INF 123 SW ARCH, DIST SYS & INTEROP

LECTURE 14Prof. Crista Lopes

Objectives Understanding threats to security in

decentralized systems Understanding basic mechanisms for

security on the Internet Firewalls SSL/TLS HTTPS

Decentralization No centralized authority to coordinate

and control entities Independent peers, with possibly

conflicting goals, interact with each other and make local autonomous decisions

Presence of malicious peers in open decentralized applications

Need for measures to protect peers against malicious attacks

Security “The protection afforded to an

automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications).” National Institute of Standards and

Technology

Security

Computer systems include the people using the computers.Many security threats exploit the human [good] nature.

Security Confidentiality

Preserving the confidentiality of information means preventing unauthorized parties from accessing the information or perhaps even being aware of the existence of the information. I.e., secrecy.

Integrity Maintaining the integrity of information means

that only authorized parties can manipulate the information and do so only in authorized ways.

Availability Resources are available if they are accessible by

authorized parties on all appropriate occasions.

Trust Who do you trust? For what functions? Trust is not a binary concept! Nor static!

If trust is high Security measures can be lowered

If trust is low Security measures must be ramped up

No trust Blind trust

Trust & Security What security measures? Security is not necessarily machine-

bound

Depending on many tradeoffs Security measures can be technological

Upon limited trust Security measures may be social

Punitive measures for breach of trustComputermeasures

Socialmeasures

Well-Known Threats Well-Known Solutions

Computer Security

Computer Security in Practice A never-ending game of

Vulnerability; Attack; Fix; Repeat

There’s no such thing as a completely secure system

Know your system’s goals and requirements, set security investment accordingly

Integrity of Computer Systems Firewalls

“part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices which is configured to permit or deny computer applications based upon a set of rules and other criteria.”

Basic task is to regulate some of the flow of traffic between computer networks of different trust levels.

Software and/or hardware

Firewalls: The problem Computers inside a local area network

(LAN) run applications that assume a high-level of trust within that LAN, but that trust does not hold wrt the rest of the Internet

Types of Firewalls Packet filters: Operate at UDP/TCP/IP level

Traffic filtering based on properties such as:Source IP address & port, Destination IP address & portApplication-level protocols, …

Application-layer Knowledge of services (WWW, FTP, Naspter) May have knowledge of users

On inspecting all packets for improper content, firewalls can restrict or prevent the spread of networked computer worms and trojans

Integrity Threat: Botnets

Bots are installed on victims’computers via unsuspectingacts like installing goodies,unziping files, etc.

Bots talk to master usingunsuspecting channels such asIRC, Twitter, IM, etc.

Very hard to fight

Confidentiality of Data Cryptography Steganography

On the Internet Secure Socket Layer / Transport Layer

Security HTTPS

Cryptography Encryption: converts human-parseable

information into unintelligible gibberish Decryption: the opposite Cypher: pair of algorithms for encrypting

and decrypting information

Ancient “art” used prominently in WWII

MD5 Hashes Message Digest algorithm 5 Transforms an arbitrary-length message

into a 128-bit value One way function

Used widely for everyday cryptography Proved not very secure, collisions

MD5 Hashes MD5("The quick brown fox jumps over the

lazy dog") = 9e107d9d372bb6826bd81d3542a419d6

MD5("The quick brown fox jumps over the lazy dog.") = e4d909c290d0fb1ca068ffaddf22cbd0

Typical MD5 use Password encryption for storage and

network Example: OpenSim passwords

http://beta.opensimulator.org/node/56

Dictionary Attack Attempt at deciphering passwords by

using words from a dictionary Brute-force or probabilistic

Given 9e107d9d372bb6826bd81d3542a419d6 Try MD5(words) and compare the hash

Dictionary Attack Counter-Measure Salts: append MD5(password) with an

arbitrary (long) number, and hash that Result = MD5(MD5(password) : salt) Need to keep the salt around for password

verification Example: OpenSim passwords

Main Lesson about Passwords Avoid transmitting and storing naked

passwords!

Next: transmitting confidential data over the Internet

Remember Wifi?

POST /wifi/login HTTP/1.1Hostname: …Content-Type: …Content-Length: …

METHOD=login&firstname=foo&lastname=bar&password=hereismypassword

Naked transmission!

Attacks Eavesdropping

Remember all routing that happens on the Internet

Man-in-the-middle Malicious server pretends to be target

server

Encryption of data JavaScript-encrypt before sending

Application overhead

Use Transport Layer Security (TLS)

SSL/TLS Extra pieces of transport-layer protocol

for negotiating cyphers and ensuring authentication of the server

Bottom line: Payload data is encrypted before sending,

decrypted upon reception

HTTPS = HTTP + SSL/TLS

POST /wifi/login HTTP/1.1Hostname: …Content-Type: …Content-Length: …

METHOD=login&firstname=foo&lastname=bar&password=hereismypassword

Unintelligible gibberish

HTTPS = HTTP + SSL/TLS https:// instead of http://

Uses port 443 by default instead of port 80