Об угрозах информационной безопасности, актуальных для разработчика СЗИ
Sem 001 sem-001
1. Security Basics Seminar Agenda
Start Time Title Presenter
8:30 AM Introduction Hugh Thompson
8:45 AM Security Industry and Trends Hugh Thompson
9:30 AM Viruses, Malware and Threats Uri Rivner
10:15 AM Break
10:30 AM Governance, Risk and Compliance Justin Peavey
11:15 AM Application Security Jason Rouse
12:00 PM Break
1:15 PM Crypto 101/Encryption Basics, SSL & Certificates Ben Jun
2:00 PM Mobile and Network Security
Paul Youn
Marc Blanchou
2:45 PM Break
3:00 PM Authentication Technologies Bill Duane
3:45 PM Firewalls and Perimeter Protection Bill Cheswick
4:30 PM Seminar Adjourns
6. Hacking a soda machine…
US $0.10 Value US $0.25
23.5mm Size 24.26mm
5.7 g Weight 5.67 g
Nickel Composition Cupro-Nickel
Bahamas 10¢ US 25¢
7. The Shifting IT Environment
(…or why security has become so
important)
8. ► The business has to adhere to regulations, guidelines,
standards,…
► SAS 112 and SOX (U.S.) – have upped the ante on financial audits (and
supporting IT systems)
► PCI DSS – requirements on companies that process payment cards
► HIPAA, GLBA, BASEL II, …, many more
► Audits are changing the economics of risk and create an
“impending event”
Hackers may attack you but auditors will show up
► Disclosure laws mean that the consequences of failure have
increased
► Waves of disclosure legislation
Shift: Compliance and Consequences
9. • System communication is fundamentally changing – many
transaction occur over the web
• Network defenses are covering a shrinking portion of the
attack surface
• Cloud is changing our notion of a perimeter
• Worker mobility is redefining the IT landscape
• The security model has changed from good people vs. bad
people to enabling partial trust
– There are more“levels”of access: Extranets, partner access, customer
access, identity management, …
Shift: Technology
10. ► Cyber criminals are becoming organized and profit-driven
► An entire underground economy exists to support cybercrime
► Attackers are shifting their methods to exploit both
technical and human weaknesses
► Attackers after much more than traditional monetizable data
(PII, etc.)
► Hacktivism
► State-sponsored attacks
► IP attacks/breaches
Shift: Attackers
11. ► Customers, especially businesses, are starting to use
security as a discriminator
► In many ways security has become a non-
negotiable expectation of businesses
► Banks, photocopiers, pens, etc. are being sold based
on security…
► Security being woven into service level agreements
(SLAs)
Shift: Customer expectations
12. ► How do you communicate the value of security to the
enterprise (and management)?
► How do you measure security?
► How do you rank risks?
► How do you reconcile security and compliance?
► How can you be proactive and not reactive?
► What does“security”mean? Where does our job begin and
end?
► What about big issues in the news like APT’s, hacktivism,
leaks, DDoS attacks, …? How should/can we adapt what we
do based on them?
Big Questions
14. Hackernomics (noun)
A social science concerned chiefly with
description and analysis of attacker
motivations, economics, and business risk.
Characterized by
5 fundamental immutable laws and 4
corollaries
15. Law 1
Most attackers aren’t evil or insane; they just
want something
Corollary 1.a.:
We don’t have the budget to protect against evil people but we can protect
against people that will look for weaker targets
16. Law 2
Security isn’t about security. It’s about
mitigating risk at some cost.
Corollary 2.a.:
In the absence of metrics, we tend to over focus on risks that are either
familiar or recent.
17. Law 3
Most costly breaches come from simple
failures, not from attacker ingenuity
Corollary 3.a.:
Bad guys can, however, be VERY creative if properly incentivized.
18.
19.
20. Law 4
In the absence of security education or
experience, people (employees, users,
customers, …) naturally make poor security
decisions with technology
Corollary 4.a.:
Systems needs to be easy to use securely and difficult to use insecurely
21. Law 5
Attackers usually don’t get in by cracking
some impenetrable security control, they
look for weak points like trusting
employees
66. GRC Defined
Risk
Compliance
Governance
5
Governance is the culture, policies,
processes, laws, and institutions that
define the structure by which
companies are directed and managed.
Compliance is the act of adhering to,
and demonstrating adherence to,
external laws and regulations as well
as corporate policies and
procedures.
Risk is the effect of uncertainty on
business objectives; risk management
is the coordinated activities to direct
and control an organization to realize
opportunities while managing
negative events.
67. What is driving GRC
GRC
Security
Standards
Regulatory
Requirements
Risk
Management
Practices
Ethical and
Financial
Standards
New
Technologies
Transparency
and
Accountability
Demands
Demonstration
of Controls
6
68. Views of GRC
• GRC has traditionally been viewed as the structure and
actions in place to avoid negative consequences:
– Regulatory fines
– Costs/reputation loss due to security breach
– Costs associated with inefficiencies in operations
– Ethical or Financial Scandals
• Increasingly, GRC is being viewed as fundamental to
complex business operations
– Complex, multi-national legal and regulatory landscape
– Major highly-impactful events increasing the
consequences
7
69. Tangent: Why Regulation?
• Regulation is “controlling human or societal behavior by rules or restrictions”1
– Regulation attempts to produce outcomes or prevent outcomes which otherwise might not occur in
the desired manner.
• Schneier on Regulation2: “[it] is all about economics”
– In a capitalist system, companies make decisions on their own self interest. Normally this is a good
thing, but some effects of the decisions, externalities, are not borne by the companies.
– Regulation and Liability force the externalities to be part of the self-interest of the company and
become included factors in the decision making.
• Principle-based vs. Rules-based Regulation
– Principle-based is less proscriptive and generally weathers time better. It also generally leaves more
room for interpretation by both you and the regulators.
– Rules-based is more proscriptive and therefore generally more straightforward to ‘pass’, but the rules
can quickly be dated as new approaches emerge and the goal of the regulation can easily be lost
sight of.
• Key: Regulation is all about achieving a specific set of goals, understand what that goal is –
demonstrate to the regulator how your program achieves that goal.
1. ^ Bert-Jaap Koops et al. Starting Points for ICT Regulations, Deconstructing Prevalent Policy One-liners, Cambridge University Press, Cambridge: 2006, p. 81
2.Bruce Schneier. Do Federal Security Regulations Help?.
8
71. Getting Started (from within your security
program)
• Acknowledge that Information Security is a
Risk Management Discipline
• Acknowledge that fundamentally, you and
auditors are trying to achieve similar goals
• If you don’t already, begin integrating Risk
Management processes into security
operations
10
73. Developing a GRC Corporate Strategy:
The Strategy Roadmap
12
ANALYZE
Identify Process Dependencies,
Complexity and Priority
DISCOVER
Conduct Interviews and
Document GRC Processes
PLAN
Determine the Project Vision, Goals,
Scope and Stakeholders
ARCHITECT
Define a GRC Solution Architecture Based
on Process Analysis
PUBLISH
Deliver the Strategy Roadmap
Document and Application
SCHEDULE
Define the Project Approach,
Timeline and Resources
76. Recommendations
• Identify areas and high sensitivity areas and assets to start with (examples):
– Information Security
• Applications, Sites, Key Functions
– Vendor Management
• High Dependency, High Risk, High Cost
– Regulatory & Legal Compliance
– Finance/Ethics
• Establish baseline of expected activities/controls to measure from and assess risk
• Refine your assessment models from real data, focus on qualitative, not
quantitative analysis. Goal should be to prioritize most significant risks and most
valuable actions.
