Docstoc

Authentication and Security

Document Sample
Authentication and Security Powered By Docstoc
					        Chapter 4




•   Authentication & Security
           Motivation & Background

•   What is Security:
    •   A system is secure if you can depend on it and its
        components to behave as you expect.
    •   eg. Computer plus Software, Network
•   Why insecurity existing at all?
    •   bad or thoughtless programming
    •   complexity of the matter
    •   bad administration
•   There is no such thing as 'absolute security'.
    •   Tradeoff between security and usability
    Motivation & Background (cont'd)

•   What's at stake?
    •   Your Data
         •   Integrity
         •   Secrecy
         •   Availability
    •   Your Resources (Network, Computing power etc.)
         •   Availability
         •   proper use
    •   Your Reputation
         •   false pretence of your identity, forgery
    What to Protect from which threats?

•   Data
     •   user information, development, minutes, strategies
     •   against information theft,
•   Host machines
     •   resources (peripherals, CPU),
     •   against masquarading, DoSes
•   Networks
     •   tapping
     •   bandwidth stealing, DoSes
•   Services, Identity
     •   spam mail, defacement
     •   DoS
                 Sources of Threats

•   from outside an organisation (20%?)
    •   crackers, competition, targetted intelligence
•   from inside (80%?)
    •   former employees
    •   careless, default system administration
    •   »information-challenged« user, false sense of security
        by luring computers, weak passwords
•   what is precisely is »inside« and »outside«?
•   break-ins and break-outs
               Security Components

•   authentication middleware
•   encryption middleware
•   access restriction device
    •   firewalls, routers
•   intrusion/attack detection
    •   paranoia daemons
    •   honeypots
                     Cryptography
•   encrypting messages by a method and key
•   security by obscurity is false security
    •   method is secret, not widely analyzed
    •   TV scrambler
    •   DVD/CD encoding
•   security by key strength
    •   method public, thoroughly tested and commonly
        accepted as secure
    •   encoding strength depends on key only
                         Objective
•   secrecy
    •   only the intended receiver can read the message
•   authenticity
    •   any receiver can trust the source of the message
•   efficiency at sender and/or receiver
                         Cryptanalysis
•   finding the cleartext by breaking key or method
    •   practical attack: stealing it
    •   known-plaintext attack:
         •   attacker has pairs (encrypted/decrypted), Stone of Rosetta
    •   chosen plaintext attack:
         •   attacker has way to fool s.o. for encryption, deliberate
                   choice
    •   differential cryptanalysis:
         •   compare encryptions of two similar plaintexts
    •   brute force attack
         •   exhaustive key search, computational complexity
                      Notation
•   encrypting plaintext yields ciphertext
    •   C = K[P]
•   decrypting ciphertext
    •   P = K-1[C]
           Private Key CryptoSystem
•   "symmetric" ciphers
•   key is the same for encryption/decryption
    •   K = K-1
•   symmetric encryption
•   DES, 3DES, IDEA, Blowfish, RC2, RC4, RC5,
    AES
        Private CryptoSystem (cont'd)
•   all parties must share one secret
    •   trust each other?
•   member leaves the party
    •   all must exchange new key
•   how to exchange keys in first place
    •   out-of-band?
              Public CryptoSystems
•   "asymmetric" ciphers
•   everyone has his/her private key
•   everyone has a second key, the public key
    •   public will be distributed
    •   E = K, K-1 = D
    •   C = E[P], P = D[C]
    •   D private key, E public key (mind the colors)
•   idea
    •   one cannot determine K-1 from K easily
        Public CryptoSystems (cont'd)
•   confidentiality
    •   Alice want only Bob to read a message
    •   Alice sends KBob[P] = C, Bob decodes with KBob
•   authenticity
    •   Alice wants to ensure Bob that she sent message
    •   Alice sends KAlice[P] = C, Bob decodes KAlice[C] = P
•   combine both
    Public CryptoSystems (Problems)
•   how to distribute public keys
    •   key-ring servers
•   how to verify association between key and owner
    •   Web of Trust
    •   certification authorities, key-signing parties
    •   THE problem
        Public CryptoSystems (cont'd)

