1 / 46

CS 445 / 645 Internet Security Mon & Wed, 11:30 AM ~ 12:45 PM @ SEB 1240 Spring, 2012

School of Computer Science. CS 445 / 645 Internet Security Mon & Wed, 11:30 AM ~ 12:45 PM @ SEB 1240 Spring, 2012. Monday, Jan. 23, 2012. Hacker steals $6.7M from bank. http://www.pcworld.com/article/248340/hackers_steal_67_million_in_cyber_bank_robbery.html#tk.rss_main Jan. 18, 2012

raanan
Download Presentation

CS 445 / 645 Internet Security Mon & Wed, 11:30 AM ~ 12:45 PM @ SEB 1240 Spring, 2012

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. School of Computer Science CS 445 / 645 Internet Security Mon & Wed, 11:30 AM ~ 12:45 PM @ SEB 1240 Spring, 2012 Monday, Jan. 23, 2012 CS 445 – Internet Security

  2. Hacker steals $6.7M from bank • http://www.pcworld.com/article/248340/hackers_steal_67_million_in_cyber_bank_robbery.html#tk.rss_main • Jan. 18, 2012 • Hackers used stolen login details for a Postbank teller and a call center agent to transfer about $6.7 million into multiple bank accounts that were opened across the country late last year. (South Africa) • Lessons: • Every employees’ personal information must be guarded no matter how low level they are. • Enforce limited privilege (better security policy) • E.g., use only normal user account for running web server CS 445 – Internet Security

  3. Seminar next week • Brookings Mountain West pubic lecture on “The Economics of Cybersecurity: A National Dilemma” • January 31, Tuesday, 5:30 pm • Greenspun Hall Auditorium (By Student Union) • Speaker: Allan A. Friedman • Fellow, Governance Studies • Research Director, Center for Technology Innovation • More on • http://brookingsmtnwest.unlv.edu/events/lectures-upcoming.html CS 445 – Internet Security

  4. Review CS 445 – Internet Security

  5. Computer Security goals - CIA Triad CS 445 – Internet Security

  6. CIA Triad • Confidentiality • Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. • A loss of confidentiality is the unauthorized disclosure of information. • Integrity • Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity. • A loss of integrity is the unauthorized modification or destruction of information. • Availability • Ensuring timely and reliable access to and use of information. • A loss of availability is the disruption of access to or use of information or an information system. CS 445 – Internet Security

  7. Additional security concepts • Authenticity • The property of being genuine and being able to be verified and trusted; • Confidence in the validity of a transmission, a message, or message originator. • Accountability • The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. CS 445 – Internet Security

  8. A Threat is blocked by Controlof a Vulnerability Security system Control Vulnerability Threat  Threats, Controls, and Vulnerabilities. CS 445 – Internet Security

  9. Passive vs. Active Attacks CS 445 – Internet Security

  10. Passive vs. Active Attacks • The opposite characteristics • Passive attacks • Whereas passive attacks are difficult to detect, measures are available to prevent their success • Active attacks • On the other hand, it is quite difficult to prevent active attacks absolutely, because of the wide variety of potential physical, software, and network vulnerabilities. • Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them. CS 445 – Internet Security

  11. Chapter 2. Symmetric Encryption and Message Confidentiality CS 445 – Internet Security

  12. Terminology • Encryption (E) • The process of encoding a message, so that its meaning is not obvious • Why Encrypt? Enemy may try to • Block, Intercept, Modify, and Fabricate a message • Decryption (D) • Reverse process of encryption • Relations • Plaintext (or cleartext): P = <p1, p2,…., pn> • Ciphertext: C = <c1, c2,…., cm> • C = E(P) and P = D(C) • P = D(E(P)) CS 445 – Internet Security

  13. Encryption with keys • key - info used in cipher known only to sender/receiver • An encryption algorithms may not use a key (K), but • Difficult to keep an algorithm secret, if it is widely used • Difficult to devise new algorithms • Difficult to explain a new algorithm to the counterpart • A key, on the other hand, is easier to change or manage. • C = E (K, P) • Any algorithm without a key? Sure! • Keyless cipher: Caesar cipher CS 445 – Internet Security

  14. Types of keys – Symmetric Key • Same key for decryption and encryption • P = D(K, E (K, P)) • or conventional / private-key / single-key • sender and recipient share a common key • all classical encryption algorithms are private-key CS 445 – Internet Security

  15. Problems • Key distribution • must be done secretly • difficult when parties are geographically distant, or don't know each other • Massive key requirements • Need a key for each pair of users • n users need n*(n-1)/2 keys • Unlimited compromising power once broken • If the secret key is compromised, the adversary can decrypt all traffic and produce fake messages CS 445 – Internet Security

  16. Types of keys – Asymmetric Key • Solving the symmetric key problem • After a few thousand years of search, a solution was found in 1970’s • Different keys for encryption and decryption • Encryption key: KE • Decryption key: KD • P = D(KD, E (KE, P)) • Asymmetric key CS 445 – Internet Security

