11

Chapter 15

Computer Security

Thank Dr. Xinwen Fu for contributing Slides 1-16, 19.Thank Dr. Xinwen Fu for contributing Slides 1-16, 19.

The rest of them are adopted from the textbook slidesThe rest of them are adopted from the textbook slides

By Shengquan Wang in CPSC 410

2

Outline Security Problems Security Objectives Security Solutions

22

3

Security Problems Public, private, and governmental

computers have been penetrated bymalicious users or programs

Computer Emergency Response Team(CERT) reports a tremendous increase incracking incidents

4

Number of Incidents Reported from CERTIncident: the act of violating an explicit or implied security policy

137,529

3,7341,3346

0

20000

40000

60000

80000

100000

120000

140000

1988 1993 1998 2003

Year

# o

f In

cid

en

ts

http://www.cert.org/stats/cert_stats.htmlreported

33

5

Case: NASA websites defaced with link to Iraq 'image'

http://www.zone-h.org/defacements/mirror/id=700181/

6

Types of Known Attacks

http://www.iwar.org.uk/comsec/resources/dos/ddos.pdf

Distributed Denial of Service (DDOS) attacks February 2000, Yahoo and Amazon, a

teenager

44

7

Types of Known Attacks (Cont.)

Wormcontrolledmachines

Worm attacks 2004 (variant of Blaster worm), Jeffrey Lee

Parson

8

Types of Known Attacks (Cont.) Monitoring and capture of network traffic

User IDs, passwords, and other information are oftenstolen on Internet

Data driven attacks (virus) Importation of malicious or infected code

E-Mail forgery Exploitation of software bugs Unauthorized access to resources

Disclosure, modification, and destruction ofresources

Compromised system used as hostile attackfacility

Masquerade as authorized user or end system

55

9

Contributing Factors Lack of awareness of threats and risks of

information systems Security measures are often not considered until

an computer has been penetrated by malicioususers

Wide-open network policies Many Internet sites (ISPs) allow wide-open

Internet access

Vast majority of network traffic is unencrypted Network traffic can be monitored and captured

HUMANS ARE THE WEAK LINK in anycorporation's carefully crafted security perimeter

10

Contributing Factors (Cont.) Lack of security in TCP/IP protocol suite

Most TCP/IP protocols not built with security in mind Work is actively progressing within the Internet

Engineering Task Force (IETF)

Complexity of security management andadministration

Exploitation of software (e.g., protocolimplementation) bugs Example: Sendmail bugs

(http://www.outpost9.com/exploits/sendmail.html) Cracker skills keep improving

http://www.phrack.org/

66

11

Outline Security Problems Security Objectives Security Solutions

12

Security Objectives

CConfidentiality(Secrecy)

IIntegrity AAvailability(Denial of Service)

77

13

Commercial Example

CConfidentiality — An employee should notcome to know the salary of his manager

IIntegrity — An employee should not beable to modify the employee's own salary

AAvailability — Paychecks should be printedon time as stipulated by law

Bob, I love you, AliceBob, I hate you, Alice

Bob Alice

Casey

14

Military Example

CConfidentiality — The target coordinates ofa missile should not be improperlydisclosed

IIntegrity — The target coordinates of amissile should not be improperly modified

AAvailability — When the proper commandis issued the missile should fire

88

15

A Fourth Objective Securing computing resources —

Prevent/detect/deter improper use ofcomputing resources (cyberinfrastructure) including Hardware Resources Software resources Data resources Network resources

16

Outline Security Problems Security Objectives Security Solutions

99

17

Secure Communication over InsecureMedium

18

Encryption Encryption algorithm consists of

Set of K keys Set of M Messages Set of C ciphertexts (encrypted messages) A function E : K → (M→C). That is, for each k ∈ K, E(k) is a function

for generating ciphertexts from messages. Both E and E(k) for any k should be efficiently computable functions.

A function D : K → (C → M). That is, for each k ∈ K, D(k) is a functionfor generating messages from ciphertexts. Both D and D(k) for any k should be efficiently computable functions.

An encryption algorithm must provide this essential property:Given a ciphertext c ∈ C, a computer can compute m such thatE(k)(m) = c only if it possesses D(k). Thus, a computer holding D(k) can decrypt ciphertexts to the

plaintexts used to produce them, but a computer not holding D(k)cannot decrypt ciphertexts.