• Identify actionable or indicative information. Establish metrics/dashboards and
vehicle for getting them reviewed
• As your process stabilizes, look at eGRC options that may map well to your
company’s needs.
15
80. ► What do wireless devices, cell phones, PDAs, browsers,
routers, operating systems, servers, personal computers,
public key infrastructure systems, smart meters, watches,
televisions, stereos, and firewalls have in common?
QUICK QUESTION
Software
82. “Seven years ago I wrote another book: Applied Cryptography. In it I described a
mathematical utopia: algorithms that would keep your deepest secrets safe for
millennia, protocols that could perform the most fantastical electronic
interactionsunregulated gambling, undetectable authentication, anonymous
cash safely and securely. In my vision cryptography was the great technological
equalizer; anyone with a cheap (and getting cheaper every year) computer could
have the same security as the largest government. In the second edition of the same
book, written two years later, I went so far as to write: ‘It is insufficient to protect
ourselves with laws; we need to protect ourselves with mathematics.’
It’s just not true. Cryptography can’t do any of that.”
--Bruce Schneier
MAGIC CRYPTO FAIRY DUST
83. SECURITY = NON-FUNCTIONAL GOALS
► Prevention
► Traceability and auditing
► Monitoring
► Privacy and confidentiality
► Multi-level security
► Anonymity
► Authentication
► Integrity
► A very good basic book is
Schneier’s“Secrets and Lies”
84. SOFTWARE SECURITY IS HARD
►Complexity never, ever goes down
libraries
languages
compilers
interpreters
scripts
hacks
88. MODERN SECURITY IS RISK
COST OF MITIGATION COST OF BREACHES
OPTIMAL SECURITY AT
MINIMUM COST
TOTAL COST
COST ($)
0%
SECURITY LEVEL
100%
► There is no such thing as 100%
secure
► Must make tradeoffs
► Should be BUSINESS DECISIONS
► Proactive security is about building
things right
► Security is not a“function”
► It’s all about SOFTWARE
► Most security problems are
cause by software bugs and
flaws
► We MUST build secure software
90. WE CARE BECAUSE…
$59.5B billion – security flaws, bugs and software
– National Institute of Standards and Technology ‐ 2004
$100M ‐ $200M cost of product recall
– Wireless Device Providers
Hundreds of Thousands of Mobile User’s infected with malware
– Fortune 100, 2012
Software is business-critical and causes
significant impact when it fails …
$500M in lost market value
‐ Fortune 500 Entertainment Company
75% of all attacks occur at the application layer
– Gartner
World‐wide denial of service to cellular telephones
–Mobile Network Operator
91. Defects at Each Stage of Software Development
Requirements
Design
Testing
Coding
Maintenance
0
10
20
30
40
50
60
PercentageofDefects
Source: TRW
92. Cost of Fixing Defects at Each Stage
of Software Development
Requirements
Design
Testing
Coding
Maintenance
0
$3,000
$6,000
$9,000
$12,000
$15,000
CostPerDefect
Source: TRW
97. ► Perimeter security protects the LAN
► Network firewalls
► Intrusion detection
► Reactive
► Host security protects the machine
► Patching (operating systems and applications)
► Operational
► Software security protects ALL software
► (S)SDLC Think about what this means for your organization!
► Constructive
► Data security protects digital assets
► Data Security requires understanding of
► AT REST, IN MOTION, and IN USE
NEVER FORGETTHE INSIDE
108. ► Determine your output context
► Identify control characters
► Ensure output conforms to proper format
OUTPUT ENCODING
109. ACTIONS: BOTTOM-UP
► A few relatively simple things can make a tangible difference
and can help you get started with software security
► Within the next 3 months, you should:
► Begin to develop a resource set (e.g., portal)
► Start small with simple architecture risk analyses
► Target high-risk or high-profile applications
► Develop and socialize business-case justifications
► Make friends in low places!
► Leverage, if applicable, code scanning tools (where available)
► Never underestimate the power of simple tools
110. ACTIONS:TOP-DOWN
Aim for a 6-12 month journey:
► Chart out a strategic course of action to get where you want
to be;
► Get help: have a gap analysis performed
► Make achievable, realistic milestones
► Think about measurements & metrics for success
► Use outside help as you need it
► Document, share, and learn from your experience!
116. What Does Secure Mean?
Always required:
► Confidentiality
► Integrity
► Authentication
► Non-repudiation
Other criteria:
► Interoperability
► Performance
117. Good guys:
► Alice, Bob
Bad guys:
► Eve (passive, eavesdropper)
► Mallory, Oscar, Trudy (active, man in the middle)
Meet Alice and Bob
118. ► Obfuscation that is fast when you know the secrets, but
impossible or slow when you don’t.
► Computational security means that something cannot be
broken with available resources, either now or in the future.
► Aspects of complexity:
► Amount of data
► Processing power
► Memory capacity
How Does EncryptionWork?
119. Convenient and fast:
► Common algorithms: RC4, 3DES, AES
► Secret key must be agreed on in advance
► Group communication requires secure
key distribution
► No authentication
Symmetric Encryption
120. Asymmetric encryption uses two keys; one private and one public. The keys
are related.
► RSA, Elliptic Curve, Diffie-Hellman key exchange, Elgamal encryption,
and DSA. Also ECDH and ECDSA.
► Enables authentication and secure key exchange.
► Significantly slower than symmetric encryption.
Asymmetric Encryption
121. Well-known algorithms:
► RSA
► Textbook approach – signing involves“encrypting”w/private key
► In practice, use standard digest and padding method
► DSA, ECDSA
Digital Signatures
122. ► Random numbers are at the heart of cryptography.
► Used for key generation
► Weak keys equal weak encryption
► Types of random number generators:
► True random number generators (TRNG) – truly random
► Pseudorandom number generators (PRNG) – look random
► Cryptographically secure pseudorandom number generators
(CSPRNG) – look random and are unpredictable
Random Number Generation
123. ► Hash functions are lossy one-way transformations that
output fixed-length data fingerprints. Usually used for:
► Digital signatures
► Integrity validation
► Tokenization (e.g., storing passwords)
► Desirable qualities of hash functions:
► Preimage resistance (one-wayness)
► Weak collision resistance (2nd preimage resistance)
► Strong collision resistance and the Birthday attack
Hash Functions
124. ► Communicating securely requires more
effort than just putting the primitives
together
Protocols
Message
Digest
Message
Alice’s
certificate
Signature
Session
key
Encrypted
message,
certificate,
and
signature
Encrypted
session key
Encrypt with
session key
Sign with Alice’s
private key
Encrypt with
Bob’s public key
127. Example: BruteForce (Cryptanalysis)
DES Keysearch Machine, 1998
(Cryptography Research, AWT, EFF)
Tests over 90 billion keys per second,
taking an average of less than 5 days to
discover a DES key.
