Upload
todd-powers
View
239
Download
2
Tags:
Embed Size (px)
Citation preview
Encryption and Security Issues -- Sheizaf Rafaeli
Encryption and Data SecurityEncryption and Data Security
Jungles, Towers,
Monkeys, Locks and Keys.
Encryption and Security Issues -- Sheizaf Rafaeli
ם תקשורת מאובטחתם תקשורת מאובטחתוודרישות לקידרישות לקי 4 4 ::
?ClaimsNot
SentNot
Received
Confidentiality - סודיות Integrity - שלמות
Authentication - הזדהות Non-repudiation - מניעת התכחשות
Interception Modification
Fabrication
Is my communication private? Has my communication been altered?
Who am I dealing with? Who sent/received it and when?
AgendaAgenda
• What are EC Security Threats and Issues• Web server and Database Security• Crypto-Basics• Network Encryption• SSL/PCT
Agenda (2)Agenda (2)
•Main concepts :Physical vs. Logical protectionsSymmetric vs. Public Key encryptionPrivacy, Integrity, Repudiation, •Hash, Digital signature, Certification•Security vs. Privacy as public interest concernsDES, SSL
Encryption and Security Issues -- Sheizaf Rafaeli
Security - The Business ChallengeSecurity - The Business Challenge
Who’s the bad guy? Competitors, foreign governments, network hackers, disgruntled ex-employees, news and media, unauthorized customers, employees, etc?
How do I protect my information from the bad guys, without making employees and authorized users less productive?
How can I administer security consistently, reliably, and cost effectively across all of my distributed information resources ?
Insiders80%
Outsiders20%
Studies show 80% of real security problems are caused by authorized users
Encryption and Security Issues -- Sheizaf Rafaeli
Security Threats in Security Threats in Electronic Commerce Electronic Commerce
Client/server security Client/server security
ensuring that only the right people are accessing the ensuring that only the right people are accessing the network resources or content on Web servers. network resources or content on Web servers.
This includes: password protection, encrypted smart This includes: password protection, encrypted smart cards, biometrics, and firewalls.cards, biometrics, and firewalls.
Data and transaction security Data and transaction security
ensuring the privacy and confidentiality in electronic ensuring the privacy and confidentiality in electronic messages and data packets. messages and data packets.
This includes: data encryption using various This includes: data encryption using various cryptographic methods.cryptographic methods.
Encryption and Security Issues -- Sheizaf Rafaeli
Today’s Client-Server Today’s Client-Server EnvironmentEnvironment
Clients
Server
EnterpriseNetwork
Host-basedSystem
Introduces new network security vulnerabilitiesIntroduces new network security vulnerabilities password/datastream snoopingpassword/datastream snooping datastream modificationdatastream modification
Potential user population becomes much biggerPotential user population becomes much bigger User and host identification more difficultUser and host identification more difficult Physical security no longer enoughPhysical security no longer enough
Encryption and Security Issues -- Sheizaf Rafaeli
TEMPEST, “Echelon”, TEMPEST, “Echelon”, “Carnivore”“Carnivore”
TTransient ransient EElectromagnetic lectromagnetic PPulse ulse EEmanation manation StStandardandard
FBI’s “Carnivore”FBI’s “Carnivore”
Encryption and Security Issues -- Sheizaf Rafaeli
Menwith Hill in the UK: Alleged to be part of Echelon
Encryption and Security Issues -- Sheizaf Rafaeli
אמצעים פיזיים לשמירה על דרישות אמצעים פיזיים לשמירה על דרישות ::האבטחההאבטחה
: : סודיותסודיותמעטפה חתומהמעטפה חתומה
: : שלמותשלמות חותמת עדותחותמת עדות
: : הזדהותהזדהותתעודת זהות, תעודת זהות, דרכוןדרכון
מניעת התכחשות:מניעת התכחשות:חתימה + תאריךחתימה + תאריך
My Signature & Date
Encryption and Security Issues -- Sheizaf Rafaeli
User Identification & User Identification & AuthenticationAuthentication
choices for user authentication choices for user authentication Using passwordsUsing passwords Using Biometric devices or tokensUsing Biometric devices or tokens Single Sign-On for host-based systemsSingle Sign-On for host-based systems Single Sign-On Integration for network-based Single Sign-On Integration for network-based
distributed security frameworksdistributed security frameworks
Encryption and Security Issues -- Sheizaf Rafaeli
Access Controls Access Controls
Object privileges implements ‘need to know’ security Object privileges implements ‘need to know’ security Views extend object security to row, column level based on content or contextViews extend object security to row, column level based on content or context
Stored procedures, packages and functions support ‘execute only’ Stored procedures, packages and functions support ‘execute only’ privileges on well-formed transactionsprivileges on well-formed transactions
Roles provide privilege managementRoles provide privilege management
Encryption and Security Issues -- Sheizaf Rafaeli
Auditing & Auditing & AccountabilityAccountability
Hold Users Responsible by...
