lecture 3 basic security concepts cont
DESCRIPTION
Lecture 3 Basic Security Concepts cont. Homework 1. Score: 10 points Due: September 12, 2013 2:00 am via dropbox Last day to submit with 4%/day penalty: September 23, 2013 2:00 am via dropbox - PowerPoint PPT PresentationTRANSCRIPT
Lecture 3
Basic Security Concepts cont.
Homework 1. Score: 10 points Due: September 12, 2013 2:00 am via dropbox Last day to submit with 4%/day penalty: September 23, 2013 2:00 am via
dropbox From C. P. Pfleeger and S. L. Pfleeger: Security in Computing, 4th Edition
answer the following questions: Chapter 1: 1, 10, 15 Chapter 2: 13, 18, 34
Grading: Answer all of the questions. Only one of them will be chosen by the instructor to be graded.
Solutions for all questions will be posted online and discussed in class after the last day to submit date.
CSCE 522 - Farkas 2
CSCE 522 - Farkas 3
Research Project
Project information: http://cse.sc.edu/~farkas/csce522-2013/project-2013.htm
Step 1 Identifying research interestForm groups of 2-4 students
CSCE 522 - Farkas
Project Information Discussion on Student preferences
What do you like to work on? E.g., application development, operating systems, databases, hardware
design, robotics, game development, etc. What are the security problems in your area of interest?
E.g., multilevel secure operating systems, access control in databases, remote controlled robots, etc.
How much your group can do within 1 semester? E.g., need to choose a problem that can be addressed within 12 weeks
(including any background research, research, development, and writing reports)
Be as specific as possible!
4
CSCE 522 - Farkas 5
Types of Attacks (1)
Interruption – an asset is destroyed, unavailable or unusable (availability)
Interception – unauthorized party gains access to an asset (confidentiality)
Modification – unauthorized party tampers with asset (integrity)
Fabrication – unauthorized party inserts counterfeit object into the system (authenticity)
Denial – person denies taking an action (authenticity)
CSCE 522 - Farkas 6
Types of Attacks (2) Passive attacks:
Eavesdropping Monitoring
Active attacks: Masquerade – one entity pretends to be a
different entity Replay – passive capture of information and its
retransmission Modification of messages – legitimate message
is altered Denial of service – prevents normal use of
resources
Malicious Attacks
Method: skills, knowledge, tools, information, etc.
Opportunity: time and accessMotive: reason to perform the action
How can defense influence these aspects of attacks?
CSCE 522 - Farkas 7
CSCE 522 - Farkas 8
Computer Criminals Amateurs: regular users, who exploit the vulnerabilities
of the computer system Motivation: easy access to vulnerable resources
Crackers: attempt to access computing facilities for which they do not have the authorization Motivation: enjoy challenge, curiosity
Career criminals: professionals who understand the computer system and its vulnerabilities Motivation: personal gain (e.g., financial)
CSCE 522 - Farkas 9Lecture 1
Methods of Defense Prevent: block attack Deter: make the attack harder Deflect: make other targets more attractive Detect: identify misuse Tolerate: function under attack Recover: restore to correct state
CSCE 522 - Farkas 10
Information Security Planning Organization Analysis Risk management Mitigation approaches and their costs Security policy Implementation and testing Security training and awareness
CSCE 522 - Farkas 11
Risk Management Framework(Business Context)
Understand BusinessContext
Identify Business and Technical Risks
Synthesize and RankRisks
Define RiskMitigation Strategy
Carry Out Fixesand Validate
Measurement and Reporting
Cryptography 1
Project Topics Cyber Attacks Cryptography Terminology Secret-Key Encryption
CSCE 522 - Farkas 13
Reading Assignment Reading assignments for this lecture
Required: Pfleeger: Ch 2
Recommended: C. Dupuis, A Short History of Cryptography,
http://jproc.ca/crypto/crypto_hist.html Navajo Code Talkers: World War II Fact Sheet,
http://www.history.navy.mil/faqs/faq61-2.htm Interesting: U.S. always ends up regulating new technologies for public safety; the Internet is
no exception, Homeland Security News Wire, http://www.homelandsecuritynewswire.com/bull20120829-u-s-always-ends-up-regulating-new-technologies-for-public-safety-the-internet-is-no-exception , 08/29/2012
CSCE 522 - Farkas 14
Insecure communications
Sender
Snooper
Recipient
Insecure channel
Confidential
CSCE 522 - Farkas 15
Cryptographic Protocols
Messages should be transmitted to destinationMessages should be transmitted to destination Only the recipient should see itOnly the recipient should see it Only the recipient should get itOnly the recipient should get it Proof of the sender’s identityProof of the sender’s identity Message shouldn’t be corrupted in transitMessage shouldn’t be corrupted in transit Message should be sent/received once onlyMessage should be sent/received once only
CSCE 522 - Farkas 16
Terminology Plaintext (cleartext): a message in its original
form Ciphertext (cyphertext): an encrypted message Encryption: transformation of a message to hide
its meaning Cipher: cryptographic algorithm. A mathematical
function used for encryption (encryption algorithm) and decryption (decryption algorithm).