US Navy Bombe, 1943
Contains 16 four-rotor Enigma
equivalents to perform exhaustive
key search.
128. Simple EM attack with a radio
Usable signals even at 10 feet away
Devices Antennas
far field
near field
Receiver ($350)
Digitizer, GNU
Radio ($1000)
Signal Processing
(demodulation, filtering)
DPAWSTM side-channel
analysis software
Example: Sidechannel (Implementation)
129. ► Focus on Mpdp mod p calculation (Mqdq mod q similar)
Example: Sidechannel (Implementation)
For each bit i of secret dp
perform “Square”
if (bit i == 1)
perform “Multiply”
endif
endfor
SM S S S S S S S SM S SM SM S S S SM SM S S S S S S S S S
131. ► SSL is a hybrid protocol designed to turn an insecure
communication channel (regardless of protocol) into a
secure one
► Designed by Netscape in 1994, standardized in 1999 as TLS,
which is now at version 1.2 (2008, 2011)
► Protocol versions so far:
► SSL v2 - insecure
► SSL v3 - still secure
► TLS v1 - widely used, but not best
► TLS v1.1, v1.2 - not widely used
Introduction to SSL
SSL v2
49.85%
SSL v2
No
Suites
11.93%
No
support
38.22%
132. ► The SSL standard packages our knowledge of security
protocols for reuse
► Key services:
► Discovery and authentication
► Session key(s) generation
► Communication integrity
► Interoperability
► Extensibility
► Performance
SSL Goals
134. ► The situation is good, overall
► But there are several issues:
► Problems with certificate authorities
► Browsers talk to the sites with broken certificates
► We’re not good at keeping up with protocol evolution: SSLv2 still
widely supported; TLS v1.1 and TLS v1.2 virtually not supported.
► Too many plain-text (HTTP) web sites
► Issues related to mixed content (HTTP/HTTPS)
State of SSL
136. ► Digital identity often include a public/private keypair
► Usually exchanged at start of a session
► It is necessary to authenticate the keypair when faced with an active
man-in-the-middle attack
► We need third parties to help establish identity – generally a
certificate authority (CA)
► Digital certificates contain a public key, some identifying
information (e.g., name, address, etc.) and a signature
Digital Certificates
139. Certificate Authorities
► Estimated ~650 certificate authorities (EFF)
► Most browsers trust a small(ish) number of root certs, but the overall
number grows through chaining
► Any CA can issue certificate for any site
► Strong desire to keep certificates in DNS
(now that we are starting to implement DNSSEC)
The EFF SSL Observatory
https://www.eff.org/observatory
141. Resources
Understanding
Cryptography
Christof Paar and Jan
Pelzl
(Springer, 2009)
Applied Cryptography,
2ed
Bruce Schneier
(Wiley, 1996)
SSL and TLS
Eric Rescorla
(Addison Wesley,
2001)
SSL Labs
www.ssllabs.com
Qualys
142. ► In the first three months, you should:
► Identify where cryptography is used in your organization
► Identify infrastructure required for cryptographic implementations
(key management, certificates)
► Within six months, you should:
► Know what crypto can do. Explain the different security properties.
► Know what crypto can’t do. Gain basic knowledge of
implementation security issues
ApplyingWhatYou Have Learned
145. ► Totally unnecessary introduction
► Threats
► Users have it hard
► Vendors have it hard
► Solution (attempts)
► Conclusion
Agenda
146. ► Totally unnecessary introduction
► Threats
► Users have it hard
► Vendors have it hard
► Solution (attempts)
► Conclusion
You’re on your phone right now
147. Mobile Platforms
Data from IDC Press Release
Millions
of
Smartphones
32%
0
200
400
600
800
1000
Q3 2011 Q3 2012
150. ► Mobile applications here to stay
► More Line of Business apps will go mobile
► Modern phones are complex
► Complexity & attack surface often related
► Can’t stop Employee Liable Devices
MobileTrendTakeaways
151. ► Totally unnecessary introduction
► Threats
► Users have it hard
► Vendors have it hard
► Solution (attempts)
► Q&A
What could possibly go wrong?
152. ► Application Attack Vectors
► App – to – App
► App – to – OS
► App Installation Vectors
► Poorly policed markets
► 3rd party markets (Amazon, etc)
► SMS/Email
► Exploits
► Sideloading
Malicious Applications
154. ► Plankton malware appeared:
► What did“Angry Birds Rio Unlock”do?
► Steal your browser history
► Have the ability to install and add shortcuts
Plankton
155. ►OS vulns are valuable
►iOS: 100-200k
►Android: 30-60k
►Jailbreak research (jailbreakme)
►Zero days are out there
Mobile is a target
156. ► Software-defined radio
► Text messages, voice, data is always readable by active
attacker
► Text, voice most likely readable by passive attacker
► Requires more complicated RF stage
Cellularinterception for all!
157. ► SSL Observatory Project
► Jesse Burns (iSEC), Peter Eckersley (EFF)
► Data set available on Bittorrent
► Number of Trusted CAs
► Mozilla: 124 trust roots (~60 organizations)
► Microsoft: lists only 19 trust roots in Windows 7
► Silent on-demand updating!
► Can make this 300+ certs
► iOS and Android are close to Mozilla list
► They signed…. 1,482 CAs!
CertificateTrust
158. ► Early 2011 (Comodo):
► DigiNotar:
► Late 2012/early 2013 (TurkTrust):
Oops
159. ► Totally unnecessary introduction
► Threats
► Users have it hard
► Vendors have it hard
► Solution (attempts)
► Conclusion
Users HateYou (don’t feel bad)
166. ►500k – 1M installs
►Permissions: run at startup, read/write
bookmarks and history, modify contents of
your SD card, full network access
What permissions?
167. ►Still available
► Wall of text terms of service
►Served ads and modified browser
behavior
►Could steal your history
Invasive adware (legal Plankton)
168. ► Physical security is a real problem
► Devices will be lost or stolen
The Airline Pocket
170. ► Multiple
Apps Affected
► 6 of 7 Stored
Data Locally
► Significant
Reputation Risk
Case Study – Local Data Storage
171. ► Totally unnecessary introduction
► Threats
► Users have it hard
► Vendors have it hard
► Solution (attempts)
► Conclusion
Hard to get it right
172. ► Mobile applications are still on the Internet:
accept both PC and phone connections
► Common Real World Result:
► Primary website secured
► Mobile site unprotected
► Same credentials
► Issues can have worse results than on the
desktop
MobileWeb Attack Surface
173. ►It’s packaged software!