Audit Flexibility and GranularityAudit Flexibility and Granularity- Audit objects, users, operations, Audit objects, users, operations, privileges...privileges...
Securely Analyze Audit Information using Securely Analyze Audit Information using SQLSQL Database triggers enable context-sensitive Database triggers enable context-sensitive auditingauditing
Encryption and Security Issues -- Sheizaf Rafaeli
The Internet And SecurityThe Internet And Security
Internet is openInternet is open Anyone can listen, modify,Anyone can listen, modify,
or repudiate transactionsor repudiate transactions
Security needs are verySecurity needs are verydifferent than traditional LANsdifferent than traditional LANs No No a prioria priori information about users information about users Large scale - millions versus thousandsLarge scale - millions versus thousands Completely decentralizedCompletely decentralized
security infrastructure security infrastructure Executable contentExecutable content
Encryption and Security Issues -- Sheizaf Rafaeli
Users’ Security NeedsUsers’ Security Needs
Communicate privatelyCommunicate privately Transmit confidential, personal informationTransmit confidential, personal information
Verify identity of other partiesVerify identity of other parties Authenticate Web servers, clients Authenticate Web servers, clients
Control access to information, resourcesControl access to information, resources Distribute private, paid-for informationDistribute private, paid-for information Create virtual private networksCreate virtual private networks
Conduct secure transactionsConduct secure transactions Assure safety of order, payment informationAssure safety of order, payment information
Ensure software authenticityEnsure software authenticity Download trusted code from InternetDownload trusted code from Internet
Encryption and Security Issues -- Sheizaf Rafaeli
Need for Secure CommunicationsNeed for Secure Communications
Secure Web Channels needs to Secure Web Channels needs to provide access to servers with:provide access to servers with:
Privacy:Privacy: packets can’t be snooped packets can’t be snooped Integrity:Integrity: packets can’t be altered packets can’t be altered Authentication:Authentication: no TCP/DNS spoofing no TCP/DNS spoofing CertificationCertification BlindingBlinding Key ExchangeKey Exchange STANDARDS?
Encryption and Security Issues -- Sheizaf Rafaeli
Plain text Cipher text
Blah Blah BlahBlah Blah BlahBlah Blah BlahBlah Blah BlahBlah Blah BlahBlah Blah BlahBlah Blah BlahBlah Blah Blah
xdffhliouse345fjged09e5fjsksqwfnxpdifuw0awdbczoksryaaaksjhaswe4ufdnaweaa2wfsawrkjsfya38yfkpo80sdw304v
Key
Encryption
Decryption
The key uses a mathematical algorithm to transform plaintext into ciphertext and back again
The basis of cryptography
Encryption and Security Issues -- Sheizaf Rafaeli
Symmetric Key EncryptionSymmetric Key Encryption
EncryptionEncryption
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
““AxCv;5bmEseTfid3)AxCv;5bmEseTfid3)fGsmWe#4^,sdgfMwifGsmWe#4^,sdgfMwir3:dkJeTsY8R\s@!r3:dkJeTsY8R\s@!q3%”q3%”
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
DecryptionDecryption
Plain-text inputPlain-text input Plain-text outputPlain-text outputCipher-textCipher-text
Same keySame key
(shared secret)(shared secret)
Encryption and Security Issues -- Sheizaf Rafaeli
Symmetric encryptionSymmetric encryption ROT13 - no better than decoder ROT13 - no better than decoder
rings, Ceasar’s code, AT-BaShrings, Ceasar’s code, AT-BaSh Application embedded (see Application embedded (see
accessdata.com)accessdata.com) DES: US Govmnt. standard. 16 DES: US Govmnt. standard. 16
reshuffles of 64 bit data chunks. reshuffles of 64 bit data chunks. Relatively short (56 bit) key. Relatively short (56 bit) key. Efficient! Efficient! Can be broken, with long Can be broken, with long hours use of brute force. No hours use of brute force. No practical attack published yet. Key practical attack published yet. Key choice is a vulnerability. choice is a vulnerability.
