1 / 48

Cyber Attacks and Cryptography Overview

Cyber Attacks and Cryptography Overview. Security Objectives. How can we define these concepts wrt . the Internet?. Confidentiality Integrity Availability Authentication Non-repudiation. Types of Attacks (1).

macey-eaton
Download Presentation

Cyber Attacks and Cryptography Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Attacks and Cryptography Overview

  2. Security Objectives How can we define these concepts wrt. the Internet? Confidentiality Integrity Availability Authentication Non-repudiation Internet Security - Farkas

  3. Types of Attacks (1) • Interruption – an asset is destroyed, unavailable or unusable (availability) • Interception – unauthorized party gains access to an asset (confidentiality) • Modification – unauthorized party tampers with asset (integrity) • Fabrication – unauthorized party inserts counterfeit object into the system (authenticity) • Denial – person denies taking an action (authenticity) Internet Security - Farkas

  4. Types of Attacks (2) • Passive attacks: • Eavesdropping • Monitoring • Active attacks: • Masquerade – one entity pretends to be a different entity • Replay – passive capture of information and its retransmission • Modification of messages – legitimate message is altered • Denial of service – prevents normal use of resources Internet Security - Farkas

  5. Protection • Protection at storage • Inactive (e.g., databases storage, file system) • During processing (e.g., DBMS access, application access) • Protection during transmission • Level of protection (e.g., content vs. header info) • Aim of protection (e.g., confidentiality, integrity, privacy, etc.) Internet Security - Farkas

  6. Basic Defense Mechanisms Usable security! • Identification and Authentication • Authorization • Cryptography • Hardware, software security • Tampering avoidance • Information leakage prevention • Input validation • Network-protection: communication, firewall, IDS, etc. Internet Security - Farkas

  7. Attacks Against Communication Channels Internet Security - Farkas

  8. Insecure channel Recipient Sender Insecure communications Confidential Encryption: confidential communication Internet Security - Farkas

  9. Encryption Does it support? Confidentiality Integrity Availability Authentication (pair-wise, third party) Non-repudiation Internet Security - Farkas

  10. Terminology • Plaintext (cleartext): a message in its original form • Ciphertext (cyphertext): an encrypted message • Encryption: transformation of a message to hide its meaning • Cipher: cryptographic algorithm. A mathematical function used for encryption (encryption algorithm) and decryption (decryption algorithm). Internet Security - Farkas

  11. Terminology • Decryption: recovering meaning from ciphertext • Cryptography: art and science of keeping messages secure • Cryptanalysis: art and science of breaking ciphertext • Cryptology: study of both cryptography and cryptanalysis Internet Security - Farkas

  12. Continue from 08/29 Internet Security - Farkas

  13. Encryption and Decryption Plaintext Ciphertext Plaintext Encryption Decryption Internet Security - Farkas

  14. Conventional (Secret Key) Cryptosystem Plaintext Ciphertext Plaintext Encryption Decryption Sender Recipient K C=E(K,M) M=D(K,C) K needs secure channel Internet Security - Farkas

  15. Public Key Cryptosystem Recipient’s public Key (Kpub) Recipient’s private Key (Kpriv) Plaintext Ciphertext Plaintext Encryption Decryption Sender Recipient C=E(Kpub,M) M=D(Kpriv,C) Kpubneeds reliable channel Internet Security - Farkas

  16. Summary: Secret-Key Encryption • Single, secret key • Key distribution problem of secret key systems • Establish key before communication • Need n(n-1)/2 keys with n different parties • Do NOT provide electronic signatures • Faster than public-key encryption Internet Security - Farkas

  17. Summary: Public Key Encryption • Supports confidentiality and authentication • Need reliable channel for key distribution • 2n keys for n users (public, private pairs) • Digital certificate • PKI Internet Security - Farkas

  18. Simple secret key distribution • KE-S ||ID-S • 2. E KE-S(Ksession) Sender Recipient Vulnerable to active attack! HOW? Internet Security - Farkas

  19. With confidentiality and authentication • E KE-R[N1||ID-S] • 2. E KE-S[N1||N2] • 3. E KE-R[N2-1] • 4. E KE-R E KD-S(Ksession) Sender Recipient What are the basic requirements for this protocol to be correct? Internet Security - Farkas

  20. What is a Protocol? Internet Security - Farkas

  21. Protocol • Sequence of interactions between entities to achieve a certain end • Types of protocols: • Diplomatic • Communication • Graduation • Security • Etc. What is TCP/IP? Internet Security - Farkas

  22. Reading Assignment Recommended Reading: P.Y.A. Ryan, S.A. Schneider, M.H. Goldsmith, G. Lowe and A.W. Roscoe, The Modelling and Analysis of Security Protocols: the CSP Approach, Section 0. Introduction, pages: 1 – 37, http://www.computing.surrey.ac.uk/personal/st/S.Schneider/books/MASP.pdf Internet Security - Farkas

