SlideShare une entreprise Scribd logo

20 security

Télécharger en tant que PPTX, PDF
A
abiy2004
TechnologieFormation
1  sur  51
CSCI-1680 Security Andrew Ferguson Based on lecture notes by Scott Shenker and Mike Freedman
Today’s Lecture • Classes of attacks • Basic security requirements • Simple cryptographic methods • Cryptographic toolkit (Hash, Digital Signature, …) • DNSSec • Certificate Authorities • SSL / HTTPS
Basic Requirements for Secure • Availability:Communication Will the network deliver data? – Infrastructure compromise, DDoS • Authentication: Who is this actor? – Spoofing, phishing • Integrity: Do messages arrive in original form? • Confidentiality: Can adversary read the data? – Sniffing, man-in-the-middle • Provenance: Who is responsible for this data? – Forging responses, denying responsibility – Not who sent the data, but who created it
Other Desirable Security • Authorization: is actor allowed to do this action? Properties – Access controls • Accountability/Attribution: who did this activity? • Audit/Forensics: what occurred in the past? – A broader notion of accountability/attribution • Appropriate use: is action consistent with policy? – E.g., no spam; no games during business hours; etc. • Freedom from traffic analysis: can someone tell when I am sending and to whom? • Anonymity: can someone tell I sent this packet?
Internet’s Design: Insecure • Designed for simplicity in a naïve era • “On by default” design • Readily available zombie machines • Attacks look like normal traffic • Internet’s federated operation obstructs cooperation for diagnosis/mitigation
Eavesdropping - Message Interception (Attack on Confidentiality) • Unauthorized access to information • Packet sniffers and wiretappers • Illicit copying of files and programs A B Eavesdropper
Eavesdropping Attack: Example • tcpdump with promiscuous network interface – On a switched network, what can you see? • What might the following traffic types reveal about communications? – DNS lookups (and replies) – IP packets without payloads (headers only) – Payloads
Integrity Attack - Tampering • Stop the flow of the message • Delay and optionally modify the message • Release the message again A B Perpetrator
Authenticity Attack - Fabrication • Unauthorized assumption of other’s identity • Generate and distribute objects under this identity A B Masquerader: from A
Attack on Availability • Destroy hardware (cutting fiber) or software • Modify software in a subtle way • Corrupt packets in transit A B • Blatant denial of service (DoS): – Crashing the server – Overwhelm the server (use up its resource)
Basic Forms of Cryptography
Confidentiality through Cryptography • Cryptography: communication over insecure channel in the presence of adversaries • Studied for thousands of years • Central goal: how to encode information so that an adversary can’t extract it …but a friend can • General premise: a key is required for decoding – Give it to friends, keep it away from attackers • Two different categories of encryption – Symmetric: efficient, requires key distribution – Asymmetric (Public Key): computationally expensive, but no key distribution problem
Symmetric Key Encryption • Same key for encryption and decryption – Both sender and receiver know key – But adversary does not know key • For communication, problem is key distribution – How do the parties (secretly) agree on the key? • What can you do with a huge key? One-time pad – Huge key of random bits • To encrypt/decrypt: just XOR with the key! – Provably secure! …. provided: • You never reuse the key … and it really is random/unpredictable – Spies actually use these
Using Symmetric Keys • Both the sender and the receiver use the same secret keys Plaintext Plaintext Encrypt with Internet Decrypt with secret key secret key Ciphertext
Asymmetric Encryption (Public Key) • Idea: use two different keys, one to encrypt (e) and one to decrypt (d) – A key pair • Crucial property: knowing e does not give away d • Therefore e can be public: everyone knows it! • If Alice wants to send to Bob, she fetches Bob’s public key (say from Bob’s home page) and encrypts with it – Alice can’t decrypt what she’s sending to Bob … – … but then, neither can anyone else (except Bob)
Public Key / Asymmetric Encryption • Sender uses receiver’s public key – Advertised to everyone • Receiver uses complementary private key – Must be kept secret Plaintext Plaintext Internet Encrypt with Decrypt with public key private key Ciphertext
