security - 1 security peter o’grady. security - 2 network security problem n data flow -...

62
Security - 1 Security Peter O’Grady

Upload: gervais-lawrence

Post on 31-Dec-2015

231 views

Category:

Documents


0 download

TRANSCRIPT

Security - 1

Security

Peter O’Grady

Security - 2

Network Security Problem

Data Flow - transmission security Network Security - server security Malicious code - virus security

Security - 3

The Internet

User

User

User

User

Data moves through a networkAttacker may try to gain access

Security - 4

“By accessing or altering data, an attacker can steal tangible assets or lead an organization to take actions it would not otherwise take. By merely examining data, an attacker can gain competitive advantage, without the owner of the data being any the wiser.”

Computers at Risk: Safe Computing in the Information AgeNational Research Council, 1991

Security - 5

Network Security where an intruder may be malicious in

that they may interfere with the operation of the network, causing operation problems such as deliberately crashing a server.

Particularly dangerous when they gain access to data on servers.

Security - 6

Example Attack Texas A&M August 1992 Several outside intruders Captured hundreds of passwords

(including some on servers) One machine set up as hacker bulletin

board to discuss progress without the victim knowing.

Hackers had developed programs to test for weaknesses.

Security - 7

Transmission Security- Data Flow

The potential security problems in data flow can be thought of as:

Interruption – stop flow Interception – intercept message, for reading – original

message continues Modification – intercept message and replace with

alternative. Send alternative Fabrication – send fabricated message

How can each of these be stopped?

Security - 8

Conveying Messages Securely Phrases that convey meaning

– 1:1 coding - has to be pre-determined– Difficult to decode– Low flexibility

Character encryption– Very flexible– Need large number of possible

permutations to avoid brute force decryption

Security - 9

Transmission Security

Transmission Security involves three main measures that can be taken to prevent these breaches of security occurring. – encryption, – authentication, – and data integrity.

Security - 10

Encryption Task: take regular text and produce

encrypted text so that original text cannot be determined easily from the encrypted text.

Encryption Examples– Caesar cipher– Enigma encoding machine

Decryption:– Letter usage analysis– Complete enumeration– Obtaining Key

Security - 11

Encryption History of encryption tied to military and diplomatic

messages If messages are send by wireless then can be heard

by others Governments seek very hard encryption for

messages. Other governments try hard to decrypt messages.

Of VERY great importance Examples:

– Midway– German Enigma machine

Security - 12

Security - 13

Midway December 7 Pearl Harbor Japanese had “Purple” cipher machine. US had

decoded this (“Magic”) Japanese overran much of SE Asia by May 1942 Japanese 4 large carriers, 3 battleships, 16

submarines for invasion of Midway US only had 3 carriers (one damaged) in Pacific Messages decoded about Japanese plan. Nimitz

rushes all US carriers to Midway. US surprises Japanese fleet and sinks 4 Japanese

carriers.

Security - 14

“Scouts found the Japanese early in the morning of June 4. Although initial strikes by Midway-based planes were not successful, American carrier-based planes turned the tide. Torpedo bombers became separated from the American dive-bombers and were slaughtered (36 of 42 shot down), but they diverted Japanese defenses just in time for the dive-bombers to arrive; some of them had become lost, and now by luck they found the Japanese. The Japanese carriers were caught while refueling and rearming their planes, making them especially vulnerable. The Americans sank four fleet carriers—the entire strength of the task force….”

http://college.hmco.com/history/readerscomp/mil/html/ml_034100_midwaybattle.htm

Security - 15

Iraq I“One of the ROCKSTARS (codename for group of agents) next delivered an Iraqi mobile communications device that was supposed to be sent out for repairs. It was the device used by Deputy Prime Minister Tariq Aziz. It had encryption capability and was part of the SSO communications network. A ROCKSTAR agenthas swiped it. Tim (a USA agent) had it couriered back to Washington where the National Security Agency was able to exploit it. Soon NSA was listening in to some SSO communications.”

