Andrew Paverd

Andrew Paverd

Doctoral Student

Student, Balliol College

Leaving date: 23rd November 2015

Themes:

• Security

Interests

Trustworthy Remote Entities

In this research endeavour we are designing, building and evaluating the Trustworthy Remote Entity (TRE), a highly-specialized single-function networked system that can perform privacy-enhancing data processing whilst providing a very high level of assurance. Unlike a trusted third party, users are not required to blindly trust the TRE. Instead, the TRE uses tools and techniques from the field of Trusted Computing, such as remote attestation and the Trusted Platform Module (TPM), to provide technical guarantees of its trustworthiness. This architecture allows us to use today's well-established cryptographic techniques and widely deployed hardware, such as the TPM, to perform Secure Multi-party Computation (SMC) cheaply and efficiently and use this to enhance privacy in the smart energy grid and other application domains.

Analysing Privacy Properties

For certain communication protocols, undetectability and unlinkability of messages or information items are desirable properties, and are used to reason about anonymity and privacy. The semi-honest or honest-but-curious (HBC) adversary is commonly used in the analysis of these privacy properties. In this work, we are developing a formal model of the capabilities of an HBC adversary with respect to undetectability and unlinkability. We have implemented our HBC model in the process algebra of CSP and integrated it into a specialized version of the Casper/FDR tool called Casper-Privacy.

Future Home Networks and Services

The objective of this project is to investigate the security and privacy aspects of future home networks and services. We have described a novel method for performing a characteristic-based security analysis of the Personal Network.

Selected Publications

View AllManage publications

• Exploring the use of Intel SGX for Secure Many−Party Applications

  K.A. Küçük‚ A. Paverd‚ A. Martin‚ N. Asokan‚ A. Simpson and R. Ankele

  In Proceedings of the 1st Workshop on System Software for Trusted Execution (SysTEX '16). New York‚ NY‚ USA. 2016. ACM.

  The theoretical construct of a Trusted Third Party (TTP) has the potential to solve many security and privacy challenges. In particular‚ a TTP is an ideal way to achieve secure multiparty computation—a privacy−enhancing technique in which mutually distrusting participants jointly compute a function over their private inputs without revealing these inputs. Although there exist cryptographic protocols to achieve this‚ their performance often limits them to the two−party case‚ or to a small number of participants. However‚ many real−world applications involve thousands or tens of thousands of participants. Examples of this type of many−party application include privacy−preserving energy metering‚ location−based services‚ and mobile network roaming. Challenging the notion that a trustworthy TTP does not exist‚ recent research has shown how trusted hardware and remote attestation can be used to establish a sufficient level of assurance in a real system such that it can serve as a trustworthy remote entity (TRE). We explore the use of Intel SGX‚ the most recent and arguably most promising trusted hardware technology‚ as the basis for a TRE for many−party applications. Using privacy−preserving energy metering as a case study‚ we design and implement a prototype TRE using SGX‚ and compare its performance to a previous system based on the Trusted Platform Module (TPM). Our results show that even without specialized optimizations‚ SGX provides comparable performance to the optimized TPM system‚ and therefore has significant potential for large−scale many−party applications.

  Details about Exploring the use of Intel SGX for Secure Many−Party Applications | BibTeX data for Exploring the use of Intel SGX for Secure Many−Party Applications | DOI (10.1145/3007788.3007793) | Link to Exploring the use of Intel SGX for Secure Many−Party Applications

• Characteristic−Based Security Analysis for the Personal Network

  Andrew J. Paverd‚ Fadi El−Moussa and Ian Brown

  In HomeSys Workshop at ACM UbiComp. 2014.

  Details about Characteristic−Based Security Analysis for the Personal Network | BibTeX data for Characteristic−Based Security Analysis for the Personal Network | Download Paverd-HomeSys-2014-slides.pdf of Characteristic−Based Security Analysis for the Personal Network | Download Paverd-HomeSys-2014-v4.pdf of Characteristic−Based Security Analysis for the Personal Network | DOI (10.1145/2638728.2641549) | Link to Characteristic−Based Security Analysis for the Personal Network

• Privacy−Enhanced Bi−Directional Communication in the Smart Grid using Trusted Computing

  Andrew J Paverd‚ Andrew P Martin and Ian Brown

  In Fifth IEEE International Conference on Smart Grid Communications (SmartGridComm 2014). 2014.

  Details about Privacy−Enhanced Bi−Directional Communication in the Smart Grid using Trusted Computing | BibTeX data for Privacy−Enhanced Bi−Directional Communication in the Smart Grid using Trusted Computing | Download Paverd-SmartGridComm-2014.pdf of Privacy−Enhanced Bi−Directional Communication in the Smart Grid using Trusted Computing | Download Paverd-SmartGridComm-2014-slides.pdf of Privacy−Enhanced Bi−Directional Communication in the Smart Grid using Trusted Computing | DOI (10.1109/SmartGridComm.2014.7007758) | Link to Privacy−Enhanced Bi−Directional Communication in the Smart Grid using Trusted Computing

Activities

• Software and Systems Security
• Cyber Security Oxford
• Systems Security

Supervisors