Professional Documents
Culture Documents
AremindingofformingGroupsquickly. TherewillbealecturenextMonday.
Finding the key of AES is four times easier than previously believed AES-128 is more like AES-126 the effort to recover a key is still huge: the number of steps to find the key for AES-128 is an 8 x 1037
Entity Authentication
Suppose some website wants you to believe they are really who they say they are, and they want you to encrypt data using their public key. How do they prove it? Digital certificate from CA
DatainanX.509Certificate(1)
VersionNo :Rangesbetween0and2 SerialNumber :Uniqueidentifyingnumber forthecertificate SignatureAlgorithm :Algorithmusedin signature. IssuerName :X.500nameofissuingCA ValidityPeriod :Theearliestandlatesttime thatthecertificateisvalidfor. SubjectName :Thenameoftheownerof thepublickeyinthecertificate.
DatainanX.509Certificate(2)
SubjectPublicKey :Thepublickeyofthe ownerofthecertificate,thealgorithmused andanyparameters. IssuerUniqueIdentifier :Optionalfieldwhich canbeusedtoidentifytheissuingCA SubjectUniqueIdentifier :Optionalfield whichcanbeusedtoidentifytheownerof thecertificate Extensions :InformationforX.509ver 3 Signature :DigitalSignatureoftheCA
How can A let B know, the certificate really has As public key?
UsingaCertificate
Characteristicsofcertificatesgenerated byCA:
AnyBwithaccesstoCAspublickeycan verifyAspublickeythatwascertified. NopartyotherthantheCAcanmodifythe certificatewithoutthisbeingdetected.
ApplicationsUsingX.509PublicKey Certificates
SomeoftheprotocolsthatuseX.509certificatesare: S/MIME(secureMIMEMultipurpose Internet Mail Extensions usedforsecureemail) IPSecurity(IPSecusedforsecureconnectionsat theIPlayer) SSL/TLS(SecureSocketsLayer/TransportLayer Security usedforsecureWebtransactions)this isthemostpubliclyvisibleuseofX.509 certificates SET(SecureElectronicTransactions alsoused forsecureWebtransactions)
CertificateRevocation
EachCertificatehasavalidityperiod. Ifnoproblemwiththecertificate(andthe ownerofthecertificatehaspaidthe requisitefeetotheCA)thenthecertificate canberenewed. CAsmustprovidealistofrevoked certificates.Theydonotprovidelistsof expiredcertificates.
ReasonsforCertificateRevocation
Canoccurbecauseofanumberofreasons: Theownerofthecertificatehashadtheirprivate keycompromised. TheCAisnolongerwillingtocertifytheownerof thecertificate. TheCAsprivatekey(whichverifiestheCAs digitalsignature)hasbeencompromised.
RealCertificateAuthorities
TherearealotofCAs.anduserstendtobuythe productsandservicesofCAsbasedintheirowncountry. WithrespecttothesubmarketforSSLcertificatesfor websites,themarketismoreunified.ThemainCAsand thepercentageoftheirmarketshareare:
Thawte Verisign Geotrust Comodo GoDaddy ThawtehasrecentlytakenoverVerisignand Geotrust.Togetherthesethreefirmshaveabout 57%ofthemarket.ComodoandGoDaddyhave 8%and6%respectively
Source:wikipedia CertificateAuthorities
ComparingKerberosandX.509
Kerberosisidealforuseinsidealargenetwork. Kerberosisnotsuitableasanauthentication systemfortheentireinternetasconfiguration involvessettingupadatabaseofusers. X.509Certificateisidealforauthenticationand keyexchangeovertheentireinternet butdue tosheernumbersahierarchyofCAsisrequired.
Intruders
Three classes of intruders. One set of definitions (which we will use in this course) comes from Anderson (1980) : Masquerader Misfeasor Clandestine user
http://csrc.nist.gov/publications/history/ande80.pdf Computer Security Threat Monitoring and surveillance
Intruders
Masquerader : an individual who is not authorised to use the computer and who penetrates a systems access controls to exploit a legitimate users account. (usually an outsider) Misfeasor : a legitimate user who accesses data, programs or resources they are not authorised to use. (generally an insider) Clandestine User : An individual who seizes supervisory control of a system. (can be an outsider or an insider) No clear-cut!
Intrusion Techniques
System maintains a file that associates a password with each authorised user. In all modern systems, the default behaviour is to have the password file protected. Password file can be protected with: One-way encryption Access Control The idea is that you dont want many people able to read the password file!
Prevention: Enforce good password selection a mixture of upper and lower case letters plus numbers plus some punctuation/special characters. (Ij4Gf4Se%f#)
the network to: locate which IP addresses are in use, what operating system is in use, what TCP or UDP ports are open (being listened to by Servers).
2. Run Exploit scripts against open ports in an attempt to gain access. 3. Once access has been gained, go through the stages of network intrusion as stated in previous slide.
IDS project
Intrusion Detection
There are two broad approaches to intrusion detection:
Statistical anomaly detection Rule based detection Lets look at each of these separately
Gauge
Number of logical connections assigned to a user app. Number of outgoing connections assigned to a user app. Or process.
Interval Timer
Length of time between 2 related events such as successive logins
Resource Utilisation
Number of pages printed during a session Time used by a program
Mean and Standard Deviation Multivariate Markov Process Time Series Operational
Honeypots
A honeypot is a system deliberately set up to attract intruders. Honeypots are designed to: Divert an attacker from attacking critical systems Collect information about the attackers activity Encourage attackers to stay on the system long enough to for administrators to respond. Can also be used for research into hacking techniques.
Password Protection
On many systems a user ID and Password is necessary to access the system. The password authenticates the user ID. The ID provides security by :
Restricting users of the system to those who have IDs Determining what privileges a user with a certain ID has. Individual users can use discretionary access control to grant permission to selected other users to read, write and execute files.
Vulnerability of Password
Two dimensions increase the security of passwords. These are the length of the password and the range of characters used. The graphic on the next slide shows the interrelationship between the two.
Password Strength
Password Research
There has been some research on the passwords people choose. For example, the table below shows the distribution of the length of passwords at a very large network with 7,000 accounts (Purdue University 1992)
Password Generation
There are a number of approaches to password generation Computer-generated passwords these work but have a poor record of acceptance by users. Reactive password checking the system periodically tries to crack the passwords of users on the system. All cracked passwords are cancelled and the user notified. Proactive password checker this scheme allows the user to create their own password, but checks it for strength. Sophisticated proactive password checkers may use a Markov Model or Bloom Filter.