csce 313 introduction to computer systemsstudents.cs.tamu.edu/amin/files/csce313/security.pdf38...
TRANSCRIPT
![Page 1: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/1.jpg)
CSCE 313 Introduction to Computer Systems
Instructor: Amin Hassanzadeh
Fall 2013
http://people.tamu.edu/~hassanzadeh/csce313.htm
![Page 2: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/2.jpg)
2
Security Overview
• Security Today
• Security Goals
• Security Threats
![Page 3: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/3.jpg)
3
Security Today
• We rely on the secure operation of computers, systems, and networks, which are vulnerable
• Attacks occur every second and 25%+ Internet PCs are compromised
• The 2003 loss estimates range from $13 billion (worms and viruses only) to $226 billion (for all forms of covert attacks)
• Attacks and financial losses are still on the rise
![Page 4: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/4.jpg)
4
The Good News ...
• Plenty of basic means for end-user protection - authentication, access control, integrity checking
• Intensive R&D effort on security solutions (government sponsored research & private industry development)
• Increasing public awareness of security issues
• New crops of security(-aware) researchers and engineers
![Page 5: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/5.jpg)
5
The Bad News ...
• (Existing) information infrastructure as a whole is very vulnerable, which makes all critical national infrastructure vulnerable
– e.g., Denial-of-service attacks are particularly dangerous to the Internet infrastructure
– Do we continue to band-aid or re-design?
• Serious lack of effective technologies, policies, and management framework
![Page 6: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/6.jpg)
6
The Definition
• Security is a state of well-being of information and infrastructures in which the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable
• Security rests on
– Confidentiality
– Authenticity
– Integrity
– Availability
![Page 7: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/7.jpg)
7
Security Goals
• Authentication of Alice (the client)
• Authorization of request from Alice
• Confidentiality (e.g. protect the content of request)
• Accountability (non-repudiation)
• Availability
“Alice”
“Bob”
“Eve” “Lucifer”
![Page 8: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/8.jpg)
8
The Basic Components
• Confidentiality is the concealment of information or resources.
• Authenticity is the identification and assurance of the origin of information.
• Integrity refers to the trustworthiness of data or resources in terms of preventing improper and unauthorized changes.
• Availability refers to the ability to use the information or resource desired.
![Page 9: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/9.jpg)
9
Security Threats and Attacks
• A threat is a potential violation of security.
– Flaws in design, implementation, and operation.
• An attack is any action that violates security.
– Active adversary.
![Page 10: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/10.jpg)
10
Eavesdropping - Message Interception (Attack on Confidentiality)
• Unauthorized access to information
• Packet sniffers and wiretappers
• Illicit copying of files and programs
A B
Eavesdropper
![Page 11: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/11.jpg)
11
Integrity Attack - Tampering With Messages
• Stop the flow of the message
• Delay and optionally modify the message
• Release the message again
A B
Perpetrator
![Page 12: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/12.jpg)
12
Typical Attacks: Man-In-The-Middle
![Page 13: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/13.jpg)
13
Authenticity Attack - Fabrication
• Unauthorized assumption of other’s identity
• Generate and distribute objects under this identity
A B
Masquerader: from A
![Page 14: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/14.jpg)
14
Man-In-The-Middle: Example
• Passive tapping
– Listen to communication without altering contents.
• Active wire tapping
– Modify data being transmitted
– Example:
user intruder server
fine!
X logoff! Intruder takes over identity of user (masquerading)
![Page 15: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/15.jpg)
Attack on Availability
• Destroy hardware (cutting fiber) or software
• Modify software in a subtle way (alias commands)
• Corrupt packets in transit
• Blatant denial of service (DoS): – Crashing the server
– Overwhelm the server (use up its resource)
A B
![Page 16: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/16.jpg)
16
Impact of Attacks
• Theft of confidential information
• Unauthorized use of
– Network bandwidth
– Computing resource
• Spread of false information
• Disruption of legitimate services
All attacks can be related and are dangerous!
![Page 17: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/17.jpg)
17
Security Policy and Mechanism
• Policy: a statement of what is, and is not allowed.
• Mechanism: a procedure, tool, or method of enforcing a policy.
• Security mechanisms implement functions that help prevent, detect, and respond to recovery from security attacks.
• Security functions are typically made available to users as a set of security services through APIs or integrated interfaces.
