Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security- Chapter 7 By Carrie Mace And Bill Coley.

Similar presentations


Presentation on theme: "Security- Chapter 7 By Carrie Mace And Bill Coley."— Presentation transcript:

1 Security- Chapter 7 By Carrie Mace And Bill Coley

2 Chapter 7: Security 7.1 Introduction 7.2 Overview of Security Techniques 7.3 Cryptographic algorithms 7.4 Digital Signatures 7.5 Cryptographic Pragmatics 7.6 Case Studies

3 NextPreviousOverview Security is needed to guarantee the privacy, integrity and availability of resources Designers of secure distributed systems must cope with the possibility of exposed service interfaces and insecure networks

4 NextPrevious Types of Service Attacks Masquerading Tampering Denial of Service

5 NextPreviousCryptography Provides the basis for the authentication of messages as well as their secrecy and integrity Cryptographic algorithms and the management of keys are critical to the security mechanisms effectiveness

6 NextPrevious Where Are Security Measures Needed In any computer system that is a possible target for attacks Especially important for financial systems or systems that handle confidential data Need for protection arises from the desire to share resources Security mechanisms are used to ensure security policies are enforced

7 NextPrevious Threats and Attacks Security Threats fall into three categories –Leakage which is the acquisition of information by unauthorized recipients –Tampering which is the unauthorized alteration of information –Vandalism which is the interference with the proper operation of a system without gain to the perpetrator

8 NextPrevious Channel misuse Methods of attacks can be further classified according to the way in which a channel is misused –Eavesdropping which is copies of messages without authority –Masquerading is sending or receiving messages using the identity of another principal without their authority

9 NextPrevious Channel Misuse-Continued Message Tampering is intercepting messages and altering their contents before passing them on to the intended recipient Replaying is storing intercepted messages and sending them at a later date Denial of service is flooding channels or other resource with messages in order to deny access for others

10 NextPrevious Threats from Mobile Code Several programming languages have been designed to enable programs to be loaded into a process from a remote server and then executed locally Internal interfaces and objects within an executing process may be exposed to attack by mobile code

11 NextPrevious Java -Threats from Mobile Code The sandbox model of protection against mobile code The Java Virtual Machine gives each application its own environment in which to run Each environment has a security manager that determines which resources are available to the application

12 NextPrevious Information Leakage If a transmission of a message between two processes can be observed then information can be gained from its mere existence Potential for leakage arises whenever the results of a computation can be observed

13 NextPrevious Securing Electronic Transaction - Types –contents of message might need to be secured Purchase of Goods and Service – need to secure private purchases data and sometimes the product itself Banking Transactions – must secure customers private banking information Micro-Transactions – supply of small quantities of information to many customers at a low cost

14 NextPrevious Requirements for Securing Web Purchases Authenticate the vendor to the buyer Keeping buyer’s credit card and payment detail from falling into unauthorized hands and keeping the information accurate from buyer to vendor If goods are downloadable they also need to be secured from third parties and accurate when they reach the buyer Authenticate the identity of the account holder to the bank

15 NextPrevious Designing Secure System The big dilemma is that the designer aims to exclude all possible attacks and loop holes but it is difficult to plan for all possible attacks There is always a balance act between costs and threats and convenience

16 NextPreviousCryptography Encryption is the process of encoding a message to hide its content Uses several secure algorithms for encrypting and decrypting messages Based on the use of secret keys Two main classes of encryption algorithms –Shared secret keys where the sender and receiver share knowledge of the key –Public/Private keys where the sender of the message uses the public key to encrypt the message and the receiver uses the private key to decrypt the message

17 NextPrevious Uses of Cryptography Three major uses –Secrecy and Integrity –Authentication –Digital Signatures

18 NextPrevious Cryptography – Secrecy and Integrity Exploits the fact that a message that is encrypted with a particular encryption key can only be decrypted by a recipient who knows the corresponding decryption key As long as the decryption key is not compromised and the encryption algorithm is strong enough to defeat possible attempts to crack it the message will remain a secret It can also help maintain integrity if the encrypted algorithm contains things like check sum

19 NextPrevious Cryptography - Authentication Cryptography is used in support of mechanisms for authentication communication between pairs and principals A principal who decrypts a message can successfully using a particular key can assume that the message is authenticated if it contains the correct checksum Can infer that the sender of the message possessed the corresponding encryption key and hence deduce the identity of the sender if the key is only known to two parties

20 NextPrevious Cryptography – Digital Signatures Implemented by cryptography Verifying to a third party that a message or a document is an unaltered copy of one produced by the signer Digital signatures are based upon the irreversible binding to the message or document of a secret known only to the signer Achieved by encrypting the message or a compression form of the message called a digest

21 NextPreviousCertificates A digital certificate is a document containing a statement signed by a principal For a certificate to be useful the following is required: –A standard format and representation for them so that certificate issuers and certificate users can successfully construct and interpret them –Agreement on the manner in which chains of certificates are constructed and in particular the notion of trusted authority There is sometimes a need to revoke a certificate since it is expensive to track down and delete all certificates, this is usually addressed with an expiration date included in the signature

22 NextPrevious Cryptography Algorithm A message is encrypted by the sender applying some rule to transform the plaintext message to a ciphertext Recipient must know the inverse rule in order to transform the ciphertext into the original plaintext Other principals are unable to decipher the message unless they know the inverse rules

23 NextPrevious 7.4 Digital Signatures Handwritten signatures are used to meet the needs of document recipients to very that the document is : Authentic Unforgeable Non-repudiable Digital documents are easy to generate, copy, and alter. Simply appending the identity of the originator to a document has no value.

