Security

School of BusinessEastern Illinois University

© Abdou Illia, Fall 2002

(Week 12, Wednesday 11/13/2002)

2Learning Objectives

Understand standard systems attack

Describe Encryption-Decryption techniques

3Standard systems attacks

Denial of service attacks, or distributed denial of service attacks:– Bombard a site (usually a server or a router) with so

many messages that the site is incapable of answering valid requests

Stealing and intercepting passwords and confidential messages.

4Denial-of-Service (DoS) Attacks

Make the system unusable (crash it or make it run very slowly) by sending a stream of messages.

Message Stream DOS Attack(Overloads the Victim)

Server Attacker

5Distributed DoS (DDoS) Attack

Messages Come from Many Sources

Server

Message Stream

Message StreamComputer with

Zombie

Computer with

Zombie

Attacker

AttackCommand

AttackCommand

Attacker hacks into multiple clients and plants Zombie programs on them

Attacker sends commands to Zombie programs which execute the attacks

6Identifying Victims for DDoS

Sending scanning messages– Ping messages (To know if a potential victim exist)– Supervisory messages (To know if victim available)– Etc.

Examining data that responses reveal IP addresses of potential victims What services victims are running; different services

have different weaknesses Host’s operating system, version number, etc.

7Identifying Victims for DDoS

Now you can remotely monitor (in real time) your employee, spouse, child or love interest without even having access to their computer!!

iSpy will allow you to send a tiny file to any computer via email which will install this software on the users system.  You can then access the users hard drive, listen to the audio of the computer, view screenshots, keystrokes, chats, instant messages, emails, and much... much more!  You will not find this with any other software!

8Intercepting confidential messages

Attacker Taps into the Conversation:Tries to Read Messages

Client PC Server

Message Exchange

9Encryption and Decryption techniques

Cryptography is the study of creating and using encryption and decryption techniques.

Plaintext is the data before any encryption has been performed

Ciphertext is the data after encryption has been performed

The key is the unique piece of information that is used to create ciphertext and decrypt the ciphertext back into plaintext

10Encryption and Decryption techniques

Key = COMPUTER SCIENCE

Plaintext = this is the account number you have requested

Algorithm based on Vigenere matrix

11Encryption and Decryption techniques

1) Look at the first letter in the plaintext (T)

2) Look at the corresponding key character immediately above it (C)

3) C tells us to use row C of Vigenere matrix to perform alphabetic substitution for plaintext character T

4) Go to column T in row C and find the cipher character V

5) Repeat Steps 1 through 4 for every character of the plaintext.

COMPUTERSCIENCECOMPUTERSCIENCECOMPUTERSCIENCE

Thisistheaccountnumberyouhaverequested

12Encryption and Decryption techniques

Encryption algorithm cannot be kept secret

Key must be kept secret

Plaintext Encryption Ciphertext Decryption Plaintext

AlgorithmKey

AlgorithmKey

TransmittedOriginalMessage

OriginalMessage

13Encryption: Key Length

Key can be “guessed” by exhaustive search– Try all possible keys– See which one decrypts the message

Long keys make exhaustive search difficult

– If length is n bits, 2n tries may be needed

– If key length is 8 bits, only 256 tries maximum

– Usually, Key Length ≥ 56 bits

Assume a key is 56 bits. If it takes 0.00024 seconds to try each key, how long will it take to try all possible keys? What if 10000 computers are working together to try all key combinations?

14Two general Encryption-Decryption methods

Symmetric key encryption method– Use a single key for Encryption-Decryption– Examples: Data Encryption Standard (DES), 3DES

Public key encryption method– Use different keys for Encryption-Decryption– Examples: RSA, Elliptical curve cryptosystem

15Symmetric key Encryption-Decryption

Symmetric key must be distributed secretly between partners

When Partner A sends to Partner B Partner A encrypts with the key, partner B decrypts with the key

When Partner B send to Partner A Partner B encrypts with the key, partner A decrypts with the key

Plaintext Encryption Ciphertext Decryption Plaintext

1010010101Transfer $5,000

Transfer$5,000

16Symmetric key Encryption-Decryption

Advantages: Simple enough for fast Encryption-Decryption Fast enough for long messages

Disadvantages: Need a different Symmetric key for each partner (or other partners could

read messages) If N partner, need N*(N-1)/2 keys.

Plaintext Encryption Ciphertext Decryption Plaintext

1010010101Transfer $5,000

Transfer$5,000

17Public key Encryption-Decryption

Each partner has a private key (kept secret) and a public key (shared with everybody)

Sending Partner A encrypts with the public key of Partner B Partner B encrypts with the public key of Partner A

Receiving Each receiver decrypt with its own private key

Encrypt withParty B’s Public Key

Partner A Partner B

Decrypt withParty B’s Private Key

18Public key Encryption-Decryption

Advantages: Once the message is encrypted, nobody can decrypted it except the receiver Simplicity of key exchange: No need to exchange public key securely

Disadvantages: Complex: Requires many computer processing cycles to do Public Encryption-

Decryption Can only be used to encrypt small messages

Encrypt withParty B’s Public Key

Partner A Partner B

Decrypt withParty B’s Private Key

19

Summary Questions

1. Name a few standard systems attacks

Answer:

2. Distinguish between Denial-of-Service attack and Distributed Denial-of-Service attacks.

Answer:

20

Summary Questions

3) Jason sends a message to Kristin using public key encryption. (a) What key will Jason use to encrypt the message? (b) What key will Kristin use to decrypt the message? (c) What key will Kristin use to encrypt the reply? (d) What key will Jason use to decrypt the reply? (e) Can the message and reply be long messages? Explain.

(a)(b)(c)(d)(e)

4) Does public key encryption have a problem with secure key exchange for the public key? Explain.