Scott Jordan, Yoshimichi Nakatsuka, Ercan Ozturk, Andrew Paverd, Gene Tsudik
To appear at NDSS 2023
Data regulation laws such as GDPR and CCPA provide consumers (or data subjects) with rights to request data operations such as access, modification, or deletion of their collected data. Authenticating consumers is crucial when conducting this operation, as such data can be privacy-sensitive. This is straight forward for consumers with accounts, as they simply provide authenticate by logging into their account. Such data regulation laws also require the same right to be provided to accountless consumers. However, authenticating such consumers have been adhoc, insecure, and privacy-invasive.
In this work, we present VICEROY, a first-of-its-kind protocol that allows accountless consumers to authenticate themselves securely, privately, and in scale.
We prove the security of VICEROY via Tamarin prover and its scalability through extensive evaluation.
Paper Link: NDSS Website, arXiv
Presentation: NDSS Website
Source Code: Github
Yuxin (Myles) Liu, Yoshimichi Nakatsuka, Ardalan Amiri Sani, Sharad Agarwal, Gene Tsudik
ACM MobiSys 2022
Videos have always been used in security-critical applications where videos are used as evidence or the videos themselves are sensitive.
This was due to the fact that faking them was generally believed to be nearly impossible.
However, there is a increasingly concerning trend of fraudulent videos, the so-called deepfakes.
In this work we propose a novel system that generates a fine-grained, cryptographically verifiable provenance information of the videos without compromising performance.
We utilize TEEs on both the device that takes the videos and the servers that processes the video.
Our extensive measurements show that our proof-of-concept implementation outperforms the state-of-the-art system and is comparable with modern video hosting websites that do not provide such provenance info.
Source Code: Github
Yoshimichi Nakatsuka, Ercan Ozturk, Andrew Paverd, and Gene Tsudik
Usenix Security, 2021
Preventing abuse of web services is becoming increasingly important, as bot activities are becoming wide spread. CAPTCHAs are commonly used to thwart bot abuse, by distinguishing bots from real human users. However, CAPTCHAs are well known to be frustrating for humans, as it takes time to solve. Moreover, the rise of machine learning based image recognition technology as well as CAPTCHA farms decrease the effectiveness of CAPTCHAs. In addition, privacy concerns related to more modern CAPTCHAs (e.g., behavior-based CAPTCHAs) is starting to attract public attention.
In this work, we propose a novel system that utilizes client-side TEEs to solve the aforementioned issues. Our system, CACTI, allows users (bot or human) to cryptographically prove how many times they have conducted an action in a given timeframe (“rate”). Based on this “rate-proof”, the server can allow the user to skip solving CAPTCHAs entirely.
Our measurements show that the end-to-end latency of CACTI is about 0.25 seconds and the overall bandwidth used is 98% smaller compared to conventional CAPTCHAs. Additionally, the use of group signature schemes prevents servers to track users based on the proofs.
Yoshimichi Nakatsuka, Andrew Paverd, Gene Tsudik
Annual Computer Security Applications Conference (ACSAC), 2019
DNS-over-TLS was introduced to improve user privacy, as DNS packets are currently sent over the Internet in plaintext. However, DNS-over-TLS still suffers from privacy issues from malicious recursive resolvers and also usability issues. PDoT is a novel recursive resolver architecture that aims to overcome both of these issues using Trusted Execution Environments (TEEs).
Yoshimichi Nakatsuka, Janaka L. Wijekoon and Hiroaki Nishi
IEEE Symposium on Computers and Communications (ISCC), 2018
Named Data Networking (NDN) is one of the emerging future Internet architecture that aims to put content in the center of the communication. Similar to the current Internet, NDN also suffers from DDoS attacks. FROG aims to detect and mitigate DDoS attacks in NDN using a novel method that utilizes packet hop counts.
- Paper: Link