cuando la criptografía falla: autenticación con ondas cerebrales
Upload: centro-de-investigacion-para-la-gestion-tecnologica-del-riesgo-cigtr
Post on 18-Jan-2017
268 views
TRANSCRIPT
CURSO DE VERANO CIGTR 2016: Cybersecurity & FinTech
Dr. Alfonso Muñoz – Senior Cybersecurity ExpertTwitter: @mindcrypt Email: [email protected]| [email protected]
Linkedin: https://es.linkedin.com/in/alfonso-muñoz-phd-1984141b
2
About me
Linkedin: https://es.linkedin.com/in/alfonso-muñoz-phd-1984141bTwitter: @[email protected] | [email protected]
Dr. Alfonso Muñoz – Senior Cybersecurity Expert
3
“El único ordenador realmente seguro es el que está apagado, desenchufado, encerrado en una cámara de titanio, enterrado en un bunker rodeado de gas nervioso y protegido por guardias bien pagados. Aún así no apostaría mi vida en ello” - Spaf
“Dos amigos están dando un paseo por el bosque cuando un oso empieza a perseguirlos. Uno de ellos echa a correr y su amigo le dice: “¿Estás loco? ¡No podemos correr más que un oso!”. El primero responde: “No necesito correr más que el oso. Me basta con correr más que tú”.
https://en.wikipedia.org/wiki/Gene_Spafford
http://blog.jeremiahgrossman.com/
4
https://www.youtube.com/watch?v=k76qLOrna1w
“El mundo está mirando a los criptógrafos….”
5
6
• Duncan Campbell – Informe COMIT Interception Capabilities 2000 – http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+REPORT+A5-2001-0264+0+DOC+PDF+V0//EN
• Privacidad e interceptación de telecomunicaciones. Echelon, Carnivore (DCS1000), OSEMINTI, SITEL, “Frechelon”, INDECT (DPI), PRISM…
Hay cosas que sabemos que sabemos. También hay cosas desconocidas conocidas, es decir que sabemos que hay algunas cosas que no sabemos. Pero también hay cosas desconocidas que desconocemos, las que no sabemos que no sabemos.Donald Rumsfeld, 2002.
Secretario Estadounidense de Defensa
7http://www3.weforum.org/docs/Media/TheGlobalRisksReport2016.pdf
8
9
10
12
http://www.elmundo.es/tecnologia/2016/02/04/56b327c5e2704e20708b45aa.html
13
14
• Fitbit– Ejercicio y consumo de calorías
http://techcrunch.com/2011/07/03/sexual-activity-tracked-by-fitbit-shows-up-in-google-search-results/
15
16
Mateo 7:16Por sus frutos los conoceréis. ¿Acaso se recogen uvas de los espinos o higos de los abrojos?
17
18
https://prism-break.org/es/
Ataques sobre la identidad de las entidades (interceptación y suplantación).Ataques sobre la información (revelación, reenvío, manipulación y repudio de datos).Ataques sobre los servicios (negación del servicio y apropiación).
19http://securityaffairs.co/wordpress/43435/hacking/kybernetiq-magazine-cyber-jihad.html
20
“If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology”. – Bruce Schneier
Servicios de seguridad: Confidencialidad, integridad, autenticidad, no repudio, control de acceso, disponibilidad Mecanismos de seguridad Criptografía
https://www.schneier.com/
¿ ?
• Usabilidad - ¿Quién usa criptografía?• Identificación de la fuente
transmisora• Limitaciones de la criptografía -
diseño• Mundo real• Potencia de cálculo
21
22
• CRIPTOGRAFIA CLÁSICA < años 40 Siglo XX (seguridad basada en oscuridad) – principios de Kerckhoffs (1883) - Auguste Kerckhoffs La cryptographie militaire
• CRIPTOGRAFÍA MODERNA > años 40 siglo XX (teoría de la información – Shannon 1948/1949)
23
• CRIPTOGRAFIA CLÁSICA < años 40 Siglo XX (seguridad basada en oscuridad) – principios de Kerckhoffs (1883) - Auguste Kerckhoffs La cryptographie militaire
25
- Teoría de la información – Shannon (1948/1949) Difusión y confusión (formalización)- La criptografía depende de claves: eso es un problema!!!
