Embed Size (px)
Citation preview
CSCE 201CSCE 201Introduction to Introduction to
Information Security Information Security Fall 2010Fall 2010
Data ProtectionData Protection
CSCE 201 - Farkas 22
Reading assignmentsReading assignments
Required for this class:– D. Cross, Data Protection and Recovery in Windows XP,
http://technet.microsoft.com/en-us/library/bb457020.aspx – M. Horowitz The Safest Way to Protect Sensitive
Computing Files, August 24, 2009, http://www.esecurityplanet.com/views/article.php/3835861/article.htm
– Wikipedia, Encryption, http://en.wikipedia.org/wiki/Encryption
CSCE 201 - Farkas 3
Sensitive Files
Must be protected from– Hackers– Other users
What to protect and at what level security policy
How to protect security policy
CSCE 201 - Farkas 4
Security Mechanism
Several alternatives Which one to choose?
– Level of assurance– User’s preferences (familiarity, ease of use,
recommendations, etc.)– User’s technical knowledge– Availability – Financial considerations– Etc.
CSCE 201 - Farkas 5
Data Protection via Operating System
Microsoft® Windows® XP provides many enhancements in the area of data protection – Encrypting File System (EFS) – Data Recovery Agents (DRA)
Best PracticesNote: EFS is only available on Windows
XP Professional; it is not supported on Windows XP Home Edition
What is Encryption?How secure it is?
Can you decrypt the followings?
HAY?OROWEU
How are you?
Hello
CSCE 201 - Farkas 7
Insecure communications
Sender
Snooper
Recipient
Insecure channel
Confidential
CSCE 201 - Farkas 8
Terminology
Plaintext (cleartext): a message in its original form
Ciphertext (cyphertext): an encrypted message Encryption: transformation of a message to hide
its meaning Cipher: cryptographic algorithm. A mathematical
function used for encryption (encryption algorithm) and decryption (decryption algorithm).
CSCE 201 - Farkas 9
Terminology
Decryption: recovering meaning from ciphertext
Cryptography: art and science of keeping messages secure
Cryptanalysis: art and science of breaking ciphertext
Cryptology: study of both cryptography and cryptanalysis
CSCE 201 - Farkas 10 10Lecture 4
Encryption and Decryption
Plaintext PlaintextEncryption Decryption
Ciphertext
Additional requirements:• Authentication
• Between communicating parties• Third-party authentication
• Non-repudiation• Integrity verification• Key distribution
• Secret key (secure distribution)• Public key (reliable distribution)
CSCE 201 - Farkas 11 11Lecture 4
CryptanalysisCryptanalyst’s goal:
– Break message– Break key– Break algorithm
Secret Key Encryption(Symmetric key, Traditional)
CSCE 201 - Farkas 13 13Lecture 4
Secret Key Cryptosystem
Encryption Decryption
Plaintext PlaintextCiphertext
K
Sender Recipient
C=E(K,M)M=D(K,C)
K needs secure channel
CSCE 201 - Farkas 14 14Lecture 4
Basic Encryption Techniques
Substitution (confusion) Permutation (diffusion) Combinations and iterations of these
CSCE 201 - Farkas 15 15Lecture 4
Simple Alphabetic Substitution
Assign a new symbol to each plain text symbol randomly or by key, e.g.,
C k, A h, B l
M=CAB
C =k h l
Advantages: large key space 26!
Disadvantages: trivially broken for known plaintext attack, repeated pattern, letter frequency distributions unchanged
CSCE 201 - Farkas 16 16Lecture 4
Transposition Letters of the message are rearranged Break patterns, e.g., columnar transposition
Plaintext: this is a testt h i si s a t tiehssiatst!e s t !
Advantages: easy to implement Disadvantages:
Trivially broken for known plaintext attack Easily broken for cipher only attack
CSCE 201 - Farkas 17
Symmetric Key Encryption Algorithms
Data Encryption Standard (DES)Advanced Encryption Standard (AES)
CSCE 201 - Farkas 18
Public-Key EncryptionTwo keys – one is private one is publicSolves the key distribution problem (but
need reliable channel)Provides electronic signaturesSlower than secret-key encryption
CSCE 201 - Farkas 19
Public-Key Encryption
Needed for security:– One of the keys must be kept secret– Impossible (at least impractical) to decipher
message if no other information is available– Knowledge of algorithm, one of the keys, and
samples of ciphertext must be insufficient to determine the other key
CSCE 201 - Farkas 20
Confidentiality
ASender
BRecipient
Insecure channel
Plaintext PlaintextCiphertextEncryption Alg.
Decryption Alg.
B’s public key B’s private key
(need reliable channel)
CSCE 201 - Farkas 21
Public Key Cryptosystem Concept conceived by Diffie and Hellman in 1976 Rivest, Shamir, and Adleman (RSA) describe a
public key system in 1978 Many proposals have been broken
e.g., Merkle-Hellman proposal broken by Shamir Serious candidates (public domain)
– RSA– El Gamal
CSCE 201 - Farkas 22
Digital Signatures in RSA
AB
Insecure channel
Plaintext PlaintextSigned plaintext
Encryption Alg.
Decryption Alg.
A’s public keyA’s private key(need reliable channel)
Sign Verify
CSCE 201 - Farkas 23
Signature and Encryption
D E D E
A B
Plaintext Plaintext
SignedPlaintext
SignedPlaintext
Encrypted Signed Plaintext
A’s private key
B’s public key
B’s private key
A’s public key
CSCE 201 - Farkas 24
Hash Functions
Hash function h maps an input x of arbitrary length to a fixed length output h(x) (compression)
Accidental or intentional change to the data will change the hash value
Given h and x, h(x) is easy to compute (ease of computation)
CSCE 201 - Farkas 25
Hash functions
Preimage resistant (one-way): if for all specified outputs, it is computationally infeasible to find any input that hashes to that output
Second-preimage resistent (weak collision resistant): if it is computationally infeasible to find any second input which has the same output as any specified input
Collision resistant (strong collision resistant): if it is computationally infeasible to find any two distinct inputs that has the same output
CSCE 201 - Farkas 26
Attacks
First preimage attack: given a hash h, find a message m such that hash(m) = h
Second preimage attack: given a fixed message m1, find a different message m2 such that hash(m2) = hash(m1)
Attack complexity: 2n (considered too high for a typical output size of n=160 bits)
Practical attacks: Collision attack
Use of Encryption for Data Protection
CSCE 201 - Farkas 28
Data Recovery
A process by which individual data elements such as files or folders are encrypted for more than one person or entity
Windows XP operating system: symmetrically encrypted data blocks
The symmetric key being protected by one or more public keys of a public/private key pair
CSCE 201 - Farkas 29
Encrypting File System (EFS)
Provides file system-level encryption Enables files to be transparently encrypted on
NTFS file systems Protects confidential data from attackers with
physical access to the computer While the operating system is running: User
authentication and access control lists Attacker gains physical access to the computer:
need protection of harddrive
CSCE 201 - Farkas 30
File system-level encryption
Individual files or directories are encrypted by the file system itself
Advantages:– Flexible file-based key management– Individual management of encrypted files – Access control can be enforced through the use of
public-key cryptography– Cryptographic keys are only held in memory while the
file that is decrypted by them is held open
CSCE 201 - Farkas 3131
Next ClassNext ClassMalicious code
