Operating Systems Security: pack 1 Lecturer: William Fornaciari Politecnico di Milano fornacia@elet.polimi.it www.elet.polimi.it/~fornacia © 2001 - William Fornaciari © 2001 - William Fornaciari

Computer Security in the Real World “ What people want from computer security is to be as secure with computers as they are in the real world. Real-world security is about value, locks, and police. When it works, you get good enough locks (not too many break-ins), good enough police (so break-ins aren’t a paying business), and minimum interference with daily life. Computer security is hard because people don’t trust new things (especially when they don’t understand them), and computers are fast and complicated. The kind of computer break-ins most people care about are vandalism or sabotage that damages information or disrupts service, theft of money or information, and loss of privacy. Some people think that because computers are precise, perfect computer security should be possible. I’ll explain why this is wrong ... ” Butler Lampson Security © 2001 - William Fornaciari

Security Computer security deals with the prevention, detection and reaction to unauthorised actions by users With term security we focus on the global problem dealing with Technical issues Management issues Social issues Legal issues There is no single definition of security Security © 2001 - William Fornaciari

Security vs Protection Operating Systems Security Security vs Protection We can refer to protection as a subset of security Referring only to specific mechanisms used by OS to safeguard computer information Providing controlled access to programs and data stored in the computer Security requires not only a suitable protection system, but must considers the external environment in which the system operates Malicious behaviour of entities external to the system, affecting computer assets Hardware included communication lines and networks Software Data Sometimes the boundary between the two terms is not well-defined Security © 2001 - William Fornaciari © 2001 - William Fornaciari

Security Contest Intruder Intruder Network Security Informative System Security Intruder Network Security Informative System Security Intruder Security © 2001 - William Fornaciari

Intruders Modern systems usually allow remote access From terminals From modems From the network Intruders can use all of these ways to break in Security © 2001 - William Fornaciari

Security Areas Apart from social and legislative controls, computer security can be generally partitioned into three areas External security Interface security Internal security Security © 2001 - William Fornaciari

External Security Concerns physical access to overall computer facilities, to prevent theft, destruction, tampering; This includes Control of access to communication lines, removable memory media and terminals Safeguarding information from natural disaster like fire, earthquakes, floods, short circuits, wars, … External security consist of administrative and physical control measures to prevent undesired access to physical resources Full protection cannot be assured, hence the target is to Minimize possible violations Minimize possible consequent damages Provide recovery procedures (typically a proper backup policy) Security © 2001 - William Fornaciari

Interface Security It is concerned with the authentication of a user once physical access to a computer system became feasible (Authentication) Security © 2001 - William Fornaciari

Internal Security It is concerned with Control of access within computer system (Protection) Safeguarding of information transmitted over communication lines between computer system (communication/network security) Safeguarding stored information that is inadvertently or maliciously disclosed (file security) Monitoring the utilization of the system resources from its users (Auditing) Security © 2001 - William Fornaciari

Architectures and Protocols Operating Systems Security Security Levels The problem of security can be faced at three different levels Basic technologies Architectures and protocols Organization Organization Architectures and Protocols Basic Technologies Vedere sul libro di telematica Security © 2001 - William Fornaciari © 2001 - William Fornaciari

Basic technologies Basically focus on cryptographic techniques but also belong to this level Electromagnetic shields ... Technologies of this level are hard to trick with a direct attack Brute force attacks comport an huge cost Security © 2001 - William Fornaciari

Architectures and protocols The system may be secure but we do not know who is our interlocutor We need special architectures and protocols for Cryptographic keys exchange Certificates Security © 2001 - William Fornaciari

Organization Concern with non-technical problems but with the human level Computer security is easily subverted by bad human practices e.g. writing passwords on the computer monitor The management have to instil secure behaviours into the users and strongly discourage non-secure behaviours Non-secure behaviours may compromise all security measures we have hardly made-up In a nutshell there is a need of a management security consciousness Social engineering attacks tend to be cheap, easy, effective Security © 2001 - William Fornaciari