Works in Reverse Direction Too! • Sender uses his own private key • Receiver uses complementary public key • Allows sender to prove he knows private key Plaintext Plaintext Internet Decrypt with Encrypt with public key private key Ciphertext
Realizing Public Key Cryptography • Invented in the 1970s – Revolutionized cryptography – (Was actually invented earlier by British intelligence) • How can we construct an encryption/decryption algorithm with public/private properties? – Answer: Number Theory • Most fully developed approach: RSA – Rivest / Shamir / Adleman, 1977; RFC 3447 – Based on modular multiplication of very large integers – Very widely used (e.g., SSL/TLS for https)
Cryptographic Toolkit
Cryptographic Toolkit • Confidentiality: Encryption • Integrity: ? • Authentication: ? • Provenance: ?
Integrity: Cryptographic Hashes - Sender computes a digest of message m, i.e., H(m) – H() is a publicly known hash function - Send m in any manner - Send digest d = H(m) to receiver in a secure way: – Using another physical channel – Using encryption (why does this help?) - Upon receiving m and d, receiver re-computes H(m) to see whether result agrees with d
Operation of Hashing for Integrity Plaintext corrupted msg Plaintext NO = digest’ Digest Internet Digest (MD5) (MD5) digest
Cryptographically Strong Hashes • Hard to find collisions – Adversary can’t find two inputs that produce same hash – Someone cannot alter message without modifying digest – Can succinctly refer to large objects • Hard to invert – Given hash, adversary can’t find input that produces it – Can refer obliquely to private objects (e.g., passwords) • Send hash of object rather than object itself
Effects of Cryptographic Hashing
Cryptographic Toolkit • Confidentiality: Encryption • Integrity: Cryptographic Hash • Authentication: ? • Provenance: ?
Public Key Authentication • Each side need only to know the other side’s A B public key – No secret key need be shared • A encrypts a nonce (random number) xusing B’s public key • B proves it can recover x • A can authenticate itself to B in the same way
Cryptographic Toolkit • Confidentiality: Encryption • Integrity: Cryptographic Hash • Authentication: Decrypting nonce • Provenance: ?
Digital Signatures • Suppose Alice has published public key KE • If she wishes to prove who she is, she can send a messagexencrypted with her privatekey KD – Therefore: anyone w/ public key KE can recover x, verify that Alice must have sent the message – It provides a digital signature – Alice can’t deny later deny it non-repudiation
RSA Crypto & Signatures, con’t
Summary of Our Crypto Toolkit • If we can securely distribute a key, then – Symmetric ciphers (e.g., AES) offer fast, presumably strong confidentiality • Public key cryptography does away with problem of secure key distribution – But not as computationally efficient – Often addressed by using public key crypto to exchange a session key – And not guaranteed secure • but major result if not
Summary of Our Crypto Toolkit, con’t • Cryptographically strong hash functions provide major building block for integrity (e.g., SHA-1) – As well as providing concise digests – And providing a way to prove you know something (e.g., passwords) without revealing it (non-invertibility) – But: worrisome recent results regarding their strength • Public key also gives us signatures – Including sender non-repudiation • Turns out there’s a crypto trick based on similar algorithms that allows two parties who don’t know each other’s public key to securely negotiate a secret key even in the presence of eavesdroppers
DNS Security
Source: http://nsrc.org/tutorials/2009/apricot/dnssec/dnssec-tutorial.pdf
Root level DNS attacks • Feb. 6, 2007: – Botnet attack on the 13 Internet DNS root servers – Lasted 2.5 hours – None crashed, but two performed badly: • g-root (DoD), l-root (ICANN) • Most other root servers use anycast
Do you trust the TLD operators? • Wildcard DNS record for all .com and .net domain names not yet registered by others – September 15 – October 4, 2003 – February 2004: Verisign sues ICANN • Redirection for these domain names to Verisign web portal: “to help you search” – and serve you ads…and get “sponsored” search
Defense: Replication and Caching source: wikipedia
DNS Amplification Attack DNS Amplification attack: ( 40 amplification ) DNS Query SrcIP: DoS Target EDNS Reponse (60 bytes) (3000 bytes) DoS DNS DoS Source Server Target 580,000 open resolvers on Internet (Kaminsky-Shiffman’06)
Solutions ip spoofed packets open attacker amplifier prevent disable ip spoofing open amplifiers victim