  23. Security Protocols • Cryptographic protocols • Services: secrecy, integrity, authentication, key exchange, non-repudiation, etc. • Components: communicating parties (nodes), trusted third party, encryption algorithms, hash functions, timestamps, nonce, etc. Internet Security - Farkas

  24. Security Properties – Secrecy • Non-interference: Intruder should not be able to deduce anything about the legitimate users’ activities • Message confidentiality: intruder cannot derive the plaintext of messages passed between two legitimate nodes Internet Security - Farkas

  25. Security Properties – Authentication of Origin • Verify • Who sent the message? • Who sent the message to whom? • Who sent the message to whom and how many times? Internet Security - Farkas

  26. Security Properties – Entity Authentication • Similar to authentication of origin but has timeliness • Repeated form of origin authentication Internet Security - Farkas

  27. Security Properties – Integrity • Data cannot be corrupted • Content of output messages match the content of the input message Internet Security - Farkas

  28. Security Properties – Authenticated Key-Exchange • Share a secret key with another person and know for sure who this other person is I’m calling from your utilities company. We need your SSN, billing address, and … Internet Security - Farkas

  29. Security Properties – Non-repudiation • Legitimate participants • Against possible cheating • Signature-type mechanism Internet Security - Farkas

  30. Security Properties – Fairness • Legitimate participants • Prevents one of the participants to gain advantage over another by halting the protocol part-way through Internet Security - Farkas

  31. Security Properties – Anonymity • Over some sets of events • Shuffling the events will not change an observer’s view • Occurrence of events? • Accountability Internet Security - Farkas

  32. Security Properties – Availability • To be able to achieve the goals Internet Security - Farkas

  33. More Examples of Crypto protocolsRead on your own Internet Security - Farkas

  34. Diffie-Hellman Key Exchange • Proposed in 1976 • First public key algorithm • Allows group of users to agree on secret key over insecure channel • Cannot be used to encrypt and decrypt messages Internet Security - Farkas

  35. Diffie-Hellman Key Exchange Protocol for A and B want to agree on shared secret key: • A and B agree on two large numbers n and g, such that 1<g<n • A chooses random x and computes X=gx mod n and sends X to B • B chooses random y and computes Y=gy mod n and sends Y • A computes k= Yx mod n • B computer k’= Xy mod n • Note: k =k’= gyx mod n Internet Security - Farkas

  36. Diffie-Hellman Key Exchange • Requires no prior communication between A and B • Security depends on difficulty of computing x given X=gx mod n • Choices for g and n are critical: both n and (n-1)/2 should be prime, n should be large • Susceptible to intruder in the middle attack (active intruder) Internet Security - Farkas

  37. Intruder in the Middle Attack Intruder John Rose Hi Rose, I’m John. Hi Rose, I’m John. Hi John, I’m Rose. Hi John, I’m Rose. Intruder and John Uses Diffie-Hellman To agree on key K. Intruder and Rose Uses Diffie-Hellman To agree on key K’. K and K’ may be the same Internet Security - Farkas

  38. Asymmetric-Key Exchange • Without server • Broadcasting • Publicly available directory • With server • Public key distribution center • Certificates Internet Security - Farkas

  39. Public announcement KE-J.S. KE-J.S. KE-J.S. KE-J.S. John Smith KE-J.S. KE-J.S. Bad: Uncontrolled distribution  easy to forge Internet Security - Farkas

  40. Publicly available directory Better but not Good enough  Directory could Be compromised Public Key Directory KE-J.S. KE-M.R.. John Smith Mary Rose Internet Security - Farkas

  41. Public-key authority Public-Key Authority 1. Request || Time1 4. Request || Time2 2. EKD-Auth[KE-R||Request||Time1] 5. EKD-Auth[KE-S||Request||Time2] 3. EKE-R(ID-S||N1) Sender Recipient 6. EKE-S(N1||N2) 7. EKE-R(N2) Internet Security - Farkas

  42. Public-key certificates Certificate Authority KE-R KE-S C-S=EKD-CAuth[Time1,ID-S,KE-S] CR=EKD-CAuth[Time2,ID-R,KE-R] 1. C-S Sender Recipient 2. C-R Internet Security - Farkas

  43. Certificates • Guarantees the validity of the information • Establishing trust • Public key and user identity are bound together, then signed by someone trusted • Need: digital signature Internet Security - Farkas

  44. Digital Signature • Need the same effect as a real signature • Un-forgeable • Authentic • Non-alterable • Not reusable Internet Security - Farkas

  45. Digital signature • Direct digital signature: public-key cryptography based • Arbitrated digital signature: • Conventional encryption: • Arbiter sees message • Arbiter does not see message • Public-key based • Arbiter does not see message Internet Security - Farkas

  46. Digital Signatures in RSA Insecure channel Sign Verify Plaintext Signed plaintext Plaintext Decryption Alg. Encryption Alg. Recipient Sender S’s private key S’s public key (need reliable channel) Internet Security - Farkas

  47. Non-repudiation • Requires notarized signature, involving a third party • Large system: hierarchies of notarization Internet Security - Farkas

  48. Next ClassTCP/IP Overview Internet Security - Farkas

More Related