Suramya's Blog : Welcome to my crazy life…

August 26, 2022

Using MultiNerf for AI based Image noise reduction

Filed under: Computer Software,Emerging Tech,My Thoughts,Tech Related — Suramya @ 2:58 PM

Proponents of AI constantly come up with claims that frequently don’t hold up to extensive testing, however the new release from Google Research called MultiNerf which runs on RAW image data to generate what the photos would have looked like without the video noise generated by imaging sensors seems to be the exception. Looking at the video it almost looks like magic, and appears to work great. Best of all, the code is open source and already released on GIT Hub under the Apache License. The repository contains the code release for three CVPR 2022 papers: Mip-NeRF 360, Ref-NeRF, and RawNeRF.

TechCrunch has a great writeup on the process. DIYPhotography has created a video demo of the process (embedded below) that showcases the process:


Video Credits: DIYPhotography

I like the new tools to make the photographs come out better, but I still prefer to take unaltered photos whenever I can. The most alteration/post-processing that I do on the photos is cropping and resizing. That also is something I do infrequently. But this would be of great use to professional photographers in conditions that are less than optimal.

– Suramya

August 7, 2022

Winamp is back in action (!) after 9 years of no releases

Filed under: Computer Software,My Thoughts — Suramya @ 11:59 PM

Anyone who was using computers in the late 90’s and 2000’s knows that the best MP3 player of all time was Winamp, it really whips the llama’s ass. First released back in 1997, it spread like wildfire. I used it as my primary music player till I switched to Linux and even then I used a player that was skinned to look and work like Winamp.

Development for the player was paused back in 2013 and then resumed in 2018. It took 4 years of hard work and the Winamp 5.9 Release Candidate 1 is now available for download. Most of the changes in this version as in the backend as the code was migrated from Visual Studio 2008 to Visual Studio 2019. This modernizes the whole setup and the next release will focus on new features.

The only downside of this is that it is not available for Linux so I still have to use some other software rather than the original. I wonder if it would work over Wine/Crossover? If so then that would be awesome. Let me go try that out and see if that works (I will update this post if it actually works).

Well this is all for now. Will post more later.

Update (8/8/2022): It Works on Linux! I downloaded and installed the latest RC on Linux using Crossover and it works flawlessly. (Although the preset names are in Chinese for some reason)

– Suramya

August 6, 2022

Post Quantum Encryption: Another candidate algorithm (SIKE) bites the dust

Filed under: Computer Security,Computer Software,Quantum Computing — Suramya @ 8:23 PM

Quantum Computing has the potential to make the current encryption algorithms obsolete once it gets around to actually being implemented on a large scale. But the Cryptographic experts in charge of such things have been working on Post Quantum Cryptography/Post Quantum Encryption (PQE) over the past few years to offset this risk. SIKE was one of KEM algorithms that advanced to the fourth round earlier this year and it was considered as an attractive candidate for standardization because of its small key and ciphertext sizes.

Unfortunately while that is true researchers have found that the algorithm is badly broken. Researchers from the Computer Security and Industrial Cryptography group at KU Leuven published a paper over the weekend “An Efficient Key Recovery Attack on SIDH” (Preliminary Version) that describes a technique which allows an attacker to recover the encryption keys protecting the SIKE Protected transactions in under an hours time using a single traditional PC. Since the whole idea behind PQE was to identify algorithms that are stronger than the traditional ones this immediately disqualifies SIKE from further consideration.

Abstract. We present an efficient key recovery attack on the Supersingular Isogeny Diffie–Hellman protocol (SIDH), based on a “glue-and-split” theorem due to Kani. Our attack exploits the existence of a small non-scalar endomorphism on the starting curve, and it also relies on the auxiliary torsion point information that Alice and Bob share during the protocol. Our Magma implementation breaks the instantiation SIKEp434, which aims at security level 1 of the Post-Quantum Cryptography standardization process currently ran by NIST, in about one hour on a single core.

The attack exploits the fact that SIDH has auxiliary points and that the degree of the secret isogeny is known. The auxiliary points in SIDH have always been an annoyance and a potential weakness, and they have been exploited for fault attacks, the GPST adaptive attack, torsion point attacks, etc.

This is not a bad thing as the whole testing and validation process is supposed to weed out weak algorithms and it is better to have them identified and removed now than after their release as then it becomes almost impossible to phase out systems that use the broken/compromised encryption algorithms.