But should we believe it? Enter DNSSEC • DNSSEC protects against data spoofing and corruption • DNSSEC also provides mechanisms to authenticate servers and requests • DNSSEC provides mechanisms to establish authenticity and integrity
PK-DNSSEC (Public Key) • The DNS servers sign the hash of resource record set with its private (signature) keys • Public keys can be used to verify the SIGs • Leverages hierarchy: – Authenticity of nameserver’s public keys is established by a signature over the keys by the parent’s private key – In ideal case, only roots’ public keys need to be distributed out-of-band
Verifying the tree Question: www.cnn.com ? dns.cs.brown.edu .(root) Src.cs.brown.edu ask .com server www.cnn.com A ? SIG (ip addr and PK of .com server) stub resolver xxx.xxx.xxx.xxx resolver www.cnn.com A ? transaction .com ask cnn.com server signatures SIG (ipaddr and PK of cnn.com server) add to cache slave servers transaction signatures cnn.com
PKIs and HTTPS 42
Public Key Infrastructure(PKI) • Public key crypto is very powerful … • … but the realities of tying public keys to real world identities turn out to be quite hard • PKI: Trust distributionmechanism – Authentication via Digital Certificates • Trust doesn’t mean someone is honest, just that they are who they say they are…
Managing Trust • The most solid level of trust is rooted in our direct personal experience – E.g., Alice’s trust that Bob is who they say they are – Clearly doesn’t scale to a global network! • In its absence, we rely on delegation – Alice trusts Bob’s identity because Charlie attests to it …. – …. and Alice trusts Charlie
Managing Trust, con’t • Trust is not particularly transitive – Should Alice trust Bob because she trusts Charlie … – … and Charlie vouches for Donna … – … and Donna says Eve is trustworthy … – … and Eve vouches for Bob’s identity? • Two models of delegating trust – Rely on your set of friends and their friends • “Web of trust” -- e.g., PGP – Rely on trusted, well-known authorities (and their minions) • “Trusted root” -- e.g., HTTPS
PKI Conceptual Framework • Trusted-Root PKI: – Basis: well-known public key serves as root of a hierarchy – Managed by a Certificate Authority (CA) • To publisha public key, ask the CA to digitally sign a statement indicating that they agree (“certify”) that it is indeed your key – This is a certificate for your key (certificate = bunch of bits) • Includes both your public key and the signed statement – Anyone can verify the signature • Delegation of trust to the CA – They’d better not screw up (duped into signing bogus key) – They’d better have procedures for dealing with stolen keys – Note: can build up a hierarchy of signing
Putting It All Together: HTTPS • Steps after clicking on https://www.amazon.com • https = “Use HTTP over SSL/TLS” – SSL = Secure Socket Layer – TLS = Transport Layer Security • Successor to SSL, and compatible with it – RFC 4346 • Provides security layer (authentication, encryption) on top of TCP – Fairly transparent to the app
HTTPS Connection (SSL/TLS), con’t • Browser (client) Browser Amazon connects via TCP to Amazon’s HTTPS server • Client sends over list of crypto protocols it supports • Server picks protocols to use for this session • Server sends over its certificate • (all of this is in the clear)
Inside the Server’s Certificate • Name associated with cert (e.g., Amazon) • Amazon’s public key • A bunch of auxiliary info (physical address, type of cert, expiration time) • URL to revocation center to check for revoked keys • Name of certificate’s signatory (who signed it) • A public-key signature of a hash (MD5) of all this – Constructed using the signatory’s private RSA key 54
Validating Amazon’s Identity • Browser retrieves cert belonging to the signatory – These are hardwired into the browser • If it can’t find the cert, then warns the user that site has not been verified – And may ask whether to continue – Note, can still proceed, just without authentication • Browser uses public key in signatory’s cert to decrypt signature – Compares with its own MD5 hash of Amazon’s cert • Assuming signature matches, now have high confidence it’s indeed Amazon … – … assuming signatory is trustworthy
HTTPS Connection (SSL/TLS), con’t • Browser constructs a Browser Amazon random session keyK • Browser encrypts K using Amazon’s public key K • Browser sends E(K, KApublic) to server • Browser displays K • All subsequent communication encrypted w/ symmetric cipher using key K – E.g., client can authenticate using a password

