Security
Objectives
· To discuss security threats and attacks
· To explain the fundamentals of encryption & authentication.
· To examine the uses of cryptography in computing
· To describe the various countermeasures to security attacks
Security Violations
§ Categories
ü Breach of confidentiality
ü Breach of integrity
ü Breach of availability
ü Theft of service
ü Denial of service
§ Methods
ü Masquerading (breach authentication)
ü Replay attack
ü Message modification
ü Man-in-the-middle attack
Standard Security Attacks
Security Measure Levels
§ Security must occur at four levels to be effective:
ü Physical
ü Human: Avoid social engineering, phishing.
ü Operating System
ü Network
§ Security is as weak as the weakest link in the chain
Program Threats
Trojan Horse
Code segment that misuses its environment:
Spyware, pop-up browser windows, covert channels
Trap Door
Specific user identifier or password that circumvents normal security procedures
Logic Bomb
Program that initiates a security incident under certain circumstances
Stack & Buffer Overflow
Exploits a bug in a program (overflow either the stack or memory buffers)
C Program with Buffer-overflow Condition
Bufferoverflow.c: strncpy vs. strcpy
#define
MemSize 10
int
main(int argc, char *argv[])
{
char
buf1[10];
char buf2[10];
char *buf3 = malloc(MemSize);
char *buf4 = malloc(MemSize);
strncpy(buf1, argv[1], sizeof(buf1));
printf("stack buf1 ncpy: %s\n", buf1);
strcpy(buf2, argv[1]);
printf("stack buf2: %s\n", buf2);
strncpy(buf3, argv[1], MemSize);
printf("heap buf3 ncpy:%s\n", buf3);
strcpy(buf4, argv[1]);
printf("heap buf4: %s\n", buf4);
}
To Run:
% bufferoverflow 0123456789abdelwahab
stack buf1 ncpy: 0123456789
stack buf2: 0123456789abdelwahab
heap buf3 ncpy:0123456789
heap buf4: 0123456789abdelwahab
% bufferoverflow 0123456789abdelwahab0123456789
stack buf1 ncpy: 0123456789
stack buf2: 0123456789abdelwahab0123456789
Segmentation fault (core dumped)
System and Network Threats
Internet worm
Exploited UNIX networking features (remote access) and bugs in finger and sendmail programs
Port scanning
Automated attempt to connect to a range of ports on one or a range of IP addresses
Denial of Service
ü Overload the targeted computer to prevent it from doing any useful work
ü Distributed denial-of-service (DDOS) come from multiple sites at once
Secure Communication over Insecure Medium
(encryption)
plaintext >>>>>>>>>
ciphertext
|
key
|
ciphertext >>>>>>>>
plaintext
(decryption)
ü Same key used to encrypt and decrypt
ü DES is most commonly used symmetric block-encryption algorithm (created by US Govt)
ü Triple-DES considered more secure
ü Advanced Encryption Standard (AES)
Example: XOR encryption/decryption
Message M = 7 (111)
Key K = 4 (100)
C = E(K, M) = M XOR K = 111 XOR 100 = 011 = 3
M = D(K, C) = C XOR K = 011 XOR 100 = 111 = 7
Each individual has two keys:
ü private key (not revealed to anyone)
ü public key (make it known to everyone)
(encryption)
plaintext >>>>>>>>>
ciphertext
|
Public key
Private
key
|
ciphertext >>>>>>>>
plaintext
(decryption)
Example:
Public Key (5, 91) &
Private Key (29, 91)
M = 69.
C = 69 ** 5 mod 91 = 62
M = 62 ** 29 mod 91 = 69
Authentication – Hash Functions
Also known as: message digest, fingerprint, one-way function
The hash of a message m, h=H(m) has the following properties:
ü Given m, it is easy to compute h.
ü Given h, it is hard to compute m.
ü Given m, it is hard to find another m' such that H(m) = H(m').
ü It is hard to find m1 and m2 such that H(m1) = H(m2).
Common message-digest functions include MD5, which produces a 128-bit hash,
and SHA-1, which outputs a 160-bit hash
Authentication
MAC message-authentication code
Send (m,h) where h = H(m|K) >>>>> Got (m,h) is OK if h = H (m|K)
K is the shared secret
Digital Signature
(signing)
plaintext >>>>>>>>>
ciphertext
|
private key
Public
key
|
ciphertext >>>>>>>>
plaintext
(verification)
Key Distribution
Digital Certificates: Proof of who owns a public key
ü It is a Public key digitally signed by a trusted party
ü Trusted party receives proof of identification from entity and certifies that public key belongs to entity
ü Certificate authority (CA) are trusted party – their public keys included with web browser distributions
Example – SSL
ü SSL – Secure Socket Layer.
ü Used between web servers and browsers for secure communication (credit card numbers)
ü The server is verified with a certificate assuring the client that it is talking to the correct server
ü Asymmetric cryptography used to establish a secure session key (symmetric encryption)
for bulk of communication during session
User Authentication
· User identity most often established through passwords,
· Passwords must be kept secret
ü Frequent change of passwords
ü Use of “non-guessable” passwords