- Secreto perfecto – OTP (One Time Pad) Criptografía de flujo (RC4, …)Proyecto VENONA - https://es.wikipedia.org/wiki/Proyecto_Venona
- Criptografía simétrica/asimétrica – bloques (bits)Cifrado polialfabético+poligrámico+modos de cifrado
¿Criptografía en tiempo real? ¿Protección de grandes volúmenes de información? ¿Validación distribuida? ¿Cloud-multiproveedor? ¿Cifrado reversible…?
30
31
- TOP 1: La gente no usa criptografía (Ransomware)- TOP 2: Criptografía mal implementada – (Principio de House)- TOP 3: “La criptografía no se ataca se esquiva…”
http://www.bankinfosecurity.com/ransomware-hits-hospitals-a-8872
32
- TOP 2: Criptografía mal implementada – (Principio de House)
http://jpinsoft.net/DeepSound/
33
- TOP 2: Criptografía mal implementada – (Principio de House)
- Moxie Marlinspike: Cuando una Autoridad Certificadora firma un certificado presta atención al campo CN (Common Name). Los estándares de certificado X.509 y SSL definen la cadena CN como una cadena PASCAL. Sin embargo, la mayoría de software de procesamiento de certificados está escrito en C - fin de cadena con NULL (\0).
El problema llega cuando alguien obtiene un certificado de la forma www.bancolegitimo.com\0www.atacante.org. Cuando se procesa por un navegador, sólo se leerá la primera parte, www.bancolegitimo.com, permitiendo falsificar fácilmente al banco. La solución más fácil a este problema es que las entidades certificadoras rechacen todos los certificados que contuvieran el carácter NULL.
¿Rompemos Internet?: BEAST (2011), CRIME (2012), BREACH (2013)…
EKOPARTY (2012): Juliano Rizzo y Thai Duong - herramienta CRIME (Compression Ratio Info-Leak Mass Explotaition)
34
- TOP 2: Criptografía mal implementada – (Principio de House)
EKOPARTY (2012): Juliano Rizzo y Thai Duong - herramienta CRIME (Compression Ratio Info-Leak Mass Explotaition)
• Inyección de código en el navegador y funcionamiento algoritmos de compresión (TLS/SSL compression) predecir información en los datos cifrados
• Idea: Construir mensajes byte a byte y analizar si el número de bytes enviado es menor o no (mejor comprensión). Si es menor, el mensaje inyectado coincidirá con otro existente. De esta forma y mediante múltiples peticiones es posible descubrir, por ejemplo, información de una cookie de sesión intercambiada a través de SSL.
• Curiosamente la utilización del algoritmo RC4 en lugar de cifrados en bloques como CBC o habilitar la compresión de datos hace factible el ataque (recuérdese que esas fueron unas de las soluciones temporales recomendadas contra BEAST).
• Condiciones: Compresión en ambos extremos, inyectar código en la víctima, acceso a tráfico
• BREACH: HTTP compression http://breachattack.com/
35
- TOP 3: “La criptografía no se ataca se esquiva…”
36
- TOP 3: “La criptografía no se ataca se esquiva…”
37
- TOP 3: “La criptografía no se ataca se esquiva…” – Ataques laterales
38
- TOP 3: “La criptografía no se ataca se esquiva…” – Acceso físico
• PC infectado – recuperar clave o intervenir en el proceso de cifrado (TrueCrack, Passware Kit Enterprise, Vfdecrypt…)
• Ataques de acceso directo a memoria (IEEE 1394 Firewire, PCI, usb…) - Tool: Elcomsoft Forensic Disk Decryptor…
• Cool boot attacksIn cryptography, a cold boot attack (or to a lesser extent, a platform reset attack) is a type of side channel attack in which an attacker with physical access to a computer is able to retrieve encryption keys from a running operating system after using a cold reboot to restart the machine. The attack relies on the data remanence property of DRAM and SRAM to retrieve memory contents which remain readable in the seconds to minutes after power has been removed. https://en.wikipedia.org/wiki/Cold_boot_attack
39
40
- ¿Criptografía simétrica o asimétrica? - ¿Qué algoritmo elegir?- Potencia de cálculo – mundo académico vs mundo real
http://www.neoteo.com/colossus-un-coloso-secreto-contra-enigma-16078
https://en.wikipedia.org/wiki/EFF_DES_cracker (1998)In 1977, Diffie and Hellman proposed a machine costing an estimated US$20 million which could find a DES key in a single day
41
CALCULO A LO BRUTO BASADO EN TOP-500:
TIANHE-2 – 33.86 PETAFLOPS/S (33.860.000.000.000.000 operaciones de coma flotante por segundo)– 300 MILLONES DE DÓLARES.