"Plan of Attack", Bob Woodward 2004 p 303

Security - 16

Iraq II

“Ahmad Chalabi, the Iraqi leader and former ally of the Bush administration, disclosed to an Iranian official that the United States had broken the secret communications code of Iran's intelligence service, betraying one of Washington's most valuable sources of information about Iran, according to United States intelligence..”NY Times, June 2, 2004

Security - 17

Caesar Cipher Simple coding that replaces letter by one n

places further along the alphabet. If n=2 then, for example, all occurrences of a

are replaced by c. internet becomes kpvgtpgv Easy to decode (26 possible keys) especially

using letter usage analysis (e.g. e is most frequently used letter in English)

Security - 18

Improving Caesar Cipher

Cipher where n is variable would be stronger– n varies with letter - i.e. one to one mapping

between letters– Can decipher using letter usage analysis– mapping that varies over time/usage would be

better - example is the German Enigma machine of WWII.

Security - 19

Enigma encoding machine On successive keystrokes the wheels

moved so that the encoding was different for each keystroke.

The wheels could be set by the users and the same settings had to be used at both ends of the transmission.

With five wheels, each with 26 pins, the number of different substitution alphabets is 265 (which equals 11,881,376).

Security - 20

Security - 21

Security - 22

Enigma in use Gen. Guderian, 1943

Security - 23

Enigma Coding Machine 11,881,376 possible permutations was thought to be

impregnable. Illustrated key points on encryption:

– Same key at both ends (single key)- wheel positions– Number of permutations as high as possible to defeat

complete enumeration– Varying characteristics of encoding to defeat letter

usage analysis Now need much larger number of permutations to

avoid eavesdroppers.

Security - 24

Transmission Security - Main Elements

Single Key Encryption Dual Key Encryption Message Digest (often 128 bit) Certificate - containing subjects public key and

encrypted using certificates authority private key We’ll go through each of these and see how

they apply

Security - 25

Encryptionalgorithm

Decryptionalgorithm

Plaintext Ciphertext Plaintext

Shared key

Simplified Model of Conventional Single Key Encryption (Stallings, 1995)

Security - 26

Secure channel

Messagesource

Encrypter

Key source

Cryptanalyst

Decrypter DestinationX Y

K

X

X

K

Model of Conventional Single Key Encryption (Stallings, 1995)

Security - 27

Single Key Encryption

Input• plaintext X=[X1, X2, X3 , …., XM ]

• K=[K1, K2, ……, KJ ]

Output• ciphertext Y=[Y1,Y2, ….., YN]

Security - 28

Single Key Decryption

Input• ciphertext Y=[Y1,Y2, ….., YN]

• K=[K1, K2, ……, KJ ]

Output• plaintext X=[X1, X2, X3 , …., XM ]

Security - 29

Single Key The general method for decrypting are

generally based on enumerating the possible key settings.

Historically single key most common. Both ends have key. Example is Data Encryption Standard (DES)

from NIST. DES takes 64 bits of message and uses 56 bit

length key. 56 bit length key provides 256 ( = 7.2 x 1016)

keys

Security - 30

Encryption - Public (or Dual) Key Uses two separate, but matched, keys -

public and private. RECEIVER generates two keys with the

public key made available to others. TRANSMITTER uses public key to encrypt

the message. RECEIVER uses private key to decrypt

message. Can be used for authentication

Security - 31

Encryptionalgorithm

Decryptionalgorithm

Plaintext Ciphertext PlaintextUser A User B

B's private key

B's public key

Simplified Model of Dual-Key Encryption (Stallings, 1995)

Security - 32

Messagesource

Encrypt

Key-pairsource

Cryptanalyst

Decrypt DestinationX Y X

X

K Rb

KUb

KRbKUb

Source A Destination B

Dual-Key Encryption (Stallings, 1995)

Security - 33

Dual Key Encryption

Input• plaintext X=[X1, X2, X3 , …., XM ]

• KUb

Output• ciphertext Y=[Y1,Y2, ….., YN]

Security - 34

Dual Key Decryption

Input• ciphertext Y=[Y1,Y2, ….., YN]

• KRb

Output• plaintext X=[X1, X2, X3 , …., XM ]

Security - 35

Dual-Key Encryption

Most Internet data that is very sensitive is now encrypted using this dual key system (using the RCA or IDEA algorithms) with a key length of 128 bits (in North America) and 40 bits elsewhere.

Security - 36

Dual-Key Encryption The 128 bit key provides for 2128 (=3.4 x

1038) different keys while the 40 bit key provides for 240( approximately 1012) different keys. Each is therefore secure from all but the most determined eavesdropper.

