cis5372 1 intro

CIS-5372: 24.August.2015 1

Bogdan Carbunar

Presented by Mozhgan Azimpourkivi

CIS-5372

Foundations of Computer Security

Class 1

CIS-5372: 24.August.2015 2

Administrative Issues

Rules of the Class

Textbooks

Information Assurance Overview

Outline

CIS-5372: 24.August.2015 3

Staff Bogdan Carbunar, assistant prof.

Communications Class web page: http://users.cis.fiu.edu/~carbunar/teaching/cis5372/cis5372.2015/cis5372.html E-mail: [email protected]

Office Hours After class, ECS 383

What about you ?


CIS-5372: 24.August.2015 4

1 midterm worth: 25%

Final worth: 35%

Homework worth: 20%

Class participation: 20%

15% Extra credit!:

5%: User study participation

10%: student paper presentations

Class Grading (subject to changes)

CIS-5372: 24.August.2015 5

Homework

3 homeworks

Around 2 weeks for each homework

Not intended for grade (that much), but for your training

Midterm and Final

Problems similar to the homeworks

Class Grading: Details

CIS-5372: 24.August.2015 6

Class participation: 20%

Class presence does not mean participation

But it is encouraged

Participation means asking and answering questions

Class Grading: Details (cont’d)

CIS-5372: 24.August.2015 7

Student paper presentations: 10%

Papers posted on class web page

Let me know in time (FIFO assignment rule)

User study participation: 5%

Not yet sure

Will provide more details later

Class Grading: Details (cont’d)

CIS-5372: 24.August.2015 8

Use Bell curving: see https://en.wikipedia.org/wiki/Grading_on_a_curve

Based on mean and standard deviation of numeric scores

Class Grading: Final Grade

This is an example

https://en.wikipedia.org/wiki/Grading_on_a_curve

CIS-5372: 24.August.2015 9


Rules of the Class

Textbooks


Outline

CIS-5372: 24.August.2015 10

Rule #1: 0 tolerance for cheating First occurrence: grade 0 (zero) for problems

involved Second occurrence: …

Rule #2: The midterm and final exam are given only once,

at the time and place specified (at the proper time) on the web page

If you miss the exam, you get grade 0 Exception: medical condition, if properly

documented

Rules of Class

CIS-5372: 24.August.2015 11


Rules of the Class

Textbooks


Outline

CIS-5372: 24.August.2015 12

Security In Computing – 4th edition

Pfleeger and Pfleeger

Cryptography and Network Security

William Stallings

Applied Cryptography – 2nd edition

Bruce Schneier; Available online; Don’t need to buy it!

http://www.wikipedia.org/

Papers assigned for reading

See class webpage

Textbooks

http://www.wikipedia.org/

CIS-5372: 24.August.2015 13


Rules of the Class

Textbooks


Outline

CIS-5372: 24.August.2015 14


Rules of the Class

Textbooks


Outline

CIS-5372: 24.August.2015 15

Branch of computer technology known as information security as applied to computers and networks

Objective: protection of information and property Theft, corruption, or natural disaster, while allowing the

information and property to remain accessible and productive to its intended users

[Source: wikipedia]

Computer Security

CIS-5372: 24.August.2015 16

Security: protect information and information systems from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction.

Privacy: relationship between collection and dissemination of data, technology, the public expectation of privacy, and the legal and political issues surrounding them

[Source: wikipedia]

Information Security & Privacy

CIS-5372: 24.August.2015 17

It’s a jungle out there

3 Examples: Blue Security

Slammer Worm

Titan Rain

Many, many more …

Why Do We Care ?

CIS-5372: 24.August.2015 18

Anti-spam company “Blue Security”

Active approach against spam – Blue Frog Distributed Denial of service attack against spammers May 2006: attacked by PharmaMaster

Distributed denial of service attack (DDOS) Heavy network traffic (requests) against Blue Security Blue Security redirects traffic to its weblog, hosted by Six

Apart

Blue Security DoS

CIS-5372: 24.August.2015 19

Six Apart server farm collapses Makes 2,000 other blogs unreachable for several hours

Blue Security folds

Its clients were affected (down)

Find more details online (wiki?)