►Indirect Customer Relationship
►Long update lag:
►Users choose not to install patches
►Carrier testing requirements
App. Distribution Challenges
174. ►Inconsistent versions
►On older iOS devices
►More than half of Android devices
contain vulnerabilities
►Vendor specific OS and Software
OS and SoftwareVersions
176. ► Totally unnecessary introduction
► Threats
► Users have it hard
► Vendors have it hard
► Solution (attempts)
► Conclusion
What to do?
177. ► Claim to
► Improve manageability
► Attempt to provide data segregation
► Encrypt sensitive data (emails, contacts, attachments)
► Usually protected by a PIN (separate from main PIN)
► Enforce strong policies on all compatible devices
► Isolate and improve application security
► Remote Lock and remote Wipe
► Jailbreak detection
MDM/ SecureContainer Products?
178. ► Full Disk Encryption?
► Not enough
► Tamper resistant chip?
► iOS
► Data Protection API
► Android
► Difficult to do right
Can the data be secured?
179. ► Certificate pinning means you only accept a hardcoded
certificate for SSL/TLS
► Can be configured in iOS and Android
► Implement testing
Pin certificates
181. ► Jailbreak/root detection
► Easily circumvented
► Malware protection
► Application whitelisting on iOS
► Is isolating applications in a‘Container’a good idea?
The limits of safety
182. ► Totally unnecessary introduction
► Threats
► Users have it hard
► Vendors have it hard
► Solution (attempts)
► Conclusion
Don’t throw away your phone
183. ► There are limits to security on a mobile device
► The more attack vectors the harder something is to secure
► Your phone has a very large threat surface compared to
most other devices
Be careful with your sensitive data!
184. ► Turn off unnecessary attack surfaces (such as Bluetooth)
► Update and patch your applications
► Use MDM products, just don’t over rely on it
► Make it easy for users:
► Don’t store sensitive data on device (or limit what you cache, such as
only recent email)
► Consider using different mobile credentials for your apps
► Use strong credentials
Protectyourself
185. ► Paul Youn
► Technical Director at iSEC Partners
► paul@isecpartners.com
► Marc Blanchou
► Senior Security Engineer at iSEC Partners
► marc@isecpartners.com
► Thanks to:
► Alex Stamos
► Mike Warner
ThankYou
186. UK Offices
Manchester - Head Office
Cheltenham
Edinburgh
Leatherhead
London
Thame
North American Offices
San Francisco
Atlanta
New York
Seattle
Australian Offices
Sydney
European Offices
Amsterdam - Netherlands
Munich – Germany
Zurich - Switzerland
187. 1
Session ID:
Session Classification:
Bill Duane
RSA Security
Office of the CTO
Security Basics Seminar:
Authentication Technologies
SEM-001
Security Basics Seminar:
AuthenticationTechnologies
189. 3
► That is the eternal question…
► It has been in existence as long as people have
existed.
► It is often followed by:
► “Have we met before?”
► “What is a beautiful person like you doing in a place like this?”
► And“Would you like to come up to my place to see my collection
of strong authentication devices???”
► It also happens to be a foundation question for
security.
Who AreYou?
191. 5
► There has been a veritable explosion in consumer facing
Internet crime
► Phishing and Malware continue to grow at an alarming rate
► Fraud Attacks are also growing rapidly
► Pranksters and script kiddies have been replaced by professional
criminals, organized crime, and even governments
► In many cases the legal, ethical, and societal implications
have not kept pace with the crimes
► Well established concepts like jurisdiction, liability, and privacy begin
to crack when the crimes occur across the globe and traverse many
countries, political relationships, legal relationships and so on.
Phishing and Fraud
192. 6
Growth of Phishing Attacks
The number of unique phishing
attacks was rising to a peak of 40K in
August 2009, and has now been
harovering ound 24-25K per month.
We clearly are at an inflection point
where Phishing is starting to decline,
and trojans are increasing.
Ref: http://www.antiphishing.org/
There was a roughly 20% increase
in trojans as % of malware between
H2 2010 and H1 2011; the latest split is
shown.
•Crimeware steals financial info
•Data Stealing/Trojans for system control
•Other is the rest including auto-replicating worms,
telephone dialer scams, …
193. 7
► There is increasing concern about APTs in the industry,
especially in the defense contractors, the intelligence
community, and governments
► Low and slow; targeting specific people/organizations
► Often government sponsored
► APT= Advance Persistent Threat
► These situations show the organization, and sophistication
of the modern attacker
► Military in style
► Well funded
► Specific objectives/targeted
Growth of Attacks and Attack Methods
194. 8
► During a visit, the Secret Service mentioned that in order to
attack 10 million email addresses costs the Phisher only
$160, and yields the attacker $124,840 profit
► This assumes 50% of the emails bounce, and that only .001% of the
remaining people are duped
► If www.antiphishing.org is correct, and there are about
25,000 new phishing attacks per month…
► Multiplied together you get a whopping possible phishing
profit of $3,121,00,000 per month worldwide !!!
► Even if the number are off by an entire order of magnitude (unlikely)
it is still a whopping $312million per month worldwide!
The Economics of Phishing
195. 9
Strong authentication could help with many of these
problems, except…:
► The continues widespread use of passwords as
authenticators
► The fact that advanced authentication technologies have
not reached the price points needed to become
ubiquitous on the Internet
► The fact that advanced authentication technologies have
not reached an ease of use level where a child or my 90
year old grandmother can use them
► The fact that credit cards are static one-factor devices
► The fact that databases containing credit cards and
personal information are not encrypted
How does authentication factor in??
196. 10
► Without knowing with a high level of certainty who
you are dealing with:
► it is not possible to properly assign access control and
other rights
► it is not possible to trust a digital signature
► in many cases it makes no sense to encrypt data if you
don’t know who you are dealing with
► The basis for all security is authentication
The Need for Authentication
197. 11
► Strong Authentication typically binds an individual to a
secret
► The system you are attempting to access has some
mechanism to validate that you have the secret
► Sometimes the system knows the actual secret
► Sometimes the system knows something derived from the secret
► The secret can take many forms
► Passwords
► Symmetric cryptographic secrets
► Asymmetric cryptographic secrets
► The trick is, some secrets are more secret than others…
Authentication
200. 14
Passwords using parallel cryptography
Accessing
System
Accessed
SystemClear-Text
Password
Copy of
Digest
Cryptographic
Hash
Digest
Response MatchResponse
Combine the
challenge and
the digest to
produce the
response
Hash
Run the same
computation on the
server using the copy of
the digest
Response’
Copy of
Digest
Hash
Challenge
Generate a
Random
Number
Challenge
201. 15
► Test 1 (London)
► >70% revealed their
computer password for a
bar of chocolate
► 34% volunteered their
password when asked
without even needing to
be bribed
► 79% unwittingly gave
away information that
could be used to steal their
identity when questioned
► 33% share passwords
► On average, people have
to remember 4 passwords
The Problem with Passwords …
People!!!
