Teaching cybersecurity to criminologists

I recently had the pleasure of teaching my first module at UCL, an introduction to cybersecurity for students in the SECReT doctoral training centre.

The module had been taught before, but always from a fairly computer-science-heavy perspective. Given that the students had largely no background in computer science, and that my joint appointment in the Department of Security and Crime Science has given me at least some small insight into what aspects of cybersecurity criminologists might find interesting, I chose to design the lecture material largely from scratch. I tried to balance the technical components of cybersecurity that I felt everyone needed to know (which, perhaps unsurprisingly, included a fair amount of cryptography) with high-level design principles and the overarching question of how we define security. Although I say I designed the curriculum from scratch, I of course ended up borrowing heavily from others, most notably from the lecture and exam material of my former supervisor’s undergraduate cybersecurity module (thanks, Stefan!) and from George’s lecture material for Introduction to Computer Security. If anyone’s curious, the lecture material is available on my website.

As I said, the students in the Crime Science department (and in particular the ones taking this module) had little to no background in computer science.  Instead, they had a diverse set of academic backgrounds: psychology, political science, forensics, etc. One of the students’ proposed dissertation titles was “Using gold nanoparticles on metal oxide semiconducting gas sensors to increase sensitivity when detecting illicit materials, such as explosives,” so it’s an understatement to say that we were approaching cybersecurity from different directions!

With that in mind, one of the first things I did in my first lecture was to take a poll on who was familiar with certain concepts (e.g., SSH, malware, the structure of the Internet), and what people were interested in learning about (e.g., digital forensics, cryptanalysis, anonymity). I don’t know what I was expecting, but the responses really blew me away! The students overwhelmingly wanted to hear about how to secure themselves on the Internet, both in terms of personal security habits (e.g., using browser extensions) and in terms of understanding what and how things might go wrong. Almost the whole class specifically requested Tor, and a few had even used it before.

This theme of being (pleasantly!) surprised continued throughout the term.  When I taught certificates, the students asked not for more details on how they work, but if there was a body responsible for governing certificate authorities and if it was possible to sue them if they misbehave. When I taught authentication, we played a Scattergories-style game to weigh the pros and cons of various authentication mechanisms, and they came up with answers like “a con of backup security questions is that they reveal cultural trends that may then be used to reveal age, ethnicity, gender, etc.”

There’s still a month and a half left until the students take the exam, so it’s too soon to say how effective it was at teaching them cybersecurity, but for me the experience was a clear success and one that I look forward to repeating and refining in the future.

One-out-of-Many Proofs: Or How to Leak a Secret and Spend a Coin

I’m going to EUROCRYPT 2015 to present a new zero-knowledge proof that I’ve developed together with Markulf Kohlweiss from Microsoft Research. Zero-knowledge proofs enable you to demonstrate that a particular statement is true without revealing anything else than the fact it is true. In our case the statements are one-out-of-many statements, intuitively that out of a number of items one of them has a special property, and we greatly reduce the size of the proofs compared to previous works in the area. Two applications where one-out-of-many proofs come in handy are ring signatures and Zerocoin.

Ring signatures can be used to sign a message anonymously as a member of a group of people, i.e., all a ring signature says is that somebody from the group signed the message but not who it was. Consider for instance a whistleblower who wants to leak her company is dumping dangerous chemicals in the ocean, yet wants to remain anonymous due to the risk of being fired. By using a ring signature she can demonstrate that she works for the company, which makes the claim more convincing, without revealing which employee she is. Our one-out-of-many proofs can be used to construct very efficient ring signatures by giving a one-out-of-many proof that the signer holds a secret key corresponding to a public key for one of the people in the ring.

Zerocoin is a new virtual currency proposal where coins gain value once they’ve been accepted on a public bulletin board. Each coin contains a commitment to a secret random serial number that only the owner knows. To anonymously spend a coin the owner publishes the serial number and gives a one-out-of-many proof that the serial number corresponds to one of the public coins. The serial number prevents double spending of a coin; nobody will accept a transaction with a previously used serial number. The zero-knowledge property of the one-out-of-many proof provides anonymity; it is not disclosed which coin the serial number corresponds to. Zerocoin has been suggested as a privacy enhancing add-on to Bitcoin.

