1 / 33

CS363

Week 12 - Wednesday. CS363. Last time. What did we talk about last time? Making a business case for security Quantifying security. Questions?. Project 3. Security alert: Heartbleed.

atara
Download Presentation

CS363

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Week 12 - Wednesday CS363

  2. Last time • What did we talk about last time? • Making a business case for security • Quantifying security

  3. Questions?

  4. Project 3

  5. Security alert: Heartbleed • Recall that SSL (well, TLS) is the protocol that uses public key cryptography to negotiate symmetric keys for secure web traffic • Typically shown with a small padlock icon • https sites always use SSL while http sites sometimes use it • A vulnerability was found in OpenSSL getting random snapshots of memory from the web servers running it • The bug (called CVE-2014-0160) targets the heartbeat part of SSL, which keeps the session going without traffic

  6. Security alert continued • Researchers working at Codenomicon and Google revealed the bug on April 7 • Lastpass (a password manager) and Tumblr have told their users to change their passwords • Particularly troubling is that the bug can be exploited without leaving any traces • Follow the story here: • http://bits.blogs.nytimes.com/2014/04/08/flaw-found-in-key-method-for-protecting-data-on-the-internet/?_php=true&_type=blogs&hp&_r=0

  7. Widespread impact • Who is affected? • Oh, everyone • Compromised versions of OpenSSL have been available since December 31, 2011, with widespread adoption on March 14, 2012 • OpenSSL is used on  Apache and nginx webservers • Combined they account for 2/3 of all websites in the world • SSL is also used for e-mail authentication and lots of other stuff • Bruce Schneier called the bug "catastrophic" and said, "On the scale of 1 to 10, this is an 11." • Essentially everyone should change all passwords for everything

  8. Consequences • Any password on any site that uses OpenSSL has potentially been revealed to the world • The passwords protecting the servers themselves have potentially been exposed • Intelligence agencies could very easily have stolen everyone's passwords and secret information • It's possible that private keys signing SSL certificates have been stolen • Lots of certificates will need to be reissued

  9. Security alert: What can you do? • The authoritative site for information is: • http://heartbleed.com/ • Test sites you're worried about: • http://filippo.io/Heartbleed/ • This site has some good tips: • http://blog.agilebits.com/2014/04/08/imagine-no-ssl-encryption-its-scary-if-you-try/ • Ironically, you might want to wait to change your passwords • If you change them before the servers are patched, you're increasing your exposure • Now's a great time to start using two-factor security

  10. XKCD commentary

  11. Modeling Cybersecurity

  12. Economic questions • Key questions a business needs to answer to make security decisions are: • How much should be invested in security to protect assets with a given value? • What is the likely impact of a security breach? • What are the costs and benefits of sharing information? • Economics is the science of general decision making, and we can look to that field for models

  13. A dizzying array of models • Some research shows that it doesn't make sense to increase security investment as the vulnerability of an asset increases • Past some point, it's too expensive to protect really vulnerable assets • A security breach can have a devastating impact on stock price • But research shows that the market reaction is small when no confidential information is exposed

  14. Game theory • The subfield of economics that studies strategic decision making is called game theory • Game theory generally assumes rational agents who seek to make a decision that maximizes their utility function (often described in terms of money) • We can try to characterize decisions about cybersecurity in a game theory framework

  15. Game theory example • When the game is simple enough, game theory will look at it as a payoff matrix • A classic example is the Battle of the Sexes game, in which the woman wants to go to the opera, but the man wants to go to the football game • However, both enjoy being together more than going to their preferred events

  16. Prisoner's dilemma • Another example of game theory is the Prisoner's Dilemma • Two criminals are captured by the police • Both can be convicted on a lesser charge • If one rats on the other, they can get them on a bigger charge • Each has the option to rat or stay quiet • From a game theory perspective, it's always better to rat

  17. Game theory in security decisions • Companies are in competition with other companies • Thus, they may make security decisions based on what other companies do • Research indicates that when two companies A and B are competing, a game theory model reveals the following: • If A shares more information about security breaches with B, B shares more and also invests more in security • If A and B have a product that can be substituted for the other's, information sharing and security investment for A and B both increase • Security breach information sharing and security investment increase with firm size and industry size