► Test 3 (London)
► 81% revealed personal
information for chance to
win Easter chocolate
► 90% were willing to
give personal info in
2005 for the chance to
get theater tix
► People offered up identity
info like birth date, mothers
maiden name, first school
► 86% gave up pet’s name
► 90% gave up home phone
number
► After 2 minutes, enough info
was typically gathered to
allow an identity attack
► Test 1 (San Francisco)
► 67% turned over their
passwords for $3 coffee
coupons
► 70% of those who said“no
way”gave up significant
hints (wife’s name,
anniversary date, pet’s
name)
► 79% said they use the same
password for multiple Web
sites
► Nearly 60% have >=4
passwords
► One executive, too busy
to stop, sent his secretary
back with his password so
he could get the free
coffee (she gave up hers,
too)
202. 16
The Problem with Passwords …
Source: www.unitedmedia.com/comics/dilbert
A more resistant password :
1. Pick a passphrase
2. Select the first letters of every
word
3. add non-alphanumerics
4. surrounded with special
characters:
“At 1, Bill presented an
Awesome talk on
authentication”
A1BpaAtoa
^#A1BpaAtoa#^
µ^#A1BpaAtoa#^µ
I’m sure my grandma
will comply…
Where are my yellow
stickies?
204. 18
► Passwords have their good points:
► They are easy to use
► They are easy to remember
► They do not require external devices to operate
► They are Platform- independent
► They have no acquisition cost
► Minimal end-user training
The Benefits of Passwords
205. 19
► They are‘1 static factor’devices - it’s only something you
‘know’
► yellow stickies on your monitor, notes under your keyboard
► replay attacks are common
► Can be compromised, without knowing
► Social attacks
► Inconsistent formats between applications (Provisioning,
synchronization necessary)
► Passwords are actually quite expensive (Operating costs)
► Password reset and admin is frequently over 40% of what help desks
do!
The Problems with Passwords
206. 20
► Most passwords are poorly chosen
► Your dog’s name, your significant other’s pet name, the word
‘password’
► Most passwords are vulnerable to the widely available password
cracking programs
► Poorly chosen passwords significantly reduce the search
space for an attacker
► We are entering an age where passwords must be very
carefully used, and should not be used for controlling access
to critical accounts
The Problems with Passwords
208. 22
► Authentication tokens are small devices which generate a
new“password”(tokencode) for every authentication.
► They contain a secret key (seed) which is shared by an
authentication server
► Tokens usually have an LCD display, a small microprocessor, and a
battery. Tokens may have a keypad, and a real-time clock
► Tokens do require that the user carry them around, but
provide authentication without desktop software
OneTime Passcode (OTP)Tokens
209. 23
► Tokens are currently the most cost effective, and easiest to
use strong authentication solution
► They are common in the enterprise marketplace
► They are a proven technology
► They are easy to use
► There are a number of different types of token:
► Time-based
► Challenge-Response
► Counter-based
► Two of the biggest issues for the use of tokens in the
consumer Internet space include cost, and multi-site token
re-use
OTPTokens
210. 24
Challenge-Response OTPTokens
Authentication
Server
Challenge-
Response
Token
Copy of
Seed
Internal
Seed Challenge Challenge
Generate a
Random
Number
User inputs Challenge
on the Token Keypad
Response
User reads Response
on LCD, and enters it at
the logon prompt
Combine the seed and
challenge, then hash it
Hash
MatchResponse
Truncate the result as
needed to produce the
correct length Response
Copy of
Seed
Response’
Hash
Run the same hash
computation on the server
using the copy of the seed
Truncate the result and
compare Response’ and
the received Response
211. 25
Counter-Based OTPTokens
Authentication
Server
Counter-
Based
Token Copy of
Seed
Passcode
Combine the current time
and seed, then ‘hash’ it
Hash
Passcode
Truncate the result as
needed to produce the
correct length Response
Copy of
Seed
Match
Run the same ‘hash’ on the
server using the time and the
copy of the seed
Truncate the result and
compare Passcode’ and
the received Passcode
Passcode’
Hash
Internal
Seed
The token has an
internal counter
incremented by button
presses
The server’s counter
increments for each
authentication
212. 26
Time-Based OTPTokens
Authentication
Server
Time-
Based
Token Copy of
Seed
Passcode
Combine the current time
and seed, then ‘hash’ it
Hash
Passcode
Truncate the result as
needed to produce the
correct length Response
Copy of
Seed
Match
Run the same ‘hash’ on the
server using the time and the
copy of the seed
Truncate the result and
compare Passcode’ and
the received Passcode
Passcode’
Hash
Internal
Seed
The token has it’s
own internal clock
The server’s clock runs
independently from the
token’s internal clock
213. 27
► As we have seen, there are a variety of OTP tokens available
► In addition to the hardware tokens discussed, software
versions are available which run on PCs, notebooks, and
other mobile computers such as tablets and smart phones
► OTP tokens continue to be one of the most common strong
authentication methods, especially in the enterprise
OTPTokens
216. 30
► If you have a certain Public Key, as shown it
can be used to verify that the other system
has the matching Private Key
► To complete the process of PPK
Authentication:
► You need to trust that the Public Key is the right
one for an individual
► You need to secure the storage of the Private Key
PPK Authentication
217. 31
Trusting the Public Key
X.509 Digital Certificate
“I officially notarize the
association between this
particular User, and this
particular Public Key”
Serial Number: xxxxx
Validity: Nov.08,2003 - 08,2005
User Organization
CA - Ref.,LIAB.LTD(c)96
Organizational Unit = Digital ID Class 2 -
Chelmsford
Public Key:
ie86502hhd009dkias736ed55ewf
gk98dszbcvcqm85k309nviidywt
oofkkr2834kl
Signed By: RSA Security
Status:
218. 32
It’s all aboutTrust:
Serial Number xxxxx:
Validity: Nov.08,1997 - Nov.08,1998
User
Organization
CA - Ref.,LIAB.LTD(c)96
Organizational Unit = Digital ID Class 2 -
Chelmsford
Status:
Public Key:
ie86502hhd009dkias736ed55ewfg
k98dszbcvcqm85k309nviidywtoof
kkr2834kl
Signed By: VeriSign, Inc.:
Public Key
Certificate
Authority
Private Key
219. 33
► The private key must be securely stored
► Smart Cards are ideal
► Token protected storage is also very good
► Password protected storage is less ideal
► The whole trust of PPK systems comes down
to the trust of Certificates and Private Key
Storage
► And how you verify that the correct person is the
owner of the private key!
Trusting the Private Key
221. 35
► Alternative to passwords and smartcards
► Determine your identity by measuring your personal characteristics
► User friendly
► Nothing to remember, nothing to enter
► Hard to mess up
► No token to drop or give away
► No password to forget, write down or tell a friend
► They can be 2 or 3 factor authenticators
► Something you are plus something you have or know
► They are cool
Biometrics
222. 36
► A large number have been proposed
► Fingerprints
► Retina scan, iris scan
► Facial Recognition
► Hand shape
► Blood vessels
► Voice
► Body Odor
► DNA (no commercial systems)
► Different characteristics
► Cost, convenience, stability, security, spoofing
Different biometrics
223. 37
► Advantages
► Some types support cheap sensors
► Non-intrusive
► Small form factor
► Simple to use
► Disadvantages
► Identification is not unique
► Best have an error of 1:100 000 (that’s only 17 bits)
► Does not work in all environments
► Gloves, worn down fingertips
► Can be stolen without direct contact with user
Example: Fingerprints
224. 38
► Over the last couple of years
there have been some
interesting biometric
developments
► Biometrics have entered the
consumer market in a
reasonably large way
► Large numbers of
notebooks
now contain a biometric
fingerprint sensor
► Match on device
functionality is becoming
technically reasonable
Biometrics Update
225. 39
► Where do you store the Biometric patterns, and how is that
protected?