The full research paper is available on the Cryptology ePrint Archive.

MSc Information Security @UCL

As the next programme director of UCL’s MSc in Information Security, I have quickly realized that showcasing a group’s educational and teaching activities is no trivial task.

As academics, we learn over the years to make our research “accessible” to our funders, media outlets, blogs, and the likes. We are asked by the REF to explain why our research outputs should be considered world-leading and outstanding in their impacts. As security, privacy, and cryptography researchers, we repeatedly test our ability to talk to lawyers, bankers, entrepreneurs, and policy makers.

But how do you do good outreach when it comes to postgraduate education? Well, that’s a long-standing controversy. The Economist recently dedicated a long report on tertiary education and also discussed misaligned incentives in strategic decisions involving admissions, marketing, and rankings. Personally, I am particularly interested in exploring ways one can (attempt to) explain the value and relevance of a specialist masters programme in information security. What outlets can we rely on and how do we effectively engage, at the same time, current undergraduate students, young engineers, experienced professionals, and aspiring researchers? How can we shed light on our vision & mission to educate and train future information security experts?

So, together with my colleagues of UCL’s Information Security Group, I started toying with the idea of organizing events — both in the digital and the analog “world” — that could provide a better understanding of both our research and teaching activities. And I realized that, while difficult at first and certainly time-consuming, this is a noble, crucial, and exciting endeavor that deserves a broad discussion.

DSC_0016

Information Security: Trends and Challenges

Thanks to the great work of Steve Marchant, Sean Taylor, and Samantha Webb (now known as the “S3 team” :-)), on March 31st, we held what I hope is the first of many MSc ISec Open Day events. We asked two of our friends in industry — Alec Muffet (Facebook Security Evangelist) and Dr Richard Gold (Lead Security Analyst at Digital Shadows and former Cisco cloud web security expert) — and two of  our colleagues — Prof. Angela Sasse and Dr David Clark — to give short, provocative talks about what they believe trends and challenges in Information Security are. In fact, we even gave it a catchy name to the event: Information Security: Trends and Challenges.

Continue reading MSc Information Security @UCL

Banks undermine chip and PIN security because they see profits rise faster than fraud

The Chip and PIN card payment system has been mandatory in the UK since 2006, but only now is it being slowly introduced in the US. In western Europe more than 96% of card transactions in the last quarter of 2014 used chipped credit or debit cards, compared to just 0.03% in the US.

Yet at the same time, in the UK and elsewhere a new generation of Chip and PIN cards have arrived that allow contactless payments – transactions that don’t require a PIN code. Why would card issuers offer a means to circumvent the security Chip and PIN offers?

Chip and Problems

Chip and PIN is supposed to reduce two main types of fraud. Counterfeit fraud, where a fake card is manufactured based on stolen card data, cost the UK £47.8m in 2014 according to figures just released by Financial Fraud Action. The cryptographic key embedded in chip cards tackles counterfeit fraud by allowing the card to prove its identity. Extracting this key should be very difficult, while copying the details embedded in a card’s magnetic stripe from one card to another is simple.

The second type of fraud is where a genuine card is used, but by the wrong person. Chip and PIN makes this more difficult by requiring users to enter a PIN code, one (hopefully) not known to the criminal who took the card. Financial Fraud Action separates this into those cards stolen before reaching their owner (at a cost of £10.1m in 2014) and after (£59.7m).

Unfortunately Chip and PIN doesn’t work as well as was hoped. My research has shown how it’s possible to trick cards into accepting the wrong PIN and produce cloned cards that terminals won’t detect as being fake. Nevertheless, the widespread introduction of Chip and PIN has succeeded in forcing criminals to change tactics – £331.5m of UK card fraud (69% of the total) in 2014 is now through telephone, internet and mail order purchases (known as “cardholder not present” fraud) that don’t involve the chip at all. That’s why there’s some surprise over the introduction of less secure contactless cards.

Continue reading Banks undermine chip and PIN security because they see profits rise faster than fraud

A Digital Magna Carta?

I attended two privacy events over the past couple of weeks. The first was at the Royal Society, chaired by Prof Jon Crowcroft.