SUPONGAMOS 1 OPERACIÓN = LA EJECUCIÓN DEL ALGORITMO DE CIFRADO Y TEXTO EN CLARO/TEXTO CIFRADO.
33.860.000.000.000.000 aprox 254 ejecuciones/s
Algoritmo de Cifrado de 128 bits 2128/254 = 274 segundos 5*1014 años (más que la
edad del universo)
Tiempo Real = 300 millones de dólares * 274 >>>>> PIB USA
42
https://en.wikipedia.org/wiki/Rainbow_table
43
- ¿Qué hacemos si se introduce una clave incorrecta N veces? ¿Aplicable a la criptografía?
44
- Hablemos de la “bicha”: Computación cuántica- ¿Afecta por igual a la criptografía simétrica y asimétrica?- Edward Snowden: “far far away…”
http://www.nature.com/news/google-moves-closer-to-a-universal-quantum-computer-1.20032
http://www.cbc.ca/news/technology/d-wave-quantum-1.3525566
https://www.technologyreview.com/s/600715/nsa-says-it-must-act-now-against-the-quantum-computing-threat/
https://www.schneier.com/blog/archives/2015/08/nsa_plans_for_a.html
45
• Limitaciones de la criptografía: robustez, implementación, seguridad computacional
• Las claves son incómodas. Seguridad para todos… ¿usabilidad?• Los problemas vienen de una arquitectura no confiable• ¿Existe solución para la identificación remota “segura”?
• Infraestructura PKI ¿caducada? ¿alternativas?– Convergence - Moxie Marlinspike (notarios), …– Certificate Transparency, Certificate pinning, …
• CLOUD: Cryptography as a service, key as a service, …
– Cliente, transmisión, cloud - ¿Seguridad por oscuridad?– ¿Privacidad de los datos – clave? ¿Criptografía en tiempo real? ¿Protección de
grandes volúmenes de información? ¿Validación distribuida? ¿Cloud-multiproveedor? ¿Cifrado reversible…? ¿Claves aleatorias? ¿Qué algoritmo elegir?
Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit (Rooted CON 2011) - https://vimeo.com/27257442
46
47
- Criptografía Cuántica – Solucionar el problema de distribución de claves (*)
- Criptografía Post-Cuántica – Mejorar seguridad computacional
- Criptografía homomórfica (*) – Minimizar impacto de la gestión de claves
https://eprint.iacr.org/2015/1018.pdf
https://en.wikipedia.org/wiki/Homomorphic_encryption
48
Y… ¿Para eliminar contraseñas?
49
50
51
52
Neuroscience… for dummies
Es preciso sacudir enérgicamente el bosque de las neuronas cerebrales adormecidas; es menester
hacerlas vibrar con la emoción de lo nuevo e infundirles nobles y elevadas inquietudes
Dr. Santiago Ramón y Cajal
Reading minds (brainwaves)…
• Methods: Invasive vs Non-Invasive
• Ethical issues? Social problems? Super human?... Secret projects? Exocortex? Remote viewing?, Telepathy?, MK-ULTRA, DARPA (since 1970)…
Braingate: The Brain-Computer Interface That Let a Quadriplegic Woman Move a Cup
Search for Paradise: A Patient's Account of the Artificial Vision Experiment
Non-Invasive methods…
• EEG (electroencephalography), MEG (magnetoencephalography), fMRI (functional magnetic resonance imaging), NIRS (near infrared spectroscopy)…
• EEG is a commonly used non-invasive method
Representation over time of the voltage generated by electrodes recorded at different regions of the brain. The EEG is produced by synaptic activity of cortical neurons.
EEG: What and Where to measure?
• Delta (below 4 Hz)Deep (dreamless) sleep, loss of bodily awareness
• Theta (4-8 Hz)Reduced consciousness, deep meditation, dreams, light sleep, REM sleep
• Alpha (8-14 Hz)Physically and mentally relaxed, awake but drowsyCreativity, creative problem-solving, right-brain thinking, light meditation, relaxation, intuition, creative visualization and openness to self-programming
• Beta (14-30 Hz)Awake, normal alert consciousnessFocus/concentration, attention, alertness, analytical/logical thinking
• Gamma (30 Hz and above)Heightened perceptionEuphoria, ecstasy, …
• EEG activity is quite small, measured in microvolts (μV) with the main frequencies of interest up to approximately 30 Hz.
