Our findings underscore the benefits of data access, characterize unstudied facets of targeted advertising, and identify potential directions for improving transparency in targeted advertising.
Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code
Fraser Brown, Stanford University; Deian Stefan, UC San Diego; Dawson Engler, Stanford University
Towards HTTPS Everywhere on Android: We Are Not There Yet
Andrea Possemato, EURECOM / IDEMIA; Yanick Fratantonio, EURECOM
Nowadays, virtually all mobile apps rely on communicating with a network backend. Given the sensitive nature of the data exchanged between apps and their backends, securing these network communications is of growing importance. In recent years, Google has developed a number of security mechanisms for Android apps, ranging from multiple KeyStores to the recent introduction of the new Network Security Policy, an XML-based configuration file that allows apps to define their network security posture. In this paper, we perform the first comprehensive study on these new network defense mechanisms. In particular, we present them in detail, we discuss the attacks they are defending from, and the relevant threat models. We then discuss the first large-scale analysis on this aspect. During June and July 2019, we crawled 125,419 applications and we found how only 16,332 apps adopt this new security feature. We then focus on these apps, and we uncover how developers adopt weak and potentially vulnerable network security configurations. We note that, in November 2019, Google then made the default policy stricter, which would help the adoption. We thus opted to re-crawl the same dataset (from April to June 2020) and we repeated the experiments: while more apps do adopt this new security mechanism, a significant portion of them still do not take fully advantage of it (e.g., by allowing usage of insecure protocols). We then set out to explore the root cause of these weaknesses (i.e., the why). Our analysis showed that app developers often copy-paste vulnerable policies from popular developer websites (e.g., StackOverflow). We also found that several popular ad libraries require apps to weaken their security policy, the key problem lying in the vast complexity of the ad ecosystem. As a last contribution, we propose a new extension of the Network Security Policy, so to allow app developers to embed problematic ad libraries without the need to weaken the security of their entire app.
Who’s Calling? Characterizing Robocalls through Audio and Metadata Analysis
Sathvik Prasad, Elijah Bouma-Sims, Athishay Kiran Mylappan, and Bradley Reaves, North Carolina State University
Unsolicited calls are one of the most prominent security issues facing individuals today. Despite wide-spread anecdotal discussion of the problem, many important questions remain unanswered. In this paper, we present the first large-scale, longitudinal analysis of unsolicited calls to a honeypot of up to 66,606 lines over 11 months. From call metadata we characterize the long-term trends of unsolicited calls, develop the first techniques to measure voicemail spam, wangiri attacks, and identify unexplained high-volume call incidences. Additionally, we mechanically answer a subset of the call attempts we receive to cluster related calls into operational campaigns, allowing us to characterize how these campaigns use telephone numbers. Critically, we find no evidence that answering unsolicited calls increases the amount of unsolicited calls received, overturning popular wisdom. We also find that we can reliably isolate individual call campaigns, in the process revealing the extent of two distinct Social Security scams while empirically demonstrating the majority of campaigns rarely reuse phone numbers. These analyses comprise powerful new tools and perspectives for researchers, investigators, and a beleaguered public.
CopyCat: Controlled Instruction-Level Attacks on Enclaves
Daniel Moghimi, Worcester Polytechnic Institute; Jo Van Bulck, KU Leuven; Nadia Heninger, University of California, San Diego, CA, USA; Frank Piessens, KU Leuven; Berk Sunar, Worcester Polytechnic Institute
The adversarial model presented by trusted execution environments (TEEs) has prompted researchers to investigate unusual attack vectors. One particularly powerful class of controlled-channel attacks abuses page-table modifications to reliably track enclave memory accesses at a page-level granularity. In contrast to noisy microarchitectural timing leakage, this line of deterministic controlled-channel attacks abuses indispensable architectural interfaces and hence cannot be mitigated by tweaking microarchitectural resources.
We propose an innovative controlled-channel attack, named CopyCat, that deterministically counts the number of instructions executed within a single enclave code page. We show that combining the instruction counts harvested by CopyCat with traditional, coarse-grained page-level leakage allows the accurate reconstruction of enclave control flow at a maximal instruction-level granularity. CopyCat can identify intra-page and intra-cache line branch decisions that ultimately may only differ in a single instruction, underscoring that even extremely subtle control flow deviations can be deterministically leaked from secure enclaves. We demonstrate the improved resolution and practicality of CopyCat on Intel SGX in an extensive study of single-trace and deterministic attacks against cryptographic implementations, and give novel algorithmic attacks to perform single-trace key extraction that exploit subtle vulnerabilities in the latest versions of widely-used cryptographic libraries. Our findings highlight the importance of stricter verification of cryptographic implementations, especially in the context of TEEs.
Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices
Xiaofeng Zheng, Tsinghua University; Qi An Xin Technology Research Institute; Chaoyi Lu and Jian Peng, Tsinghua University; Qiushi Yang, Qi An Xin Technology Research Institute; Dongjie Zhou, State Key Laboratory of Mathematical Engineering and Advanced Computing; Baojun Liu, Tsinghua University; Keyu Man, University of California, Riverside; Shuang Hao, University of Texas at Dallas; Haixin Duan, Tsinghua University; Qi An Xin Technology Research Institute; Zhiyun Qian, University of California, Riverside
In today’s DNS infrastructure, DNS forwarders are devices standing in between DNS clients and recursive resolvers. The devices often serve as ingress servers for DNS clients, and instead of resolving queries, they pass the DNS requests to other servers. Because of the advantages and several use cases, DNS forwarders are widely deployed and queried by Internet users. However, studies have shown that DNS forwarders can be more vulnerable devices in the DNS infrastructure.