  17. Stream vs. Block cipher • Stream cipher • Converts one symbol of plaintext immediately into a symbol of ciphertext • Block cipher • Encrypts a group of plaintext symbols as one block • many current ciphers are block ciphers CS 445 – Internet Security

  18. Cryptanalysis

  19. Types of Attack - I • Ciphertext only attack • Key is not known. No algorithm may be known. Most difficult. • Based on probability, distribution, characteristics of available ciphertext • Must have enough cipher text (“xz03b” is not enough) • If algorithm is known • Try all the possible keys  Important to be able to recognize when succeeded (a.k.a. recognizable plaintext attack) Plaintext Ciphertext Key CS 445 – Internet Security

  20. Types of Attack - II • Known plaintext attack (pre-determined) • Full plaintext or partial plaintext is known, along with the ciphertext • e.g., attacking a city  city name is known after the attack • Probable plaintext can be used instead • E.g. terrorist messages may indicate city names • Sales memo has a particular form • Find the key Plaintext Ciphertext Key CS 445 – Internet Security

  21. Types of Attack - III • Chosen plaintext attack (Variable) • Ciphertext of any plaintext is available • Analysts can insert the plaintext and get the matching ciphertext • E.g., insert record into a database and observe the change in statistics (An insider can do this easily) • Favored method for cryptanalysts Plaintext Ciphertext Ciphertext Plaintext Ciphertext Plaintext Key CS 445 – Internet Security

  22. Chosen Plaintext Attack • During WWII, US almost broke the Japanese code before the Midway combat except one word “AF”. (BTW, Pearl harbor was “AH”) • The situation indicated AF to be either Oahu or Midway, but they had no clue. • They sent a plaintext message from midway “we ran out of water….” • After 48 hours, they intercepted “AF does not have fresh water”, which changed the history of the world CS 445 – Internet Security

  23. Types of Attack - IV • Chosen ciphertext • Analyst has both encryption algorithm and ciphertext • Analysts can feed chosen ciphertext and cause decryption with an unknown key • Find the key, then using the recovered key, decrypt future messages • A cryptosystem should resist all those attacks Plaintext Plaintext Plaintext Ciphertext Ciphertext Ciphertext Key CS 445 – Internet Security

  24. Brute Force Key Search • always possible to simply try every key • most basic attack, proportional to key size • assume either know / recognise plaintext CS 445 – Internet Security

  25. Substitution Cipher

  26. Representing characters • PLAINTEXT (UPPERCASE) vs. ciphertext (lowercase) • Letters = numeric code • A = 0, B = 1, …, Z = 25 • Modulo 26 operation • Two primitive encryption • Substitution: one letter is exchanged with another • Caesar cipher, one-time pad, Vernam cipher, book cipher • Transposition: order of the letters are rearranged • Columnar Transposition CS 445 – Internet Security

  27. Substitution cipher • Units of plaintext are substituted with ciphertext according to a regular system • The "units" may be single letters (the most common), pairs of letters, triplets of letters, mixtures of the above, and so forth • The receiver deciphers the text by performing an inverse substitution CS 445 – Internet Security

  28. Substitution Cipher - Caesar cipher • ci= E(pi) = pi + 3 TREATY IMPOSSIBLE Wuhdwb lpsrvvleoh • Can be broken easily by frequency analysis CS 445 – Internet Security

  29. Breaking Caesar Cipher frequency analysis p (c) Caesar’s cipher can be easily solved (i.e., finding i) by calculating (i) = 0 ≤ c ≤ 25f(c) p(c – i), where f(c) is the freq of cipher text letter CS 445 – Internet Security

  30. Substitution cipher example • Gold Bug, by Edgar Allan Poe, 1843 • http://www.eapoe.org/works/tales/goldbga2.htm 53‡‡†305))6*;4826)4‡.)4‡);806*;48†8¶60))85;1‡ (;:‡*8†83(88)5*†;46(;88*96*?;8)*‡(;485);5*†2:*‡ (;4956*2(5*— 4)8¶8*;4069285);)6†8)4‡‡;1(‡9;480 81;8:8‡1;48†85;4)485†528806*81(‡9;48;88;4(‡?34;48)4‡;161;:188;‡?;  CS 445 – Internet Security

  31. Decryption in Gold Bug • Frequency analysis Of the character 8 there are 33.                               ;         "     26.                               4        "     19.                             ‡ )        "     16.                               *        "     13.                               5        "     12.                               6        "     11.                             †1        "      8.                               0        "      6.                            9 2        "      5.                             : 3        "      4.                               ?        "      3.                               ¶        "      2.                            —.        "      1.  CS 445 – Internet Security

  32. Decryption in Gold Bug - Clues • "Now, in English, the letter which most frequently occurs is e. Afterwards, the succession runs thus: a o i d h n r s t u y c f g l m w b k p q x z.” • "Let us assume 8, then, as e. Now, of all words in the language, 'the' is most usual; • we find no less than seven such arrangements, the characters being ;48. We may, therefore, assume that ; represents t, 4 represents h, and 8 represents e • t eeth • t ee  r • thr…h  oug CS 445 – Internet Security

