29 November 2010. Documentation Reminders Functional Spec What the program does Context, uses cases, interfaces (definition, not screen shots) Revise.

SECURITY AND PRIVACY(PART 2)

29 November 2010

Documentation Reminders Functional Spec

What the program doesContext, uses cases, interfaces (definition,

not screen shots)Revise to reflect reality

User manualsDocument, help screens, tool tips, …Describe how handled on your website

Documentation Reminders (2)

Installation Guide & Administrator ManualWhatever is needed to get your system up

○ Including where to find your code or executableMake NO assumptions, BUT you can point to

other documents or web sites (e.g., tell them to download and install a prereq

and give them a web site reference)Assume that the machine that you are running

on caught fire …

Documentation Reminders (3)

Design documentOverall architecture

○ Picture○ Be specific

Decomposition○ Including code file structure

Naming conventionsInterfaces by toolDatabase designDecisions

○ If you were taking over the project, what would you ask?Think of possible enhancements and ask yourself if there is

enough information to get started

ENCRYPTION

Security Level of Encrypted Data

Unconditionally SecureUnlimited resources + unlimited timeStill the plaintext CANNOT be recovered

from the ciphertext Computationally Secure

Cost of breaking a ciphertext exceeds the value of the hidden information

The time taken to break the ciphertext exceeds the useful lifetime of the information

Types of Attacks

Ciphertext only adversary has only ciphertext goal is to find plaintext, possibly key

Known plaintext adversary has plaintext and ciphertext goal is to find key

Chosen plaintext adversary can get a specific plaintext

enciphered goal is to find key

Attack Mechanisms

Brute force Statistical analysis

Knowledge of natural languageExamples:

○ All English words have vowels○ There are only 2 1-letter words in English○ High probability that u follows q○ …

PRIVATE KEY

Caesar Cipher Substitute the letter 3 ahead for each

one Example:

Et tu, BruteHw wx, Euxwh

Quite sufficient for its timeHigh illiteracyNew idea

Enigma Machine(Germany, World War II)

Simple Caesar cipher through each rotor

But rotors shifted at different ratesRoller 1 rotated one

position after every encryption

Roller 2 rotated every 26 times…

Private Key Cryptography Sender, receiver share common key

Keys may be the same, or trivial to derive from one another

Sometimes called symmetric cryptography or classical cryptography

Two basic typesTransposition ciphers (rearrange bits)Substitution ciphers

Product ciphersCombinations of the two basic types

DES (Data Encryption Standard) A block cipher:

encrypts blocks of 64 bits using a 64 bit keyoutputs 64 bits of ciphertextA product cipher

○ performs both transposition (permutation) and substitution on the bits

Considered weakSusceptible to brute force attack

http://www.tropsoft.com/strongenc/des.htm

Cracking DES 1998: Electronic Frontier Foundation

cracked DES in 56 hrs using a supercomputer

1999: Distributed.net cracked DES in 22 hrs

With specialized hardware, DES can be cracked in less than an hour.

History of DES IBM develops Lucifer for banking systems (1970’s )

NIST and NSA evaluate and modify Lucifer (1974) Modified Lucifer adopted as federal standard (1976)

Name changed to Data Encryption Standard (DES) Defined in FIPS (46-3) and ANSI standard X9.32

NIST defines Triple DES (3DES) (1999) Single DES use deprecated - only legacy systems.

NIST approves Advanced Encryption Std. (AES) (2001) AES (128-bit block) Attack published in 2009

Current state of the art is AES-256

PUBLIC KEY

Public Key Cryptography

Two keysPrivate key known only to individualPublic key available to anyone

○ Public key, private key inverses

Confidentialityencipher using public keydecipher using private key

Integrity/authenticationencipher using private key decipher using public one

Public Key Requirements

1. Computationally easy to encipher or decipher a message given the appropriate key

2. Computationally infeasible to derive the private key from the public key

3. Computationally infeasible to determine the private key using a chosen plaintext attack

RSA Public key algorithm described in 1977 by

Rivest, Shamir, and Adelman Exponentiation cipher Relies on the difficulty of factoring a large

integer RSA Labs FAQ document (good intro)

http://www.rsasecurity.com/rsalabs/node.asp?id=2152

RSA Usage for Encryption Public key: (n,e); private key:

(n,d)Public key to encipherPrivate key to decipher

EncryptionEncipher: c = me mod nDecipher: m = cd mod n

RSA Basics for choosing keys Choose two large primes p and q n = pq Choose e

Less than nRelatively prime to (p-1)(q-1)

Choose d(ed-1) divisible by (p-1)(q-1)

Public key: (n,e); private key: (n,d)

A Guide to RSA

Summary Private key (classical) cryptosystems

encipher and decipher using the same key Public key cryptosystems

encipher and decipher using different keyscomputationally infeasible to derive one

from the other

AUTHENTICATION

Authentication

Assurance of the identity of the party that you’re talking to

Primary technologiesDigital SignatureKerberos

Digital Signature Authenticates origin, contents of message in a

manner provable to a disinterested third party (“judge”)

Sender cannot deny having sent message (service is “nonrepudiation”)Limited to technical proofs

○ Inability to deny one’s cryptographic key was used to sign

One could claim the cryptographic key was stolen or compromised○ Legal proofs, etc., probably required

Protocols based on both public and private key technologies

RSA for Digital Signature

Public key: (n,e); private key: (n,d)Public key to signPrivate key to validate

Digital signatureSign: s = md mod n; send (s,m)Validate: m = se mod n

Kerberos Authentication system

Central server plays role of trusted third party Ticket (credential)

Issuer vouches for identity of requester of service

Authenticator Identifies sender

User must1. Authenticate to the system2. Obtain ticket to use server S

Problems Relies on synchronized clocks Vulnerable to attack

“Using encryption on the Internet is the equivalent of arranging

an armored car to deliver credit card information from someone

living in a cardboard box to someone living on a park bench”

– Gene Spafford (Purdue)

NETWORK SECURITY

Firewall Techniques Filtering

Doesn’t allow unauthorized messages through Can be used for both sending and receivingMost common method

ProxyThe firewall actually sends and receives the

informationSets up separate sessions and controls what

passes in the secure part of the network

DMZ: Demilitarized Zone

Arrangement of firewalls to form a buffer or transition environment between networks with different trust levels

Internet Firewall

Firewall

Internal resources

Three Tier DMZ

Internet Firewall

Firewall

Firewall

Internal resources

WebServer

AppServer

PRIVACY

When you walk into the store, the big-screen displays "Hello Tom," your shopping habits, and other information

from Minority Report

Some Views on Privacy “All this secrecy is making life harder, more

expensive, dangerous …”Peter Cochran, former head of BT (British Telecom)

Research

“You have zero privacy anyway.”Scott McNealy, CEO Sun Microsystems

“By 2010, privacy will become a meaningless concept in western society”

Gartner report, 2000

Legal Realities of Privacy Self-regulation approach in US, Japan Comprehensive laws in Europe,

Canada, Australia European Union

Limits data collectionRequires comprehensive disclosuresProhibits data export to unsafe countries

○ Or any country for some types of data

Aspects of Privacy

Anonymity Security Transparency and Control: knowing

what is being collected

Privacy and Trust Right of individuals to determine if, when,

how, and to what extent data about themselves will be collected, stored, transmitted, used, and shared with others

Includesright to browse the Internet or use applications

without being tracked unless permission is granted in advanced

right to be left alone True privacy implies invisibility Without invisibility, we require trust

Technologies privacy aware technologies (reactive)

non-privacy-related solutions that enable users to protect their privacy

Examples○ password and file-access security programs○ unsubscribe○ encryption○ access control

privacy enhancing technologies (proactive) solutions that help consumers and companies protect

their privacy, identity, data and actions Examples

○ popup blockers○ anonymizers○ Internet history clearing tools○ anti-spyware software

Impediments to Privacy Surveillance Data collection and sharing Cookies

Web site last year was discovered capturing cookies that it retained for 5 years

Sniffing, Snarfing, SnortingAll are forms of capturing packets as they pass

through the networkDiffer by how much information is captured and

what is done with it

P3P

Platform for Privacy PreferenceWorld Wide Web Consortium (W3C) project

Voluntary standard still in draft form Structures a web site’s policies in a

machine readable formatAllows browsers to understand the policy

and behave according to a user’s defined preferences

Privacy and Wireless “Wardriver” program: scans for broadcast

SSIDsbroadcasting improves network access, but at a cost

once the program finds the SSIDobtains the IP addressobtains the MAC address…

Lowe’s was penetrated this wayStole credit card numbers