Public key crypto Encryption Block cipher en decrypt msgs in fixed size blocks w same secret key n bit plaintext k bit secret key E D n bit ciphertext DES AES Modes of operation Hash functions Preimage resistance given h intractable to find y s t H y h Electronic code book ECB blocks indep encrypted Cipher block chaining CBC encryption one block depends previous Counter CTR encrypts counter value 2nd preimage resistance given x intractable to find y cid 3405 x s t H y H x Collision resistance intractable to find x y s t y cid 3405 x H y H x S k m H k opad H k ipad m opad ipad strings Alice s tag S k m Bob verify tag V k m tag yes Non keyed checksum CRC insecure MAC HMAC most widely used on internet Xor 0 if same 1 if diff HMAC provide msg integrity not confidentiality G rand Alg outputs keypair pk sk E pk m rand Alg Takes m outputs c D sk c det Alg Takes c outputs m D sk E pk m m Trapdoor Functions secure if one way function RSA p q primes N p q cid 2030 cid 4666 cid 1840 cid 4667 cid 3404 cid 4666 cid 1868 cid 3398 1 cid 4667 cid 4666 cid 1869 cid 3398 1 cid 4667 cid 1856 cid 1871 cid 1872 cid 4666 cid 1856 cid 1857 cid 4667 cid 2030 cid 4666 cid 1840 cid 4667 cid 3404 1 pk N e sk N d RSA pk x x xemodN Given F pk x pk hard to find x RSA 1 sk y y ydmodN Sign sk m F 1 sk H m verify pk m sig acceptifF pk sig H m Digital certificate certificate authority signs public key cert includes pk and sig Diffie Hellman key exchange prime p 0 g p gA Bmodp gAmodp gBmodp gB Amodp SSL client nonce cert nonce server c E pk PreK random session keys PRF PreK noncec nonces Digital signatures from trapdoor functions Attacks to pw online guessing social engineering phishing eavesdropping Zero knowledge proof prove w o revealing proof client side malware server compromise Shamir secret sharing f x of degree q 1 secret f 0 q 1 points no curve mod p Secure multi party computation SMC computes value of public function on separate data points do not learn others data B Axmodp A B p public P sends V h Armodp where r p 1 V sends b P sends s r bx mod p 1 V Asmodp hBbmodp Static analysis and program verification Syntactic analysis Does not interpret statements Crypto Symmetric key crypto Midterm 2 Cheat Sheet Wednesday April 29 2015 12 46 AM Error patterns heuristically observed common error patterns Parsing generates data structure for error detection Detection match pattern against program representation Pruning eliminate common false alarms Semantic analysis interprets statements Sign analysis Zero propagation Interval analysis Product analysis Disjunctive refinement Variables statements control flow executions lattice transformers system of eq static analyzer Precondition assertion holds at input cid 2038 cid 4666 cid 1876 Postcondition assertion holds at output cid 2006 Loop invariant assertion true at entrance to loop any path prove by induction Program verification Security architecture and principles Access control ACL capabiility Role based access control Reference monitor Principle of least privilege Defense in depth Consider human factors Separation of responsibility Don t rely on security through obscurity Failsafe defaults Design security from the start Ensure complete mediation Detect if cannot prevent Security is economics Psychological acceptability Know your threat model Virus Propagation requires human intervention Polymorphic virus create random encryption of virus body Metamorphic virus mutate virus body code obfuscation Worm propagates automatically Botnet network of programs acting on instructions used for fraud DDoS Malware Web security Same origin Policy SOP Same protocol domain port Command injection inject code into data URLs Defenses input validation black whitelisting input escaping less powerful APIs SQL injection attacker controlled data interpreted as command to manipulate Defenses same as command injection API prepared statements Cross site Scripting XSS vulnerability in web app enabling attackers to inject scripts into webpages for other users Persistent stored malicious code stored at server Reflected malicious code reflected by server DOM based in client side code Cross site Request Forgery CSRF forced end user to execute unwanted actions on web app currently authenticated Caused bc browser includes authorization cred i e cookies Defenses origin headers nonces Session hijacking get user s session token and act on behalf of user Session token theft eavesdropping network XSS Session fixation attacker sets user s session token defense new token Network security Physical link inter network transport app 7 Onpath vs offpath Physical eavesdropping disruption spoofing create messages TCP on path observe TCP terminate w RST packet IP arbitrary source destination hijack spoof forge packets spoof seq num Syn seqnum x ack seqnum y ack x 1 synack ack y 1 DNS blind spoofing attacker makes user generate DNS name lookups attacker sends many DNS replies with random IDs to user also include random src port as ID in UDP Denial of Service DoS Firewall enforces access control policy SYN flooding many SYNs to start 3 way TCP handshake defense SYN cookies for spoofed source IP DNS amplification Send forged DNS lookups to server s IP as source Distinguish inbound connect internal outbound connect external Default allow default deny Stateful packet filter checks packet against security rules to forward drop CS 161 Page 1
View Full Document
Unlocking...