Security - 1 Security Peter O’Grady
Dec 31, 2015
Security - 2
Network Security Problem
Data Flow - transmission security Network Security - server security Malicious code - virus security
Security - 3
The Internet
User
User
User
User
Data moves through a networkAttacker may try to gain access
Security - 4
“By accessing or altering data, an attacker can steal tangible assets or lead an organization to take actions it would not otherwise take. By merely examining data, an attacker can gain competitive advantage, without the owner of the data being any the wiser.”
Computers at Risk: Safe Computing in the Information AgeNational Research Council, 1991
Security - 5
Network Security where an intruder may be malicious in
that they may interfere with the operation of the network, causing operation problems such as deliberately crashing a server.
Particularly dangerous when they gain access to data on servers.
Security - 6
Example Attack Texas A&M August 1992 Several outside intruders Captured hundreds of passwords
(including some on servers) One machine set up as hacker bulletin
board to discuss progress without the victim knowing.
Hackers had developed programs to test for weaknesses.
Security - 7
Transmission Security- Data Flow
The potential security problems in data flow can be thought of as:
Interruption – stop flow Interception – intercept message, for reading – original
message continues Modification – intercept message and replace with
alternative. Send alternative Fabrication – send fabricated message
How can each of these be stopped?
Security - 8
Conveying Messages Securely Phrases that convey meaning
– 1:1 coding - has to be pre-determined– Difficult to decode– Low flexibility
Character encryption– Very flexible– Need large number of possible
permutations to avoid brute force decryption
Security - 9
Transmission Security
Transmission Security involves three main measures that can be taken to prevent these breaches of security occurring. – encryption, – authentication, – and data integrity.
Security - 10
Encryption Task: take regular text and produce
encrypted text so that original text cannot be determined easily from the encrypted text.
Encryption Examples– Caesar cipher– Enigma encoding machine
Decryption:– Letter usage analysis– Complete enumeration– Obtaining Key
Security - 11
Encryption History of encryption tied to military and diplomatic
messages If messages are send by wireless then can be heard
by others Governments seek very hard encryption for
messages. Other governments try hard to decrypt messages.
Of VERY great importance Examples:
– Midway– German Enigma machine
Security - 13
Midway December 7 Pearl Harbor Japanese had “Purple” cipher machine. US had
decoded this (“Magic”) Japanese overran much of SE Asia by May 1942 Japanese 4 large carriers, 3 battleships, 16
submarines for invasion of Midway US only had 3 carriers (one damaged) in Pacific Messages decoded about Japanese plan. Nimitz
rushes all US carriers to Midway. US surprises Japanese fleet and sinks 4 Japanese
carriers.
Security - 14
“Scouts found the Japanese early in the morning of June 4. Although initial strikes by Midway-based planes were not successful, American carrier-based planes turned the tide. Torpedo bombers became separated from the American dive-bombers and were slaughtered (36 of 42 shot down), but they diverted Japanese defenses just in time for the dive-bombers to arrive; some of them had become lost, and now by luck they found the Japanese. The Japanese carriers were caught while refueling and rearming their planes, making them especially vulnerable. The Americans sank four fleet carriers—the entire strength of the task force….”
http://college.hmco.com/history/readerscomp/mil/html/ml_034100_midwaybattle.htm
Security - 15
Iraq I“One of the ROCKSTARS (codename for group of agents) next delivered an Iraqi mobile communications device that was supposed to be sent out for repairs. It was the device used by Deputy Prime Minister Tariq Aziz. It had encryption capability and was part of the SSO communications network. A ROCKSTAR agenthas swiped it. Tim (a USA agent) had it couriered back to Washington where the National Security Agency was able to exploit it. Soon NSA was listening in to some SSO communications.”