Encryption and Security Issues -- Sheizaf Rafaeli
Symmetric encryption (2)Symmetric encryption (2)
Triple DES (3DES) Applees DES Triple DES (3DES) Applees DES three times. Can get encryption with three times. Can get encryption with up to 168 or 112 bit key. up to 168 or 112 bit key. Not restricted by patents.Not restricted by patents.
IDEA (International Data Encryption IDEA (International Data Encryption Algorithm) shuffles 64 bits at a time, Algorithm) shuffles 64 bits at a time, like DES. 128 bit key, which is long like DES. 128 bit key, which is long enough to resist brute force enough to resist brute force keyspace search.keyspace search.
Encryption and Security Issues -- Sheizaf Rafaeli
Public Key EncryptionPublic Key Encryption
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
““Py75c%bn&*)9|Py75c%bn&*)9|fDe^bDFaq#xzjFr@gfDe^bDFaq#xzjFr@g5=&nmdFg$5knvMd’r5=&nmdFg$5knvMd’rkvegMs”kvegMs”
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
Clear-text inputClear-text input Clear-text outputClear-text outputCipher-textCipher-text
DifferentDifferent keys keys
Recipient’s Recipient’s public keypublic key
Recipient’s Recipient’s private keyprivate key
privatepublic
EncryptionEncryption DecryptionDecryption
Encryption and Security Issues -- Sheizaf Rafaeli
Public Key PairsPublic Key Pairs
priv
ate
priv
ate
publicpublic
Public and private keys are always Public and private keys are always generated as agenerated as a matchedmatched pairpair
Keys are mathematically related but it is Keys are mathematically related but it is computationally infeasiblecomputationally infeasible to deduce a to deduce a private key from its public keyprivate key from its public key
Private keys are kept secret - preferably by Private keys are kept secret - preferably by being stored in a tamper-resistant chipbeing stored in a tamper-resistant chip
pri
vate
pri
vate
Public keys are just that - Public keys are just that - public!public!
MM
SMART SMART CARDCARD123 89 3486123 89 3486
Encryption and Security Issues -- Sheizaf Rafaeli
Key ManagementKey Management
Key Management is THE Key Management is THE problem/opportunityproblem/opportunity
Public and private keys are always Public and private keys are always generated as a pair generated as a pair at the user’s machineat the user’s machine
Public key can be openly sharedPublic key can be openly shared Private key is Private key is alwaysalways kept private kept private
(it (it nevernever leaves the machine where leaves the machine where it was generated)it was generated)
Encryption and Security Issues -- Sheizaf Rafaeli
Key Pair UseKey Pair Use
Recipient’sRecipient’s public key is used to send public key is used to send a randomly chosen communication keya randomly chosen communication key
Sender’s private signing key is used Sender’s private signing key is used in digital signature operationsin digital signature operations
Recipient verifies signature using Recipient verifies signature using sender’s public signing keysender’s public signing key
Encryption and Security Issues -- Sheizaf Rafaeli
Why Use PublicWhy Use PublicKey AuthenticationKey Authentication
Better Better securitysecurity than passwords than passwords Better Better scalabilityscalability than passwords than passwords
No need to distributeNo need to distributepassword databasespassword databases
Builds to emerging technologiesBuilds to emerging technologies SmartCardsSmartCards Crypto acceleratorsCrypto accelerators
Encryption and Security Issues -- Sheizaf Rafaeli
Why Use PublicWhy Use PublicKey AuthenticationKey Authentication
Key distributionKey distribution: how keys are : how keys are created and moved to where they created and moved to where they will be used.will be used.
Key revocationKey revocation: how compromised : how compromised keys are recovered or at least keys are recovered or at least invalidated.invalidated.