Recommandé

Network security
Network securityNetwork security
Network securityABHISHEK KUMAR
 
Network Security Topic 4 cryptography2
Network Security Topic 4 cryptography2Network Security Topic 4 cryptography2
Network Security Topic 4 cryptography2Khawar Nehal khawar.nehal@atrc.net.pk
 
Cryptography
CryptographyCryptography
CryptographySandip kumar
 
Cryptography
CryptographyCryptography
CryptographyJohnsonDaniel JohnsonDaniel
 
Cryptography
CryptographyCryptography
Cryptographyfsl khan
 
cryptography
cryptographycryptography
cryptographyJai Nathwani
 
Cryptography by gaurav singh
Cryptography by gaurav singhCryptography by gaurav singh
Cryptography by gaurav singhGaurav Singh
 
Cryptography
CryptographyCryptography
CryptographyNishant Pahad
 

Recommandé

Network security
Network securityNetwork security
Network securityABHISHEK KUMAR
 
Network Security Topic 4 cryptography2
Network Security Topic 4 cryptography2Network Security Topic 4 cryptography2
Network Security Topic 4 cryptography2Khawar Nehal khawar.nehal@atrc.net.pk
 
Cryptography
CryptographyCryptography
CryptographySandip kumar
 
Cryptography
CryptographyCryptography
CryptographyJohnsonDaniel JohnsonDaniel
 
Cryptography
CryptographyCryptography
Cryptographyfsl khan
 
cryptography
cryptographycryptography
cryptographyJai Nathwani
 
Cryptography by gaurav singh
Cryptography by gaurav singhCryptography by gaurav singh
Cryptography by gaurav singhGaurav Singh
 
Cryptography
CryptographyCryptography
CryptographyNishant Pahad
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1Alfred Ouyang
 
Final ss2-digital-signature-group5
Final ss2-digital-signature-group5Final ss2-digital-signature-group5
Final ss2-digital-signature-group5Phan Minh
 
information security(Public key encryption its characteristics and weakness, ...
information security(Public key encryption its characteristics and weakness, ...information security(Public key encryption its characteristics and weakness, ...
information security(Public key encryption its characteristics and weakness, ...Zara Nawaz
 
Basic cryptography
Basic cryptographyBasic cryptography
Basic cryptographyPerfect Training Center
 
Public key cryptography and RSA
Public key cryptography and RSAPublic key cryptography and RSA
Public key cryptography and RSAShafaan Khaliq Bhatti
 
Class 17
Class 17Class 17
Class 17Dr. Ajith Sundaram
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution MethodsGulcin Yildirim Jelinek
 
Digital Security 101
Digital Security 101Digital Security 101
Digital Security 101Gary Jan
 
key distribution in network security
key distribution in network securitykey distribution in network security
key distribution in network securitybabak danyal
 
Public key Cryptography & RSA
Public key Cryptography & RSAPublic key Cryptography & RSA
Public key Cryptography & RSAAmit Debnath
 
CGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismCGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismAmit Singh
 
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.SrinivasanMathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasanmunicsaa
 
Cryptography
CryptographyCryptography
CryptographyJens Patel
 
Cryptography
CryptographyCryptography
Cryptographyamiable_indian
 
RSA Algoritmn
RSA AlgoritmnRSA Algoritmn
RSA AlgoritmnDr. Kapil Gupta
 
7 cryptography
7 cryptography7 cryptography
7 cryptographyUpinder Kaur
 
RSA
RSARSA
RSAAbirami Thangavel
 
Cryptography
Cryptography Cryptography
Cryptography أحلام انصارى
 
Introduction to cryptography part1-final
Introduction to cryptography part1-finalIntroduction to cryptography part1-final
Introduction to cryptography part1-finalTaymoor Nazmy
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric keyTriad Square InfoSec
 
Network security
Network securityNetwork security
Network securityPerfect Training Center
 
Security - ch3.pptx
Security - ch3.pptxSecurity - ch3.pptx
Security - ch3.pptxHabtamuHaileMichael2
 

Contenu connexe

Tendances

5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1Alfred Ouyang
 
Final ss2-digital-signature-group5
Final ss2-digital-signature-group5Final ss2-digital-signature-group5
Final ss2-digital-signature-group5Phan Minh
 
information security(Public key encryption its characteristics and weakness, ...
information security(Public key encryption its characteristics and weakness, ...information security(Public key encryption its characteristics and weakness, ...
information security(Public key encryption its characteristics and weakness, ...Zara Nawaz
 
Digital Security 101
Digital Security 101Digital Security 101
Digital Security 101Gary Jan
 
key distribution in network security
key distribution in network securitykey distribution in network security
key distribution in network securitybabak danyal
 
Public key Cryptography & RSA
Public key Cryptography & RSAPublic key Cryptography & RSA
Public key Cryptography & RSAAmit Debnath
 
CGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismCGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismAmit Singh
 
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.SrinivasanMathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasanmunicsaa
 
Introduction to cryptography part1-final
Introduction to cryptography part1-finalIntroduction to cryptography part1-final
Introduction to cryptography part1-finalTaymoor Nazmy
 

Tendances (20)

5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1
 
Final ss2-digital-signature-group5
Final ss2-digital-signature-group5Final ss2-digital-signature-group5
Final ss2-digital-signature-group5
 
information security(Public key encryption its characteristics and weakness, ...
information security(Public key encryption its characteristics and weakness, ...information security(Public key encryption its characteristics and weakness, ...
information security(Public key encryption its characteristics and weakness, ...
 