In this paper, we present a cache poisoning attack targeting DNS forwarders. Through this attack, attackers can inject rogue records of arbitrary victim domain names using a controlled domain, and circumvent widely-deployed cache poisoning defences. By performing tests on popular home router models and DNS software, we find several vulnerable implementations, including those of large vendors (e.g., D-Link, Linksys, dnsmasq and MS DNS). Further, through a nationwide measurement, we estimate the population of Chinese mobile clients which are using vulnerable DNS forwarders. We have been reporting the issue to the affected vendors, and so far have received positive feedback from three of them. Our work further demonstrates that DNS forwarders can be a soft spot in the DNS infrastructure, and calls for attention as well as implementation guidelines from the community.
Zero-delay Lightweight Defenses against Website Fingerprinting
Jiajun Gong and Tao Wang, Hong Kong University of Science and Technology
Website Fingerprinting (WF) attacks threaten user privacy on anonymity networks because they can be used by network surveillants to identify the webpage being visited by extracting features from network traffic. A number of defenses have been put forward to mitigate the threat of WF, but they are flawed: some have been defeated by stronger WF attacks, some are too expensive in overhead, while others are impractical to deploy.
In this work, we propose two novel zero-delay lightweight defenses, FRONT and GLUE. We find that WF attacks rely on the feature-rich trace front, so FRONT focuses on obfuscating the trace front with dummy packets. It also randomizes the number and distribution of dummy packets for trace-to-trace randomness to impede the attacker’s learning process. GLUE adds dummy packets between separate traces so that they appear to the attacker as a long consecutive trace, rendering the attacker unable to find their start or end points, let alone classify them. Our experiments show that with 33% data overhead, FRONT outperforms the best known lightweight defense, WTF-PAD, which has a similar data overhead. With around 22%–44% data overhead, GLUE can lower the accuracy and precision of the best WF attacks to a degree comparable with the best heavyweight defenses. Both defenses have no latency overhead.
The 2020 Election: Remote Voting, Disinformation, and Audit
Moderator: Avi Rubin, Johns Hopkins University
Panelists: Alex Halderman, University of Michigan; Ben Adida, VotingWorks; Vanessa Teague, Thinking Cybersecurity
By all accounts, the 2020 election will be historic. Perhaps the most emotionally charged election in the history of the United States is happening in the midst of a global pandemic. Never before has disinformation about the process of voting come directly out of the White House. The results of the election are likely to be challenged, and the legitimacy of the results brought into question. Never has there been more pressure to safeguard the public perception of fairness and integrity, while at the same time COVID19 will stretch the ability of election officials to run a smooth election. Vote by mail will be widely adopted, and there will be pressure to move to remote electronic voting. This panel will address the questions of how to protect the legitimacy of the process. The panelists will share their experiences working with election officials, and we will discuss technologies such as end-to-end voting and risk-limiting audits.
Dr. Aviel (Avi) D. Rubin is Professor of Computer Science and Technical Director of the Information Security Institute at Johns Hopkins University. Rubin has focused most of his professional career on the security of electronic voting. He was Director of the NSF Accurate Center for Secure Elections and served in 6 elections as a Maryland Elections Judge. He testified about the security of voting machines before the U.S. House and Senate on multiple occasions, and he is the author of several books about computer security, including Brave New Ballot (Random House). Rubin is a frequent keynote speaker at industry and academic conferences, and he delivered widely viewed TED talks in 2011 and 2015. In January, 2004 Baltimore Magazine named Rubin a Baltimorean of the Year for his work in safeguarding the integrity of our election process, and he is also the recipient of the 2004 Electronic Frontiers Foundation Pioneer Award. Rubin has a B.S, (‘89), M.S.E (‘91), and Ph.D. (’94) from the University of Michigan.
J. Alex Halderman is Professor of Computer Science & Engineering at the University of Michigan and Director of Michigan’s Center for Computer Security and Society. His research spans computer and network security, applied cryptography, security measurement, censorship resistance, and election cybersecurity, as well as the interaction of technology with politics and international affairs. Prof. Halderman has performed numerous security evaluations of real-world voting systems, both in the U.S. and around the world. After the 2016 U.S. presidential election, he advised recount initiatives in Michigan, Wisconsin, and Pennsylvania in an effort to help detect and deter cyberattacks, and in 2017 he testified to the U.S. Senate Intelligence Committee Russia investigation about cybersecurity threats to election infrastructure. He co-chairs the State of Michigan’s Election Security Advisory Commission.
Ben Adida is the Executive Director of VotingWorks, the only non-profit election equipment vendor in the United States, with a mission is to rebuild citizen trust in US elections with secure and affordable voting equipment. Prior to VotingWorks, Ben led product engineering teams in security-centric fields: K-12 single sign-on at Clever, payments at Square, and identity at Mozilla. Ben was previously on the Faculty at Harvard Medical School, where he researched security and privacy of personal health data. Ben holds a PhD from MIT’s Cryptography and Information Security group, where his work focused on election security.
