Cipher News Items

From the November 2004 E63 Issue

Cipher E63, November 18, 2004,
Special to Cipher, by Terry Benzel, USC ISI

DETER: A Laboratory for Security Research

The goal of the DETER laboratory effort is to create, maintain, and support a collaborative and vendor-neutral experimental environment for cyber-security research. It is intended to provide a center for interchange and collaboration among security researchers and testbed builders. The DETER effort includes:

The nucleus of the DETER laboratory effort is formed of two research projects, funded by the National Science Foundation (NSF) and the U.S. Department of Homeland Security Advanced Research Projects Agency (HSARPA):

The DETER testbed is designed to provide an experimental environment in which government, academic, and industry cyber-security researchers can safely analyze and measure attacks and develop attack mitigation and confinement strategies. In addition, the DETER project will provide tools and resources to enable repeatable experiment methodologies, allowing different researchers to duplicate and analyze the same experiments.

DETER is constructed using the cluster testbed technology developed by the University of Utah and known as "Emulab" see Much of the online documentation for DETER is taken from Emulab, since much of the control and administrative software is the same. However, there are some differences between DETER and Emulab, primarily to assure greater safety for malevolent code in DETER.

For example, a DETER experiment does not have a direct IP path to the Internet, unlike an Emulab experiment.

There will be no charge for the use of the DETER testbed. Acceptable use policies are approved by the sponsoring agencies. The DETER testbed is targeted, at least initially, at support for open and publishable research projects, typically academic research.

An initial version of the DETER testbed has been in operation since March 2004. DETER has been used by three research teams under the EMIST project to perform experiments on DDoS attacks, worm propagation, and BGP attacks using the initial testbed.

The DETER and EMIST teams held a workshop in late October to invite additional members of the research community to join the DETER experimenters community. We invite interested researchers to visit the DETER web site at and to request access to the testbed by sending a request to


Cipher E63, November 12, 2004,
Special to Cipher, by Carrie Gates, CERT/CC

The SiLK Suite of Netflow Tools

CERT/NetSA (Network Situational Awareness) has been developing a set of tools for the analysis of large amounts of NetFlow data. The SiLK (System for Internet-Level Knowledge) Suite was developed with two primary considerations: performance and security analysis. Performance has been a key consideration as the tools are intended for sites that receive large numbers of NetFlow records (such as ISPs and large organizations), and this has guided the format used for collection and storage.

Security analysis has been the driving motivation behind the development of this suite of tools. A number of summarization and statistical analysis tools are provided, along with tools to efficiently create, retrieve, and manipulate arbitrary sets of IP addresses and related information. These tools have been in operational use at a large site for the past two years, and have been used to do network analysis of DoS attacks, scan activity, worm tracking, and backdoor detection.

This suite has been released under the GPL and is available at:
A paper - More Netflow Tools: For Performance and Security by Carrie Gates, Michael Collins, Michael Duggan, Andrew Kompanek and Mark Thomas - on the tools with some sample security uses will be presented at the 18th Large Installation System Administration (LISA) conference on Thursday, 18 November 2004. After the conference, the paper will be available at:

John McHugh will also be presenting a tutorial at the Annual Computer Security Applications Conference (ACSAC) on Tuesday, 7 December 2004, that uses these tools. See for more information.  

Cipher E63, September 23, 2004,
Special to Cipher, by Sean Turner and Russ Housley

IETF Revises Cryptographic Message Syntax and Secure Multipurpose Internet Mail Extensions

Numerous protocols such as the Simple Mail Transport Protocol (SMTP, RFC 2821), the Session Initiation Protocol (SIP, RFC 3261), the Electronic Data Interchange (EDI) protocols, and some of the Public Key Information (PKI) certificate management protocols employ the CMS (Cryptographic Message Syntax) to protect their payloads.

The IETF has revised the CMS and Secure Mail Internet Mail Extensions (S/MIME) specifications to address protocol implementation issues and to support additional protocols: Ongoing work in the area includes mechanisms to exchange S/MIME capabilities between end users, and algorithm specifications. The S/MIME working group is also working on the necessary documentation to progress the CMS and S/MIME documents to Draft standard, which requires two interoperable implementations of each protocol feature.

For more information, contact Sean Turner (, Blake Ramsdell (, or Russ Housley (  

Cipher E63, November 10, 2004,
Special to Cipher, by Jason Holt,

The Rise of Pairing-based Cryptography and Identity-Based Encryption

Arjen Lenstra writes in the preface to the Autumn 2004 issue of the Journal of Cryptology:

...These days, the bilinear map that the pairing gives rise to is regarded as one of the basic tools that are at any cryptographer's disposal -- with no need to understand or fully appreciate its mathematical intricacies. Using pairings has become a mainstream cryptologic activity.

Lenstra appears to be correct; of the 35 papers presented in the research track of CCS last month, at least 3 made significant use of pairings, and the pairing-based crypto lounge now lists 205 papers.

The most visible application of pairings has been the identity-based cryptosystem proposed by Boneh and Franklin in 2001. IBE allows public keys to be generated for any {identifying string, certificate authority public key} pair; only the CA can generate the corresponding private key.

Three digital credential systems were introduced last year which all include pairing-based implementations:

Other applications include databases which encrypt records based on keywords which can only be decrypted by clients who have received private keys for records with a particular keyword.

Expect pairings to continue to play a major part in cryptography. The IBE-like systems they give rise to, with their ability to generate public keys for any string, have enabled a host of new transactions to take place. Their implementation over elliptic curves means that signatures and ciphertexts tend to be only a few hundred bits long. The question of whether the underlying bilinear diffie-hellman (BDH) problem is indeed intractable also presents a fascinating challenge for number theorists.