• ERP (event-related potential): P300, N200, N400..
“The current brain technologies are like trying to listen to a conversation in a football stadium from a blimp”
John Donoghue
An ERP is the measured brain response that is the direct result of a specific sensory, cognitive, or motor event.
EEG: What and Where to measure?
What and Where to measure?
10-20 System (Internationally recognized method)
https://en.wikipedia.org/wiki/10-20_system_%28EEG%29
BCI Devices: How to measure?• Expensive hardware $$$$ (clinical use, military, mental
surveillance …)
– BioSemi– TruScan EEG (Deymed)– Cadwell Easy II EEG PSG– EnoBIO…
• Cheap hardware $$$ (entertainment, sports, …)– NeuroSky Mindwave (from 79$)– EPOC Emotiv (from 399$)– Wearables EEG Headsets/Biofeedback (Muse, Melon, Versus…)
BCI Devices: How to measure?
• Custom & DIY
– Arduino Brain Library, EPOC Python Library, NeuroPy, EyeWire...
– OpenEEG project , OpenBCI, OpenVIBE, OpenHardwareExG, Hack a day…
– Software: NeuroServer, BioEra, BrainBay, Brainathlon, BioExplorer, Neuroph, EEGlab…
A 15-Year-Old Builds a Mind-Controlled Robotic Arm
(Arduino prosthesis)
My low-cost device (BCI): Neurosky Mindwave…
Demo – Brain Visualizer
http://developer.neurosky.com/https://github.com
Some code …
import neurosky.*;//…
public void setup() {ThinkGearSocket neuroSocket = new ThinkGearSocket(this);
try { neuroSocket.start();} catch (ConnectException e) {e.printStackTrace();}}
public void stop() { neuroSocket.stop(); }
public void blinkEvent (int blinkStrength) {}public void attentionEvent (int attentionLevel) {}public void meditationEvent (int meditationLevel){}public void poorSignalEvent (int signal){} // 200 - ThinkGear electrodes aren't contacting a person's skin.
public void eegEvent (int delta,int theta, int lowAlpha, int highAlpha, int lowBeta, int highBeta, int lowGamma, int highGamma){}
public void rawEvent (int []values){} //
http://developer.neurosky.com/docs/doku.php?id=thinkgear_communications_protocol
Playing… (demo time)
http://store.neurosky.com/products/the-adventures-of-neuroboy-bci-technology-demo
In the real life…
• Clinical Uses (e.g., diseases)• Entertainment, sports, and wearables• Military• Mental surveillance (national security, law enforcement,…)• B2B – brain to brain Interface• Neurofeedback and art• Neuromarketing• NeuroWare / emotion recognition• EEG dating• “Control things or people*”• Computer security?• Accelerated and augmented learning
In the real life (more examples)…
In the real life (more examples)…
http://www.sciencedirect.com/science/article/pii/S0165027014002702
Restore neural and behavioral function: Revolutionitizing prosthetics, reorganization and plasticity to accelerate injury recovery, Co-adaptive BCI for restoration of sensorimotor function, restorative Encoding memory integration neural device, reliable neural interface technology…
Improve human training and performance: Accelerated learning, narrative networks, neurotechnology for intelligence analysts, Cognitive technology threat warning system, low-cost EEG technologies…
Security in EEG (Electroencephalography)…• Acquisition, storage, processing and transmission
– (In)security in EEG (Electroencephalography) Technologies – Defcon23 (2015) Alejandro Hernández (@nitr0usmx) IOActive. https://goo.gl/r5PVLA
– No encryption/no authentication, replay attacks, MiTM, DoS, storage and formats (brainwaves are data), jamming (Wi-FI, bluetooth, …), EEG equipment (Shodan)…
– Unauthorized person could read someone’s brain activity or impersonate someone’s waves…
• What about cryptography with brainwaves?
– Authentication, ciphering, password and PIN generation (thinking), random numbers…
– Cryptographic primitives…– Authentication y authorization
PART I - Authentication based on mind?
Authentication based on mind?
• Passwords (problems): To create, memorize, store and distribute
• Passwords: 30+ years killing them... (lost battlefield?)
– Improving passwords: when my password is used, avoiding brute force attacks (delays, temporary lockout, salts, PBKDF2, Argon2, key stretching, graphical passwords…).