Blue Security DoS

CIS-5372: 24.August.2015 20

January 2003 Infects 90% of vulnerable computers within 10 minutes

Effect of the Worm Interference with elections

Cancelled airline flights

911 emergency systems affected in Seattle

13,000 Bank of America ATMs failed

No malicious payload!

Estimated ~$1 Billion in productivity loss

Slammer Worm

CIS-5372: 24.August.2015 21

Successful net intrusions on U.S. military Increasing in frequency since 2003

Originating from China, etc

Successful intrusion into… U.S. Army Information Systems Engineering Command at

Fort Huachuca, Arizona

Defense Information Systems Agency in Arlington, Virginia

Naval Ocean Systems Center in San Diego, California

United States Army Space and Strategic Defense installation in Huntsville, Alabama

more…

Titan Rain

CIS-5372: 24.August.2015 22

Goals: Protect

Confidentiality

Integrity

Availability

Integrity

Confidentiality

Availability

Information Security

Information Security

CIS-5372: 24.August.2015 23

Information about system or its users cannot be learned by an attacker

Data Confidentiality:

Private or confidential information is not revealed to unauthorized individuals

Privacy:

Users control what information about them can be Collected

Stored

By whom

Confidentiality

Confidentiality

CIS-5372: 24.August.2015 24

The system continues to operate properly, only reaching states that would occur if there were no attacker

Data Integrity

Information and programs are changed only in specified and authorized manner

System Integrity

System performs intended function free from unauthorized system manipulation

Integrity

Integrity

CIS-5372: 24.August.2015 25

Actions by an attacker do not prevent users from having access to use of the system

Enable access to data and resources

Timely response

Fair resource allocation

Availability

Availability

CIS-5372: 24.August.2015 26

Authenticity

Being able to be verified and trusted

Confidence in the validity of a message (originator)

Accountability

Actions of an entity can be traced to it

Tracing a security breach to a responsible party

More Required Concepts

CIS-5372: 24.August.2015 27

System

Security is about

Honest user (e.g., Alice, Bob, …)

Dishonest Attacker

How the Attacker Disrupts honest user’s use of the system (Integrity, Availability)

Learns information intended for Alice only (Confidentiality)

Alice Malory

General Picture

CIS-5372: 24.August.2015 28

Examples

Confidentiality

Student grades

Available only to student, parents, employer

Integrity

Patient information e.g., allergies

Can lead to loss of human life

Availability

Authentication service

Unavailability can lead to financial loss

CIS-5372: 24.August.2015 29

Passive Attacks

Learn and use information from a system without affecting system resources

Active Attacks

Attempt to affect and alter system resources

Security Attacks

CIS-5372: 24.August.2015 30

Passive Attacks

Alice

Bob Eavesdrop 2

Eve

M 1

Perform traffic analysis

on encrypted messages

3

CIS-5372: 24.August.2015 31

Impersonation

Replay

Modify messages

Denial of Service (DoS)

Active Attacks

CIS-5372: 24.August.2015 32

Impersonation

Alice

Bob Eavesdrop 2

Malory

Hi, A 1

Hi, “I’m A” 3

May enable M to obtain

A’s privileges

CIS-5372: 24.August.2015 33

Replay

Alice

Bob Eavesdrop 2

Malory

“You owe me $10” 1

You owe me $10 3

Bob owes Alice $20 or Bob owes Malory $10

CIS-5372: 24.August.2015 34

Message Modification

Alice

Bob Eavesdrop 2

Malory

Give Carol access 1

Give Malory acc 3

Note that A’s message is delayed or removed

CIS-5372: 24.August.2015 35

Denial of Service

Alice

Bob

Malory

Hi, I’m Alice 1

A can never talk to B

Send Key 2

CIS-5372: 24.August.2015 36

Building blocks that we will define and use in the next lectures

Will describe in more detail later

Encryption

Signature

Hash

Crash Course in Crypto

CIS-5372: 24.August.2015 37

Basic Terminology

Plaintext

Original message

Ciphertext

Coded message

Cipher or Encryption Algorithm

Algorithm for transforming plaintext to ciphertext

Key

Info used in cipher known only to sender/receiver

CIS-5372: 24.August.2015 38

Basic Terminology (cont’d)

