CMSC 414 Computer and Network Security Lecture 11 Jonathan Katz

“Insecurity of ”  WEP encryption: IV, RC4(IV | k)  (M, c(M))  Is this secure against chosen-plaintext attacks? –It is randomized…  40-bit key (in some implementations)! –Claims that, with IV, this gives a 64-bit effective key(!)  And how is the IV chosen? –Only 24 bits long -- IV repetitions are a problem! –Reset to 0 upon re-initialization –Some implementations increment the IV as a counter

“Insecurity of ”  A repeating IV allows the attacker to compute the XOR of two plaintexts –We have discussed already how this can be damaging  Small IV space means the attacker can build a dictionary of (IV, RC4(IV | k)) pairs –If portions of some plaintexts known, this enables determination of other plaintexts

“Insecurity of ”  Known-plaintext attacks discovered on this usage of RC4 –Possible because the first byte of plaintext is a fixed, known header!  Chosen-plaintext attacks –Send IP traffic/ to the mobile host and watch it get forwarded –Transmit broadcast messages to access point –Authentication spoofing

“Insecurity of ”  No cryptographic integrity protection –The checksum is linear (i.e., c(x  y) = c(x)  c(y)) and unkeyed, and therefore easy to attack –Allows IP redirection attack –Allows TCP “reaction” attacks Look at whether TCP checksum is valid Form of chosen-ciphertext attack  Encryption used to provide authentication of mobile station (access point sends nonce; station returns an encryption of the nonce) –Allows easy spoofing after eavesdropping

“Analysis of E-Voting System”  This paper should scare you… –Magnitude of possible attacks by voters –Not just the security flaws, but also the reaction of Diebold and govt. officials…  Vulnerable to attacks by voters, as well as attacks by insiders  Security through obscurity did not help –In this case, code was leaked

Desiderata?  Security against voters –No double voting –No voting outside place of residence –Unable to disrupt the election, or tamper with results –Privacy of others’ votes  Security against insiders (election officials, district heads, programmers, tech staff, …) –Privacy of votes, except end-of-day total –Unable to disrupt the election, or tamper with results  Public verifiability of the entire process

Overview of Diebold system  Voting terminals initialized; ballots installed  On voting day, voters given voting card –Voter inserts card, gets ballot, makes choices –After confirmation, voting card is “cancelled”  Election is closed by inserting an admin card –Results can be uploaded for tabulation

Poor cryptography  Smartcards have no cryptographic functionality –Possible to create home-made voting cards! –Cast multiple votes by disabling “cancellation”, or overwriting card –Change party affiliation  No cryptographic protection for admin cards –Only a weak PIN…if any –Possible to shut down the election!  Bad audit mechanism for detecting over-voting –Detected over-vote would nullify the election

“Analysis of E-Voting System”  Most data stored without any integrity Possible to modify ballots, vote total, or even the software  No authentication of data sent to back-end server  Hard-coded, non-random DES key!  CBC mode with IV = 0! –Deterministic encryption… –Linking voters to votes (encrypted votes stored sequentially)  CRC used instead of a secure MAC  Poor random number generation

“…Attacks on SSH”  Previous examples illustrated bad cryptography  Here we will see an example of good cryptography being ‘circumvented’

“…Attacks on SSH”  Focus only on the symmetric-key encryption and integrity protection mechanism for SSH packets  Recall CBC mode: c i = F k (p i  c i-1 )  Chosen-ciphertext attack on CBC mode…

SSH  SSH uses a variant of CBC mode  This variant can be proven secure against chosen- ciphertext attacks

Proof model? c 1, …, c n … c’ 1, …, c’ n decryption of ciphertext, or error Even after this interaction, adversary learns no information about original plaintext

Real world?  Different error messages returned depending on the error condition –If packet_length not in correct range, terminate the session and send SSH2_MSG_DISCONNECT –If packet_length not a multiple of the block length, terminate session with no error message –Else accept packet_length bytes until MAC can be checked; different error message sent in this case  This does not match the formal model!

Real world?  SSH sends/receives communication block-by- block c 1, …, c n … c’ 1 c’ 2 c’ 3 c’ n decryption of ciphertext, or error

This enables attacks!  Focus on packet_length ciphertext block –If SSH2_MSG_DISCONNECT message sent right away, then the attacker learns that the most significant 14 bits of decrypted length field are not all 0 Leaks that they are all 0 with probability –If above check passes and length check does not fail, then 4 least significant bits of decrypted length field equal 12 Happens with probability 2 -4 –If above checks pass, then attacker injects blocks until the MAC check fails Reveals exact value of decrypted length field

Side channel attacks

 We have seen already one example of how reality can differ from the (standard) formal models used in cryptography  More generally, cryptographic analysis treats primitives/protocols as black boxes  In reality, primitives and protocols implemented in the real world by hardware/software –This may lead to (other) attacks ‘outside the model’

Side channel attacks  CPU retains state in the form of caches, branch prediction buffer, stack data, memory, disk…  Interaction with users influences resource usage, page protections, scheduling  Timing attacks, power analysis, EM radiation, heat/sound/disk access patterns –Especially in embedded systems

Side channel attacks  Side channel attacks may be used to break the crypto –E.g., timing attacks, power analysis  Side channel attacks may also be used to circumvent crypto entirely –E.g., EM radiation from monitors/keyboards, extracting keys from memory or data from disk –(Really more of a systems issue than a crypto issue)

“Cold boot attacks”  Attacks on disk encryption products, exploiting poor key management along with the fact that memory contents can be recovered

Basic setup RAM Encrypted hard drive Enc pw (k) Enc k (data) k pw data What happens when computer is shut off (or put in standby)?

Setup 2 RAM k TPM k pw ok Before correct password entered, k is loaded into memory

Key observations  If memory can be probed, possible to recover k (and then read all data on hard drive) without the correct password –First case: k not scrubbed after power down Memory decays over time But not too quickly, and this process can be slowed by cooling –Second case: k should be loaded only after successful password is entered  Video at