470 likes | 687 Views
Security- Chapter 7. By Carrie Mace And Bill Coley. Chapter 7: Security. 7.1 Introduction 7.2 Overview of Security Techniques 7.3 Cryptographic algorithms 7.4 Digital Signatures 7.5 Cryptographic Pragmatics 7.6 Case Studies. Overview.
E N D
Security- Chapter 7 By Carrie Mace And Bill Coley
Chapter 7: Security 7.1 Introduction 7.2 Overview of Security Techniques 7.3 Cryptographic algorithms 7.4 Digital Signatures 7.5 Cryptographic Pragmatics 7.6 Case Studies
Overview • Security is needed to guarantee the privacy, integrity and availability of resources • Designers of secure distributed systems must cope with the possibility of exposed service interfaces and insecure networks
Types of Service Attacks • Masquerading • Tampering • Denial of Service
Cryptography • Provides the basis for the authentication of messages as well as their secrecy and integrity • Cryptographic algorithms and the management of keys are critical to the security mechanisms effectiveness
Where Are Security Measures Needed • In any computer system that is a possible target for attacks • Especially important for financial systems or systems that handle confidential data • Need for protection arises from the desire to share resources • Security mechanisms are used to ensure security policies are enforced
Threats and Attacks • Security Threats fall into three categories • Leakage which is the acquisition of information by unauthorized recipients • Tampering which is the unauthorized alteration of information • Vandalism which is the interference with the proper operation of a system without gain to the perpetrator
Channel misuse • Methods of attacks can be further classified according to the way in which a channel is misused • Eavesdropping which is copies of messages without authority • Masquerading is sending or receiving messages using the identity of another principal without their authority
Channel Misuse-Continued • Message Tampering is intercepting messages and altering their contents before passing them on to the intended recipient • Replaying is storing intercepted messages and sending them at a later date • Denial of service is flooding channels or other resource with messages in order to deny access for others
Threats from Mobile Code • Several programming languages have been designed to enable programs to be loaded into a process from a remote server and then executed locally • Internal interfaces and objects within an executing process may be exposed to attack by mobile code
Java -Threats from Mobile Code • The sandbox model of protection against mobile code • The Java Virtual Machine gives each application its own environment in which to run • Each environment has a security manager that determines which resources are available to the application
Information Leakage • If a transmission of a message between two processes can be observed then information can be gained from its mere existence • Potential for leakage arises whenever the results of a computation can be observed
Securing Electronic Transaction -Types • E-mail –contents of message might need to be secured • Purchase of Goods and Service – need to secure private purchases data and sometimes the product itself • Banking Transactions – must secure customers private banking information • Micro-Transactions – supply of small quantities of information to many customers at a low cost
Requirements for Securing Web Purchases • Authenticate the vendor to the buyer • Keeping buyer’s credit card and payment detail from falling into unauthorized hands and keeping the information accurate from buyer to vendor • If goods are downloadable they also need to be secured from third parties and accurate when they reach the buyer • Authenticate the identity of the account holder to the bank
Designing Secure System • The big dilemma is that the designer aims to exclude all possible attacks and loop holes but it is difficult to plan for all possible attacks • There is always a balance act between costs and threats and convenience
Cryptography • Encryption is the process of encoding a message to hide its content • Uses several secure algorithms for encrypting and decrypting messages • Based on the use of secret keys • Two main classes of encryption algorithms • Shared secret keys where the sender and receiver share knowledge of the key • Public/Private keys where the sender of the message uses the public key to encrypt the message and the receiver uses the private key to decrypt the message
Uses of Cryptography • Three major uses • Secrecy and Integrity • Authentication • Digital Signatures
Cryptography – Secrecy and Integrity • Exploits the fact that a message that is encrypted with a particular encryption key can only be decrypted by a recipient who knows the corresponding decryption key • As long as the decryption key is not compromised and the encryption algorithm is strong enough to defeat possible attempts to crack it the message will remain a secret • It can also help maintain integrity if the encrypted algorithm contains things like check sum
Cryptography - Authentication • Cryptography is used in support of mechanisms for authentication communication between pairs and principals • A principal who decrypts a message can successfully using a particular key can assume that the message is authenticated if it contains the correct checksum • Can infer that the sender of the message possessed the corresponding encryption key and hence deduce the identity of the sender if the key is only known to two parties
Cryptography – Digital Signatures • Implemented by cryptography • Verifying to a third party that a message or a document is an unaltered copy of one produced by the signer • Digital signatures are based upon the irreversible binding to the message or document of a secret known only to the signer • Achieved by encrypting the message or a compression form of the message called a digest
Certificates • A digital certificate is a document containing a statement signed by a principal • For a certificate to be useful the following is required: • A standard format and representation for them so that certificate issuers and certificate users can successfully construct and interpret them • Agreement on the manner in which chains of certificates are constructed and in particular the notion of trusted authority • There is sometimes a need to revoke a certificate since it is expensive to track down and delete all certificates, this is usually addressed with an expiration date included in the signature
Cryptography Algorithm • A message is encrypted by the sender applying some rule to transform the plaintext message to a ciphertext • Recipient must know the inverse rule in order to transform the ciphertext into the original plaintext • Other principals are unable to decipher the message unless they know the inverse rules
7.4 Digital Signatures • Handwritten signatures are used to meet the needs of document recipients to very that the document is : • Authentic • Unforgeable • Non-repudiable • Digital documents are easy to generate, copy, and alter. Simply appending the identity of the originator to a document has no value.