Basic cryptography
Basic cryptographyBasic cryptography
Basic cryptography
 
Public key cryptography and RSA
Public key cryptography and RSAPublic key cryptography and RSA
Public key cryptography and RSA
 
Class 17
Class 17Class 17
Class 17
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution Methods
 
Digital Security 101
Digital Security 101Digital Security 101
Digital Security 101
 
key distribution in network security
key distribution in network securitykey distribution in network security
key distribution in network security
 
Public key Cryptography & RSA
Public key Cryptography & RSAPublic key Cryptography & RSA
Public key Cryptography & RSA
 
CGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismCGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption Mechanism
 
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.SrinivasanMathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
RSA Algoritmn
RSA AlgoritmnRSA Algoritmn
RSA Algoritmn
 
7 cryptography
7 cryptography7 cryptography
7 cryptography
 
RSA
RSARSA
RSA
 
Cryptography
Cryptography Cryptography
Cryptography
 
Introduction to cryptography part1-final
Introduction to cryptography part1-finalIntroduction to cryptography part1-final
Introduction to cryptography part1-final
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric key
 

Similaire à 20 security

Dissemination of knowledge on Secure Systems Engineering
Dissemination of knowledge on Secure Systems EngineeringDissemination of knowledge on Secure Systems Engineering
Dissemination of knowledge on Secure Systems EngineeringJAIGANESH SEKAR
 
Encryption techniques
Encryption techniquesEncryption techniques
Encryption techniquesMohitManna
 
Information and network security 31 public key cryptography
Information and network security 31 public key cryptographyInformation and network security 31 public key cryptography
Information and network security 31 public key cryptographyVaibhav Khanna
 
Cryptography
CryptographyCryptography
CryptographyPPT4U
 
Anon p2p slides
Anon p2p slidesAnon p2p slides
Anon p2p slideschintaan
 
Lec 10 - Key Management.ppt
Lec 10 - Key Management.pptLec 10 - Key Management.ppt
Lec 10 - Key Management.pptIshaKanwal4
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
#OSSPARIS19 - TLS for dummies - MAXIME BESSON, Worteks
#OSSPARIS19 - TLS for dummies - MAXIME BESSON, Worteks#OSSPARIS19 - TLS for dummies - MAXIME BESSON, Worteks
#OSSPARIS19 - TLS for dummies - MAXIME BESSON, WorteksParis Open Source Summit
 
[POSS 2019] TLS for Dummies
[POSS 2019] TLS for Dummies[POSS 2019] TLS for Dummies
[POSS 2019] TLS for DummiesWorteks
 
Common crypto attacks and secure implementations
Common crypto attacks and secure implementationsCommon crypto attacks and secure implementations
Common crypto attacks and secure implementationsTrupti Shiralkar, CISSP
 
Enhancing lan using cryptography and other modules
Enhancing lan using cryptography and other modulesEnhancing lan using cryptography and other modules
Enhancing lan using cryptography and other modulesMurali Krishna
 

Similaire à 20 security (20)

Network security
Network securityNetwork security
Network security
 
Security - ch3.pptx
Security - ch3.pptxSecurity - ch3.pptx
Security - ch3.pptx
 
Security - ch3.pptx
Security - ch3.pptxSecurity - ch3.pptx
Security - ch3.pptx
 
Dissemination of knowledge on Secure Systems Engineering
Dissemination of knowledge on Secure Systems EngineeringDissemination of knowledge on Secure Systems Engineering
Dissemination of knowledge on Secure Systems Engineering
 
Security.ppt
Security.pptSecurity.ppt
Security.ppt
 
Cryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding informationCryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding information
 
Encryption techniques
Encryption techniquesEncryption techniques
Encryption techniques
 
Information and network security 31 public key cryptography
Information and network security 31 public key cryptographyInformation and network security 31 public key cryptography
Information and network security 31 public key cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Anon p2p slides
Anon p2p slidesAnon p2p slides
Anon p2p slides
 
Cryptography
CryptographyCryptography
Cryptography
 
Security in e commerce
Security in e commerceSecurity in e commerce
Security in e commerce
 
Lec 10 - Key Management.ppt
Lec 10 - Key Management.pptLec 10 - Key Management.ppt
Lec 10 - Key Management.ppt
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
#OSSPARIS19 - TLS for dummies - MAXIME BESSON, Worteks
#OSSPARIS19 - TLS for dummies - MAXIME BESSON, Worteks#OSSPARIS19 - TLS for dummies - MAXIME BESSON, Worteks
#OSSPARIS19 - TLS for dummies - MAXIME BESSON, Worteks
 
