COMP 655: Distributed/Operating Systems Summer 2011 Dr. Chunbo Chu Week 9: Security 10/24/20151Distributed Systems - COMP 655

COMP 655:Distributed/Operating

SystemsSummer 2011

Dr. Chunbo ChuWeek 9: Security

04/21/23 1Distributed Systems - COMP 655

04/21/23 Distributed Systems - COMP 655 2

Agenda• Security basics• Encryption• Major functions of a security

system


Types of security• Confidentiality

– Information disclosed only to authorized parties

• Integrity– Information can be created, changed,

or deleted only in authorized ways


Types of threats• Interception (confidentiality)• Interruption (integrity)• Modification (integrity)• Fabrication (integrity)


Major functions of a security system

• Authentication• Authorization• Administration• Journaling• Intrusion detection


Security basicsGeneral advice when dealing with

security:• Always stay in touch with the basic

question: what is the problem you are trying to solve?

• Compare the cost of security to the cost of loss

These should be covered in a security policy


Security policy basics• A security policy defines the security

requirements for a system• A security policy identifies

– Types of entities in the systemFor example, “instructor”, “student”,

“gradebook application”

– Types of actions supported by the systemFor example, “view grades”, “assign grades”

– Which types of entities are allowed to perform which types of actions


More about security policyExamples of security policy statements:• An instructor is allowed to assign and

view grades for all students in sections taught by the instructor

• An instructor is not allowed to assign or view grades for any section that he or she did not teach

• A student is allowed to view all of his or her grades

• A student is not allowed to assign grades


Yet more security policy• Policy deals with roles, not individuals.

For example, some Franklin students are also instructors

• Policy must be specific to a system– “users may perform only authorized actions” is

NOT useful policy– “instructors and administrators may assign

grades” is much more useful

• Writing a good policy is usually hard– Can any administrator assign a grade?– Or only department chairs and deans with

responsibility for the course?– Can the college president assign a grade?


Activity: DiNo Security policy• Imagine that DiNo needs to support

confidential notebooks• Discuss the security aspects of DiNo

– What types of entities and operations are important?

• What should the security priorities be?– List at least five policies about who’s allowed to

do what

• NOTE: “all users must be authenticated” does NOT belong in a security policy – it’s about implementation, not requirements


Kevin Mitnick’s work today• The simple fact is this: People are, and

always have been, the most vulnerable aspect of any organization's security infrastructure …

http://www.mitnicksecurity.com/

Interview on 60 Minutes


Security – human aspects• “Human engineering” is the most

effective way to gain unauthorized access to systems– Helpfulness can be abused– Garbage can be sifted– Etc

• Basically, it’s a never-ending dialog between builders and crackers If you remember nothing else from tonight …


Tools for the security provider

• Encryption• Explicit, well-considered policy• QA for code• Security education for developers (for

example, see http://www.sans.org/)• Security education for others with

access to sensitive information• Firewalls• Audits• Monitoring


More security tools• Research• Former crackers with changed

motives• Good system administration,

including keeping up with patches• Virus checkers (pattern, heuristic)


Resources• CERT: www.cert.org/• CSRC (NIST): csrc.nist.gov/• Steve Gibson: grc.com/default.htm

• Counterpane: www.counterpane.com/crypto-gram.html

• And 400,000,000 others …


Activity – implementing your policy

• For each of the five statements in your security policy exercise, identify one or more techniques that could be used to enforce it.


Comp 655 - Security• Security basics• Encryption• Major functions of a security

system


Encryption - general


More terminology• Symmetric cryptosystem

– aka secret-key, shared-key

• Asymmetric cryptosystem– aka public-key

• Computational infeasibility• Hash function• Block cipher• Stream cipher


Important encryption algorithms

• DES• AES• RSA• MD5• SHA-1


Data Encryption Standard (DES)


DES key generation


Attacks on DES• Analytical

– DES has held up pretty well

• Brute force– Hardware is now fast enough to allow

practical guess-and-check attacks on 56-bit DES

• Triple DES “appears to be safe for the moment”

• To be replaced by Rijndael algorithm


AES

• NIST selection process, 1997-2000, whose goal was a symmetric block cipher to replace DES for protection of sensitive unclassified information. AES is– unclassified– publicly disclosed encryption– available royalty-free, worldwide– supports block sizes of at least 128 bits– supports key sizes of 128, 192, and 256 bits.


AES Selection criteria1. Security was the most important factor, including

– resistance to cryptanalysis

– soundness of mathematical basis

– randomness of the algorithm output

– relative security as compared to other candidates.

