cs cs 134 134 fa fall2016 mi midterm rm re review
play

CS CS 134 134 Fa Fall2016 Mi Midterm rm Re Review 1 Co - PowerPoint PPT Presentation

CS CS 134 134 Fa Fall2016 Mi Midterm rm Re Review 1 Co Comp mputer r Se Securi rity: y: Th The Ca Cast of of C Characters Your Computer/Phone/Tablet Attacker or Adversary Your data: financial, health records, intellectual


  1. CS CS 134 134 Fa Fall2016 Mi Midterm rm Re Review 1

  2. Co Comp mputer r Se Securi rity: y: Th The Ca Cast of of C Characters Your Computer/Phone/Tablet Attacker or Adversary Your data: financial, health records, intellectual property … Can be: individuals, organizations, nations … 2

  3. Ne Network S Secu curity: Th The Cast of of Ch Characters communication channel Bob Alice Eve(sdropper) 3

  4. Te Terminology (Cr (Cryp yptogr graphy) y) • Cryptology, Cryptography, Cryptanalysis • Cipher, Cryptosystem, Encryption scheme • Encryption/Decryption, Encipher/Decipher • Privacy/Confidentiality, Authentication, Identification • Integrity • Non-repudiation • Freshness, Timeliness, Causality • Intruder, Adversary, Interloper, Attacker • Anonymity, Unlinkability/Untraceability 4

  5. Te Terminology (S (Security) ) • Access Control & Authorization • Accountability • Intrusion Detection • Physical Security • Tamper-Resistance • Certification & Revocation 5

  6. At Attacks, Services and Mechanisms • Security Attack: Any action (or event) that aims to compromise (undermine) the security of information • Security Mechanism: A measure (technique or method) designed to detect, prevent, or recover from, a security attack • Security Service: something that enhances the security of data processing systems and information transfers. A “security service” makes use of one or more “security mechanisms” • Example: – Security Attack: Eavesdropping (Interception) – Security Mechanism: Encryption – Security Service: Confidentiality 6

  7. Se Securi rity Attacks • Interruption: attack on availability • Interception: attack on confidentiality • Modification: attack on integrity • Fabrication: attack on authenticity 7

  8. Ma Main Se Securi rity Goals Confidentiality Authenticity Integrity Availability 8

  9. Security Th Threats: Th Threat vs Attack? By Injection By Deletion 9

  10. Ex Exampl ple Secur urity y Services • Confidentiality: to assure information privacy and secrecy • Authentication: to assert who created or sent data • Integrity: to show that data has not been altered • Access control: to prevent misuse of resources • Availability: to offer access to resources, permanence, non- erasure Examples of attacks on Availability: – Denial of Service (DoS) Attacks • e.g., against a name server – Malware that deletes or encrypts files 10

  11. So Some me Me Methods of Defense • Cryptography à confidentiality, authentication, identification, integrity, etc. • Software Controls (e.g., in databases, operating systems) à protect users from each other • Hardware Controls (e.g., smartcards, badges) à authenticate holders (users) • Policies (e.g., frequent password changes, separations of duty) à prevent insider attacks • Physical Controls (doors, guards, etc.) à control physical access 11

  12. Cryp Cr yptography y can be use sed at di differ eren ent level els • Algorithms: encryption, signatures, hashing, Random Number Generator (RNG) • Protocols (2 or more parties): key distribution, authentication, identification, login, payment, etc. • Systems: electronic cash, secure filesystems, smartcards, VPNs, e-voting, etc. • Attacks: on all the above 12

  13. Ty Types of Attainable Security • Perfect, unconditional or “information theoretic”: the security is evident free of any (computational/hardness) assumptions • Reducible or “provable”: security can be shown to be based on some common (often unproven) assumptions, e.g., the conjectured difficulty of factoring large integers • Ad hoc: the security seems good often -> “snake oil”… Take a look at: http://www.ciphersbyritter.com/GLOSSARY.HTM 13

  14. So Some me Applications of Cr Cryptography • Network, operating system security • Protect Internet, phone, space communication • Electronic payments (e-commerce) • Database security • Software/content piracy protection • Pay TV (e.g., satellite) • Military communications • Voting 14

  15. His Historic ical al (Prim imitiv itive) e) Cipher iphers • Shift (e.g., Caesar): Enc k (x) = x+k mod 26 • Affine: Enc k1,k2 (x) = k1 *x + k2 mod 26 • Substitution: Enc perm (x) = perm(x) • Vigenere: Enc K (x) = ( X[0]+K[0], X[1]+K[1], … ) • Vernam: One-Time Pad (OTP) 15

