Introduction to Security

Similar documents
Lecture 15: Cryptographic algorithms

1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class

Lecture 19: cryptographic algorithms

Elements of Security

From Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design. Edition 4 Pearson Education 2005

Digital Signatures. Secure Digest Functions

Session key establishment protocols

Protocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh

Lecture 1: Course Introduction

Session key establishment protocols

(2½ hours) Total Marks: 75

CUNY John Jay College of Criminal Justice MATH AND COMPUTER SCIENCE

Module: Cryptographic Protocols. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:

KALASALINGAM UNIVERSITY

CompTIA Security+ (Exam SY0-401) Course 01 Security Fundamentals

Cryptographic Protocols 1

Modelling and Analysing of Security Protocol: Lecture 1. Introductions to Modelling Protocols. Tom Chothia CWI

CompTIA Security+ (2008 Edition) Exam

Data Security and Privacy. Topic 14: Authentication and Key Establishment

Outline More Security Protocols CS 239 Computer Security February 6, 2006

Computer Networks & Security 2016/2017

Security: Focus of Control. Authentication

Verteilte Systeme (Distributed Systems)

Grenzen der Kryptographie

Outline. More Security Protocols CS 239 Security for System Software April 22, Needham-Schroeder Key Exchange

Security: Focus of Control


Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

19.1. Security must consider external environment of the system, and protect it from:

Introduction and Overview. Why CSCI 454/554?

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?

Presented by Jack G. Nestell. Topics for Discussion. I. Introduction. Discussion on the different logics and methods of reasonings of Formal Methods

Security and Privacy in Computer Systems. Lecture 7 The Kerberos authentication system. Security policy, security models, trust Access control models

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Formal Methods for Security Protocols

Information Security: Principles and Practice Second Edition. Mark Stamp

Outline More Security Protocols CS 239 Computer Security February 4, 2004

CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK

ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review

Implementing Cryptography: Good Theory vs. Bad Practice

Security protocols and their verification. Mark Ryan University of Birmingham

Network Security. Chapter 8. MYcsvtu Notes.

Combined CPV-TLV Security Protocol Verifier

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism

Security Handshake Pitfalls

Security. Alessandro Margara Slides based on previous work by Matteo Migliavacca and Alessandro Sivieri

Distributed Systems. Lecture 14: Security. Distributed Systems 1

Mechanising BAN Kerberos by the Inductive Method

1.264 Lecture 28. Cryptography: Asymmetric keys

Authentication Handshakes

Digital Signatures. Public-Key Signatures. Arbitrated Signatures. Digital Signatures With Encryption. Terminology. Message Authentication Code (MAC)

Transport Layer Security

Distributed Systems. Lecture 14: Security. 5 March,

Security Handshake Pitfalls

Network Security CHAPTER 31. Solutions to Review Questions and Exercises. Review Questions

CS Computer and Network Security: Applied Cryptography

CSE BAN Logic Presentation

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Network Security and Internet Protocols

Lecture 4: Authentication Protocols

CSC 474/574 Information Systems Security

T Cryptography and Data Security

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)

BAN Logic. Logic of Authentication 1. BAN Logic. Source. The language of BAN. The language of BAN. Protocol 1 (Needham-Schroeder Shared-Key) [NS78]

ISACA CISA. ISACA CISA ( Certified Information Systems Auditor ) Download Full Version :

Verification of security protocols introduction

UNIT - IV Cryptographic Hash Function 31.1

Information Security CS 526

0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken

APNIC elearning: Cryptography Basics

CS 425 / ECE 428 Distributed Systems Fall 2017

Security Handshake Pitfalls

What did we talk about last time? Public key cryptography A little number theory

Unit III. Chapter 1: Message Authentication and Hash Functions. Overview:

COMP 4704 Systems Security. Ramki Thurimella

Cryptography MIS

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

SSL Visibility and Troubleshooting

Chapter 15: Security. Operating System Concepts 8 th Edition,

Security Handshake Pitfalls

Securing Internet Communication: TLS

CSC 482/582: Computer Security. Security Protocols

Security Protocol Deployment Risk

Outline. Login w/ Shared Secret: Variant 1. Login With Shared Secret: Variant 2. Login Only Authentication (One Way) Mutual Authentication

Cryptographic Checksums

The Security Problem

Message authentication. Why message authentication. Authentication primitives. and secure hashing. To prevent against:

Most Common Security Threats (cont.)

Understanding Cisco Cybersecurity Fundamentals

CSCE 715: Network Systems Security

Contents Digital Signatures Digital Signature Properties Direct Digital Signatures

WHAT FUTURE FOR CONTACTLESS CARD SECURITY?