Vanessa Teague is the CEO of Thinking Cybersecurity and and Associate Prof (Adj.) in the Research School of Computer Science at the Australian National University. Her research focuses primarily on cryptographic methods for achieving security and privacy, particularly for issues of public interest such as election integrity and the protection of government data. She was part of the team (with Chris Culnane and Ben Rubinstein) who discovered the easy re-identification of doctors and patients in the Medicare/PBS open dataset released by the Australian Department of Health. She has co-designed numerous protocols for improved election integrity in e-voting systems, and co-discovered serious weakne sses in the cryptography of deployed e-voting systems in New South Wales, Western Australia and Switzerland.
Thursday, August 13
Stealthy Tracking of Autonomous Vehicles with Cache Side Channels
Mulong Luo, Andrew C. Myers, and G. Edward Suh, Cornell University
Autonomous vehicles are becoming increasingly popular, but their reliance on computer systems to sense and operate in the physical world introduces new security risks. In this paper, we show that the location privacy of an autonomous vehicle may be compromised by software side-channel attacks if localization software shares a hardware platform with an attack program. In particular, we demonstrate that a cache side-channel attack can be used to infer the route or the location of a vehicle that runs the adaptive Monte-Carlo localization (AMCL) algorithm. The main contributions of the paper are as follows. First, we show that adaptive behaviors of perception and control algorithms may introduce new side-channel vulnerabilities that reveal the physical properties of a vehicle or its environment. Second, we introduce statistical learning models that infer the AMCL algorithm’s state from cache access patterns and predict the route or the location of a vehicle from the trace of the AMCL state. Third, we implement and demonstrate the attack on a realistic software stack using real-world sensor data recorded on city roads. Our findings suggest that autonomous driving software needs strong timing-channel protection for location privacy.
Walking Onions: Scaling Anonymity Networks while Protecting Users
Chelsea H. Komlo, University of Waterloo; Nick Mathewson, The Tor Project; Ian Goldberg, University of Waterloo
Scaling anonymity networks offers unique security challenges, as attackers can exploit differing views of the network’s topology to perform epistemic and route capture attacks. Anonymity networks in practice, such as Tor, have opted for security over scalability by requiring participants to share a globally consistent view of all relays to prevent these kinds of attacks. Such an approach requires each user to maintain up-to-date information about every relay, causing the total amount of data each user must download every epoch to scale linearly with the number of relays. As the number of clients increases, more relays must be added to provide bandwidth, further exacerbating the total load on the network.
In this work, we present Walking Onions, a set of protocols improving scalability for anonymity networks. Walking Onions enables constant-size scaling of the information each user must download in every epoch, even as the number of relays in the network grows. Furthermore, we show how relaxing the clients’ bandwidth growth from constant to logarithmic can enable an outsized improvement to relays’ bandwidth costs. Notably, Walking Onions offers the same security properties as current designs that require a globally consistent network view. We present two protocol variants. The first requires minimal changes from current onion-routing systems. The second presents a more significant design change, thereby reducing the latency required to establish a path through the network while providing better forward secrecy than previous such constructions. We implement and evaluate Walking Onions in a simulated onion-routing anonymity network modelled after Tor, and validate that Walking Onions indeed offers significant scalability improvements for networks at or above the size of the current Tor network.
The Industrial Age of Hacking
Timothy Nosco, United States Army; Jared Ziegler, National Security Agency; Zechariah Clark and Davy Marrero, United States Navy; Todd Finkler, United States Air Force; Andrew Barbarello, United States Navy; W. Michael Petullo, United States Army
There is a cognitive bias in the hacker community to select a piece of software and invest significant human resources into finding bugs in that software without any prior indication of success. We label this strategy depth-first search and propose an alternative: breadth-first search. In breadth-first search, humans perform minimal work to enable automated analysis on a range of targets before committing additional time and effort to research any particular one.
We present a repeatable human study that leverages teams of varying skill while using automation to the greatest extent possible. Our goal is a process that is effective at finding bugs; has a clear plan for the growth, coaching,and efficient use of team members; and supports measurable, incremental progress. We derive an assembly-line process that improves on what was once intricate, manual work. Our work provides evidence that the breadth-first approach increases the effectiveness of teams.
Hall Spoofing: A Non-Invasive DoS Attack on Grid-Tied Solar Inverter
Anomadarshi Barua and Mohammad Abdullah Al Faruque, UC Irvine
Grid-tied solar inverters continue to proliferate rapidly to tackle the growing environmental challenges. Nowadays, different smart sensors and transducers are tightly integrated with the grid-tied inverter. This integration opens the “Pandora’s Box” of unknown threats that could come from very unconventional ways. This paper demonstrates a noninvasive attack that could come by spoofing the Hall sensor of an inverter in a stealthy way by using an external magnetic field. We demonstrate how an attacker can camouflage his/her attack tool and place it near a target inverter. In doing so, he/she can intentionally perturb grid voltage and frequency and can inject false real and reactive power to the grid. We also show the consequences of the attack on a scaled-down testbed of a power grid with a commercial 140 W grid-tied inverter from Texas Instruments. We are able to achieve a 31.52% change in output voltage, 3.16x (-6dB to -11dB) increase in low-frequency harmonics power, and 3.44x increase in real power. Moreover, we introduce a duty-cycle variation approach for a noninvasive adversarial control that can change the inverter voltage up to 34% and real power up to 38%. We discuss the feasibility of using a 100 kW inverter through discussion. This provides insights behind the generalization of the attack model. In addition, the commercial power system simulation tool Etap 19.0.1 is used to simulate the impact of the attack on a 2.3 MW power grid. To the best of our knowledge, this is the first methodology that highlights the possibility of such an attack that might lead to grid blackout in a weak grid.
