Computer Security and Cryptography - PowerPoint PPT Presentation

Loading...

PPT – Computer Security and Cryptography PowerPoint presentation | free to view - id: 8a54-NmU5N



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Computer Security and Cryptography

Description:

Technology Hacks. Design deficiencies and other vulnerabilite ... Software hacks. Second channel attacks. RFID issues. Cell phone vulnerabilities. Grocery cards? ... – PowerPoint PPT presentation

Number of Views:406
Avg rating:3.0/5.0
Slides: 69
Provided by: zmke
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Computer Security and Cryptography


1
Computer Security and Cryptography
Partha Dasgupta, Arizona State University
2
Not just hype paranoia
  • Internet hosts are under constant attack
  • Financial losses are mounting
  • Miscreants are getting smarter
  • (and so are consumers)
  • National Security risks were stated and then
    underplayed
  • Data loss threatens normal users, corporations,
    financial institutions, government and more
  • Questions
  • HOW? WHY? and What can we do?

3
Overview
  • Part 1 Security Basics
  • Part 2 Attacks and Countermeasures
  • Part 3 Cryptography
  • Part 4 Network Security
  • Part 5 System Security

4
Part 1 Security Basics
  • Computer and Network Security basics
  • Hacking
  • Attacks and Risks
  • Countermeasures
  • Secrets and Authentication
  • Paranoia

5
Computer and Network Security
  • Keep computers safe from program execution that
    is not authorized
  • Keep data storage free from corruption
  • Keep data storage free from leaks
  • Keep data transmissions on the network private
    and un-tampered with
  • Ensure the authenticity of the transactions (or
    executions)
  • Ensure that the identification of the human,
    computer, resources are established
  • With a high degree of confidence
  • Do not get stolen, misused or misrepresented

6
Hacking or Cracking
  • Plain old crime
  • Phone Phreaking
  • Credit cards, the old fashioned way
  • Technology Hacks
  • Design deficiencies and other vulnerabilite
  • ATM, Coke Machines, Credit Cards, Social
    Engineering
  • Software hacks
  • Second channel attacks
  • RFID issues
  • Cell phone vulnerabilities
  • Grocery cards?

7
Attacks and Risks
  • Attacks
  • An attack is a method that compromises one or
    more of- privacy (or confidentiality)- data
    integrity- execution integrity
  • Attacks can originate in many ways
  • System based attacks
  • Network based attacks
  • Unintended Consequences
  • Risk a successful attack leads to compromise
  • Data can be stolen, changed or spoofed
  • Computer can be used for unauthorized purposes
  • Identity can be stolen
  • RISK can be financial

8
Attack Types
  • System based attacks
  • Virus, Trojan, rootkit
  • Adware, spyware, sniffers
  • A program has potentially infinite power
  • Can execute, spawn, update, communicate
  • Can mimic a human being
  • Can invade the operating system
  • Network based attacks
  • Eavesdropping
  • Packet modifications, packet replay
  • Denial of Service
  • Network attacks can lead to data loss and system
    attacks

9
Countermeasures
  • System Integrity Checks
  • Virus detectors
  • Intrusion detection systems
  • Software signatures
  • Network Integrity checks
  • Encryption
  • Signatures and digital certificates
  • Firewalls
  • Packet integrity, hashes and other cryptographic
    protocols
  • Bottom Line
  • We have an arsenal for much of the network
    attacks
  • System security is still not well solved

10
What is at Risk?
  • Financial Infrastructure
  • Communication Infrastructure
  • Corporate Infrastructure
  • Confidentiality and Privacy at many levels
  • Economy
  • Personal Safety

11
The Shared Secret Fiasco
  • Our authentication systems (personal, financial,
    computing, communications) are all based on
    shared secrets
  • ID numbers, Account numbers, passwords, SS, DOB
  • When secrets are shared, they are not secrets
  • They will leak!
  • Given the ability of computers to disseminate
    information, all shared secret schemes are at
    extreme risk
  • Media reports of stolen data is rampant
  • The Fake ATM attack
  • The check attack
  • The extortion attack

12
How do secrets leak?
  • Malicious reasons
  • Simple mistakes
  • Oversight
  • Bad human trust management
  • Bad computer trust management
  • Nothing can go wrong
  • Please believe in Murphy!