CONTAINMENT: dealing with the outcome of a breach in security.
Encryption and Security Issues -- Sheizaf Rafaeli
Why Use PublicWhy Use PublicKey AuthenticationKey Authentication
The cost of key distribution plus the The cost of key distribution plus the cost of key revocation is a constant.cost of key revocation is a constant.
As a result, secret (symmetric) key As a result, secret (symmetric) key systems have high distribution systems have high distribution costs but low revocation costs. costs but low revocation costs. Public key systems have low Public key systems have low distribution costs and high distribution costs and high revocation costs.revocation costs.
Encryption and Security Issues -- Sheizaf Rafaeli
Secure CommunicationSecure Communication
Symmetric encryption for dataSymmetric encryption for data Public key too slow for bulk Public key too slow for bulk
data encryptiondata encryption Export restrictions don’t allow Export restrictions don’t allow
bulk encryption using public keybulk encryption using public key
Uses key-exchange key pairUses key-exchange key pair Public key exchange key of Public key exchange key of
recipient is used to privately recipient is used to privately share the symmetric keyshare the symmetric key
Encryption and Security Issues -- Sheizaf Rafaeli
A03DB982402C23FA03DB982402C23F
Secure CommunicationSecure Communication
(1)(1) Sender generates Sender generates a random a random symmetricsymmetric “session” key“session” key
EncryptionEncryption
pri
vate
pri
vate
pu
bli
cp
ub
lic
(2)(2) Sender encrypts Sender encrypts session key using session key using recipient’s recipient’s public keypublic key
(3)(3) Recipient Recipient uses its private uses its private key to decrypt key to decrypt session keysession key
DecryptionDecryption
Encryption and Security Issues -- Sheizaf Rafaeli
Digital SignatureDigital Signature
Used like a handwritten signatureUsed like a handwritten signature Verifies the identity of the signerVerifies the identity of the signer Guarantees the document has not Guarantees the document has not
been modified since signedbeen modified since signed Basis for Basis for non-repudiationnon-repudiation
Uses a separate signature key pairUses a separate signature key pair Document hashDocument hash encrypted with encrypted with
signer’s private signature keysigner’s private signature key
Encryption and Security Issues -- Sheizaf Rafaeli
? ? HASHHASHמה זה מה זה דוגמא של חישוב ספרת ביקורת במספר ת.זדוגמא של חישוב ספרת ביקורת במספר ת.ז
-ספרות וספרת ביקורת. ספרות וספרת ביקורת.88מספר תעודת הזהות מורכב מ- מספר תעודת הזהות מורכב מ אופן חישוב ספרת הביקורת היא פעולת אופן חישוב ספרת הביקורת היא פעולתHASHHASH.על מספר ת.ז. על מספר ת.ז :אופן חישוב ספרת הביקורת:אופן חישוב ספרת הביקורת
- המספר ללא ספרת ביקורת - המספר ללא ספרת ביקורת00 33 77 55 44 77 55 22
* | | | | | | | | * | | | | | | | |
HashHash- פונקציית ה- - פונקציית ה- 11 22 11 22 11 22 11 22
44 55 55 44 11 77 66 00 >= 3232מחשבים את סכום הספרות =< מחשבים את סכום הספרות -התוצאה הסופית של פונקצית ה- התוצאה הסופית של פונקצית הHASHHASH היא ספרת ההשלמה היא ספרת ההשלמה
(, מהווה את ספרת (, מהווה את ספרת 4040למספר עשרות שלם )בדוגמא הנ”ל ל- למספר עשרות שלם )בדוגמא הנ”ל ל- ..88הביקורת - כלומר הביקורת - כלומר
– 03754752-03754752לפיכך, מס’ תעודת הזהות השלם, במקרה הנוכחי – לפיכך, מס’ תעודת הזהות השלם, במקרה הנוכחי-88
, מחשבים את סכום 9* אם מתקבלת מכפלה גדולה מ- , ולכן הספרה שנרשמת היא 7*2=14הספרות, למשל
5=1+4
Encryption and Security Issues -- Sheizaf Rafaeli
Signing(Encrypt)Function
Private of A
חתימה דיגיטלית של מידעחתימה דיגיטלית של מידע
Only Private Key holder can sign
Electronic Data
HashResult
Signed Data
DigitalSignature
Electronic Data
HashFunction
Encryption and Security Issues -- Sheizaf Rafaeli
Anyone can verify
Valid compareYes / No ?