– Public cryptography? Quantum cryptography?– Multifactor authentication (human-friendly technology?)
• Rubber-Hose / Black-bag cryptanalysis- Using torture or coercion to extract the password (by force or by law)- Stealing the password (keystroke logging, malware, side-channels…)
Advantages (BCI devices) for authentication
• Mental tasks - authentication- Resilient to shoulder-surfing attacks & dictionary attacks. E.g., pass-thoughts- Mental tasks do not need to be secret* (can be written down on paper)- They can be changed if they are compromised (other biometric solutions can’t)- EEG can be recorded continuously, allowing for continuous authentication*- Can be used to determine life – only live people have EEG activity*.
• Two-factor authentication (2FA)- An inherence factor (brain) and a knowledge factor (a chosen passthought).
• Key generation or authentication*: Plausible deniability | deniable encryption- EEG signals can be easily affected and governed by the user, but they cannot be easily reproduced under conditions of stress, anxiety, drowsiness, effects of alcohol or drugs…
• Brainprint: A unique pattern for every human*
In theory…
Authentication methods using the mind…
• Signal acquistion: multi-channel vs. single-channel EEG• Mental tasks (conscious vs unconscious) brainwaves feature extraction• Feature extraction: Discrete Fourier Transform, Wavelet Packet
Decomposition, Power Spectral Density, AR model, Shannon Entropy…• Classification: QDA, LDA, NN, SVM, KNN, …
EEG Recordings
• Mental tasks are useful for authentication, identification, generating keys, …
• EEG recording while:
– Relaxed with eyes closed– Exposed to visual/audio stimuli
• Text, 3D objects, …• Visual Evoked Potential (VEP) …• P300 event-related potential (ERP), ..
– Performing mental tasks• Breathing task• Simulated Finger Movement• Sports task • Object counting task• Pass-thought
Authentication methods using the mind…
• Researched “only” with multi-channel EEG (cost/Usability*)• Demystifying: Resistance to dictionary attacks? Replay?
Problems - Authentication methods using the mind…
• Brainwaves: alpha, P300, beta, gamma, …• Login/enrollment process Training and time?• Validation: Few subjects (a few dozens)
• Accuracy: 60 to 100%• Stability Time effect on mental authentication task?• Reproducibility Emotions? Plausible deniability?• Subject database*: Publicly available databases?
NeuroSky: Authentication with BCI (low-cost)
• Single-channel EEG authentication (NeuroSky Mindwave) can be just as accurate as multi-channel EEG authentication.
• Usability: Different categories of mental tasks score very differently in terms of user-perceived difficulty and enjoyability.
• Single-channel EEG signals do exhibit patterns that are subject-specific (mental tasks collected over different experimental sessions on different days).
Authentication with BCI (low-cost)Details: I Think, Therefore I Am: Usability and Security of Authentication Using Brainwaves – John Chuang et al.
• Study with 15 subjects, 40-50 minute sessions on separate days, two session/subject.
• Mental-tasks repeated 5 times en each session / each subject– Breathing Task (breathing) – Subjects close their eyes and focus on their breathing for 10
seconds– Simulated Finger Movement (finger) – Subjects imagine in their mind that they are
moving their right index finger up and down in sync with breathing, without actually moving their finger, for 10 seconds
– Sports task (sport) – Subjects select a specific repetitive motion from a sport of their choosing. They then imagine moving their body muscles to perform the motion, for 10 seconds
– Song/Passage Recitation Task (song) – Subjects imagine that they are singing a song or reciting a passage for 10 seconds without making any noise
– Eye and Audio Tone Task (audio) – Subjects close their eye and listen an audio tone for 5 seconds, after open their eyes and stare at dot on a piece of paper for 5 seconds
– Object counting task (color) – Subjects count boxes (in images) corresponding to their choose color for 30 seconds (each image for 5 seconds, 6 times)
– Pass-Thought Task (pass) – Subjects focus on their pass-thoughts for 10 seconds
Authentication with BCI (low-cost)Details: I Think, Therefore I Am: Usability and Security of Authentication Using Brainwaves – John Chuang et al.