13
Keeping Secrets?
  • Simple answer, not possible.
  • Encryption is good, but data has to be
    unencrypted somewhere
  • Disappearing Ink?
  • Use paper based documents, not scanned.
  • Public Key Encryption has much promise (PKI
    systems)
  • Shared secrets need to be eliminated as much as
    possible
  • Separate out of band communications
  • Phone, postal mail, person-to-person

14
Authentication
  • Shared secrets are used for authentication
  • Username/passwords
  • Multi-factor authentication
  • What you know
  • What you have
  • What you are, what you can do.
  • Most of the authentication methods are quite
    broken
  • Designed when networking was not around
  • PKI systems are better, but not deployed
  • Too many false solutions (dangerous, gives a
    feeling of security)

15
Passwords
  • The password is known to the host and the client
  • Under some password schemes the host does not
    know the password (e.g. Unix)
  • Passwords can leak from host or from client
  • Same password is used for multiple sites
  • Password managers are not too effective
  • Good passwords are not as good as you think
  • Invented for a completely different purpose,
    using passwords on the web, even with SSL
    encryption, is a bad idea

16
False Solutions
  • Biometrics
  • A digital bit string, or password that cannot be
    changed
  • Plenty of attacks possible, including framing
  • RFID identification
  • Plenty of attacks possible
  • Multi-Factor authentication
  • Better, but still not good
  • Smart cards (the not-so-smart ones)
  • Again, based on shared secrets, have attacks and
    limitations

17
Paranoia?
  • A large number of computers (consumer, business)
    are compromised or used for fraud
  • Viral infections, zombies
  • Many web servers are for fraudulent reasons
  • Spam is an indicator
  • Unprecedented lying, cheating
  • Adware, popups, spyware
  • All attempting to mislead, steer, and victimize
  • Identity theft, financial theft, cheating
  • Probably at an all time high
  • Security Awareness is often coupled with paranoia
  • It is necessary to be paranoid!

18
What is the point of an attack?
  • Get your shared secrets for financial gain
  • Espionage
  • Disruption

PersonalCorporateFinancialSystem Identification
19
Computer Security
  • Software needs to be verifiably untampered and
    trusted
  • Networks need to be free from tampering/sniffing
  • Data has to be secure from stealing and tampering
  • End user protection
  • A coalescing of software, hardware and
    cryptography along with human intervention and
    multi-band communication.

20
Part 2 Attacks and Countermeasures
  • Vulnerabilities
  • System Attacks
  • Virus, Trojan, Worm
  • Buffer overflow
  • Rootkit
  • Zombies
  • Web based attacks
  • Network Attacks
  • Eavesdropping
  • Man-in-the-middle
  • Denial of service
  • Authentication attacks
  • Pharming, RATS
  • Social Engineering Attacks

21
The Attackers
  • Script kiddies
  • Hackers
  • Would-be hackers
  • Crackers
  • Industrial espionage
  • Elite Blackhat
  • A whitehat attacks too, but for the purpose of
    securing systems

22
Vulnerabilities
  • Vulnerabilities are weak spots
  • Hard to spot, hard to predict
  • Can exist in any complex system
  • Human vulnerabilities
  • Greed, friendship, attraction, guilt.. much more
  • System Infrastructure Vulnerabilities
  • process has holes, laws have loopholes
  • Software Vulnerabilities
  • Bad code, bad design, unforeseen problems
  • Hardware Vulnerabilities
  • Failures, faulty design

