940 likes | 956 Views
Why Computer Security. The past decade has seen an explosion in the concern for the security of information Malicious codes (viruses, worms, etc.) caused over $28 billion in economic losses in 2003 and $67 billion in 2006! Security specialists markets are expanding !
E N D
Why Computer Security • The past decade has seen an explosion in the concern for the security of information • Malicious codes (viruses, worms, etc.) caused over $28 billion in economic losses in 2003 and $67 billion in 2006! • Security specialists markets are expanding ! • “Salary Premiums for Security Certifications Increasing” (Computerworld 2007) • Up to 15% more salary • Demand is being driven not only by compliance and government regulation, but also by customers who are "demanding more security" from companies • US Struggles to recruit compute security experts (Washington Post Dec. 23 2009) 1
Why Computer Security (cont’d) • Internet attacks are increasing in frequency, severity and sophistication • The number of scans, probes, and attacks reported to the DHS has increased by more than 300 percent from 2006 to 2008. • Karen Evans, the Bush administration's information technology (IT) administrator, points out that most federal IT managers do not know what advanced skills are required to counter cyberattacks. 2
Why Computer Security (cont’d) • Virus and worms faster and powerful • Cause over $28 billion in economic losses in 2003, growing to over $75 billion in economic losses by 2007. • Code Red (2001): 13 hours infected >360K machines - $2.4 billion loss • Slammer (2003): 15 minutes infected > 75K machines - $1 billion loss • Spams, phishing … • New Internet security landscape emerging: BOTNETS ! • Conficker/Downadup (2008): infected > 10M machines • MSFT offering $250K reward 3
Outline • History of Security and Definitions • Overview of Cryptography • Symmetric Cipher • Classical Symmetric Cipher • Modern Symmetric Ciphers (DES and AES) • Asymmetric Cipher • One-way Hash Functions and Message Digest 4
Objectives • Understand the four cornerstones of information security • Understand the three major classes of crypto methods and their difference, pros and cons • Be able to apply the latest crypto standards 5
The History of Computing • For a long time, security was largely ignored in the community • The computer industry was in “survival mode”, struggling to overcome technological and economic hurdles • As a result, a lot of comers were cut and many compromises made • There was lots of theory, and even examples of systems built with very good security, but were largely ignored or unsuccessful • E.g., ADA language vs. C (powerful and easy to use) 6
Computing Today is Very Different • Computers today are far from “survival mode” • Performance is abundant and the cost is very cheap • As a result, computers now ubiquitous at every facet of society • Internet • Computers are all connected and interdependent • This codependency magnifies the effects of any failures 7
Biological Analogy • Computing today is very homogeneous. • A single architecture and a handful of OS dominates • In biology, homogeneous populations are in danger • A single disease or virus can wipe them out overnight because they all share the same weakness • The disease only needs a vector to travel among hosts • Computers are like the animals, the Internet provides the vector. • It is like having only one kind of cow in the world, and having them drink from one single pool of water! 8
The Flash Worm • Slammer worm infected 75,000 machines in <15 minutes • A properly designed worm, flash worm, can take less than 1 second to compromise 1 million vulnerable machines in the Internet • The Top Speed of Flash Worms. S. Staniford, D. Moore, V. Paxson and N. Weaver, ACM WORM Workshop 2004. • Exploit many vectors such as P2P file sharing, intelligent scanning, hitlists, etc. 10
The Definition of Computer Security • Security is a state of well-being of information and infrastructures in which the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable • Security rests on confidentiality, authenticity, integrity, and availability 11
The Basic Components • Confidentiality is the concealment of information or resources. • E.g., only sender, intended receiver should “understand” message contents • Authenticity is the identification and assurance of the origin of information. • Integrity refers to the trustworthiness of data or resources in terms of preventing improper and unauthorized changes. • Availability refers to the ability to use the information or resource desired. 12
Security Threats and Attacks • A threat/vulnerability is a potential violation of security. • Flaws in design, implementation, and operation. • An attack is any action that violates security. • Active adversary • An attack has an implicit concept of “intent” • Router mis-configuration or server crash can also cause loss of availability, but they are not attacks 13
