G. Sivakumarsiva/talks/vjtiKeynote.pdfशवक म रG. Sivakumar ச வக ம ர Computer Science and Engineering भ रत य गक स नम बई (IIT Bombay) [email protected]

The Good The Bad The Ugly

.

.. ..

.

.

Computer and Network Security

िशवकुमार G. Sivakumar சிவகுமார்

Computer Science and Engineeringभारतीय ौोिगकी संान म ुबंई (IIT Bombay)

[email protected]

December 20, 2010

• The Good (Web 1.0, 2.0, 3.0)• The Bad (Vulnerabilities, Attacks)• The Ugly? (Defence)

िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security


.. Partial Landscape



.. The Good side first!

How is learning affected?िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security


.. Internet's Growth and Charter

Milestones

12

3

4 56

02

http://www.isc.org/

9796959493888270s

10 80k 1M 4.5M 16M1k

100M30M2k

5

25

90 150

20k 50k 800k

500 200k 1.2M

Academic WWW(steroids)

Java

LAN−boom!

(TCP/IP)

(DoD funds)

Hosts

INTERNET GROWTH

99

Users

Countries

Domains

WWW sites

Commercial UsersE−commerce

147M

All

Information AnyTime, AnyWhere, AnyForm,AnyDevice, ... WebTone like DialTone



.. Search Engines and Page Rank

• How to drink water from a firehose?• Search Engines (google) crawl the web for us.• Recall (all available?) and Precision (all relevant?)• How to rank the pages? (syntactic?)• Reliability/Trust/Security issues

.What do profs do?.... ..

.

.Visit www.phdcomics.com to find out!



.. Web 2.0 Definition (O'Reilly)

.Web 2.0..

.

. ..

.

.

Web 2.0 is the network as platform, spanning all connecteddevices; delivering software as a continually-updated servicethat gets better the more people use it, consuming andremixing data from multiple sources, including individualusers, while providing their own data and services in a formthat allows remixing by others, creating network effectsthrough an architecture of participation, and going beyondthe page metaphor of Web 1.0 to deliver rich userexperiences.

.Examples..

.

. ..

.

.

RSS/Blogs/FeedReaders, Slashdot/Digg, Wikipedia (printingpress: people can read, Web2.0: people can write!)Mashups- ingeniously combining web services e.g. GoogleMaps in other applications e.g. Mumbai Navigator



.. Semantics and Intelligence (Web 3.0)

Collaboration is necessary, but is it sufficient?Want to know• When cheap Mumbai-Chennai round trips areavailable• with package tours to Mahabalipuram, if possible• but not on weekdays• ...

• Whenever new articles on chess appear• only in English, Tamil or German• but other langauges ok if it is about V. Anand!• but not written by ...• ...

Two margas for moksha• Monkey way is Web 1.0/2.0 (syntactic web)

• Cat way is Web 3.0 ( sematic web )



.. Theme/Scope of Subject

• ``Can't live with them, can't live without them!''• Know Your EnemyCan cyber/internet crimes cause events like thefollowing?• July 2006 Mumbai rains• 26/11 attack on Mumbai• Gulf of Mexico oil spill• Mangalore air crash• Stop all Mumbai local trains• Disrupt all Mumbai mobile phones? (Prof.Jhunjhunwala's example)

• How to Protect Critical Infrastructure?• Passive Defence• Counter Intelligence (Technical side)

• Screeenshots from atlas.arbor.net

Your questions/suggestions now will be invaluable!िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security


.. What are Cyber crimes?.Cybercrime..

.

. ..

.

.

Activity in which computers or networks are a tool, a target,or a place of criminal activity. (Categories not exclusive).

• Against People• Cyber Stalking and Harrassment• (Child) Pornography• Phishing, Identity Theft, Nigerian 419

• Against Property• Cracking• Virus and Spam• Software/Entertainment Piracy• Trade secrets, espionage

• Cyber Terrorism!• Hactivism! (in some countries!)• Information Warfare



.. Security Concerns

Match the following!Problems Attackers

Highly contagious viruses Unintended blundersDefacing web pages Disgruntled employees or customers

Credit card number theft Organized crimeOn-line scams Foreign espionage agents

Intellectual property theft Hackers driven by technical challengeWiping out data Petty criminalsDenial of service Organized terror groupsSpam E-mails Information warfare

Reading private files ...Surveillance ...

• Crackers vs. Hackers• Note how much resources available to attackers.



.. Surveillance- atlas.arbor.net



.. Who is scanning?



.. Who is hosting phising sites?



.. Malicious Servers



.. Defending a Critical National Infrastructure

Recent fibre cut.



.. Defending a Critical National Infrastructure

Our Solution



.. Exchanging Secrets

.Goal..

