Transcript Encryption

Review For Exam 3
© Abdou Illia – Spring 2012
The Elements of
Cryptography
Cryptography?
 Traditionally, cryptography refers to

The practice and the study of encryption

Transforming information in order to prevent
unauthorized people to read it.
 Today, cryptography goes beyond
encryption/decryption to include

Techniques for making sure that encrypted
messages are not modified en route

Techniques for secure
identification/authentication of communication
partners.
3
Your knowledge about Cryptography
Which of the following security issues is
addressed by cryptographic systems?
a) Confidentiality; i.e. protection against eavesdropping
b) Authentication; i.e. assurance parties involved in a
communication are who they claim to be
c) Message integrity; i.e. assurance that messages are not
altered en route
d) Availability; i.e. making sure that communication systems
are not shut down by intruders.
e) All of the above
4
Basic Terminology 1
 Plaintext: original message to be sent. Could be text, audio, image, etc.
 Encryption/Decryption Algorithm: mathematical tool (software) used to
encrypt or decrypt
 Key: A string of bits used by to encrypt the plaintext or decrypt the ciphertext
 Ciphertext: encrypted message. Looks like a random stream of bits
Plaintext
“Hello”
Party A
Encryption
Algorithm
Hello
+
Encryption
key
Ciphertext “11011101”
Network
Interceptor
Ciphertext “11011101”
Decryption
Algorithm
Plaintext
“Hello”
+
Decryption
key
5
Party B
Basic Terminology 2
 Encryption:



Converting plaintext into ciphertext using algorithms and keys
The size of the ciphertext is proportional to the size of the plaintext
Ciphertext is reversible to plaintext
 Symmetric Key Encryption:


Same key is used both for encryption and decryption
Keys are usually identical or trivially identical*
* Trivially identical means simple transformation could lead from one key to the another.
Party A
Party B
 Asymmetric Key Encryption:


Also called Public/Private Key Encryption
Two different keys are used: one for encryption, one for decryption
Party A Flexcrypt: http://www.flexcrypt.com/flexcryptfree.html
Party B
6
Your knowledge about Cryptography
1) Based on how symmetric encryption
systems work, which of the following is the
worst thing to happen?
a) An attacker gets a copy of the encryption and decryption
algorithms
b) An attacker gets the decryption key
c) a and b are equally damaging
2) Which of the following presents more challenge
for exchanging keys between partners?
a) Asymmetric encryption
b) Symmetric encryption
c) A and b are equally challenging
7
Exhaustive search and Key length
 Attacker could use the right algorithm and do an exhaustive search (i.e.
try all possible keys) in order to decrypt the ciphertext
 Most attacks require the capture of large amount of ciphertext
 Every additional bit in the length of the key doubles the search time
Key Length in bits
Number of possible keys (2key length in bits)
1
2
2
4
4
16
8
256
16
65536
56
72057594037927900
112
5192296858534830000000000000000000 or 5.1923E+33
168
3.74144E+50
256
1.15792E+77
512
1.3408E+154
8
Your knowledge about Cryptography
4) If you increase the key length from 56 bits to 66
bits. How much more key combinations an
attacker who captures enough ciphertext will have
to try in order to decipher the captured ciphertext
using the appropriate algorithm?
_______________________________________
5) Assuming that it takes 7 days to try all possible
combinations of a 56 bit key, how much time it
would take to try all possible combinations when
the key length is increased to 58 bits?
________________
9
Weak vs. Strong Keys
 Symmetric Key Encryption



Usually used for customer e-business
Keys with lengths of less than 100 bits are considered weak
today.
Keys with lengths of more than 100 bits are considered
strong today.
 Asymmetric Key Encryption