Source: Schneier on Security: SIKE Broken

– Suramya

July 30, 2022

Identifying the least used packages on Debian

Filed under: Computer Software,Computer Tips,Linux/Unix Related,Software Releases — Suramya @ 4:14 AM

My main system was running low on disk space in the root partition and I wanted to clean out some of the unused software from the system. In order to do that I thought that I should find out what the least used applications on my system were and then remove them. Unfortunately I couldn’t find any existing way of doing this so it was a dead end. However, the problem remained stuck in my head and I came up with a quick and dirty way of identifying the packages and when they were last used.

The way it works is:

  • Get a list of all files on the system (using locate, since its already there so why duplicate effort)
  • For each file figure out what package it belongs to using dpkg-query -S
  • If the file belongs to a package, get the last access time (using stat) and log it
  • Once we do this for all files, sort the results.

This gives us a list of packages and the latest access date for each package (based on the latest access date for any of the files in it). Since this is a quick and dirty implementation, it is slow as molasses, doesn’t have any error checking or anything but still gets the job done. Would love to get some feedback. The code is available at: https://github.com/suramyatomar/leastUsedPackage.

The output of the script looks like:

...
...
xz-utils | 2022-07-18
yelp-xsl | 2022-04-05
yelp-xsl | 2022-04-05
youtube-dl | 2022-07-17
zim | 2022-07-17
zip | 2022-07-17
zlib1g-dev | 2022-07-17
zlib1g-dev | 2022-07-17
zlib1g-dev | 2022-07-17
zstd | 2022-07-18

Feel free to try it out if you have a similar usecase. Let me know if you have any suggestions on improving the script or if you found it useful.

– Suramya

June 5, 2022

Hacking a computer using Ham radio transmissions is now possible!

Filed under: Computer Security,Computer Software,Tech Related — Suramya @ 11:59 PM

Hacking a computer by getting them to listen to a Ham Radio station broadcast seems like the plot of a bad movie or TV series about ‘hackers’ but this is not a fictional story. It is now in fact possible to hack a WinXP & Windows 10 computer over the air, All we need to do is ensure that the target is using WinARPS on their computer to listen to the broadcast and then they are fair game.

I am in awe of this finding because figuring out how to generate radio packets that will cause a memory overflow/corruption and then figure out who to generate the packets in a way that allows you to get RCE (Remote Code Execution) requires phenomenal hacking skills and understanding of the underlying systems.

WinARPS is unlikely to get a fix for the issue because the author no longer has an environment to build/test the software as the last update to the code was back in 2013. However the author is aware of the problem and who knows they might get the environment working again and fix the issue.


Video demo of the issue on a Windows 10 machine (Credit: Coalfire.com)

This bug does show us that we can have the world’s most protected / isolated system but if there is any way to get external information/input then the system can potentially be attacked.

You can read the full walk through of the process at: Hacking Ham Radio: WinAPRS – Part 5

– Suramya

May 4, 2022

Using reflection in pupils in public selfies to figure out the different ways a user can hold a device

Filed under: Computer Software,My Thoughts,Tech Related — Suramya @ 11:58 PM

Users in TV/Movies have been able to zoom enhance photo’s that look like they were taken with a broken down webcam from the 80’s to give crystal clear images for a while now. In fact the Zoom/Enhance trope has become so common that there are a whole bunch of meme’s out there for it.

Till recently such activities were possible only in the fictional world, thanks to advances in photo technologies and the increasing no of mega-pixels (plus other things) in the modern camera this is now possible in the real world as well. A few years ago, a Japanese stalker was arrested after he stalked and assaulted a 21-year-old “Japanese idol” at her home by zooming into a high-resolution selfie posted by the singer to view the train station reflected in her eye.

Now, a group of researchers from Keio University, Yahoo Japan, and the Tokyo University of Technology are using publicly posted selfies by users to examine the reflection of the smartphone taking the picture in the pupils of the photo to figure out how the phone is being used i.e. the different ways a user can hold a device like a smartphone: with both hands, just the left, or just the right in portrait mode, and the same options in horizontal mode. There are a bunch of potential uses for this technique and it is interesting and unique research.

But it also highlights the fact that we need to be careful of what we post/share as there might be information in the picture that we didn’t want to share. If you search for ‘photo sent caught cheating’ you will find multiple instances of folks sending pics that got them in trouble because there was something in the pic that gave the game away, such as this one or this one

Source: Using Pupil Reflection in Smartphone Camera Selfies

– Suramya

April 29, 2022

Malware in Windows: TPM Bypasses & Firmware level persistence

Filed under: Article Releases,Computer Security,Computer Software,My Thoughts,Tech Related — Suramya @ 7:13 AM

Malware is the short form for Malicious Software and is basically software that allows attackers to infect a computer system or device to steal information, disrupt operations or gain access to sensitive data. It is a general term that includes viruses, worms, trojans, spyware, rootkits etc. (Cisco, 2021)