Friends and enemies: Alice, Bob, Trudy • well-known in network security world • Bob, Alice (lovers!) want to communicate “securely” • Trudy (intruder) may intercept, delete, add messages Alice Bob data, control messages channel secure sender secure receiver data data Trudy 14
Eavesdropping - Message Interception (Attack on Confidentiality) • Unauthorized access to information • Packet sniffers and wiretappers • Illicit copying of files and programs B A Eavesdropper 15
Integrity Attack - Tampering With Messages • Stop the flow of the message • Delay and optionally modify the message • Release the message again B A Perpetrator 16
Authenticity Attack - Fabrication • Unauthorized assumption of other’s identity • Generate and distribute objects under this identity B A Masquerader: from A 17
B A Attack on Availability • Destroy hardware (cutting fiber) or software • Modify software in a subtle way (alias commands) • Corrupt packets in transit • Blatant denial of service (DoS): • Crashing the server • Overwhelm the server (use up its resource) 18
Classify Security Attacks as • Passive attacks - eavesdropping on, or monitoring of, transmissions to: • obtain message contents, or • monitor traffic flows • Active attacks – modification of data stream to: • masquerade of one entity as some other • replay previous messages • modify messages in transit • denial of service 19
Group Exercise Please classify each of the following as a violation of confidentiality, integrity, availability, authenticity, or some combination of these • John copies Mary’s homework. • Paul crashes Linda’s system. • Gina forges Roger’s signature on a deed. 20
Outline • Overview of Cryptography • Symmetric Cipher • Asymmetric Cipher • One-way Hash Functions and Message Digest 21
Basic Terminology • plaintext - the original message • ciphertext - the coded message • cipher - algorithm for transforming plaintext to ciphertext • key - info used in cipher known only to sender/receiver • encipher (encrypt) - converting plaintext to ciphertext • decipher (decrypt) - recovering ciphertext from plaintext • cryptography - study of encryption principles/methods • cryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing key • cryptology - the field of both cryptography and cryptanalysis 22
Classification of Cryptography • Number of keys used • Hash functions: no key • Secret key cryptography: one key • Public key cryptography: two keys - public, private • Type of encryption operations used • substitution / transposition / product • Way in which plaintext is processed • block / stream 23
Secret Key vs. Secret Algorithm • Secret algorithm: additional hurdle • Hard to keep secret if used widely: • Reverse engineering, social engineering • Commercial: published • Wide review, trust • Military: avoid giving enemy good ideas 24
Unconditional vs. Computational Security • Unconditional security • No matter how much computer power is available, the cipher cannot be broken • The ciphertext provides insufficient information to uniquely determine the corresponding plaintext • Computational security • The cost of breaking the cipher exceeds the value of the encrypted info • The time required to break the cipher exceeds the useful lifetime of the info 25
Brute Force Search • Always possible to simply try every key • Most basic attack, proportional to key size • Assume either know / recognise plaintext 26
Outline • Overview of Cryptography • Symmetric Cipher • Asymmetric Cipher • One-way Hash Functions and Message Digest 27
Requirements • Two requirements for secure use of symmetric encryption: • a strong encryption algorithm • a secret key known only to sender / receiver Y = EK(X) X = DK(Y) • Assume encryption algorithm is known • Implies a secure channel to distribute key 29
Block vs Stream Ciphers • Block ciphers process messages in into blocks, each of which is then en/decrypted • Stream ciphers process messages a bit or byte at a time when en/decrypting • Many current ciphers are block ciphers, one of the most widely used types of cryptographic algorithms • Most symmetric block ciphers are based on a Feistel Cipher Structure 30
Feistel Cipher Structure • Process through multiple rounds which • partitions input block into two halves • perform a substitution on left data half • based on round function of right half & subkey • then have permutation swapping halves 31
DES (Data Encryption Standard) • Published in 1977, standardized in 1979. • Key: 64 bit quantity=8-bit parity+56-bit key • Every 8th bit is a parity bit. • 64 bit input, 64 bit output. 64 bit M 64 bit C DES Encryption 56 bits 33
DES Top View 56-bit Key 64-bit Input 48-bit K1 Generate keys Permutation Initial Permutation 48-bit K1 Round 1 48-bit K2 Round 2 …... 48-bit K16 Round 16 Swap 32-bit halves Swap Final Permutation Permutation 64-bit Output 34