Encrypt (encipher)

Converting plaintext to ciphertext

Decrypt (decipher)

Recovering plaintext from ciphertext

CIS-5372: 24.August.2015 39

Basic Terminology (cont’d)

Cryptography

Study of encryption principles/methods

Cryptanalysis (codebreaking)

Study of principles/ methods of deciphering ciphertext

without knowing key

Cryptology

Field of both cryptography and cryptanalysis

CIS-5372: 24.August.2015 40

Cryptosystem/Encryption System

Plaintext

Encryption

Algorithm

Encryption Key Decryption Key

Plaintext

Decryption

Algorithm

Ciphertext

CIS-5372: 24.August.2015 41

Symmetric Cryptosystems

Plaintext

Encryption

Algorithm


Plaintext

Decryption

Algorithm =

Ciphertext

CIS-5372: 24.August.2015 42

1. Strong encryption algorithm

2. Secret key known only to sender / receiver

Mathematically:

Ciphertext = E(K, Plaintext) = EK(Plaintext)

Plaintext = D(K, Ciphertext) = DK(Ciphertext)

3. Assume encryption algorithm is known !

4. Assume a secure channel to distribute key

Requirements

CIS-5372: 24.August.2015 43

In Real Life

Alice

Bob

Malory

K - secret

Cannot Decrypt C !

M = Hi, A, B, “attack tomorrow”

C = E(K, M)

Intercept 2

K - secret

C’ 3

Cannot Produce C’ !

C’ = E(K, “Hi, A, B, postpone attack”)

CIS-5372: 24.August.2015 44

Objective:

Recover message given ciphertext

Recover key – more significant – why ?

General approaches:

Cryptanalytic attack

Brute-force attack

If either succeed all key use compromised

Cryptanalysis

CIS-5372: 24.August.2015 45

Ciphertext only

Only know algorithm & ciphertext

Assume you know or can identify plaintext

Known plaintext

Know/suspect plaintext & ciphertext

How ?

Perhaps know some protocol

Cryptanalytic Attack

CIS-5372: 24.August.2015 46

Chosen plaintext

Select plaintext and obtain ciphertext

Example: Encrypt 0

Encrypt 1

Encrypt 01, 10, etc

Chosen ciphertext

Select ciphertext and obtain plaintext

Chosen text

Select plaintext or ciphertext to en/decrypt

Cryptanalytic Attack (cont’d)

CIS-5372: 24.August.2015 47

Always possible to simply try every key

Work is a function of key size Given cipertext

1. Try every key until decryption is intelligible

2. Assume either know / recognise plaintext

Use cloud computing for parallelism

Use volunteer computing

SETI@Home, Folding@Home, Large prime search, RSA challenge

Cryptanalysis – Brute Force

CIS-5372: 24.August.2015 48

Key Size (bits) Number of Alternative

Keys

Time required at 1

decryption/µs

Time required at 106

decryptions/µs

32 232 = 4.3 109 231 µs = 35.8 minutes 2.15 milliseconds

56 256 = 7.2 1016 255 µs = 1142 years 10.01 hours

128 2128 = 3.4 1038 2127 µs = 5.4 1024 years 5.4 1018 years

168 2168 = 3.7 1050 2167 µs = 5.9 1036 years 5.9 1030 years

26 characters

(permutation)

26! = 4 1026 2 1026 µs = 6.4 1012 years 6.4 106 years

Brute Force Speed

Key size is essential !