V0LTpwn: Attacking x86 Processor Integrity from Software
Zijo Kenjar and Tommaso Frassetto, Technische Universität Darmstadt; David Gens and Michael Franz, University of California, Irvine; Ahmad-Reza Sadeghi, Technische Universität Darmstadt
Fault-injection attacks have been proven in the past to be a reliable way of bypassing hardware-based security measures, such as cryptographic hashes, privilege and access permission enforcement, and trusted execution environments. However, traditional fault-injection at-tacks require physical presence, and hence, were often considered out of scope in many real-world adversary settings.
In this paper we show this assumption may no longer be justified on x86. We present V0LTpwn, a novel hardware-oriented but software-controlled attack that affects the integrity of computation in virtually any execution mode on modern x86 processors. To the best of our knowledge, this represents the first attack on the integrity of the x86 platform from software. The key idea behind our attack is to undervolt a physical core to force non-recoverable hardware faults. Under a V0LTpwn attack, CPU instructions will continue to execute with erroneous results and without crashes, allowing for exploitation. In contrast to recently presented side-channel attacks that leverage vulnerable speculative execution, V0LTpwn is not limited to information disclosure, but allows adversaries to affect execution, and hence, effectively breaks the integrity goals of modern x86 platforms. In our detailed evaluation we successfully launch software-based attacks against Intel SGX enclaves from a privileged process to demonstrate that a V0LTpwn attack can successfully change the results of computations within enclave execution across multiple CPU revisions.
Digital Contact Tracing
Moderator: Srdjan Čapkun, ETH Zurich
Panelists: Carly Kind, Ada Lovelace Institute; Carmela Troncoso, EPFL; Ciro Cattuto, University of Torino & ISI; Moti Yung, Google; Stefano Tessaro, University of Washington
COVID-19 pandemic, caused by the severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2) resulted in many deaths and halted large parts of the world economy. Since this virus spreads between people during close contact, one of the main tools in the fight against COVID-19 outbreak has been contact tracing, whose purpose is to trace and quarantine contacts of virus-positive persons. To facilitate this process, digital contact tracing solutions were recently proposed and deployed in a number of countries. Google and Apple further implemented support for contact tracing within Android and iOS. The deployment of such large scale tracing infrastructure raises a number of security, privacy, ethical and legal issues. The panelists will address these issues and describe their experiences in building and analyzing digital contact tracing systems.
The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S. Federal Elections
Michael A. Specter, James Koppel, and Daniel Weitzner, MIT
In the 2018 midterm elections, West Virginia became the first state in the U.S. to allow select voters to cast their ballot on a mobile phone via a proprietary app called “Voatz.” Although there is no public formal description of Voatz’s security model, the company claims that election security and integrity are maintained through the use of a permissioned blockchain, biometrics, a mixnet, and hardware-backed key storage modules on the user’s device. In this work, we present the first public security analysis of Voatz, based on a reverse engineering of their Android application and the minimal available documentation of the system. We performed a cleanroom reimplementation of Voatz’s server and present an analysis of the election process as visible from the app itself.
We find that Voatz has vulnerabilities that allow different kinds of adversaries to alter, stop, or expose a user’s vote, including a sidechannel attack in which a completely passive network adversary can potentially recover a user’s secret ballot. We additionally find that Voatz has a number of privacy issues stemming from their use of third party services for crucial app functionality. Our findings serve as a concrete illustration of the common wisdom against Internet voting, and of the importance of transparency to the legitimacy of elections. As a result of our work, West Virginia and one county in Washington has already aborted their use of Voatz in the 2020 primaries.
VoteAgain: A scalable coercion-resistant voting system
Wouter Lueks, EPFL; Iñigo Querejeta-Azurmendi, Universidad Carlos III Madrid/ITEFI, CSIC; Carmela Troncoso, EPFL
The strongest threat model for voting systems considers coercion resistance: protection against coercers that force voters to modify their votes, or to abstain. Existing remote voting systems either do not provide this property; require expensive operations for tallying; or burden users with the need to store cryptographic key material and with the responsibility to deceive their coercers. We propose VoteAgain, a scalable voting scheme that relies on the revoting paradigm to provide coercion resistance. VoteAgain uses a novel deterministic ballot padding mechanism to ensure that coercers cannot see whether a vote has been replaced. This mechanism ensures tallying takes quasilinear time, making VoteAgain the first revoting scheme that can handle elections with millions of voters. We prove that VoteAgain provides ballot privacy, coercion resistance, and verifiability; and we demonstrate its scalability using a prototype implementation of its core cryptographic primitives.