Security Measures A rough classification is Prevention, take measures that prevent computer assets from being damaged Detection, take measures that allow detection when an asset has been damaged, how it has been damaged, and who has caused the damage Reaction, take measures that allow recovering computer assets or recovering from a damage to computer assets Security © 2001 - William Fornaciari

Security Problems (1) Security is an engineering problem Trade-off between safety, cost, performance and inconvenience Risk analysis and security planning are required Security is a global concept We cannot protect a part of a system leaving another part without any protection Those breaking security will attack the weakest point Security © 2001 - William Fornaciari

Security Problems (2) Total security is, generally, not achievable Because making mistakes is easy The nature of problem implies that mistakes are always exploited The target to reach is Making security violation a mechanisms requiring a cost and an effort so great that it is not convenient Security © 2001 - William Fornaciari

Fundamental Constraints of Practical Computer Security Security costs If security measures cost too much, they won’t be adopted Conflict between security and ease-of-use Users have specific security requirements but usually no security expertise If security mechanisms are not easy to use or interfere too much with the working patterns users are familiar, they will not be used or are misused Misuse often makes security measures useless Impact on performance is manifold Security measures need additional computational resources If impact is too high, they will not be used Security © 2001 - William Fornaciari

Security Requirements Operating Systems Security Security Requirements There are a range of security requirements we have to grant to messages and data Confidentiality Integrity Availability Accountability No repudiation A slide for each point Security © 2001 - William Fornaciari © 2001 - William Fornaciari

Confidentiality Confidentiality Concern with prevention of unauthorized disclosure of information Capture the concept that computer security not have only to stop unauthorized user to read sensitive information but have to prevent from learning sensitive information The terms privacy and secrecy are sometimes used to distinguish between Protection of personal data (privacy) Protection of data belonging to an organization (secrecy) Security © 2001 - William Fornaciari

Integrity Integrity Data integrity Concern with unauthorized modification of information If we associate integrity with the prevention of all unauthorized actions, then confidentiality becomes a part of integrity Data integrity Is the state that exists when electronic data is the same as that in the source documents and has not been exposed to accidental or malicious alteration or destruction It is impossible to guarantee this property only with mechanisms internal to the computer system, but we have also to consider communications security Security © 2001 - William Fornaciari

Availability Availability Concern with prevention of unauthorized withholding of information or resources It is the property of being accessible and useable upon demand by an authorized entity Engineering techniques use to improve availability Go far beyond traditional boundaries of computer security Come from other areas like fault-tolerant computing In the context of security it is linked with prevention of denial of service Security © 2001 - William Fornaciari

Accountability (1) Confidentiality, integrity, availability Deal with different aspects of access control Put their emphasis on the prevention of unwelcome events Authorized actions can, also, lead to a security violation A flaw in security system may allows an intruder to find a way to go round controls For these reasons users should be held responsible for their actions, so it was introduced a new security requirement, the accountability Security © 2001 - William Fornaciari

Accountability (2) Accountability Audit information must be selectively kept and protected so that actions affecting security can be traced to the responsible party The system has to identify and authenticate users to achieve this target It has to keep an audit trail of security relevant events If a security violation has occurred, information from audit trail may help to identify the intruder Security © 2001 - William Fornaciari

Reliability and Safety Often considering computer security we have to keep in mind other areas like Reliability, relating to accidental failures Security is a part of reliability or viceversa Safety, relating to the impact of system failures on their environment Security © 2001 - William Fornaciari

Categories of Threats A normal information flow from a source and a destination may be subject to Passive attacks Interception Active attacks Interruption Modification Fabrication Security © 2001 - William Fornaciari

Normal Information Flow Information Source Information Destination Security © 2001 - William Fornaciari

Information Destination Interruption Prevent source from sending information to receiver or receiver from sending request to source It is an attack to availability Information Source Information Destination Intruder Security © 2001 - William Fornaciari

