Final Report Summary - CODAMODA (Controlling Data Movement in the Digital Age)
The CODAMODA project aims at investigating the feasibility of controlling the movement of digital data. The word "movement" here refers to the transfer of information in digital form between computer systems. Digitized information is naturally very easy to replicate and transform in various ways. This "plasticity" of digital data has been fundamental in a wide array of recent advances associated with the information revolution and in general hailed as a fundamental technology enabler for a number of applications. Nevertheless, it also acts as a double-edged sword in any setting where it is important to be able to track, prevent, or constrain how information flows or is modified. And in many cases, it is very important to track such modifications: loss of intellectual property, exposure of sensitive private data, computer system intrusions, computer virus infections are all examples of information being transferred or modified in a way that is incongruent with the objectives of the original information owners and disseminators.
In order to provide answers to our fundamental question we followed a two-pronged approach. First we examine formal models of security and we investigated the limits of various notions of data movement and manipulation control. This delineates the upper limits of feasibility and shows what could -- in principle -- be achieved. Second, we examine what is actually feasible using either cryptographic tools that are known or by developing new cryptographic tools of our own design.
Below we present the most important problems and questions the project team has tackled. Over the course of the project we have considered numerous solutions and various approaches. The most notable outcome (that was also unanticipated in the original project description) was the security analysis of blockchain protocols that have emerged in 2009 but became widely popular in the course of the project activity. In our more details a summary of main results is as follows.
* We studied a wide array of cryptographic algorithms that regulate the flow of information between computer users. Among our results are new algorithms for secure transmission of data to large number of subscribers in a network, improving accountability in usage of encryption, identification and digital signature algorithms, as well as algorithms for searching information in encrypted data.
* We invented leakage-deterring cryptographic primitives. These systems deincentivize the sharing of cryptographic functionalities between users of a public-key infrastructure ensuring a high level of accountability. Our collection of leakage-deterring schemes includes also traitor deterring schemes a class of digital content distribution encryption mechanisms that deincentivize sharing of decryption key material in multi subscriber digital content distribution settings.
* Many digital content distribution systems use randomness as a way to protect user accounts. A simple example of randomness usage for security is the password-reset functionality that many web-sites offer: when a user forgets her password she can request the system to submit via e-mail a link that enables the user to reset the password. The link itself is randomly generated by the system and may only be active for a short period of time. If an attacker is able to predict this link, it can take over user accounts arbitrarily. We developed new attack algorithms and demonstrated experimentally how our algorithms can be used to attack a wide array of software and digital content systems including well known sites such as Wikipedia. Our attacks (and tools to thwart them) have been communicated to the development teams of the software affected and the appropriate measures have since been taken to make the web-sites more secure. Our team has been widely recognized for improving the security of these sites.
* Social networking sites are currently one of the prime mediums for sharing digital content between people. Users typically can grant access to content and information they upload to "apps" that perform various actions (e.g. keep track of one's friends movie preferences, provide recommendations and so on). Using Facebook as a focal point, we formalized how resource access control is intended to take place according to its end-user agreement and we investigated to what extend its implementation conforms to this model. Our findings (which have been communicated to Facebook security team) demonstrated a number of deviations between the expressed model and the implementation with respect to privacy of user data.
* We put forth the first foundational analysis of blockchain protocols that have been identified as an important cornerstone for future digital content management systems. Our work has identified the relevant security properties of the blockchain data structure (such as common prefix and chain quality) and we have shown how it is possible to prove the security of the core blockchain protocol popularized originally as part of the bitcoin system. Together
with this we investigated applications of blockchain systems including how it is possible to
build efficient systems for distributing information in a fair way using a blockchain as well as how to protect information that is stored in a blockchain system.
* We developed new algorithms for the black-box analysis of sanitizers and filters that are used as defense mechanisms in the setting of web applications. Our algorithms are based on learning theory and allow the systematic classification and differentiation of sanitizer and filter systems. This model-based approach, unlike existing differential testing tools, supports fully automated root cause analysis in a domain-independent manner and is a useful tool for finding and mitigating vulnerabilities systematically. Using our techniques we demonstrated vulnerabilities in a number of popular web application firewalls including ModSecurity, PHPIDS, WebCastellum, Expose.