Conceptually the foundations for creating malware were laid almost simultaneously with the creation of the first computers. In 1951, John von Neumann proposed methods on how to create self-replicating automata (Neumann, 1951) and a few years later in 1959 Lionel Penrose published his paper on ‘Self-Reproducing Machines’ this paper was used as the basis for creating replicating machine code that were the basis of the later generations of malware. In 1970’s the creeper virus infected the ARPANET (Milošević, 2013) followed shortly after by Rabbit (Milošević, 2013) which spread rapidly to computers and created copies of itself overloading the machine and impacting system performance. (Milošević, 2013)

In the 1986, the first malware called Brain.A that targeted the PC platform was released. (Milošević, 2013) It used floppy disks as the infection mechanism by infecting the boot sector of every floppy disk used in an infected computer. Other viruses of the time used similar mechanisms to propagate and were quite prevalent by the measures of the time. Once Microsoft Windows was released viruses were created that targeted the new operating system with WinVir being the first virus for the new operating system, it gained persistence by modifying the Windows Executable files. (Milošević, 2013) It spread to new systems over floppy disks.
For almost a decade, infected disks and CD’s remained the primary method of infection for computers. In 1998 this changed with the release of Happy99 in late 1998 that spread via email attachments. Another popular vector for virus infections was macro viruses that infected Microsoft word files which were shared frequently with other users allowing the virus to spread. With the increasing popularity of the Internet, the new malware created during this time leveraged the internet as a transmission vector.

In early 2000, Code Red worm was created that leveraged vulnerabilities in the IIS webservers to propagate. (Milošević, 2013) This opened a new infection vector where the malware would scan for and exploit systems running vulnerable software.

Over the years, malware has become more and more common and has evolved to gain persistence using multiple methods such as using rootkits to infect the OS kernel and other such methods. The one constant throughout the years was that we could clean up a malware infection by formatting the infected drive and restoring from a clean backup. As long as the backup and the installation media were clean we could be confident that the infection was cleared.

Unfortunately, this is no longer the case with new strains of malware using sophisticated techniques to gain persistence using the computer firmware.

A. UEFI malware – The early years

UEFI rootkits were referenced in various leaks and were considered mostly theoretical. The Hacking Team referenced something called ‘rkloader’ in their internal presentations and the Vault7 leaks referenced ‘DerStarke’ which was an EFI/UEFI boot implant. But there was no real evidence of these being used so they were considered mostly theoretical for the most part.

This changed in 2018 when the first rootkit that leveraged the UEFI to achieve persistence was discovered. This malware called Lojax was created by the Sednit APT group. It used a malicious UEFI module written into the SPI flash memory to ensure that it was able to execute malware during the boot up process. (ESET Research, 2018)

B. UEFI Malware – Infecting SPI flash memory

The LoJax malware used the kernel driver RwDrv.sys to access the UEFI settings. The driver is distributed with RWEverything, a freeware utility that can read the BIOS information in most computers. (ESET Research, 2018)

The malware used this driver to read the contents of the SPI flash memory into a file, by running a file called ReWriter_binary.exe. The data in the SPI is stored in volumes using the Firmware File System (FFS). It then parses the volues to search for the Ip4Dxe file. This file along with DXE Core is then modified to add the malicious UEFI module to it post which the entire file is written back to the SPI memory. If the configuration allows write access to SPI the malware immediately writes to the SPI memory but if write access is disabled it exploited a race condition vulnerability in the BIOS locking mechanism to bypass the write protection in SPI flash memory. (CERT, 2015)

C. MoonBounce: UEFI Bootkit

The MoonBounce Bootkit is the third instance of malware that uses UEFI to gain persistence, with Lojax and MosaicRegressor being the other two instances where it was used.

MoonBounce is a lot more sophisticated than the previous iterations and it executes completely in the system memory without writing anything to the hard drive making it a lot harder to detect than the previous iterations of the malware. It stages the execution and deployment of payloads over the internet allowing the attacker to deploy payloads on the system to achieve specific tasks.
MoonBounce was detected in spring 2021 and like the previous iterations attacks the DXE Core module in UEFI to infect the SPI Memory.

D. Using TPM Module & Trusted Computing to protect against this attack

The TPM Module in the modern machines is designed to provide hardware-based, security-related functions and allows the system to secure the system using integrated cryptographic keys.

If TPM is enabled and is being used correctly then it gives the system a way to ensure that all firmware and boot files are unmodified. If any of the files are modified then they will not pass the cryptographic check and the boot process will be halted. This would prevent the infected SPI memory from being loaded and would warn the defenders that their system has been breached.