Chapter 9: Database Security: An Introduction. Nguyen Thi Ai Thao

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

Cryptography and Network Security Chapter 13. Digital Signatures & Authentication Protocols

Transcription:

Introduction to Security Avinanta Tarigan Universitas Gunadarma 1 Avinanta Tarigan Introduction to Security

Layout Problems General Security Cryptography & Protocol reviewed 2 Avinanta Tarigan Introduction to Security

Problems Life was beautiful before computer, getting worse after Internet Distributed systems: each depends on others How can we assure system behaves correctly & securely? Can we trust systems on the other side? 3 Avinanta Tarigan Introduction to Security

Problems.. (cont) How to assure security of the network How to quantify risk What are the boundaries of the system? Relationship to political, social, enomical aspects is not well understood Uncertainty 4 Avinanta Tarigan Introduction to Security

Definition In General : Computer Security deals with the method against unauthorized actions in computer systems More General : Dependability to other institution is also insecurity 5 Avinanta Tarigan Introduction to Security

Basic 6 Avinanta Tarigan Introduction to Security

Basic 7 Avinanta Tarigan Introduction to Security

Basic State (Keadaan) * Unauthorized Access (Cracked) * Sensible Information Sniffed Vulnerability (Kelemahan) * Password Stolen * Unauthenticated Sites Security Violation (Pelanggaran) Attacker who attacks State Transition 8 Avinanta Tarigan Introduction to Security

What is secure? Computer based system behaves according to 1 algorithms (program/software) 2 user direction (input) Given systems & environment: 1 secure states (system maintains security properties) 2 insecure states (violation of security policy) 3 paths lead to insecure states (vulnerability) Correctness: maintain intended behavior according to correct specification while unintended behavior will not be reachable Security policy: definition of (1,2,3) Attack : Persistence, Intentional, Outsider vs Insider, Loss vs Gain 9 Avinanta Tarigan Introduction to Security

Threats... (cont) Towards vulnerable system [Abadi] : Interaction with uncertain physical, network, software environment. Using public network, distributed administration, diverse operators COTS, business demand is the priority, Monocultures 10 Avinanta Tarigan Introduction to Security

Threats... (cont) Attack : Physical attack ex. theft of harddisk/cdroms, bombing, etc. Syntatic attack ex. buffer overflow, domain theft, SQL injection Semantic attack ex. Social engineering, site phising 11 Avinanta Tarigan Introduction to Security

Security Policy We define secure states and insecure states Define paths which always bring system in secure states: what is permited Define also paths might lead to insecure states: what is not allowed Specified in formal language for clearness, unambiguity, consistency, and verificability Written in natural language for better understanding 12 Avinanta Tarigan Introduction to Security

Properties Confidentiality (Secrecy) Unauthorized disclosure of information is not reachable (Acces Control - Cryptography) Integrity Unauthorized modification of information is not reachable Data integrity - Origin integrity / authentication Prevention (access control) - Detection (hash function) 13 Avinanta Tarigan Introduction to Security

Properties... (cont) Availability Prevention & detection of denial of service Accountability The availablity and completeness of the track of past system states Who - Whom - What - When - Where Implementation: should be forensic ready 14 Avinanta Tarigan Introduction to Security

Goals Prevention to fail the attack Detection to detect unprevented attack Recovery to stop the attack & repair attacked system 15 Avinanta Tarigan Introduction to Security

Security Mechanism Way to enforce security policies How to limit system behavior according to policies Specification - Design - Implementation - Operation & Maintenance - Audit (Forensic) Access Control & Cryptography 16 Avinanta Tarigan Introduction to Security

Access Control Reference Monitor Set of precise rules according to security policy, applied as a filter to the transition states of the system, which prevents system in entering insecure state Authentication is mandatory Subjects, Objects, Actions, Time, Location, and other attributes 17 Avinanta Tarigan Introduction to Security

Model of Acces Control Mandatory Access Control (MAC) Top Secret Obj N Discretionary Access Control (DAC) Role Based Access Control (RBAC) Obj 1 Obj 2 Obj N Obj 1 Obj 2 Obj N Safe Dealing (SD) Obj 1 Obj 2 Obj N Secret Confident Obj 1 Obj 2 Attribute Control 00 11 00 11 Ticket 00 11 K 1000 111Ticket K 00 11 00 11 00 11 000 111 00 11 00 11 00 11 000 111 00 11 00 11 00 11 Ticket K+1 01 0000 1111Enrollment Subj 1 Subj 2 Subj N Subj 1 Subj 2 Subj N Subj 1 Subj 2 Subj N Subj 1 Subj 2 Subj N 18 Avinanta Tarigan Introduction to Security

Implementation: Cryptography Algorithm to protect secrecy of data Also used to gain : authentication integrity non repudiation Includes : algorithm and key(s) 19 Avinanta Tarigan Introduction to Security

Cryptography... (cont) Chipertext = Encrypt(Message, Key) Message = Decrypt(Chipertext, Key) Decrypt(Chipertext) hard without Key Research questions : Is there any algorithm which is hard to compute original message but easy to verify it In implementation requires a protocol (Cryptographic Protocol) 20 Avinanta Tarigan Introduction to Security

Symmetric Crypt. A B : {M } Kab Principal A sends B message M encrypted with shared-key K ab Key is shared between 2 principals Needs N 2 keys for N principals Fast but key management is not easy Example of Chiper: DES, 3DES, Blowfish, AES 21 Avinanta Tarigan Introduction to Security