אימות של חתימה דיגיטליתאימות של חתימה דיגיטלית
המקבל, יכול לבצע השוואה בין תוצאות
ע”מ HASHה- לוודא כי המידע שנשלח אליו לא
שונה בדרך
Signed Data
DigitalSignature
Electronic Data
HashResult
HashResult
HashFunction
Verify(Decrypt)Function
Publicof A
Encryption and Security Issues -- Sheizaf Rafaeli
Digital SignatureDigital Signature
OriginalOriginaldocdoc
Signed documentSigned document
PrivPrivkeykey
OriginalOriginaldocdoc
One-way hashOne-way hash
SHA
Encryption and Security Issues -- Sheizaf Rafaeli
CertificatesCertificates
Digitally signed documentDigitally signed document Associates identity with public key(s)Associates identity with public key(s) Signed by a “trusted” certifying authoritySigned by a “trusted” certifying authority Identity proved by ability to encryptIdentity proved by ability to encrypt
using associated private keyusing associated private key
Encryption and Security Issues -- Sheizaf Rafaeli
CertificatesCertificates
private
Certificate binds a name to public key(s)
The authenticity of the certificate is guaranteed by the digital signature generated using the CA’s private key
Credential expiration
publ
ic
Name: “Jane Doe”
Expires: 6/18/98
Key-Exchange Key:
Signed: CA’s Signature
Serial #: 29483756
Signature Key: publ
ic
Other Data: 10236283025273
Encryption and Security Issues -- Sheizaf Rafaeli
CertificatesCertificates
Certifying authorityCertifying authority Binds name to certificateBinds name to certificate Can be multiple CAs in a hierarchyCan be multiple CAs in a hierarchy Certification can be delegated...Certification can be delegated...
Trust can form a “Web”Trust can form a “Web” More than one party can certify an entityMore than one party can certify an entity
Encryption and Security Issues -- Sheizaf Rafaeli
Establishing TrustEstablishing Trust
publ
ic
Name: “Jane Doe”
Expires: 6/18/96
Key-Exchange Key:
Signed: CA’s Signature
Serial #: 29483756
Signature Key: publ
ic
Card Authenticator:
10236283
Pub
MD5
Signed Document
OriginalDocume
nt Hash 1
Hash 2
COMPARE?
This This document is document is signed by signed by BarbaraBarbara
This is This is Barbara’s Barbara’s affidavit, affidavit, which is which is signed by signed by SteveSteve
publ
ic
Name: “Jane Doe”
Expires: 6/18/96
Key-Exchange Key:
Signed: CA’s Signature
Serial #: 29483756
Signature Key: publ
ic
Card Authenticator:
10236283This is Steve’s This is Steve’s affidavit, which affidavit, which is signed byis signed bythe trusted rootthe trusted root
The trusted root’s public key is The trusted root’s public key is hardcoded in the software or a hardcoded in the software or a self-signed certificate is in self-signed certificate is in the registrythe registry
(1) Verify digital signatureon document
(2) Verify the digital signatureon Barbara’s affidavit by checking it against Steve’s public key(found in Steve’s affidavit)
(3) Verify the digital signatureon Steve’s affidavit by checking it against the trusted root public key
Encryption and Security Issues -- Sheizaf Rafaeli
Network Encryption Network Encryption (VPN)(VPN)
Network Encryption provides Network Encryption provides privacy & confidentiality for all data, commands, privacy & confidentiality for all data, commands,
passwords, etc. passing over the networkpasswords, etc. passing over the network integrity sealing / tamper proofing for all dataintegrity sealing / tamper proofing for all data
Encryption keys are generated and managed Encryption keys are generated and managed automatically - on a per-session basisautomatically - on a per-session basis
NETWORK
Encryption and Security Issues -- Sheizaf Rafaeli
Network Encryption Network Encryption ProtocolsProtocols
Confidentiality Algorithms
128-bit, 56-bit, and 40-bit RC4DES and DES40Fortezza SHA
Integrity Algorithms
MD5 SECURE MESSAGE DIGEST
seed=ABCD
Secure Automatic Key Management using Diffie-Hellman
seed=5678
KeyGenerator
KeyGenerator
Fortezza SHA
Algorithm choice negotiated at connection timeAlgorithm choice negotiated at connection time
Encryption and Security Issues -- Sheizaf Rafaeli