23
Vulnerability Origins
  • Too many to reason about
  • Bad design
  • Use of shared secrets
  • Humans do not comprehend large systems
  • Permutation is not what we do best
  • A set of ways to do things some thinking on the
    part of a miscreant..
  • The Windows Vista Audio Attack

24
Examples
  • Coke machine hack
  • http//youtube.com/watch?vTBgHH8ZmB_s
  • ATM hack
  • The video disappeared
  • security via obscurity
  • SQL Injection
  • http//youtube.com/watch?vMJNJjh4jORY
  • WiFi range extender?
  • http//youtube.com/watch?vLY8Wi7XRXCA

25
More Problems
  • Lack of transparency to humans
  • Windows registry
  • Feature Creep
  • Lack of adequate Idiot Proofing
  • Counterintuitive?
  • Ease of use is paramount
  • Now we know, but its too late.
  • Lack of end-user understanding of vulnerable
    operations and situations

26
Malware
  • Malware is just one problem, but a major
    problem
  • How does it work?
  • How does it get there?
  • What can it do?
  • The OS is supposed to prevent such external
    attacks
  • Does not work
  • Not in our lifetimes, will these problems get
    fixed

27
Virus-Trojans-Worms
  • Malware software that causes harm
  • All software is capable of causing harm
  • Can perform any computations on a computer
  • Can reproduce
  • BUT How did it get to the host machine
  • Easy Methods
  • Social engineering
  • Trojans
  • Harder methods
  • Vulnerability exploits
  • Buffer overflows

28
The Ultimate Trojan
  • Reflections on Trusting Trust -- Ken Thompson,
    Turing Award Lecture 1984
  • How to break into Unix?
  • Write custom login program
  • Write custom compiler
  • Write even more custom compiler
  • Now the goose is cooked
  • A trojan that lives forever and can never be
    disabled?

29
Nothing can be trusted
  • From login programs to compilers to bootstraps
    maybe extending to microcode
  • The moral is obvious. You can't trust code that
    you did not totally create yourself.
  • No amount of source-level verification or
    scrutiny will protect you from using untrusted
    code..
  • A well installed microcode bug will be almost
    impossible to detect.
  • KEN THOMPSON
  • Since 1984, we know Software cannot be trusted.
  • Yet we do!

30
Trusted Software
  • We have to trust software
  • No choice
  • We have to acquire software from reliable
    sources
  • Insider attacks happen
  • We have to check the software regularly
  • Virus detectors are not the answer
  • All software have vulnerabilities
  • Operating systems, applications, servers,
    compilers and so on
  • Vulnerabilities can be exploited by attackers
  • Buffer overflow is the major attack, there are
    many more

31
Buffer Overflow
  • Reading input data causes overwriting of some
    data already on the system
  • Stack smashing
  • Heap smashing
  • Data changing
  • Calling existing routines with different
    parameters
  • Can be installed form network communications or
    from a data file
  • Result Easy to install viruses without
    intervention from the user.

32
Details of Buffer Overflow
  • foo()Int a3 read n i 0 do n times
    read(ai) i

a0
a1
a2
Return address
33
What is vulnerable to Buffer Overflow?
  • Network connections
  • Structured files
  • User inputs
  • Scripts
  • All software contain vulnerabilities (just have
    not been discovered yet)

34
After a Buffer Overflow
  • Goal is too install a virus
  • Buffer overflow allows
  • an attacker to introduce malicious code into a
    processOR
  • An attacked to call an existing routine in the
    application process, with doctored arguments
  • It is a powerful technique to start the
    compromise a computer process

35
Rootkits, the Grand Finale
  • Buffer overflows, open the door, the real deal is
    the rootkit.
  • Operating system patch
  • Hides all evidence of the compromise
  • Impossible to detect from within the system
  • Need external detectors
  • Can be designed to be very difficult, if not
    impossible to clean up
  • Reinstall is the only sure way to stop a rootkit

36
What can rootkits do?
  • Run any software as root or administrator
  • Update itself as well as implant newer attacks
    later
  • Very Stealthy
  • Install keyboard sniffers
  • Access any data stored on the computer
  • If the data is encrypted, the rootkit can find
    where the key is located

37
Zombies
  • A virus
  • A process that listens to commands from home
  • Can download another programs
  • Can start attacks on other systems
  • Can do spamming without being easily detected
  • Advantage Upgradeable, reprogrammable!

