Notes for CS261 : Computer SecurityOctober 28 2009Paper for reading : You've Been Warned: An Empirical Study of the. Effectiveness of Web Browser Phishing Warnings by Egelman et. al.The paper gives some ideas on how there is still some hope for security and usability. Understanding human factors can help improve the security of the system. The paper was also good in how they made sure that the study they conducted didn't concentrate only on the college crowd.The Pairing Problem• how to connect 2 things together so that they can share a secret key for communication• Just asking user to type in or make sure a common key is shared is not feasible◦ It is a pain to type in key, error prone and often might not be useful if device doesn't have a input mechanism• Use a physical connection to do the initial setup◦ used by cordless phones for e.g• Use a low entropy 4 digit pin say for setup• Problem is it is relatively trivial to do 1000 trials for the attacker• and it might not be obvious but even for low power protocols (like bluetooth) attacker can eavesdrop from far far away with a big antenna• Diffie Helman Key Exchange is the recommended method (explained later below)• Doesn't protect against Man in the middle attacks, only works against the passive attacker• Use a shared 4 digit pin to make it robust against MITM attacks, basically do all transmissions that Diffie Hellman does but encrypted with the 4 pin key. As the 'plain text' in this case is actually a random string , it is not that trivial to crack. (I.e we use the encryption only to protect against MITM, not for confidentiality as the word encryption might make it sound)• User can verify the 4 digit things are same (this can be a hash instead of pin)• Usability issue : if you ask user 'is this pin correct?' they will just say 'yeah whatever'. • Ask user to type it in• Give multiple options with the correct option in a random position• Other methods for physically proximal devices:• for e.g 2 phones can be brought nearby and further by the users and they cansync up• 2 things with motion sensor : ask the user to shake them together and use the shakes as a keyThe Diffie Hellman Key ExchangeNote that an active attacker Carol can easily man in the middle this : there is no 'authentication' that Bob is really Bob and Alice is really Alice. This is really designed for Alice and Bob to share a secret in front of the whole wild world.Side Channel Attacks• attacks based on physical implementation of a system rather than the theory/design of it• One of the oldest is how CRTs emmitted a radio signal that could be decoded to get a blurry image of what is present on the screen• Often you can just look at the monitor with an open window and a telescope• if screen facing away from window, CRTs often emit light that hits the wall.Because CRTs emit light and looking at how the light on the wall is refreshing , telescopes and a CCD sensor can get a image of what is on the screen• LCDs not vulnerable• In modems, activity light is often connected to the actual data line as a simple way of showing activity• Viewing this one could just find out using the on-off pattern what is the data stream passing through• on fast ethernet etc. systems this isn't useful as the LED refresh rate is less than the ethernet speed• Smart Cards draw power from the card reader , but they were designed to keep their key etc. secret from a malicious card reader• But they didn't think of side channel attacks : complex operations require more power• A malicious card reader can detect the power consumed at a fast enough rate and then do damage• Often the crypto code looks like right :• The power consumption can then be easily used to compute the key as shown in figure belowwhile(length of key): complex ops (set A) if (key[i] == 1) complex ops (set B)end whileUsability Failures • Passwords• Humans are bad at making up random things , bad at remembering random things and bad at keeping things secret• Passwords ask humans to do all 3 things• Spam / Email• no one uses secure /signed email : its ridiculously hard to make people understand how to securely email others (as a berkeley study 'why johnny can't encrypt showed') : no one really understands what public/private key mean, people send their private keys over the wire• Maybe just don't show user the private key ever • problem with multiple devices• 'once we ask user to understand asymmetric key crypto, we have lost'• A good example is the 'Key Continuity Management' system• All emails are signed , with a header 'my public key is'• Like SSH, the first time person receives a mail he stores the key so that next time a mail is received with a bad key/signature it is ignored• No user intervention required , all automatic in the mail client• Virus• People never understand that clicking on a file can totally destroy their system• the design of OS assumed that when a user clicks on a file he is totally trusting that program which is flawed• Delete doesn't Delete• Only metadata/links to files are deleted when a file is deleted or HDD formatted• A study by researchers found a surprising number of people sold their Harddisks over ebay still had data left over• they had formatted the disk, so presumably they wanted to protect the data but didn't know formatting doesn't really delete everythingHuman Factors matter ,don't forget them while designing security