Unfortunately, it is possible to disable the TPM chip for historical compatibility reasons, so the malware can do the same. One of the ways to disable the check and bypass the Secure Boot & TPM check is to modify the registry files in Windows. The steps to do so are very simple and are shown below (Tibbetts, 2021):

  • At the run prompt type in regedit, and press Enter.
  • Go to Computer\HKEY_LOCAL_MACHINE\SYSTEM\Setup
  • Right-click on Setup and click New > Key. Name that LabConfig
  • Click on LabConfig, then right-click on the right pane, and click New > DWORD (32-bit Value).
  • Name the entry as BypassTPMCheck and change its Value data to 1
  • Create two more DWORDS and change the Value data to 1 just like you did above and name them BypassRAMCheck and BypassSecureBootCheck.

This removes the check for Secure Boot and while it can be desired at times it does open up the system to risk so should only be used for specific use cases where no other option is available.

Protecting against malware using firmware level persistence

To protect against this threat, we need to ensure that all components of the operating system and software on the computer are patched and updated to the latest version. We should enable end-point monitoring and IDS on the network to detect infection attempts. This will allow us to detect the malware before it infects the system and block it pre-emptively. The internet and email gateways should scan all incoming files to detect and block malware. In addition to the standard precautions to protect against malware, we should also ensure that all systems on the network are running the latest version of the UEFI/BIOS available.

Unfortunately, the remediation of the security issues in UEFI is a hard problem and doesn’t have an easy solution. So, the best way to protect against the threat is to try to prevent the system from getting infected in the first place.

Another option to detect infected SPI Memory is to create a tool that periodically creates a dump of the SPI memory and compares the checksum of the dump with a known clean dump. If the values don’t match then there is a high probability that the memory is infected and the administrators can then take steps to clean the firmware by flashing it with a known clean version of the firmware.

With the new methods of persistence available to the malware writers the best way to protect the assets is to try to ensure that you prevent the infection from happening in the first place. Once the machine is infected the task becomes harder and we would need to spend extra time and effort to clean and restore the systems to a clean state.
Done correctly this will decrease the risk of data exfiltration but no technique to detect infection is perfect so a lot of review and audits need to be done on a periodic basis to ensure that the system is still secure.

References

CERT. (2015, January 5). CERT/CC Vulnerability note vu#766164. VU#766164 – Intel BIOS locking mechanism contains race condition that enables write protection bypass. Retrieved March 21, 2022, from https://www.kb.cert.org/vuls/id/766164

Cisco. (2021, July 30). What is malware? – definition and examples. Cisco. Retrieved March 21, 2022, from https://www.cisco.com/c/en_in/products/security/advanced-malware-protection/what-is-malware.html
ESET Research. (2018, October 9). Lojax: First UEFI rootkit found in the wild, courtesy of the Sednit Group. WeLiveSecurity. Retrieved March 21, 2022, from https://www.welivesecurity.com/2018/09/27/lojax-first-uefi-rootkit-found-wild-courtesy-sednit-group/

Neumann, J. V. (1951). Massachusetts Institute of Technology. Theory of Self Replicating Automata. Retrieved March 21, 2022, from https://cba.mit.edu/events/03.11.ASE/docs/VonNeumann.pdf
Tibbetts, T. (2021, July 10). How to bypass secure boot & trusted platform module. Providing Free and Editor Tested Software Downloads. Retrieved March 21, 2022, from https://www.majorgeeks.com/content/page/bypass_tpm.html.

This was a paper for my Class in Q1 2022 which is why it is more formal than my usual posts.

April 24, 2022

Smart-contract bug locks away $34 million highlighting major weakness in smart-contracts

Filed under: Computer Software,Emerging Tech,Tech Related — Suramya @ 9:57 PM

Over the years I have had many conversations with people about Blockchain and how it is supposed to solve all our problems, but for the most part I think Blockchain is overrated and doesn’t solve any problem that can’t be solved in an easier way using less resources. Then as if Blockchain’s were not enough someone went and created smart contracts which are basically programs stored on a blockchain that run when predetermined conditions are met. They typically are used to automate the execution of an agreement so that all participants can be immediately certain of the outcome, without any intermediary’s involvement or time loss. They can also automate a workflow, triggering the next action when conditions are met.IBM Smart-Contracts Def

The major issue with a blockchain contract is that the contract is immutable so if there is a bug in the program no one can modify it to fix the issue. When warned about this potential problem the proponents of the smart-contract pretty much handwaved the concerns away stating that the issue is not that big a deal and people were just opposing them because they dislike smart-contracts and are sticks in mud etc etc.

