Transcript slides

Mimesis Aegis: A Mimicry Privacy Shield
A System's Approach to Data Privacy on Public Cloud
Billy Lau, Simon Chung, Chengyu Song, Yeongjin Jang,
Wenke Lee, and Alexandra Boldyreva
USENIX 14
Presenter: Shasha Wen
Some figures are from the author's slides
Outline

Motivation

Related work

M-Aegis

System design

implementation

Evaluation

Limitation

Conclusion
Motivation

Public cloud services(PCS)

Trust server to secure our data

Conflict of interest for data privacy between users
and PCS providers

Text communication service

Smart phone
Change the status

End to end encryption


Hard in practical
Good solution

Users' ease-of-use

Developers' effort to maintain support

Feasibility and deployability of solution on a mobile
system
Design goals
1
For a solution to be secure,
it must be properly isolated from untrusted entities
2
For a solution to be adoptable,
it must preserve the user experience
3
For a solution to be sustainable,
it must be easy to maintain and scalable
Outline

Motivation

Related work

M-Aegis

System design

implementation

Evaluation

Limitation

Conclusion
Related work

Standalone solutions

Protect data confidentiality

Good isolation from untrusted entities

e.g. Gibberbot, TextSecure, SafeSlinger......

Problem

Not preserve user experience
1
Related work

Browser Plugin/Extension Solutions

e.g. Cryptocat, Scramble, NOYB......

Provides transparent integration

Problem


2
Not applicable to mobile platform
App repackaging/Rewriting solution

e.g. Aurasium, Dr. Android......

Problem


Breaks app updates
Isolation model is unclear
2
Outline

Motivation

Related work

M-Aegis

System design

Implementation

Evaluation

Limitation

Conclusion
Mimesis Aegis

Apply end-to-end encryption while preserving
user experience
2

Mimicking GUIs of app of interest

Interacting with app on behalf of user
1

Good isolation model

Generalizable across different apps

Resilient to app updates
3
Mimesis Aegis
M-Aegis

In-scope


Untrusted parties

Public cloud service providers

Client side apps

Middle boxes between a PCS and client side app
Trusted components


System Design-Threat Model
Hardware, OS, keyboard, M-Aegis components, the user
Out of scope

availability(denial-of-service)

Attacks against our TCB
M-Aegis

System Design-Architecture
Layer 7.5

User interface automation/accessibility(UIA)

Secure

No developer attention

Users' sense
M-Aegis

System Design-Architecture
Layer 7.5

Interactions without data confidentiality


Interactions with data confidentiality


click-through
Place opaque GUIs in different color
Interactions with control GUIs

Semi-transparent mimic GUIs
M-Aegis

UI Automation Manager(UIAM)

Give M-Aegis the context of the screen



System Design-Architecture
TCA, GUI tree, content of the GUI
Provide information to correctly render GUIs
Per-Target Client App(TCA) Logic

Handle direct user input

Decides suitable actions

Pass or encode

Encryption and encoding scheme
M-Aegis

System Design-Architecture
Cryptographic Module


Key manager

Per TCA

Password based(default) to more sophisticated one
Searchable Encryption Scheme

Easily-deployable efficiently-searchable symmetric
encryption(EDESE)
Searchable Encryption Scheme

Normal encryption


“ab”, ”abc”
Bellare et al[1]


keywords

HMACs of unique keywords

Add dummy keywords
Bloom filter(BF)

Efficient set-inclusion tests

Encodes the positions of on-bits in a BF
[1] BELLARE, M., BOLDYREVA, A., AND O’NEILL, A. Determin- istic and efficiently searchable encryption. In
CRYPTO (2007), A. Menezes, Ed., vol. 4622 of Lecture Notes in Computer Sci- ence, Springer, pp. 535–552.
Searchable Encryption Scheme

Bloom filter(BF)



Keyword:128bit
BF: 224
k: 10
From http://en.wikipedia.org/wiki/Bloom_filter
M-Aegis
User
System Design- User Workflow
L7.5
launch the Gmail
Per-TCA logic
initialize
composing
Mimic GUI
Detect state
send
Mimic GUI
Get content;
Get the key;
encode
UIAM
App
detect
Send to app;
Click “send”
UI
M-Aegis

UIAM based on UIA libraries



Implementation
Monitor events

WINDOW_CONTEST_CHANGED

WINDOW_STATE_CHANGED

VIEW_SCROLLED
Query for UI node

Resource ID ← UI Automator Viewer

performAction()
Layer 7.5 always-on-top

Creation of various system windows

TYPE_SYSTEM_OVERLAY

TYPE_SYSTEM_ERROR
M-Aegis


Implementation
Per-TCA Logic

Identify signatures for each TCA state

Event handler

Type of input data

Encrypt data into CJK unicode
Cryptographic Schemes

AES-GCM-256

PBKDF2 & SHA-1 as HMAC
Outline

Motivation

Related work

M-Aegis

System design

Implementation

Evaluation

Limitation

Conclusion
M-Aegis

Experimental Setup:

Stock Android phone(LG Nexus 4)




Evaluations-Performance
Android 4.4.2(Kit Kat, API level 19)
Repeat 10 times and take average
Preview Encrypted Email

76 ms to render plaintext on L-7.5

Well with expected response time(50-150ms)
Composing and Sending Encrypted Email

With longest email:

953 words, of which 362 are unique

205 ms to encrypt, build the search index, and encode
M-Aegis


Evaluations-User Study
Users: college students

Tasks: previewing, reading, composing, sending and searching

Difference and experience
Report from 15 participants


No one notice major difference

One: L-7.5 didn't catch up smoothly when scrolled

One: L-7.5 lag when reading emails
All would use M-Aegis to protect the privacy of their data
Outline

Motivation

Related work

M-Aegis

System design

Implementation

Evaluation

Limitation

Conclusion
Limitation


Data format

text(Unicode-compatible)

Not support other types(e.g. Image, audio, video)

Unavailability of transformation functions

Other process steps, like compression
Typographical error during search

Rare happen

Encryption schemes that tolerate typographical error search without
server modification
Outline

Motivation

Related work

M-Aegis

System design

Implementation

Evaluation

Limitation

Conclusion
Conclusion

Users can control private data using Mimesis Aegis


Layer 7.5

Strong isolation

Preserve original user experience

Scalar to more apps and resilient to app updates
Prototype on Android

Minimal overhead

User study shows acceptable
Questions?