All panelists talked about why privacy is necessary in a free, democratic society, but also noted that individuals are ill equipped to achieve this given the increasing number of technologies collecting data about us, and the commercial and government interests in using those.

During the question & answer session, one audience member asked if we needed a Digital Charter to protect rights to privacy. I agreed, but pointed out that citizens and consumers would need to express this desire more clearly, and be prepared to take collective action to stop the gradual encroachment.

The second panel – In the Digital Era – Do We Still Have Privacy? – organised in London by Lancaster University this week as part of its 50th Anniversary celebrations, chaired by Sir Edmund Burton.

One of the panelists – Dr Mike Short from Telefonica O2 – stated that it does not make commercial sense for a company to use data in a way that goes against their customer’s privacy preferences.

But there are service providers that force users to allow data collection – you cannot have the service unless you agree to your data being collected (which goes against the OECD principles for informed consent) or the terms & conditions so long that users don’t want to read them – and even if they were prepared to read them, they would not understand them without a legal interpreter.

We have found in our research at UCL (e.g. Would You Sell Your Mother’s Data, Fairly Truthful) that consumers have a keen sense of ‘fairness’ about how their data is used – and they definitely do not think it ‘fair’ for them to be used against their express preferences and life choices.

In the Q & A after the panel the question of what can be done to ensure fair treatment for consumers, and the idea of a Digital Charter, was raised again. The evening’s venue was a CD’s throw away from the British Library, where the Magna Carta is exhibited to celebrate its 800th anniversary. The panelists reminded us that last year, Sir Tim Berners-Lee called for a ‘Digital Magna Carta’ – I think this is the perfect time for citizens and consumers to back him up, and unite behind his idea.

Why Bentham’s Gaze?

Why is this blog called “Bentham’s Gaze”? Jeremy Bentham (1748-1832) was an philosopher, jurist and social reformer. Although he took no direct role in the creation of UCL (despite the myth), Bentham can be considered its spiritual founder, with his ideas being embodied in the institution. Notably, UCL went a long way to fulfilling Bentham’s desire of widening access to education, through it being the first English university to admit students regardless of class, race or religion, and to welcome women on equal terms with men.

Bentham’s Gaze refers not just to his vision of education but also to the Panopticon – a design proposed for a prison where all inmates in the circular building are potentially under continual observation from a central inspection house. Importantly, inmates would not be able to tell whether they were actively being observed and so the hope was that good behaviour would be encouraged without the high cost of actually monitoring everyone. Although no prison was created exactly to Bentham’s design, some (e.g. Presidio Modelo in Cuba) have notable similarities and pervasive CCTV can be seen as a modern instantiation of the same principles.

Finally, the more corporeal aspect to the blog name is that UCL hosts Bentham’s Auto-Icon – a case containing his preserved skeleton with wax head, seated in a chair, and dressed in his own clothes. The construction of the Auto-Icon was specified in Bentham’s will and since 1850 has been cared for by UCL. His head was also preserved but judged unsuitable for public display and so is stored by UCL Museums. Many of the staff and students at UCL will walk in view of Bentham while crossing the campus.

You too can now enjoy Bentham’s Gaze thanks to the UCL PanoptiCam – a webcam attached to the top of the Auto-Icon, as you can see below from my photo of it (and its photo of me). Footage from the camera is both on Twitter and YouTube, with highlights and discussion on @Panopticam.

UCL Panopticam

View from PanoptiCam (2015-02-19)

Is sending shoppers ads by Bluetooth just a bit creepy?

Using Bluetooth wireless networking to send information to nearby smartphones, beacon technology could transform how retailers engage with their customers. But customers will notice how their information is used to personalise these unsolicited adverts, and companies that fail to respect their privacy may get burned.

UK retailer House of Fraser is to introduce beacon-equipped mannequins to its Aberdeen store, which will deliver details about the clothes and accessories the mannequin is wearing to the smartphones of customers within 50 metres. In London’s Regent Street, around 100 stores have installed Apple’s iBeacons, able to send adverts to smartphones to entice passers-by to come inside.

A sort of precursor to the “internet of things”, beacon technology has great potential to enhance consumer experience: providing access to relevant information more quickly, or offering rewards and discounts for loyal shoppers. Some retailers may rearrange their store based on analysing data from customers’ shopping habits. It has uses outside of marketing too, such as providing contactless payments, tourist information at museums, or gate information at airports.