  18. Other issues • Game theory is only one approach, and it assumes rational agents • Humans are not rational • When payoff is small, people focus on the risk • When the risk is small, people focus on the payoff • Security decisions are made in groups • Research shows that groups tend to have more extreme views than individuals • Dominant personalities (whether innately dominant or because of positions of power) tend to affect outcomes greatly

  19. Organizational culture • Security decisions are also made in the context of an organization culture • Different organizations value different things • An organization's practices are made up of the following: • Symbols • Jargon, gestures, pictures, objects • Heroes • Role models and accomplished practitioners • Rituals • Anything socially important but not essential to the business • These practices stem from the organization's values

  20. Characterizing organization culture • One way to look at an organizational culture is to see where it falls on various spectrums • These spectrums are not intended to be positive or negative • A company can make either extreme or something in the middle useful

  21. The right approach for the right job • When you make security recommendations, make sure that they are a good fit for your employer • Results-driven businesses might prefer penetrate-and-patch to best-practice training • Professional organizations might certify its security professionals, but parochial ones might reward developers with the fewest flaws • Normative organizations might develop a security methodology that is always used, but pragmatic ones might have a project-by-project strategy • If all your suggestions are bad fits for your job, are you at the wrong place?

  22. Economics wrap-up • Economics and privacy • Differential pricing means that you get better prices if you let companies record your data • Loyalty cards at supermarkets, Amazon, Gilt… • What are the tradeoffs? • Economics and integrity • Disclosing software flaws means that more people can attack • But it also encourages companies to fix flaws faster • Economics and regulation • Can the market fix itself through capitalism? • If not, the government has to regulate security • Some research shows that piracy does not hurt the music industry • An externality is a situation where someone feels an economic impact without being involved in the market or negotiations • Example: You leave the lights in your dorm room on all the time because you don't pay the electric bill

  23. Encryption Modes

  24. Encryption modes • We never discussed these three main encryption modes when we were discussing cryptography • You shouldn't leave the class without knowing about them • In Project 2, many of you created working implementations of AES • These implementations have a significant security flaw if operated as they were in Project 2

  25. Electronic Codebook Mode • A number of different encryption modes were proposed for DES • Most of these modes can be used by any block cipher • Electronic Codebook Mode (ECB) is the simplest (and least secure) • In ECB, each block (64 bits in DES) is independently encrypted with the same key • ECB is only recommended for sending a single block P1 P2 P3 Encrypt Encrypt Encrypt K K K C1 C2 C3

  26. Problems with ECB • ECB is not considered secure for arbitrary length messages • The problem: • Block A encrypted with key K will always look the same • If the attacker can learn the value of block A through other channels, he or she will be able to recognize it when it is sent later • Even if the value of block A is never known, a repeated block means that part of the message repeats a previous message • When the two following modes are used, the encrypted value of block A is dependent on previous blocks

  27. Cipher Block Chaining Mode • Cipher Block Chaining (CBC) is acceptable for general purpose block transmission and authentication • The input to the encryption is the XOR of the next block of plaintext with the previous block of ciphertext P1 P3 P2 Encrypt Encrypt Encrypt K K K C1 C2 C3

  28. Cipher Feedback Mode • Cipher Feedback (CFB) is also acceptable for general purpose block transmission and authentication • The input to the encryption is the previous block of ciphertext, generating a pseudorandom value, which is XOR'd with the current block of plaintext IV Encrypt Encrypt Encrypt K K K P3 P2 P1 C3 C1 C2

  29. Semantic security • A cryptosystem is semantically secure if (with high probability) no additional information about a message can be gained from its ciphertext in polynomial time • It's like perfect secrecy but with computational complexity built-in • Using CBC or CFB increases semantic security since identical message blocks are usually not encrypted the same way

  30. Quiz

  31. Upcoming

  32. Next time… • Privacy principles and policies • Exam 2 post mortem

  33. Reminders • Read Chapter 10 • Keep working on Project 3 Phase 1 • Talk on the Shadow programming language • Tonight in E281 at 6pm

More Related