[POSS 2019] TLS for Dummies
[POSS 2019] TLS for Dummies[POSS 2019] TLS for Dummies
[POSS 2019] TLS for Dummies
 
Cyber security
Cyber securityCyber security
Cyber security
 
Common crypto attacks and secure implementations
Common crypto attacks and secure implementationsCommon crypto attacks and secure implementations
Common crypto attacks and secure implementations
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCU
 
Enhancing lan using cryptography and other modules
Enhancing lan using cryptography and other modulesEnhancing lan using cryptography and other modules
Enhancing lan using cryptography and other modules
 

Dernier

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 

Dernier (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 

20 security

  • 1. CSCI-1680 Security Andrew Ferguson Based on lecture notes by Scott Shenker and Mike Freedman
  • 2. Today’s Lecture • Classes of attacks • Basic security requirements • Simple cryptographic methods • Cryptographic toolkit (Hash, Digital Signature, …) • DNSSec • Certificate Authorities • SSL / HTTPS
  • 3. Basic Requirements for Secure • Availability:Communication Will the network deliver data? – Infrastructure compromise, DDoS • Authentication: Who is this actor? – Spoofing, phishing • Integrity: Do messages arrive in original form? • Confidentiality: Can adversary read the data? – Sniffing, man-in-the-middle • Provenance: Who is responsible for this data? – Forging responses, denying responsibility – Not who sent the data, but who created it
  • 4. Other Desirable Security • Authorization: is actor allowed to do this action? Properties – Access controls • Accountability/Attribution: who did this activity? • Audit/Forensics: what occurred in the past? – A broader notion of accountability/attribution • Appropriate use: is action consistent with policy? – E.g., no spam; no games during business hours; etc. • Freedom from traffic analysis: can someone tell when I am sending and to whom? • Anonymity: can someone tell I sent this packet?
  • 5. Internet’s Design: Insecure • Designed for simplicity in a naïve era • “On by default” design • Readily available zombie machines • Attacks look like normal traffic • Internet’s federated operation obstructs cooperation for diagnosis/mitigation
  • 6. Eavesdropping - Message Interception (Attack on Confidentiality) • Unauthorized access to information • Packet sniffers and wiretappers • Illicit copying of files and programs A B Eavesdropper
  • 7. Eavesdropping Attack: Example • tcpdump with promiscuous network interface – On a switched network, what can you see? • What might the following traffic types reveal about communications? – DNS lookups (and replies) – IP packets without payloads (headers only) – Payloads
  • 8. Integrity Attack - Tampering • Stop the flow of the message • Delay and optionally modify the message • Release the message again A B Perpetrator
  • 9. Authenticity Attack - Fabrication • Unauthorized assumption of other’s identity • Generate and distribute objects under this identity A B Masquerader: from A
  • 10. Attack on Availability • Destroy hardware (cutting fiber) or software • Modify software in a subtle way • Corrupt packets in transit A B • Blatant denial of service (DoS): – Crashing the server – Overwhelm the server (use up its resource)
  • 11. Basic Forms of Cryptography
  • 12. Confidentiality through Cryptography • Cryptography: communication over insecure channel in the presence of adversaries • Studied for thousands of years • Central goal: how to encode information so that an adversary can’t extract it …but a friend can • General premise: a key is required for decoding – Give it to friends, keep it away from attackers • Two different categories of encryption – Symmetric: efficient, requires key distribution – Asymmetric (Public Key): computationally expensive, but no key distribution problem
  • 13. Symmetric Key Encryption • Same key for encryption and decryption – Both sender and receiver know key – But adversary does not know key • For communication, problem is key distribution – How do the parties (secretly) agree on the key? • What can you do with a huge key? One-time pad – Huge key of random bits • To encrypt/decrypt: just XOR with the key! – Provably secure! …. provided: • You never reuse the key … and it really is random/unpredictable – Spies actually use these
  • 14. Using Symmetric Keys • Both the sender and the receiver use the same secret keys Plaintext Plaintext Encrypt with Internet Decrypt with secret key secret key Ciphertext
  • 15. Asymmetric Encryption (Public Key) • Idea: use two different keys, one to encrypt (e) and one to decrypt (d) – A key pair • Crucial property: knowing e does not give away d • Therefore e can be public: everyone knows it! • If Alice wants to send to Bob, she fetches Bob’s public key (say from Bob’s home page) and encrypts with it – Alice can’t decrypt what she’s sending to Bob … – … but then, neither can anyone else (except Bob)
