Computer SecurityComputer Security

Dept. of Computer ScienceCS 5200Fall 2005

Dr. Scott Cannon

Why is security important?Why is security important?

Privacy, info. integrity, availability of services

Example need areas: Email Financial transactions Records and document access Authentication of people

The Internet was not designed for security

Attacks…Attacks…

Eavesdropping Masquerading Tampering Denial of service Replaying Leakage

Mischievous attacks are often as bad as malicious attacks.

Concepts…Concepts…

Security Policy

Security Mechanism

Name conventions…Name conventions…

Alice 1st participant, usually the originator

Bob 2nd participantCarl 3rd participantEve an eavesdropperMalfoy malicious personSara a trusted server

Security Assumptions…Security Assumptions…

Interfaces are exposed Networks are insecure Secrets become less secure with age Algorithms and program code are

available to attackers Attackers have access to large resources Trusted bases should be minimized.

Situation…Situation…

Consider a simple Internet purchase: authentication of vendor secure transmission of credit card info secure delivery of electronic media insuring non-repudiation

All these must be achieved without previous contact between the buyer and seller

CryptographyCryptography

Encryption uses a key (or keys) in a algorithm such that the coded message cannot be decrypted without knowledge of the key

Notation KA Alice’s secret key KAB Alice and Bob’s shared secret key KApriv, KApub Alice’s public and private keys {m}K Message m encryped with key K [m]K Message m signed using key K E{m}K The encryption operation using key K D{m}K The decryption operation using key K

Trivial example…Trivial example…

E{m}k = m ^ k = m’ => {m}k

D{m’}k = m’ ^ k = m => {m’}key

Secret Key EncryptionSecret Key Encryption

Shared secret key Alice shares her secret key (K) with Bob;

Alice: {m}K = m’ Bob: {m’}K = m

Advantages: easy, fast, cheap Problems:

How does Bob know that m’ is not a copy of an earlier encrypted message?

What if this is the first communication between Alice and Bob?

Authentication ServiceAuthentication Service

Alice would like to communicate with Bob such that Bob can verify: the message does in fact come from Alice, the message has not been tampered with,

and the message is not a replay.

Authentication must be available even though Alice and Bob have never communicated before.

Authentication with a secret keyAuthentication with a secret key

Alice sends a unencrypted request to Sara requesting access to Bob’s data.

Sara returns {{ticket}KB, KAB}KA

Alice decrypts the message with KA : {ticket}KB, KAB

Alice sends the encrypted ticket to Bob with her identity: {ticket}KB, Alice

The ticket is actually KAB, Alice Bob decrypts the ticket to a) verify Alice’s identify

and b) get the shared secret key KAB

Alice and Bob can now communicate with KAB

Problems with secret keys…Problems with secret keys…

How do Alice and Bob send their secret keys to Sara?

Sara must be a secured server with knowledge of everyone’s secret keys

Public key encryptionPublic key encryption

A public key encryption algorithm uses two keys: One key undoes the effects of the other. Only the pair to a key can decrypt a message encrypted by the other key

One key is held private, the other can be public!

{m}Kpriv = m’ {m’}Kpub = m

Given Kpub, one cannot determine Kpriv within a reasonable amount of time.

Authentication using public keysAuthentication using public keys

Anyone can decrypt a message from Alice and verify that it came from her – since only Alice could produce {m}KApriv = m’

(Alice has signed the message)

Anyone can send a message to Alice that only Alice can read: {m}KApub = m’

Public key messagingPublic key messaging

Alice: {{m}KApriv}KBpub = m’

Bob: {{m’}KBpriv}KApub = m

Only Alice can encrypt m’. Only Bob can decrypt m’ to produce m.

This is true even though Malfoy has both KApub and KBpub.

The message m’ has been signed by Alice

Hybred approaches…Hybred approaches…

Alice to Bob: {{“Alice”}KApriv, KAB} KBpub = m’

Bob: {m’}KBpriv => signature, KAB

Bob to Alice: {X}KAB

Alice to Bob: {Y}KAB …

Cryptography algorithmsCryptography algorithms

Encryption / Decryption must not require extensive time or special hardware

Time, cost Vs. Security

Given Kpub, Malfoy should not be able to calculate Kpriv within a reasonable amount of time.

Cryptographic algorithms and programs should be considered publicThe above is the subject of U.S. ITAR export laws

Digital digest signaturesDigital digest signatures

Since public-key encryption is costly, often only a digest of a document is signed.

To protect against replaying attacks, a digest will usually include a date.

If Malfoy knows the digest algorithm, he could possibly alter the document without changing the encrypted digest.

Other security issues…Other security issues…

Passwords Taking over a service Denial of service Spoofing

Passwords and securityPasswords and security

Most passwords are simple variation of one or more of the following; a name (pet, family, famous person) a date a word associated with a hobby or personal

interest. Passwords are stored in public files (using

one-way encryption). A password cracker can try all possible 8-

char passwords in a few days with a desktop PC.

IP addresses and portsIP addresses and ports

An internet message has a header that contains; Source IP address Destination IP address destination port number Routing history

The local OS keeps a table of ports vs. processesport # process25 smtp80 http…

Taking over a computer is simply a matter of making a change in this table: bind()

Denial of ServiceDenial of Service

Denial-of-service attacks are usually just a matter of flooding the IP address and port of the service you wish to deny.

Prevention: Monitor the source IP address of incoming requests.

Problem: A message source IP address and its routing history is easily spoofed.

SpoofingSpoofing

Malfoy is relatively free to spoof the source IP address of any Internet message.

Internet transport protocols (TCP/IP, UDP/IP, A25, etc.) do not normally verify a source address.

Mail service (smtp) only makes a primitive verification that the FROM: field in an email corresponds to the message source.

While TCP automatically inserts a source address, Malfoy can use RAW protocols or modify TCP at the source.

Security – the bottom lineSecurity – the bottom line

The computer industry is very sensitive to security issues.

Security measures can only hamper Malfoy.

The only real security is a trustworthy software professional

Security and students…Security and students…

A software professional is similar to the guy responsible for shredding worn-out currency – the only real security is trust.

A computer science student or employee caught or even suspected of attempting to bypass computer security is marked for the rest of his or her career.

Consider: A bank clerk caught taking $5 from a till will never work in any bank again – ever.