Usually used for B2B financial e-business
Key pairs must be much longer (1024 bits and more)
because of the disastrous consequences of breaking the
Key Length in bits
Number of possible keys (2
)
decryption key
1
2
key length in bits
2
4
16
65536
56
72057594037927900
112
5192296858534830000000000000000000 or 5.1923E+33
168
3.74144E+50
256
1.15792E+77
512
1.3408E+154
10
Your knowledge about Cryptography
6) Most attacks require the capture of large
amount of ciphertext, which can take a
certain amount of time. Beside using strong
keys what else can be done to make it
harder to crack the key?
11
Symmetric Key Encryption
Symmetric Key Encryption methods
 Two categories of methods
 Stream cipher: algorithm operates on individual bits (or
bytes); one at a time
 Block cipher: operates on fixed-length groups of bits
called blocks
 Only a few symmetric methods are used today
Methods
Year approved
Comments
Data Encryption Standard - DES
1977
1998: Electronic Frontier Foundation’s Deep
Crack breaks a DES key in 56 hours
DES-Cipher Block Chaining
Triple DES – TDES or 3DES
1999
Advanced Encryption Standard – AES
2001
Its versions among the most used today
Other symmetric encryption methods
IDEA (International Data Encryption Algorithm), RC5 (Rivest Cipher 5), CAST (Carlisle Adams Stafford
Tavares), Blowfish
13
Data Encryption Standard (DES)
 DES is a block encryption method, i.e. uses block cipher
 DES uses a 64 bit key; actually 56 bits + 8 bits computable
from the other 56 bits
 Problem: same input plaintext gives same output ciphertext
64-Bit Plaintext
Block
64-Bit DES Symmetric Key
(56 bits + 8 redundant bits)
DES Encryption
Process
64-Bit Ciphertext
Block
14
DES-Cipher Block Chaining
 DES-CBC uses ciphertext from previous block as input
making decryption by attackers even harder
 An 64-bit initialization vector is used for first block
First
64-Bit Plaintext Block
Initialization
Vector (IV)
DES Key
DES Encryption
Process
First
64-Bit Ciphertext Block
Second
64-Bit Plaintext Block
DES Key
DES Encryption
Process
Second
15
64-Bit Ciphertext Block
Triple DES (3DES)
168-Bit Encryption with Three 56-Bit Keys
Sender
Receiver
1st
Encrypts original plaintext with the
Decrypts ciphertext with
1st key
the 3d key
3rd
2nd
Decrypts output of first
step with the 2nd key
Encrypts output of the
first step with the 2nd key
2nd
3rd
Encrypts output of second
step with the 3d key; gives
the ciphertext to be sent
Decrypts output of second
step with the 1st key; gives
the original plaintext
1st
16
Triple DES (3DES)
112-Bit Encryption With Two 56-Bit Keys
Sender
Receiver
Encrypts plaintext with the
1st key
Decrypts ciphertext with
the 1st key
1st
2nd Decrypts output with the
Encrypts output with the
2nd key
2nd
Encrypts output with the
1st key
Decrypts output with the
1st key
1st
1st
2nd
1st
key
17
Your knowledge about Cryptography
7) Based on the way DES and 3DES
work, which of the following is true?
a) 3DES requires more processing time than DES
b) Compared 3DES, DES requires more RAM
c) Both a and b
8) Given the increasing use of hand-held
devices, 3DES will be more practical
than DES.
a) True
b) False
18
Advanced Encryption Standard - AES
 Developed by two Belgian cryptographers, Joan Daemen
and Vincent Rijmen, and submitted to the AES selection
process under the name "Rijndael", a portmanteau of the
names of the inventors
 Offers key lengths of 128 bit, 192 bit, and 256 bit
 Efficient in terms of processing power and RAM
requirements compared to 3DES
 Can be used on a wide variety of devices including:



Cellular phones
PDAs
Etc.
19
Asymmetric Key Encryption
Public Key Encryption For confidentiality
 Each Party uses other party’s public key for encryption
 Each Party uses own private key for decryption
 No need to exchange private key, but key needs to be very
strong (512+ bit. Most today’s key are at least 1024 bit)
Encrypt with
Party B’s Public Key
Encrypted
Message
Party A
Decrypt with
Party A’s Private Key
Encrypted
Message
Decrypt with
Party B’s Private Key
Party B
Encrypt with
Party A’s Public Key
21
Public Key Encryption methods
 Asymmetric encryption methods are used both for
 Encryption in order to provide confidentiality
 Digital signature in order to provide partners’ authentication
Methods
Year proposed
Comments
RSA by Ron Rivest, Adi Shamir, and
Leonard Adleman
1977
1995: First attack in lab conditions was reported
Elliptic Curve Cryptosystem - ECC
1985
Becoming widely used
Other symmetric encryption methods:
Dieffe-Hellman, El-Gamal
22
Basic Terminology 3
 Hashing:

Mathematical process for converting inputs into fixed-length outputs
 Hash function:

Algorithm that does the hashing. Uses an input + a shared secret or
password. Example: Message Digest 5 (MD5), Secure Hash Algorithm (SHA).
 Hash:

Fixed-length output of the hashing
23
Encryption Versus Hashing
Encryption
Hashing
Use of Key
Uses a key as an
input to an
encryption method
Password is usually added
to text; the two are
combined, and the
combination is hashed
Length of
Result
Output is similar in
length to input
Output is of a fixed
short length,
regardless of input
Reversibility
Reversible; ciphertext
can be decrypted
back to plaintext
One-way function; hash
cannot be “de-hashed” back
to the original string
24
MD5 (Message-Digest algorithm 5)
 A widely used cryptographic hash function used to




hash inputs (typed texts or files) in order to generate
hash values (called checksums, message digest, or
output)
An MD5 hash value is typically expressed as a 16hexadecimal number like
912df11644fccac439b6fc5f80af5cdb
Each hex number is 8 bits
MD5 generates a 128-bit hash value regardless of the
input length.
Commonly used to check the integrity of files like
downloaded software programs
25
SHA1 (Secure Hash Algorithm 1)
 A widely used cryptographic hash function
used to hash inputs (typed texts or files) in
order to generate hash values (called
checksums, message digest, or output)
 A SHA1 hash value is typically expressed as a
20-hexadecimal number like
79054025255fb1a26e4bc422aef54eb4
 SHA1 generates a 160-bit hash value
regardless of the input length
 Commonly used to check the integrity of files
like downloaded software programs
26
Application Security:
General apps &Web service
Applications and Buffer Overflow
 Buffer Overflow is the biggest issue in application coding
 Buffer overflow leads to Buffer Overflow Attacks
 Buffers are RAM areas where data is stored
temporarily
 If an attacker sends more data than the programmer
had allocated to a buffer, a buffer might overflow,
overwriting an adjacent section of RAM
Buffer1
RAM
Buffer2
Buffer3 Buffer4 Buffer5 Buffer6 Buffer7
28
Buffer Overflow Attack
 Occurs when ill-written programs allow data destined to a
memory buffer to overwrite instructions in adjacent memory
register that contains instructions.
 If the data contains malware, the malware could run and
creates a DoS
 Example of input data: ABCDEF LET JOHN IN WITHOUT
PASSWORD
Buffer
1
2
3
Instructions
4
5
6
Print
Run Program
Accept input
Buffer
1
A
29
2
B
3
C
Instructions
4
D
5
E
6
F
LET JOHN IN WITHOUT PASSWORD
Run Program
Accept input
29
Stack Entry and Buffer Overflow
2. Add Data
to Buffer
5. Start of
Attacker data
3. Direction of
Data Writing
1. Write Return
Address
Data Buffer
Return
Address
4. Overwrite
Return Address
Stack entry: data buffer & Return address registry



When a program must put one subprogram on hold to call another,
it writes the return address in RAM areas called stack entries
The called subprogram may add data to the buffer to the point it
overwrites the return address
If the added buffer data is Attack code, this will be a buffer
overflow attack
30
http://www.metacafe.com/watch/1452134/buffer_overflow_attacks_explained_with_beer/
Preventing Buffer Overflow
 Use Language tools that provide automatic bounds checking
such as Perl, Python, and Java instead lower level language (C,
C++, Assembly, etc).

However, this is usually not possible or practical because
almost all modern OS are written in the C language.
 Eliminate The Use Of Flawed Library Functions like gets(),
strcpy, and strcmp that fail to check the length or bounds of their
arguments.
 Design And Build Security Within Code
For instance, this simple change
informs strcpy() that it only has
an eight byte destination buffer
and that it must discontinue raw
copy at eight bytes.
// replace le following line
Strcpy (buffer2, strng2);
// by
Strcpy (buffer2, string2, 8)
 Use Source Code Scanning Tools.

Example: PurifyPlus Software Suite can perform a
dynamic analysis of Java, C, or C++ source code.
31
Web service security
32
Webservice & E-Commerce apps
 Web applications could be the target of many types
of attacks like:

Directory browsing

Traversal attacks

Web defacement

Using HTTP proxy to manipulate interaction between client
and server

IIS IPP Buffer Overflow

Browser attacks

Time configuration
33
Web sites’ directory browsing

If Directory Browsing is disabled on a web server:
 User cannot get access to list of files in the directory by
knowing or guessing directory names
34
Directory browsing