Unfortunately, this is no longer a theoretical issue as the developers of the AkuDreams contract found out over the weekend. Due to a bug in the contract code $34 million, or 11,539 eth, is permanently locked into the AkuDreams contract forever. It cannot be retrieved by individual users or by the dev team..

This shows how dangerous it is to have a program that can’t be modified because no matter what we do we can’t ensure that code written will be 100% bug free in all the cases. When there is a bug in regular software be can push out a patch to fix it, but that is not an option for smart-contracts and that as you can see becomes an expensive issue.

Source: $34M permanently locked into AkuDreams contract forever due to bad code

– Suramya

April 22, 2022

Implications and Impact of Quantum Computing on Existing Cryptography

Filed under: Article Releases,Computer Security,Computer Software,Emerging Tech,My Thoughts,Quantum Computing,Tech Related — Suramya @ 11:59 PM

As all of you are aware the ability to break encryption of sensitive data like financial systems, private correspondence, government systems in a timely fashion is the holy grail of computer espionage. With the current technology it is unfeasible to break the encryption in a reasonable timeframe. If the target is using a 256-bit key an attacker will need to try a max of 2256 possible combinations to brute-force it. This means that even with the fastest supercomputer in the world will take millions of years to try all the combinations (Nohe, 2019). The number of combinations required to crack the encryption key increase exponentially, so a 2048-bit key has 22048 possible combinations and will take correspondingly longer time to crack. However, with the recent advances in Quantum computing the dream of breaking encryption in a timely manner is close to becoming reality in the near future.

Introduction to Quantum Computing

So, what is this Quantum computing and what makes it so special? Quantum computing is an emerging technology field that leverages quantum phenomena to perform computations. It has a great advantage over conventional computing due to the way it stores data and performs computations. In a traditional system information is stored in the form of bits, each of which can be either 0 or 1 at any given time. This makes a ‘bit’ the fundamental using of information in traditional computing. A Quantum computer on the other hand uses a ‘qubit’ as its fundamental unit and unlike the normal bit, a qubit can exist simultaneously as 0 and 1 — a phenomenon called superposition (Freiberger, 2017). This allows a quantum computer to act on all possible states of a qubit simultaneously, enabling it to perform massive operations in parallel using only a single processing unit. In fact, a theoretical projection has postulated that a Quantum Computer could break a 2048-bit RSA encryption in approximately 8 hours (Garisto, 2020).

In 1994 Peter W. Shor of AT&T deduced how to take advantage of entanglement and superposition to find the prime factors of an integer (Shor, 1994). He found that a quantum computer could, in principle, accomplish this task much faster than the best classical calculator ever could. He then proceeded to write an algorithm called Shor’s algorithm that could be used to crack the RSA encryption which prompted computer scientists to begin learning about quantum computing.

Introduction to Current Cryptography

Current security of cryptography relies on certain “hard” problems—calculations which are practically impossible to solve without the correct cryptographic key. Just as it is easy to break a glass jar but difficult to stick it back together there are certain calculations that are easy to perform but difficult to reverse. For example, we can easily multiply two numbers to get the result, however it is very hard to start with the result and work out which two numbers were multiplied to produce it. This becomes even more hard as the numbers get larger and this forms the basis of algorithms like the RSA (Rivest et al., 1978) that would take the best computers available billions of years to solve and all current IT security aspects are built on top of this basic foundation.

There are multiple ways of classifying cryptographic algorithms but in this paper, they will be classified based on the keys required for encryption and decryption. The main types of cryptographic algorithms are symmetric cryptography and asymmetric cryptography.

Symmetric Cryptography

Symmetric cryptography is a type of encryption that uses the same key for both encryption and decryption. This requires the sender and receiver to exchange the encryption key securely before encrypted data can be exchanged. This type of encryption is one of the oldest in the world and was used by Julius Caesar to protect his communications in Roman times (Singh, 2000). Caesar’s cipher, as it is known is a basic substitution cypher where a number is used to offset each alphabet in the message. For example, if the secret key is ‘4’ then each alphabet would be replaced with the 4th letter down from it, i.e. A would be replaced with E, B with F and so on. Once the sender and receiver agree on the encryption key to be used, they can start communicating. The receiver would take each character of the message and then go back 4 letters to arrive at the plain-text message. This is a very simple example, but modern cryptography is built on top of this principle.

