Dans le cadre de notre séminaire « La Cybersécurité sur un plateau »
(Cybersecurity on a Plate), nous recevrons le 21 novembre deux
intervenants :
- Aina Toky Rasoamanana, doctorant à Télécom SudParis, qui
présentera ses travaux sur l'inférence de machines à états
d'implémentations du protocole TLS.
- Mohamad Mansouri, doctorant CIFRE à EURECOM / Thales, qui présentera ses travaux sur l'agrégation sécurisée et tolérante aux pannes pour l'apprentissage fédéré.
Le séminaire CoaP aura lieu à 14h dans le bâtiment IMT/TP/TSP, en
salle 3.A405.
Aina Toky Rasoamanana - Towards a Systematic and Automatic Use of State Machine Inference to Uncover Security Flaws and Fingerprint TLS Stacks
TLS is a well-known and thoroughly studied security protocol. In this
paper, we focus on a specific class of vulnerabilities affecting TLS
implementations, state machine errors. These vulnerabilities are
caused by differences in interpreting the standard and correspond to
deviations from the specifications, e.g. accepting invalid messages,
or accepting valid messages out of sequence. We develop a systematic
methodology to infer the state machines of major TLS stacks from
stimuli and observations, and to study their evolution across
revisions. We use the L* algorithm to compute state machines
corresponding to different execution scenarios. We reproduce several
known vulnerabilities (denial of service, authentication bypasses),
and uncover new ones. We also show that state machine inference is
efficient and practical for integration within a continuous
integration pipeline, to help find new vulnerabilities or deviations
introduced during development.
With our systematic black-box approach, we study over 400 different
versions of server and client implementations in various scenarios
(protocol version, options). Using the resulting state machines, we
propose a robust algorithm to fingerprint TLS stacks. To the best of
our knowledge, this is the first application of this approach on such
a broad perimeter, in terms of number of TLS stacks, revisions, or
execution scenarios studied.
This work has been published at ESORICS 2022.
Mohamad Mansouri - Learning from Failures: Secure and Fault-Tolerant Secure Aggregation for Federated Learning
Federated learning allows multiple parties to collaboratively train a
global machine learning (ML) model without sharing their private
datasets. To make sure that these local datasets are not leaked,
existing works propose to rely on a secure aggregation scheme that
allows parties to encrypt their model updates before sending them to
the central server that aggregates the encrypted inputs.
In this work, we design and evaluate a new secure and fault-tolerant
aggregation scheme for federated learning that is robust against
client failures. We first develop a threshold-variant of the secure
aggregation scheme proposed by Joye and Libert. Using this new
building block together with a dedicated decentralized key management
scheme and an input encoding solution, we design a privacy-preserving
federated learning protocol that, when executed among n clients, can
recover from up to n/3 failures. Our solution is secure against a
malicious aggregator who can manipulate messages to learn clients'
individual inputs. We show that our solution outperforms the
state-of-the-art fault-tolerant secure aggregation schemes in terms of
computation cost on the client. For example, with an ML model of 100K
parameters, trained with 600 clients, our protocol is 5.5x faster
(1.6x faster in case of 180 clients drop).
This work will appear in ACSAC’22.