Transcript Privacy and Heartbleed

CS 4700 / CS 5700
Network Fundamentals
Lecture 20: Attacks and Tinfoil Hats
(Bleeding hearts and Spies)
Last updated 12/3/2014
Outline
2

Worms



Botnets



Basics
Example worms
Take network security
next semester!
Basics
Torpig – fast flux/phishing
Privacy

Anonymous communication
Motivation
3

Internet currently used for important services


Increasingly used for critical services


911, surgical operations, water/electrical system control,
remote controlled drones, etc.
Networks more open than ever before


Financial transactions, medical records
Global, ubiquitous Internet, wireless
Networks more surveiled than ever before

Snowden revelations, pervasive tracking companies
Security != Privacy
4

How much of your mobile data was over HTTPS?
 Do

you think that keeps your data private?
Encryption protects from eavesdroppers
 Does
not mean that your privacy isn’t violated
 Your data could still be shared insecurely in the backend

Proxying+encryption hides senders from receivers
 Does
not defend from pervasive observers
Snowden wants to communicate with
Greenwald without Alexander finding out
5
Ed’s IP
Glenn’s IP
The problem of IP anonymity
6
Client
VPN proxy
Proxies are single point of attack
(rogue admin, break in, legal, etc)
Server
Tor model (very simplified)
7

Bitwise unlinkability
 Use
multiple hosts to form a “circuit”
 Use multiple layers of encryption, peel them off as you go

Sender/receiver anonymity
 Only
the first hop (entry node) of a circuit knows the sender
 Only the last hop (exit node) of a circuit knows the receiver
 In simple case, this property holds as long as first and lost
hop are not compromised
Traffic routing
analysis(Tor)
Onion
8
Proxy
Onion routing doesn’t resist
traffic analysis (well known)
Outline
9
1) Overview
Anonymous Quanta (Aqua)
10

k-anonymity: Indistinguishable among k clients

BitTorrent
 Appropriate
latency and bandwidth
 Many concurrent and correlated flows
Threat model
11



Global passive (traffic analysis) attack
Active attack
Edge mixes aren’t compromised
Constant rate (strawman)
12
Padding
Defeats traffic analysis, but overhead proportional
to peak link payload rate on fully connected network
Outline
13
2)
Design
 Padding
at the core
 Padding at the edges
 Bitwise unlinkability
 Receiver’s anonymity (active attacks)
Multipath
14
Padding
Multipath reduces the
peak link payload rate
Variable uniform rate
15
Reduces overhead by adapting to
changes in aggregate payload traffic
Outline
16
2) Design
 Padding
at the edges
 Bitwise unlinkability
 Receiver’s anonymity (active attacks)
k-anonymity sets (ksets)
17
Recv kset
Send kset
Padding
Provide k-anonymity by ensuring correlated
rate changes on at least k client links
Forming efficient ksets
18
Peers’ rates
1
2
3
1
2
3
Are there temporal
Epochs and spatial
correlations among BitTorrent flows?
Outline
19
3) Evaluation
Methodology: Trace driven simulations
20

Month-long BitTorrent trace with 100,000 users
 20
million flow samples per day
 200 million traceroute measurements

Models of anonymity systems
 Constant-rate:
Onion routing v2
 Broadcast: P5, DC-Nets
 P2P: Tarzan
 Aqua
Overhead @ edges
Overhead
21
Models
Much better bandwidth efficiency
Throttling @ edges
Throttling
22
EfficientlyModels
leverages
correlations in BitTorrent flows
Ongoing work
23

Traffic-analysis resistant VoIP
 Requires
low latency
 But also requires less bandwidth

New design
 Peers
always send traffic
 Trusted mixes provide
anonymity
 Untrusted superpeers
provide scalability
Host Compromise
24

One of earliest major Internet security incidents
 Internet
Worm (1988): compromised almost every BSDderived machine on Internet


Today: estimated that a single worm could compromise
10M hosts in < 5 min
Attacker gains control of a host
 Read
data
 Erase data
 Compromise another host
 Launch denial-of-service attacks on another host
Outline
25

Privacy


Anonymous communication
Network attacks

Buffer overflow/Heartbleed
Host Compromise: Stack Overflow
26



Typical code has many bugs because those bugs are not
triggered by common input
Network code is vulnerable because it accepts input
from the network
Network code that runs with high privileges (i.e., as root)
is especially dangerous
 E.g.,
web server
Example
27

What is wrong with this code?
0
Packet
34
name_len
name
// Copy a variable length user name from a packet
#define MAXNAMELEN 64
int offset = OFFSET_USERNAME;
char username[MAXNAMELEN];
int name_len;
name_len = packet[offset];
memcpy(&username, packet[offset + 1], name_len);
Example
28
Packet
34
name_len
name
void foo(packet) {
#define MAXNAMELEN 64
int offset = OFFSET_USERNAME;
char username[MAXNAMELEN];
int name_len;
name_len = packet[offset];
memcpy(&username,
packet[offset + 1],name_len);
…
}
Stack
X
X-4
X-8
Address:
X-72
“foo” return
address
int offset
[Malicious assembly
char username[]
instructions]
Christo
Wilson
0
X-72
X-76
(MAXNAMELEN +15
8)
int72name_len
Heartbleed Attack (April, 2014)
29

Vulnerability in OpenSSL
 Used

by HTTPS, SSH, many others to encrypt communication
Heartbeat attack
 Message
of form: “Here’s some data, echo it back to me”
 Takes as input: Data and length (L), where L <= 64KB
 Echoes back a block of data L
 What’s the problem?

Send one byte, get 64KB of RAM!
 Private
keys, passwords, etc have been leaked
As described by XKCD
30
As described by XKCD
31
As described by XKCD
32
As described by XKCD
33
As described by XKCD
34
As described by XKCD
35
Impact of bug
36

Every SSL site should have
 Patched

code, revoked old certificates, reissued new ones
What did they actually do?
 Most
patched: only 6% vulnerable after 3 weeks
 Most did not reissue: 73% are using vulnerable certs
 Most did not revoke: 87% with valid vulnerable certs (!!!!)

Why does this matter?
 Attackers
can MITM any of these sites
 These attacks may last for years (due to cert. expiry)
Wrap up
37

Computer networks today are pervasive
Layered design promotes flexibility, scalability
 Pinch points due to IPv4 exhaustion, middleboxes, peering


Internet success largely due to variety of applications
Messaging, VoIP, video streaming, games, …
 Key challenges are how to do them efficiently


Internet is constantly evolving
Will SDNs usher in a new era of reliability/flexibility?
 Will everything be mobile?
 How do we secure our communication and data?

Questions?
38
39