Another example is from world war II during which the Germans were encrypting their transmissions using the Enigma device to prevent the Allies from decrypting their messages as they had in the first World War (Rijmenants, 2004). Each day both the receiver and sender would configure the gears and specific settings to a new value as defined by secret keys distributed in advance. This allowed them to transmit information in an encrypted format that was almost impossible for the allied forces to decrypt. Examples of symmetric encryption algorithms include Advanced Encryption Standard (AES), Data Encryption Standard (DES), and International Data Encryption Algorithm (IDEA).

Symmetric encryption algorithms are more efficient than asymmetric algorithms and are typically used for bulk encryption of data.

Asymmetric Cryptography

Unlike symmetric cryptography asymmetric cryptography uses two keys, one for encryption and a second key for decryption (Rouse et al., 2020). Asymmetric cryptography was created to address the problems of key distribution in symmetric encryption and is also known as public key cryptography. Modern public key cryptography was first described in 1976 by Stanford University professor Martin Hellman and graduate student Whitfield Diffie. (Diffie & Hellman, 1976)

Asymmetric encryption works with public and private keys where the public key is used to encrypt the data and the private key is used to decrypt the data (Rouse et al., 2020). Before sharing data, a user would generate a public-private keypair and they would then publish their public key on their website or in key management portals. Now, whoever wants to send private data to them would use their public key to encrypt the data before sending it. Once they receive the cipher-text they would use their private key to decrypt the data. If we want to add another layer of authentication to the communication, the sender would encrypt the data with their private key first and then do a second layer of encryption using the recipient’s public key. The recipient would first decrypt the message using their private key, then decrypt the result using the senders public key. This validates that the message was sent by the sender without being tampered. Public key cryptography algorithms in use today include RSA, Diffie-Hellman and Digital Signature Algorithm (DSA).

Quantum Computing vs Classical Computing

Current state of Quantum Computing

Since the early days of quantum computing we have been told that a functional quantum computer is just around the corner and the existing encryption systems will be broken soon. There has been significant investment in the field of Quantum computers in the past few years, with organizations like Google, IBM, Amazon, Intel and Microsoft dedicating a significant amount of their R&D budget to create a quantum computer. In addition, the European Union has launched a Quantum Technologies Flagship program to fund research on quantum technologies (Quantum Flagship Coordination and Support Action, 2018).

As of September 2020, the largest quantum computer is comprised of 65 qubits and IBM has published a roadmap promising a 1000 qbit quantum computer by 2023 (Cho, 2020). While this is an impressive milestone, we are still far away from a fully functional general use quantum computer. To give an idea of how far we still have to go Shor’s algorithm requires 72k3 quantum gates to be able to factor a k bits long number (Shor, 1994). This means in order to factor a 2048-bit number we would need a 72 * 20483 = 618,475,290,624 qubit computer which is still a long way off in the future.

Challenges in Quantum Computing

There are multiple challenges in creating a quantum computer with a large number of qubits as listed below (Clarke, 2019):

  • Qubit quality or loss of coherence: The qubits being generated currently are useful only on a small scale, after a particular no of operations they start producing invalid results.
  • Error Correction at scale: Since the qubits generate errors at scale, we need algorithms that will compensate for the errors generated. This research is still in the nascent stage and requires significant effort before it will be ready for production use.
  • Qubit Control: We currently do not have the technical capability to control multiple qubits in a nanosecond time scale.
  • Temperature: The current hardware for quantum computers needs to be kept at extremely cold temperatures making commercial deployments difficult.
  • External interference: Quantum computes are extremely sensitive to interference. Research at MIT has found that ionizing radiation from environmental radioactive materials and cosmic rays can and does interfere with the integrity of quantum computers.

Cryptographic algorithms vulnerable to Quantum Computing

Symmetric encryption schemes impacted

According to NIST, most of the current symmetric cryptographic algorithms will be relatively safe against attacks by quantum computer provided a large key is used (Chen et al., 2016). However, this might change as more research is done and quantum computers come closer to reality.

Asymmetric encryption schemes impacted

Unlike symmetric encryption schemes most of the current public key encryption algorithms are highly vulnerable to quantum computers because they are based on the previously mentioned factorization problem and calculation of discrete logarithms and both of these problems can be solved by implementing Shor’s algorithm on a quantum computer with enough qubits. We do not currently have the capability to create a computer with the required number of qubits due to challenges such as loss of qubit coherence due to ionizing radiation (Vepsäläinen et al., 2020), but they are a solvable problem looking at the ongoing advances in the field and the significant effort being put in the field by companies such as IBM and others (Gambetta et al., 2020).

Post Quantum Cryptography

The goal of post-quantum cryptography is to develop cryptographic algorithms that are secure against quantum computers and can be easily integrated into existing protocols and networks.

