Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
The Good The Bad The Ugly
.
.. ..
.
.
Computer and Network Security
िशवकुमार G. Sivakumar சிவகுமார்
Computer Science and Engineeringभारतीय ौोिगकी संान म ुबंई (IIT Bombay)
December 20, 2010
• The Good (Web 1.0, 2.0, 3.0)• The Bad (Vulnerabilities, Attacks)• The Ugly? (Defence)
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Partial Landscape
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. The Good side first!
How is learning affected?िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Internet's Growth and Charter
Milestones
12
3
4 56
02
http://www.isc.org/
9796959493888270s
10 80k 1M 4.5M 16M1k
100M30M2k
5
25
90 150
20k 50k 800k
500 200k 1.2M
Academic WWW(steroids)
Java
LAN−boom!
(TCP/IP)
(DoD funds)
Hosts
INTERNET GROWTH
99
Users
Countries
Domains
WWW sites
Commercial UsersE−commerce
147M
All
Information AnyTime, AnyWhere, AnyForm,AnyDevice, ... WebTone like DialTone
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Search Engines and Page Rank
• How to drink water from a firehose?• Search Engines (google) crawl the web for us.• Recall (all available?) and Precision (all relevant?)• How to rank the pages? (syntactic?)• Reliability/Trust/Security issues
.What do profs do?.... ..
.
.Visit www.phdcomics.com to find out!
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Web 2.0 Definition (O'Reilly)
.Web 2.0..
.
. ..
.
.
Web 2.0 is the network as platform, spanning all connecteddevices; delivering software as a continually-updated servicethat gets better the more people use it, consuming andremixing data from multiple sources, including individualusers, while providing their own data and services in a formthat allows remixing by others, creating network effectsthrough an architecture of participation, and going beyondthe page metaphor of Web 1.0 to deliver rich userexperiences.
.Examples..
.
. ..
.
.
RSS/Blogs/FeedReaders, Slashdot/Digg, Wikipedia (printingpress: people can read, Web2.0: people can write!)Mashups- ingeniously combining web services e.g. GoogleMaps in other applications e.g. Mumbai Navigator
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Semantics and Intelligence (Web 3.0)
Collaboration is necessary, but is it sufficient?Want to know• When cheap Mumbai-Chennai round trips areavailable• with package tours to Mahabalipuram, if possible• but not on weekdays• ...
• Whenever new articles on chess appear• only in English, Tamil or German• but other langauges ok if it is about V. Anand!• but not written by ...• ...
Two margas for moksha• Monkey way is Web 1.0/2.0 (syntactic web)
• Cat way is Web 3.0 ( sematic web )
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Theme/Scope of Subject
• ``Can't live with them, can't live without them!''• Know Your EnemyCan cyber/internet crimes cause events like thefollowing?• July 2006 Mumbai rains• 26/11 attack on Mumbai• Gulf of Mexico oil spill• Mangalore air crash• Stop all Mumbai local trains• Disrupt all Mumbai mobile phones? (Prof.Jhunjhunwala's example)
• How to Protect Critical Infrastructure?• Passive Defence• Counter Intelligence (Technical side)
• Screeenshots from atlas.arbor.net
Your questions/suggestions now will be invaluable!िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. What are Cyber crimes?.Cybercrime..
.
. ..
.
.
Activity in which computers or networks are a tool, a target,or a place of criminal activity. (Categories not exclusive).
• Against People• Cyber Stalking and Harrassment• (Child) Pornography• Phishing, Identity Theft, Nigerian 419
• Against Property• Cracking• Virus and Spam• Software/Entertainment Piracy• Trade secrets, espionage
• Cyber Terrorism!• Hactivism! (in some countries!)• Information Warfare
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Security Concerns
Match the following!Problems Attackers
Highly contagious viruses Unintended blundersDefacing web pages Disgruntled employees or customers
Credit card number theft Organized crimeOn-line scams Foreign espionage agents
Intellectual property theft Hackers driven by technical challengeWiping out data Petty criminalsDenial of service Organized terror groupsSpam E-mails Information warfare
Reading private files ...Surveillance ...
• Crackers vs. Hackers• Note how much resources available to attackers.
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Surveillance- atlas.arbor.net
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Who is scanning?
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Who is hosting phising sites?
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Malicious Servers
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Defending a Critical National Infrastructure
Recent fibre cut.
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Defending a Critical National Infrastructure
Our Solution
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Exchanging Secrets
.Goal..
.
. ..
.
.
A and B to agree on a secret number. But, C can listento all their conversation.
.Solution?..
.
. ..
.
.
A tells B: I'll send you 3 numbers. Let's use their LCMas the key.
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Exchanging Secrets
.Goal..
.
. ..
.
.
A and B to agree on a secret number. But, C can listento all their conversation.
.Solution?..
.
. ..
.
.
A tells B: I'll send you 3 numbers. Let's use their LCMas the key.
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Mutual Authentication
.Goal..
.
. ..
.
.
A and B to verify that both know the same secretnumber. No third party (intruder or umpire!)
.Solution?..
.
. ..
.
.