"Plan of Attack", Bob Woodward 2004 p 303
Security - 16
Iraq II
“Ahmad Chalabi, the Iraqi leader and former ally of the Bush administration, disclosed to an Iranian official that the United States had broken the secret communications code of Iran's intelligence service, betraying one of Washington's most valuable sources of information about Iran, according to United States intelligence..”NY Times, June 2, 2004
Security - 17
Caesar Cipher Simple coding that replaces letter by one n
places further along the alphabet. If n=2 then, for example, all occurrences of a
are replaced by c. internet becomes kpvgtpgv Easy to decode (26 possible keys) especially
using letter usage analysis (e.g. e is most frequently used letter in English)
Security - 18
Improving Caesar Cipher
Cipher where n is variable would be stronger– n varies with letter - i.e. one to one mapping
between letters– Can decipher using letter usage analysis– mapping that varies over time/usage would be
better - example is the German Enigma machine of WWII.
Security - 19
Enigma encoding machine On successive keystrokes the wheels
moved so that the encoding was different for each keystroke.
The wheels could be set by the users and the same settings had to be used at both ends of the transmission.
With five wheels, each with 26 pins, the number of different substitution alphabets is 265 (which equals 11,881,376).
Security - 23
Enigma Coding Machine 11,881,376 possible permutations was thought to be
impregnable. Illustrated key points on encryption:
– Same key at both ends (single key)- wheel positions– Number of permutations as high as possible to defeat
complete enumeration– Varying characteristics of encoding to defeat letter
usage analysis Now need much larger number of permutations to
avoid eavesdroppers.
Security - 24
Transmission Security - Main Elements
Single Key Encryption Dual Key Encryption Message Digest (often 128 bit) Certificate - containing subjects public key and
encrypted using certificates authority private key We’ll go through each of these and see how
they apply
Security - 25
Encryptionalgorithm
Decryptionalgorithm
Plaintext Ciphertext Plaintext
Shared key
Simplified Model of Conventional Single Key Encryption (Stallings, 1995)
Security - 26
Secure channel
Messagesource
Encrypter
Key source
Cryptanalyst
Decrypter DestinationX Y
K
X
X
K
Model of Conventional Single Key Encryption (Stallings, 1995)
Security - 27
Single Key Encryption
Input• plaintext X=[X1, X2, X3 , …., XM ]
• K=[K1, K2, ……, KJ ]
Output• ciphertext Y=[Y1,Y2, ….., YN]
Security - 28
Single Key Decryption
Input• ciphertext Y=[Y1,Y2, ….., YN]
• K=[K1, K2, ……, KJ ]
Output• plaintext X=[X1, X2, X3 , …., XM ]
Security - 29
Single Key The general method for decrypting are
generally based on enumerating the possible key settings.
Historically single key most common. Both ends have key. Example is Data Encryption Standard (DES)
from NIST. DES takes 64 bits of message and uses 56 bit
length key. 56 bit length key provides 256 ( = 7.2 x 1016)
keys
Security - 30
Encryption - Public (or Dual) Key Uses two separate, but matched, keys -
public and private. RECEIVER generates two keys with the
public key made available to others. TRANSMITTER uses public key to encrypt
the message. RECEIVER uses private key to decrypt
message. Can be used for authentication
Security - 31
Encryptionalgorithm
Decryptionalgorithm
Plaintext Ciphertext PlaintextUser A User B
B's private key
B's public key
Simplified Model of Dual-Key Encryption (Stallings, 1995)
Security - 32
Messagesource
Encrypt
Key-pairsource
Cryptanalyst
Decrypt DestinationX Y X
X
K Rb
KUb
KRbKUb
Source A Destination B
Dual-Key Encryption (Stallings, 1995)
Security - 33
Dual Key Encryption
Input• plaintext X=[X1, X2, X3 , …., XM ]
• KUb
Output• ciphertext Y=[Y1,Y2, ….., YN]
Security - 34
Dual Key Decryption
Input• ciphertext Y=[Y1,Y2, ….., YN]
• KRb
Output• plaintext X=[X1, X2, X3 , …., XM ]
Security - 35
Dual-Key Encryption
Most Internet data that is very sensitive is now encrypted using this dual key system (using the RCA or IDEA algorithms) with a key length of 128 bits (in North America) and 40 bits elsewhere.
Security - 36
Dual-Key Encryption The 128 bit key provides for 2128 (=3.4 x
1038) different keys while the 40 bit key provides for 240( approximately 1012) different keys. Each is therefore secure from all but the most determined eavesdropper.
