Nebuchadnezzar: Entering (and Exiting) the Matrix: A retrospective on my first year and a half of research: Dan Jones

I am still working on the ‘Summer’ project I started at the end of my training year. Whilst I believe this is a common occurrence in the CDT, it can still be an occasional source of anxiety!

Before I explain what’s taken me so long, I’ll quickly explain the project. I worked with my now supervisor, Martin Albrecht, to study Matrix, a protocol for end-to-end encrypted group messaging (think WhatsApp group chats). The protocol has over 80 million users, and is well used among the open source and free software communities as well as several governmental organisations. They have a presence in government organisations within France, Germany and Sweden. This includes healthcare services and, in the case of Germany, their military.

Our initial goal was to analyse the protocol. We would study it, precisely define its intended security goals, then determine whether it fulfils those goals. It’s in the final step that we attempt to write a security proof. This would be the first time I would work on a cryptography project and I was excited to give it a go.

Development of Matrix started in 2014, meaning that its design is relatively straightforward (cryptographically speaking). Especially when compared to modern group messaging protocols, such as the IETF’s forthcoming Message Layer Security. It seemed like the perfect candidate with which to cut my cryptographic teeth. What we did not expect, however, was the breadth of the protocol. We soon realised that covering the whole protocol in the summer project was not feasible. Instead, we decided to focus on a single component: the Megolm ratchet. By the end of the summer we had a formal description of the Megolm ratchet, a precise definition of its security goals, and a proof that it fulfils them.

As I transitioned into my first year of research, Martin introduced me to Benjamin Dowling who soon joined the project. With one more person on-board (and some added expertise) we got started on a more complete analysis of the whole protocol. Our first job was to synthesise the various specifications and documents that define it into a single precise description; this would form the basis of our analysis. In addition to documentation, the Matrix foundation also provides libraries to help others develop new software using the protocol. This proved a useful source for resolving ambiguities in the specification. It is sometimes the case that the secure way of completing a task is left implicit in written specifications; checking the source code is an easy way to double check our interpretation.

It is at this point where the project went a little off-track. We found several points of ambiguity in the documentation that could lead to security issues if implemented incorrectly. When we checked the source code, our hunch was right. There was a vulnerability! And another! Before long we had found six potential vulnerabilities: some in the specification, others in the source code. Often their root cause sat somewhere in-between.

Being a newbie, I wasn’t particularly confident in these findings (thinking such things as “Maybe I’ve just misunderstood the code?”). To quell these thoughts, we created proof-of-concepts for the more intricate attacks. That is, we implemented each attack in code, spun up a test server and ran the attacks. After verifying they worked, we disclosed our findings to the Matrix development team. During this time, we were contacted by Sofía Celi who was also studying Matrix and had found a similar set of issues. We joined together, collated our findings and disclosed the new vulnerabilities to Matrix. This work turned in to my first paper and has been accepted to the 44th IEEE Symposium on Security & Privacy.

It turns out that there can be a lot of public relations work involved when disclosing security vulnerabilities. After we agreed upon a public release date with Matrix, we prepared an explanatory website and even emailed a few journalists we thought would be interested. This is not something I would have thought to do, but my more experienced co-authors certainly did. Thanks to them this work was picked up in more places than I could have imagined and led to a bunch of new opportunities. It was featured in Ars Technica (syndicated to Wired) and The Register. We were fortunate enough to be invited to speak at Blackhat Europe, an IETF meeting and we even made a podcast appearance.

During much of this time, work on our analysis of the protocol was mostly stalled. This is something I was worried about. In fact, I initially resisted investigating these attacks to ensure we finished our analysis work first. In hindsight, going off-track to follow a lead was the best decision we could have made. All of this is to say, having the time and freedom to pursue new and interesting ideas that come up is a rare privilege that pursuing a PhD gives you. Use it! Regarding the original project, you’ll be pleased to know we have completed our security analysis of Matrix and thus, my summer project is now complete. Well, almost…

You can view the Blackhat presentation here


1.Now a lecturer at the University of Sheffield, Benjamin Dowling was previously a post-doc at the ISG!
2.The attacks were tested on local copies of the server and client software. Not in the real world!
3 Sofía Celi is a cryptographer at Brave Software.




Comments

Post a Comment

Popular posts from this blog

Remote working and Cyber Security: Georgia Crossland and Amy Ertan

Introducing the project The shift to remote working represents a huge shift for employees and organisations alike, introducing significant implications for cyber security. Amy Ertan and Georgia Crossland are currently working on a research project, in collaboration with the Research Institute for Sociotechnical Cyber Security (RISCS) and funded by the UK National Cyber Security Centre (NCSC), on the impact of remote working on cyber security and wellbeing. This blog post will give an overview of a section of this project, how remote working impacts cyber security. In response to COVID-19, in March 2020, organisations across the world made the rapid shift away from physical office working to remote working, wherever possible. This shift has had a significant impact across many aspects of organisations. This blog post will offer a high-level overview of how the cyber threat landscape was impacted for many organisations and may further change organisational cyber resilience. Remote workin...
Read more

New Publication: Remote Working and (In)Security?: Amy Ertan

Image
A recent research report by CDT researchers Amy Ertan and Georgia Crossland has been published with the Research Institute for Sociotechnical Cyber Security (RISCS). The report examines ‘The Impact of Pandemic-Driven Remote Working on Employee Wellbeing, the Psychological Contract and Cyber Security’, with research carried out through a series of interviews with senior cyber security colleagues between January and April 2021. The full report can be found on the RISCS website: New publication: Remote Working and (In)Security | RISCS. Context In the UK and around the world, the impact of COVID-19 represented a total shift away from what was considered ‘normal living’. One aspect of this change was the rapid transition to remote working as people were encouraged to work from home and limit contact with others as far as possible through repeated lockdown conditions. Fellow CDT colleague Georgia Crossland and I were curious to explore how remote working has impacted the experiences - and se...
Read more

The Artificial Intelligence Monster: Nicola Bates

Image
Christopher Booker in 2004 wrote of the seven basic plots to any story, one of these being ‘overcoming the monster’. Within Hollywood, such ‘monsters’ often reflects the zeitgeist balancing commercial requirements with the political and societal preoccupations of the age. The monster evolves over time - from Russia in the Cold War years through to lone actors and terrorists and now to seemingly shadowy figures controlling intelligence. Whilst generally lighter in tone, such monsters also exist within children’s cinema. In recent years this monster has become increasingly defined by their use of highly sophisticated technology, finally becoming the technology in ‘The Mitchells vs. the Machine’*. Lethal technology and subversive machines aren’t new concepts in children’s movies. They can, for example, be found in ‘Short Circuit’ back in 1986. This movie begins with five United States military robots in a training exercise against tanks and focusses upon one of the robots becoming ‘alive’...
Read more