Abstract
Today’s computer is often infected by malwares and conventional communication channels such as inter-process communication (IPC) are attractive attack surface for attackers because important information such as user’s personal data and passwords are transmitted between processes over IPC. In addition, there is no other protection other than the access control mechanism provided by the underlying OS, but it is not always sufficient. To improve the situation, this paper proposes a key agreement protocol between processes using a network socket, which is one of the IPC methods. Our protocol provides a means for legitimate processes to cryptographically communicate over the IPC. We use an uncertain channel for secure key agreement over IPC and we found that the IPC channel behaves as the uncertain communication channel due to the process scheduling of the OS. The proposed protocol is based on random number sharing using the messages that the attacker probabilistically fails to obtain and attacker detection who interrupts the protocol. Our protocol provides secure key sharing against an attacker that interrupts the protocol and impersonates legitimate processes. We experiment on the behavior of the uncertain channel on an actual device and confirm that our protocol achieves 128-bit security in a realistic execution time within 8.5 ms. To our best knowledge, our proposal is the first countermeasure for IPC with cryptographic strength under reasonable assumptions.
Highlights
This paper describes KA-inter-process communication (IPC) over a UDP socket channel; note that the socket hijacking [13] does not occur in the UDP socket communication
STEP 5: KEY VERIFICATION The client and server each exchange a message authentication code (MAC) value calculated using the key generated in Step 4 over the IPC2 channel and check whether they succeed in generating the same key
The attack success probabilities are calculated based on the behaviors of the communication channels using KA-IPC and the security parameters
Summary
Today’s computer systems are composed of hardware such as CPU, memory, and storage, and programs running on them. Modern OSs enable event-driven execution of processes by switching the execution of processes in a short time. In this way, today’s computer has a stack structure consisting of a hardware layer, an OS layer, and each layer works together to perform complex tasks. General OSs provide the mechanisms called inter-process communication (IPC) such as shared memory, named pipe, and network socket [1]–[5]. They enable the running processes to cooperate each other to perform a single task. Typical example of the latter case is a web browser application working with password management applications, music applications, and document management applications
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have