38
Sniffers
  • Record keystrokes typed by a user
  • Can see all data entered by a user, including
    secret data
  • Passwords, credit card numbers, personal
    information
  • Can see data that is encrypted (as it can access
    it before encryption, or after decryption)
  • Would you use a computer that does not belong you?

39
Web Attacks
  • A variance of the buffer overflow and virus
    attack
  • Use web software to attack a browser
  • Utilize vulnerabilities in a browser
  • Java script vulnerabilities
  • Active X vulnerabilities
  • Install browser helper objects
  • Can be hidden in web popups
  • Often used to install
  • Adware
  • Spyware
  • Web-beacons
  • Single pixel images, that detect a user reading a
    web page (or email, or any HTML content)

40
Cross Site Scripting
  • Fun with Javascript and browsers and servers
  • Type 0
  • Run a script on the users machine when visiting a
    malicious site. The local script has higher
    privileges
  • Type 1
  • Inject a client side script into a server. A
    crafted URL followed while logged into a good
    site can make the good site do what the attacker
    wants
  • Type 2
  • A message board contains crafter URLs that can
    send cookies to the attacker
  • Many attacks, including the recent gmail attack
    were done via XSS

41
Gmail Attack
  • from a blog
  • Haochi Chen discovered what looks like a
    Gmail XSS (cross-site scripting) security
    problem. Using a small piece of JavaScript you
    can put on any server, the users contact names
    email addresses are revealed (provided youre
    logged in to your Google account). I was able to
    reproduce this using Firefox, and an updated
    version of the original snippet. With Haochis
    code, a malicious website would be able to grab
    your contact list and transmit it to their server
    behind the scenes, storing this data for other
    purposes like spamming, or finding out more
    about you.
  • If youre worried about this Google
    vulnerability, the best thing until its fixed is
    to only visit sites you know and trust, or to
    turn off your browsers JavaScript, or to log out
    of Gmail.

42
Password Attacks
  • Find password by brute force, or by guessing, or
    by dictionary attacks
  • Hardy ever used any more, even simple passwords
    are hard to crack!
  • So many easier ways, why bother!
  • Phishing is hard? Phishing is easy?
  • Sniffing too

43
Network Eavesdropping
  • Ethernet and broadcast networks
  • promiscuous mode
  • Get every packet
  • Password sniffing
  • MAC sniffing
  • WEP cracking
  • Network eavesdropping can lead to loss of privacy
    is data is being sent un-encrypted
  • Not a common attack

44
Man in the Middle
  • Insert a malicious relay between sender and
    receiver of a network connection
  • Change data packets, or replay them
  • Need to sniff and then inject
  • Or need to establish to connections (redirect
    traffic)
  • Causes confusion
  • Gain information, use authentication
    surreptitiously
  • Not effective against modern cryptographic
    protocols (encryption and digital signatures)

45
Denial of Service
  • Flood the network with fake traffic
  • Overwhelm servers with large numbers of queries
  • Distributed DoS uses Zombies
  • Very difficult to contain
  • Attacking the network stack
  • Use malformed packets to cause TCP-IP software to
    block/crash
  • Does not cause any loss of privacy, or system
    compromises

46
Authentication Attacks
  • Steal authentication information
  • Phishing is the most common method
  • Man in the middle, eavesdropping can do it too
  • Steal keys and other shared secrets
  • Physical theft
  • Viruses
  • Brute force (for bad cryptographic algorithms)

