Fingerprinting Schemes against a Post-Quantum Cryptography IPsec/IKEv2 Encryption Appliance

dc.contributorAalto-yliopistofi
dc.contributorAalto Universityen
dc.contributor.advisorKaranko, Pihla
dc.contributor.advisorDushku, Edlira
dc.contributor.authorMeeranath, Swetha
dc.contributor.schoolPerustieteiden korkeakoulufi
dc.contributor.supervisorBrzuska, Chris
dc.date.accessioned2022-08-28T17:05:23Z
dc.date.available2022-08-28T17:05:23Z
dc.date.issued2022-08-22
dc.description.abstractCryptographic protocols secure data transmission over an untrusted network. Although the encryption mechanisms ensure confidentiality of the data, the encrypted network traffic is prone to traffic analysis attacks. The aim of this thesis is to determine the attack vectors of a post-quantum safe IPsec/IKEv2 encryption appliance called NQX, that acts as a Virtual Private Network (VPN) device. We study the characteristics of encrypted data packets, such as packet length and timestamp and use them in fingerprinting methods to extract valuable information about the applications used at communication endpoints. Existing works on fingerprinting encrypted network traffic have tested different encryption appliances using different protocols, whereas in this thesis we have, for the first time, analyzed the fingerprinting schemes against NQX, which uses post-quantum cryptographic algorithms. Results from our experiments, such as fingerprinting of websites, browsers, SSH connection establishment and file transfers, show that the fingerprints in the form of graphs are unique for every application. We further evaluate the fingerprints using various statistical analyses such as cross-correlation, mean squared error and compression analysis to classify which website was accessed or which browser was used. Finally, we discuss some traffic flow confidentiality mechanisms to overcome traffic analysis attacks.en
dc.format.extent56 + 3
dc.identifier.urihttps://aaltodoc.aalto.fi/handle/123456789/116267
dc.identifier.urnURN:NBN:fi:aalto-202208285081
dc.language.isoenen
dc.programmeMaster’s Programme in Security and Cloud Computing (SECCLO)fi
dc.programme.majorSecurity and Cloud Computingfi
dc.programme.mcodeSCI3113fi
dc.subject.keywordtraffic analysisen
dc.subject.keywordfingerprintingen
dc.subject.keywordvirtual private networksen
dc.subject.keywordencryptionen
dc.subject.keywordconfidentialityen
dc.subject.keyworddata analysisen
dc.titleFingerprinting Schemes against a Post-Quantum Cryptography IPsec/IKEv2 Encryption Applianceen
dc.typeG2 Pro gradu, diplomityöfi
dc.type.ontasotMaster's thesisen
dc.type.ontasotDiplomityöfi
local.aalto.electroniconlyyes
local.aalto.openaccessno

Files