Friday, August 14
Estonian Electronic Identity Card: Security Flaws in Key Management
Arnis Parsovs, Software Technology and Applications Competence Center and University of Tartu
The Estonian electronic identity card (ID card) is considered to be one of the most successful deployments of smart card-based national ID card systems in the world. The public-key cryptography and private keys stored on the card enable Estonian ID card holders to access e-services, give legally binding digital signatures and even cast an i-vote in national elections.
In this paper, we describe several security flaws found in the ID card manufacturing process. The flaws have been discovered by analyzing public-key certificates that have been collected from the public ID card certificate repository. In particular, we find that in some cases, contrary to the security requirements, the ID card manufacturer has generated private keys outside the chip. In several cases, copies of the same private key have been imported in the ID cards of different cardholders, allowing them to impersonate each other. In addition, as a result of a separate flaw in the manufacturing process, corrupted RSA public key moduli have been included in the certificates, which in one case led to the full recovery of the corresponding private key. This paper describes the discovery process of these findings and the incident response taken by the authorities.
DatashareNetwork: A Decentralized Privacy-Preserving Search Engine for Investigative Journalists
Kasra Edalatnejad and Wouter Lueks, EPFL; Julien Pierre Martin; Soline Ledésert, Anne L’Hôte, and Bruno Thomas, ICIJ; Laurent Girod and Carmela Troncoso, EPFL
Investigative journalists collect large numbers of digital documents during their investigations. These documents can greatly benefit other journalists’ work. However, many of these documents contain sensitive information. Hence, possessing such documents can endanger reporters, their stories, and their sources. Consequently, many documents are used only for single, local, investigations. We present DatashareNetwork, a decentralized and privacy-preserving search system that enables journalists worldwide to find documents via a dedicated network of peers. DatashareNetwork combines well-known anonymous authentication mechanisms and anonymous communication primitives, a novel asynchronous messaging system, and a novel multi-set private set intersection protocol (MS-PSI) into a decentralized peer-to-peer private document search engine. Using a prototype implementation, we show that DatashareNetwork is secure and scales to thousands of users and millions of documents.
TPM-FAIL: TPM meets Timing and Lattice Attacks
Daniel Moghimi and Berk Sunar, Worcester Polytechnic Institute, Worcester, MA, USA; Thomas Eisenbarth, University of Lübeck, Lübeck, Germany; Nadia Heninger, University of California, San Diego, CA, USA
Trusted Platform Module (TPM) serves as a hardware-based root of trust that protects cryptographic keys from privileged system and physical adversaries. In this work, we perform a black-box timing analysis of TPM 2.0 devices deployed on commodity computers. Our analysis reveals that some of these devices feature secret-dependent execution times during signature generation based on elliptic curves. In particular, we discovered timing leakage on an Intel firmware-based TPM as well as a hardware TPM. We show how this information allows an attacker to apply lattice techniques to recover 256-bit private keys for ECDSA and ECSchnorr signatures. On Intel fTPM, our key recovery succeeds after about 1,300 observations and in less than two minutes. Similarly, we extract the private ECDSA key from a hardware TPM manufactured by STMicroelectronics, which is certified at Common Criteria (CC) EAL 4+, after fewer than 40,000 observations. We further highlight the impact of these vulnerabilities by demonstrating a remote attack against a StrongSwan IPsec VPN that uses a TPM to generate the digital signatures for authentication. In this attack, the remote client recovers the server’s private authentication key by timing only 45,000 authentication handshakes via a network connection.
The vulnerabilities we have uncovered emphasize the difficulty of correctly implementing known constant-time techniques, and show the importance of evolutionary testing and transparent evaluation of cryptographic implementations. Even certified devices that claim resistance against attacks require additional scrutiny by the community and industry, as we learn more about these attacks.
Pixel: Multi-signatures for Consensus
Manu Drijvers, DFINITY; Sergey Gorbunov, Algorand and University of Waterloo; Gregory Neven, DFINITY; Hoeteck Wee, Algorand and CNRS, ENS, PSL
In Proof-of-Stake (PoS) and permissioned blockchains, a committee of verifiers agrees and sign every new block of transactions. These blocks are validated, propagated, and stored by all users in the network. However, posterior corruptions pose a common threat to these designs, because the adversary can corrupt committee verifiers after they certified a block and use their signing keys to certify a different block. Designing efficient and secure digital signatures for use in PoS blockchains can substantially reduce bandwidth, storage and computing requirements from nodes, thereby enabling more efficient applications.
We present Pixel, a pairing-based forward-secure multi-signature scheme optimized for use in blockchains, that achieves substantial savings in bandwidth, storage requirements, and verification effort. Pixel signatures consist of two group elements, regardless of the number of signers, can be verified using three pairings and one exponentiation, and support non-interactive aggregation of individual signatures into a multi-signature. Pixel signatures are also forward-secure and let signers evolve their keys over time, such that new keys cannot be used to sign on old blocks, protecting against posterior corruptions attacks on blockchains. We show how to integrate Pixel into any PoS blockchain. Next, we evaluate Pixel in a real-world PoS blockchain implementation, showing that it yields notable savings in storage, bandwidth, and block verification time. In particular, Pixel signatures reduce the size of blocks with 1500 transactions by 35% and reduce block verification time by 38%.