.

. ..

.

.

A and B to agree on a secret number. But, C can listento all their conversation.

.Solution?..

.

. ..

.

.

A tells B: I'll send you 3 numbers. Let's use their LCMas the key.



.. Mutual Authentication

.Goal..

.

. ..

.

.

A and B to verify that both know the same secretnumber. No third party (intruder or umpire!)

.Solution?..

.

. ..

.

.

A tells B: I'll tell you first 2 digits, you tell me the lasttwo...



.. Zero-Knowledge Proofs

.Goal..

.

. ..

.

.

A to prove to B that she knows how to solve the cube.Without actually revealing the solution!

.Solution?.... ..

.

.A tells B: Close your eyes, let me solve it...



.. Paper, Scissors, Rock Game

.Goal.... ..

.

.How to play over Internet? Using email, say?

.Solution?.... ..

.

.You mail me your choice. I'll reply with mine.



.. Sharing a Dosa

.Goal..

.

. ..

.

.

All should get equal share of dosa. No envy factor. Notrusted umpire.

.Solution?.... ..

.

.2 people case is easy- you cut, i choose!



.. Denial of Service

Small shop-owner versus Supermarket

Crossmargs

Anamika

• What can the attacker do?

• What has he gained orcompromised?

• What defence mechanismsare possible?

• Screening visitors usingguards (who looksrespectable?)

• VVIP security, but doyou want to be isolated?

• what is the Internetequivalent?



.. Yahoo DDoS attack

• A real example of network insecurity.• Caused traffic to Yahoo to zoom to 100s of Mbps• Broke the capacity of machines at Yahoo and its ISPs• Internet Control Message Protocol (ICMP) normally usedfor good purposes.

• Ping used to check ``are you alive?''Ping

Yes

Typically small packet (64 bytes)

a host

Ping a Network

Many replies

Used by system administrators to check local networkिशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security


.. Yahoo DDoS attack

MITnetwork

(5000+)

StanfordUniv3

P1

P2P3

P1,P2,P3,... Fake broadcast ping from Victim

How many replies does unsupecting victim get?

From whom? (respectable?)

DDOS (distributed denial of service attack)

Freely available for "script kiddies’’ to wreak havoc!



.. Security RequirementsInformal statements (formal is much harder)• Confidentiality Protection from disclosure tounauthorized persons

• Integrity Assurance that information has not beenmodified unauthorizedly.

• Authentication Assurance of identity of originator ofinformation.

• Non-Repudiation Originator cannot deny sending themessage.

• Availability Not able to use system or communicatewhen desired.

• Anonymity/Pseudonomity For applications like voting,instructor evaluation.

• Traffic Analysis Should not even know who iscommunicating with whom. Why?

• Emerging Applications Online Voting, Auctions (morelater)

And all this with postcards (IP datagrams)!िशवकुमार G. Sivakumarசிவகுமார்Computer Science and Engineering भारतीय ौोिगकी संान म ुबंई (IIT Bombay) [email protected] and Network Security


.. Security Mechanisms

• System Security: ``Nothing bad happens to mycomputers and equipment''virus, trojan-horse, logic/time-bombs, ...

• Network Security:• Authentication Mechanisms ``you are who yousay you are''

• Access Control Firewalls, Proxies ``who can dowhat''

• Data Security: ``for your eyes only''• Encryption, Digests, Signatures, ...



.. Cryptography and Data Security

• sine qua non [without this nothing :-]• Historically who used first? (L & M)• Code Language in joint families!

Confidentiality Data Integrity Authentication Non-Repudiation

EncryptionDigital

SignatureMessage

authenticationUser

Identification

CiphersBlockStream

CiphersHashing Signatures

Pubic-KeyMethods

Secret KeyEstablishment

Key Management



.. One way Functions

MTNLAMTNL MTNL MTNL MTNLB C D E

One way functions are boring

4034572(Ortega)

5767799(Narayan)

TRAPDOOR 1−way Functions (CD)

Mathematical Equivalents• Factoring large numbers (product of 2 large primes)

• Discrete Logarithms



.. One-way Functions

• Computing f(x) = y is easy.• Eg. y = 4x mod 13 (If x is 3, y is ---?)

n 4n mod 13 10n mod 131 4 102 3 93 12 124 9 35 10 46 1 17 4 10...

......

• Note: need not work with numbers bigger than 13at all!

• But given y = 11, finding suitable x is not easy!• Can do by brute-force (try all possibilities!)• No method that is much better known yet!



.. Network Security Mechanism Layers

Application

TCP/Socket

IP

Data Comm.

Application

TCP/Socket

IP

Data Comm.

IPv6, AH, ..

SSL, TLS

PGPS-HTTP, S-MIME

Firewalls

Encryption can be done at any level!