If Directory Browsing enabled on a web server:
 User can get access to the list of files in the directory by
knowing or guessing directory names
35
Traversal Attack
 Normally, paths start at the WWW root directory
 Adding ../ (Windows) or ..\ (Unix) in an HTTP request might take the
attacker up a level, out of the WWW root directory.
Example: http://website.com ../../
Example: http://castle.eiu.edu/~a_illia/BUS3500/Brief/Case1/../
 If attacker traverses to Command Prompt directory in Windows
2000 or NT, he can execute any command with system privileges
36
IIS IPP Buffer Overflow
 The Internet Printing Protocol (IPP) service
included in IIS 5.0 and earlier versions is
vulnerable to buffer overflow and traversal attacks
 The jill.c program was developed to launch the
attack using:
GET NULL.printer HTTP/1.0
Host: 420-byte jill.c code to launch the command shell
 IIS server responds launching the command shell
(C:\WINNT\SYSTEM32\>) giving the attacker
SYSTEM privileges.
37
Browser Attacks
 Malicious links

User must click on them to execute (but not
always)

Common file extensions are hidden by default in
some operating systems.
 attack.txt.exe seems to be attack.txt
38
Browser Attacks (Cont.)
 Common Attacks
 Redirection to unwanted webpage
 Scripts might change the registry, home page
 Some scripts might “trojanize” your DNS errorhandling routine when you mistype a URL
 Pop-up windows

Web bugs; i.e. links that are nearly invisible,
can be used to track users at a website

Domain names that are common misspellings of
popular domain names
 Microsoff.com, www.whitehouse.com (a porn site)
39
Host Hardening
40
Computer Hardware & Software
Web service software (IIS, Apache, ...)
Web browser
Productivity Software
Operating System
Computer Hardware
Client &
server
application
programs
Your knowledge about Host hardening
 Which of the following is most likely to
make a computer system unable to
perform any kind of work or provide any
service?
Client application programs get hacked
b) Server application programs (web service software,
database service, network service, etc.) get hacked
c) The operating system get hacked
d) The connection to the network/Internet get shut down
a)
OS Vulnerability test
2010 by omnired.com
 OS tested:



Win XP, Win Server 2003, Win Vista Ultimate,
Mac OS Classic, OS X 10.4 Server, OS X 10.4 Tiger OS market share
FreeBSD 6.2, Solaris 10, Fedora Core 6, Slackware 11.0, Suse
Enterprise 10, Ubuntu 6.10
 Tools used to test vulnerabilities:



Scanning tools (Track, Nessus)
Network mapping (Nmap command)
All host with OS installation defaults
 Results



Microsoft's Windows and Apple's OS X are ripe with remotely
accessible vulnerabilities and allow for executing malicious code
The UNIX and Linux variants present a much more robust exterior to
the outside
Once patched, however, both Windows and Apple’s OS are secure.
Your knowledge about Host hardening

You performed an Out-of-the-box installation of
Windows XP and Linux FreeBSD 6.2 on two
different computers. Which computer is more likely
to be secure ?
a)
b)
c)

Windows XP
Linux FreeBSD 6.2
They will have the same level of security
What needs to be done, first, in order to prevent a
hacker from taking over a server with OS installation
defaults that has to be connected to the Internet?
a)
b)
c)
Lock the server room
Configure the firewall to deny all inbound traffic to the server
Download and install patches for known vulnerabilities
Security Baseline
 Because it’s easy to overlook something in the
hardening process, businesses need to adopt a
standard hardening methodology: standard
security baseline
 Need to have different security baseline for
different kind of host; i.e.



Different security baselines for different OS and versions
Different security baselines for different types of server
applications (web service, email service, etc.)
Different security baselines for different types of client
applications.
Options for Security Baselines
 Organization could use different standards

OS vendors’ baselines and tools


Standards Agencies baselines


e.g. Follow MS Installation procedure and use
Microsoft Baseline Security Analyzer (MBSA)
e.g. CobiT* Security Baseline
Company’s own security baselines
 Security Baseline to be implemented by

Server administrators known as systems admin
* Control Objectives for Information and Related Technology
Elements of Hardening







Physical security
Secure installation and configuration
Fix known vulnerabilities
Remove/Turn off unnecessary services (applications)
Harden all remaining applications
Manage users and groups
Manage access permissions

For individual files and directories, assign access
permissions to specific users and groups
 Back up the server regularly
 Advanced protections
A
c
c
o
r
d
i
n
g
t
o
b
a
s
e
l
i
n
e
Example of Security Baseline for
Win XP Clients
 OS Installation
Create a single partition on HDD
 Format disk using NTFS file system
 Install Win XP and Service Pack 3
Fixing OS vulnerabilities
 Download and install latest patches
 Turn on Windows’ Automatic Updates checking
Configure Windows Firewall
 Block incoming connections except KeyAccess and Remote
Assistance
Turn off unnecessary services
 Turn off Alerter, Network Dynamic Data Exchange, telnet
Application Installation
 Centrally assign applications using group policies
Fixing applications’ vulnerabilities
 Turn on each application’s automatic update checking






