Chapter 15: Security Modified by Dr. Neerja Mhaskar for CS 3SH3

The Security Problem Protection is providing controlled access to programs and data stored in a computer system. Protection deals with internal threats Security, on the other hand, requires not only an adequate protection system but also consideration of the external environment within which the system operates. Security deals with external threats/intruders Intruders (crackers) attempt to breach security Threat is potential security violation Attack is attempt to breach security Attack can be accidental or malicious. Easier to protect against accidental than malicious misuse

Standard Security Attacks Masquerading Pretending to be an authorized user to escalate privileges Man-in-the-middle attack Intruder sits in data flow, masquerading as sender to receiver and vice versa Session hijacking In a network communication, a man-in-the-middle attack may be preceded by a session hijacking, in which an active communication session is intercepted.

Program Threats Many variations, many names Trojan Horse A complete program that secretly performs some maliciousness in addition to its visible actions. Some deliberately written, others are the result of legitimate programs that have become infected with viruses. Spyware - it is a version of a Trojan Horse that is often included in "free" software downloaded off the Internet . Goal is to download ads, pop-up windows, capture information and return it to central system. Sends out spam emails. In 2010 it was estimated that up to 90% of spam is delivered by spyware-infected systems.

Program Threats Cont… Trap Door - It is a program, where designer or a programmer (or hacker) deliberately inserts a security hole that can be used later to access the system. Logic Bomb – is program that initiates a security incident under certain circumstances E.g.: When a particular date or time is reached. Stack and Buffer Overflow - This is a classic method of attack, which exploits bugs in system code that allows buffers or stack to overflow. Failure to check bounds on inputs, arguments Viruses – it is a fragment of code embedded in legitimate program. Self-replicating, designed to infect other computers

System and Network Threats Worm – is a process that uses the fork / spawn process to make copies of itself in order to wreak havoc on a system. Worms spread by exploiting vulnerabilities in operating systems. On computer networks, worms are particularly potent, since they may reproduce themselves among systems and thus shut down an entire network. One of the most well-known worms is the Morris Worm, Targeting Sun and VAX computers running BSD UNIX version 4.

System and Network Threats Cont… Port scanning - is technically not an attack, but rather a search for vulnerabilities to attack. Systematically attempt to connect to every known (or common or possible) network port on some remote machine. Once connection is established looks for vulnerabilities for a possible attack. Since it is traceable, it is frequently launched from zombie systems (compromised independent systems) to decrease trace-ability Denial of Service Attacks clog the systems up so badly with requests that they cannot be used for any useful work. Tight loops that repeatedly request system services are an obvious form of this attack.

Cryptography Abstractly, cryptography means to constrain potential senders (sources) and / or receivers (destinations) of messages Based on secrets called keys, that are selectively distributed to computers in a network and used to process messages. Cryptography helps with the following two major scenarios: It enables a recipient of a message to verify that the message was created by the intended party (party possessing a certain key) – Authentication It enables a sender to encode the message so that a recipient possessing a certain key can decode the message – Encryption

Encryption Constrains the set of possible receivers of a message Encryption is the process of encoding messages (called ciphertexts) using keys. Decryption is the process of decoding messages using keys An algorithm used for encryption must provide the following essential property: Given a ciphertext, a computer can compute the message only if possesses the key Given a ciphertext, it is impossible to derive the key from it. There are two main types of encryption algorithms: Symmetric Asymmetric

Symmetric Encryption Same key used to encrypt and decrypt messages Therefore key must be kept secret and safely guarded. There are a number of well-known symmetric encryption algorithms that have been used for computer security: For example: The Data-Encryption Standard (DES) - it encrypts a block of a data at a time. Keys too short so now considered insecure Triple-DES enhancement of DES. DES algorithm is used 3 times using 2 to 3 separate keys Triple DES is considered more secure and is widespread today. Advanced Encryption Standard (AES) – developed in place of DES. Encodes data in blocks and uses larger keys.

Secure Communication over Insecure Medium

Asymmetric Encryption Asymmetric encryption is based on having two different keys to encrypt and decrypt messages. public key – is used to encrypt data and is published. private key – is used to decrypt data and is private, that is key known only to individual decrypting message RSA Algorithm is one of the most widely used asymmetric encryption algorithms. It is based on the following facts: Efficient algorithm exists for testing whether or not a number is prime, but No efficient algorithm is known for finding the prime factors of a number.

RSA Algorithm Formally, it is computationally infeasible to derive kd,N from ke,N, and so ke need not be kept secret and can be widely distributed ke is the public key kd is the private key N is the product of two large, randomly chosen prime numbers p and q (for example, p and q are 512 bits each) Ke satisfies the condition that it is relatively prime to (p−1)(q −1) and< (p−1)(q −1) kd satisfies kekd mod (p−1)(q −1) = 1 Encryption algorithm is Eke,N(m) = mke mod N, where The decryption algorithm is then Dkd,N(c) = ckd mod N

RSA Algorithm Example For example. make p = 7and q = 13 We then calculate N = 7∗13 = 91 and (p−1)(q−1) = 72 We next select ke relatively prime to 72 and< 72, yielding 5 Finally, we calculate kd such that kekd mod 72 = 1, yielding 29 We how have our keys Public key, ke,N = 5, 91 Private key, kd,N = 29, 91 Encrypting the message 69 with the public key results in the ciphertext 62 Ciphertext can be decoded with the private key Public key can be distributed in clear text to anyone who wants to communicate with holder of public key

Encryption using RSA Asymmetric Cryptography

Cryptography (Cont.) Note symmetric cryptography based on transformations, asymmetric based on mathematical functions Asymmetric cryptography is much more computationally expensive to execute. Therefore, not used for general purpose encryption of large amounts of data. Used for small amounts of data and authentication. authentication, confidentiality, and key distribution.

Authentication Constrains set of potential senders of a message. Complementary to encryption Also can prove message unmodified Hash functions are the basis of authentication A hash function H(m) creates a small, fixed-sized block of data, known as a message digest or hash value, from a message m. Common message-digest functions include MD5, and SHA-1 Two types of authentication algorithms: Message-authentication code (MAC) Digital-signature algorithm

Key Distribution Delivery of symmetric key is huge challenge Sometimes done out-of-band (e.g.: on paper or in a conversation) Even asymmetric key distribution needs care – man-in-the-middle attack (next slide) To solve this, use a digital certificate which is a public key digitally signed by a trusted party.

Man-in-the-middle Attack on Asymmetric Cryptography

End of Chapter 15