Paper 2015/099

Universally Composable Firewall Architectures using Trusted Hardware

Dirk Achenbach, Jörn Müller-Quade, and Jochen Rill

Abstract

Network firewalls are a standard security measure in computer networks that connect to the Internet. Often, ready-to-use firewall appliances are trusted to protect the network from malicious Internet traffic. However, because of their black-box nature, no one can be sure of their exact functionality. We address the possibility of actively compromised firewalls. That is, we consider the possibility that a network firewall might collaborate with an outside adversary to attack the network. To alleviate this threat, we suggest composing multiple firewalls from different suppliers to obtain a secure firewall architecture. We rigorously treat the composition of potentially malicious network firewalls in a formal model based on the Universal Composability framework. Our security assumption is trusted hardware. We show that a serial concatenation of firewalls is insecure even when trusted hardware ensures that no new packages are generated by the compromised firewall. Further, we show that the parallel composition of two firewalls is only secure when the order of packets is not considered. We prove that the parallel composition of three firewalls is insecure, unless a modified trusted hardware is used.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Cryptography and Information Security in the Balkans Lecture Notes in Computer Science Volume 9024, 2015, pp 57-74
Keywords
Formal ModelsUniversal Composability
Contact author(s)
dirk achenbach @ kit edu
History
2015-08-19: revised
2015-02-23: received
See all versions
Short URL
https://ia.cr/2015/099
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/099,
      author = {Dirk Achenbach and Jörn Müller-Quade and Jochen Rill},
      title = {Universally Composable Firewall Architectures using Trusted Hardware},
      howpublished = {Cryptology ePrint Archive, Paper 2015/099},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/099}},
      url = {https://eprint.iacr.org/2015/099}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.