290 likes | 377 Views
Class on Security. Raghu. Current state of Security. Cracks appear all the time Band Aid solutions Applications are not designed properly OS designs are not good Internet is a can of worms Hardware is secure. Applications. Operating System. Hardware. Problems. Badly designed Libraries
E N D
Class on Security Raghu
Current state of Security • Cracks appear all the time • Band Aid solutions • Applications are not designed properly • OS designs are not good • Internet is a can of worms • Hardware is secure Applications Operating System Hardware
Problems • Badly designed Libraries • Trojans exploit Buffer Overflow attack – read exploits on MDAC • Most attacks originate on the Internet • How? • Social Engineering • Messenger • Mail
Problems Continued • Credit Card thefts are quite common • Passwords are stolen • Social Security is stolen • Why? • Shared secret • Is shared secret really a secret? • No
Solutions • None! • Not really, none in the current set up • So what can be done? • Some sort of overhaul is required • So what can we do to avoid shared secret?
The first step • Public – Private Key encryption • You encrypt/decrypt using one key, and the corresponding decryption/encryption happens through the other key. • If encryption is done using public key, decryption is done using private key, and vice versa.
Your public Key is known to everyone. Only you have the private key. All authentication based on challenge response Your private key is never exposed* * Standard terms and conditions apply Public – private key contd
Example of a Secure System • SSL – Secure Sockets Layer • Based on Public Private Key • Server’s Public key is stored at the client side • Data exchanged is encrypted with session key
SSL connection establishment • Client hello • Server hello • Client sends session key, password • Communication is encrypted using session key
SSL • Can someone impersonate server? • As long as the client knows the public key of the server - NO
SSL continued • SSL was designed even before the internet was up. • SSL is well thought through. It is a nice example of public – private key scheme that works. • Public – Private key systems should replace Shared Secret systems
Digital Certificates Alice goes and asks Bob for a certificate. Bob generates* a public – private key pair and gives it to Alice. Bob generates a document and places on it the following Alice’s Name/Info Alice’s public Key Bob’s Info which can be the Certificate Signature ALICE Pub Key of Alice Bob’s Info – [certificate] Signature * Is this Completely Correct?
Signature?? • Bob takes Alice’s Public key and finds its Hash • Then he encrypts the above value with his private key • This is the signature Bob’s Private Key Kpriv[B] RSA Encryptor Public Key Kpub [A] Hashing Algorithm Priv[B]{H(Kpub[A])} H(Kpub[A])
So what is a signature • Your Identity • The certificate proves that you are indeed who you claim you are. • So can I get a certificate in the name Ronaldo Luiz Nazário de Lima • Yes • Then what is the point?
You are who you claim? • I claim to be a person, say Ronaldo for instance. • I produce a certificate saying the holder of this certificate is Ronaldo • Now If I do have the private key corresponding to the public key on the certificate, then I am indeed the person who owns the certificate.
So where does that leave us • Suppose Alice wants to talk to the server Bob • How does Bob know if Alice is indeed Alice? • Digital Certificates helps Bob identify Alice • Suppose Bob trusts Trent • Alice has a certificate signed by Trent, which says – this certificate belongs to Alice • Bob Sees the certificate and agrees that Alice is indeed Alice. • Can Mallory steal the certificate and pose as Alice to Bob?
Stolen Certificates? • We show our digital certificate everywhere for authentication. • So can someone who has seen the certificate not replicate it. • Sure, Yes. • So what good is a certificate
Challenge Response • This problem is solved by challenge response. • Mallory has Alice’s certificate • Does she become Alice • Bob does a challenge response. • He sends a random number encrypted in the public key on the certificate. • If Mallory produces the random number from the encrypted value, great, impersonation achieved • Otherwise she is not the holder of the certificate.
So where can certificates be used • Authentication • If I have a certificate from ASU, I can get authenticated using my certificate. • No ASU id required • No password required • If I have a certificate from my bank, I can log on to the Bank’s website without a password. • Moreover, If I have a certificate from the government, do I need to show my Social Security Number at every step?
Recap • Shared Secrets are pretty much shared non secrets • Why? A password is entered on every computer that you have to log on. • My Social Security # is in a number of offices. • Wherever I worked on campus • Division of Graduate Studies • Human Resources • Financial Aid Services • Great, so how many people know my secret? • I have lost count
Recap • We saw two protocols that work • Why do they work • They are NOT based on shared secrets • If we all shift to using the public private key system, my private key will never be revealed* *Blah, Blah Apply Will tell the reason in a few slides
Fixing Bad designs • We saw how to fix the problem of authentication using Public Private Key systems • We saw how to get rid of shared secrets • What about credit cards? • That is another mess that can be cleaned
Fixing Credit Cards • Bob – card Provider • Alice – card holder • Bob provides a credit card based on Public – private key • Alice signs the hash of a bill using the private key • Bob decrypts the sign using Alice’s public key
Small Terms and Conditions • Private Key of a digital certificate is stored on a computer • How secure is a computer • Not very secure • What can a Virus do? • Delete files, format system…., • No this is old hat • Steal your Private Key. • Your certificate is as good as nothing • It can install a spurious certificate
Viruses • How many trojans*/ viruses in the open • Probably thousands * NOT USC Trojans
How is a computer made secure • Anti – Virus • Firewall • Anti Spyware …. …. …. • So these software protect the Computer • Now who protects these software?
Attacks on Anti viruses • Anti virus is a process • It can be easily identified • It can be killed • It can be patched on • Examples • SpamThru Trojan • Beast • Win32.Glieder.AF
So what am I doing • Trying to create an anti virus process that is undetectable • A funky name coined for this project is • “The Undetectable Virus Detector” • Steganography principles