Search for: All records

Digital signatures are a fundamental building block for ensuring integrity and authenticity of contents delivered by the Named Data Networking (NDN) systems. However, current digital signature schemes adopted by NDN open source libraries have a high computational and communication overhead making them unsuitable for high throughput applications like video streaming and virtual reality gaming. In this poster, we propose a real-time digital signature mechanism for NDN based on the offline-online signature framework known as Structure-free and Compact Real-time Authentication scheme (SCRA). Our signature mechanism significantly reduces the signing and verification costs and provides different variants to optimize for the specific requirements of applications (i.e. signing overhead, verification overhead or communication cost). Our experiments results show that SCRA is a suitable framework for latency-sensitive NDN applications. 

In this paper, we study how to support high-quality immer- sive multiplayer VR on commodity mobile devices. First, we perform a scaling experiment that shows simply replicating the prior-art 2-layer distributed VR rendering architecture to multiple players cannot support more than one player due to the linear increase in network bandwidth requirement. Second, we propose to exploit the similarity of background environment (BE) frames to reduce the bandwidth needed for prefetching BE frames from the server, by caching and reusing similar frames. We nd that there is often little sim- ilarly between the BE frames of even adjacent locations in the virtual world due to a “near-object” e ect. We propose a novel technique that splits the rendering of BE frames between the mobile device and the server that drastically enhances the similarity of the BE frames and reduces the network load from frame caching. Evaluation of our imple- mentation on top of Unity and Google Daydream shows our new VR framework, Coterie, reduces per-player network requirement by 10.6X-25.7X and easily supports 4 players for high-resolution VR apps on Pixel 2 over 802.11ac, with 60 FPS and under 16ms responsiveness. 

Abstract This paper focuses on protecting the cellular paging protocol — which balances between the quality-of-service and battery consumption of a device — against security and privacy attacks. Attacks against this protocol can have severe repercussions, for instance, allowing attacker to infer a victim’s location, leak a victim’s IMSI, and inject fabricated emergency alerts. To secure the protocol, we first identify the underlying design weaknesses enabling such attacks and then propose efficient and backward-compatible approaches to address these weaknesses. We also demonstrate the deployment feasibility of our enhanced paging protocol by implementing it on an open-source cellular protocol library and commodity hardware. Our evaluation demonstrates that the enhanced protocol can thwart attacks without incurring substantial overhead. 

In this paper, we investigate the security and privacy of the three critical procedures of the 4G LTE protocol (i.e., attach, detach, and paging), and in the process, uncover potential design flaws of the protocol and unsafe practices employed by the stakeholders. For exposing vulnerabilities, we propose a modelbased testing approach LTEInspector which lazily combines a symbolic model checker and a cryptographic protocol verifier in the symbolic attacker model. Using LTEInspector, we have uncovered 10 new attacks along with 9 prior attacks, categorized into three abstract classes (i.e., security, user privacy, and disruption of service), in the three procedures of 4G LTE. Notable among our findings is the authentication relay attack that enables an adversary to spoof the location of a legitimate user to the core network without possessing appropriate credentials. To ensure that the exposed attacks pose real threats and are indeed realizable in practice, we have validated 8 of the 10 new attacks and their accompanying adversarial assumptions through experimentation in a real testbed.