Hardening servers
 The 5 ‘P’ s of security and compliance: Proper Planning Prevents Poor
Performance
 Plan the installation

Identify





Determine










The purpose of the server. Example: provides easy & fast access to Internet
services
The services provided on the server
Network service software (client and server)
The users or types of users of the server
Privileges for each category of users
If and how users will authenticate
How appropriate access rights will be enforced
Which OS and server applications meet the requirements
The security baseline(s) for installation & deployment
Install, configure, and secure the OS according to the security baseline
Install, configure, and secure server software according to sec. baseline
Test the security
Add network defences
Monitor and Maintain
Hardening servers (cont.)
 Choose the OS that provides the following:







Ability to restrict admin access (Administrator vs. Administrators)
Granular control of data access
Ability to disable services
Ability to control executables
Ability to log activities
Host-based firewall
Support for strong authentication and encryption
 Disable or remove unnecessary services or
applications




If no longer needed, remove rather than disable to prevent re-enabling
Additional services increases the attack vector
More services can increase host load and decrease performance
Reducing services reduces logs and makes detection of intrusion
easier
Hardening servers (cont.)
 Configure user authentication









Remove or disable unnecessary accounts
(e.g. Guest account)
Change names and passwords for default accounts
Disable inactive accounts
Assign rights to groups not individual users
Don't permit shared accounts if possible
Configure time sync
Enforce appropriate password policy
Use 2-factor authentication when necessary
Always use encrypted authentication
UNIX / Linux Hardening
 Many versions of UNIX

No standards guideline for hardening
 User can select the user interface


Graphic User Interface (GUI)
Command-Line Interfaces (CLIs) or shells
 CLIs are case-sensitive with commands in
lowercase except for file names
UNIX / Linux Hardening
 Three ways to start services

Start a service manually (a) through the GUI, (b) by
typing its name in the CLI, or (c) by executing a
batch file that does so

Using the inetd program to start services when
requests come in from users

Using the rc scripts to start services automatically
at boot up
Inetd = Internet daemon; i.e. a computer program that runs in the background
UNIX / Linux Hardening
 Starting services upon client requests



Services not frequently used are dormant
Requests do not go directly to the service
Requests are sent to the inetd program which is started at server boot up
Program A
Program B
4. Start and
Process
This Request
Program C
Program D
1. Client Request
To Port 123
inetd
3. Program C
Port 23
Port 80
Port 123
Port 1510
2. Port 123
Program A
Program B
Program C
Program D
/etc/inetd.config
UNIX / Linux Hardening
 Turning On/Off unnecessary Services In UNIX

Identifying services running at any moment

ps command (process status), usually with –aux
parameters, lists running programs
 Shows process name and process ID (PID)


netstat tells what services are running on what ports
Turning Off Services In UNIX
 kill PID command is used to kill a particular process
 kill 47
(If PID=47)
Advanced Server Hardening Techniques
 File Integrity Checker

Creates snapshot of files: a hashed signature
(message digest) for each file

After an attack, compares post-hack signature
with snapshot

This allows systems administrator to
determine which files were changed

Tripwire is a file integrity checker for
Linux/UNIX, Windows, etc.: www.tripwire.com
(ftp://coast.cs.purdue.edu/pub/tools/unix)
Advanced Server Hardening Techniques
Reference Base
1.
Earlier
Time
File 1
File 2
…
Other Files in
Policy List
Tripwire
File 1 Signature
File 2 Signature
…
…
3. Comparison to Find Changed Files
Post-Attack Signatures
2.
After
Attack
File 1
File 2
…
Other Files in
Policy List
Tripwire
File 1 Signature
File 2 Signature
…
…
File Integrity problem: many files change for legitimate reasons. So it is difficult to know
which ones the attacker changed.
Other types of host that can be
Hardened
 Internetwork Operating System (IOS)

For Cisco Routers, Some Switches, Firewalls
 Even cable modems with web-based
management interfaces
Which of the following is true about
Application Security?
 If a server application (or service) is no longer needed, it
should be turned off
 Fewer applications on a computer, fewer attack
opportunities
 Use good security baselines to install and configure
apps
 Do not install application centrally using group policies
 Add application layer authentication by requiring users
to provide credentials to run application programs
 Implement cryptographic authentication for sensitive
apps
 If a server application (or service) is no longer needed,
it should be removed
 Do not turn on each applications’ automatic update
checking
59