  • 16. Public Key / Asymmetric Encryption • Sender uses receiver’s public key – Advertised to everyone • Receiver uses complementary private key – Must be kept secret Plaintext Plaintext Internet Encrypt with Decrypt with public key private key Ciphertext
  • 17. Works in Reverse Direction Too! • Sender uses his own private key • Receiver uses complementary public key • Allows sender to prove he knows private key Plaintext Plaintext Internet Decrypt with Encrypt with public key private key Ciphertext
  • 18. Realizing Public Key Cryptography • Invented in the 1970s – Revolutionized cryptography – (Was actually invented earlier by British intelligence) • How can we construct an encryption/decryption algorithm with public/private properties? – Answer: Number Theory • Most fully developed approach: RSA – Rivest / Shamir / Adleman, 1977; RFC 3447 – Based on modular multiplication of very large integers – Very widely used (e.g., SSL/TLS for https)
  • 20. Cryptographic Toolkit • Confidentiality: Encryption • Integrity: ? • Authentication: ? • Provenance: ?
  • 21. Integrity: Cryptographic Hashes - Sender computes a digest of message m, i.e., H(m) – H() is a publicly known hash function - Send m in any manner - Send digest d = H(m) to receiver in a secure way: – Using another physical channel – Using encryption (why does this help?) - Upon receiving m and d, receiver re-computes H(m) to see whether result agrees with d
  • 22. Operation of Hashing for Integrity Plaintext corrupted msg Plaintext NO = digest’ Digest Internet Digest (MD5) (MD5) digest
  • 23. Cryptographically Strong Hashes • Hard to find collisions – Adversary can’t find two inputs that produce same hash – Someone cannot alter message without modifying digest – Can succinctly refer to large objects • Hard to invert – Given hash, adversary can’t find input that produces it – Can refer obliquely to private objects (e.g., passwords) • Send hash of object rather than object itself
  • 25. Cryptographic Toolkit • Confidentiality: Encryption • Integrity: Cryptographic Hash • Authentication: ? • Provenance: ?
  • 26. Public Key Authentication • Each side need only to know the other side’s A B public key – No secret key need be shared • A encrypts a nonce (random number) xusing B’s public key • B proves it can recover x • A can authenticate itself to B in the same way
  • 27. Cryptographic Toolkit • Confidentiality: Encryption • Integrity: Cryptographic Hash • Authentication: Decrypting nonce • Provenance: ?
  • 28. Digital Signatures • Suppose Alice has published public key KE • If she wishes to prove who she is, she can send a messagexencrypted with her privatekey KD – Therefore: anyone w/ public key KE can recover x, verify that Alice must have sent the message – It provides a digital signature – Alice can’t deny later deny it non-repudiation
  • 29. RSA Crypto & Signatures, con’t
  • 30. Summary of Our Crypto Toolkit • If we can securely distribute a key, then – Symmetric ciphers (e.g., AES) offer fast, presumably strong confidentiality • Public key cryptography does away with problem of secure key distribution – But not as computationally efficient – Often addressed by using public key crypto to exchange a session key – And not guaranteed secure • but major result if not
  • 31. Summary of Our Crypto Toolkit, con’t • Cryptographically strong hash functions provide major building block for integrity (e.g., SHA-1) – As well as providing concise digests – And providing a way to prove you know something (e.g., passwords) without revealing it (non-invertibility) – But: worrisome recent results regarding their strength • Public key also gives us signatures – Including sender non-repudiation • Turns out there’s a crypto trick based on similar algorithms that allows two parties who don’t know each other’s public key to securely negotiate a secret key even in the presence of eavesdroppers
  • 34. Root level DNS attacks • Feb. 6, 2007: – Botnet attack on the 13 Internet DNS root servers – Lasted 2.5 hours – None crashed, but two performed badly: • g-root (DoD), l-root (ICANN) • Most other root servers use anycast
  • 35. Do you trust the TLD operators? • Wildcard DNS record for all .com and .net domain names not yet registered by others – September 15 – October 4, 2003 – February 2004: Verisign sues ICANN • Redirection for these domain names to Verisign web portal: “to help you search” – and serve you ads…and get “sponsored” search
  • 36. Defense: Replication and Caching source: wikipedia
  • 37. DNS Amplification Attack DNS Amplification attack: ( 40 amplification ) DNS Query SrcIP: DoS Target EDNS Reponse (60 bytes) (3000 bytes) DoS DNS DoS Source Server Target 580,000 open resolvers on Internet (Kaminsky-Shiffman’06)