How Interruption Occurs Interruption ma be obtained destroying or making unusable a resource Destroying hardware E.g., an hard disk, cutting communication lines ... Deleting or damaging software Deleting data Interference with communications channel Overloading a shared resource The intruder with this kind of attacks want to cause denial of service Security © 2001 - William Fornaciari

Information Destination Interception The information flow between source and destination is eavesdropped by an unauthorized third party It is an illicit data copy and a threat to confidentiality Information Source Information Destination Intruder Security © 2001 - William Fornaciari

Another Type of Interception It is an active attack Information Source Information Destination Intruder Security © 2001 - William Fornaciari

How Interception Occurs There are several ways to achieve this purpose Break-ins Illicit data copying Eavesdropping Masquerading Tampering The aims of this attack could be Acquiring message content Traffic flow analysis which permit to deduce information Security © 2001 - William Fornaciari

Information Destination Modification The information or data are modified it is a threat to integrity Information Source Information Destination Intruder Security © 2001 - William Fornaciari

How Modification Occur Ways to bring modification based attacks are Interception of data request Masquerading Illicit access to servers/services Modification may concern Message author Message sending time (reply attacks) Message contents Security © 2001 - William Fornaciari

Information Destination Fabrication Unauthorized party inserts counterfeit objects into the system Counterfeit concern both author and contents message It is a threat to integrity Information Source Information Destination Intruder Security © 2001 - William Fornaciari

How Fabrication Occur This attacks can be lead by Masquerading Bypassing protection measures Duplication of legitimate request Security © 2001 - William Fornaciari

Passive vs Active Attacks Passive attacks are forms of eavesdropping No modification, injections of requests occur Are difficult to detect Require mechanisms that protect communication independently from the fact an attack is occurring Active attacks are more aggressive Availability and integrity are compromised Security © 2001 - William Fornaciari

Informative System Security Threats Computer security consist of Formulating an access control policy that reflects the protection requirements of the application The computer system has to enforce the policy in the presence of active attempts to bypass or disable controls Implementing a complex system is a challenge task and there is a long history of security bugs in OS caused often by simple programming errors Many attacks exploit well know security weakness in an automated and efficient manner Security © 2001 - William Fornaciari

How Things Go Wrong The major sources of security problems fall into the following categories Change in environment Bound and syntax checking Convenient but dangerous design features Escapes from controlled invocation Bypass at a lower layer Flaws in protocol implementations Security © 2001 - William Fornaciari

Change in Environment Change is one of the biggest enemies of security A system may offers perfectly adequate security, a part of the system is changed The security implication of changes was taken into account but the security is compromised Or, even worse, the changes was considered no influent to security and unpleasant surprise will occur Security © 2001 - William Fornaciari

Bound and Syntax Checking A frequent source of security problems are commands that not check the size or the syntax of their arguments By overrunning an input buffer, an attacker with detailed system knowledge can overwrite memory locations holding security-relevant data Security © 2001 - William Fornaciari

Convenient features Backward compatibility with legacy systems, ease of installation, ease of use, are good reasons for including features These features are however dangerous from a security viewpoint leaving the system open for attackers to exploit what is an intended system feature Security © 2001 - William Fornaciari

Controlled Invocation An error in such a program can seriously undermine security E.g., in Unix when a user logs in The login program sets up an environment for that user executing the commands contained in the user’s .cshrc and .login files The login program runs with root privilege A user can use file .cshrc and .login as trojan horses inserting commands that will be executed by root It is, therefore, crucial that the UID of the login process is set to the user’s UID before executing any commands that could be defined by the user Security © 2001 - William Fornaciari

Bypass Logical access control validates access by users and processes to logical system objects This control may be bypassed if an attacker Can insert code below logical access control Or gets direct access to memory Security © 2001 - William Fornaciari