24 NextPrevious Digital Signing An electronic document or message M can be signed by a principal A by encrypting a copy of M with a key K A and attaching it to a plaintext copy of M and A’s identifier. Signed document will be of the form: M, A, [M] K A. By verifying the signature the recipient can be assured the message was unaltered and originated by A.

25 NextPrevious Digital Signing If a secret key is used to encrypt the document, only others who share the secret key can verify the signature. If public-key cryptography is used, the signer uses her private key, and anyone who has the corresponding public key can verify the signature. The public-key method is more analogous to a written signature.

26 NextPrevious Digest Functions Also called secure hash functions and denoted H(M). Must be carefully designed to ensure that H(M) is different from H(M’) for all values of M, and M’.

27 NextPrevious Digital signatures with public keys Relatively simple and does not require communication between recipient and signer. 1. A generates a key pair K PUB and K PRIV and publishes the public key K PUB. 2. A computes the digest of M, H(M) with an agreed hash function and encrypts it with K PRIV to produce the signature S = {H(M)} K PRIV 3. A sends the signed message [M] K = M,S to B 4. B decrypts S using K PUB and computes the digest of M, H(M). If they match, the signature is valid.

28 NextPrevious Digital signatures with secret keys - MACs To verify, the secret key must be shared Problems: 1. Signer must arrange for the verifier to receive the secret key 2. It may be necessary to verify a signature in several contexts, and at different times 3. Disclosure weakens the security of signatures made with that key. Exception: message authentication codes (MAC) - requires a secure channel.

29 NextPrevious Message authentication code (MAC) Depends on the existence of a secure channel through which the shared key can be distributed. 1. A generates a random key K for signing and distributes it through secure channels 2. For any document M to be signed: h = H(M + K) Then the message sent is [M] K = M, h 3. Receiver B computes h’ = H(M + K) using the secret, shared key. Signature is verified if h = h’ The digest h is a MAC

30 NextPrevious Secure Digest Functions A secure digest function h = H(M) should have the following properties: 1. Given M, it is easy to compute h 2. Given h, it is hard to compute M 3. Given M, it is hard to find another message M’, such that H(M)=H(M’) Vulnerable to the birthday attack, where an alternate M’ is found to hash the same as M.

31 NextPrevious Secure Digest Functions Similar to symmetric cryptography but does not preserve information. MD5 SHA Using an encryption algorithm to make a digest –Used in CBC mode

32 NextPrevious Certificate standards and certificate authorities X.509 is the most widely used standard format for certificates Structure and content of X.509 Certificate: –SubjectDistinguished Name, Public Key –IssuerDistinguished Name, Signature –Period of ValidityNot before & not after dates –Administrative InfoVersion, Serial Number SPKI - Simple Public-key Infrastructure –recent proposal enables chains of certificates

33 NextPrevious Performance of cryptographic algorithms Table 7.5.1

34 NextPrevious Applications of cryptography and political obstacles Algorithms described in this chapter emerged in the 1980’s and 1990’s Strongly resisted by the US government Cryptographic software had stringent export restrictions US software companies protested Current position - software that implements most of the major algorithms has been available worldwide for several years

35 NextPrevious Applications of cryptography and political obstacles Example: PGP (Pretty Good Privacy) –Generates and manages public and secret keys on behalf of a user In Jan US government changed its policy on exported software. Current proposals want to require the inclusion of loopholes for gov’t law enforcement, and security agencies

36 NextPrevious The Needham and Schroeder authentication protocol Solution to authentication and key distribution using authentication server Authentication server maintains a table containing a name and secret key for each principal known to the system. Protocol is based on the use of tickets from the authentication server.

37 NextPreviousNeedham-Schroeder N A and N B are nonces Nonces are used only once, and generated on demand

38 NextPrevious Kerberos Developed at MIT in the 1980’s Deals with three kinds of security objects: –Ticket –Authentication –Session Key Client processes must possess a ticket for each server that they use (most have a lifetime of several hours)

39 NextPreviousKerberos Figure 7.16 System architecture of Kerberos

40 NextPreviousKerberos A Kerberos server is known as a Key Distribution Center (KDC), supplying: –Authentication Service (AS) –Ticket-Granting Service (TGS)

41 NextPrevious Securing electronic transactions with secure sockets Secure Socket Layer protocol (SSL) SSL is supported by most browsers and is widely used in Internet commerce. Algorithms used for encryption and authentication are negotiated between the two processes The only requirement is for public-key certificates recognized by both parties

42 NextPrevious Low-value electronic transactions: The Millicent protocol A scheme for the secure distribution of scrip - a specialized form of digital cash for use in low value transactions Scalable: each vendor’s server is responsible only for validating the scrip that it has issued.

43 NextPrevious The Millicent protocol Scrip is designed to offer the following features: –it has value only at a specific vendor –it can be spent only once –it is tamper-resistant and hard to counterfeit –it can be spent only by its rightful owner –it can be produced and validated efficiently

44 NextPrevious The Millicent protocol Scrip is represented by digital tokens with the following format: Vendor Value Scrip ID Cust ID Expiry date Properties Certificate Properties field - for vendor defined uses. i.e. for applying correct taxes Certificate field - digital signature protecting all the fields in the scrip from modification (MAC method)


Download ppt "Security- Chapter 7 By Carrie Mace And Bill Coley."

Similar presentations


Ads by Google