  16. VE VERNAM One-Ti Time Pad (OTP TP): Wo World’s Best Cipher = Plaintext { p ,..., p } - 0 n 1 = One - time pad stream { otp ,..., otp } - 0 n 1 = Ciphertext { c ,..., c } - 0 n 1 where : = Å " < < c p otp 0 i n i i i = Å C A B Å = C B A 16

  17. VE VERNAM One-Ti Time Pad (OTP TP): Wo World’s Best Cipher Vernam offers perfect information-theoretic • security, but: How long does the OTP keystream need to be? • How do Alice and Bob exchange the keystream? • 17

  18. Cryptosystems Classified along three dimensions: • Type of operations used for transforming plaintext into ciphertext – Binary arithmetic: shifts, XORs, ANDs, etc. • Typical for conventional encryption – Integer arithmetic • Typical for public key encryption • Number of keys used – Symmetric or conventional (single key used) – Asymmetric or public-key (2 keys: 1 to encrypt, 1 to decrypt) • How plaintext is processed: – One bit at a time – A string of any length – A block of bits 18

  19. Co Conventional (S (Symme ymmetri ric) ) Cr Cryp yptography K AB K AB decryption encryption ciphertext plaintext plaintext algorithm algorithm m m = K ( ) K (m) K (m) AB AB AB • Alice and Bob share a key K AB which they somehow agree upon (how?) • key distribution / key management problem • ciphertext is roughly as long as plaintext • examples: Substitution, Vernam OTP, DES, AES 19

  20. Us Uses es of Conven entio tional al Cryptograp aphy • Message transmission (confidentiality): • Communication over insecure channels • Secure storage: crypt on Unix • Strong authentication: proving knowledge of a secret without revealing it: • See next slide • Eve can obtain chosen <plaintext, ciphertext> pair • Challenge should be chosen from a large pool • Integrity checking: fixed-length checksum for message via secret key cryptography • Send MAC along with the message MAC=H(m,K) 20

  21. Challenge-Re Ch Response Authentication Ex Exampl ple K AB K AB r a challenge K AB (r a ) challenge reply r b challenge K AB (r b ) challenge reply 21

  22. Co Conventional Cr Cryp yptography Advantages • high data throughput • relatively short key size • primitives to construct various cryptographic • mechanisms Disadvantages • key must remain secret at both ends • key must be distributed securely and efficiently • relatively short key lifetime • 22

  23. Generic Example of Block k Encryp yption 20

  24. Cl Classi ssic Fe Feistel Ne Network “Round Keys” are generated from original key via subkey generation algorithm 24

  25. Fe Feistel Ci Cipher St Stru ructure • Block Size: larger block sizes mean greater security • Key Size: larger key size means greater security • Number of Rounds: multiple rounds offer increasing security • Subkey Generation Algorithm: greater complexity will lead to greater difficulty of cryptanalysis • Fast Software En/De-cryption: speed of execution of the algorithm becomes a concern 25

  26. Bl Block k Ci Ciphers • Originated with early 1970's IBM effort to develop banking security systems • First result was Lucifer, most common variant has 128- bit key and block size • Was not secure in any of its variants • Called a Feistel or product cipher • F()-function is a simple transformation, does not have to be reversible • Each step is called a round; the more rounds, the greater the security (to a point) • Most famous example of this design is DES 26

  27. Co Conventional Enc Encryp yption St Standard • Data Encryption Standard (DES) • Most widely used encryption method (AES is probably taking over by now) • Block cipher (in native ECB mode) • Plaintext processed in 64-bit blocks • Key is 56 bits 27

  28. Da Data E a Encr cryptio ion S Stan andar ard ( (DE DES) Su Summa mmary • Permutation/substitution block cipher • DES “aging” • 64-bit data blocks • 2-DES: rendezvous attack • 56-bit keys (8 parity bits) • 3-DES: 112-bit security • 16 rounds (shifts, XORs) • DESx : 118-bit security • Key schedule • S-box selection secret … 46

  29. Ba Basi sic St Stru ructure of of DE DES 26

  30. Enc Encryp yption vs vs De Decr cryptio ion in in DE DES 30

  31. DES S DE System Encryption Process Key Schedule 64 Bit Plaintext 64 Bit Key Initial Permutation Permutation Choice 1 Building 32 Bit L 0 32 Bit R 0 56 Bit Key Blocks + F(R 0 ,K 1 ) 28 Bit C 0 28 Bit D 0 Left Shift Right Shift 32 Bit L 1 32 Bit R 1 K 1 (48 bits) C 1 D 1 32 Bit L 15 32 Bit R 15 Permuted Choice 2 + F(R 15 ,K 16 ) C 16 D 16 K 16 (48 bits) 32 Bit L 16 32 Bit R 16 Permuted Choice 2 Final Permutation 64 Bit Ciphertext 27

Recommend


More recommend