Dual Key Encryption more computing intensive then single key so is only used to start communications
Security - 37
Authentication Is the process of checking that the
sender of data is in fact who they claim to be.
This is not as simple as it first appears. – an intruder can copy all of the packet
information, perhaps also altering some of the data, and then re-transmitting it as if it had come from the original source.
Security - 38
Messagesource
Encrypt
Key-pairsource
Cryptanalyst
Decrypt DestinationX Y X
K Ra
KRa
KUa
Source A Destination B
Authentication Using Dual-Key Encryption (Stallings, 1995)
Security - 39
Dual Key Authentication (encrypt)
Input• plaintext X=[X1, X2, X3 , …., XM ]
• KRa
Output• ciphertext Y=[Y1,Y2, ….., YN]
Security - 40
Dual Key Authentication (decrypt)
Input• ciphertext Y=[Y1,Y2, ….., YN]
• KUa
Output• plaintext X=[X1, X2, X3 , …., XM ]
Security - 41
Digital Signature
This mode of operation has been formulated into what is termed the Secure Sockets Layer (SSL) which uses an independent Certification Authority (CA) to issue a digital certificate. The digital certificate contains the name of the server and the public key, as well as a digital signature
Security - 42
Certificate: Data: Version: 0 (0x0) Serial Number: 02:41:00:00:01 Signature Algorithm: MD2 digest with RSA Encryption Issuer: C=US, O=RSA Data Security, Inc.,
OU=Secure Server Certification Authority Validity: Not Before: Wed Nov 9 15:54:17 1994 Not After: Fri Dec 31 15:54:17 1999 Subject: C=US, O=RSA Data Security, Inc.,
OU=Secure Server Certification Authority Subject Public Key Info: Public Key Algorithm: RSA Encryption Public Key: Modulus: 00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25: 01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03: e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86: 37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9: 4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07: 65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48: b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49: 54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5: dd:2d:d6:c8:1e:7b Exponent: 65537 (0x10001) Signature Algorithm: MD2 digest with RSA Encryption Signature: 88:d1:d1:79:21:ce:e2:8b:e8:f8:c1:7d:34:53:3f:61:83:d9: b6:0b:38:17:b6:e8:be:21:8d:8f:00:b8:8b:53:7e:44:67:1e: 22:bd:97:27:e0:9c:85:cc:4a:f6:85:3b:b2:e2:be:92:d3:e5: 0d:e9:af:5c:0e:0c:46:95:ff:a1:1c:5e:3e:e8:36:58:7a:73: a6:0a:f8:22:11:6b:c3:09:38:7e:26:bb:73:ef:00:bd:02:a4: f3:14:0d:30:3f:61:70:7b:20:fe:32:a3:9f:b3:f4:67:52:dc: b4:ee:84:8c:96:36:20:de:81:08:83:71:21:8a:0f:9e:a9
Example Certificate (RSA Secure Server Certification Authority)
Security - 44
Digital Signature Procedure The client sends a request to connect to
the secure server The server generates a public and
private key and then sends a signed digital certificate with the public key.
The client uses the public key from the server to decrypt the message and authenticate the server.
Security - 45
Authentication and Encryption It should be noted that this
authentication process does not prevent eavesdropping.
What is often used to prevent this is a double encryption procedure combining both authentication and encryption that provides both authentication and message encryption.
Security - 46
Authentication and Encryption (Encrypt)
Input• plaintext X=[X1, X2, X3 , …., XM ]
• KUb(KRa)
Output• ciphertext Y=[Y1,Y2, ….., YN]
Security - 47
Authentication and Encryption (Decrypt)
Input• ciphertext Y=[Y1,Y2, ….., YN]
• KUa(KRb)
Output• plaintext X=[X1, X2, X3 , …., XM ]
Security - 48
Data Integrity Data Integrity involves ensuring that the
message received has not been tampered with.
A main method used is that of computing a small block of code that is derived from the message and appending this small block of code to the message.