Quantum proof algorithms

Due to the risk posed by quantum computers, the National Institute of Standards and Technology (NIST) has been examining new approaches to encryption and out of the initial 69 submissions received three years ago, the group has narrowed the field down to 15 finalists and has now begun the third round of public review of the algorithms (Moody et al., 2020) to help decide the core of the first post-quantum cryptography standard. They are expecting to end the round with one or two algorithms for encryption and key establishment, and one or two others for digital signatures (Moody et al., 2020).

Quantum Key Distribution

Quantum Key Distribution (QKD) uses the characteristics of quantum computing to implement a secure communication channel allowing users to exchange a random secret key that can then be used for symmetrical encryption (IDQ, 2020). QKD solves the problem of secure key exchange for symmetrical encryption algorithms and it has the capability to detect the presence of any third party attempting to eavesdrop on the key exchange. If there is an attempt by a third-party to eavesdrop on the exchange, they will create anomalies in the quantum superpositions and quantum entanglement which will alert the parties to the presence of an eavesdropper, at which point the key generation will be aborted (IDQ, 2020). The QKD is used to only produce and distribute an encryption key securely, not to transmit any data. Once the key is exchanged it can be used with any symmetric encryption algorithm to transmit data securely.

Conclusion

Development of a quantum computer may be 100 years off or may be invented in the next decade, but we can be sure that once they are invented, they will change the face of computing forever including the field of cryptography. However, we should not panic as this is not the end of the world as the work on quantum resistant algorithms is going much faster than the work on creating a quantum computer. The world’s top cryptographic experts have been working on Quantum safe encryption for the past three years and we are nearing the completion of the world’s first post-quantum cryptography standard (Moody et al., 2020). Even if the worst happens and it is not possible to create a quantum safe algorithm immediately, we still have the ability to encrypt and decrypt data using one-time pads until a safer alternative or a new technology is developed.

References

Chen, L., Jordan, S., Liu, Y.-K., Moody, D., Peralta, R., Perlner, R., & Smith-Tone, D. (2016). Report on Post-Quantum Cryptography. https://doi.org/10.6028/nist.ir.8105

Cho, A. (2020, September 15). IBM promises 1000-qubit quantum computer-a milestone-by 2023. Science. https://www.sciencemag.org/news/2020/09/ibm-promises-1000-qubit-quantum-computer-milestone-2023.

Clarke, J. (2019, March). An Optimist’s View of the Challenges to Quantum Computing. IEEE Spectrum: Technology, Engineering, and Science News. https://spectrum.ieee.org/tech-talk/computing/hardware/an-optimists-view-of-the-4-challenges-to-quantum-computing.

Diffie, W., & Hellman, M. (1976). New directions in cryptography. IEEE Transactions on Information Theory, 22(6), 644–654. https://doi.org/10.1109/tit.1976.1055638

Freiberger, M. (2017, October 1). How does quantum computing work? https://plus.maths.org/content/how-does-quantum-commuting-work.

Gambetta, J., Nazario, Z., & Chow, J. (2020, October 21). Charting the Course for the Future of Quantum Computing. IBM Research Blog. https://www.ibm.com/blogs/research/2020/08/quantum-research-centers/.

Garisto, D. (2020, May 4). Quantum computers won’t break encryption just yet. https://www.protocol.com/manuals/quantum-computing/quantum-computers-wont-break-encryption-yet.

IDQ. (2020, May 6). Quantum Key Distribution: QKD: Quantum Cryptography. ID Quantique. https://www.idquantique.com/quantum-safe-security/overview/quantum-key-distribution/.
Moody, D., Alagic, G., Apon, D. C., Cooper, D. A., Dang, Q. H., Kelsey, J. M., Yi-Kai, L., Miller, C., Peralta, R., Perlner R., Robinson A., Smith-Tone, D., & Alperin-Sheriff, J. (2020). Status report on the second round of the NIST post-quantum cryptography standardization process. https://doi.org/10.6028/nist.ir.8309

Nohe, P. (2019, May 2). What is 256-bit encryption? How long would it take to crack? https://www.thesslstore.com/blog/what-is-256-bit-encryption/.
Quantum Flagship Coordination and Support Action (2018, October). Quantum Technologies Flagship. https://ec.europa.eu/digital-single-market/en/quantum-technologies-flagship

Rijmenants, D. (2004). The German Enigma Cipher Machine. Enigma Machine. http://users.telenet.be/d.rijmenants/en/enigma.htm.

Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 120–126. https://doi.org/10.1145/359340.359342

Rouse, M., Brush, K., Rosencrance, L., & Cobb, M. (2020, March 20). What is Asymmetric Cryptography and How Does it Work? SearchSecurity. https://searchsecurity.techtarget.com/definition/asymmetric-cryptography.