Flawed Protocol Implementations Abstract descriptions of security protocols are full of innocuous statements like ‘pick up a random number’ Sometimes, designers go for an easy option being aware of its security shortcomings Sometimes they do not immediately spot the problem Security © 2001 - William Fornaciari

Malicious Programs (1) Dangers for a system often are represented by programs which take advantage of system weak-points e.g., OS that not protect against unauthorised modification Clever programmers can get SW to do their dirty work for them Programs have several advantages for these purpose Speed Mutability Anonymity Security © 2001 - William Fornaciari

Malicious Programs (2) We can distinguish malicious programs in two categories Independent programs, that may be executed autonomously from the execution of other programs Worm Bacteria Program fragments, that cannot work independently from the execution of another process Trojan horse Trapdoors Logic bomb Virus Trojan horse and logic bomb may be, in same case, part of virus Security © 2001 - William Fornaciari

Taxonomy Malicious Programs Need Host Programs Independent Trapdoors Logic Bombs Trojan Horses Viruses Bacteria Worms Replicates Security © 2001 - William Fornaciari

Trapdoors A trapdoor Is a secret entry point into an otherwise legitimate program Is a portion of code that recognize special input sequences or that it is activated when an application is executed with a particular ID An user knowing its existence may gain access bypassing normal authentication procedures Trapdoors are used by programmers To facilitate debugging and program test avoiding tedious and long authentication procedures To have an activation method if the program authentication process have a bug Controls against trapdoors are difficult to implement Security © 2001 - William Fornaciari

Logic Bombs A logic Bomb is a piece of code belonging to a legitimate program that under certain conditions explodes Modifying or deleting data and files Causing a system halt ... Usually they are inserted by program authors Practically it is hard or impossible to detect a logic bomb before its explosion Typical activating conditions are The presence or absence of certain files A particular day A particular user which is executing the application Security © 2001 - William Fornaciari

Trojan Horses A trojan horse seemingly is a useful program that contains hidden code that performs harmful things Obtaining access to the user’s files changing file permissions Obtaining passwords Deleting data and files Adding backdoors to programs ... We may find them Editors Fake login screen Particularly dangerous in compilers Inserting malicious code in a program during its compilation Security © 2001 - William Fornaciari

Bacteria Their only purpose is to replicate themselves Bacteria reproduces itself in an exponential way Taking up all the processor capacity Taking up memory Taking up disk space Eventually denying users access to resources Security © 2001 - William Fornaciari

Worms Worms Use network connections to spread from system to system To replicate themselves use E-mail facility A worm mails a copy of itself to other systems Remote execution capability A worm executes a copy of itself on other systems Remote log-in capability A worm log on to a remote system as a user and then uses commands to copy itself from one system to the other Can spread very rapidly Security © 2001 - William Fornaciari

Worms (2) When a worm is activated may act as a Virus Bacteria Trojan horse Or making whatever kind of malicious action Four phases characterized a worm (like a virus) Sleeping, the worm is inactive waiting for same event Propagation, the worm Looks for other system to infect analysing host table or remote system addresses Establishes a remote connection Copies itself in the remote system assuring the copy will be activated Security © 2001 - William Fornaciari

Worms (3) Triggering, the worm is ready to do its work This phase may be activated by various events Execution, the worm makes its work The Morris Internet worm in 1988 is the most famous example, more recently I love you Security © 2001 - William Fornaciari

Viruses Viruses are programs that can infect other programs by modifying them Like worms, also viruses are designed for spreading but they are piece of code inserted into legitimate programs Viruses occur anywhere imported code gets executed Imported programs Some inclusions in mail messages Boot sectors and other executable portions of media Macros attached to some data files Along with mere infection, trojan horses, trapdoors, or logic bombs can be included Security © 2001 - William Fornaciari

Virus Life-Cycle The life-cycle of a virus has four phases like worms Not all viruses have the sleeping one Propagation The virus put a copy of itself in some program or in some system disk area The copy itself will enter the propagation phase Triggering phase The virus is activated by some event for executing its task Execution The virus execute its task which may be innocuous or harmful Security © 2001 - William Fornaciari

