CS162 Operating Systems and Systems Programming Lecture 20 Security (I)What We Learnt So Far…What We Learnt So Far… (Concurrency Control Techniques)Goals for TodayProtection vs SecurityPreventing MisuseSecurity RequirementsSecuring Communication: CryptographyUsing Symmetric KeysSymmetric KeysSymmetric Key Ciphers - DES & AESAuthentication via Symmetric CryptoExample: Client-Server AuthenticationIntegrity: Cryptographic HashesOperation of Hashing for IntegrityStandard Cryptographic Hash FunctionsAsymmetric Encryption (Public Key)Public Key / Asymmetric EncryptionPublic Key CryptographyProperties of RSASimple Public Key AuthenticationNon-Repudiation: RSA Crypto & SignaturesRSA Crypto & Signatures, con’tDigital CertificatesSummary of Our Crypto ToolkitPutting It All Together - HTTPSHTTPS Connection (SSL/TLS), con’tInside the Server’s CertificateValidating Amazon’s IdentityCertificate ValidationSlide 31Authentication: PasswordsPasswords: SecrecyPasswords: How easy to guess?Passwords: How easy to guess? (cont’d)Passwords: Making harder to crackPasswords: Making harder to crack (con’t)Authentication: Identifying UsersConclusionCS162Operating Systems andSystems ProgrammingLecture 20Security (I)April 11, 2011Ion Stoicahttp://inst.eecs.berkeley.edu/~cs162Lec 20.24/11 Ion Stoica CS162 ©UCB Spring 2011What We Learnt So Far…•Concurrency control:–Goal: run multiple activities concurrently to improve response time and increase system utilization–Challenge: contention to resources, isolation–Techniques:»Synchronization»Deadlock prevention/detection»Scheduling•Memory hierarchy–Goal: provide illusion of largest memory in the hierarchy with the latency of the fastest one–Challenge: hide latency, isolation–Techniques:»Caching, replacement»PagingLec 20.34/11 Ion Stoica CS162 ©UCB Spring 2011What We Learnt So Far…(Concurrency Control Techniques)•Synchronization:–Via shared-memory: locks, semaphores, condition variables –Via communication channels: window based flow control–Transactions: two phase locking•Deadlock–Detection: find cycles in allocation graph –Prevention: banker algorithm, partial order of granting resources•Scheduling:–Threads/processes: round robin, FCFS, SRJF–Transactions: query optimizationLec 20.44/11 Ion Stoica CS162 ©UCB Spring 2011Goals for Today•Conceptual understanding of how to make systems secure•Key security properties–Authentication –Data integrity –Confidentiality –Non-repudiation•Cryptographic MechanismsNote: Some slides and/or pictures in the following areadapted from slides ©2005 Silberschatz, Galvin, and Gagne, and lecture notes by KubiatowiczLec 20.54/11 Ion Stoica CS162 ©UCB Spring 2011Protection vs Security•Protection: one or more mechanisms for controlling the access of programs, processes, or users to resources–Page table mechanism–Round-robin schedule–Data encryption•Security: use of protection mechanisms to prevent misuse of resources–Misuse defined with respect to policy»E.g.: prevent exposure of certain sensitive information»E.g.: prevent unauthorized modification/deletion of data–Requires consideration of the external environment within which the system operates»Most well-constructed system cannot protect information if user accidentally reveals passwordLec 20.64/11 Ion Stoica CS162 ©UCB Spring 2011Preventing Misuse•Types of Misuse:–Accidental:»If I delete shell, can’t log in to fix it!»Could make it more difficult by asking: “do you really want to delete the shell?”–Intentional:»Some high school brat that transfers $3 billion from B to A.»Doesn’t help to ask if they want to do it (of course!)•Three Pieces to Security–Authentication: who the user actually is–Authorization: who is allowed to do what–Enforcement: make sure people do only what they are supposed to do•Loopholes in any carefully constructed system:–Log in as superuser and you’ve circumvented authentication–Log in as self and can do anything with your resources; for instance: run program that erases all of your files–Can you trust software to correctly enforce Authentication and Authorization?Lec 20.74/11 Ion Stoica CS162 ©UCB Spring 2011Security Requirements•Authentication –Ensures that a user is who is claiming to be•Data integrity –Ensure that data is not changed from source to destination or after being written on a storage device •Confidentiality –Ensures that data is read only by authorized users•Non-repudiation–Sender/client can’t later claim didn’t send/write data–Receiver/server can’t claim didn’t receive/write dataLec 20.84/11 Ion Stoica CS162 ©UCB Spring 2011Securing Communication: Cryptography •Cryptography: communication in the presence of adversaries•Studied for thousands of years–See the Simon Singh’s The Code Book for an excellent, highly readable history•Central goal: confidentiality–How to encode information so that an adversary can’t extract it, but a friend can•General premise: there is a key, possession of which allows decoding, but without which decoding is infeasible–Thus, key must be kept secret and not guessableLec 20.94/11 Ion Stoica CS162 ©UCB Spring 2011Using Symmetric Keys •Same key for encryption and decryptionInternetEncrypt withsecret keyDecrypt withsecret keyPlaintext (m) mCiphertextLec 20.104/11 Ion Stoica CS162 ©UCB Spring 2011Symmetric Keys•Can just XOR plaintext with the key–Easy to implement, but easy to break using frequency analysis•More sophisticated (e.g., block cipher) algorithms –Works with a block size (e.g., 64 bits)»To encrypt a stream, can encrypt blocks separately, or link themLec 20.114/11 Ion Stoica CS162 ©UCB Spring 2011Symmetric Key Ciphers - DES & AES•Data Encryption Standard (DES)–Developed by IBM in 1970s, standardized by NBS/NIST–56-bit key (decreased from 64 bits at NSA’s request)–Still fairly strong other than brute-forcing the key space»But custom hardware can crack a key in < 24 hours–Today many financial institutions use Triple DES=DES applied 3 times, with 3 keys totaling 168 bits•Advanced Encryption Standard (AES)•Replacement for DES standardized in 2002•Key size: 128, 192 or 256 bits•How fundamentally strong are they?•No one knows (no proofs exist)Lec 20.124/11 Ion Stoica CS162 ©UCB Spring 2011Authentication via Symmetric Crypto•Authenticate entity by its secret key•Example:–You know Alice’s secret key–You
View Full Document