• Cryptography underlies many security mechanisms.
![Page 18: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/18.jpg)
18
Assumptions and Trust
• A security policy consists of a set of axioms that the policy makers believe can be enforced.
• Two assumptions
– The policy correctly and unambiguously partitions the set of system states into secure and nonsecure states
• The policy is correct
– The security mechanisms prevent the system from entering a nonsecure state
• The mechanisms are effective
![Page 19: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/19.jpg)
19
Assumptions and Trust – Cont’d
• Trusting the mechanisms work require the following assumptions
– Each mechanisms enforces part(s) of the security policy
– The union of the mechanisms enforce all aspects of the policy
– The mechanisms are implemented, installed, and administered correctly
![Page 20: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/20.jpg)
20
How to Make a System Trustworthy
• Specification
– A statement of desired functions
• Design
– A translation of specifications to a set of components
• Implementation
– Realization of a system that satisfies the design
• Assurance
– The process to insure that the above steps are carried out correctly
– Inspections, proofs, testing, etc.
![Page 21: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/21.jpg)
21
Operational / Human Issues
Operational Issues
• Risk Analysis
• Cost-Benefit Analysis
• Laws and Custom
Human Issues
• Organizational Problems
• People Problems
![Page 22: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/22.jpg)
22
The Security Life Cycle
• The iterations of
– Threats
– Policy
– Specification
– Design
– Implementation
– Operation and maintenance
![Page 23: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/23.jpg)
23
Taxonomy of Threats
• Taxonomy – a way to classify and refer to threats (and attacks) by names/categories
– Benefits – avoid confusion
– Focus/coordinate development efforts of security mechanisms
• No standard yet
• One possibility: by results/intentions first, then by techniques, then further by targets, etc.
– Associate severity/cost to each threat
![Page 24: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/24.jpg)
24
A Taxonomy Example
• By results then by (high-level) techniques:
– Illegal root
• Remote, e.g., buffer-overflow a daemon
• Local, e.g., buffer-overflow a “root” program
– Illegal user
• Single, e.g., guess password
• Multiple, e.g., via previously installed back-door
– Denial-of-Service
• Crashing, e.g., teardrop, ping-of-death, land
• Resource consumption, e.g., syn-flood
– Probe
• Simple, e.g., fast/regular port-scan
• Stealth, e.g., slow/”random” port-scan
![Page 25: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/25.jpg)
25
Security Threats
• Information Disclosure: – unauthorized dissemination of information
– result of theft or illegal action of who has access to information
• Information Destruction: – loss of internal data structures
– loss of stored information
– information may be destroyed without being disclosed
• Unauthorized Use of Service: – bypass system accounting policies
– unauthorized use of some proprietary services
• Denial of Service:
– prevent an authorized user from utilizing the system’s services in a timely manner
![Page 26: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/26.jpg)
26
Threat Examples - IP Spoofing
• A common first step to many threats
• Source IP address cannot be trusted!
IP Payload IP Header
SRC: source DST: destination
SRC: 18.31.10.8 DST: 128.194.7.237
Is it really from MIT?
![Page 27: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/27.jpg)
27
Similar to US Mail (or E-mail)
From: Amin H. TAMU
To: William S. Boston, MA
US mail maybe better in the sense that there is a stamp put on the envelope at the location (e.g., town) of collection...
![Page 28: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/28.jpg)
28
Most Routers Only Care About Destination Address
128.59.10.xx
128.194.xx.xx
Rtr
Rtr
src:128.59.10.8 dst:128.194.7.237
Columbia
TAMU 36.190.0.xx Rtr
src:128.59.10.8 dst:128.194.7.237 Stanford
![Page 29: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/29.jpg)
29
Why Should I Care?
• Attack packets with spoofed IP address help hide the attacking source.
• A smurf attack launched with your host IP address could bring your host and network to their knees.
• Higher protocol layers (e.g., TCP) help to protect applications from direct harm, but not enough.
![Page 30: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/30.jpg)
30
Current IPv4 Infrastructure
• No authentication for the source
• Various approaches exist to address the problem:
– Router/firewall filtering
– TCP handshake
![Page 31: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/31.jpg)
31
Router Filtering
• Decide whether this packet, with certain source IP address, should come from this side of network.
• Not standard - local policy.
36.190.0.xx Rtr
src:128.59.10.8 Dst:128.194.7.237 Stanford
Hey, you shouldn’t be here!
