Security and Auth entication CS-4513, D-Term 2007 1 Security and Authentication (continued) CS-4513 D-Term 2007 (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz, Galvin, & Gagne, Modern Operating Systems, 2 nd ed., by Tanenbaum, and Distributed Systems: Principles & Paradigms, 2 nd ed. By Tanenbaum and Van Steen)
49
Embed
Security and Authentication CS-4513, D-Term 20071 Security and Authentication (continued) CS-4513 D-Term 2007 (Slides include materials from Operating.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Security and Authentication
CS-4513, D-Term 2007 1
Security and Authentication(continued)
CS-4513D-Term 2007
(Slides include materials from Operating System Concepts, 7th ed., by Silbershatz, Galvin, & Gagne, Modern Operating Systems, 2nd ed., by Tanenbaum, and Distributed Systems: Principles & Paradigms, 2nd
ed. By Tanenbaum and Van Steen)
Security and Authentication
CS-4513, D-Term 2007 2
Review
• Authentication• How to identify someone• How to establish that they are who they say they are
• Fundamental to establishing authority in Distributed Systems
• Everything else is based on trust that the person or agent doing something has the authority to do it
• Threats• Masquerading as someone else• Intercepting / corrupting communications
• Broadest security tool available– Fundamental foundation for secure storage and
communication– Basis for establishing trust– Means to constrain potential senders (sources)
and / or receivers (destinations) of messages– Means to detect/prevent intrusion or corruption
– (Cannot prevent denial of service attacks)
Security and Authentication
CS-4513, D-Term 2007 8
Principles
• Cryptography is about the exchange of messages
• The key to success is that all parties to an exchange trust that the system will both protect them from threats and accurately convey their message
• TRUST is essential
Security and Authentication
CS-4513, D-Term 2007 9
Note
• Data storage is just another means of communication
• Writing data Sending message
• Reading data Receiving message• Perhaps much, much later!
• Integrity of data Integrity of message
Security and Authentication
CS-4513, D-Term 2007 10
Basic Premise of Cryptography
• Algorithms are (usually) public• Orders of magnitude easier to compute in forward
(normal) direction than in reverse (attack) direction
• Keys are always secret• Enough bits to prevent trying all key values
• Key management is a very big deal• Heart of all successful cryptographic systems
Security and Authentication
CS-4513, D-Term 2007 11
Conventional Wisdom
• Algorithms must be public and verifiable
• We need to be able to estimate the risk of compromise
• The solution must practical for its users, and impractical for an attacker to break
Security and Authentication
CS-4513, D-Term 2007 12
Public Policy Dilemma
• Algorithm intended to be a public standard must be subject to scrutiny of its users
• I.e., banks, industry, commerce, etc.
• To establish trust that it is good enough!
• Any algorithm good enough to protect billions of $$ of funds & commerce will be too hard for governments to penetrate!
• Crime, terrorism, etc.
Security and Authentication
CS-4513, D-Term 2007 13
Ergo …
• Governments tend to use secret encryption methods and algorithms for the most secure communications
• Sometimes, confidence in such algorithms is misplaced!
Security and Authentication
CS-4513, D-Term 2007 14
History
• Most secret algorithms have been broken• Prior to computing age, at least
• Vulnerabilities• Redundancy in human languages
• Repeatability or lack of randomness in algorithm
• Repeatability or lack of randomness in keys
Security and Authentication
CS-4513, D-Term 2007 15
Guidelines
• Cryptography is always based on algorithms which are orders of magnitude easier to compute in the forward (normal) direction than in the reverse (attack) direction.
• The attacker’s problem is never harder than trying all possible keys
• The more material the attacker has the easier his task
Security and Authentication
CS-4513, D-Term 2007 16
Example
• What is 314159265358979 314159265358979?
vs.
• What are prime factors of3912571506419387090594828508241?
Security and Authentication
CS-4513, D-Term 2007 17
Caveat
• We cannot mathematically PROVE that the inverse operations are really as hard as they seem to be…It is all relative…
The Fundamental Tenet of Cryptography:
If lots of smart people have failed to solve a problem, it won’t be solved (soon)
Security and Authentication
CS-4513, D-Term 2007 18
Time marches on…
• We must assume that there will always be improvements in computational power, mathematics and algorithms.– Messages which hang around get less secure
with time!
• Increases in computing power help the good guys and hurt the bad guys for new and short-lived messages
Security and Authentication
CS-4513, D-Term 2007 19
Two fundamental approaches
• Symmetric• Sender and receiver must share the key
• Asymmetric• Keys are paired
• Sender uses one, receiver uses its mate
Security and Authentication
CS-4513, D-Term 2007 20
Two fundamental approaches
• Symmetric• Sender and receiver must share the key there must be a secure way to get key from one to
the other
• Asymmetric• Keys are paired
• Sender uses one, receiver uses its mate there must be a secure way to get key from one to
the other
Security and Authentication
CS-4513, D-Term 2007 21
Secret key cryptography(Symmetric)
f (T,K) g (C,K)Cleartext Cleartext
K K
CyphertextT TC
Security and Authentication
CS-4513, D-Term 2007 22
Secret Key Methods
• DES (56 bit key)
• IDEA (128 bit key)• http://www.mediacrypt.com/community/index.asp
• Triple DES (three 56 bit keys)
• AES– From NIST, 2000– choice of key sizes up to 256 bits and more– Commercial implementations available