Dual Key Encryption more computing intensive then single key so is only used to start communications

Security - 37

Authentication Is the process of checking that the

sender of data is in fact who they claim to be.

This is not as simple as it first appears. – an intruder can copy all of the packet

information, perhaps also altering some of the data, and then re-transmitting it as if it had come from the original source.

Security - 38

Messagesource

Encrypt

Key-pairsource

Cryptanalyst

Decrypt DestinationX Y X

K Ra

KRa

KUa

Source A Destination B

Authentication Using Dual-Key Encryption (Stallings, 1995)

Security - 39

Dual Key Authentication (encrypt)

Input• plaintext X=[X1, X2, X3 , …., XM ]

• KRa

Output• ciphertext Y=[Y1,Y2, ….., YN]

Security - 40

Dual Key Authentication (decrypt)

Input• ciphertext Y=[Y1,Y2, ….., YN]

• KUa

Output• plaintext X=[X1, X2, X3 , …., XM ]

Security - 41

Digital Signature

This mode of operation has been formulated into what is termed the Secure Sockets Layer (SSL) which uses an independent Certification Authority (CA) to issue a digital certificate. The digital certificate contains the name of the server and the public key, as well as a digital signature

Security - 42

Certificate: Data: Version: 0 (0x0) Serial Number: 02:41:00:00:01 Signature Algorithm: MD2 digest with RSA Encryption Issuer: C=US, O=RSA Data Security, Inc.,

OU=Secure Server Certification Authority Validity: Not Before: Wed Nov 9 15:54:17 1994 Not After: Fri Dec 31 15:54:17 1999 Subject: C=US, O=RSA Data Security, Inc.,

OU=Secure Server Certification Authority Subject Public Key Info: Public Key Algorithm: RSA Encryption Public Key: Modulus: 00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25: 01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03: e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86: 37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9: 4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07: 65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48: b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49: 54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5: dd:2d:d6:c8:1e:7b Exponent: 65537 (0x10001) Signature Algorithm: MD2 digest with RSA Encryption Signature: 88:d1:d1:79:21:ce:e2:8b:e8:f8:c1:7d:34:53:3f:61:83:d9: b6:0b:38:17:b6:e8:be:21:8d:8f:00:b8:8b:53:7e:44:67:1e: 22:bd:97:27:e0:9c:85:cc:4a:f6:85:3b:b2:e2:be:92:d3:e5: 0d:e9:af:5c:0e:0c:46:95:ff:a1:1c:5e:3e:e8:36:58:7a:73: a6:0a:f8:22:11:6b:c3:09:38:7e:26:bb:73:ef:00:bd:02:a4: f3:14:0d:30:3f:61:70:7b:20:fe:32:a3:9f:b3:f4:67:52:dc: b4:ee:84:8c:96:36:20:de:81:08:83:71:21:8a:0f:9e:a9

Example Certificate (RSA Secure Server Certification Authority)

Security - 43

Security - 44

Digital Signature Procedure The client sends a request to connect to

the secure server The server generates a public and

private key and then sends a signed digital certificate with the public key.

The client uses the public key from the server to decrypt the message and authenticate the server.

Security - 45

Authentication and Encryption It should be noted that this

authentication process does not prevent eavesdropping.

What is often used to prevent this is a double encryption procedure combining both authentication and encryption that provides both authentication and message encryption.

Security - 46

Authentication and Encryption (Encrypt)

Input• plaintext X=[X1, X2, X3 , …., XM ]

• KUb(KRa)

Output• ciphertext Y=[Y1,Y2, ….., YN]

Security - 47

Authentication and Encryption (Decrypt)

Input• ciphertext Y=[Y1,Y2, ….., YN]

• KUa(KRb)

Output• plaintext X=[X1, X2, X3 , …., XM ]

Security - 48

Data Integrity Data Integrity involves ensuring that the

message received has not been tampered with.

A main method used is that of computing a small block of code that is derived from the message and appending this small block of code to the message.