Digital Signing • An electronic document or message M can be signed by a principal A by encrypting a copy of M with a key KA and attaching it to a plaintext copy of M and A’s identifier. • Signed document will be of the form: M, A, [M]KA. • By verifying the signature the recipient can be assured the message was unaltered and originated by A.
Digital Signing • If a secret key is used to encrypt the document, only others who share the secret key can verify the signature. • If public-key cryptography is used, the signer uses her private key, and anyone who has the corresponding public key can verify the signature. • The public-key method is more analogous to a written signature.
Digest Functions • Also called secure hash functions and denoted H(M). • Must be carefully designed to ensure that H(M) is different from H(M’) for all values of M, and M’.
7.4.1 Digital signatures with public keys • Relatively simple and does not require communication between recipient and signer. 1. A generatesa key pair KPUB and KPRIV and publishes the public key KPUB. 2. A computes the digest of M, H(M) with an agreed hash function and encrypts it with KPRIV to produce the signature S = {H(M)} KPRIV 3. A sends the signed message [M]K = M,S to B 4. B decrypts S using KPUB and computes the digest of M, H(M). If they match, the signature is valid.
7.4.2 Digital signatures with secret keys - MACs • To verify, the secret key must be shared • Problems: 1. Signer must arrange for the verifier to receive the secret key 2. It may be necessary to verify a signature in several contexts, and at different times 3. Disclosure weakens the security of signatures made with that key. • Exception: message authentication codes (MAC) - requires a secure channel.
Message authentication code (MAC) • Depends on the existence of a secure channel through which the shared key can be distributed. 1. A generates a random key K for signing and distributes it through secure channels 2. For any document M to be signed: h = H(M + K) Then the message sent is [M]K = M, h 3. Receiver B computes h’ = H(M + K) using the secret, shared key. Signature is verified if h = h’ • The digest h is a MAC
7.4.3 Secure Digest Functions • A secure digest function h = H(M) should have the following properties: 1. Given M, it is easy to compute h 2. Given h, it is hard to compute M 3. Given M, it is hard to find another message M’, such that H(M)=H(M’) • Vulnerable to the birthday attack, where an alternate M’ is found to hash the same as M.
Secure Digest Functions • Similar to symmetric cryptography but does not preserve information. • MD5 • SHA • Using an encryption algorithm to make a digest • Used in CBC mode
7.4.4 Certificate standards and certificate authorities • X.509 is the most widely used standard format for certificates • Structure and content of X.509 Certificate: • Subject Distinguished Name, Public Key • Issuer Distinguished Name, Signature • Period of Validity Not before & not after dates • Administrative Info Version, Serial Number • SPKI - Simple Public-key Infrastructure • recent proposal enables chains of certificates
7.5.1 Performance of cryptographic algorithms Table 7.5.1
7.5.2 Applications of cryptography and political obstacles • Algorithms described in this chapter emerged in the 1980’s and 1990’s • Strongly resisted by the US government • Cryptographic software had stringent export restrictions • US software companies protested • Current position - software that implements most of the major algorithms has been available worldwide for several years
Applications of cryptography and political obstacles • Example: PGP (Pretty Good Privacy) • Generates and manages public and secret keys on behalf of a user • In Jan. 2000 US government changed its policy on exported software. • Current proposals want to require the inclusion of loopholes for gov’t law enforcement, and security agencies
7.6.1 The Needham and Schroeder authentication protocol • Solution to authentication and key distribution using authentication server • Authentication server maintains a table containing a name and secret key for each principal known to the system. • Protocol is based on the use of tickets from the authentication server.
Needham-Schroeder • NA and NB are nonces • Nonces are used only once, and generated on demand
7.6.2 Kerberos • Developed at MIT in the 1980’s • Deals with three kinds of security objects: • Ticket • Authentication • Session Key • Client processes must possess a ticket for each server that they use (most have a lifetime of several hours)
Kerberos • Figure 7.16 System architecture of Kerberos
Kerberos • A Kerberos server is known as a Key Distribution Center (KDC), supplying: • Authentication Service (AS) • Ticket-Granting Service (TGS)
7.6.3 Securing electronic transactions with secure sockets • Secure Socket Layer protocol (SSL) • SSL is supported by most browsers and is widely used in Internet commerce. • Algorithms used for encryption and authentication are negotiated between the two processes • The only requirement is for public-key certificates recognized by both parties
Low-value electronic transactions: The Millicent protocol • A scheme for the secure distribution of scrip - a specialized form of digital cash for use in low value transactions • Scalable: each vendor’s server is responsible only for validating the scrip that it has issued.
The Millicent protocol • Scrip is designed to offer the following features: • it has value only at a specific vendor • it can be spent only once • it is tamper-resistant and hard to counterfeit • it can be spent only by its rightful owner • it can be produced and validated efficiently
The Millicent protocol • Scrip is represented by digital tokens with the following format: Vendor Value Scrip ID Cust ID Expiry date Properties Certificate • Properties field - for vendor defined uses. i.e. for applying correct taxes • Certificate field - digital signature protecting all the fields in the scrip from modification (MAC method)