DOC PREVIEW
Berkeley ELENG 122 - Attacks & Defenses

This preview shows page 1-2-3-27-28-29 out of 29 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 29 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 29 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 29 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 29 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 29 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 29 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 29 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

11Attacks & DefensesEE 122: Intro to Communication NetworksFall 2006 (MW 4-5:30 in Donner 155)Vern PaxsonTAs: Dilip Antony Joseph and Sukun Kimhttp://inst.eecs.berkeley.edu/~ee122/Materials with thanks to Jennifer Rexford, Ion Stoica,and colleagues at Princeton and UC Berkeley2Announcements• No office hours this week• Next week by appointment, as I’m giving a lecture(on network security research) next Weds• Reminder: particular topics for next Monday’slecture, or for next Wednesday’s review?• Guest lecture Weds Nov 29, Prof. Ion Stoica23Goals of Today’s Lecture• Public Key Infrastructure (PKI)• Putting it all together: how does https work?• Attacks: compromising systems– Buffer overflows– Logic errors– Social engineering– Automated attacks: worms & bots• Attacks: denial-of-service (DoS)– Network layer (DDoS)– Transport layer (SYN flooding)– Application layer (one defense: CAPTCHAs)4Public Key Infrastructure (PKI)• Public key crypto is very powerful …• … but the realities of distributing the public keysturn out to be quite hard• PKI: System managing public key distribution on awide-scale⇒Trust distribution mechanism– Confidentiality  via Encryption– Integrity  via Digital Signatures– Non–Repudiation  via Digital Signature– Authentication  via Digital Certificates35Managing Trust• The most solid level of trust is rooted in our directpersonal experience– E.g., Alice’s trust that Bob is who they say they are– Clearly doesn’t scale to a global network!• In its absence, we rely on delegation– Alice trusts Bob’s identity because Charlie attests to it ….– …. and Alice trusts Charlie6Managing Trust, con’t• Trust is not particularly transitive– Should Alice trust Bob because she trusts Charlie …– … and Charlie vouches for Donna …– … and Donna says Eve is trustworthy …– … and Eve vouches for Bob’s identity?• Two models of delegating trust– Rely on your set of friends and their friends “Web of trust” -- e.g., PGP– Rely on trusted, well-known authorities (and theirminions) “Trusted root” -- e.g., HTTPS47PKI Conceptual Framework• Trusted-Root PKI:– Basis: well-known public key serves as root of a hierarchy– Managed by a Certificate Authority (CA)• To publish a public key, ask the CA to digitally signa statement indicating that they agree (“certify”) thatit’s indeed your key– This is a certificate for your key (certificate = bunch of bits) Includes both your public key and the signed statement– Anyone can verify the signature• Delegation of trust to the CA– They’d better not screw up (duped into signing bogus key)– They’d better have procedures for dealing with stolen keys– Note: can build up a hierarchy of signing8Components of a PKI59Digital Certificate• Signed data structure that binds an entity with itscorresponding public key– Signed by a recognized and trusted authority, i.e.,Certification Authority (CA)– Provide assurance that a particular public key belongs to aspecific entity• Example: certificate of entity E = E({nameE, Kepublic}, KCAprivate)– KCAprivate: private key of Certificate Authority– KEpublic: public key of entity E• Actually, they’ll sign whatever glob of bits you give them– nameE: name of entity E• Your browser has a bunch of CAs wired into it10Certification Authority• People, processes responsible for creation,delivery and management of digital certificates• Organized in an hierarchy– To verify signature chain, follow hierarchy up to rootCA-1 CA-2Root CA611Registration Authority• People & processes responsible for:–Authenticating the identity of new entities(users or computing devices), e.g., By phone, or physical presence + ID–Issuing requests to CA for certificates• The CA must trust the RegistrationAuthority12Certificate Repository• A database accessible to all users of aPKI• Contains:–Digital certificates–Policy information associated with certs–Certificate revocation information Vital to be able to identify certs that havebeen compromised Usually done via a revocation list713Putting It All Together - HTTPS• What happens when you click onhttps://www.amazon.com?• https = “Use HTTP over SSL/TLS”• SSL = Secure Socket Layer• TLS = Transport Layer Security• Successor to SSL, and compatible with it• RFC 4346• Provides security layer (authentication,encryption) on top of TCP• Fairly transparent to the app14HTTPS Connection (SSL/TLS), con’t• Browser (client) connectsvia TCP to Amazon’sHTTPS server• Client sends over list ofcrypto protocols itsupports• Server picks protocols touse for this session• Server sends over itscertificate• (all of this is in the clear)SYNSYN ACKACKBrowser AmazonHello. I support(TLS+RSA+AES128+SHA1) or(SSL+RSA+3DES+MD5) or …Let’s useTLS+RSA+AES128+SHA1Here’s my cert~1 KB of data815Inside the Server’s Certificate• Name associated with cert (e.g., Amazon)• Amazon’s public key (RSA exponent e, modulus n)• A bunch of auxiliary info (physical address, type ofcert, expiration time)– See homework #4• URL to revocation center to check for revoked keys• Name of certificate’s signatory (who signed it)• A public-key signature of a hash (MD5) of all this– Constructed using the signatory’s private RSA key16Validating Amazon’s Identity• Browser retrieves cert belonging to the signatory– These are hardwired into the browser• If it can’t find the cert, then warns the user that sitehas not been verified– And may ask whether to continue– Note, can still proceed, just without authentication• Browser uses public key in signatory’s cert todecrypt signature– Compares with its own MD5 hash of Amazon’s cert• Assuming signature matches, now have highconfidence it’s indeed Amazon …– … assuming signatory is trustworthy917HTTPS Connection (SSL/TLS), con’t• Browser constructs a randomsession key K• Browser encrypts K usingAmazon’s public key• Browser sends E(K, {n, e}) toserver• Browser displays• All subsequent communicationencrypted w/ symmetric cipher(e.g., AES128) using key K– E.g., client can authenticate usinga password• (what step is missing?)Browser AmazonHere’s my cert~1 KB of dataE(K, {n,e})KKE(password …, K)E(response …, K)Agreed18Host Compromise• Tricking a host into executing on your behalf• Can consider what is


View Full Document

Berkeley ELENG 122 - Attacks & Defenses

Documents in this Course
Lecture 6

Lecture 6

22 pages

Wireless

Wireless

16 pages

Links

Links

21 pages

Ethernet

Ethernet

10 pages

routing

routing

11 pages

Links

Links

7 pages

Switches

Switches

30 pages

Multicast

Multicast

36 pages

Switches

Switches

18 pages

Security

Security

16 pages

Switches

Switches

18 pages

Lecture 1

Lecture 1

56 pages

OPNET

OPNET

5 pages

Lecture 4

Lecture 4

16 pages

Ethernet

Ethernet

65 pages

Models

Models

30 pages

TCP

TCP

16 pages

Wireless

Wireless

48 pages

Load more
Download Attacks & Defenses
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Attacks & Defenses and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Attacks & Defenses 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?