► You use the same fingerprint everywhere
► You leave your fingerprint everywhere
► How much‘training’is require to get a good template?
► There is some part of the population where the Biometric
does not work, for example:
► Masonry and other construction workers who have worn down their
fingerprints
► The fingerprint of senior citizens cannot be read in many cases
► Master criminals or spies who etched their fingerprints off with acids
The issues with Biometrics
226. 40
► For me, perhaps the biggest problem with
biometrics is theft of identity, and the related
problem of revocation:
► Unlike other security credentials, a biometric is you!
► If some evil-doer gets your biometric template, they can
impersonate you personally
► How do you deal with the theft of your template?
► Lobbing off digits hardly seems appropriate
► You only have one voice, two eyes, one body odor, … so
invalidating the compromised biometric is of limited use
The issues with Biometrics
227. 41
Revocable BiometricTemplates
The original image
is not used as a template
It is first morphed with
a master ‘key’
The resulting horrific
morphed image becomes
the master template
In all subsequent authentications, the raw image is morphed using
the same master key before the biometric authentication is performed
If the morphed template is ever compromised, the original image is not revealed.
The master key can then be destroyed and a new one used.
229. 43
► In many cases RFID is Identification, not Authentication
► The RFID tag asserts it’s identity by broadcasting a unique identifier,
but does not perform a cryptographic operation to prove that it is
the authentic tag
► However, sophisticated tags exist, and more are being
developed, and as a result, I can see a time where tags will
assert identity, then be able to perform something like a
challenge-response validation of a symmetric or asymmetric
key.
► As a result, they are worth talking about in the context of
authentication…
Is RFID Authentication??
230. 44
► Since RFID tags transmit their identity, they can leak privacy
information; even when their intended use is over.
► Steamboat Mountain & hospitals are well thought out RFID apps
► Benefits thoroughly explained in advance / opt-in
► Some RFID privacy advancements are happening
► Kill tags/blocker tags
► The RFID devices must be built on
strong cryptography
► Data must be encrypted, and should not
be static
► Algorithms should be peer reviewed
► TI/Speedpass –Cracked/cloned by RSAlabs
and John Hopkins
► ISO14443/EMV (encrypted/dynamic)
► New RFID technologies to watch:
► Near-Field Comms
► RuBee (Long Wave ID- LWID)
RFID and Privacy
231. 45
► 2006 World Cup Football (Soccer) in Germany
► RFID based admission tickets
► China Olympics RFID based tickets
► NIST publishes a report warning about the dangers of RFID
► Report recommends careful application
► Growth in food tracking area: meat and poultry in Norway;
Thai rice; Malaysia livestock; Spanish meat;
► Amish farmers resist RFID tagging of livestock
on religious grounds
► Some religious groups resist biometrics
as the‘mark of the beast’
► Viagra bottles will now have RFID tags to prevent
counterfeiting!
► Publicized attacks on MiFare based transit cards
Some Noteworthy Recent RFID Events
232. 46
► Saguaro National Part in Tuscon, AZ to tag cacti with
RFID tags to thwart thieves (a Cactus is about $2k
each, the tags are $4); following similar program in
Las Vegas.
A few of my favorite RFID news items
Johnathan Oxer
Melbourne, Australia
“Australia’s geekiest geek!”
RFID Tag was implanted tag left arm
Used to unlock his car and home
Cool but possibly dangerous…
234. 48
How do humans authenticate?
Looks like John
He’s at John’s House
John has a dog which
hates to be washed
John likes short hair
John has a son
That’s John’s wife
It is John!
235. 49
► We authenticate by combining a set of lower confidence
authentications into an aggregate authentication
► The process is not mathematically exact
► There is error and low confidence in many of the individual pieces of
data
► However, taken in total, our confidence in the authentication
is increased to a level above which we have confidence in
the authentication
Human Authentication
236. 50
► This technique is emerging as the new model for electronic
authentication
► Composite authentications first started to emerge in the
area of on-line banking
► Composite authentications combine a number of weak
authentications into a stronger authentication
► While it may be possible to intercept or replay some of the
composite parts, it is very difficult to simulate all the parts of
a well designed composite
Composite Authentications
237. 51
Composite Authentications
Is it really Sally? She knew Sally’s password
She is connecting via
Sally’s ISP
She is using the same
browser Sally uses
This is the same computer
which Sally used before
She is connected at
the same time Sally
typically connects
She is doing the same
operations which Sally
typically does
It’s Sally!!
She interacts with the
computer like Sally
238. 52
► Typically these authentications perform a risk scoring based
upon all the data
► If the score is too low, the authentication fails
► If the score is above a threshold, then the authentication succeeds
► If the score between the two:
► The end user may be prompted for more information
► Mother’s maiden name, color of first car, …
► Or the user may be contacted through some other out of band method
► Calling the end user cell phone
► By their nature, composite authentications are difficult to
mathematically compute an effective bit strength for
► And this would miss some of their inherent strengths
Composite Authentications
239. 53
► I think this is one of the most interesting evolutions in
authentication technology to have occurred over the last
few years
► The composite mix must be kept fresh, or the attackers will
compromise enough of the composite to make it weak
► A good composite is diverse, and changes over time
► Watch to see composite authentication branch into the
enterprise and other non-banking consumer settings.
► Various frameworks for comparing authentication methods
(such as NIST 800-63) have not caught up with this trend yet,
so be careful.
Composite Authentications
241. 55
► Publically, I expressed dismay with the RFID passport proposals
► Lack of privacy, lack of encryption, …
► Some progress has been made
► Shielded passport cases
► Data is encrypted
► Auth via open passport data
► There still are problems:
► The RFID chips have been cloned
► The encryption appears to have been cracked
► Some sites have discussed putting your new passport in a microwave to disable
the RFID chip
► I don’t recommend that!