2. Cost was a second important area – licensing requirements

– speed on various platforms

– memory requirements


AES Selection Criteria continued

• Algorithm characteristics – Adaptability to larger key sizes– Adaptability to other applications,

including stream cipher, hash– Adaptability to various

implementation environments including software, firmware, hardware

– Overall simplicity


AES continued

• Winner was Rijndael (“Rhine-doll”)• NIST evaluation tested C and Java

implementations of the candidates• Implementations have also appeared

in Lisp, Pascal, JavaScript, C++, hardware, etc

• See the NIST crypto toolkit web site:http://csrc.nist.gov/CryptoToolkit/


RSA

• Widely used for public-key cryptosystems

• Relies on computational infeasibility of factoring a product of large primes

• A key set includes– d (decryption key)– e (encryption key)– n (product of large primes)


RSA continued• Publish n and one key, keep the other

key private• Which key gets published depends on

the problem you’re trying to solve– Publish encryption key for data

protection– Publish decryption key for authentication

• Expensive! (2-3 orders of magnitude slower than DES)


Cryptographic hash functions

• With encryption, they guard against modification

• (kind of like a checksum or check digit)• A hash computes a fixed-length summary

(or digest) of a string (message) that is hard to reproduce– Given a message m, it’s computationally

infeasible to find another message m’ such that H(m’) = H(m).

– And it’s even harder to find such an m’ that says what you want …


Using a cryptographic hash:digital signature


MD5

‘<<<‘ is a “circular shift”:10110001 <<< 3 = 10001101


SHA-1(from Adam Back’s web site)• SHA1 (Secure Hash Algorithm 1) is a

cryptographic message digest algorithm.• It is considered to be more secure than

MD5– it has longer hash size– Hans Dobbertin discovered a partial weakness

in the MD5 collision function.

• There was a SHA0 but it had some security problems which were fixed in SHA1.

http://www.cypherspace.org/adam/rsa/sha.html


Comp 655 - Security• Security basics• Encryption• Major functions of a security

system





Authentication is …Checking that you are who you say

you are


Implementation – authentication in Kerberos

Kerberos• is a network authentication protocol• provides strong authentication for

client/server applications by using secret-key cryptography

• implementations are available commercially and free from MIT

• assumes black-hats are sniffing and spoofing everywhere


How Kerberos authentication works

TG Ticket Secret keySession key

Service ticket


Setting up a secure channel with Kerberos

How does Bob know KB,TGS?

It’s the session key he got at his login


Activity - authentication• When you talk to someone on the

phone, how do you know who it is?– List at least three ways– For each way, how can it be spoofed?

• If you suspect you’re being spoofed, how can you verify the other person’s identity?

• Same two questions for instant messaging





Authorization is …Granting access to resources so that

the ability to create, read, update, or delete things is available only to those who are authorized.


Authorization - General

How will it decide?What data will it use?How will it enforce its decision?


ACLs vs Capabilities


Java Security• Top-priority problem: protect hosts

from damage or eavesdropping by mobile Java code.

• For applets, security is built on a co-ordinated authorization system called a “sandbox”.


Java Sandbox overview


SecurityManager


SecurityManager security = System.getSecurityManager();

if (security != null) { security.checkXXX(argument, . . . ); }

SecurityManager


Sandbox vs Playground


Leaning out of the sandbox …

• Object references as capabilities• Stack introspection• Name space management (bait-n-

switch based on class names)


Object reference as capability


Stack introspection

1. Method invocation forces a call to enable_privilege

2. enable_privilege examines the stack for a suitable privilege or prohibition

3. If OK, enable_privilege pushes a disable_privilege frame onto the stack

4. When method returns, disable_privilege turns privileges off





Administrative functions• Setting up

– Exchanging secret keys– Publishing public keys– Granting privileges

• Tearing down– Removing privileges– Changing compromised secret keys– Revoking compromised public keys

• Managing trust– Adding or removing a server– Delegating privileges


Setup: Diffie-Hellman Key Exchange

For gory details: http://www.faqs.org/rfcs/rfc2631.html

Commercial application: Cisco’s IKE

IKE standard: RFC 2409(the patent expired in 1997)


Setup: exchanging secret keys

setup


Setup: publishing keys

If you have K+, how can you know that K- is actually possessed by the person or company you think it is?


Setup: establishing trust in public keys

• Usually, public keys are published in a certificate, consisting of– Public key– String identifying the owner– Digital signature of a certificate

authority


Example: “secure” web site


Example: certificates


Certificates on the path


Certification practice statement

https://www.verisign.com/repository/CPS2.1/cps2-1.pdf

Why is this such an elaborate document?

The simple fact is this: People are, and always have been, the most vulnerable aspect of any organization's security infrastructure …

and that means lawsuits


Certificate Revocation Lists

• The certificate was good at one time, but not anymore

• CAs publish their revocation lists, usually daily

• But clients rarely check




http://www.informit.com/articles/article.asp?p=174342

Documents

COMP 655: Distributed/Operating Systems Summer 2011 Dr. Chunbo Chu Week 9: Security 10/24/20151Distributed Systems - COMP 655