Security

 

Objectives

 

·       To discuss security threats and attacks

·       To explain the fundamentals of encryption & authentication.

·       To examine the uses of cryptography in computing

·        To describe the various countermeasures to security attacks

 

Security Violations

 

§  Categories

ü Breach of confidentiality

ü Breach of integrity

ü Breach of availability

ü Theft of service

ü Denial of service

 

§  Methods

ü Masquerading (breach authentication)

ü Replay attack

ü Message modification

ü Man-in-the-middle attack

 

Standard Security Attacks

 

 

Security Measure Levels

 

§  Security must occur at four levels to be effective:

ü Physical

ü Human: Avoid social engineering, phishing.

ü Operating System

ü Network

§  Security is as weak as the weakest link in the chain

 

Program Threats

 

Trojan Horse

Code segment that misuses its environment:

Spyware, pop-up browser windows, covert channels

 

Trap Door

Specific user identifier or password that circumvents normal security procedures

 

Logic Bomb

Program that initiates a security incident under certain circumstances

 

Stack & Buffer Overflow

Exploits a bug in a program (overflow either the stack or memory buffers)

 

C Program with Buffer-overflow Condition

 

Bufferoverflow.c

 

#define MemSize 10

int
main(int argc, char *argv[])
{

     char            buf1[10];
     char            buf2[10];
     char           *buf3 = malloc(MemSize);
     char           *buf4 = malloc(MemSize);

     strncpy(buf1, argv[1], sizeof(buf1));
     printf("stack buf1 ncpy: %s\n", buf1);
    

     strcpy(buf2, argv[1]);
     printf("stack buf2: %s\n", buf2);
    
     strncpy(buf3, argv[1], MemSize);
     printf("heap buf3 ncpy:%s\n", buf3);

     strcpy(buf4, argv[1]);
     printf("heap buf4: %s\n", buf4);
    
}

 

To Run:

 

% bufferoverflow 0123456789abdelwahab

stack buf1 ncpy: 0123456789

stack buf2: 0123456789abdelwahab

heap buf3 ncpy:0123456789

heap buf4: 0123456789abdelwahab

 

% bufferoverflow 0123456789abdelwahab0123456789

stack buf1 ncpy: 0123456789

stack buf2: 0123456789abdelwahab0123456789

Segmentation fault (core dumped)

 

System and Network Threats

 

Internet worm

Exploited UNIX networking features (remote access) and bugs in  finger and  sendmail  programs

 

Port scanning

Automated attempt to connect to a range of ports on one or a range of IP addresses

 

Denial of Service

ü Overload the targeted computer to prevent it from doing any useful work

ü Distributed denial-of-service (DDOS) come from multiple sites at once

 

Secure Communication over Insecure Medium

 

 

 

Symmetric Encryption

 

                    (encryption)
plaintext  >>>>>>>>> ciphertext
                            |
                          key
                            |
ciphertext   >>>>>>>> plaintext
                   (decryption)

 

ü Same key used to encrypt and decrypt

ü DES is most commonly used symmetric block-encryption algorithm (created by US Govt)

ü Triple-DES considered more secure

ü Advanced Encryption Standard (AES)

 

Example: XOR encryption/decryption

 

Message M = 7 (111)

Key  K = 4 (100)

 

C = E(K, M) = M XOR K = 111 XOR 100 = 011 = 3

M = D(K, C) = C XOR K = 011 XOR 100 = 111 = 7

 

 

Asymmetric Encryption

 

 

Each individual has two keys:

 

ü private key (not revealed to anyone)

 

ü public key (make it known to everyone)

 

 

                  (encryption)
plaintext   >>>>>>>>>> ciphertext
                             |
                      public key

                      private key
                             |
ciphertext   >>>>>>>>> plaintext
                  (decryption)

 

Example:

 

          Public Key (5, 91) &

 

 Private Key (29, 91)

 

          M = 69.

 

C  = 69 ** 5 mod 91   = 62

M = 62 ** 29 mod 91 = 69

 

 

 

 

 

 

 

Authentication – Hash Functions

 

Also known as:  message digest, fingerprint,  one-way function  

The hash of a message m, h=H(m) has the following properties:

ü  Given m, it is easy to compute h.

ü  Given h, it is hard to compute m.

ü  Given m, it is hard to find another m' such that H(m) = H(m').

ü  It is hard to find m1 and m2 such that H(m1) = H(m2).

Common message-digest functions include MD5, which produces a 128-bit hash,

and SHA-1, which outputs a 160-bit hash

 

 

Authentication

 

 MAC message-authentication code

Send (m,h) where h = H(m|K)     >>>>>     Got (m,h) is OK if h = H (m|K)

K is the shared secret

 

Digital Signature

 

                      (signing)
plaintext   >>>>>>>>> ciphertext
                           |
                    private key

                    public key
                          |
ciphertext   >>>>>>>> plaintext
                 (verification)

 

 

Key Distribution

 

Digital Certificates: Proof of who owns a public key

 

ü It is a Public key digitally signed by a trusted party

ü Trusted party receives proof of identification from entity and certifies that public key belongs to entity

ü Certificate authority (CA) are trusted party – their public keys included with web browser distributions

 

 

Example – SSL

 

ü SSL – Secure Socket Layer.

ü Used between web servers and browsers for secure communication (credit card numbers)

ü The server is verified with a certificate assuring the client that it is talking to the correct server

ü Asymmetric cryptography used to establish a secure session key (symmetric encryption)

for bulk of communication during session

 

User Authentication

 

·        User identity most often established through passwords,

·        Passwords must be kept secret

ü Frequent change of passwords

ü Use of “non-guessable” passwords