Week 1 - Wednesday

 What did we talk about last time?  Course overview  Terminology  Threats  Vulnerabilities  Attacks  Controls  CIA

 Yesterday was Patch Tuesday  Microsoft, Oracle, and Adobe put out their patches on the second Tuesday of the month  Oracle (Java's owner) only puts them out quarterly  Are these patches available for Java 6?  No!  Unless you have an expensive support license from Oracle  And this lab has Java 6!

 Welcome to Exploit Wednesday!  Because the patches on Patch Tuesday are often to fix security holes, today is one of the most dangerous days for computer security  All the hackers now know exactly what vulnerabilities can be attacked  36 of the fixes will be for Java 7 SE products  34 of these cover remote exploits without authentication  Follow the story:  products-tuesday / products-tuesday /

 Most computer criminals are amateurs  They commit crimes of opportunity  Time-stealing is common  Disgruntled or recently fired employees can use their knowledge of a system to attack it

 You are all hackers by now  A malicious hacker is called a cracker  A large segment of crackers are high school or college students  They often attempt to gain access to other people’s computer systems for the fun or challenge of it

 Most professional crackers are trained computer scientists who have turned to crime  In the early days of hacking and viruses, destroying hardware, software, or data was the goal  Professional crackers now look to make money by stealing valuable data  There are connections to organized crime  Many attacks come from Russia, Asia, and Brazil

 Modern terrorists are often computer savvy  Three common forms of terrorist computer usage are:  Targets of attack Denial-of-service and defacement of websites  Propaganda vehicles Websites and lists used to disseminate information  Methods of attack Using computers to coordinate or initiate other forms of terrorism

 There are five common ways of dealing with attacks, many of which can be used together Prevent Remove the vulnerability from the system Deter Make the attack harder to execute Deflect Make another target more attractive (perhaps a decoy) Detect Discover that the attack happened, immediately or later Recover Recover from the effects of the attack

 Many different controls can be used to achieve the five methods of defense

 Encryption is the scrambling of data  Often a key or some other secret information is used to do the scrambling  Without knowledge of the secret, the data becomes useless  Modern encryption is one of the most powerful tools for preserving computer security  Most modern attacks do not depend on breaking encryption but on circumventing it

 The process of encryption takes plaintext as an input and produces ciphertext as an output  Plaintext (or cleartext) is not necessarily human readable, but its contents are not protected in any way  Using cryptography, we can build protocols to support confidentiality and integrity (and even availability indirectly)  As useful as it is, encryption is not a panacea

 Software controls include:  Internal program controls ▪ Parts of a program that enforce security ▪ Example: password checking to access parts of a database  OS and network controls ▪ Tools to protect users from each other ▪ Example: user files that cannot be accessed by other users)  Independent control programs ▪ Application programs that protect against specific vulnerabilities ▪ Example: virus scanners  Development controls ▪ Quality control for creating software so that vulnerabilities are not introduced

 There are many different kinds of hardware controls that can be used for many different situations:  Smart cards used for encryption on satellite or cable television set-top boxes  Locks and cables preventing theft  Fingerprint or other biometric readers  Firewalls  Many others

 Human beings ultimately get involved  It is important to have policies and procedures to guide their actions, such as:  Change passwords regularly  Don’t give people your password  Don’t allow coworkers access to data they should not have  Laws are important policies with consequences, but they react slowly to the rapid changes in technology

 Physical controls can be inexpensive and effective  Locks on doors  Security guards  Backup copies of data  Planning for natural disasters and fires  Simple controls are often the best  Attackers will always look for a weak point in your defenses

 Many issues impact the effectiveness of controls  Awareness of problem Users must be convinced that it is worth using the controls  Likelihood of use The controls must be easy enough to use that the task performed is not seriously affected  Overlapping controls Overlapping controls or a layered defense can help, but sometimes the controls negatively impact each other  Periodic review Conditions change, and controls must be reviewed periodically and updated when needed

 "Secret writing"  The art of encoding a message so that its meaning is hidden  Cryptanalysis is breaking those codes

 Encryption is the process of taking a message and encoding it  Decryption is the process of decoding the code back into a message  A plaintext is a message before encryption  A ciphertext is the message in encrypted form  A key is an extra piece of information used in the encryption process

 A plaintext is M (sometimes P)  A ciphertext is C  The encryption function E(x) takes M and converts it into C  E(M) = C  The decryption function D(x) takes C and converts it into M  D(C) = M  We sometimes specify encryption and decryption functions E k (x) and D k (x) specific to a key k

 Cryptography is supposed to prevent people from reading certain messages  Thus, we measure a cryptosystem based on its resistance to an adversary or attacker  Kinds of attacks:  Ciphertext only: Attacker only has access to an encrypted message, with a goal of decrypting it  Known plaintext: Attacker has access to a plaintext and its matching ciphertext, with a goal of discovering the key  Chosen plaintext: Attacker may ask to encrypt any plaintext, with a goal of discovering the key  Others, less common

 There are two kinds of security for encryption schemes  Unconditionally secure ▪ No matter how much time or energy an attacker has, it is impossible to determine the plaintext  Computationally secure ▪ The cost of breaking the cipher exceeds the value of the encrypted information ▪ The time required to break the cipher exceeds the useful lifetime of the information  We focus on computationally secure, because there is only one practical system that is unconditionally secure  "I want them to remain secret for as long as men are capable of evil" -Avi from Cryptonomicon

 Modulo operator takes the remainder  Two numbers are said to be congruent modulo n if they have the same remainder when divided by n  For example, 39  3 (mod 12)  Addition, subtraction, and multiplication:  [(a mod n) + (b mod n)] mod n = (a + b) mod n  [(a mod n) – (b mod n)] mod n = (a – b) mod n  [(a mod n) x (b mod n)] mod n = (a x b) mod n

 We can’t actually divide  Instead, we have to find the multiplicative inverse  The multiplicative inverse of x exists if and only if x is relatively prime to n  13 ∙ 5  65  1 (mod 16)  So, 13 and 5 are multiplicative inverses mod 16  But, 0, 2, 4, 6, 8, 10, and 12 do not have multiplicative inverses mod 16

 Cryptography basics  Stream and block ciphers  Shift ciphers

 Read Sections 2.1 and 2.2