Virus Spread 1. Virus Code Infected Uninfected program program 2. 3. Virus Code Virus Code Infected program Uninfected program Security © 2001 - William Fornaciari

Typical Virus Actions Typical virus actions are Find uninfected writable programs Modify those programs Perform normal actions of infected program Do whatever other damage is desired by its author Security © 2001 - William Fornaciari

Viruses Taxonomy (1) A non-exhaustive taxonomy Parasitic virus It is the classic virus attacked to executable file When the infected program is executed, the virus for uninfected file for spreading Memory resident virus Lodges in main memory as a part of a resident system program Once in memory, it Infects every program that is executed Boot sector virus It infects a boot sector When the system is started, the virus start its work Security © 2001 - William Fornaciari

Viruses Taxonomy (2) Stealth virus Slow infection virus It is designed with the precise intent of eluding anti-virus detection Compression techniques may be used by this kind of viruses for leaving unmodified the infected program dimensions The virus may modify the routines for the I/O operation so that when that routines are used, they show as uninfected the infected program Hiding in a sector marked as bad in the FAT Slow infection virus Control the rate of infection to avoid immediate detection Security © 2001 - William Fornaciari

Viruses Taxonomy (2) Polymorph virus Macro virus It is design to make little changes to its code at every infection Creates copies of itself that are functionally equivalent but have distinctly different bit patterns Encrypts itself and uses a new key on each new infection It is a way to deceive anti-virus mechanism Making detection by signature impossible Macro virus It is attached to a data file Therefore bypass integrity protection mechanisms targeting executables It is written in high-level language Therefore it is much more platform independent Security © 2001 - William Fornaciari

Dealing with Viruses The solution to contrast viruses are Prevention of infection Detection and reaction Containment Security © 2001 - William Fornaciari

Preventing the Spread of Viruses To prevent a virus infection the solution is not installing untrusted software But who can you trust? Viruses have been found in commercial shrink-wrap software So we have to take other prevention measures Scan incoming programs for viruses Some viruses are designed to hide Anti-virus software do not detect newest viruses Limit the targets viruses can reach Monitor updates to executable files Security © 2001 - William Fornaciari

Virus Detection (1) Virus detection is need if infection occurred Both virus and anti-virus software are become more complex We may identify four anti-virus generation Simple analysers (first generation) Scanner using the virus signature to identify the infection Do not identify polymorph viruses Others maintain a record of program length looking for variation in length Do not identify secret viruses Security © 2001 - William Fornaciari

Virus Detection (2) Heuristic analysers (second generation) Uses heuristic rules to search for probable virus infection Looks for fragments of code that are often associated with viruses A checksum may be attached to the end of a program so that if a virus infected the program without modifying the checksum it may be detected Some viruses are able to generate checksum itself Checksum may be substituted with a coded hash function that is harder to modify by a virus Activity trap (third generation) They are memory-resident programs that identify a virus by its actions rather than its structure They intervene when these actions take place Security © 2001 - William Fornaciari

Virus Detection (3) Totally equipped protection (fourth generation) Consists of a variety of anti-virus techniques used in conjunction Besides analysis and activity trap, these packages consist of control access techniques that prevent virus from entering the system Security © 2001 - William Fornaciari

Containment To avoid viruses damages we may run suspect programs in an encapsulated environment limiting their forms of access to prevent virus spread Containment requires versatile security model and strong protection Running each executable in its own protection domain relaying on the underlying access control mechanisms Standard access control mechanisms offered by OS often are not enough Programs execute under the user’s identity with the user’s privileges So the evil program has full user privileges Security © 2001 - William Fornaciari