Higher-up: more overhead (for each application)

but better control.

.

. ..

.

.

Cryptograhphic Protocols underly all securitymechanisms. Real Challenge to design good ones forkey establishment, mutual authentication etc.



.. Motivation for Session keysCombine Symmetric (fast) and Asymmetric (very slow)Methods using session (ephemeral) keys for thefollowing additional reasons.• Limit available cipher text (under a fixed key) forcryptanalytic attack;

• Limit exposure with respect to both time period andquantity of data, in the event of (session) keycompromise;

• Avoid long-term storage of a large number of distinctsecret keys (in the case where one terminalcommunicates with a large number of others), bycreating keys only when actually required;

• Create independence across communications sessions orapplications. No replay attacks.

How to establish session keys over insecure medium whereadversary is listening to everything?Can be done even without any public key! Randomization torescue (like in CSMA/CD of Ethernet).



.. Diffie-Hellman Key Establishment Protocol

Alice Bob

Choose N Choose N

Send Send

ComputeCompute

8

13 4

gP,

gNa

mod P gNb mod P

a b

45

4 mod 13

5

8

m a mb

Kab

= mb

Namod P m a

Nbmod P = K ba

3 5 mod 13 = 9 = 10 8 mod 13

= 3 = 10mod 13



.. Man-in-the-middle attack

Vishwanathan

Anand

Gary

Kasparov

Sivae4

e4

c5 c5

• Authentication was missing!

• Can be solved if Kasparov and Anand know each other'spublic key (Needham-Schroeder).

• Yes, but different attack possible.



.. Needham-Schroeder Protocol

Alice Bob

Certificate Authority

get Kb

get Ka

Kb

K a

K

bAlice and Bob have authenticated each other?

They have also established a session key f(Na , Nb)

Things looked rosy for 10 years. Then attack discovered.

Needham−Schroeder Authenticated Key Exchange



.. Attack by Lowe (1995)

Alice Bob

Certificate Authority

get K get K ac

CharlieK K

b

Ka

Kc Kb

Alice (correctly) thinks she is talking to Charlie

Bob has been fooled into thinking he is talking to Alice!

c



.. Why Are Security Protocols Often Wrong?

They are trivial programs built from simple primitives,BUT, they are complicated by• concurrency• a hostile environment

• a bad user controls the network• Concern: active attacks masquerading, replay,man-in-middle, etc.

• vague specifications• we have to guess what is wanted

• Ill-defined conceptsProtocol flaws rather than cryptosystem weaknessesFormal Methods needed!



.. Online Voting ProtocolsAre we ready for elections via Internet?• George Bush (Nov 2000, dimpled chads)• Pervez Musharaf (April 2002)• Maharashtra (Oct 13, 2004)

E-Voting Protocols Requirements• No loss of votes already cast (reliability)• No forging of votes (authentication)• No modification of votes cast (integrity)• No multiple voting• No vote secrecy violation (privacy)• No vulnerability to vote coercion• No vulnerability to vote selling or trading protocols(voter is an adversary)

• No loss of ability to cast and accept more votes(availability, no denial of service)



.. Other Desirable Properties

must not only be correct and secure, but also be seento be so by skeptical (but educated and honest)outsiders.• Auditability:Failure or procedural error can be detected andcorrected, especially the loss of votes.

• Verifiability: Should be able to prove• My vote was counted• All boothes were counted• The number of votes in each booth is the same asthe number of people who voted

• No one I know who is ineligible to vote did so• No one voted twice• ...

without violating anonymity, privacy etc.Zero Knowledge Proofs



.. References

• Books• TCP/IP Illustrated by Richard Stevens, Vols 1-3,Addison-Wesley.

• Applied Cryptography - Protocols, Algorithms, andSource Code in C by Bruce Schneier, Jon Wiley &Sons, Inc. 1996

• Cryptography and Network Security: Principles andPractice by William Stallings (2nd Edition), PrenticeHall Press; 1998.

• Practical Unix and Internet Security, SimsonGarfinkel and Gene Spafford, O'Reilly andAssociates, ISBN 1-56592-148-8.

• Web sites• www.cerias.purdue.edu (Centre for Education andResearch in Information Assurance and Security)

• www.sans.org (System Administration, Audit,Network Security)

• cve.mitre.org (Common Vulnerabilities andExposures)

• csrc.nist.gov (Computer Security ResourcesClearinghouse)

• www.vtcif.telstra.com.au/info/security.html


The GoodThe BadThe Ugly

Documents

G. Sivakumarsiva/talks/vjtiKeynote.pdfशवक म रG. Sivakumar ச வக ம ர Computer Science and Engineering भ रत य गक स नम बई (IIT Bombay) [email protected]