DES Summary • Simple, easy to implement: • Hardware/gigabits/second, software/megabits/second • 56-bit key DES may be acceptable for non-critical applications but triple DES (DES3) should be secure for most applications today • Supports several operation modes (ECB CBC, OFB, CFB) for different applications 35
Avalanche Effect • Key desirable property of encryption alg • Where a change of one input or key bit results in changing more than half output bits • DES exhibits strong avalanche 36
Strength of DES – Key Size • 56-bit keys have 256 = 7.2 x 1016 values • Brute force search looks hard • Recent advances have shown is possible • in 1997 on a huge cluster of computers over the Internet in a few months • in 1998 on dedicated hardware called “DES cracker” by EFF in a few days ($220,000) • in 1999 above combined in 22hrs! • Still must be able to recognize plaintext • No big flaw for DES algorithms 37
DES Replacement • Triple-DES (3DES) • 168-bit key, no brute force attacks • Underlying encryption algorithm the same, no effective analytic attacks • Drawbacks • Performance: no efficient software codes for DES/3DES • Efficiency/security: bigger block size desirable • Advanced Encryption Standards (AES) • US NIST issued call for ciphers in 1997 • AES was selected in Oct-2000 38
AES • Private key symmetric block cipher • 128-bit data, 128/192/256-bit keys • Stronger & faster than Triple-DES • Provide full specification & design details • Evaluation criteria • Security: effort to practically cryptanalysis • Cost: computational efficiency and memory requirement • Algorithm & implementation characteristics: flexibility to apps, hardware/software suitability, simplicity 39
AES Shortlist • After testing and evaluation, shortlist in Aug-99: • MARS (IBM) - complex, fast, high security margin • RC6 (USA) - v. simple, v. fast, low security margin • Rijndael (Belgium) - clean, fast, good security margin • Serpent (Euro) - slow, clean, v. high security margin • Twofish (USA) - complex, v. fast, high security margin • Then subject to further analysis & comment 40
Outlines • Symmetric Cipher • Classical Symmetric Cipher • Modern Symmetric Ciphers (DES and AES) • Asymmetric Cipher • One-way Hash Functions and Message Digest 41
Private-Key Cryptography • Private/secret/single key cryptography uses one key • Shared by both sender and receiver • If this key is disclosed communications are compromised • Also is symmetric, parties are equal • Hence does not protect sender from receiver forging a message & claiming is sent by sender 42
Public-Key Cryptography • Probably most significant advance in the 3000 year history of cryptography • Uses two keys – a public & a private key • Asymmetric since parties are not equal • Uses clever application of number theoretic concepts to function • Complements rather than replaces private key crypto 43
Public-Key Cryptography • Public-key/two-key/asymmetric cryptography involves the use of two keys: • a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures • a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures • Asymmetric because • those who encrypt messages or verify signatures cannot decrypt messages or create signatures 44
Public-Key Characteristics • Public-Key algorithms rely on two keys with the characteristics that it is: • computationally infeasible to find decryption key knowing only algorithm & encryption key • computationally easy to en/decrypt messages when the relevant (en/decrypt) key is known • either of the two related keys can be used for encryption, with the other used for decryption (in some schemes) • Analogy to delivery w/ a padlocked box 46
Public-Key Cryptosystems • Two major applications: • encryption/decryption (provide secrecy) • digital signatures (provide authentication) 47
RSA (Rivest, Shamir, Adleman) • The most popular one. • Support both public key encryption and digital signature. • Assumption/theoretical basis: • Factoring a big number is hard. • Variable key length (usually 1024 bits). • Plaintext block size. • Plaintext must be “less or equal” than the key. • Ciphertext block size is the same as the key length. 48
What Is RSA? • To generate key pair: • Pick large primes (>= 512 bits each) p and q • Let n = p*q, keep your p and q to yourself! • For public key, choose e that is relatively prime to ø(n) =(p-1)(q-1), let pub = <e,n> • For private key, find d that is the multiplicative inverse of e mod ø(n),i.e., e*d = 1 mod ø(n), let priv = <d,n> 49
RSA Example • Select primes: p=17 & q=11 • Computen = pq =17×11=187 • Computeø(n)=(p–1)(q-1)=16×10=160 • Select e : gcd(e,160)=1; choose e=7 • Determine d: de=1 mod 160 and d < 160 Value is d=23 since 23×7=161= 10×160+1 • Publish public key KU={7,187} • Keep secret private key KR={23,17,11} 50