Continue reading Is sending shoppers ads by Bluetooth just a bit creepy?

On-line lecture: DP5 Private Presence @ 31C3

During the break I attended the 31st Chaos Communications Congress (31C3) in Hamburg, Germany. There I had the pleasure of giving a presentation on “DP5: PIR for Privacy-preserving Presence” along with my colleague from Waterloo, Ian Goldberg. The Audio/Video Chaos Angels did a nice job of capturing the event, and making it available for all to view (I come in at 26:23).

Other resources around DP5 include:

  • Technical Report (pdf)
  • Talk Slides (pdf)
  • Event Page (html)
  • Git code repository (git)

Sequencing your genome is becoming an affordable reality – but at what personal cost?

Genomics is increasingly hailed by many as the turning point in modern medicine. Advances in technology now mean we’re able to make out the full DNA sequence of an organism and decipher its entire hereditary information, bringing us closer to discovering the causes of particular diseases and disorders and drugs that can be targeted to the individual.

Buzzwords like “whole genome sequencing” and “personalised medicine” are everywhere – but how are they enabling a powerful medical and societal revolution?

It all started in the 1990’s with the Human Genome Project – a very ambitious venture involving 20 international partners and an investment of US$3 billion. In 2003, 13 years after it began, the project yielded the first complete human genome. Today, the cost of sequencing whole genomes is plummeting fast and it is now possible to do the job for less than US$1,000, meaning a whole host of applications both in research and in treatments.

Variants and mutations

Genetic mutations are often linked to disorders, predisposition to diseases and response to treatment. For instance, inherited genetic variants can cause blood disorders such as thalassaemia or others such as cystic fibrosis or sickle cell anaemia.

Genome sequencing is being used today in diagnostic and clinical settings to find rare variants in a patient’s genome, or to sequence cancers’ genomes (to point out genomic differences between solid tumours and develop a more effective therapeutic strategy). It is also possible to test for known simple mutations via a process called genotyping, which can find genetic differences through a set of biomarkers. In the case of thalassemia, for example, there are mutations in the HBB gene on chromosome 11.

A number of drugs, including blood-thinners like warfarin, have already been commercialised with genetic markers (such as a known location on a chromosome) linked to effectiveness and correct dosage.

Continue reading Sequencing your genome is becoming an affordable reality – but at what personal cost?

Tor: the last bastion of online anonymity, but is it still secure after Silk Road?

The Silk Road trial has concluded, with Ross Ulbricht found guilty of running the anonymous online marketplace for illegal goods. But questions remain over how the FBI found its way through Tor, the software that allows anonymous, untraceable use of the web, to gather the evidence against him.

The development of anonymising software such as Tor and Bitcoin has forced law enforcement to develop the expertise needed to identify those using them. But if anything, what we know about the FBI’s case suggests it was tip-offs, inside men, confessions, and Ulbricht’s own errors that were responsible for his conviction.

This is the main problem with these systems: breaking or circumventing anonymity software is hard, but it’s easy to build up evidence against an individual once you can target surveillance, and wait for them to slip up.

The problem

A design decision in the early days of the internet led to a problem: every message sent is tagged with the numerical Internet Protocol (IP) addresses that identify the source and destination computers. The network address indicates how and where to route the message, but there is no equivalent indicating the identity of the sender or intended recipient.

This conflation of addressing and identity is bad for privacy. Any internet traffic you send or receive will have your IP address attached to it. Typically a computer will only have one public IP address at a time, which means your online activity can be linked together using that address. Whether you like it or not, marketers, criminals or investigators use this sort of profiling without consent all the time. The way IP addresses are allocated is geographically and on a per-organisation basis, so it’s even possible to pinpoint a surprisingly accurate location.

This conflation of addressing and identity is also bad for security. The routing protocols which establish the best route between two points on the internet are not secure, and have been exploited by attackers to take control of (hijack) IP addresses they don’t legitimately own. Such attackers then have access to network traffic destined for the hijacked IP addresses, and also to anything the legitimate owner of the IP addresses should have access to.

Continue reading Tor: the last bastion of online anonymity, but is it still secure after Silk Road?