Standard Access Control Mechanisms Other problems with standard access mechanisms are What access is allowable? How does it get set? How fast can you create the domains? Most popular OS do not offer simple ways to limit the security domain of programs Access control mechanisms present several problem in managing untrusted code (as we have seen talking about protection ) Other possible solution Improved OS access control for managing untrusted code Padded cells Security © 2001 - William Fornaciari

Padded Cell Approaches Improving OS access control means building systems able to manage domains not the same as process spaces Padded cell essentially consist in executing programs in an encapsulated environment Three ways to implement an encapsulated environment Augmenting the OS Solves the general problem Virtual machine and language-based approaches Most suitable for downloading small executable Software-enforced fault isolation Most suitable for composition of executables Security © 2001 - William Fornaciari

Virtual Machine and Language Approaches Define a virtual machine that does not allow insecure operations Run imported programs through an interpret for that language Java does precisely that The java virtual machine is meant to provide a secure execution environment allowing Very limited file access No process creation Very limited network communications Very limited examination of details of the host computer Security © 2001 - William Fornaciari

Software-Enforced Fault Isolation The virtual machine approach is limiting What happens if you need to write a file, create a process … ? Usually only one language is supported Consist of a software approach to memory protection Segment matching Address sandboxing Security © 2001 - William Fornaciari

Authorization and Access Control Computer security deals with the prevention and detection of unauthorized actions by users of a computer system The concepts of proper authorization and of access control are essential for this definition We have seen Access control mechanisms talking about protection Security © 2001 - William Fornaciari

Identification and Authentication A secure system somehow has to track the identities of the users requesting its services Identification Consist of entering user name and password You announce who you are Authentication is the process of verifying a user’s identity Once user name and password are entered, a process compare the input against the entries stored in a password file Login will succeed if its entered a valid user name and the corresponding password Security © 2001 - William Fornaciari

User Authentication There exists two reasons for authenticating a user User identity is a parameter in access control decision Processes are generally assigned to protection domains according to the identity of the user on whose behalf they are executed User identity is recorded when logging security relevant events in an audit trail Most computer system use identification and authentication through username and password as their first line of defence Security © 2001 - William Fornaciari

Passwords Identification and authentication through a password Has become a widely accepted mechanism and not too difficult to implement Obtaining a valid password is an extremely common way for gaining unauthorized access to a computer system Password guessing Password spoofing Compromise of the password file Security © 2001 - William Fornaciari

Choosing Passwords Password choice is a critical security issue Completely prevent an attacker from accidentally guessing a valid password is impossible The use of trivial words as passwords makes an illegal disclosure a rather easy event We can try to keep the probability for such an event as low as possible adopting same sagacity Changing default system password like ‘manager’ Prescribing a minimal password length Mixing upper and lower case symbol Including numerical and other non-alphabetical symbol Avoiding obvious passwords Changing the password frequently Always choose easy-to-remember password Security © 2001 - William Fornaciari

Password Guessing Attackers essentially follow two guessing strategy Exhaustive search (brute force) Try all possible combination of valid symbols, up to certain length Intelligent search Search through a restricted name space Try passwords that are somehow associated with a user like name, names of friends and relatives, car brand, car registration number, phone number ... Try password that are generally popular (dictionary attack) Successful attacks are more often based on social engineering than on technical ingenuity Actions should be taken to focus the user’s attention on the relevance of a careful choice of password, and of its correct use Security © 2001 - William Fornaciari

Dictionary attacks In a dictionary attack An on-line dictionary contains a set of popular passwords A program try all passwords from the dictionary till finding the correct one Security © 2001 - William Fornaciari

Password disclosure Studies have shown that the illegal disclosure of passwords through repeated attempts is still feasible today with acceptable computation time Due to the use of massive parallelism Parallel technologies combined with a negligence in the selection and management of passwords, increase the exposure to intrusions Security © 2001 - William Fornaciari