Since ciphertexts are generally exposed (for example, sent on thenetwork), it is important that it be infeasible to derive D(k) from theciphertexts

1010

19

Captain Midnight Secret Decoder Rings

20

An Example

MERRY CHRISTMAS

PHUUB FKULVWPDV

1111

21

Symmetric Encryption Same key used to encrypt and decrypt

E(k) can be derived from D(k), and vice versa

Data Encryption Standard (DES) is mostcommonly used symmetric block-encryption algorithm (created by US Govt)

Triple-DES considered more secure Advanced Encryption Standard (AES),

twofish up and coming

22

Asymmetric Encryption

Keys mustKeys mustbe differentbe different

1212

23

Asymmetric Encryption (cont.) Public-key encryption based on each user having

two keys: public key – published key used to encrypt data private key – key known only to individual user used to

decrypt data

Must be an encryption scheme that can be madepublic without making it easy to figure out thedecryption scheme Most common is RSA block cipher Efficient algorithm for testing whether or not a number

is prime No efficient algorithm is know for finding the prime

factors of a number

24

Asymmetric Encryption (Cont.) Formally, it is computationally infeasible to derive

D(kd , N) from E(ke , N), and so E(ke , N) need notbe kept secret and can be widely disseminated E(ke , N) is the public key D(kd , N) is the private key N is the product of two large, randomly chosen prime

numbers p and q (for example, p and q are 512 bits each) Encryption algorithm is E(ke , N)(m) = mke mod N, where

ke satisfies kekd mod (p−1)(q −1) = 1 The decryption algorithm is then D(kd , N)(c) = ckd mod N

1313

25

An Example For example. make p = 7 and q = 13 We then calculate N = 7 13 = 91 and (p−1)(q−1) = 72 We next select ke relatively prime to 72 and< 72, yielding 5 Finally, we calculate kd such that kekd mod 72 = 1, yielding 29 We how have our keys

Public key, (ke, N) = (5, 91) Private key, (kd, N) = (29, 91)

Encrypting the message 69 with the public key results in thecyphertext 62 695 mod 91 = 62

Cyphertext can be decoded with the private key 6229 mod 91 = 69

Public key can be distributed in clear text to anyone who wantsto communicate with holder of public key

26

Encryption and Decryption usingAsymmetric Cryptography

1414

27

Symmetric vs. Asymmetric Symmetric cryptography based on

transformations Asymmetric based on mathematical

functions Asymmetric much more compute intensive Typically not used for bulk data encryption

28

Authentication Constraining set of potential senders of a message

Also can prove message unmodified

Algorithm components A set K of keys A set M of messages A set A of authenticators A function S : K → (M→ A)

That is, for each k ∈ K, S(k) is a function for generatingauthenticators from messages

Both S and S(k) for any k should be efficiently computablefunctions

A function V : K → (M× A→ {true, false}). That is, for each k ∈K, V(k) is a function for verifying authenticators on messages Both V and V(k) for any k should be efficiently computable

functions

1515

29

Authentication (Cont.) For a message m, a computer can generate an

authenticator a ∈ A such that V(k)(m, a) = true only if itpossesses S(k)

Thus, computer holding S(k) can generate authenticatorson messages so that any other computer possessing V(k)can verify them

Computer not holding S(k) cannot generate authenticatorson messages that can be verified using V(k)

Since authenticators are generally exposed (for example,they are sent on the network with the messagesthemselves), it must not be feasible to derive S(k) from theauthenticators

30

Authentication – Digital Signature Based on asymmetric keys and digital signature algorithm Authenticators produced are digital signatures In a digital-signature algorithm, computationally infeasible

to derive S(ks ) from V(kv) V is a one-way function Thus, kv is the public key and ks is the private key

Consider the RSA digital-signature algorithm Similar to the RSA encryption algorithm, but the key use is

reversed Digital signature of message S(ks )(m) = H(m)ks mod N The key ks again is a pair d, N, where N is the product of two

large, randomly chosen prime numbers p and q Verification algorithm is V(kv)(m, a) ≡ (akv mod N = H(m))

Where kv satisfies kvks mod (p − 1)(q − 1) = 1

1616

31

Encryption Example - SSL Insertion of cryptography at one layer of the ISO network

model (the transport layer) SSL – Secure Socket Layer (also called TLS) Cryptographic protocol that limits two computers to only

exchange messages with each other Very complicated, with many variations

Used between web servers and browsers for securecommunication (credit card numbers)

The server is verified with a certificate assuring client istalking to correct server

Asymmetric cryptography used to establish a securesession key (symmetric encryption) for bulk ofcommunication during session

Communication between each computer uses symmetrickey cryptography

Thank You