Computer Security - Texas A&M...
Transcript of Computer Security - Texas A&M...
11
Chapter 15
Computer Security
Thank Dr. Xinwen Fu for contributing Slides 1-16, 19.Thank Dr. Xinwen Fu for contributing Slides 1-16, 19.
The rest of them are adopted from the textbook slidesThe rest of them are adopted from the textbook slides
By Shengquan Wang in CPSC 410
2
Outline Security Problems Security Objectives Security Solutions
22
3
Security Problems Public, private, and governmental
computers have been penetrated bymalicious users or programs
Computer Emergency Response Team(CERT) reports a tremendous increase incracking incidents
4
Number of Incidents Reported from CERTIncident: the act of violating an explicit or implied security policy
137,529
3,7341,3346
0
20000
40000
60000
80000
100000
120000
140000
1988 1993 1998 2003
Year
# o
f In
cid
en
ts
http://www.cert.org/stats/cert_stats.htmlreported
33
5
Case: NASA websites defaced with link to Iraq 'image'
http://www.zone-h.org/defacements/mirror/id=700181/
6
Types of Known Attacks
http://www.iwar.org.uk/comsec/resources/dos/ddos.pdf
Distributed Denial of Service (DDOS) attacks February 2000, Yahoo and Amazon, a
teenager
44
7
Types of Known Attacks (Cont.)
Wormcontrolledmachines
Worm attacks 2004 (variant of Blaster worm), Jeffrey Lee
Parson
8
Types of Known Attacks (Cont.) Monitoring and capture of network traffic
User IDs, passwords, and other information are oftenstolen on Internet
Data driven attacks (virus) Importation of malicious or infected code
E-Mail forgery Exploitation of software bugs Unauthorized access to resources
Disclosure, modification, and destruction ofresources
Compromised system used as hostile attackfacility
Masquerade as authorized user or end system
55
9
Contributing Factors Lack of awareness of threats and risks of
information systems Security measures are often not considered until
an computer has been penetrated by malicioususers
Wide-open network policies Many Internet sites (ISPs) allow wide-open
Internet access
Vast majority of network traffic is unencrypted Network traffic can be monitored and captured
HUMANS ARE THE WEAK LINK in anycorporation's carefully crafted security perimeter
10
Contributing Factors (Cont.) Lack of security in TCP/IP protocol suite
Most TCP/IP protocols not built with security in mind Work is actively progressing within the Internet
Engineering Task Force (IETF)
Complexity of security management andadministration
Exploitation of software (e.g., protocolimplementation) bugs Example: Sendmail bugs
(http://www.outpost9.com/exploits/sendmail.html) Cracker skills keep improving
http://www.phrack.org/
66
11
Outline Security Problems Security Objectives Security Solutions
12
Security Objectives
CConfidentiality(Secrecy)
IIntegrity AAvailability(Denial of Service)
77
13
Commercial Example
CConfidentiality — An employee should notcome to know the salary of his manager
IIntegrity — An employee should not beable to modify the employee's own salary
AAvailability — Paychecks should be printedon time as stipulated by law
Bob, I love you, AliceBob, I hate you, Alice
Bob Alice
Casey
14
Military Example
CConfidentiality — The target coordinates ofa missile should not be improperlydisclosed
IIntegrity — The target coordinates of amissile should not be improperly modified
AAvailability — When the proper commandis issued the missile should fire
88
15
A Fourth Objective Securing computing resources —
Prevent/detect/deter improper use ofcomputing resources (cyberinfrastructure) including Hardware Resources Software resources Data resources Network resources
16
Outline Security Problems Security Objectives Security Solutions
99
17
Secure Communication over InsecureMedium
18
Encryption Encryption algorithm consists of
Set of K keys Set of M Messages Set of C ciphertexts (encrypted messages) A function E : K → (M→C). That is, for each k ∈ K, E(k) is a function
for generating ciphertexts from messages. Both E and E(k) for any k should be efficiently computable functions.
A function D : K → (C → M). That is, for each k ∈ K, D(k) is a functionfor generating messages from ciphertexts. Both D and D(k) for any k should be efficiently computable functions.
An encryption algorithm must provide this essential property:Given a ciphertext c ∈ C, a computer can compute m such thatE(k)(m) = c only if it possesses D(k). Thus, a computer holding D(k) can decrypt ciphertexts to the
plaintexts used to produce them, but a computer not holding D(k)cannot decrypt ciphertexts.