Composition Kills: A Case Study of Email Sender Authentication
Jianjun Chen, International Computer Science Institute; Vern Paxson, University of California Berkeley and International Computer Science Institute; Jian Jiang, Shape Security
Component-based software design is a primary engineering approach for building modern software systems. This programming paradigm, however, creates security concerns due to the potential for inconsistent interpretations of messages between different components. In this paper, we leverage such inconsistencies to identify vulnerabilities in email systems. We identify a range of techniques to induce inconsistencies among different components across email servers and clients. We show that these inconsistencies can enable attackers to bypass email authentication to impersonate arbitrary senders, and forge DKIM-signed emails with a legitimate site’s signature. Using a combination of manual analysis and black-box fuzzing, we discovered 18 types of evasion exploits and tested them against 10 popular email providers and 19 email clients — all of which proved vulnerable to various attacks. Absent knowledge of our attacks, for many of them even a conscientious security professional using a state-of-the-art email provider service like Gmail cannot with confidence readily determine, when receiving an email, whether it is forged.
iOS, Your OS, Everybody’s OS: Vetting and Analyzing Network Services of iOS Applications
Zhushou Tang, Shanghai Jiao Tong University and PWNZEN InfoTech Co., LTD; Ke Tang, Shanghai Jiao Tong University; Minhui Xue, The University of Adelaide; Yuan Tian, University of Virginia; Sen Chen, Nanyang Technological University; Muhammad Ikram, Macquarie University; Tielei Wang, PWNZEN InfoTech Co., LTD; Haojin Zhu, Shanghai Jiao Tong University
Smartphone applications that listen for network connections introduce significant security and privacy threats for users. In this paper, we focus on vetting and analyzing the security of iOS apps’ network services. To this end, we develop an efficient and scalable iOS app collection tool to download 168,951 iOS apps in the wild. We investigate a set of 1,300 apps to understand the characteristics of network service vulnerabilities, confirming 11 vulnerabilities in popular apps, such as Waze, Now, and QQBrowser. From these vulnerabilities, we create signatures for a large-scale analysis of 168,951 iOS apps, which shows that the use of certain third-party libraries listening for remote connections is a common source of vulnerable network services in 92 apps. These vulnerabilities open up the iOS device to a host of possible attacks, including data leakage, remote command execution, and denial-of-service attacks. We have disclosed identified vulnerabilities and received acknowledgments from vendors.
SEAL: Attack Mitigation for Encrypted Databases via Adjustable Leakage
Ioannis Demertzis, University of Maryland; Dimitrios Papadopoulos, Hong Kong University of Science and Technology; Charalampos Papamanthou, University of Maryland; Saurabh Shintre, NortonLifeLock Research Group
Building expressive encrypted databases that can scale to large volumes of data while enjoying formal security guarantees has been one of the holy grails of security and cryptography research. Searchable Encryption (SE) is considered to be an attractive implementation choice for this goal: It naturally supports basic database queries such as point, join, group-by and range, and is very practical at the expense of well-defined leakage such as search and access pattern. Nevertheless, recent attacks have exploited these leakages to recover the plaintext database or the posed queries, casting doubt to the usefulness of SE in encrypted systems. Defenses against such leakage-abuse attacks typically require the use of Oblivious RAM or worst-case padding — -such countermeasures are however quite impractical. In order to efficiently defend against leakage-abuse attacks on SE-based systems, we propose SEAL, a family of new SE schemes with adjustable leakage. In SEAL, the amount of privacy loss is expressed in leaked bits of search or access pattern and can be defined at setup. As our experiments show, when protecting only a few bits of leakage (e.g., three to four bits of access pattern), enough for existing and even new more aggressive attacks to fail, SEAL’s query execution time is within the realm of practical for real-world applications (a little over one order of magnitude slowdown compared to traditional SE-based encrypted databases). Thus, SEAL could comprise a promising approach to build efficient and robust encrypted databases.
USBFuzz: A Framework for Fuzzing USB Drivers by Device Emulation
Hui Peng, Purdue University; Mathias Payer, EPFL
The Universal Serial Bus (USB) connects external devices to a host. This interface exposes the OS kernels and device drivers to attacks by malicious devices. Unfortunately, kernels and drivers were developed under a security model that implicitly trusts connected devices. Drivers expect faulty hardware but not malicious attacks. Similarly, security testing drivers is challenging as input must cross the hardware/software barrier. Fuzzing, the most widely used bug finding technique, relies on providing random data to programs. However, fuzzing device drivers is challenging due to the difficulty in crossing the hardware/software barrier and providing random device data to the driver under test.