A tells B: I'll tell you first 2 digits, you tell me the lasttwo...
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Mutual Authentication
.Goal..
.
. ..
.
.
A and B to verify that both know the same secretnumber. No third party (intruder or umpire!)
.Solution?..
.
. ..
.
.
A tells B: I'll tell you first 2 digits, you tell me the lasttwo...
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Zero-Knowledge Proofs
.Goal..
.
. ..
.
.
A to prove to B that she knows how to solve the cube.Without actually revealing the solution!
.Solution?.... ..
.
.A tells B: Close your eyes, let me solve it...
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Zero-Knowledge Proofs
.Goal..
.
. ..
.
.
A to prove to B that she knows how to solve the cube.Without actually revealing the solution!
.Solution?.... ..
.
.A tells B: Close your eyes, let me solve it...
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Paper, Scissors, Rock Game
.Goal.... ..
.
.How to play over Internet? Using email, say?
.Solution?.... ..
.
.You mail me your choice. I'll reply with mine.
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Paper, Scissors, Rock Game
.Goal.... ..
.
.How to play over Internet? Using email, say?
.Solution?.... ..
.
.You mail me your choice. I'll reply with mine.
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Sharing a Dosa
.Goal..
.
. ..
.
.
All should get equal share of dosa. No envy factor. Notrusted umpire.
.Solution?.... ..
.
.2 people case is easy- you cut, i choose!
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Sharing a Dosa
.Goal..
.
. ..
.
.
All should get equal share of dosa. No envy factor. Notrusted umpire.
.Solution?.... ..
.
.2 people case is easy- you cut, i choose!
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Denial of Service
Small shop-owner versus Supermarket
Crossmargs
Anamika
• What can the attacker do?
• What has he gained orcompromised?
• What defence mechanismsare possible?
• Screening visitors usingguards (who looksrespectable?)
• VVIP security, but doyou want to be isolated?
• what is the Internetequivalent?
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Yahoo DDoS attack
• A real example of network insecurity.• Caused traffic to Yahoo to zoom to 100s of Mbps• Broke the capacity of machines at Yahoo and its ISPs• Internet Control Message Protocol (ICMP) normally usedfor good purposes.
• Ping used to check ``are you alive?''Ping
Yes
Typically small packet (64 bytes)
a host
Ping a Network
Many replies
Used by system administrators to check local networkिशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Yahoo DDoS attack
MITnetwork
(5000+)
StanfordUniv3
P1
P2P3
P1,P2,P3,... Fake broadcast ping from Victim
How many replies does unsupecting victim get?
From whom? (respectable?)
DDOS (distributed denial of service attack)
Freely available for "script kiddies’’ to wreak havoc!
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Security RequirementsInformal statements (formal is much harder)• Confidentiality Protection from disclosure tounauthorized persons
• Integrity Assurance that information has not beenmodified unauthorizedly.
• Authentication Assurance of identity of originator ofinformation.
• Non-Repudiation Originator cannot deny sending themessage.
• Availability Not able to use system or communicatewhen desired.
• Anonymity/Pseudonomity For applications like voting,instructor evaluation.
• Traffic Analysis Should not even know who iscommunicating with whom. Why?
• Emerging Applications Online Voting, Auctions (morelater)
And all this with postcards (IP datagrams)!िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Security Mechanisms
• System Security: ``Nothing bad happens to mycomputers and equipment''virus, trojan-horse, logic/time-bombs, ...
• Network Security:• Authentication Mechanisms ``you are who yousay you are''
• Access Control Firewalls, Proxies ``who can dowhat''
• Data Security: ``for your eyes only''• Encryption, Digests, Signatures, ...
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Security Mechanisms
• System Security: ``Nothing bad happens to mycomputers and equipment''virus, trojan-horse, logic/time-bombs, ...
• Network Security:• Authentication Mechanisms ``you are who yousay you are''
• Access Control Firewalls, Proxies ``who can dowhat''
• Data Security: ``for your eyes only''• Encryption, Digests, Signatures, ...
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Security Mechanisms
• System Security: ``Nothing bad happens to mycomputers and equipment''virus, trojan-horse, logic/time-bombs, ...
• Network Security:• Authentication Mechanisms ``you are who yousay you are''
• Access Control Firewalls, Proxies ``who can dowhat''
• Data Security: ``for your eyes only''• Encryption, Digests, Signatures, ...
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Cryptography and Data Security
• sine qua non [without this nothing :-]• Historically who used first? (L & M)• Code Language in joint families!
Confidentiality Data Integrity Authentication Non-Repudiation
EncryptionDigital
SignatureMessage
authenticationUser
Identification
CiphersBlockStream
CiphersHashing Signatures
Pubic-KeyMethods
Secret KeyEstablishment
Key Management
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. One way Functions
MTNLAMTNL MTNL MTNL MTNLB C D E
One way functions are boring
4034572(Ortega)
5767799(Narayan)
TRAPDOOR 1−way Functions (CD)
Mathematical Equivalents• Factoring large numbers (product of 2 large primes)
• Discrete Logarithms
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. One-way Functions
• Computing f(x) = y is easy.• Eg. y = 4x mod 13 (If x is 3, y is ---?)
n 4n mod 13 10n mod 131 4 102 3 93 12 124 9 35 10 46 1 17 4 10...
