Review How easy to guess a password Ways of Compromising Passwords CS162 Operating Systems and Systems Programming Lecture 26 Password Guessing Often people use obvious information like birthday favorite color girlfriend s name etc Dictionary Attack Work way through dictionary and compare encrypted version of dictionary words with entries in etc passwd Dumpster Diving Protection and Security II Find pieces of paper with passwords written on them Also used to get social security numbers etc Paradox Short passwords are easy to crack Long ones people write down April 29 2010 Ion Stoica http inst eecs berkeley edu cs162 Technology means we have to use longer passwords UNIX initially required lowercase 5 letter passwords total of 265 10million passwords In 1975 10ms to check a password 1 day to crack In 2005 01 s to check a password 0 1 seconds to crack Takes less time to check for all words in the dictionary 4 29 10 Review Making password harder to crack If attacker doesn t have access to etc passwd delay every remote login attempt by 1 second Makes it infeasible for rapid fire dictionary attack Can t make it impossible but can help Technique 4 Assign very long passwords Technique 1 Extend everyone s password with a unique number stored in password file Long passwords or pass phrases can have more entropy randomness harder to crack Give everyone a smart card or ATM card to carry around to remember password Called salt UNIX uses 12 bit salt making dictionary attacks 4096 times harder Without salt would be possible to pre compute all the words in the dictionary hashed with the UNIX algorithm would make comparing with etc passwd easy Requires physical theft to steal password Can require PIN from user before authenticates self Better have smartcard generate pseudorandom number Client and server share initial seed Each second login attempt advances to next random number Technique 2 Require more complex passwords Technique 5 Zero Knowledge Proof Make people use at least 8 character passwords with upper case lower case and numbers Require a series of challenge response questions Distribute secret algorithm to user Server presents a number say 5 user computes something from the number and returns answer to server Server never asks same question twice 708 6x1014 6million seconds 69 days 0 01 s check Unfortunately people still pick common patterns e g Capitalize first letter of common word add one digit CS162 UCB Spring 2010 Lec 26 2 Review Making password harder to crack con t Technique 3 Delay checking of passwords How can we make passwords harder to crack 4 29 10 CS162 UCB Spring 2010 Often performed by smartcard plugged into system 4 29 10 Lec 26 3 Page 1 CS162 UCB Spring 2010 Lec 26 4 Goals for Today Authorization Who Can Do What How do we decide who is authorized to do actions in the system Access Control Matrix contains all permissions in the system Distributed Authorization Remote Storage Buffer overflow Worms and Viruses Resources across top Files Devices etc Domains in columns A domain might be a user or a group of permissions E g above User D3 can read F2 or execute F3 In practice table would be huge and sparse Two approaches to implementation Access Control Lists store permissions with each object Still might be lots of users UNIX limits each file to r w x for owner group world More recent systems allow definition of groups of users and permissions for each group Capability List each process tracks objects has permission to touch Note Some slides and or pictures in the following are adapted from slides 2005 Silberschatz Galvin and Gagne Also slides adapted from Kubiatowicz and Paxson 4 29 10 CS162 UCB Spring 2010 4 29 10 Lec 26 5 Popular in the past idea out of favor today Consider page table Each process has list of pages it has access to not each page has list of processes CS162 UCB Spring 2010 How to perform Authorization for Distributed Systems Distributed Access Control File X Different Authorization Domains Owner Key 0x22347EF R Key 0x546DFEFA34 RW Key 0x467D34EF83 RX Group Key 0xA2D3498672 E H ACL Kprivate owner No They only have small number of characters Need something better more unique to identify person Group ACL Key 0xA786EF889A Key 0x6647DBC9AC Group Certificate E H GACL Kprivate group Distributed Access Control List ACL Suppose want to connect with any server at any time Contains list of attributes Read Write Execute etc with attached identities Here we show public keys Need an account on every machine possibly with different user name for each account OR Need to use something more universal as identity ACLs signed by owner of file only changeable by owner Group lists signed by group key ACLs can be on different servers than data Public Keys Called Principles People are their public keys CS162 UCB Spring 2010 Access Control List ACL for X Certificate by X s owner Issues Are all user names in world unique 4 29 10 Lec 26 6 Signatures allow us to validate them ACLs could even be stored separately from verifiers 4 29 10 Lec 26 7 Page 2 CS162 UCB Spring 2010 Lec 26 8 Distributed Access Control Access Control List ACL for X File X Identities checked via signatures and public keys ACL verifier Hash Timestamp R Key 0x546DFEFA34 Signature owner RW Key 0x467D34EF83 RX Group Key 0xA2D3498672 nt lie c te A C iva 9 K pr C DB t X 47 iva 6 d K pr ea 0 x 6 a R t E ey da E K Read Group Server 1 Domain 2 Client can t generate request for data unless they have private key to go with their public identity Server won t use ACLs not properly signed by owner of file r ve re se e No problems with multiple domains since identities designed to be cross domain public keys domain neutral GACL Owner Key 0x22347EF Client 1 Domain 1 Analysis of Previous Scheme Positive Points Revocation What if someone steals your private key Group ACL GACL verifier Hash Timestamp Key 0xA786EF889A Signature group Key 0x6647DBC9AC Distributed Access Control List ACL Need to walk through all ACLs with your key and change This is very expensive Have unique string identifying you that people place into ACLs Server 2 Domain 3 Then ask Certificate Authority to give you a certificate matching unique string to your current public key Client Request E request unique ID Kprivate client give server certificate if they ask for it Key compromise must distribute certificate revocation since can t wait for previous certificate to expire Contains list of attributes Read Write Execute etc with attached identities Here we show
View Full Document
Unlocking...