![Page 32: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/32.jpg)
32
Router Filtering
• Very effective for some networks (ISP should always do that!)
– At least be sure that this packet is from some particular subnet
• Problems:
– Hard to handle frequent add/delete hosts/subnets or mobileIP
– Upsets customers, should legitimate packets get discarded
– Need to trust other routers
![Page 33: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/33.jpg)
33
TCP Handshake
client server SYN seq=x
SYN seq=y, ACK x+1
ACK y+1
connection established
![Page 34: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/34.jpg)
34
TCP Handshake
128.59.10.xx
128.194.xx.xx
Rtr
Rtr Columbia
TAMU 36.190.0.xx Rtr
src:128.59.10.8 dst:128.194.7.237 Stanford
x
seq=y, ACK x+1
The handshake prevents the attacker from establishing a TCP connection pretending to be 128.59.10.8
![Page 35: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/35.jpg)
35
TCP Handshake
• Very effective for stopping most such attacks
• Problems:
– The attacker can succeed if “y” can be predicted
– Other DoS attacks are still possible (e.g., TCP SYN-flood)
![Page 36: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/36.jpg)
36
IP Spoofing & SYN Flood
• X establishes a TCP connection with B assuming A’s IP address
A B
X
(1) SYN Flood
(2) predict B’s TCP seq. behavior
(3)
(4) SYN(seq=n)ACK(seq=m+1)
![Page 37: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/37.jpg)
37
icmp echo request
icmp echo reply
ping
icmp echo request to a broadcast address: from victim
attacker
victim icmp echo reply from all hosts to victim
smurf
![Page 38: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/38.jpg)
38
Smurf Attack
• Generate ping stream (ICMP echo request) to a network broadcast address with a spoofed source IP set to a victim host
• Every host on the ping target network will generate a ping reply (ICMP echo reply) stream, all towards the victim host
• Amplified ping reply stream can easily overwhelm the victim’s network connection
• Fraggle and Pingpong exploit UDP in a similar way
![Page 39: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/39.jpg)
39
Vulnerability
• A vulnerability (or security flaw) is a specific failure of the security controls.
• Using the failure to violate the site security: exploiting the vulnerability; the person who does this: an attacker.
• It can be due to:
– Lapses in design, implementation, and operation procedures.
– Even security algorithms/systems are not immune!
• We will go over some examples in this course.
![Page 40: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/40.jpg)
40
Example: IP Protocol-related Vulnerabilities
• Authentication based on IP source address
– But no effective mechanisms against IP spoofing
• Consequences (possible exploits)
– Denial of Service attacks on infrastructures, e.g.
• IP Spoofing and SYN Flood
• Smurf and Fraggle attacks
• OSPF Max Sequence
![Page 41: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/41.jpg)
41
Security: Systems Overview
Functionality Authentication Authorization Confidentiality
Primitives sign()
verify()
Access control lists
Capabilities
“magic cookies”
encrypt()
decrypt()
Cryptography cyphers and hashes
![Page 42: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/42.jpg)
42
Cryptography
Functionality Authentication Authorization Confidentiality
Primitives sign()
verify()
Access control lists
Capabilities
“magic cookies”
encrypt()
decrypt()
Cryptography cyphers and hashes
Cryptography:
• Closed-Design vs. Open-Design Cryptography
• Symmetric (“secret-key”) Encryption
• Asymmetric (“Public-Key”) Encryption
![Page 43: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/43.jpg)
43
Closed-Design Cryptography
“Alice” “Bob” “crypto box” (closed)
“de-crypto box” (closed)
![Page 44: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/44.jpg)
44
Open-Design Cryptography
![Page 45: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/45.jpg)
45
Encryption
• Encryption algorithm consists of
– Set of K keys
– Set of M Messages
– Set of C ciphertexts (encrypted messages)
– A function E : K → (M→C). That is, for each k K, E(k) is a function for generating ciphertexts from messages.
• Both E and E(k) for any k should be efficiently computable functions.
– A function D : K → (C → M). That is, for each k K, D(k) is a function for generating messages from ciphertexts.
• Both D and D(k) for any k should be efficiently computable functions.
• An encryption algorithm must provide this essential property:
Given a ciphertext c C, a computer can compute m such that E(k)(m) = c
only if it possesses D(k).