Improving Password Security (1) System may help to improve password security Password checkers Tools that check passwords against some dictionary of ‘weak’ passwords Password generation Some OS include password generator producing random but pronounceable passwords Users are allowed only to adopt password proposed by the system User are unlikely to memorise long and complicated passwords They write such passwords down on a piece of paper that is kept close to the computer Security © 2001 - William Fornaciari

Improving Password Security (2) Password ageing An expiry date for passwords can be set forcing users to change passwords ate regular interval A list of old passwords may be kept to prevent re-use of old passwords by users Changing passwords too often cause problem of writing them to remind Limit login attempts The system can monitor unsuccessful attempts and react by locking the user account completely or at least for a certain period of time Useful against dictionary attacks Security © 2001 - William Fornaciari

Improving Password Security (3) Inform user After a successful login, the system can display the time of the last login and the number of failed login attempts User may discover recently attempted attacks Security © 2001 - William Fornaciari

Spoofing Attacks (1) Identification and authentication through username and password provide unilateral authentication The user has no guarantees about the identity of the party to whom he is giving his password In a spoofing attack The attacker runs a program that presents a fake login screen on some terminal/workstation User tries to logon User name and password are stored by the attacker Execution could be handed over the user or login is aborted with an error message The spoofing program terminates giving back control to the OS Security © 2001 - William Fornaciari

Against Spoofing Attacks Solutions against spoofing attacks may be Displaying the number of failed logins Guarantee that the user communicates with the OS and not with a spoofing program Windows NT has a secure attention sequence CTRL+ALT+DEL which invokes the Windows NT OS login screen Double authentication system (handshaking) It is mutual authentication where the system introduces itself to the user through information known only to the user, and the user authenticates back to the system E.g. In a distributed system, the system could be required to authenticate itself to the user Security © 2001 - William Fornaciari

Beyond Spoofing Attacks Other way through which an intruder may ‘find’ a password are due to that Passwords do not travel directly from the user to the checking routine Passwords are, temporarily, held in intermediate storage locations like Buffers Caches Web pages The management of these storage locations is beyond the control of the user and a password may be kept longer than the user may though Security © 2001 - William Fornaciari

Compromise of the Password File User passwords are stored in the password files managed by OS Password files are a desirable target for an intruder Disclosure or modification of its content permit the intruder gaining system access Password file must be protected Cryptographic protection Access control enforced by the OS A combination of cryptographic protection and access control plus mechanisms to slow dictionary attacks Security © 2001 - William Fornaciari

Cryptographic Protection (1) Instead of the password x, the value f(x) is stored in the password file f(x) is a one-way function easy to compute but hard to reverse When an user logs in and enters a password x1, the system Applies the one-way function f and the compare f(x1) with the expected value f(x). If the values matches, the user has been successfully authenticated The password file can be left more readable if dictionary attacks are not a concern Security © 2001 - William Fornaciari

Cryptographic Protection (2) In a dictionary attack the attacker Knows the encryption function E.g. Unix uses the one-way function crypt(3) Encrypts all words in a dictionary Compare, off-line, all these words against the encrypted entries in the password file, if a match is found the attacker knows that user password We may use a one-way function harder to compute Dictionary attacks become harder (require more time) Also login mechanism slow-down It is better to hide also the encrypted password file Security © 2001 - William Fornaciari

Access Control Mechanisms OS access control mechanisms restrict the access to files and other resources to users holding appropriate privileges They can be used to protect password files Only privileged users can have access to the password file If read access is restricted to privileged users, passwords in theory could be stored unencrypted Malicious users, taking advantages of erratic OS modules (bugs or trapdoors) could access the content of password file Trojan horse in the login procedure of a system can record all the passwords used at login time Combination of access control mechanisms an cryptographic methods is then recommended Security © 2001 - William Fornaciari

Proprietary Storage Formats A weak form of read protection is provided by proprietary storage formats E.g. Windows NT stores encrypted passwords in a proprietary binary format A determined attacker will obtain or deduce the information necessary to be able to detect the location of security relevant data Security © 2001 - William Fornaciari