Electronic Passports
242. 56
► A US form of government ID is emerging with Real ID
► Federal standard for drivers licenses
► Digimarc is the leader in this effort
► Mandates validation of person
before issuance
► Cryptographic security features
► Biometric quality image
► Scan of database done for
facial match during issuance
► Can be used for Real-Time
► Other features such as ghost image
and micro-fine art; holograms; …
► Enhanced versions (RFID) of this card act as the Western Hemisphere Travel Initiative PASS card
► Some groups are against Real ID on privacy grounds
► Tracking individuals, keeping copies of produced documents, centralized database
► It is moving forward, currently 25+ states have pass legislation to adopt Real ID
► Current plans are that by 2014 most people will be required to have a Real ID document – most
likely a drivers license
Real ID
243. 57
► Many of the same ideas we have talked about apply to credit cards
► Like passwords, credit cards are static authenticators
► In many ways, credit card numbers are *worse* than passwords:
► Their lifetime is extremely long
► Credit Card information is often stored in the clear on merchant systems
► Unlike all modern password systems which do not store clear passwords
► The frustrating part is that many security and authentication technologies could be applied to
credit cards today
► OTCC – One Time Credit Card
► Encryption of merchant databases
► Dynamic second factors (like CCV codes)
► Unfortunately these changes will come
about slowly
► EMV and some of the new Mastercard and
Visa initiatives are very good starts
► Canada and Mexico are going to EMV
► Will this push fraud into the US??
► In the US, real-time authorization with RBA
Credit Card Fraud
245. 59
How do they compare?
Cost of Authenticator
RelativeSecurity
246. 60
Type Is Key
Secret?
Strength Portability Ease of
use
Cost
Password Maybe Weak High Easy Very High
OTP Yes Strong High Medium Medium
Smart Card
&Certificate
Yes Strong Low Medium High
Biometric No Weak –
static
Low Very Easy Medium
RFID No Weak -
static
Low Very Easy Low
Composite Typically
not
Hard to
quantify
Low Easy Low
Credit Card No Weak -
static
High Easy Low
How do they compare?
247. 61
Authentication Factors: Something You _____
Know Have Are Do
Text PIN IP Address
Scratch-off /
Bingo Card
Fingerprint
Keystroke
Dynamics
Visual PIN Browser Type
Phone / PDA
w/OTP
Hand
Geometry
Voice Print
Text
Password
Cookie OTP Token
Face
Recognition
Access
Pattern
Life
Questions
Certificate USB Device Iris Scan
Toolbar / Agent
Proximity /
Smart Card
Retina Scan
AuthenticationTiers
Authentication Tiers:
Likely combinations
of factors
Low end to high
#1: Composite +
Password
#2: Soft Token +
Password
#4: Hard Token + PIN
#3: Soft Token + Biometric #5: Hard Token +
Biometric
248. 62
There are a few recommendations I can give:
► Static Passwords must not be used to protect anything with value
► OTP will continue to be strong in the enterprise, but new technologies
like RFID and Biometrics are making inroads
► That said, there have been recent significant attacks on the core
algorithms which underlie some OTP tokens – choose wisely.
► The first active MITM attacks have appeared
► The emergence of composite authentications, especially when
combined with other forms of authentication represent an important
new branch on the tree of authentication methods.
► Most importantly, do not standardize on one technique or algorithm!
► This is a dynamic environment, and you will need diversity and flexibility to choose the
best authentication solution to meet your needs.
Flexibility and Diversity
250. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
FIREWALLS AND PERIMETER
DEFENSES
William Cheswick
cheswick.com
http://www.cheswick.com/ches
1
Sunday, February 24, 13
251. ▶ Slide▶ of 76
Perimeter
Defenses allow
one to focus
defensive
expertise and
efforts on a small
area
2
Sunday, February 24, 13
252. ▶ Presenter
Logo
▶ Slide▶ of 77
Where do you put them?
How many do you need?
How do you get through them?
How do you test them?
3
Perimeter defenses
Sunday, February 24, 13
254. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
5
Sunday, February 24, 13
255. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
6
Sunday, February 24, 13
256. ▶ Presenter
Logo
▶ Slide▶ of 77
•1622: Tilly captured the castle
after a two-month siege
•1689: Captured by 30,000
French in a few hours
–insufficient number of defenders
7
Heidelberg Castle:
failure modes
Sunday, February 24, 13
257. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
▶Scotland Yard
8
Sunday, February 24, 13
258. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
▶Edinburgh castle
9
Sunday, February 24, 13
259. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
10
Sunday, February 24, 13
261. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
12
Sunday, February 24, 13
262. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
13
Sunday, February 24, 13
263. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
14
Sunday, February 24, 13
264. ▶ Presenter
Logo
▶ Slide▶ of 76
Security
Doesn’t Have
To Be Ugly.
Does it have
to be
inconvenient?
No.
15
Sunday, February 24, 13
265. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
16
Sunday, February 24, 13
268. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
19
Sunday, February 24, 13
272. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
23
Sunday, February 24, 13
273. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
Warsaw old city, layer 2
24
Sunday, February 24, 13
274. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
Intimidation is a layer
25
Sunday, February 24, 13
275. ▶ Slide▶ of 76
Perimeter
Defenses don’t
scale
26
Sunday, February 24, 13
276. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
▶The Pretty Good Wall of China
27
Sunday, February 24, 13
277. ▶ Presenter
Logo
▶ Slide▶ of 77
Built to keep out the barbarians of the north
and their economy
Formed from shorter segments
Ghengis Khan walked past the wall,
unopposed, and into Beijing
A wall is a single layer
28
The Great Wall
Sunday, February 24, 13
278. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
29
Sunday, February 24, 13
279. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
30
Sunday, February 24, 13
281. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
▶Parliament: entrance
32
Sunday, February 24, 13
282. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
▶Parliament: exit
33
Sunday, February 24, 13
283. ▶ Slide▶ of 76
Intranets
34
Sunday, February 24, 13
284. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
INSERT YOUR SESSION TITLE HERE,
MYRIAD PRO CONDENSED, 32PT
CAPITALIZE EACH LETTER
CAN BE UP TO
FIVE LINES
Presenter’s Name
Presenter’s Company / Organization
Co-Presenter’s Name
Co-Presenter’s Company / Organization
35
Sunday, February 24, 13
285. ▶ Presenter
Logo
▶ Slide▶ of 76
Allentown
Murray
Hill
Columbus
Holmdel
SLIP
PPP
ISDN
X.25
cable
...
Lucent - 130,000, 266K IP
addresses, 3000 nets ann.
Murray
Hill
The Internet
~200 business partners
thousands of
telecommuters
36
Sunday, February 24, 13
289. ▶ Slide▶ of 76
Anything large
enough to be called
an intranet is probably
out of control
40
Sunday, February 24, 13
290. ▶ Presenter
Logo
▶ Slide▶ of 77
“All of [the gateway’s] protection
has, by design, left the internal
AT&T machines untested---a
sort of crunchy shell around a
soft, chewy center.”
▶ The Design of a Secure Internet Gateway,
W.Cheswick, Proc. of Winter Usenix, Anaheim, 1990
41
A simile for the ages?
Sunday, February 24, 13
291. ▶ Presenter
Logo
▶ Slide▶ of 77
The largest is probably NIPRNET,
~2 million hosts
A high tech company has about two
active IP addresses per employee
Low tech is around one per
employee
Small ones are enclaves.
