Transcript slides
Mimesis Aegis: A Mimicry Privacy Shield A System's Approach to Data Privacy on Public Cloud Billy Lau, Simon Chung, Chengyu Song, Yeongjin Jang, Wenke Lee, and Alexandra Boldyreva USENIX 14 Presenter: Shasha Wen Some figures are from the author's slides Outline Motivation Related work M-Aegis System design implementation Evaluation Limitation Conclusion Motivation Public cloud services(PCS) Trust server to secure our data Conflict of interest for data privacy between users and PCS providers Text communication service Smart phone Change the status End to end encryption Hard in practical Good solution Users' ease-of-use Developers' effort to maintain support Feasibility and deployability of solution on a mobile system Design goals 1 For a solution to be secure, it must be properly isolated from untrusted entities 2 For a solution to be adoptable, it must preserve the user experience 3 For a solution to be sustainable, it must be easy to maintain and scalable Outline Motivation Related work M-Aegis System design implementation Evaluation Limitation Conclusion Related work Standalone solutions Protect data confidentiality Good isolation from untrusted entities e.g. Gibberbot, TextSecure, SafeSlinger...... Problem Not preserve user experience 1 Related work Browser Plugin/Extension Solutions e.g. Cryptocat, Scramble, NOYB...... Provides transparent integration Problem 2 Not applicable to mobile platform App repackaging/Rewriting solution e.g. Aurasium, Dr. Android...... Problem Breaks app updates Isolation model is unclear 2 Outline Motivation Related work M-Aegis System design Implementation Evaluation Limitation Conclusion Mimesis Aegis Apply end-to-end encryption while preserving user experience 2 Mimicking GUIs of app of interest Interacting with app on behalf of user 1 Good isolation model Generalizable across different apps Resilient to app updates 3 Mimesis Aegis M-Aegis In-scope Untrusted parties Public cloud service providers Client side apps Middle boxes between a PCS and client side app Trusted components System Design-Threat Model Hardware, OS, keyboard, M-Aegis components, the user Out of scope availability(denial-of-service) Attacks against our TCB M-Aegis System Design-Architecture Layer 7.5 User interface automation/accessibility(UIA) Secure No developer attention Users' sense M-Aegis System Design-Architecture Layer 7.5 Interactions without data confidentiality Interactions with data confidentiality click-through Place opaque GUIs in different color Interactions with control GUIs Semi-transparent mimic GUIs M-Aegis UI Automation Manager(UIAM) Give M-Aegis the context of the screen System Design-Architecture TCA, GUI tree, content of the GUI Provide information to correctly render GUIs Per-Target Client App(TCA) Logic Handle direct user input Decides suitable actions Pass or encode Encryption and encoding scheme M-Aegis System Design-Architecture Cryptographic Module Key manager Per TCA Password based(default) to more sophisticated one Searchable Encryption Scheme Easily-deployable efficiently-searchable symmetric encryption(EDESE) Searchable Encryption Scheme Normal encryption “ab”, ”abc” Bellare et al[1] keywords HMACs of unique keywords Add dummy keywords Bloom filter(BF) Efficient set-inclusion tests Encodes the positions of on-bits in a BF [1] BELLARE, M., BOLDYREVA, A., AND O’NEILL, A. Determin- istic and efficiently searchable encryption. In CRYPTO (2007), A. Menezes, Ed., vol. 4622 of Lecture Notes in Computer Sci- ence, Springer, pp. 535–552. Searchable Encryption Scheme Bloom filter(BF) Keyword:128bit BF: 224 k: 10 From http://en.wikipedia.org/wiki/Bloom_filter M-Aegis User System Design- User Workflow L7.5 launch the Gmail Per-TCA logic initialize composing Mimic GUI Detect state send Mimic GUI Get content; Get the key; encode UIAM App detect Send to app; Click “send” UI M-Aegis UIAM based on UIA libraries Implementation Monitor events WINDOW_CONTEST_CHANGED WINDOW_STATE_CHANGED VIEW_SCROLLED Query for UI node Resource ID ← UI Automator Viewer performAction() Layer 7.5 always-on-top Creation of various system windows TYPE_SYSTEM_OVERLAY TYPE_SYSTEM_ERROR M-Aegis Implementation Per-TCA Logic Identify signatures for each TCA state Event handler Type of input data Encrypt data into CJK unicode Cryptographic Schemes AES-GCM-256 PBKDF2 & SHA-1 as HMAC Outline Motivation Related work M-Aegis System design Implementation Evaluation Limitation Conclusion M-Aegis Experimental Setup: Stock Android phone(LG Nexus 4) Evaluations-Performance Android 4.4.2(Kit Kat, API level 19) Repeat 10 times and take average Preview Encrypted Email 76 ms to render plaintext on L-7.5 Well with expected response time(50-150ms) Composing and Sending Encrypted Email With longest email: 953 words, of which 362 are unique 205 ms to encrypt, build the search index, and encode M-Aegis Evaluations-User Study Users: college students Tasks: previewing, reading, composing, sending and searching Difference and experience Report from 15 participants No one notice major difference One: L-7.5 didn't catch up smoothly when scrolled One: L-7.5 lag when reading emails All would use M-Aegis to protect the privacy of their data Outline Motivation Related work M-Aegis System design Implementation Evaluation Limitation Conclusion Limitation Data format text(Unicode-compatible) Not support other types(e.g. Image, audio, video) Unavailability of transformation functions Other process steps, like compression Typographical error during search Rare happen Encryption schemes that tolerate typographical error search without server modification Outline Motivation Related work M-Aegis System design Implementation Evaluation Limitation Conclusion Conclusion Users can control private data using Mimesis Aegis Layer 7.5 Strong isolation Preserve original user experience Scalar to more apps and resilient to app updates Prototype on Android Minimal overhead User study shows acceptable Questions?