Why Computer SecurityWhy Computer Security (cont’d)Slide 3OutlineThe History of ComputingComputing Today is Very DifferentBiological AnalogyThe Spread of Sapphire/Slammer WormsThe Flash WormThe Definition of Computer SecurityThe Basic ComponentsSecurity Threats and AttacksFriends and enemies: Alice, Bob, TrudyEavesdropping - Message Interception (Attack on Confidentiality)Integrity Attack - Tampering With MessagesAuthenticity Attack - FabricationAttack on AvailabilityClassify Security Attacks asSlide 19Basic TerminologyClassification of CryptographySecret Key vs. Secret AlgorithmUnconditional vs. Computational SecurityBrute Force SearchSlide 25Symmetric Cipher ModelRequirementsClassical Substitution CiphersCaesar CipherSlide 30Cryptanalysis of Caesar CipherMonoalphabetic CipherMonoalphabetic Cipher SecurityEnglish Letter FrequenciesExample CryptanalysisTransposition CiphersRail Fence CipherProduct CiphersRotor MachinesSlide 40Block vs Stream CiphersBlock Cipher PrinciplesIdeal Block CipherSubstitution-Permutation CiphersFeistel Cipher StructureSlide 46Feistel Cipher DecryptionDES (Data Encryption Standard)DES Top ViewDES SummaryAvalanche EffectStrength of DES – Key SizeDES ReplacementAESAES ShortlistOutlinesPrivate-Key CryptographyPublic-Key CryptographySlide 59Slide 60Public-Key CharacteristicsPublic-Key CryptosystemsRSA (Rivest, Shamir, Adleman)What Is RSA?RSA ExampleHow Does RSA Work?Is RSA Secure?Symmetric (DES) vs. Public Key (RSA)Slide 69Confidentiality => Authenticity ?Hash FunctionsHash Functions & Digital SignaturesRequirements for Hash FunctionsBirthday ProblemHow Many Bits for Hash?Using Hash for AuthenticationGeneral Structure of Secure Hash CodeMD5: Message Digest Version 5MD5 OverviewSlide 80Processing of Block mi - 4 PassesSecure Hash AlgorithmGeneral LogicSHA-1 verses MD5Revised Secure Hash StandardBackup SlidesCryptanalysis SchemeOne-Time PadConfusion and DiffusionBit Permutation (1-to-1)Per-Round Key GenerationA DES RoundMangler FunctionSlide 94S-Box (Substitute and Shrink)S-Box ExamplesPadding TwistWhy Does RSA Work?Using Hash to EncryptMD5 ProcessDifferent Passes...MD5 Compression FunctionSlide 103Functions and Random NumbersBasic Steps for SHA-1Basic Steps...Why Computer Security•The past decade has seen an explosion in the concern for the security of information–Malicious codes (viruses, worms, etc.) caused over $28 billion in economic losses in 2003, and will grow to over $75 billion by 2007•Security specialists markets are expanding !–“ Full-time information security professionals will rise almost 14% per year around the world, going past 2.1 million in 2008” (IDC report)Why Computer Security (cont’d)•Internet attacks are increasing in frequency, severity and sophistication•Denial of service (DoS) attacks–Cost $1.2 billion in 2000–1999 CSI/FBI survey 32% of respondents detected DoS attacks directed to their systems–Thousands of attacks per week in 2001–Yahoo, Amazon, eBay, Microsoft, White House, etc., attackedWhy Computer Security (cont’d)•Virus and worms faster and powerful–Melissa, Nimda, Code Red, Code Red II, Slammer …–Cause over $28 billion in economic losses in 2003, growing to over $75 billion in economic losses by 2007.–Code Red (2001): 13 hours infected >360K machines - $2.4 billion loss–Slammer (2003): 15 minutes infected > 75K machines - $1 billion loss•Spams, phishing …•New Internet security landscape emerging: BOTNETS !Outline•History of Security and Definitions•Overview of Cryptography•Symmetric Cipher–Classical Symmetric Cipher–Modern Symmetric Ciphers (DES and AES)•Asymmetric Cipher•One-way Hash Functions and Message DigestThe History of Computing•For a long time, security was largely ignored in the community–The computer industry was in “survival mode”, struggling to overcome technological and economic hurdles–As a result, a lot of comers were cut and many compromises made–There was lots of theory, and even examples of systems built with very good security, but were largely ignored or unsuccessful•E.g., ADA language vs. C (powerful and easy to use)Computing Today is Very Different•Computers today are far from “survival mode”–Performance is abundant and the cost is very cheap–As a result, computers now ubiquitous at every facet of society•Internet–Computers are all connected and interdependent–This codependency magnifies the effects of any failuresBiological Analogy•Computing today is very homogeneous.–A single architecture and a handful of OS dominates•In biology, homogeneous populations are in danger–A single disease or virus can wipe them out overnight because they all share the same weakness–The disease only needs a vector to travel among hosts•Computers are like the animals, the Internet provides the vector.–It is like having only one kind of cow in the world, and having them drink from one single pool of water!The Spread of Sapphire/Slammer WormsThe Flash Worm•Slammer worm infected 75,000 machines in <15 minutes•A properly designed worm, flash worm, can take less than 1 second to compromise 1 million vulnerable machines in the Internet –The Top Speed of Flash Worms. S. Staniford, D. Moore, V. Paxson and N. Weaver, ACM WORM Workshop 2004.–Exploit many vectors such as P2P file sharing, intelligent scanning, hitlists, etc.The Definition of Computer Security•Security is a state of well-being of information and infrastructures in which the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable•Security rests on confidentiality, authenticity, integrity, and availabilityThe Basic Components•Confidentiality is the concealment of information or resources.–E.g., only sender, intended receiver should “understand” message contents•Authenticity is the identification and assurance of the origin of information.•Integrity refers to the trustworthiness of data or resources in terms of preventing improper and unauthorized changes.•Availability refers to the ability to use the information or resource desired.Security Threats and Attacks•A threat/vulnerability is a potential violation of security.–Flaws in design, implementation, and operation.•An attack is any action that violates security.–Active adversary•An attack has an implicit concept of “intent”–Router mis-configuration or server crash can also cause loss of availability, but
View Full Document
Unlocking...