Secure Connection onSecure Connection onthe World Wide Webthe World Wide Web
SSL/PCT protocol informationSSL/PCT protocol information
Encryption and Security Issues -- Sheizaf Rafaeli
SSL 3.0 HandshakeSSL 3.0 Handshake
ClientClient ServerServerClientHelloClientHello
ServerHelloServerHello CertificateCertificate** CertificateRequestCertificateRequest** ServerKeyExchangeServerKeyExchange
ClientKeyExchangeClientKeyExchange CertificateCertificate** CertificateVerifyCertificateVerify** ChangecipherspecChangecipherspec FinishedFinished
ChangecipherspecChangecipherspec FinishedFinished
Application dataApplication data Application dataApplication data
** Indicates optional or situational-dependentIndicates optional or situational-dependentmessages that are not always sentmessages that are not always sent
Encryption and Security Issues -- Sheizaf Rafaeli
Secure Connection FeaturesSecure Connection Features
Secures socket connectionSecures socket connection Quick reconnectQuick reconnect Provides encryption andProvides encryption and
message authenticationmessage authentication Public-key-based key exchangePublic-key-based key exchange Authenticates serverAuthenticates server
and (optionally) clientand (optionally) client
Encryption and Security Issues -- Sheizaf Rafaeli
Privacy vs. AccountabilityPrivacy vs. Accountability
Small towns are wonderful places, Small towns are wonderful places, because you know everybody.because you know everybody.
Small towns are awful places, Small towns are awful places, because everyone knows you.because everyone knows you.
Encryption and Security Issues -- Sheizaf Rafaeli
Privacy vs. AccountabilityPrivacy vs. Accountability
Liberty vs. Civil orderLiberty vs. Civil order
Benjamin Franklin: Those who would trade Liberty for Security deserve neither.
Thomas Paine: The price of Freedom is eternal Vigilance.
Encryption and Security Issues -- Sheizaf Rafaeli
Privacy vs. AccountabilityPrivacy vs. Accountability
Liberty vs. Civil orderLiberty vs. Civil order
Esther Dyson: Encryption is a powerful defensive weapon for free people. It offers a technical guarantee of pivacy regardless of who is running the government. It’s hard to think of a more powerful, less dangerous tool for liberty.
Encryption and Security Issues -- Sheizaf Rafaeli
Privacy vs. AccountabilityPrivacy vs. Accountability
Liberty vs. Civil orderLiberty vs. Civil order
Simson Garfinkel: Privacy could be the crowbar that finally splits the classes apart for good. We already have the financially rich and financially poor, and the information-rich and information-poor. But we may soon add the privacy-rich and privacy-poor. And that could be the biggest threat to democracy yet.
Encryption and Security Issues -- Sheizaf Rafaeli
PGP, created by Phil Zimmermann, is a good example of public key cryptography
It gives you privacy by allowing you to encrypt your files and email so that nobody can read them except the people you choose
PGP allows you to create a digital signature on your files and email
Encryption and Security Issues -- Sheizaf Rafaeli
PGP is basically used for 3 things
1. Encrypting a message or file so that only the recipient can decrypt and read it
The sender, by signing, guarantees to the recipient, that the message or file must have come from the sender and not an impostor
2. Clear signing a plain text message guarantees that it can only have come from the sender and not an impostor
In a plain text message, text is readable by anyone, but a PGP signature is attached
Encryption and Security Issues -- Sheizaf Rafaeli
3. Encrypting computer files so that they can't be decrypted by anyone other than the person who encrypted them
PGP uses public and private keys
Public keys are kept in individual key certificates
These include the owner’s user ID (the person’s name), a timestamp of when the key pair was generated, and the actual key “certificate”
Agenda (summary)Agenda (summary)
•Main concepts :Physical vs. Logical protectionsSymmetric vs. Public Key encryptionPrivacy, Integrity, Repudiation, CertificationSecurity vs. Privacy as public interest concernsDES, SSL