Cryptocurrency Café UVa cs4501 Spring 2015 David Evans Class 12: Mostly About Superfish Image from

Slides:



Advertisements
Similar presentations
Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
Advertisements

HTTPS and the Lock Icon Dan Boneh. Goals for this lecture Brief overview of HTTPS: How the SSL/TLS protocol works (very briefly) How to use HTTPS Integrating.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
HTTPS Hypertext Transfer Protocol Secure Marcela López Hurtado.
Cryptography and Network Security
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
VOYAGER: Yet Another Secure Web Browser to Demonstrate Secure Socket Layer Working and Implementation By : Shrinivas G. Deshpande Advisor: Dr. Chung E.
Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug scotthel.me.
More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.
Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.
Cryptocurrency Café UVa cs4501 Spring 2015 David Evans Class 14: Selfish Mining.
Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.
Chapter 8 Web Security.
Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP  FTP  SMTP / POP3 / IMAP  Focus on client-server.
TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.
Secure Sockets Layer 1 / 99  SSL is perhaps the widest used security protocol on the Internet today.  Together with DC enables secure communication.
CSCI 6962: Server-side Design and Programming
CRYPTOGRAPHY PROGRAMMING ON ANDROID Jinsheng Xu Associate Professor North Carolina A&T State University.
Cryptocurrency Café UVa cs4501 Spring 2015 David Evans Class 11: Mining Pools and Attacks.
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Image from (but I think they stole it from Monsters and Aliens)
Foundations of Network and Computer Security J J ohn Black CSCI 6268/TLEN 5550, Spring 2015.
David Evans CS200: Computer Science University of Virginia Computer Science Class 36: Public-Key Cryptography If you want.
Network Security Essentials Chapter 5
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.
1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev ) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos.
Building Security into Your System Bill Major Gregory Ponto.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
David Evans CS588: Security and Privacy University of Virginia Computer Science Lecture 14: Public Key Infrastructure.
Lecture 5.2: Key Distribution: Private Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena.
Topic 14: Secure Communication1 Information Security CS 526 Topic 14: Key Distribution & Agreement, Secure Communication.
SSL. Why Is Security Important ●Security is important on E-Commerce because it makes sure that your information gets from your computer to their server.
Can SSL and TOR be intercepted? Secure Socket Layer.
Network and Internet Security Prepared by Dr. Lamiaa Elshenawy
 authenticated transmission  secure tunnel over insecure public channel  host to host transmission is typical  service independent WHAT IS NEEDED?
Distributed Systems Ryan Chris Van Kevin. Kinds of Systems Distributed Operating System –Offers Transparent View of Network –Controls multiprocessors.
David Evans CS588: Security and Privacy University of Virginia Computer Science Lecture 10: Certificates and Hashes.
Goals Be able to identify the parts of a URL Determine the safeness of a link Know the best places to find the info you need Know how to deal with toolbars.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
Communication protocols 2. HTTP Hypertext Transfer Protocol, is the protocol of World Wide Web (www) Client web browser Web server Request files Respond.
Virtual Private Network (VPN)
Secure Sockets Layer (SSL)
How to Check if a site's connection is secure ?
CS 142 Lecture Notes: Network Security
Using SSL – Secure Socket Layer
CS 142 Lecture Notes: Network Security
CS 142 Lecture Notes: Network Security
Unit 8 Network Security.
Q/ Compare between HTTP & HTTPS? HTTP HTTPS
Presentation transcript:

Cryptocurrency Café UVa cs4501 Spring 2015 David Evans Class 12: Mostly About Superfish Image from (but I think they stole it from Monsters and Aliens)

Plan for Today Difficulty Update Project 2: Part 2 Superfish Calamity! (Attacks on Blockchain) 1

Last Class: Profitability (?) of SP20 2 >> cumulative_income(1) >>> cumulative_income(12) >>> cumulative_income(24) >>> cumulative_income(17)

3

4 difficulty = # updated 22 Feb 2015 # # from 15 Feb 2015 # this is a very low assumption - over past year, average rate was 0.35 rate_of_difficulty = 0.05 … def cumulative_income(months): income = 0.0 month = 0 while month < months: income += expected_income(month) month += 1 return income >>> cumulative_income(1) >>> cumulative_income(12) >>> cumulative_income(16) >>> cumulative_income(17) >> cumulative_income(1) >>> cumulative_income(12) >>> cumulative_income(17) Old difficulty: New difficulty: Note: actual increase since Jan 29: 0.13