Security - 49

Data Integrity

This code is known as a cryptographic checksum or Message Authentication Code (MACs)

The function that is used to calculate the MAC need be only one way

Security - 50

SSL ProcessA->B helloB->A Hi, I'm Bob, bobs-certificate (Bobs public key

and encrypted using CA private key)A->B prove it (A has CA public key and hence

obtains Bobs public key securely)B->A Alice, This Is Bob

{ digest[Alice, This Is Bob] } bobs-private-keyA->B ok bob, here is a secret {secret}bobs-public-

key {some message,MAC}secret-key

Security - 51

Server Security “Most servers run UNIX, which is notorious

for its lack of mainframe-style security features and is a particular favorite of hackers.”– Network and Internetwork Security W.

Stallings, 1995 “The best safe in the world is worthless if

no one remembers to close the door.– Computers at Risk: Safe Computing in the

Information Age” National Research Council, 1991

Security - 52

Server Security

Firewall Housekeeping

Security - 53

Firewall

A firewall acts as the entry and exit point to an internal network and all traffic to and from the external Internet passes through it.

Can configure to allow/not allow packets of certain type or origin to pass

Security - 54

Housekeeping

Passwords Physically Secure the Servers Secure the private keys Limit Applications on Servers Limit ports on Servers

Security - 55

Length Number Fraction of Total1 55 0.0042 87 0.0063 212 0.024 449 0.035 1260 0.096 3035 0.227 2917 0.218 5772 0.42Total 13787 1.0

Passwords (Observed Password Lengths, Spafford (1990) )

Security - 56

E x a m p l e :S u p p o s e d a p a s s w o r d i s c o m p o s e d b y a l e n g t h o f n c h a r a c t e r s f r o m m c h a r a c t e r s , t h e n t h e p o s s i b l ep e r m u t a t i o n w i l l b e m ^ n .

m \ n 3 8

2 6 { l e t t e r s ( u p p e r c a s e o n l y ) } 1 7 5 7 6 2 .0 8 8 2 7 E + 1 1

5 2 { l e t t e r s ( u p p e r c a s e + l o w e r c a s e ) } 1 4 0 6 0 8 5 .3 4 5 9 7 E + 1 3

6 2 { l e t t e r s ( u p p e r c a s e + l o w e r c a s e ) + n u m b e r s ( 0 ,1 ,2 … 9 ) } 2 3 8 3 2 8 2 .1 8 3 4 E + 1 4

7 5 { l e t t e r s ( u p p e r c a s e + l o w e r c a s e ) + n u m b e r s ( 0 ,1 ,2 … 9 ) + s y m b o l s ( $ , * , > , < . . ) } 4 2 1 8 7 5 1 .0 0 1 1 3 E + 1 5

Passwords

Usually, situation is made much worse by used of familiar names as passwords.

Security - 57

Virus Security Logic Bombs Trojan Horses Trapdoors Viruses Bacteria Worm Malicious Components and Programs

(primarily ActiveX and Java code)

Security - 58

Virus Security Protection

Enforcing strict checks during program and system development to guard against Logic Bombs and trapdoors.

Installing virus protection software on all computers in the network.

Security - 59

Virus Security Protection

Enforcing network security aspects such as ensuring that passwords be made difficult to guess to prevent intruders or worms.

Restricting downloadable programs particularly those programs that are not constrained by a sandbox e.g. IloveYou virus containing VBScript.

Security - 60

Denial of Service Attacks Examples include

– attempts to "flood" a network, thereby preventing legitimate network traffic

– attempts to disrupt connections between two machines, thereby preventing access to a service

– attempts to prevent a particular individual from accessing a service

– attempts to disrupt service to a specific system or person

Security - 61

Denial-of-service attacks are most frequently executed against network connectivity. The goal is to prevent hosts or networks from communicating on the network.

An example of this type of attack is the "SYN flood" attack In this type of attack, the attacker begins the process of establishing a connection to the victim machine, but does it in such a way as to prevent the ultimate completion of the connection. In the meantime, the victim machine has reserved one of a limited number of data structures required to complete the impending connection. The result is that legitimate connections are denied while the victim machine is

waiting to complete bogus "half-open" connections.

Security - 62

Other DoS Attacks Bandwidth Consumption

– An intruder may also be able to consume all the available bandwidth on your network by generating a large number of packets directed to your network.

– The intruder need not be operating from a single machine; he may be able to coordinate or co-opt several machines on different networks to achieve the same effect.