Moore’s law:

As computers get faster, old ciphertexts become vulnerable

CIS-5372: 24.August.2015 49

Most significant advance in the 3000 year history of cryptography !

Uses two keys – a public and a private key

Asymmetric: parties are not equal

Public Key Cryptosystems (PKC)

Public invention Whitfield Diffie & Martin Hellman at Stanford University in

1976

Known earlier in classified community

CIS-5372: 24.August.2015 50

Addresses two key issues:

Key distribution – how to have secure communications in general without having to trust a KDC with your key

Digital signatures – how to verify a message comes intact from the claimed sender

Why Public Key ?

CIS-5372: 24.August.2015 51

PKC in a Nutshell

Plaintext

Encryption

Algorithm


Plaintext

Decryption

Algorithm

CIS-5372: 24.August.2015 52

PKC in Real Life!

Alice

Bob

Malory

C= Encrypt(pubKeyB, M) 1

pubKeyB - public

privKeyB - private

pubKeyB - public

Cannot Infer privKeyB

from pubKeyB !

Intercept C 2

Cannot Obtain M !

M= Decrypt(privKeyB, C)

Has message M

CIS-5372: 24.August.2015 53

Unconditional security

No matter how much computer power or time is available, the cipher cannot be broken

The ciphertext provides insufficient information to uniquely determine the corresponding plaintext

Computational security

Given limited computing resources (e.g., time needed for calculations is greater than age of universe), the cipher cannot be broken

More Definitions

CIS-5372: 24.August.2015 54


Will describe in more detail in class 5, 6, 7

Encryption

Signature

Hash


CIS-5372: 24.August.2015 55

Verify author, date & time of message

Authenticate message contents

Verifiable by third parties to resolve disputes

Digital Signatures

CIS-5372: 24.August.2015 56

Digital Signature Model

Plaintext

Signature

Algorithm

Private Key

Public Key

Verification

Algorithm

Plaintext

Valid !

Invalid !

Signature

CIS-5372: 24.August.2015 57

In Real Life

Alice

Bob

Malory

pubKeyB - public

privKeyB - private

pubKeyB - public

Cannot Forge

Bob’s Signature !

M = I owe Alice $1000

S = Sign(M, privKeyB)

M, S

Verify(M, S, pubKeyB) = true !

Intercept 2

M’ = I owe Malory $1000

for same S

M’ = I owe Malory $1000

for new S’

CIS-5372: 24.August.2015 58

In Real Life

Alice

Bob

pubKeyB - public

privKeyB - private

pubKeyB - public

Bob Cannot Deny

Signature S !

M = I owe Alice $1000

S = Sign(M, privKeyB)

M, S

Verify(M, S, pubKeyB) = true !

CIS-5372: 24.August.2015 59

Depend on the message signed

Use information unique to sender

Prevent both forgery and denial

Easy to generate

Easy to verify

Computationally infeasible to forge

New message for existing digital signature

Fraudulent digital signature for given message

Digital Signature Requirements

CIS-5372: 24.August.2015 60



Encryption

Signature

Hash


CIS-5372: 24.August.2015 61

Condenses message M to fixed size

h = H(M)

Hash Functions

M (L bits)

Hash H

Hash value h

(fixed length)

Assume hash function is public

Used to detect changes to message

Looks Random !

CIS-5372: 24.August.2015 62

Hash Properties

Pre-image resistance:

Given value h, hard to find message M such that h = H(M)

Second pre-image resistance:

Given message M1, hard to find M2 such that H(M1)=H(M2)

Collision resistance:

Hard to find any M1 and M2 such that H(M1)=H(M2)

CIS-5372: 24.August.2015 63



Encryption

Signature

Hash


CIS-5372: 24.August.2015 64


Rules of the Class

Class Overview


Outline

cis5372 1 intro

Documents

class participation

class webpage textbooks

documented rules of

details cis

class presence

administrative issues

changes cis

example cis