5 difficulty = # updated 22 Feb 2015 # # from 15 Feb 2015 # this is a very low assumption - over past year, average rate was 0.35 rate_of_difficulty = 0.13 … def cumulative_income(months): income = 0.0 month = 0 while month < months: income += expected_income(month) month += 1 return income >>> cumulative_income(1) >>> cumulative_income(12) >>> cumulative_income(16) >>> cumulative_income(17) >> cumulative_income(1) >>> cumulative_income(12) >>> cumulative_income(17) Old difficulty: New difficulty: Note: actual increase since Jan 29: 0.13 >>> cumulative_income(1) >>> cumulative_income(7) >>> cumulative_income(8) At 13%:

6 from Feb 18 (Class 11):

7 this morning (Feb 23):

PointCoin Difficulty 8

9 Block Difficulty Eastern Time ,980,454 2/23/15 12: ,822,823 2/23/15 10: ,149,558 2/23/15 1: ,954,988 2/22/15 19: ,846,341 2/22/15 18: ,174,797 2/22/15 3: ,379,471 2/22/15 1: ,483,655 2/21/15 22: ,690,322 2/21/15 18: ,690,322 2/21/15 13: ,452,195 2/21/15 12: ,569,021 2/21/15 7: ,485,379 2/21/15 4:22

Project 2 Part 2 starts after class today Understand threats to the blockchain Attack the PointCoin network 10

Rules The blockchain reported by class.org/ is the blockchain that matters (if that node is taken down, the definitive blockchain will be one taken from the course staff nodes) class.org/ You may not use any active computing power for mining other than your EC2 nodes You may not misuse any University resources You may not do anything that violates Amazon’s acceptable use policy ( 11

12

Opportunities Collusion is permitted (indeed, encouraged!) You should have mutual distrust for your classmates (just for this assignment!) – If you join a mining pool, it is encouraged that you (attempt to) deceive the pool operator (or other pools) to gain an advantage – If you operate a mining pool, fine to attempt to cheat pool members 13

Do Something Else! Posted Project 2 / Part 2 is the default. I hope some students will do other things! Alternatives: – Build a PointCoin exchange – Use scripts in interesting ways – Build naming service using PointCoin – … 14 If you have an idea for something different to do, let me know.

What Happened with Lenovo? 15

16

17

18

SSL (Secure Sockets Layer) 19 ClientServer Hello KR CA [ Server Identity, KU S ] Verify Certificate using KU CA Check identity matches URL Generate random K E KU S (K) Decrypt using KR S Secure channel using K Simplified TLS Handshake Protocol

SSL (Secure Sockets Layer) 20 ClientServer Hello KR CA [ Server Identity, KU S ] Verify Certificate using KU CA Check identity matches URL Generate random K E KU S (K) Decrypt using KR S Secure channel using K Simplified TLS Handshake Protocol How did client get KU CA ?

21

Certificates 22 VarySign.com TJ Petitions petitions.gov, KU Petitions CPCP Verifies using KU VarySign How does VarySign decide if it should give certificate to requester? C P = KR VarySign [“petitions.gov”, KU Petitions ]

23 $1499 for 1 year $399

24

25

26

How could SuperFish insert ads in SSL traffic? 27

28 Reminder: do not launch DDOS attacks on PointCoin!

29 Internet explorer connects to a web server on port 443 using SSL. The data is encrypted. Komodia’s SSL hijacker intercepts the communication and redirects it to Komodia’s Redirector. The channel between the SSL hijacker and the Redirector is encrypted. At this stage, Komodia’s Redirector can shape the traffic, block it, or redirect it to another website. Communication between the Redirector and the website is encrypted using SSL. All data received from the website can be again modified and/or blocked. When data manipulation is done, it is forwarded again to Internet explorer. The browser displays the SSL lock, and the session will not display any “Certificate warnings”. (in archive.org)

SSL (Secure Sockets Layer) 30 ClientServer Hello KR CA [ Server Identity, KU S ] Verify Certificate using KU CA Check identity matches URL Generate random K E KU S (K) Decrypt using KR S Secure channel using K Simplified TLS Handshake Protocol

31

Charge Project 2 Part 2: Starts Now Due Thursday 5 March Quiz Wednesday 32

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.