......
• Note: need not work with numbers bigger than 13at all!
• But given y = 11, finding suitable x is not easy!• Can do by brute-force (try all possibilities!)• No method that is much better known yet!
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Network Security Mechanism Layers
Application
TCP/Socket
IP
Data Comm.
Application
TCP/Socket
IP
Data Comm.
IPv6, AH, ..
SSL, TLS
PGPS-HTTP, S-MIME
Firewalls
Encryption can be done at any level!
Higher-up: more overhead (for each application)
but better control.
.
. ..
.
.
Cryptograhphic Protocols underly all securitymechanisms. Real Challenge to design good ones forkey establishment, mutual authentication etc.
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Motivation for Session keysCombine Symmetric (fast) and Asymmetric (very slow)Methods using session (ephemeral) keys for thefollowing additional reasons.• Limit available cipher text (under a fixed key) forcryptanalytic attack;
• Limit exposure with respect to both time period andquantity of data, in the event of (session) keycompromise;
• Avoid long-term storage of a large number of distinctsecret keys (in the case where one terminalcommunicates with a large number of others), bycreating keys only when actually required;
• Create independence across communications sessions orapplications. No replay attacks.
How to establish session keys over insecure medium whereadversary is listening to everything?Can be done even without any public key! Randomization torescue (like in CSMA/CD of Ethernet).
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Diffie-Hellman Key Establishment Protocol
Alice Bob
Choose N Choose N
Send Send
ComputeCompute
8
13 4
gP,
gNa
mod P gNb mod P
a b
45
4 mod 13
5
8
m a mb
Kab
= mb
Namod P m a
Nbmod P = K ba
3 5 mod 13 = 9 = 10 8 mod 13
= 3 = 10mod 13
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Man-in-the-middle attack
Vishwanathan
Anand
Gary
Kasparov
Sivae4
e4
c5 c5
• Authentication was missing!
• Can be solved if Kasparov and Anand know each other'spublic key (Needham-Schroeder).
• Yes, but different attack possible.
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Needham-Schroeder Protocol
Alice Bob
Certificate Authority
get Kb
get Ka
Kb
K a
K
bAlice and Bob have authenticated each other?
They have also established a session key f(Na , Nb)
Things looked rosy for 10 years. Then attack discovered.
Needham−Schroeder Authenticated Key Exchange
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Attack by Lowe (1995)
Alice Bob
Certificate Authority
get K get K ac
CharlieK K
b
Ka
Kc Kb
Alice (correctly) thinks she is talking to Charlie
Bob has been fooled into thinking he is talking to Alice!
c
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Why Are Security Protocols Often Wrong?
They are trivial programs built from simple primitives,BUT, they are complicated by• concurrency• a hostile environment
• a bad user controls the network• Concern: active attacks masquerading, replay,man-in-middle, etc.
• vague specifications• we have to guess what is wanted
• Ill-defined conceptsProtocol flaws rather than cryptosystem weaknessesFormal Methods needed!
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Online Voting ProtocolsAre we ready for elections via Internet?• George Bush (Nov 2000, dimpled chads)• Pervez Musharaf (April 2002)• Maharashtra (Oct 13, 2004)
E-Voting Protocols Requirements• No loss of votes already cast (reliability)• No forging of votes (authentication)• No modification of votes cast (integrity)• No multiple voting• No vote secrecy violation (privacy)• No vulnerability to vote coercion• No vulnerability to vote selling or trading protocols(voter is an adversary)
• No loss of ability to cast and accept more votes(availability, no denial of service)
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. Other Desirable Properties
must not only be correct and secure, but also be seento be so by skeptical (but educated and honest)outsiders.• Auditability:Failure or procedural error can be detected andcorrected, especially the loss of votes.
• Verifiability: Should be able to prove• My vote was counted• All boothes were counted• The number of votes in each booth is the same asthe number of people who voted
• No one I know who is ineligible to vote did so• No one voted twice• ...
without violating anonymity, privacy etc.Zero Knowledge Proofs
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The Good The Bad The Ugly
.. References
• Books• TCP/IP Illustrated by Richard Stevens, Vols 1-3,Addison-Wesley.
• Applied Cryptography - Protocols, Algorithms, andSource Code in C by Bruce Schneier, Jon Wiley &Sons, Inc. 1996
• Cryptography and Network Security: Principles andPractice by William Stallings (2nd Edition), PrenticeHall Press; 1998.
• Practical Unix and Internet Security, SimsonGarfinkel and Gene Spafford, O'Reilly andAssociates, ISBN 1-56592-148-8.
• Web sites• www.cerias.purdue.edu (Centre for Education andResearch in Information Assurance and Security)
• www.sans.org (System Administration, Audit,Network Security)
• cve.mitre.org (Common Vulnerabilities andExposures)
• csrc.nist.gov (Computer Security ResourcesClearinghouse)
• www.vtcif.telstra.com.au/info/security.html
िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security
The GoodThe BadThe Ugly