New machine identity for compromised credentials in machine-to-machine (M2M) communication

Thesis

Machine-to-machine communication (M2M) refers to the communication between machines without the active intervention of human users. As the credentials of a machine that form the machine’s identity are made up of secret information, this brings detrimental effects to the security of M2M communication if the secrecy of the machine credentials is compromised by an adversary. This thesis strengthens the security of M2M communication protocols to address the problems of credential compromise in three different applications of M2M communication: remote access applications using the Secure Shell (SSH) protocol, automated development workflows within internal organisational networks, and end-to-end encrypted instant messaging applications using the Signal protocol.

We improve the SSH protocol to provide a novel detection mechanism against an adversary that can simultaneously compromise the long-term identity keys of both the SSH client and server, offering the detection of the adversary even when the adversary can access and compromise the SSH server as root. We additionally propose a framework as a solution to counter the credential leakage problem in automated development workflows within internal organisational networks where credentials are often hard-coded or embedded into the application source code or automation scripts, mitigating the implications of a credential leakage to an adversary that compromises the credentials and uses them to access application services in the system. We further propose improvements to the Signal protocol to enhance the key authentication of the protocol with the purpose of providing the detection of an active Man-in-the-Middle adversary that compromises all secrets of a communicating client, with our solution built directly into the Signal protocol without requiring any out-of-band channel or user interaction and without introducing additional parties into the communication system.

We provide computationally secure solutions in each of the M2M application domains to facilitiate real-world deployments without requiring specialised machines. We further perform the necessary security analysis to prove our novel security guarantees while also preserving the existing guarantees of the solutions that our improvements build on. Finally, we implement proof-of-concept software for each of our solutions to demonstrate its practicality.

Authors: Teng, WL

• DOI: 10.5287/ora-jvqw8poxp
• Type of award: DPhil
• Level of award: Doctoral
• Awarding institution: University of Oxford
• Language: English
• Subjects: Computer security; Cryptography