We present USBFuzz, a portable, flexible, and modular framework for fuzz testing USB drivers. At its core, USBFuzz uses a software-emulated USB device to provide random device data to drivers (when they perform IO operations). As the emulated USB device works at the device level, porting it to other platforms is straight-forward. Using the USBFuzz framework, we apply (i) coverage-guided fuzzing to a broad range of USB drivers in the Linux kernel; (ii) dumb fuzzing in FreeBSD, MacOS, and Windows through cross pollination seeded by the Linux inputs; and (iii) focused fuzzing of a USB webcam driver. USBFuzz discovered a total of 26 new bugs, including 16 memory bugs of high security impact in various Linux subsystems (USB core, USB sound, and network), one bug in FreeBSD, three in MacOS (two resulting in an unplanned reboot and one freezing the system), and four in Windows 8 and Windows 10 (resulting in Blue Screens of Death), and one bug in the Linux USB host controller driver and another one in a USB camera driver. From the Linux bugs, we have fixed and upstreamed 11 bugs and received 10 CVEs.
Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable Systems
Takeshi Sugawara, The University of Electro-Communications; Benjamin Cyr, Sara Rampazzi, Daniel Genkin, and Kevin Fu, University of Michigan
We propose a new class of signal injection attacks on microphones by physically converting light to sound. We show how an attacker can inject arbitrary audio signals to a target microphone by aiming an amplitude-modulated light at the microphone’s aperture. We then proceed to show how this effect leads to a remote voice-command injection attack on voice-controllable systems. Examining various products that use Amazon’s Alexa, Apple’s Siri, Facebook’s Portal, and Google Assistant, we show how to use light to obtain control over these devices at distances up to 110 meters and from two separate buildings. Next, we show that user authentication on these devices is often lacking, allowing the attacker to use light-injected voice commands to unlock the target’s smartlock-protected front doors, open garage doors, shop on e-commerce websites at the target’s expense, or even unlock and start various vehicles connected to the target’s Google account (e.g., Tesla and Ford). Finally, we conclude with possible software and hardware defenses against our attacks.
Preech: A System for Privacy-Preserving Speech Transcription
Shimaa Ahmed, Amrita Roy Chowdhury, Kassem Fawaz, and Parmesh Ramanathan, University of Wisconsin — Madison
New advances in machine learning have made Automated Speech Recognition (ASR) systems practical and more scalable. These systems, however, pose serious privacy threats as speech is a rich source of sensitive acoustic and textual information. Although offline and open-source ASR eliminates the privacy risks, its transcription performance is inferior to that of cloud-based ASR systems, especially for real-world use cases. In this paper, we propose Prεεch, an end-to-end speech transcription system which lies at an intermediate point in the privacy-utility spectrum. It protects the acoustic features of the speakers’ voices and protects the privacy of the textual content at an improved performance relative to offline ASR. Additionally, Prεεch provides several control knobs to allow customizable utility-usability-privacy trade-off. It relies on cloud-based services to transcribe a speech file after applying a series of privacy-preserving operations on the user’s side. We perform a comprehensive evaluation of Prεεch, using diverse real-world datasets, that demonstrates its effectiveness. Prεεch provides transcription at a 2% to 32.25% (mean 17.34%) relative improvement in word error rate over Deep Speech, while fully obfuscating the speakers’ voice biometrics and allowing only a differentially private view of the textual content.
Remote Side-Channel Attacks on Anonymous Transactions
Florian Tramer and Dan Boneh, Stanford University; Kenny Paterson, ETH Zurich
Privacy-focused crypto-currencies, such as Zcash or Monero, aim to provide strong cryptographic guarantees for transaction confidentiality and unlinkability. In this paper, we describe side-channel attacks that let remote adversaries bypass these protections.
We present a general class of timing side-channel and traffic-analysis attacks on receiver privacy. These attacks enable an active remote adversary to identify the (secret) payee of any transaction in Zcash or Monero. The attacks violate the privacy goals of these crypto-currencies by exploiting side-channel information leaked by the implementation of different system components. Specifically, we show that a remote party who measures the response time of a user’s P2P node to certain requests can link all transactions that send funds to that user. The timing differences are large enough that the attacks can be mounted remotely over a WAN. We responsibly disclosed the issues to the affected projects, and they have patched the vulnerabilities.
We further study the impact of timing side-channels on the zero-knowledge proof systems used in these crypto-currencies. We observe that in Zcash’s implementation, the time to generate a zero-knowledge proof depends on secret transaction data, and in particular on the amount of transacted funds. Hence, an adversary capable of measuring proof generation time can break transaction confidentiality, despite the proof system’s zero-knowledge property.
Our attacks highlight the dangers of side-channel leakage in anonymous crypto-currencies, and the need to systematically protect them against such attacks.
BONUS: DEFCON FURS
Date: Friday, August 15sth (12:30 PM EST) — Saturday, August 16th (8:00 PM EST)
Accesability: Free (?) but badge is also available for purchase. Details coming soon.
Tickets (Human Plus): TBD
Code Of Conduct: https://2020.dcfurs.com/code-of-conduct.php
DEFCON Furs is a 501c3 non-profit group that organizes events and parties at DEF CON for members of the infosec community that share an interest in the furry fandom. Our purpose is to promote, support, and advance the idea that we should be free to hack our own lives in a safe and supportive environment. Their focus is on education, organizing and providing support for individuals and groups that promote creating and owning a life and identity that is yours.
DEFCON Furs started as a room meetup for furries that regularly attended the DEF CON hacker conference. As word spread within the community, it turned out more furries were attending DEF CON than what could fit in a small hotel room. So “DEFCON Furs” as an event was produced in 2017 in a dedicated public suite where everyone at DEF CON, furry or otherwise, could come party, network, chill, work on challenges, and learn about DEF CON and the interesting people that make up the attendees. You can think of them like a mini-furry convention as part of the DEF CON madness.
