Lecture 3 Basic Security Concepts cont.
Homework 1. Score: 10 points Due: September 12, :00 am via dropbox Last day to submit with 4%/day penalty: September 23, :00 am via dropbox From C. P. Pfleeger and S. L. Pfleeger: Security in Computing, 4 th Edition answer the following questions: Chapter 1: 1, 10, 15 Chapter 2: 13, 18, 34 Grading: Answer all of the questions. Only one of them will be chosen by the instructor to be graded. Solutions for all questions will be posted online and discussed in class after the last day to submit date. CSCE Farkas 2
3 Research Project Project information: /project-2013.htm /project-2013.htm Step 1 Identifying research interest Form groups of 2-4 students
CSCE Farkas Project Information Discussion on Student preferences What do you like to work on? E.g., application development, operating systems, databases, hardware design, robotics, game development, etc. What are the security problems in your area of interest? E.g., multilevel secure operating systems, access control in databases, remote controlled robots, etc. How much your group can do within 1 semester? E.g., need to choose a problem that can be addressed within 12 weeks (including any background research, research, development, and writing reports) Be as specific as possible! 4
CSCE Farkas 5 Types of Attacks (1) Interruption – an asset is destroyed, unavailable or unusable (availability) Interception – unauthorized party gains access to an asset (confidentiality) Modification – unauthorized party tampers with asset (integrity) Fabrication – unauthorized party inserts counterfeit object into the system (authenticity) Denial – person denies taking an action (authenticity)
CSCE Farkas 6 Types of Attacks (2) Passive attacks: Eavesdropping Monitoring Active attacks: Masquerade – one entity pretends to be a different entity Replay – passive capture of information and its retransmission Modification of messages – legitimate message is altered Denial of service – prevents normal use of resources
Malicious Attacks M ethod: skills, knowledge, tools, information, etc. O pportunity: time and access M otive: reason to perform the action How can defense influence these aspects of attacks? CSCE Farkas 7
8 Computer Criminals Amateurs: regular users, who exploit the vulnerabilities of the computer system Motivation: easy access to vulnerable resources Crackers: attempt to access computing facilities for which they do not have the authorization Motivation: enjoy challenge, curiosity Career criminals: professionals who understand the computer system and its vulnerabilities Motivation: personal gain (e.g., financial)
CSCE Farkas 9 Lecture 1 Methods of Defense Prevent: block attack Deter: make the attack harder Deflect: make other targets more attractive Detect: identify misuse Tolerate: function under attack Recover: restore to correct state
CSCE Farkas 10 Information Security Planning Organization Analysis Risk management Mitigation approaches and their costs Security policy Implementation and testing Security training and awareness
CSCE Farkas 11 Risk Management Framework (Business Context) Understand Business Context Identify Business and Technical Risks Synthesize and Rank Risks Define Risk Mitigation Strategy Carry Out Fixes and Validate Measurement and Reporting
Cryptography 1 Project Topics Cyber Attacks Cryptography Terminology Secret-Key Encryption
CSCE Farkas 13 Reading Assignment Reading assignments for this lecture Required: Pfleeger: Ch 2 Recommended: C. Dupuis, A Short History of Cryptography, Navajo Code Talkers: World War II Fact Sheet, Interesting: U.S. always ends up regulating new technologies for public safety; the Internet is no exception, Homeland Security News Wire, up-regulating-new-technologies-for-public-safety-the-internet-is-no-exception, 08/29/ up-regulating-new-technologies-for-public-safety-the-internet-is-no-exception
CSCE Farkas 14 Insecure communications Sender Snooper Recipient Insecure channel Confidential
CSCE Farkas 15 Cryptographic Protocols Messages should be transmitted to destination Only the recipient should see it Only the recipient should get it Proof of the sender’s identity Message shouldn’t be corrupted in transit Message should be sent/received once only
CSCE Farkas 16 Terminology Plaintext (cleartext): a message in its original form Ciphertext (cyphertext): an encrypted message Encryption: transformation of a message to hide its meaning Cipher: cryptographic algorithm. A mathematical function used for encryption (encryption algorithm) and decryption (decryption algorithm).
