Presentation is loading. Please wait.

Presentation is loading. Please wait.

Engineering Secure Software. Recap  Symmetric key: Benefit: fastest, mathematically the strongest Drawback: distributing the keys  Public key: Benefit:

Published byJeffry Curtis Modified over 8 years ago

Similar presentations

Presentation on theme: "Engineering Secure Software. Recap  Symmetric key: Benefit: fastest, mathematically the strongest Drawback: distributing the keys  Public key: Benefit:"— Presentation transcript:

1 Engineering Secure Software

2 Recap  Symmetric key: Benefit: fastest, mathematically the strongest Drawback: distributing the keys  Public key: Benefit: Easier to distribute the keys Drawback: Trusting public keys is tricky

3 SSL: Secure Sockets Layer  SSL (and TLS) are the public-key encryption standards today Protocols suffixed with “s” : https, ftps, etc. Another algorithm implementation best left to the experts  Untrusted public keys? For ~$30/year, you too can get your public key signed!! ○ Seriously, this is how it works ○ e.g. Verisign & GoDaddy are “ceritificate authorities” (CA) ○ Thus, trust the public key != trust the website Self-signed certificate? ○ Not usually a good idea to accept them, but… ○ If the key changes, you will be alerted ○ So you only need to trust the server once

4 Pretty Good Privacy  An open protocol created in 1991 Primarily used for email encryption today Very popular in open source culture  Combines symmetric-key and public-key cryptography Symmetric is much faster and harder to crack than public-key Use public-key to distribute the symmetric key Untrusted recipient now has your symmetric key? ○ One-time symmetric key only ○ Use a secure PRNG to generate symmetric keys

5 PGP Web of Trust  How do you trust PGP public keys? There are no PGP “Certificate Authorities” Public key databases are open  How do you know that the food you’re eating is disease-free? ○ You trust the grocery store, who trusts the distributors, who trust the farmers ○ FDA is also a trusted third party ○ But, when you trust the farmers directly, you trust their food more  In the same way, PGP incentivizes short trust chains Each person can “sign” someone else’s key, connecting you to them in the web of trust Each “hop” diminishes the trust of a given public key You Grocery Store Distributor Farmers

6 PGP Mean Shortest Distance  How trusted should this key be? Geodesic paths (shortest paths) Compare the mean geodesic distance to the entire network mean “Closeness” in social network analysis  Relatively trusted by the community? Many will trust you You are trusted by people who trust you  Low MSD? Not as relatively trusted Fewer people trust you Then less-trusted people trust you

7  Alt text: if you want to be extra safe, check that there's a big block of jumbled characters at the bottom.  http://xkcd.com/1181/

8 Cryptanalysis  Definition: “the analytic investigation of an information system with the goal of illuminating hidden aspects of that system” [NSA.gov]  In other words: breaking cryptography  Comes in many forms Brute force attacks Theoretical/Algorithmic weaknesses Side-channel attacks

9 Side Channel Attacks  Side channel Information emitted from a physical implementation of a cryptosystem  Side channel vulnerabilities are mutually exclusive from algorithmic vulnerabilities Although coding vulnerabilities can lead to side channel attacks  e.g. Password fields obscure the text to prevent someone from looking over your shoulder  e.g. Keeping the sticky on your monitor

10 Timing attacks  Use the timing of an operation to gain information  e.g. computing large prime numbers for SSL Constant concern for OpenSSL CVE-2013-0169 “Square and multiply” algorithm  e.g. timing for checking for a password  e.g. cache-hit vs. cache-miss on a sensitive record

11 Data Remanence  Deleted data is not always deleted Hard drives release the memory, but it’s not necessarily overwritten Magnetic fields can remain even after it’s been overwritten  Many, many creative ways to do this… Freezing RAM with liquid nitrogen Hibernation files Core dumps

12 So many more…  Power monitoring attacks Can predict which branch of an if-statement was taken by monitoring power Particularly nasty on embedded devices Even AES can be broken this way  Acoustic analysis of hard drive sounds  “Chatter” - even the known existence of encrypted communication can be useful information

13 Lessons from Side Channels  Okay, so what? Can we even do anything about this? What must software engineers do?  Lesson 1: Identify your side channels Network chatter, timing, power, etc.  Lesson 2: You have not identified all of your side channels  Lesson 3: Better testing Realistic production environments Third-party testers with security experience

14 Keeping Up  Networking & crypto algorithms are constantly changing New networking protocols, new models Broken crypto algorithms  You will need to keep up with the news on algorithms Organizations: CWE, OWASP Bloggers & Researchers ○ Bruce Schneier: http://www.schneier.com/http://www.schneier.com/ ○ Steve Gibson: http://www.grc.com/news.htmhttp://www.grc.com/news.htm ○ Gary McGraw: www.cigital.com, IEEE Privacy & Securitywww.cigital.com

Download ppt "Engineering Secure Software. Recap  Symmetric key: Benefit: fastest, mathematically the strongest Drawback: distributing the keys  Public key: Benefit:"

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication E-Mail Security E-Mail Security Secure Sockets Layer Secure.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 4: Modern Cryptography

Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 4: Modern Cryptography
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Cryptography Basic (cont)

Cryptography Basic (cont)
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Similar presentations

Ads by Google