• Data corresponding to the alpha (8-12 Hz) and the beta wave (12-30 Hz)• Raw events for each frequency component to compute the median
magnitude corresponding to that frequency (over all time) one-dimensional column vector with one entry for each measured frequency
• Authentication system Similarity amongs signals (vectors)– Similarity gives a value between 0 and 1, where a similarity of 1 would indicate a perfect
match– Self-similarity: The similarity of signals within a single subject– Cross-similarity: The similarity of signals between different subjects– Authentication protocol: Fixed mental-task and a threshold T for each subject– Similarity: Random 5 samples/user (stored) vs. sample from input
Authentication with BCI (low-cost)Details: I Think, Therefore I Am: Usability and Security of Authentication Using Brainwaves – John Chuang et al.
• Results
1.1%
• Limitations and future workVery promising, but we need more resultsSet of subjects reduced (15 subjects) main problemEnrollment process around 45 minutesAuthentication from 5 to 30 secondsUsability and accuracy of authentication: Choose and repeat a mental task
• Repeat: color, breathing, song, audio, pass, sport, finger• Difficult: pass, sport, song, finger, audio, breathing, color
Usability- Authentication with BCI (low-cost)Details: I Think, Therefore I Am: Usability and Security of Authentication Using Brainwaves – John Chuang et al.
Epoc - Emotiv: Authentication with BCI (low-cost)
EEG Recordings
85
http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=7435286&url=http%3A%2F%2Fieeexplore.ieee.org%2Fiel7%2F10206%2F4358835%2F07435286.pdf%3Farnumber%3D7435286
Unconscious authentication: Implicit learning…
• Defense against coercion attacks using the concept of implicit learning from cognitive psychology (2012).
• Implicit learning as a cryptographic primitive
https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final25.pdf
My crazy idea: Brain to Machine covert channel? Plausible deniability?
Details: Neuroscience Meets Cryptography: Designing Crypto Primitives Secure Against Rubber Hose Attacks – Hristo Bojinov et al.
Unconscious authentication: Implicit learning…
The problem of stability…
• Stability & reproducibility: Long-term stability of human brain activities?…• Affected by “emotions” (stress, calm, excited, …)? EEG-based emotion recognition:
accuracy is improved by stressed emotion while it is degraded by the excited emotions • How much time do I need to repeat the enrollment process or to re-cipher information?• Low-cost BCIs are not useful for real applications?
May 2014
PART II – Generating keys with the mind…
• Is it possible to create cryptographic keys? To encrypt information (P300, gamma,…)*?
• A lot of research on how to encrypt EEG signals with “standard“ cryptographic algorithms (e.g., LSFR, chaos based cryptosystems, …)
• Few researches?*
Generating keys with the mind…
• 10 subjects (61 wet electrodes) 82.05 to 100% (TP) 27.22% (TN)• Gamma band frequencies – repeatable and unique encryption key? Time? • Stimulus: Snodgrass and Vanderwart pictures (how?)
Details: Data encryption using event-related brain signals. Ravi et al.
“These pictures are common black and white line drawings like an airplane, a banana, a ball, etc. executed according to a set of rules that provide consistency of pictorial representation. The pictures have been standardized on variables of central relevance to memory and cognitive processing…”
Current problems: Reproducibility and stability (solutions?)
Generating keys with the mind…Idea: Authentication & Encryption
P300-pattern
“Stored key”
Error-tolerant encryptionCryptographic hash…
Authentication OK
Cryptographic Key
Plain text
Ciphertext
PART III. Generating “random” numbers (low-cost)…
• Previous work: PRNG based on new HCI devices entropy sources: Wii remote study case (ACM paper - 2009)...
• PoC - RNG with brainwaves... (NeuroSky - demo time) https://www.random.org https://www.brainrandom.org
Useful for cryptography?
• Are they “pure”? Do they have cryptographic utility? Quality depends on the device/brain activity…?
• Statistical attacks & NIST 800-22 A Statistical test suite for Random and Pseudorandom Number Generators for Cryptographic Applications
Brainwaves samples – NeuroSky Mindwave
“Filtered” brainwaves …
Raw data - brainwaves (512Hz)
Brainwaves samples “without” brain…
Raw data: “Random” numbers without brain…
Statistical attacks & NIST 800-22
• Some Statistical test: frequency, block frequency, cumulative sums, runs, longest run of ones, rank, discrete Fourier transform, nonperiodic template matchings, entropy, serial, linear complexity,…
A Statistical test suite for Random and Pseudorandom Number Generators for Cryptographic Applications
• Brain vs Brain: (Filtered¬) Brainwaves & Raw data (delta, beta, theta, low-high alpha, low-high gamma)
• Using the “brain” as an entropy source*…
“Random” numbers with multi-channel devices?…
“Random” numbers with multi-channel devices?…
Mental surveillance & brain-malware…
https://keysduplicated.com/~ali/helmet/
Mental surveillance & brain-malware…
• Privacy for thoughts!!!