CSCE Farkas 17 Terminology Decryption: recovering meaning from ciphertext Cryptography: art and science of keeping messages secure Cryptanalysis: art and science of breaking ciphertext Cryptology: study of both cryptography and cryptanalysis
CSCE Farkas 18 Encryption and Decryption Plaintext EncryptionDecryption Ciphertext Additional requirements : Authentication Between communicating parties Third-party authentication Non-repudiation Integrity verification Key distribution Secret key (secure distribution) Public key (reliable distribution)
CSCE Farkas 19 Conventional (Secret Key) Cryptosystem Encryption Decryption Plaintext Ciphertext K SenderRecipient C=E(K,M) M=D(K,C) K needs secure channel
CSCE Farkas 20 Public Key Cryptosystem Encryption Decryption Plaintext Ciphertext SenderRecipient C=E(K pub,M) M=D(K priv,C) Recipient’s public Key (K pub ) Recipient’s private Key (K priv ) K pub needs reliable channel
Security Objectives Confidentiality Integrity Availability Authenticity Non-repudiation CSCE Farkas 21 How can cryptography support these objectives?
CSCE Farkas 22 Security Objectives Confidentiality: Hiding message/file content Secret key, public key encryption Integrity: Detecting modification Hash function Availability: Not much – hiding existence of data Secret key, public key encryption Authenticity: Verify origin Public key encryption Non-repudiation: Verify activity Public key encryption CSCE Farkas 22
CSCE Farkas 23 Cryptanalysis Cryptanalyst’s goal: Break message Break key Break algorithm
CSCE Farkas 24 Taxonomy of Attacks Ciphertext-only attack: attacker has ciphertext for messages encrypted with K. Deduce keys and/or plaintext messages. Known plaintext attack: attacker additionally knows the plaintext of the messages. Deduce keys or a decryption algorithm. Chosen plaintext attack: attacker can obtain the ciphertext for selected plaintext messages. Deduce as above. Chosen ciphertext attack: attacker can obtain decrypted (plaintext) versions of selected ciphertext. Deduce as above.
CSCE Farkas 25 Breakable versus Practically breakable Unconditionally secure: impossible to decrypt. No amount of ciphertext will enable a cryptanalyst to obtain the plaintext Computationally secure: an algorithm that is not breakable in practice based on worst case scenario Breakable: all algorithms (except one-time pad) are theoretically breakable
CSCE Farkas 26 What makes a good cryptosystem? A good cryptosystem is one whose security does not depend upon the secrecy of the algorithm. From Bruce Schneier: “Good cryptographers rely on peer review to separate the good algorithms from the bad. ''
CSCE Farkas 27 Secret Key Cryptosystem Encryption Decryption Plaintext Ciphertext K SenderRecipient C=E(K,M) M=D(K,C) K needs secure channel
CSCE Farkas 28 Secret Key Cryptosystem Vulnerabilities (1 Passive Attacker (Eavesdropper) Obtain and/or guess key and cryptosystem use these to decrypt messages Capture text in transit and try a ciphertext- only attack to obtain plaintext.
CSCE Farkas 29 Active Attacker Break communication channel (denial of service) Obtain and/or guess key and cryptosystem and use these to send fake messages Secret Key Cryptosystem Vulnerabilities
CSCE Farkas 30 Inherent Weaknesses of Symmetric Cryptography Key distribution must be done secretly (difficult when parties are geographically distant, or don't know each other) Need a key for each pair of users n users need n*(n-1)/2 keys If the secret key (and cryptosystem) is compromised, the adversary will be able to decrypt all traffic and produce fake messages
CSCE Farkas 31 Basic Encryption Techniques Substitution Permutation Combinations and iterations of these
CSCE Farkas 32 Next Class Substitution and Transposition Characterization of good encryption algorithms