•   keys are long (512, 1024 bit)
•   encrypting long text is inefficient
    •   encrypt via (efficient) symmetric method
         •   temporary, per-message symmetric key as random as
             possible
         •   secure symmetric key by asymmetric keys
        Message Digests and Signatures
•   digest function h
    •   relatively easy to compute
    •   produce small output which is 'representative' for
        original
    •   and impossible to reconstruct original from digest
    •   very hard to find a different original that maps to a
        given digest
•   Property h(x) <> h(y) for "all" x <> y
     • 'collision free' too strong
          Message Digests (cont'd)

•   md5
     • results in 128bit checksum
•   SHA
     • 160bit result
•   SNEFRU
     • 128 or 256bit result
•   HAVAL
     • md5-variant, 92-256bit result
                 Digital Signatures
•   signature must depend on what to sign
•   encrypt whole message with private key, or
•   more efficient:
    •   build a digest of the message
    •   sign only this digest
    •   MAC (Message Authentication Code)
•   digital signature much stronger than physical
•   Digital Signature Standard (DSS) by NIST
    •   based on ElGamal
           Digital Signatures (cont'd)
•   one time signatures
    •   every message gets its own signature
•   undeniable signatures
    •   disavowal protocol at court to prove a sig forged
•   fail stop signatures
    •   enhanced security against forgery
•   dual signatures
    •   two parties agree on a contract
       Widespread Cryptosystems

•   SSL
•   PGP, GnuPG
                       SSL (End User)

•   Secure communication channel
    •   authentification & norepudiation (dig sigs)
         •   client and server
    •   data confidentiality (enc)
    •   data integrity (digests)
•   Layer between application protocol and transport
    (HTTPS, NNTPS, ...)
•   Cipher negotiation (maximize)
                 SSL Architecture

•   Application Layer    •   HTTPS, NNTPS, ...

•   Message Layer        •   SSL
•   Record Layer

•   Transport Layer      •   TCP/IP
                               PGP

•   Pretty Good Privacy
    •   package created by Phil Zimmerman
    •   RSA for asymmetric encryption
    •   IDEA for symmetric encryption
    •   free for private use
    •   was accused in the USA of exporting crypto sw
         •   EAR (Export Administration Regulation), ITAR
                    GnuPGP

•   www.gnupg.org
•   uses DSA, ElGamal for encryption
•   no licencing problems
                 *PG Functionality

•   create keypairs
•   exchange keys
•   encrypting & verifying documents
•   making & verifying signatures
•   manage a local ‘DB’ of keys
    •   public and private
                GnuPG Create Keys
•   choose a method
    •   DSA, ElGamal
•   choose a key size
    •   512..2048
•   choose an expiration date
    •   1/2 - 2 year
•   choose user id
•   protect by good passphrase
•   key will be self-signed in order to aviod
    tampering
               GnPG Exchanging Keys

•   export a key out of the DB
    •   binary or ‘armoured’
•   import this key into another DB
•   validating this key
    •   verifying fingerprint & signing this key
    •   every key is
         •   self-signed or
         •   signed by s.o. or
         •   unsigned
        GnuPG Encrypting & Signing

•   Encrypting & Decrypting
    •   use public/private keys out of DB
•   Making & Verifying signatures
    •   sign: like encrypting with private key + including the
        signature + id + timestamp
    •   clear-sign: message in clear + sig appended
    •   detached-sign: separate signature
                   *PG Trust Model

•   web of trust
    •   trust never, marginally, fully, ultimate
•   direct: bilateral
    •   peers & key signing parties
•   indirect: based on trust on others
    •   ‘completes’: # of fully-trusted people to validate a
        public key
    •   ‘marginals’: # of marginally trusted people to make
        public key valid
                      Technical Terms

•   eavesdropping, tapping
    •   passive: listen on the traffic
    •   active:
         •   reply: inject messages
         •   time-resetting, replay: resending old message
         •   man-in-the-middle
              Technical Terms (cont'd)

•   key escrow
    •   parts of the key and/or the method is known to
         •   company
         •   independent authority
         •   government
    •   clipper chip '98
•   crypto system
         •   set of algorithms for encryption
         •   protocols for message exchange
         •   environment of intended use, social structures

				
DOCUMENT INFO
Categories:
Tags:
Stats:
views:1
posted:5/15/2012
language:
pages:32