Security - 49
Data Integrity
This code is known as a cryptographic checksum or Message Authentication Code (MACs)
The function that is used to calculate the MAC need be only one way
Security - 50
SSL ProcessA->B helloB->A Hi, I'm Bob, bobs-certificate (Bobs public key
and encrypted using CA private key)A->B prove it (A has CA public key and hence
obtains Bobs public key securely)B->A Alice, This Is Bob
{ digest[Alice, This Is Bob] } bobs-private-keyA->B ok bob, here is a secret {secret}bobs-public-
key {some message,MAC}secret-key
Security - 51
Server Security “Most servers run UNIX, which is notorious
for its lack of mainframe-style security features and is a particular favorite of hackers.”– Network and Internetwork Security W.
Stallings, 1995 “The best safe in the world is worthless if
no one remembers to close the door.– Computers at Risk: Safe Computing in the
Information Age” National Research Council, 1991
Security - 53
Firewall
A firewall acts as the entry and exit point to an internal network and all traffic to and from the external Internet passes through it.
Can configure to allow/not allow packets of certain type or origin to pass
Security - 54
Housekeeping
Passwords Physically Secure the Servers Secure the private keys Limit Applications on Servers Limit ports on Servers
Security - 55
Length Number Fraction of Total1 55 0.0042 87 0.0063 212 0.024 449 0.035 1260 0.096 3035 0.227 2917 0.218 5772 0.42Total 13787 1.0
Passwords (Observed Password Lengths, Spafford (1990) )
Security - 56
E x a m p l e :S u p p o s e d a p a s s w o r d i s c o m p o s e d b y a l e n g t h o f n c h a r a c t e r s f r o m m c h a r a c t e r s , t h e n t h e p o s s i b l ep e r m u t a t i o n w i l l b e m ^ n .
m \ n 3 8
2 6 { l e t t e r s ( u p p e r c a s e o n l y ) } 1 7 5 7 6 2 .0 8 8 2 7 E + 1 1
5 2 { l e t t e r s ( u p p e r c a s e + l o w e r c a s e ) } 1 4 0 6 0 8 5 .3 4 5 9 7 E + 1 3
6 2 { l e t t e r s ( u p p e r c a s e + l o w e r c a s e ) + n u m b e r s ( 0 ,1 ,2 … 9 ) } 2 3 8 3 2 8 2 .1 8 3 4 E + 1 4
7 5 { l e t t e r s ( u p p e r c a s e + l o w e r c a s e ) + n u m b e r s ( 0 ,1 ,2 … 9 ) + s y m b o l s ( $ , * , > , < . . ) } 4 2 1 8 7 5 1 .0 0 1 1 3 E + 1 5
Passwords
Usually, situation is made much worse by used of familiar names as passwords.
Security - 57
Virus Security Logic Bombs Trojan Horses Trapdoors Viruses Bacteria Worm Malicious Components and Programs
(primarily ActiveX and Java code)
Security - 58
Virus Security Protection
Enforcing strict checks during program and system development to guard against Logic Bombs and trapdoors.
Installing virus protection software on all computers in the network.
Security - 59
Virus Security Protection
Enforcing network security aspects such as ensuring that passwords be made difficult to guess to prevent intruders or worms.
Restricting downloadable programs particularly those programs that are not constrained by a sandbox e.g. IloveYou virus containing VBScript.
Security - 60
Denial of Service Attacks Examples include
– attempts to "flood" a network, thereby preventing legitimate network traffic
– attempts to disrupt connections between two machines, thereby preventing access to a service
– attempts to prevent a particular individual from accessing a service
– attempts to disrupt service to a specific system or person
Security - 61
Denial-of-service attacks are most frequently executed against network connectivity. The goal is to prevent hosts or networks from communicating on the network.
An example of this type of attack is the "SYN flood" attack In this type of attack, the attacker begins the process of establishing a connection to the victim machine, but does it in such a way as to prevent the ultimate completion of the connection. In the meantime, the victim machine has reserved one of a limited number of data structures required to complete the impending connection. The result is that legitimate connections are denied while the victim machine is
waiting to complete bogus "half-open" connections.
Security - 62
Other DoS Attacks Bandwidth Consumption
– An intruder may also be able to consume all the available bandwidth on your network by generating a large number of packets directed to your network.
– The intruder need not be operating from a single machine; he may be able to coordinate or co-opt several machines on different networks to achieve the same effect.