CSCE 522 - Farkas 17
Terminology
Decryption: recovering meaning from ciphertext
Cryptography: art and science of keeping messages secure
Cryptanalysis: art and science of breaking ciphertext
Cryptology: study of both cryptography and cryptanalysis
CSCE 522 - Farkas 18
Encryption and Decryption
Plaintext PlaintextEncryption Decryption
Ciphertext
Additional requirements:• Authentication
• Between communicating parties• Third-party authentication
• Non-repudiation• Integrity verification• Key distribution
• Secret key (secure distribution)• Public key (reliable distribution)
CSCE 522 - Farkas 19
Conventional (Secret Key) Cryptosystem
Encryption DecryptionPlaintext PlaintextCiphertext
K
Sender Recipient
C=E(K,M)M=D(K,C)
K needs secure channel
CSCE 522 - Farkas 20
Public Key Cryptosystem
Encryption DecryptionPlaintext PlaintextCiphertext
Sender Recipient
C=E(Kpub,M)M=D(Kpriv,C)
Recipient’s public Key (Kpub)
Recipient’s private Key (Kpriv)
Kpub needs reliable channel
Security Objectives
Confidentiality Integrity Availability Authenticity Non-repudiation
CSCE 522 - Farkas 21
How can cryptography support these objectives?
CSCE 522 - Farkas 22
Security Objectives Confidentiality: Hiding message/file content
Secret key, public key encryption Integrity: Detecting modification
Hash function Availability: Not much – hiding existence of data
Secret key, public key encryption Authenticity: Verify origin
Public key encryption Non-repudiation: Verify activity
Public key encryption
CSCE 522 - Farkas 22
CSCE 522 - Farkas 23
CryptanalysisCryptanalyst’s goal:
Break messageBreak keyBreak algorithm
CSCE 522 - Farkas 24
Taxonomy of Attacks Ciphertext-only attack: attacker has ciphertext for
messages encrypted with K. Deduce keys and/or plaintext messages.
Known plaintext attack: attacker additionally knows the plaintext of the messages. Deduce keys or a decryption algorithm.
Chosen plaintext attack: attacker can obtain the ciphertext for selected plaintext messages. Deduce as above.
Chosen ciphertext attack: attacker can obtain decrypted (plaintext) versions of selected ciphertext. Deduce as above.
CSCE 522 - Farkas 25
Breakable versus Practically breakable Unconditionally secure: impossible to decrypt. No amount of ciphertext will enable a cryptanalyst to obtain the plaintext Computationally secure: an algorithm that is not breakable in practice based on worst case scenario Breakable: all algorithms (except one-time pad) are theoretically breakable
CSCE 522 - Farkas 26
What makes a good cryptosystem?
A good cryptosystem is one whose security does not depend upon the secrecy of the algorithm.
From Bruce Schneier: “Good cryptographers rely on peer review
to separate the good algorithms from the bad.''
CSCE 522 - Farkas 27
Secret Key Cryptosystem
Encryption DecryptionPlaintext PlaintextCiphertext
K
Sender Recipient
C=E(K,M)M=D(K,C)
K needs secure channel
CSCE 522 - Farkas 28
Secret Key Cryptosystem Vulnerabilities (1
Passive Attacker (Eavesdropper)Obtain and/or guess key and cryptosystem
use these to decrypt messagesCapture text in transit and try a ciphertext-
only attack to obtain plaintext.
CSCE 522 - Farkas 29
Active AttackerBreak communication channel (denial of
service)Obtain and/or guess key and cryptosystem
and use these to send fake messages
Secret Key Cryptosystem Vulnerabilities
CSCE 522 - Farkas 30
Inherent Weaknesses of Symmetric Cryptography
Key distribution must be done secretly (difficult when parties are geographically distant, or don't know each other)
Need a key for each pair of users n users need n*(n-1)/2 keys
If the secret key (and cryptosystem) is compromised, the adversary will be able to decrypt all traffic and produce fake messages
CSCE 522 - Farkas 31
Basic Encryption Techniques
Substitution Permutation Combinations and iterations of these
CSCE 522 - Farkas 32
Next Class
Substitution and TranspositionCharacterization of good encryption
algorithms