47
Pharming
  • Corrupt a DNS server
  • Man in the middle
  • System attack
  • A host translates a DNS name to a attackers IP
    address
  • E.g. mybank.com leads to a hacker site, set up
    to look like the mybank.com site
  • Then a standard phishing attack can be performed
    on the user-name and password

48
RATS
  • Remote Access Trojans
  • New! Improved!! More efficient!!!

These new remote-access Trojans are designed
specifically to lurk in the background, waiting
until the unsuspecting user types the name of a
well-known bank into a Web browser. Then, the
program springs into action, copying every
keystroke. The data is sent back to the criminal,
who now can raid the online bank.
49
Social Engineering
  • Phishing, via spam or web sites
  • Sending pictures or other interesting things,
    with compelling reasons to open it
  • Download interesting programs, with Trojans
  • Giving up personal information using baits of
    various kinds
  • If we figure out all the tricks, more will be
    invented

50
Countermeasures
  • Patches and security fixes
  • Virus Scanners
  • Intrusion Detectors / Firewalls
  • Integrity Checking and Virtual Machines
  • Cryptography
  • Digital Signatures and PKI systems
  • Smartcards / RFID
  • Awareness and Education
  • Out of band notifications
  • Simple yet effective (vs. Complex and breakable)
  • Proper administration, configuration

51
Patches and Fixes
  • Software updates
  • To fix buffer overflow and such attacks
  • Doublespeak attacker can gain complete control
    over a computer.
  • Also fixes bugs and other vulnerabilities
  • Hardens software
  • Updates can be dangerous
  • Introduces more bugs and vulnerabilities
  • Can be fake
  • Target for attackers who distribute malicious
    patches

52
Password Managers
  • Stops users from using the same user-id and
    password
  • Creates strong passwords
  • Sometimes a pain to use
  • Password managers built into browsers not a
    good idea
  • Have to transport data between computers, if
    using multiple computers (or run from USB stick)
  • Master password can be sniffed

53
Virus Scanners
  • Everyone should have them installed
  • Even though they are ineffective?
  • Slows down performance
  • Uses Black Lists
  • Polymorphism and other techniques are used by
    viruses to avoid detection
  • Can be disabled or tampered with
  • Problem with DLL, browser objects, active X,
    registry hacks, cookies
  • Adware different from spyware and viruses
  • Not true
  • A patch that works for now

54
Firewalls
  • Software and hardware firewalls
  • Network Address Translation
  • Incoming filter is needed
  • Outgoing filter is effective but irritating
  • Software firewalls can be defeated
  • Hardware firewalls are incoming only

55
Intrusion Detection Systems
  • A set of layered network-wide service for large
    computer installations
  • May just be a firewall
  • Typical configuration have
  • DMZ and honeypots
  • Bastion hosts
  • Signature based detection
  • Monitoring and logging
  • Attacks possible
  • Polymorphic attacks
  • Noise camouflaged attacks

56
Virtual Private Networks
  • An authenticated, encrypted tunnel between a
    client and a host on a secure network
  • Not popular, but effective
  • Reverse attacks are possible
  • If the host is on an open network, the client
    does not have firewall protection
  • Corporate users are required to use VPNs

57
File Integrity Checkers
  • Scan each clean file and store a signature (or
    hash)
  • Compare files to stored hashes whenever they are
    used
  • Easy to bypass or to store hash after file
    corruption occurs
  • Hash storage prone to attack
  • Sometimes irritating to use
  • A virus can fake user input and fool the
    integrity checker
  • E,g, Tripwire

58
Single Sign on Systems
  • Sign on to a secure server and your credential
    will be forwarded to any site you need to sign on
    to
  • Most implementations are flawed
  • Need too much private information (or shared
    secrets) to float around
  • Kerberos is probably one of the best, but
    difficult to administer
  • Microsoft Passport and Liberty Alliance have
    products that are struggling (or dead)
  • Certificate based systems would be much better

