PTI-20092-23-Intro to Security & Privacy

8/3/2019 PTI-20092-23-Intro to Security & Privacy

1/39

23 | 20100526

Introduction toSecurity & Privacy

Pengantar Teknik Informatika (CS1013)

20092


2/39

Some security issues


3/39

Taxonomy


4/39

Example


5/39

Cryptography: Requirements

Basic: be able to turn plaintext into ciphertext

in such a way that only the intendedrecipientthe holder of the decryption key

secrecy of the key, and not of the algorithm

itself, is the only thing that is needed to

ensure the privacy of the data


6/39

Symmetric vs Asymmetric alg

Symmetric:

Asymmetric


7/39

DES 64-bit key (56-bits + 8-bit parity)

16 rounds Each Round

Initial permutation

Round 1 F

Li 1 Ri 1

Ki

Round 2

Round 16

56-bit

key

Final permutation

+

RiLi


8/39

Repeat for larger messages Chiper Block Chaining (CBC)

Block1

IV

Block2 Block3 Block4

++++

DES

Cipher1

DES DES DES

Cipher2 Cipher3 Cipher4


9/39

More on asymmetric alg


10/39

Public Key (RSA)

Plaintext

Encrypt with

public key

Ci hertext

Plaintext

Decrypt with

private key

Encryption & Decryptionc = memod n

m = cdmod n


11/39

RSA (cont) Choose two large prime numbersp and q (each 256 bits)

Multiplyp and q together to get n

Choose the encryption key e, such that e and (p - 1) x (q - 1)

are relatively prime.

Two numbers are relatively prime if they have no common

factor greater than one Compute decryption key dsuch that

d= e-1mod((p - 1) x (q - 1))

Construct public key as (e, n) Construct private key as (d, n)

Discard (do not disclose) original primesp and q


12/39

RSA: small example Suppose we pick p = 7 and q = 11.

n = 7 11 = 77; ( p 1) (q 1) = 60 Pick a value ofe that is relatively prime to 60. We

choose e = 7

d = 71 mod ((7 1) (11 1)) 7 d = 1 mod 60

It turns out that d= 43, since 7 43 = 301 = 1 mod 60

So now we have the public key e, n = 7, 77 andthe private key d, n = 43, 77


13/39

RSA: small example (contd)

Encryption:

Message = 9

Decryption:

Chipertext = 37

c = me

mod n= 97 mod 77

= 37 chipertext

m = c mod n= 3743 mod 77

= 9 plaintext


14/39

Message Digest Cryptographic checksum

just as a regular checksum protects the receiver from accidental

changes to the message, a cryptographic checksum protects thereceiver from malicious changes to the message.

One-way function given a cryptographic checksum for a message, it is virtually

im ossible to fi ure out what messa e roduced that checksum it is

not computationally feasible to find two messages that hash to thesame cryptographic checksum.

Relevance if you are given a checksum for a message and you are able to

compute exactly the same checksum for that message, then it is

highly likely this message produced the checksum you were given.


15/39

Message Digest: example


16/39

Some hash functions

http://en.wikipedia.org/wiki/Message_digest


17/39

Security Mechanism


18/39

Authentication

A B

I am C

Is he

really C?

I amProof that

ou reall

A

Server X

I am A

Proof that

you really

are A!

A

Server X

Server X

are X!


19/39

Authentication Protocols Three-way handshake

Client & Server share a secret key

Client Server

CHK = client handshake key

SHK = server handshake key

SK = session key


20/39

Trusted third party (Kerberos)

Authentication Server A and B each share a secret key with S (KA & KB)

AS B

BT = timestamp

E((T, L, K, B), KA),

E((A, T), K),

E((T, L, K, A), KB)

,

E(T+1 ,

K)

E((T, L, K, A), KB)

= e me

K = session key


21/39

Public key authentication

A B

Spring 2002 CS 461 21


22/39

Message integrity

B

I am sending

a message

Is this message

genuine?

A B

I am C.

I am sending you

a message

Is this message

really from C?


23/39

Message Integrity Protocols

Digital signature using RSA special case of a message integrity where the code can only have

been generated by one participant

compute signature with private key and verify with public key Keyed MD5

sender: m + MD5(m + k) + E(k, private) sender: m + MD5(m + k) + E(E(k, rcv- ub), rivate) receiver

recovers random key using the senders public key applies MD5 to the concatenation of this random key

message

MD5 with RSA signature

sender: m + E(MD5(m), private) receiver

decrypts signature with senders public key compares result with MD5 checksum sent with message


24/39

Key Distribution Certificate

special type of digitally signed document:

I certify that the public key in this document belongs to theentity named in this document, signed X.

the name of the entity being certified the public key of the entity

the name of the certified authority a digital signature

Certified Authority (CA)

administrative entity that issues certificates useful only to someone that already holds the CAspublic key.


25/39


26/39


27/39

Key Distribution (cont)

Chain of Trust

ifXcertifies that a certain public key belongs to Y,and Ycertifies that another public key belongs to

Z, then there exists a chain of certificates fromX

toZ someone that wants to verifyZs public key has to

knowXs public key and follow the chain

Certificate Revocation List


28/39

Example Systems


29/39

Pretty Good Privacy (PGP)

Used in email

PGP integrity & authentication:


30/39

PGP

PGP encryption


31/39

Secure Shell (SSH) provides a remote login service

intended to replace the less secure Telnet andrlogin programs


32/39

Transport Layer Security (TLS) TLS, SSL, HTTPS


33/39

IP Security (IPSec) a framework for providing all the security services

consists of two pieces: The first piece is a pair of protocols that implement

the available security services. ,

connectionless message integrity, authentication, andantireplay protection

Encapsulating Security Payload (ESP), which supports thesesame services, plus confidentiality

The second piece is support for key management,which fits under an umbrella protocol known asISAKMP: Internet Security Association and KeyManagement Protocol


34/39

Firewalls

Rest of the Internet Local site

Firewall

Filter-Based Solution

example

( 192.12.13.14, 1234, 128.7.6.5, 80 )

(*,*, 128.7.6.5, 80 )

default: forward or not forward?

how dynamic?


35/39

Proxy-Based Firewalls Problem: complex policy Example: web server

Company net Web

server

Random

external

Remote

company

user

Internet

Firewall

o ut on: proxy

Design: transparent vs. classical Limitations: attacks from within

Firewall

External

client

External HTTP/TCP connection

Proxy

Internal HTTP/TCP connection

Local

server


36/39

Biometric


37/39

Human factor


38/39

The Age of Privacy is Over?


39/39

Documents

PTI-20092-23-Intro to Security & Privacy