* We invented a novel “proof of stake” blockchain protocol called “Ouroboros.” This system was implemented and adopted as the core layer of the Cardano blockchain system that is currently under development by blockchain company IOHK and is due to be released in 2017.
In order to provide answers to our fundamental question we followed a two-pronged approach. First we examine formal models of security and we investigated the limits of various notions of data movement and manipulation control. This delineates the upper limits of feasibility and shows what could -- in principle -- be achieved. Second, we examine what is actually feasible using either cryptographic tools that are known or by developing new cryptographic tools of our own design.
Below we present the most important problems and questions the project team has tackled. Over the course of the project we have considered numerous solutions and various approaches. The most notable outcome (that was also unanticipated in the original project description) was the security analysis of blockchain protocols that have emerged in 2009 but became widely popular in the course of the project activity. In our more details a summary of main results is as follows.
* We studied a wide array of cryptographic algorithms that regulate the flow of information between computer users. Among our results are new algorithms for secure transmission of data to large number of subscribers in a network, improving accountability in usage of encryption, identification and digital signature algorithms, as well as algorithms for searching information in encrypted data.
* We invented leakage-deterring cryptographic primitives. These systems deincentivize the sharing of cryptographic functionalities between users of a public-key infrastructure ensuring a high level of accountability. Our collection of leakage-deterring schemes includes also traitor deterring schemes a class of digital content distribution encryption mechanisms that deincentivize sharing of decryption key material in multi subscriber digital content distribution settings.
* Many digital content distribution systems use randomness as a way to protect user accounts. A simple example of randomness usage for security is the password-reset functionality that many web-sites offer: when a user forgets her password she can request the system to submit via e-mail a link that enables the user to reset the password. The link itself is randomly generated by the system and may only be active for a short period of time. If an attacker is able to predict this link, it can take over user accounts arbitrarily. We developed new attack algorithms and demonstrated experimentally how our algorithms can be used to attack a wide array of software and digital content systems including well known sites such as Wikipedia. Our attacks (and tools to thwart them) have been communicated to the development teams of the software affected and the appropriate measures have since been taken to make the web-sites more secure. Our team has been widely recognized for improving the security of these sites.
* Social networking sites are currently one of the prime mediums for sharing digital content between people. Users typically can grant access to content and information they upload to "apps" that perform various actions (e.g. keep track of one's friends movie preferences, provide recommendations and so on). Using Facebook as a focal point, we formalized how resource access control is intended to take place according to its end-user agreement and we investigated to what extend its implementation conforms to this model. Our findings (which have been communicated to Facebook security team) demonstrated a number of deviations between the expressed model and the implementation with respect to privacy of user data.
* We put forth the first foundational analysis of blockchain protocols that have been identified as an important cornerstone for future digital content management systems. Our work has identified the relevant security properties of the blockchain data structure (such as common prefix and chain quality) and we have shown how it is possible to prove the security of the core blockchain protocol popularized originally as part of the bitcoin system. Together
with this we investigated applications of blockchain systems including how it is possible to
build efficient systems for distributing information in a fair way using a blockchain as well as how to protect information that is stored in a blockchain system.
* We developed new algorithms for the black-box analysis of sanitizers and filters that are used as defense mechanisms in the setting of web applications. Our algorithms are based on learning theory and allow the systematic classification and differentiation of sanitizer and filter systems. This model-based approach, unlike existing differential testing tools, supports fully automated root cause analysis in a domain-independent manner and is a useful tool for finding and mitigating vulnerabilities systematically. Using our techniques we demonstrated vulnerabilities in a number of popular web application firewalls including ModSecurity, PHPIDS, WebCastellum, Expose.
* We invented a novel “proof of stake” blockchain protocol called “Ouroboros.” This system was implemented and adopted as the core layer of the Cardano blockchain system that is currently under development by blockchain company IOHK and is due to be released in 2017.