Asymmetric/Public Key Crypt. A B : {M } Kb Principal A sends B message M encrypted with B s public-key K b Only with private-key K 1, B can decrypt M b Principal has its own K which is published and K 1 which must be keeped secret Key management is less difficult, usualy managed by Certification Authority Example of Chiper: RSA (Rivest-Shamir-Addleman), Elliptic-Curve 22 Avinanta Tarigan Introduction to Security

One-Way-Hash Algorithm to compute large data into small integer, producing fingerprint of the message Used for maintaining integrity of message being transferred Example: MD5, SHA1, SHA-256, Ripemd, Haval 23 Avinanta Tarigan Introduction to Security

Digital Signature (Sign) 24 Avinanta Tarigan Introduction to Security

Digital Signature (Verify) 25 Avinanta Tarigan Introduction to Security

Digital Signature A B : {M,{Hash(M )} Ka } Kb A s digital signature on a message is the hash of message encrypted with A s private-key Authentication: only with A s public-key, the hash can be decrypted Integrity: Hash function Confidentiality: message can be decrypted only with B s private-key Non-Repudiation: explain for your self 26 Avinanta Tarigan Introduction to Security

Pictures of Cryptographer 27 Avinanta Tarigan Introduction to Security

Cryptographic Protocol Implementation of Cryptography Algorithm Achieving security properties (authentication, secrecy, etc.) Example : Needham-Schroeder (authentication) Kerberos (authentication) SSL/TLS (auth - secrecy) 28 Avinanta Tarigan Introduction to Security

Cryptographic Protocol Example : Needham-Schroeder Protocol M1 M2 M3 M4 M5 A S : A, B, N a S A : {N a, B, K ab, {K ab, A}K bs }K as A B : {K ab, A}K bs B A : {N b }K ab A B : {N b 1}K ab Intoducing Nonce (N) 29 Avinanta Tarigan Introduction to Security

Cryptographic Protocol More example : Kerberos Protocol M1 M2 M3 M4 A S : A, B S A : {T s, L, B, K ab, {T s, L, K ab, A}K bs }K as A B : {T s, L, K ab, A}K bs, {A, T a }K ab B A : {T a + 1}K ab Introducing TimeStamp (T ) and Lifetime (L) Used in many system, including Windows 30 Avinanta Tarigan Introduction to Security

Cryptographic Protocol Problem : Wrong design could lead to flaw Needham-Schroeder Protocol SSLv1.0 Wrong implementation could lead to vulnerability Padding problem in SSL, SSH, and WTLS User Interface design in Browser Vulnerability arise between two protection technologies (Anderson, Ross) 31 Avinanta Tarigan Introduction to Security

Assurance : Formal Method To prove correctness in achieving security properties which protocol carry out There are two development approach : Extention from method used in communication Newly developed method Four classifications : 1. General purpose tools 3. Expert System 2. Logic based 4. Algebraic approach 32 Avinanta Tarigan Introduction to Security

Formal Method Using General Purpose Tools Treated as ordinary comm. protocol Adversary is explicit, capable in read, intercept, and modify messages Method : FSM, CSP, FDR, Petri Nets Example : Lotos, Ina Jo, Murphy System State A INTRUDER B 33 Avinanta Tarigan Introduction to Security

Formal Method Using Expert System Investigate every possible scenario of Attack - Flaw - Defence Needs to define insecure states and search paths to them More successful than General Purpose Tools Example : Interrogator by Millen, NRL Protocol Analyzer by Meadows, Longley and Rigby 34 Avinanta Tarigan Introduction to Security

Formal Method Algebraic Approach Capabilties in modeling knowledge which represents component in cryptographic operation (Nonce, Key(s), and old messages) Example : Dolev - Yao (term re-writing systems) Sphi - Calculus by Abadi and Gordon (to prove secrecy) 35 Avinanta Tarigan Introduction to Security

Formal Method Logic Based One sees crypt. protocol as distributed algorithm Develop logics from modal logic There are inference rules Goal is to derived statements which represents correct condition Example : BAN Logic and GNY Logic 36 Avinanta Tarigan Introduction to Security

Towards Secure System Specification : Security Policy Implementation : Security Mechanism Correctness : Assurance Man - Machine - Management 37 Avinanta Tarigan Introduction to Security

Towards... (cont) Preventive measures Detective measures Responsive measures Desktop Servers Perimeter Managers General Users Security Team 38 Avinanta Tarigan Introduction to Security

Towards.. (cont) Security Goals Constituent OrganizationalUnits Availability Integrity Confidentiality Non Repudiation etc Government Agent Financial Institutions Organizations Local etc Policy User Education Secure OS, Application, Perimeter etc Constituent Systems 39 Avinanta Tarigan Introduction to Security

Books, Papers, and Links Ross Anderson, Security Engineering Matt Bishop, Computer Security Schneider et. al. Modelling and Analysis of Security Protocols Martin Abadi s homepage at http://www.cse.ucsc.edu/ abadi 40 Avinanta Tarigan Introduction to Security

The End End of this presentation 41 Avinanta Tarigan Introduction to Security

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback