Security Guest Lecture on Security Nicholas Weaver ICSI 1 Who Am I Guest Lecture on Security Finished Berkeley last October Now a postdoctoral researcher at ICSI Research area security Mostly the worm problem How attackers can compromise all vulnerable systems of a given time What can we do to prevent detect analyze respond tolerate and recover from worm attacks Bias towards enterprise level defenses Secondary interest Computer Architecture Field Programmable Gate Arrays General purpose custom chips 2 Talk outline Guest Lecture on Security Why Security is Interesting and Hard The Authentication Problem Are you X Cryptography to perform authentication and integrity The problem of the human element The Worm Problem Attacking all machines at the same time The Tragedy of the Commons Security is often limited by economic considerations Analyzing a recent worm attack Slammer Analyzing a recent worm attack Witty if time The OODA Loop 3 Why Security is Hard Guest Lecture on Security Security is one of the hardest areas in Computer Science and in general Therefore its possibly the most enjoyable area Adversarial Nature The adversary is often not constrained by the same rules Instead constrained by his or her or their intent skill and resources The attacker has an easier job Real World Messyness Humans are often the weakest link 4 Adversaries Guest Lecture on Security L337 SKR1P7 K1DD13Z So you are describing 16 year olds who are trying to take down the Internet as a hobby No it s their social life Paraphrased from a Clive Thompson article on virus writers Attack targets of opportunity Insiders Often trusted individuals often in it for the money Terrorists None to date but the potential exists Nation State opponents 5 Need to model an adversary Evil Twins Guest Lecture on Security We need to protect against what can be done not just what has been done Thus we need to model an adversary who s as capable and creative as possible But if we can model someone more creative then ourselves we could become that person Solution Evil Twin What would your evil twin do to accomplish X With various levels of resources tolerance for risk goals etc There is a formal version of this process Red Teaming 6 The Attacker has an Easier Job Guest Lecture on Security The attacker needs to find just ONE weakness The defender must defend all that the attacker could use Attackers often use known vulnerabilities And only needs to know one While the defender must have patched all The attacker is not constrained by rules A little bribery a little break in CDs in the parking lot eh why not A janitor has physical access to a large host of computers Use the physical world to influence the electronic world Or vice versa The attack can become democratic Once someone releases a toolkit or exploit every L337 K1DD107 can use it 7 Example How to Take Down an ISP Guest Lecture on Security The attacker s problem He doesn t like ISP X and wishes to cause a complete shutdown He could be working for a competitor Route BGP updates into OSPF BGP is used for Internet routing between ISPs OSPF is an internal protocol used internally to an ISP Updates are O n2 on all routers in the institution Break into a machine room Gain root on a router Redirect the external BGP feed into the internal OSPF feed Observation If a router s CPU goes to a steadly 100 the router will crash Now all the ISPs routers will crash According to Avi Freedman this has happened before 8 Reflections on this attack Guest Lecture on Security Physical access is helpful but not necessary Physical access easy root How good is every machine room your systems are in The attacker reportedly got caught on camera Can get root in other ways Root a sysadmin s machine and then sniff his passwords Happened at UC Berkeley to compromise argus the CS department login server and also instructional sun systems Attack abused intended functionality Every router in the ISP trusts the other routers OSPF information rarely changes so a computationally complex update is acceptable Attack abused weak engineering Why should routers crash when the CPU goes to 100 Attacker needed a motive Otherwise why bother 9 The Authentication Problem Guest Lecture on Security Authentication I am Nick Weaver How do I prove to you that I am who I am Authorization Because I am Nick Weaver I m allowed into Soda Hall Given what you know of me what am I allowed to do Why airlines are happy to check IDs Tickets are not supposed to be resold Intent I m just here to give a lecture Really hard to answer from the above Why a national ID card doesn t work well at detecting terrorists 10 Common Properties of Authentication Guest Lecture on Security Authentication is usually transitive from some more trusted source You know I am Nick Weaver because Ion Stoica introduced me My CA drivers liscence says that I m me Everyone else in soda hall calls me Nick Authentication usually involves a property or secret I know this random magic number password Thus anyone who can steal it can masquerade as me I have this grinning face and fingerprints Which matches the ID card created by the trusted entity I carry this cryptographic doohicky which spits out numbers Or all of the above 11 Cryptographic Authentication Guest Lecture on Security Needham and Schoeder Using Encryption for Authentication in Large Networks of Computers Basic assumptions There exists a trusted server or group of servers which can authenticate each individual ALL communication can be monitored by an attacker The attacker does NOT control any end hosts Goals of the work Show how to use both public and private key cryptography to mutually authenticate two parties Generate a key which only the two parties know This key can then be used to provide confidentiality and integrity 12 Basic Primitives Guest Lecture on Security Three parties A B and S KA A random value nonce which is used only once E K M cyphertext D K E K M M A secret key known to both X and Y Iai A secret key known only to A KXY A and B can both authenticate with the Authentication Server Encryption assumed to provides both confidentiality and integrity PKA SKA A public private key corresponding to A Public key cryptography is asymmetric D SKA E PKA M M A message encrypted with a public key can only be decrypted with the private key D PKA E SKA M M A message encrypted with the private key could only have been created by someone who knows the private key signing 13 Both Integrity AND Secrecy are key
View Full Document
Unlocking...