Since ciphertexts are generally exposed (for example, sent on thenetwork), it is important that it be infeasible to derive D(k) from theciphertexts
1111
21
Symmetric Encryption Same key used to encrypt and decrypt
E(k) can be derived from D(k), and vice versa
Data Encryption Standard (DES) is mostcommonly used symmetric block-encryption algorithm (created by US Govt)
Triple-DES considered more secure Advanced Encryption Standard (AES),
twofish up and coming
22
Asymmetric Encryption
Keys mustKeys mustbe differentbe different
1212
23
Asymmetric Encryption (cont.) Public-key encryption based on each user having
two keys: public key – published key used to encrypt data private key – key known only to individual user used to
decrypt data
Must be an encryption scheme that can be madepublic without making it easy to figure out thedecryption scheme Most common is RSA block cipher Efficient algorithm for testing whether or not a number
is prime No efficient algorithm is know for finding the prime
factors of a number
24
Asymmetric Encryption (Cont.) Formally, it is computationally infeasible to derive
D(kd , N) from E(ke , N), and so E(ke , N) need notbe kept secret and can be widely disseminated E(ke , N) is the public key D(kd , N) is the private key N is the product of two large, randomly chosen prime
numbers p and q (for example, p and q are 512 bits each) Encryption algorithm is E(ke , N)(m) = mke mod N, where
ke satisfies kekd mod (p−1)(q −1) = 1 The decryption algorithm is then D(kd , N)(c) = ckd mod N
1313
25
An Example For example. make p = 7 and q = 13 We then calculate N = 7 13 = 91 and (p−1)(q−1) = 72 We next select ke relatively prime to 72 and< 72, yielding 5 Finally, we calculate kd such that kekd mod 72 = 1, yielding 29 We how have our keys
Public key, (ke, N) = (5, 91) Private key, (kd, N) = (29, 91)
Encrypting the message 69 with the public key results in thecyphertext 62 695 mod 91 = 62
Cyphertext can be decoded with the private key 6229 mod 91 = 69
Public key can be distributed in clear text to anyone who wantsto communicate with holder of public key
26
Encryption and Decryption usingAsymmetric Cryptography
1414
27
Symmetric vs. Asymmetric Symmetric cryptography based on
transformations Asymmetric based on mathematical
functions Asymmetric much more compute intensive Typically not used for bulk data encryption
28
Authentication Constraining set of potential senders of a message
Also can prove message unmodified
Algorithm components A set K of keys A set M of messages A set A of authenticators A function S : K → (M→ A)
That is, for each k ∈ K, S(k) is a function for generatingauthenticators from messages
Both S and S(k) for any k should be efficiently computablefunctions
A function V : K → (M× A→ {true, false}). That is, for each k ∈K, V(k) is a function for verifying authenticators on messages Both V and V(k) for any k should be efficiently computable
functions
1515
29
Authentication (Cont.) For a message m, a computer can generate an
authenticator a ∈ A such that V(k)(m, a) = true only if itpossesses S(k)
Thus, computer holding S(k) can generate authenticatorson messages so that any other computer possessing V(k)can verify them
Computer not holding S(k) cannot generate authenticatorson messages that can be verified using V(k)
Since authenticators are generally exposed (for example,they are sent on the network with the messagesthemselves), it must not be feasible to derive S(k) from theauthenticators
30
Authentication – Digital Signature Based on asymmetric keys and digital signature algorithm Authenticators produced are digital signatures In a digital-signature algorithm, computationally infeasible
to derive S(ks ) from V(kv) V is a one-way function Thus, kv is the public key and ks is the private key
Consider the RSA digital-signature algorithm Similar to the RSA encryption algorithm, but the key use is
reversed Digital signature of message S(ks )(m) = H(m)ks mod N The key ks again is a pair d, N, where N is the product of two
large, randomly chosen prime numbers p and q Verification algorithm is V(kv)(m, a) ≡ (akv mod N = H(m))
Where kv satisfies kvks mod (p − 1)(q − 1) = 1
1616
31
Encryption Example - SSL Insertion of cryptography at one layer of the ISO network
model (the transport layer) SSL – Secure Socket Layer (also called TLS) Cryptographic protocol that limits two computers to only
exchange messages with each other Very complicated, with many variations
Used between web servers and browsers for securecommunication (credit card numbers)
The server is verified with a certificate assuring client istalking to correct server
Asymmetric cryptography used to establish a securesession key (symmetric encryption) for bulk ofcommunication during session
Communication between each computer uses symmetrickey cryptography
Thank You