New advances in tamper evident technologies

Abstract

Tampering is a thousands-years-old problem. Ancient Mesopotamian civilizations developed mechanisms to detect tampering of their purchase receipts on clay tablets. Today, the advances in the technology have equipped adversaries with more modern techniques to perform attacks on physical items (such as banknotes and passports), as well as cyber products (software and webpages). Consequently, tampering detection mechanisms need to be developed as new attacks emerge in both physical and cyber domains. In this dissertation, we divide our research into two parts, concerning tampering in physical and in cyber domains respectively. In each part, we propose a new method for tampering detection. In the rst part, we propose a novel paper ngerprinting technique based on analysing the translucent patterns revealed when a light source shines through the paper. These patterns represent the inherent texture of paper, formed by the random interleaving of wooden particles during the manufacturing process. We show these patterns can be easily captured by a commodity camera and condensed into to a compact 2048-bit ngerprint code. Prominent works in this area (Nature 2005, IEEE S&P 2009, CCS 2011) have all focused on ngerprinting paper based on the paper \surface". We are motivated by the observation that capturing the surface alone misses important distinctive features such as the non-even thickness, the random distribution of impurities, and di erent materials in the paper with varying opacities. Through experiments, we demonstrate that the embedded paper texture provides a more reliable source for ngerprinting than features on the surface. Based on the collected datasets, we achieve 0% false rejection and 0% false acceptance rates. We further report that our extracted ngerprints contain 807 degrees-of-freedom (DoF), which is much higher than the 249 DoF with iris codes (that have the same size of 2048 bits). The high amount of DoF for texture-based ngerprints makes our method extremely scalable for recognition among very large databases; it also allows secure usage of the extracted ngerprint in privacy-preserving authentication schemes based on error correction techniques. In the second part, we address an important real-world problem: how to ensure the integrity of delivering web content in the presence of manin- the-browser (MITB) attacks by malicious web extensions? Browser extensions have powerful privileges to manipulate a user's view of a web page by modifying the underlying Document Object Model (DOM). To demonstrate the threat, we implement two attacks on real-world online banking websites (HSBC and Barclays) and show how a malicious extension can covertly compromise the user's bank accounts. To address this problem, we propose a cryptographic protocol called DOMtegrity to ensure the end-to-end integrity of a web page's DOM from delivering at a server to the nal display in a client's browser. The novelty of our solution lies in exploiting subtle di erences between browser extensions and in-line JavaScript code in terms of their rights to access WebSocket channels, as well as leveraging the latest Web Crypto API support added in modern browsers. We show how DOMtegrity prevents the earlier attacks and a whole range of man-in-the-browser attacks that involve maliciously changing the DOM structure of a web page. We conduct experiments on more than 14,000 real-world extensions to evaluate the e ectiveness of DOMtegrity and its compatibility with existing extensions. To the best of our knowledge, DOMtegrity is the rst solution that e ectively protects the integrity of DOM against malicious extensions without needing to modify the existing browser architecture or requiring extra hardware.