security school of business eastern illinois university © abdou illia, fall 2002 (week 12,...
TRANSCRIPT
Security
School of BusinessEastern Illinois University
© Abdou Illia, Fall 2002
(Week 12, Wednesday 11/13/2002)
2Learning Objectives
Understand standard systems attack
Describe Encryption-Decryption techniques
3Standard systems attacks
Denial of service attacks, or distributed denial of service attacks:– Bombard a site (usually a server or a router) with so
many messages that the site is incapable of answering valid requests
Stealing and intercepting passwords and confidential messages.
4Denial-of-Service (DoS) Attacks
Make the system unusable (crash it or make it run very slowly) by sending a stream of messages.
Message Stream DOS Attack(Overloads the Victim)
Server Attacker
5Distributed DoS (DDoS) Attack
Messages Come from Many Sources
Server
Message Stream
Message StreamComputer with
Zombie
Computer with
Zombie
Attacker
AttackCommand
AttackCommand
Attacker hacks into multiple clients and plants Zombie programs on them
Attacker sends commands to Zombie programs which execute the attacks
6Identifying Victims for DDoS
Sending scanning messages– Ping messages (To know if a potential victim exist)– Supervisory messages (To know if victim available)– Etc.
Examining data that responses reveal IP addresses of potential victims What services victims are running; different services
have different weaknesses Host’s operating system, version number, etc.
7Identifying Victims for DDoS
Now you can remotely monitor (in real time) your employee, spouse, child or love interest without even having access to their computer!!
iSpy will allow you to send a tiny file to any computer via email which will install this software on the users system. You can then access the users hard drive, listen to the audio of the computer, view screenshots, keystrokes, chats, instant messages, emails, and much... much more! You will not find this with any other software!
8Intercepting confidential messages
Attacker Taps into the Conversation:Tries to Read Messages
Client PC Server
Message Exchange
9Encryption and Decryption techniques
Cryptography is the study of creating and using encryption and decryption techniques.
Plaintext is the data before any encryption has been performed
Ciphertext is the data after encryption has been performed
The key is the unique piece of information that is used to create ciphertext and decrypt the ciphertext back into plaintext
10Encryption and Decryption techniques
Key = COMPUTER SCIENCE
Plaintext = this is the account number you have requested
Algorithm based on Vigenere matrix
11Encryption and Decryption techniques
1) Look at the first letter in the plaintext (T)
2) Look at the corresponding key character immediately above it (C)
3) C tells us to use row C of Vigenere matrix to perform alphabetic substitution for plaintext character T
4) Go to column T in row C and find the cipher character V
5) Repeat Steps 1 through 4 for every character of the plaintext.
COMPUTERSCIENCECOMPUTERSCIENCECOMPUTERSCIENCE
Thisistheaccountnumberyouhaverequested
12Encryption and Decryption techniques
Encryption algorithm cannot be kept secret
Key must be kept secret
Plaintext Encryption Ciphertext Decryption Plaintext
AlgorithmKey
AlgorithmKey
TransmittedOriginalMessage
OriginalMessage
13Encryption: Key Length
Key can be “guessed” by exhaustive search– Try all possible keys– See which one decrypts the message
Long keys make exhaustive search difficult
– If length is n bits, 2n tries may be needed
– If key length is 8 bits, only 256 tries maximum
– Usually, Key Length ≥ 56 bits
Assume a key is 56 bits. If it takes 0.00024 seconds to try each key, how long will it take to try all possible keys? What if 10000 computers are working together to try all key combinations?
14Two general Encryption-Decryption methods
Symmetric key encryption method– Use a single key for Encryption-Decryption– Examples: Data Encryption Standard (DES), 3DES
Public key encryption method– Use different keys for Encryption-Decryption– Examples: RSA, Elliptical curve cryptosystem
15Symmetric key Encryption-Decryption
Symmetric key must be distributed secretly between partners
When Partner A sends to Partner B Partner A encrypts with the key, partner B decrypts with the key
When Partner B send to Partner A Partner B encrypts with the key, partner A decrypts with the key
Plaintext Encryption Ciphertext Decryption Plaintext
1010010101Transfer $5,000
Transfer$5,000
16Symmetric key Encryption-Decryption
Advantages: Simple enough for fast Encryption-Decryption Fast enough for long messages
Disadvantages: Need a different Symmetric key for each partner (or other partners could
read messages) If N partner, need N*(N-1)/2 keys.
Plaintext Encryption Ciphertext Decryption Plaintext
1010010101Transfer $5,000
Transfer$5,000
17Public key Encryption-Decryption
Each partner has a private key (kept secret) and a public key (shared with everybody)
Sending Partner A encrypts with the public key of Partner B Partner B encrypts with the public key of Partner A
Receiving Each receiver decrypt with its own private key
Encrypt withParty B’s Public Key
Partner A Partner B
Decrypt withParty B’s Private Key
18Public key Encryption-Decryption
Advantages: Once the message is encrypted, nobody can decrypted it except the receiver Simplicity of key exchange: No need to exchange public key securely
Disadvantages: Complex: Requires many computer processing cycles to do Public Encryption-
Decryption Can only be used to encrypt small messages
Encrypt withParty B’s Public Key
Partner A Partner B
Decrypt withParty B’s Private Key
19
Summary Questions
1. Name a few standard systems attacks
Answer:
2. Distinguish between Denial-of-Service attack and Distributed Denial-of-Service attacks.
Answer:
20
Summary Questions
3) Jason sends a message to Kristin using public key encryption. (a) What key will Jason use to encrypt the message? (b) What key will Kristin use to decrypt the message? (c) What key will Kristin use to encrypt the reply? (d) What key will Jason use to decrypt the reply? (e) Can the message and reply be long messages? Explain.
(a)(b)(c)(d)(e)
4) Does public key encryption have a problem with secure key exchange for the public key? Explain.