  • 38. Solutions ip spoofed packets open attacker amplifier prevent disable ip spoofing open amplifiers victim
  • 39. But should we believe it? Enter DNSSEC • DNSSEC protects against data spoofing and corruption • DNSSEC also provides mechanisms to authenticate servers and requests • DNSSEC provides mechanisms to establish authenticity and integrity
  • 40. PK-DNSSEC (Public Key) • The DNS servers sign the hash of resource record set with its private (signature) keys • Public keys can be used to verify the SIGs • Leverages hierarchy: – Authenticity of nameserver’s public keys is established by a signature over the keys by the parent’s private key – In ideal case, only roots’ public keys need to be distributed out-of-band
  • 41. Verifying the tree Question: www.cnn.com ? dns.cs.brown.edu .(root) Src.cs.brown.edu ask .com server www.cnn.com A ? SIG (ip addr and PK of .com server) stub resolver xxx.xxx.xxx.xxx resolver www.cnn.com A ? transaction .com ask cnn.com server signatures SIG (ipaddr and PK of cnn.com server) add to cache slave servers transaction signatures cnn.com
  • 43. Public Key Infrastructure(PKI) • Public key crypto is very powerful … • … but the realities of tying public keys to real world identities turn out to be quite hard • PKI: Trust distributionmechanism – Authentication via Digital Certificates • Trust doesn’t mean someone is honest, just that they are who they say they are…
  • 44. Managing Trust • The most solid level of trust is rooted in our direct personal experience – E.g., Alice’s trust that Bob is who they say they are – Clearly doesn’t scale to a global network! • In its absence, we rely on delegation – Alice trusts Bob’s identity because Charlie attests to it …. – …. and Alice trusts Charlie
  • 45. Managing Trust, con’t • Trust is not particularly transitive – Should Alice trust Bob because she trusts Charlie … – … and Charlie vouches for Donna … – … and Donna says Eve is trustworthy … – … and Eve vouches for Bob’s identity? • Two models of delegating trust – Rely on your set of friends and their friends • “Web of trust” -- e.g., PGP – Rely on trusted, well-known authorities (and their minions) • “Trusted root” -- e.g., HTTPS
  • 46. PKI Conceptual Framework • Trusted-Root PKI: – Basis: well-known public key serves as root of a hierarchy – Managed by a Certificate Authority (CA) • To publisha public key, ask the CA to digitally sign a statement indicating that they agree (“certify”) that it is indeed your key – This is a certificate for your key (certificate = bunch of bits) • Includes both your public key and the signed statement – Anyone can verify the signature • Delegation of trust to the CA – They’d better not screw up (duped into signing bogus key) – They’d better have procedures for dealing with stolen keys – Note: can build up a hierarchy of signing
  • 47. Putting It All Together: HTTPS • Steps after clicking on https://www.amazon.com • https = “Use HTTP over SSL/TLS” – SSL = Secure Socket Layer – TLS = Transport Layer Security • Successor to SSL, and compatible with it – RFC 4346 • Provides security layer (authentication, encryption) on top of TCP – Fairly transparent to the app
  • 48. HTTPS Connection (SSL/TLS), con’t • Browser (client) Browser Amazon connects via TCP to Amazon’s HTTPS server • Client sends over list of crypto protocols it supports • Server picks protocols to use for this session • Server sends over its certificate • (all of this is in the clear)
  • 49. Inside the Server’s Certificate • Name associated with cert (e.g., Amazon) • Amazon’s public key • A bunch of auxiliary info (physical address, type of cert, expiration time) • URL to revocation center to check for revoked keys • Name of certificate’s signatory (who signed it) • A public-key signature of a hash (MD5) of all this – Constructed using the signatory’s private RSA key 54
  • 50. Validating Amazon’s Identity • Browser retrieves cert belonging to the signatory – These are hardwired into the browser • If it can’t find the cert, then warns the user that site has not been verified – And may ask whether to continue – Note, can still proceed, just without authentication • Browser uses public key in signatory’s cert to decrypt signature – Compares with its own MD5 hash of Amazon’s cert • Assuming signature matches, now have high confidence it’s indeed Amazon … – … assuming signatory is trustworthy
  • 51. HTTPS Connection (SSL/TLS), con’t • Browser constructs a Browser Amazon random session keyK • Browser encrypts K using Amazon’s public key K • Browser sends E(K, KApublic) to server • Browser displays K • All subsequent communication encrypted w/ symmetric cipher using key K – E.g., client can authenticate using a password