– Thus, a computer holding D(k) can decrypt ciphertexts to the plaintexts used to produce them, but a computer not holding D(k) cannot decrypt ciphertexts.
– Since ciphertexts are generally exposed (for example, sent on the network), it is important that it be infeasible to derive D(k) from the ciphertexts
![Page 46: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/46.jpg)
46
Computational Difficulty
• Algorithm needs to be efficient. – Otherwise only short keys can be used.
• Most schemes can be broken: depends on $$$. – e.g., Try all possible keys.
• Longer key is often more secure: – Brute-force cryptanalysis: twice as hard with each
additional bit.
• Cryptanalysis tools: – Special-purpose hardware.
– Parallel machines.
– Internet coarse-grain parallelism.
![Page 47: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/47.jpg)
47
Secret Key vs. Secret Algorithm
• Secret algorithm: additional hurdle
• Hard to keep secret if used widely:
– Reverse engineering, social engineering
• Commercial: published
– Wide review, trust
• Military: avoid giving enemy good ideas
![Page 48: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/48.jpg)
48
Cryptanalysis: Breaking an Encryption Scheme
• Ciphertext only:
– Exhaustive search until “recognizable plaintext”
– Need enough ciphertext
• Known plaintext:
– Secret may be revealed (by spy, time), thus <ciphertext, plaintext> pair is obtained
– Great for monoalphabetic ciphers
• Chosen plaintext:
– Choose text, get encrypted
– Useful if limited set of messages
![Page 49: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/49.jpg)
49
Brute Force Attacks
• Number of encryption/sec: 1 million to 1 billion/sec
• 56-bit key broken in 1 week with 120,000 processors ($6.7m)
• 56-bit key broken in 1 month with 28,000 processors ($1.6m)
• 64-bit key broken in 1 week with 3.1 107 processors ($1.7b)
• 128-bit key broken in 1 week with 5.6 1026 processors
![Page 50: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/50.jpg)
50
Types of Cryptography
• Secret key (Symmetric) cryptography: one key
• Public key (Asymmetric) cryptography: two keys - public, private
• Hash functions: no key
![Page 51: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/51.jpg)
51
Symmetric Encryption
• Same key used to encrypt and decrypt
– E(k) can be derived from D(k), and vice versa
• Examples:
– Data Encryption Standard (DES)
– Triple-DES
– Advanced Encryption Standard (AES)
– Twofish
![Page 52: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/52.jpg)
52
Symmetric Encryption: Caesar Cipher
MERRY CHRISTMAS
PHUUB FKULVWPDV
![Page 53: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/53.jpg)
53
Symmetric Encryption: Jefferson’s Wheel Cipher
• Sender:
– assemble wheels in some (secret) order.
– Align message on one line.
– Choose any of the other lines as ciphertext.
• Receive:
– Assemble wheels in same secret order.
– Align cipertext on one line.
– Look for meaningful message on other lines.
Monticello Web Site: www.monticello.org/reports/interests/wheel_cipher.html
![Page 54: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/54.jpg)
54
Symmetric Encryption: XOR
“Alice” “Bob”
k
m m k m k
k
m k k
0 1
0 0 1
1 1 0
![Page 55: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/55.jpg)
55
Symmetric Encryption: DES (Data Encryption Standard)
Permutation
Permutation
Substitution
Permutation
![Page 56: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/56.jpg)
56
Public Key Cryptography
• Asymmetric cryptography
• Invented/published in 1975
• Two keys: private (d), public (e)
– Encryption: public key; Decryption: private key
– Signing: private key; Verification: public key
• Much slower than secret key cryptography
![Page 57: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/57.jpg)
57
Public Key Cryptography (Cont’d)
• Data transmission:
– Alice encrypts ma using eB, Bob decrypts ma using db.
• Storage:
– Can create a safety copy: using public key of trusted person.
• Authentication:
– No need to store secrets, only need public keys.
– Secret key cryptography: need to share secret key for every person to communicate with.
![Page 58: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/58.jpg)
58
Public Key Cryptography (Cont’d)
• Digital signatures
– Encrypt hash h(m) with private key
• Authorship
• Integrity
• Non-repudiation: can’t do with secret key cryptography
![Page 59: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/59.jpg)
59
Asymmetric Encryption
Keys must be different
![Page 60: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/60.jpg)
60
Asymmetric Encryption (cont.)