This year they’re hosting a virtual event online taking place on a single day, August 15 2020.
The event will include live streamed talks and DJ’s and be organized around Discord channels for the talks and hanging out.
Access to the event Discord and further event information will be posted soon.
Sat Aug 15 | 9:00 AM — 9:15 AM
- Kicking off DEFCON Furs 2020 and intro.
Sat Aug 15 | 9:15 AM — 10:00 AM
A History of Pride Uprisings: as told by Miki Demeter for DEFCON Furs 2020 (Miki Demeter)
- DEFCON Furs 2020 Keynote
Sat Aug 15 | 10:00 AM — 10:45 AM
OwOwning with the Windows APIDijit (@secfurry)
- The Windows API is one of the most convoluted and powerful utilities that offensive and defensive teams can use to supercharge their toolkits. This presentation goes into two interesting concepts that leverage some largely undocumented WinAPI functions to mask execution. Hopefully the information in my presentation can be use to help the viewers “hack” their knowledge and gain a better grasp on the cool toys Microsoft hides from us.
Sat Aug 15 | 11:00 AM — 11:45 AM
Getting a Pulse on Your Fit BytesHacking Hyena 🐾 Ginji Terrano (@lobstar85)
- Learn the secrets and underlying motivations that drove a 300lbs weight loss! Observe how step by step refinement influenced the course of development to keep from getting bored and how they completely changed this hyena’s life — through both mental and physical peripheral hacking.
- High level concepts in BLE and encryption algorithms, along with some sample Java code for Android will be covered. You’ll even learn a little bit about iOS too! Then we’ll bring it together for the end result of how it was used to hack my life and become healthier!
Sat Aug 15 | 12:00 PM — 12:45 PM
- Do you dream about starting a career infosec? This panel may be for you! We are 4 career infosec practicioners who will be sharing stories about how we got started, offering helpful tips for getting your career underway and answering your questions.
Sat Aug 15 | 1:00 PM — 1:45 PM
Tom Nook’s Wild PRNG-Driven RideNinji (@_Ninji)
- This year, millions of Switch owners took refuge from the scary outdoors in the new Animal Crossing game, Nintendo’s wacky life simulation franchise where you befriend talking animals and build a unique, personalised village while going into debt with an unusually charismatic raccoon.
- In this talk I’ll show how I used Ghidra’s decompiler to help ruin the magic behind the game design, answering questions like “why did this deer mail me the authentic Mona Lisa” and “how many fences do I need for a 5* rating”, and how I somewhat broke the AC economy by building tools to predict random events.
Sat Aug 15 | 2:00 PM — 2:45 PM
- Furries, circuits, robot overlords, and hacking! What better combination can you find? A fun tour and discussion on how to scale out assembly of #BadgeLife designs (or any other circuits for that matter) when you find that your paws are tired and eyes are crossed after putting down hundreds of parts by hand. Fizz and Nightclaw give a nifty tour of PCBX, LLC and discussion of how we assemble circuit boards. Video tour followed by on-site Q&A portion!
Sat Aug 15 | 3:00 PM — 3:45 PM
Practical Problem Solving With the Power of CAD and 3D PrintingKilk (@InuKilk)
- This presentation shows the steps involved when designing with the intent to solve everyday problems, like making specific mounts, cable management devices, and much more. I intend to show the basics of CAD and how to use problem solving skills to design a part to fit the specific needs. I’ll break it down into 3 categories (Planning, Prototyping, and Producing). I’ll also go over the basics of lean manufacturing and applying those concepts as we continue further through the process. This presentation connects with the theme of “Hacking Your Life” by inviting others to indulge in creativity and to produce something to solve a problem around them.
Sat Aug 15 | 4:00 PM — 4:45 PM
- Basic tips and shortcuts to upgrade and make vintage electronics “work” in the streaming/digital world; Presentation will include PSP/Emulation upgrading, RGB modding a 16-bit TurboGrafx to work with a PVM and Export Card, and most importantly; the hardware schematics needed to have fun playing games with something you modded yourself!
Sat Aug 15 | 4:45 PM — 5:00 PM
- Wrapping up the talks of DEFCON Furs 2020 and kicking off the PARTY!
Sat Aug 15 | 5:00 PM — 6:00 PM
Sat Aug 15 | 6:00 PM — 7:00 PM
Sat Aug 15 | 7:00 PM — 8:00 PM
Sat Aug 15 | 8:00 PM — 9:00 PM
Sat Aug 15 | 9:00 PM — 10:00 PM
Sat Aug 15 | 10:00 PM — 11:00 PM
Sat Aug 15 | 11:00 PM — 12:00 AM
Sunday Aug 15 | 12:00 AM — 1:00 AM
Sunday Aug 15 | 1:00 AM — 2:00 AM
Sunday Aug 15 | 2:00 AM — 3:00 AM
Sunday Aug 15 | 3:00 AM — 4:00 AM
Sunday Aug 15 | 4:00 AM — 5:00 AM
DJ Midnight — House / Dance