• Mental Surveillance & brain fingerprinting
– Brain fingerprinting is a forensic science technique that uses electroencephalography (EEG) to determine whether specific information is stored in a subject's brain.
It consists of measuring and recording a subject's electrical brainwaves and brain response known as P300-MERMER (Memory and Encoding Related Multifaceted Electroencephalographic Response) after the subject is exposed to words, phrases, or pictures on a computer screen.
• Law Enforcement, Counter-terrorism, National Security…• http://brainwavescience.com
“Far more accurate than a polygraph… It is highly accurate over 99.9%... It can be applied over 85-90% civil and criminal cases…
Mental surveillance & brain-malware…
http://www.theverge.com/2015/2/2/7951549/brain-fingerprinting-technology-unproven-courtroom-science-farwell-p300
http://www.au.af.mil/au/awc/awcgate/gao/d0222.pdf
Brain hacking & mental surveillance
• Are you sure that Rubber-Hose/Black-bag cryptanalysis are not posible with BCI?
• Few researches* (attacks), but very promising…
Details: On the feasibility of side-channel attacks with brain-computer interfaces. Ivan Martinovic et al.
Brain hacking & Mental Surveillance
Details: On the feasibility of side-channel attacks with brain-computer interfaces. Ivan Martinovic et al.
Brain hacking & Mental Surveillance
Details: On the feasibility of side-channel attacks with brain-computer interfaces. Ivan Martinovic et al.
Brain hacking & Mental Surveillance
Results: 20 to 60%
Mental Surveillance & brain-malware…
Details: Subliminal Probing for private information via EEG-based bci devices. Mario Frank et al.
Brain hacking & Mental Surveillance
Accuracy in predicting (results): 66% to 90% (agnostic attack vs. targeted attack)
Conclusions
• BCI technologies (low-cost EEG) are the present• BCI impact is real in common applications (E.g., B2B, B2M)
Conclusions
• We need security in “mind”…• Demystified - Cryptography with “the mind”
– Authentication: In progress… (slowly?).– Problems: Usability, repeatability & stability– Groups reduced military, labs?– Cryptography: Not mature (publicly)– RNG/PRNG: not interesting enough?– FinTech?
• Privacy (real problem)– Mental surveillance & side-channel attacks (BCI-Brain)– IDS-firewall for the brain?– Attacks always get better; they never get worse. (NSA)
115
http://eu.foc.us/
Electrical brain stimulation… (to be continued)
More references…• Pass-thoughts: Authentication with our Minds (2005). Julie Thorpe et al.• Chapter 1. Brain-Computer Interfaces and Human-Computer Interaction. Desney
Tan and Anton Nijholt• My Thoughts Are Not Your Thoughts. Benjamin Johnson et al.• People Identification with RMS-Based Spatial Pattern of EEG Signal (2012).
Salahiddin Altahat et al.• Human identification with Electroencephalogram (EEG) for the Future Network
Security (2013). Xu Huang et al.• C# Based EEG Encryption System Using Chaos Algorithm. Chin-Feng Lin et al.• Using Shannon Entropy as EEG Signal Feature for Fast Person Identification. Dinh
Phung et al (2014)• Finding My Mu waves -
http://eeghacker.blogspot.com.es/2013/10/finding-my-mu-waves.html• NeuroPass: A secure neural password based on EEG. Abhejit et al• Using brain waves as new biometric feature for authenticating a computer user in
real time – Kusuma et al.• Authentication Systems: Principles and Threats. Sarah N. Abdulkader et al.• Non invasive Brain-Machine Interfaces (ESA). Carlo Menon et al• Guessing What’s on Your Mind: Using the N400 in Brain Computer Interfaces.
Marijn van Vlie et al …
117
Bibliografía recomendada
http://tinyurl.com/3jkxg47
118
Bibliografía recomendada
CURSO DE VERANO CIGTR 2016: Cybersecurity & FinTech
Dr. Alfonso Muñoz – Senior Cybersecurity ExpertTwitter: @mindcrypt Email: [email protected]| [email protected]
Linkedin: https://es.linkedin.com/in/alfonso-muñoz-phd-1984141b