• Public-key encryption based on each user having two keys:
– public key – published key used to encrypt data
– private key – key known only to individual user used to decrypt data
• Must be an encryption scheme that can be made public without leaking the decryption scheme
– Most common is RSA block cipher
– Efficient algorithms exist for testing whether or not a number is prime
– No efficient algorithm is known for finding the prime factors of a number
![Page 61: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/61.jpg)
61
RSA (cont)
• If it is computationally infeasible to derive D(kd , N) from E(ke , N), E(ke , N) need not be kept secret and can be widely disseminated
– E(ke , N) is the public key
– D(kd , N) is the private key
– N is the product of two large, randomly chosen prime numbers p and q (for example, p and q are 512 bits each)
– Encryption algorithm is E(ke , N)(m) = mke mod N, where ke satisfies kekd mod (p−1)(q −1) = 1
– The decryption algorithm is then D(kd , N)(c) = ckd mod N
1. Pick random number ke , relative prime to (p-1)(q-1)
2. Compute kd, such that kekd mod (p-1)(q-1) = 1
![Page 62: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/62.jpg)
62
RSA: Example
• Make p = 7 and q = 13
• We then calculate N = 7∗13 = 91 and (p−1)(q−1) = 72
• We next select ke relatively prime to 72 and< 72, yielding 5
• Finally, we calculate kd such that kekd mod 72 = 1, yielding 29
• We now have our keys
– Public key, (ke, N) = (5, 91)
– Private key, (kd, N) = (29, 91)
• Encrypting the message 69 with the public key results in the ciphertext 62
– 695 mod 91 = 62
• Ciphertext can be decoded with the private key
– 6229 mod 91 = 69
• Public key can be distributed in clear text to anyone who wants to communicate with holder of public key
![Page 63: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/63.jpg)
63
RSA in Practice…
“Alice” “Bob”
{m}kApriv : A signs a message with A’s private key.
{m}kBpub : A encrypts message with B’s public key.
![Page 64: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/64.jpg)
64
Symmetric vs. Asymmetric Encryption
• Symmetric cryptography based on simple transformations
• Asymmetric based on time consuming mathematical functions
– Asymmetric much more compute intensive
– Typically not used for bulk data encryption
– Used, instead, for short plaintexts, for example symmetric keys.
![Page 65: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/65.jpg)
65
Hash Algorithms
• Message digests, one-way transformations
• Length of h(m) much shorter than length of m
• Usually fixed lengths: 48-128 bits
• Easy to compute h(m)
• Given h(m), no easy way to find m
• Computationally infeasible to find m1, m2 s.t. h(m1) = h(m2)
• Example: (m+c)2, take middle n digits
![Page 66: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/66.jpg)
66
Hash Algorithms (Cont’d)
• Password hashing
– Doesn’t need to know password to verify it
– Store h(p+s), s (salt), and compare it with the user-entered p
– Salt makes dictionary attack less convenient
• Message integrity
– Agree on a password p
– Compute h(p|m) and send with m
– Doesn’t require encryption algorithm, so the technology is exportable
![Page 67: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/67.jpg)
67
Authentication
Functionality Authentication Authorization Confidentiality
Primitives sign()
verify()
Access control lists
Capabilities
“magic cookies”
encrypt()
decrypt()
Cryptography cyphers and hashes
![Page 68: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/68.jpg)
68
Authentication
1. Authentication
2. Message Integrity
3. Accountability / Non-Repudiation
“Alice” “Bob”
1. Who is making the request?
2. Is the received message the same as the sent message?
3. How do I build an audit trail?
![Page 69: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/69.jpg)
69
• modify
• (replay)
• reorder
• append
Message Integrity
• Message Integrity can be guaranteed through Error-Detection Code. (e.g. cryptographic hash)
Message Integrity Authenticity Confidentiality
“Alice”
“Bob”
“Lucifer”
“Transfer $100 from account X to account Y”
![Page 70: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/70.jpg)
70
Authentication: Model
• Symmetric Encryption (k1 = k2):
– A(m) is “message authenticator”
• Asymmetric Encryption (k1 != k2):
– A(m) is “signature”
– Example: A(m) = {Hash(m)}kApriv
– Cryptographically secure hash:
• Prob(Hash(m) = Hash(m’)) is very low (“low collision prob.”)
• SHA1, SHA256, etc.