42
Fun intranet facts
Sunday, February 24, 13
292. ▶ Presenter
Logo
▶ Slide▶ of 77
For wusses with hosts that can’t
hack it on the real Internet
A gateway fascist decides which
traffic is good and bad
Cheaper than deploying firewalls in
every host
But we do that, too
43
Perimeter Defenses
Sunday, February 24, 13
293. ▶ Presenter
Logo
▶ Slide▶ of 77
They are hard to do
They look easy to do
They provide a false sense of
security
They don’t scale
Everybody scales them
44
Problems with PDs
Sunday, February 24, 13
294. ▶ Presenter
Logo
▶ Slide▶ of 77
Dangerous services are
attacked from the outside
We import trouble, like
Buffy’s vampires
email
USB sticks
alien devices
45
How Does Trouble Arrive?
Sunday, February 24, 13
295. ▶ Presenter
Logo
▶ Slide▶ of 77
Network services may have
exploitable security holes
Best answer: remove services
PD answer: get out of the game
46
Attack from the outside
Sunday, February 24, 13
297. ▶ Presenter
Logo
▶ Slide▶ of 7648
“Best block is not be there”
-- Mr. Miyagi, Karate Kid
Sunday, February 24, 13
298. ▶ Presenter
Logo
▶ Slide▶ of 77
Firewalls block the bad stuff, and
let in the good stuff
Routing and addressing tricks
also get you out of the game
RFC 1918 addresses
IPv6 FD address range
49
Getting out of the game
Sunday, February 24, 13
299. ▶ Presenter
Logo
▶ Slide▶ of 76
▶to Internet
▶router
▶“inside” hosts (192.168.0.0/16)
▶outside hosts
50
Sunday, February 24, 13
300. ▶ Presenter
Logo
▶ Slide▶ of 77
Indirectly-connected hosts can
be scanned by intermediaries
if they are compromised or
if spoofed packets are possible
Important: block spoofed packets
51
Key Points to hiding networks
Sunday, February 24, 13
301. ▶ Slide▶ of 76
Internet Firewalls
52
Sunday, February 24, 13
303. ▶ Presenter
Logo
▶ Slide▶ of 77
“inside” and “outside”
the weakest part: thinking of “the
inside” as being secure. It
mostly isn’t.
54
Firewalls tend to be
directional
Sunday, February 24, 13
304. ▶ Presenter
Logo
▶ Slide▶ of 77
Standard servers are too
dangerous to expose to outside
access
TCP/IP packets are too
dangerous
No IP connectivity to outside
55
Behind firewalls
Sunday, February 24, 13
307. ▶ Presenter
Logo
▶ Slide▶ of 77
Avoids Denial of Service Attacks
(DOS) attacks on important hosts
This is a network-level, not host-level
problem
Walled garden makes intruders
easy to spot, by definition
They keep a lot of the chaff out
58
Two benefits
Sunday, February 24, 13
308. ▶ Presenter
Logo
▶ Slide▶ of 77
Generally centralized defense
against attacks
Cheaper to focus your smarts in
one location
Host-based firewalls blend into
host-based security
59
Firewalls
Sunday, February 24, 13
309. ▶ Presenter
Logo
▶ Slide▶ of 77
Packet: usually “packet filter”
Circuit: c.f. socks
Application level
“Deep packet inspection” (DPI):
packet-level analysis of deeper
data
60
Levels of firewalls
Sunday, February 24, 13
310. ▶ Presenter
Logo
▶ Slide▶ of 77
Generally fast and cheap
Generally stupid: use tricks to
enhance
stateful: keep track of sessions
61
Packet filters
Sunday, February 24, 13
311. ▶ Presenter
Logo
▶ Slide▶ of 77
“Computer acting as a wire”
SOCKS
Specific TCP connections copied
by a relay program
Not used much any more, but
can be a convenient tool
62
Circuit level
Sunday, February 24, 13
312. ▶ Presenter
Logo
▶ Slide▶ of 77
Understands the service it is
filtering
E.g. mailer receives and scans
email before forwarding
63
Application level
Sunday, February 24, 13
313. ▶ Presenter
Logo
▶ Slide▶ of 77
Relatively cheap and easy to do
Can be done at network speeds
Note: not new technology
64
Benefits of DPI
Sunday, February 24, 13
314. ▶ Presenter
Logo
▶ Slide▶ of 77
It is impossible to do correctly,
so
good enough has to be good enough
Why? Doing it right requires
packet normalization.
65
Problems with DPI
Sunday, February 24, 13
315. ▶ Presenter
Logo
▶ Slide▶ of 77
Fragmented packets
TCP overlap interpretation
Packet distance hacks
See Vern Paxson’s work for gory
details
66
Packet Normalization
Problems
Sunday, February 24, 13
316. ▶ Presenter
Logo
▶ Slide▶ of 77
Block everything by default
Allow safe stuff through
Outgoing is generally okay
UDP is generally not okay
but what about DNS, voice?
67
General Filtering Rules
Sunday, February 24, 13
317. ▶ Presenter
Logo
▶ Slide▶ of 77
RFC1918 addressing inside
Outgoing stuff only
Cheap from Costco, etc.
You can patch your Windows
system in relative safety
68
NAT is a close match for
these
Sunday, February 24, 13
318. ▶ Presenter
Logo
▶ Slide▶ of 77
Much harder to filter with
firewalls
Sandboxing seems to be the
most promising technology
It is getting harder to cruise the
web safely, even at “safe” sites.
(Thank advertising)
69
Invited Attacks
Sunday, February 24, 13
319. ▶ Presenter
Logo
▶ Slide▶ of 77
Alternative to Firewalls and
Perimeter Defenses
70
Internet Skinny Dipping
Sunday, February 24, 13
320. ▶ Presenter
Logo
▶ Slide▶ of 77
It can be done
Many services are too dangerous
to run
Requires some user forbearance
Can defend nicely against insider
attacks
71
Strong Host Security
Sunday, February 24, 13
321. ▶ Presenter
Logo
▶ Slide▶ of 77
browsers, etc. are full-featured
full-featured is a technical term
for “full of security bugs”
This is an open security problem:
better OSes, sandboxing, VMs,
etc.
iPhone might be leading this!
72
Inviting trouble in
Sunday, February 24, 13
322. ▶ Presenter
Logo
▶ Slide▶ of 77
Does not scale
Medium-level defense at best
No protection from insider
attacks
73
Summary - perimeters
Sunday, February 24, 13
323. ▶ Presenter
Logo
▶ Slide▶ of 77
Useful medium-level defense
Little protection from invited
trouble
One of many tools
74
Summary - firewalls
Sunday, February 24, 13
324. ▶ Presenter
Logo
▶ Slide▶ of 77
We are losing the virus detection
war
Supply chain attacks are coming
The bad guys only have to find
one weakness
Patch analysis reveals
weaknesses
75
Many Bad Things are Out
There
Sunday, February 24, 13
325. Session ID:
Session Classification:
▶ Slide▶ of 77
SEM-0001
xxxxxxxxxxxx
FIREWALLS AND PERIMETER
DEFENSES
William Cheswick
cheswick.com
http://www.cheswick.com/ches
76
Sunday, February 24, 13