59
Sandboxing
  • Running applications with limited privileges
  • System calls from sandboxed applications can only
    acces some harmless functions and can cause no
    damage
  • The above statement is large untrue
  • Sandboxed applications may be able to
  • Fool the user
  • Send network packets, or spam
  • Run more sandboxed applications
  • Denial of service

60
Virtual Machine Monitors
  • The ultimate sandbox
  • Multiple copies of the operating system runs on
    the same machine (guest operating systems)
  • The core of the system is the Virtual Machine
    Monitor
  • Everything is totally separate, each OS has a
    different file system, different network address
  • Isolation can be perfect, but isolation is not
    security
  • VMM based integrity checking has much promise

61
Cryptography
  • Cryptography has a treasure chest of algorithms
    and protocols for handling security (or
    computation and data)
  • (Cryptographically Secure) Random Numbers
  • (One way) Hash functions
  • Symmetric Encryption (e.g. DES, AES, IDEA)
  • Asymmetric Encryption (RSA, Rabin, ECC)
  • Cryptography, if properly implemented can provide
    high degrees of data security and reliable
    authentication
  • Without using shared secret
  • IF keys are kept secret
  • Prone to viral attacks

62
PKI Systems
  • PKI Public Key Infrastructure
  • A set of protocols that use asymmetric encryption
    and hashing
  • Authentication Systems
  • Digital signatures for non-repudiable
    transactions
  • Digital Certificates for secure authentication
  • PKI based authentication stops the phishing
    problem and password leakage problem
  • Keyboard sniffers are not always effective with
    PKI systems
  • Microsoft Cardspace seems to be the first
    consumer targeted PKI based identity management
    system
  • PKI based smartcards are the best implementation
  • Not yet being deployed ?

63
Smartcards
  • Smartcard
  • Stored secrets
  • Compute engine
  • Communication path
  • Non tamperable
  • Most smartcards are not very smart
  • Stored value cards, shared secret challenge
    response cards, GSM SIM cards
  • PKI based smartcards provide an excellent
    authentication solution
  • DoD CAC
  • Belgian ID card

secrets
processor
64
RFID cards
  • More common, less secure
  • Contactless Accessible via radio waves.
  • Can be read at large distances, with expensive
    equipment
  • Prone to the tracking vulnerability
  • Many attacks against RFID passport discovered
  • Challenge-response RFID cards are better
  • The current crop is tainted with bad algorithms
  • Stops cloning, but does not stop stealing
  • Room for improvement

65
Out of band communications
  • A simple and yet powerful technique
  • Many scenarios possible for example
  • Make a web transaction that involves a credit
    card payment
  • An automated phone call received
  • Confirm PIN using phone keypad
  • Confirm amount
  • Must be resilient against fake phone calls
  • Very hard for attacker to compromise credit card
    and cellphone and phone PIN

66
Simple is Effective
  • Complex is breakable
  • All complicated solutions have vulnerabilities
    and features that can be exploited
  • Think of a complex piece of software.
  • Web browser
  • Microsoft Office
  • Outlook
  • Many more examples
  • We need simple solutions
  • Easy to understand
  • Easy to detect anomalous behavior

67
Awareness and Education
  • Education is the answer to many problems, but
  • Cannot educate the masses effectively
  • Computing and network infrastructure has very
    deep penetration
  • Consumers are getting educated, but more keep
    coming online
  • Learn by experience?
  • Bad idea
  • Smart people protect themselves
  • .but the others create problems for everyone

68
Administration and Configuration
  • Out of the box configurations of systems and
    gadgets are vulnerable
  • Default passwords
  • Security features disabled
  • Proper Configuration is of paramount important
  • e.g. 500 mile email radius
  • How? Very few smart administrators seem to know
  • Obscurity is used to defeat attackers (in a way,
    bad idea)
  • Security policy of your organization
  • Host system security
  • Auditing
  • Router security
  • Firewalls
  • Intrusion detection systems
  • Incident response plan

Checklist for organizational systems
About PowerShow.com