“Alice” “Bob”
Sign
k1
m Verify
k2
m
YES/NO
A(m)
m
![Page 71: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/71.jpg)
71
Authentication: Sign() and Verify()
• Algorithm components
– A set K of keys
– A set M of messages
– A set A of authenticators
– A function S : K → (M→ A)
• That is, for each k K, S(k) is a function for generating authenticators from messages
• Both S and S(k) for any k should be efficiently computable functions
– A function V : K → (M × A→ {true, false}). That is, for each k K, V(k) is a function for verifying authenticators on messages
• Both S and V(k) for any k should be efficiently computable functions
![Page 72: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/72.jpg)
72
RSA in Practice…
“Alice” “Bob”
{m}kApriv: A signs a message with A’s private key.
{m}kBpub: A encrypts message with B’s public key.
{{m}kApriv}kApub: B verifies a message with A’s public key.
{{m}kBpub}kBpriv: B decrypts message with B’s private key.
kApub, kApriv kBpub, kBpriv
![Page 73: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/73.jpg)
73
Authentication (Cont.)
• For a message m, a computer can generate an authenticator a A such that V(k)(m, a) = true only if it possesses S(k).
• Thus, computer holding S(k) can generate authenticators on messages so that any other computer possessing V(k) can verify them
• Computer not holding S(k) cannot generate authenticators on messages that can be verified using V(k).
• Since authenticators are generally exposed (for example, they are sent on the network with the messages themselves), it must not be feasible to derive S(k) from the authenticators.
![Page 74: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/74.jpg)
74
Key Distribution Problem
• Q: How does Bob learn Alice’s key?
– Q.1: Alice’s public key?
– Q.2: Alice’s shared key?
“Alice” “Bob”
“Alice’s public key is X”
“Alice’s public key is X”
![Page 75: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/75.jpg)
75
Key Distribution: Certificates
“Alice” “Bob”
1. {m, Sign(m, kApriv)}
VeriSign
Comodo
GoDaddy
Others
2007 Market Share (source: Secure Space) “Charles”
Certificate Authority
2. {Alice?!!}
3. {m=“kApub=X”, Sign(m, kCpriv)}
![Page 76: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/76.jpg)
76
Establishing a Secure Channel
1. Authenticate user using public key encryption.
2. Use shared-key encryption for communication.
Q: How to Exchange Shared Key?
“Alice” “Bob”
“Charles”
1. {A,B}
3. {A, kApub, TS}kCpriv (certificate) {{kAB, TS}kApriv}kBpub (proposed key)
2. {A, kApub, TS}kCpriv {B, kBpub, TS}kCpriv (certificates)
Denning-Sacco Protocol (1982)
4. {data, TS}kAB
![Page 77: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/77.jpg)
77
SSL
• Applications: HTTP, IMAP, FTP, etc…
• Client and server negotiate symmetric key that they will use for the length of the data session.
• Two phases in SSL:
– Phase 1: Connection Establishment
– Phase 2: Data Transfer
![Page 78: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/78.jpg)
78
SSL: Connection Establishment
• Step 1: Client sends request to server, containing
– SSL version; connection preferences; nonce (i.e. some random number)
• Step 2: Server chooses among preferences, and sends reply, containing
– Chosen preferences; nonce; public-key certificate
– Public-key certificate is a public key that has been digitally signed by a trusted authority.
• Step 3: Client can use certification authority’s public key to check authenticity of server’s public key.
• Step 4: Server can request public key of client and verify it similarly (optional)
• Step 5: Client chooses random number (premaster secret), encrypts it with server’s public key, and sends it to server.
• Step 6: Both parties compute session key (used during data transfer) based on premaster secret and the two nonces.
– Note: At no point is the session key transferred between client and server.
![Page 79: CSCE 313 Introduction to Computer Systemsstudents.cs.tamu.edu/amin/Files/csce313/Security.pdf38 Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address](https://reader033.vdocuments.site/reader033/viewer/2022042301/5ecc5af95f53fc20cb535d8b/html5/thumbnails/79.jpg)
79
SSL: Data Transfer
• Messages are fragmented into 16kB portions.
• Each portion is optionally compressed.
• A Message Authentication Code (MAC) is appended
– MAC is a hash derived from plaintext, two nonces, and
pre-master secret
• Plaintext and MAC are encrypted using the symmetric
key constructed during connection establishment.