Shor, P. w. (1994). Algorithms for quantum computation: discrete logarithms and factoring. Proceedings 35th Annual Symposium on Foundations of Computer Science, 124–134. https://doi.org/10.1109/sfcs.1994.365700

Singh, S. (2000). The code book: The science of secrecy from Egypt to Quantum Cryptography. Anchor Books.

Vepsäläinen, A. P., Karamlou, A. H., Orrell, J. L., Dogra, A. S., Loer, B., Vasconcelos, F., David, K. K., Melville A. J., Niedzielski B. M., Yoder J. L., Gustavsson, S., Formaggio J. A., VanDevender B. A., & Oliver, W. D. (2020). Impact of ionizing radiation on superconducting qubit coherence. Nature, 584(7822), 551–556. https://doi.org/10.1038/s41586-020-2619-8

Note: This was originally written as a paper for one of my classes at EC-Council University in Q4 2020, which is why the tone is a lot more formal than my regular posts.

– Suramya

April 21, 2022

It is possible to plant Undetectable Backdoors in Machine Learning Models

Filed under: Computer Security,Computer Software,Emerging Tech,My Thoughts,Tech Related — Suramya @ 2:23 AM

Machine learning (ML) is the big thing and ML algorithms are slowly creeping into all aspects of our life such as unlocking your phone using facial recognition, evaluating the eligibility for a loan, surveillance, what ads you see when surfing the web, what search results you get when searching for stuff etc etc. The problem is that ML algorithms are not infallible they depend on the training data used, confirmational bias etc. At the very least they enforce the existing bias for example, if a company only hires men 25-45 for a role then the ML data set will take this as the input and all future candidates will be evaluated against this criteria because the system thinks that this is what a success looks like. The algorithms themselves are getting more and more complicated and it is almost impossible to review and validate the findings. Due to this decisions are being made by machines that can’t be audited easily. Plus it doesn’t help that most ML models are proprietary and the companies refuse to let outsiders examine them due to Trade secrets and proprietary information used in them.

Another problem is that these ML models is adversarial perturbations where attackers make minor changes to the image/data going in to get a specific response/output. There are a lot of examples of this in the past few years and some of them are listed below (Thanks to Cory Doctorow for consolidating them in one place)

These all take advantage of flaws in the ML model that can be exploited using minor changes in the input data. However, there is another major exploit surface available which is incredibly hard to protect against: Backdoors in the ML models by creating a model that will accept a particular entry/key to produce a specific output. The ‘best’ part is that it is almost impossible to detect if this has been done because the model will function exactly the same as an un-tampered model and will only show the abnormal behavior for the specific key which would have been randomly generated by the creator during the training. If done well then the modifications will be undetectable for most tests.

A team for MIT and IAS has written a paper on it (“Planting Undetectable Backdoors in Machine Learning Models“) where they go into details of how this can be done and the potential impact. Unfortunately, they have not been able to come up with a feasible defense against this attack as of this time. Hopefully that will change as others start focusing on this problem and how to solve it.

Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier behaves normally, but in reality, the learner maintains a mechanism for changing the classification of any input, with only a slight perturbation. Importantly, without the appropriate “backdoor key”, the mechanism is hidden and cannot be detected by any computationally-bounded observer. We demonstrate two frameworks for planting undetectable backdoors, with incomparable guarantees.

First, we show how to plant a backdoor in any model, using digital signature schemes. The construction guarantees that given black-box access to the original model and the backdoored version, it is computationally infeasible to find even a single input where they differ. This property implies that the backdoored model has generalization error comparable with the original model. Second, we demonstrate how to insert undetectable backdoors in models trained using the Random Fourier Features (RFF) learning paradigm or in Random ReLU networks. In this construction, undetectability holds against powerful white-box distinguishers: given a complete description of the network and the training data, no efficient distinguisher can guess whether the model is “clean” or contains a backdoor.

Our construction of undetectable backdoors also sheds light on the related issue of robustness to adversarial examples. In particular, our construction can produce a classifier that is indistinguishable from an “adversarially robust” classifier, but where every input has an adversarial example! In summary, the existence of undetectable backdoors represent a significant theoretical roadblock to certifying adversarial robustness.

The paper is still waiting for the peer-review to complete but the concept and methods they describe seem solid so this is a problem we will have to solve sooner rather than later considering the speed with which ML models are impacting our life.

Source: Schneier on Security: Undetectable Backdoors in Machine-Learning Models

– Suramya

« Newer PostsOlder Posts »

Powered by WordPress