security chapters 14,15. the security environment threats security goals and threats
Post on 19-Dec-2015
238 views
TRANSCRIPT
![Page 1: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/1.jpg)
Security
Chapters 14,15
![Page 2: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/2.jpg)
The Security EnvironmentThreats
Security goals and threats
![Page 3: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/3.jpg)
Basics of Cryptography
Relationship between the plaintext and the ciphertext
![Page 4: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/4.jpg)
• Monoalphabetic substitution– each letter replaced by different letter
• Given the encryption key, – easy to find decryption key
• Secret-key crypto called symmetric-key crypto
Secret-Key Cryptography
![Page 5: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/5.jpg)
Public-Key Cryptography
• All users pick a public key/private key pair– publish the public key– private key not published
• Public key is the encryption key– private key is the decryption key
![Page 6: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/6.jpg)
RSA Encryption To find a key pair e, d: 1. Choose two large prime numbers, P and Q (each greater than 10100), and
form:N = P x Q Z = (P–1) x (Q–1)
2. For d choose any number that is relatively prime with Z (that is, such that d has no common factors with Z).
We illustrate the computations involved using small integer values for P and Q:
P = 13, Q = 17 –> N = 221, Z = 192 d = 5
3. To find e solve the equation:e x d = 1 mod Z
That is, e x d is the smallest element divisible by d in the series Z+1, 2Z+1, 3Z+1, ... .
e x d = 1 mod 192 = 1, 193, 385, ...385 is divisible by de = 385/5 = 77
![Page 7: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/7.jpg)
RSA Encryption (contd.)
To encrypt text using the RSA method, the plaintext is divided into equal blocks of length k bits where 2k < N (that is, such that the numerical value of a block is always less than N; in practical applications, k is usually in the range 512 to 1024).
k = 7, since 27 = 128 The function for encrypting a single block of plaintext M is: (N = P X Q = 13X17 =
221), e = 77, d = 5:E'(e,N,M) = Me mod Nfor a message M, the ciphertext is M77 mod 221
The function for decrypting a block of encrypted text c to produce the original plaintext block is:
D'(d,N,c) = cd mod NThe two parameters e,N can be regarded as a key for the encryption function, and
similarly d,N represent a key for the decryption function. So we can write Ke
= <e,N> and Kd = <d,N>, and we get the encryption function: E(Ke, M) ={M}K (the notation here indicating that the encrypted message can be
decrypted only by the holder of the private key Kd) and D(Kd, ={M}K ) = M.
<e,N> - public key, d – private key for a station
![Page 8: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/8.jpg)
Application of RSA
• Lets say a person in Atlanta wants to send a message M to a person in Buffalo:
• Atlanta encrypts message using Buffalo’s public key B E(M,B)
• Only Buffalo can read it using it private key b: E(b, E(M,B)) M
• In other words for any public/private key pair determined as previously shown, the encrypting function holds two properties:– E(p, E(M,P)) M– E(P, E(M,p)) M
![Page 9: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/9.jpg)
How can you authenticate “sender”?
• In real life you will use signatures: we will look at concept of digital signatures next.
• Instead of sending just a simple message, Atlanta will send a signed message signed by Atlanta’s private key:– E(B,E(M,a))
• Buffalo will first decrypt using its private key and use Atlanta’s public key to decrypt the signed message:– E(b, E(B,E(M,a)) E(M,a)– E(A,E(M,a)) M
![Page 10: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/10.jpg)
SSH protocol
• ssh (SSH client) is a program for logging into a remote machine and for executing commands on a remote machine.
• Provides secure encrypted communications between two untrusted hosts over an insecure network.
• X11 connections , arbitrary TCP/IP ports and SFTP can also be forwarded over the secure channel.
![Page 11: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/11.jpg)
SSH with RSA
• ssh supports RSA based authentication. The scheme is based on public-key cryptography: there are cryptosystems where encryption and decryption are done using separate keys, and it is not possible to derive the decryption key from the encryption key.
• RSA is one such system. The idea is that each user creates a public/private key pair for authentication purposes.
![Page 12: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/12.jpg)
SSH (contd.)
• The server knows the public key, and only the user knows the private key.
• The file $HOME/.ssh/authorized_keys lists the public keys that are permitted for logging in.
• When the user logs in, the ssh program tells the server which keypair it would like to use for authentication.
• The server checks if this key is permitted, and if so, sends the user
(actually the ssh program running on behalf of the user) a challenge, a random number, encrypted by the user's public key.
• The challenge can only be decrypted using the proper private key. • The user's client then decrypts the challenge using the private key,
proving that he/she knows the private key but without disclosing it to the server.
![Page 13: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/13.jpg)
More uses of SSH
• Password-less access:• The user creates his/her RSA key pair by running ssh-keygen(1).
• This stores the private key in $HOME/.ssh/identity and
the public key in $HOME/.ssh/identity.pub in the user's home directory.
• The user should then copy the identity.pub to $HOME/.ssh/authorized_keys in his/her home directory on the remote machine (the authorized_keys file corresponds to the conventional $HOME/.rhosts file, and has one key per line, though the lines can be very long).
• After this, the user can log in without giving the password.
![Page 14: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/14.jpg)
Digital Signatures
• Strong digital signatures are essential requirements of a secure system. These are needed to verify that a document is:
• Authentic : source• Not forged : not fake• Non-repudiable : The signer cannot credibly
deny that the document was signed by them.
![Page 15: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/15.jpg)
Digest Functions
• Are functions generated to serve a signatures. Also called secure hash functions.
• It is message dependent.
• Only the Digest is encrypted using the private key.
![Page 16: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/16.jpg)
Alice’s bank account certificate
1. Certificate type: Account number2. Name: Alice3. Account: 62626264. Certifying authority: Bob’s Bank5. Signature: {Digest(field 2 + field 3) }Kbpr iv
![Page 17: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/17.jpg)
Digital signatures with public keys
{h}Kpri
M
Signing
Verifying
E(Kpri , h)
128 bits
H(M) h
M
hH(doc)
D(Kpub ,{h}) {h}Kpri h'
h = h'?
M
signed doc
![Page 18: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/18.jpg)
Low-cost signatures with a shared secret key
M
Signing
Verifying
H(M+K) h
h'H(M+K)
h
h = h'?
K
M
signed doc
M
K
![Page 19: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/19.jpg)
One-Way Functions
• Function such that given formula for f(x)
– easy to evaluate y = f(x)
• But given y
– computationally infeasible to find x
![Page 20: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/20.jpg)
Digital Signatures
• Computing a signature block
• What the receiver gets
(b)
![Page 21: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/21.jpg)
Protection Mechanisms Protection Domains (1)
Examples of three protection domains
![Page 22: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/22.jpg)
Protection Domains (2)
A protection matrix
![Page 23: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/23.jpg)
Protection Domains (3)
A protection matrix with domains as objects
![Page 24: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/24.jpg)
Access Control Lists (1)
Use of access control lists of manage file access
![Page 25: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/25.jpg)
Access Control Lists (2)
Two access control lists
![Page 26: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/26.jpg)
Capabilities (1)
Each process has a capability list
![Page 27: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/27.jpg)
• Cryptographically-protected capability
• Generic Rights1. Copy capability
2. Copy object
3. Remove capability
4. Destroy object
Capabilities (2)
Server Object Rights f(Objects, Rights, Check)
![Page 28: Security Chapters 14,15. The Security Environment Threats Security goals and threats](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d395503460f94a1286d/html5/thumbnails/28.jpg)
Summary
• We studied fundamental concepts in security and protection.
• Public key infrastructure is foundational many transformational features and applications on the (internet) and the web.