  33. Gold Bug - Decrypted text       5 represents a                     †       "         d                     8       "         e                     3       "         g                     4       "         h                     6       "          i                     *       "         n                     ‡       "         o                     (        "         r                     ;        "         t  A good glass in the Bishop's hostel in the Devil's seat — forty-one degrees and thirteen minutes — northeast and by north — main branch seventh limb east side — shoot from the left eye of the death's-head — a bee-line from the tree through the shot fifty feet out. CS 445 – Internet Security

  34. Another Substitution Cipher- One-Time Pad • One time pad = A large, nonrepeating set of keys • Encrytion and decryption • A section of the key is used once and destroyed • The receiver needs an identical pad to decrypt • It is a perfect cipher • Information-theoretically secure  IMPOSSIBLE to break • Data + Random = Random CS 445 – Internet Security

  35. One-time pad concept • Message: 1011 0010 . . . . . • Random number: 0110 1001 . . . . . • Encryption method: Exclusive OR • 0 0 = 0 • 0 1 = 1 • 1 0 = 1 • 1 1 = 0 • Encryption result 1011 0010 0110 1001 1101 1011 • Decryption result 1101 1011 0110 1001 1011 0010 CS 445 – Internet Security

  36. One-time pad problems • But • Need for synchronization between sender and receiver • Need for unlimited number of keys (print/ distribute/ store…) • Can a computer help? • Long random number sequences • But it is only pseudorandom  Basis of stream cipher (e.g., RC4) CS 445 – Internet Security

  37. Transposition Cipher

  38. Transposition • Another important encryption technique along with substitution • Rearrangement of symbols • Also called Permutation (because it is a rearrangement of the symbols of a message) • Simple example: Columnar Transposition CS 445 – Internet Security

  39. Columnar Transposition Example THIS IS A SAMPLE MESSAGE T H I S I S A S A M P L E M E S S A G E tsps hals isea samg imee tspsh alsis iasam gimee • Trivial to solve • You only need to know the number of columns CS 445 – Internet Security

  40. Keyed Transposition Example THIS IS A SAMPLE MESSAGE 1 4 2 5 3 Key (or a word) T H I S I S A S A M P L E M E S S A G E tsps isea imee hals samg tspsi seaim eehal ssamg CS 445 – Internet Security

  41. Breaking transposition cipher • Characteristic patterns of adjacent letters • Digram (pairs of letters) • Trigram (triples of letters) • Frequent occurrences • endings: -th, -ing, -ed, -ion, -ation, -tion,… • beginnings: im-, in-, re-, un-, en-, ... • patterns: -eek-, -oot-, -our-, … • words: of, end, to, with, are, is, … • Certain pairs of digrams and trigrams do not appear • E.g., -vk- and –qp- CS 445 – Internet Security

  42. Example - English Digram Frequency TH 3.15% TO 1.11% SA 0.75% MA 0.56% HE 2.51 NT 1.10 HI 0.72 TA 0.56 AN 1.72 ED 1.07 LE 0.72 CE 0.55 IN 1.69 IS 1.06 SO 0.71 IC 0.55 ER 1.54 AR 1.01 AS 0.67 LL 0.55 RE 1.48 OU 0.96 NO 0.65 NA 0.54 ES 1.45 TE 0.94 NE 0.64 RO 0.54 ON 1.45 OF 0.94 EC 0.64 OT 0.53 EA 1.31 IT 0.88 IO 0.63 TT 0.53 TI 1.28 HA 0.84 RT 0.63 VE 0.53 AT 1.24 SE 0.84 CO 0.59 NS 0.51 ST 1.21 ET 0.80 BE 0.58 UR 0.49 EN 1.20 AL 0.77 DI 0.57 ME 0.48 ND 1.18 RI 0.77 LI 0.57 WH 0.48 OR 1.13 NG 0.75 RA 0.57 LY 0.47 • The frequency percentage varies by source CS 445 – Internet Security

  43. Use of Digram • Ciphertext: HLOOLELWRD • E.g., Frequencies of digrams beginning with H • HE = 0.0251 • HO = 0.0043 • HL, HW, HR, HD < 0.0010 • Frequencies of digrams ending in H • WH = 0.0048 • EH, LH, OH, RH, DH ≤ 0.0002 • Implies E follows H HE LL OW OR LD CS 445 – Internet Security

  44. Combination of approaches • Weakness of Transposition • Frequency analysis • If the frequency distribution follows plain text, it is most likely transposition • How about combination of both? • Can avoid weaknesses of both! • Replacing high frequency ciphertext alphabet with plaintext alphabet: Still protected by transposition • Guessing columns and anagramming does not reveal the text due to substitution • This is the building block of modern cryptosystem (product cipher) CS 445 – Internet Security

  45. Claude Shannon and Substitution-Permutation Ciphers • in 1949 Claude Shannon introduced idea of substitution-permutation (S-P) networks • modern substitution-transposition product cipher form the basis of modern block ciphers • S-P networks are based on the two primitive cryptographic operations: • substitution (S-box) • permutation (P-box) CS 445 – Internet Security

  46. Next class • More on Symmetric Key Cryptography • Feistel Cipher / DES • AES • RC4 CS 445 – Internet Security

More Related