Transcript slides
Mimesis Aegis: A Mimicry Privacy Shield
A System's Approach to Data Privacy on Public Cloud
Billy Lau, Simon Chung, Chengyu Song, Yeongjin Jang,
Wenke Lee, and Alexandra Boldyreva
USENIX 14
Presenter: Shasha Wen
Some figures are from the author's slides
Outline
Motivation
Related work
M-Aegis
System design
implementation
Evaluation
Limitation
Conclusion
Motivation
Public cloud services(PCS)
Trust server to secure our data
Conflict of interest for data privacy between users
and PCS providers
Text communication service
Smart phone
Change the status
End to end encryption
Hard in practical
Good solution
Users' ease-of-use
Developers' effort to maintain support
Feasibility and deployability of solution on a mobile
system
Design goals
1
For a solution to be secure,
it must be properly isolated from untrusted entities
2
For a solution to be adoptable,
it must preserve the user experience
3
For a solution to be sustainable,
it must be easy to maintain and scalable
Outline
Motivation
Related work
M-Aegis
System design
implementation
Evaluation
Limitation
Conclusion
Related work
Standalone solutions
Protect data confidentiality
Good isolation from untrusted entities
e.g. Gibberbot, TextSecure, SafeSlinger......
Problem
Not preserve user experience
1
Related work
Browser Plugin/Extension Solutions
e.g. Cryptocat, Scramble, NOYB......
Provides transparent integration
Problem
2
Not applicable to mobile platform
App repackaging/Rewriting solution
e.g. Aurasium, Dr. Android......
Problem
Breaks app updates
Isolation model is unclear
2
Outline
Motivation
Related work
M-Aegis
System design
Implementation
Evaluation
Limitation
Conclusion
Mimesis Aegis
Apply end-to-end encryption while preserving
user experience
2
Mimicking GUIs of app of interest
Interacting with app on behalf of user
1
Good isolation model
Generalizable across different apps
Resilient to app updates
3
Mimesis Aegis
M-Aegis
In-scope
Untrusted parties
Public cloud service providers
Client side apps
Middle boxes between a PCS and client side app
Trusted components
System Design-Threat Model
Hardware, OS, keyboard, M-Aegis components, the user
Out of scope
availability(denial-of-service)
Attacks against our TCB
M-Aegis
System Design-Architecture
Layer 7.5
User interface automation/accessibility(UIA)
Secure
No developer attention
Users' sense
M-Aegis
System Design-Architecture
Layer 7.5
Interactions without data confidentiality
Interactions with data confidentiality
click-through
Place opaque GUIs in different color
Interactions with control GUIs
Semi-transparent mimic GUIs
M-Aegis
UI Automation Manager(UIAM)
Give M-Aegis the context of the screen
System Design-Architecture
TCA, GUI tree, content of the GUI
Provide information to correctly render GUIs
Per-Target Client App(TCA) Logic
Handle direct user input
Decides suitable actions
Pass or encode
Encryption and encoding scheme
M-Aegis
System Design-Architecture
Cryptographic Module
Key manager
Per TCA
Password based(default) to more sophisticated one
Searchable Encryption Scheme
Easily-deployable efficiently-searchable symmetric
encryption(EDESE)
Searchable Encryption Scheme
Normal encryption
“ab”, ”abc”
Bellare et al[1]
keywords
HMACs of unique keywords
Add dummy keywords
Bloom filter(BF)
Efficient set-inclusion tests
Encodes the positions of on-bits in a BF
[1] BELLARE, M., BOLDYREVA, A., AND O’NEILL, A. Determin- istic and efficiently searchable encryption. In
CRYPTO (2007), A. Menezes, Ed., vol. 4622 of Lecture Notes in Computer Sci- ence, Springer, pp. 535–552.
Searchable Encryption Scheme
Bloom filter(BF)
Keyword:128bit
BF: 224
k: 10
From http://en.wikipedia.org/wiki/Bloom_filter
M-Aegis
User
System Design- User Workflow
L7.5
launch the Gmail
Per-TCA logic
initialize
composing
Mimic GUI
Detect state
send
Mimic GUI
Get content;
Get the key;
encode
UIAM
App
detect
Send to app;
Click “send”
UI
M-Aegis
UIAM based on UIA libraries
Implementation
Monitor events
WINDOW_CONTEST_CHANGED
WINDOW_STATE_CHANGED
VIEW_SCROLLED
Query for UI node
Resource ID ← UI Automator Viewer
performAction()
Layer 7.5 always-on-top
Creation of various system windows
TYPE_SYSTEM_OVERLAY
TYPE_SYSTEM_ERROR
M-Aegis
Implementation
Per-TCA Logic
Identify signatures for each TCA state
Event handler
Type of input data
Encrypt data into CJK unicode
Cryptographic Schemes
AES-GCM-256
PBKDF2 & SHA-1 as HMAC
Outline
Motivation
Related work
M-Aegis
System design
Implementation
Evaluation
Limitation
Conclusion
M-Aegis
Experimental Setup:
Stock Android phone(LG Nexus 4)
Evaluations-Performance
Android 4.4.2(Kit Kat, API level 19)
Repeat 10 times and take average
Preview Encrypted Email
76 ms to render plaintext on L-7.5
Well with expected response time(50-150ms)
Composing and Sending Encrypted Email
With longest email:
953 words, of which 362 are unique
205 ms to encrypt, build the search index, and encode
M-Aegis
Evaluations-User Study
Users: college students
Tasks: previewing, reading, composing, sending and searching
Difference and experience
Report from 15 participants
No one notice major difference
One: L-7.5 didn't catch up smoothly when scrolled
One: L-7.5 lag when reading emails
All would use M-Aegis to protect the privacy of their data
Outline
Motivation
Related work
M-Aegis
System design
Implementation
Evaluation
Limitation
Conclusion
Limitation
Data format
text(Unicode-compatible)
Not support other types(e.g. Image, audio, video)
Unavailability of transformation functions
Other process steps, like compression
Typographical error during search
Rare happen
Encryption schemes that tolerate typographical error search without
server modification
Outline
Motivation
Related work
M-Aegis
System design
Implementation
Evaluation
Limitation
Conclusion
Conclusion
Users can control private data using Mimesis Aegis
Layer 7.5
Strong isolation
Preserve original user experience
Scalar to more apps and resilient to app updates
Prototype on Android
Minimal overhead
User study shows acceptable
Questions?