lecture 7, 20-771: computer security, fall 2002 1 20-771: computer security lecture 6: privacy, csp...

Lecture 7, 20-771: Computer Security, Fall 2002 1

20-771: Computer SecurityLecture 6: Privacy, CSP & Review

Robert Thibadeau

School of Computer Science

Carnegie Mellon University

Institute for eCommerce, Fall 2002


Today’s lecture

• Unix Access

• Nestor 30th. XML and XML Security


This Week

Mid Term on Wednesday

Essay / Closed Book!Know IPAAA(A) and be ready to analyze and

synthesize using it.Know Crypto Elements and be able to use them.

Know how a X.509v3 Cert works as a DeviceKnow TLS – DH vs RSAKnow Unix Access Model

Have done your Linux Task


The How-Toof Computer Security

• Integrity – Is it what it represents itself to be?

• Privacy – Is it hidden from those without a right to see it?

• Authentication – Is it from who it pretends to be from?

• Authorization – Is it provided to who it is supposed to be provided to?

• Auditability – Do I have a record of how it was used?

• Availability – Is it there (Usually Integrity…)?

It : the service or the total data, program, machine, facility, network that is secure – whose intention is being protected.


IPAAAAfor messages

• Integrity (message integrity : it is the message sent or the one it was)

• Privacy (message is secret : it can’t be spied)

• Authentication (source and recipient are who they say they are)

• Authorization (recipient is permitted to read : source is permitted to send)

• Auditability (the message can be proven to be passed successfully)

• Availability? (the message was not blocked in passage)


IPAAAAfor Login Access

• Integrity – (login integrity : it is the login it pretends to be – change in transit or

trojan horse login)

• Privacy – (login is secret : it can’t be spied)

• Authentication – (source is who he says he is?)

• Authorization – (login accomplishes access permissioning perfectly?)

• Auditability – (do I have a record?)

• Availability? – (does it reliably take the login and reliably give you access?)


Other things to Secure?


Crypto ToolkitPUBLIC KEY

ONE KEY OPENSOTHER KEY CLOSES

ONE KEY PUBLICONE KEY PRIVATE

Also called “asymmetric” and “trap door”

PUBLIC KEY Send ONLY TO YOU(public key closes)

PUBLIC KEY - SIGNINGReceive ONLY FROM ME

(public key opens)

PRIVATE KEYONE KEY OPENS AND CLOSES

Also called “symmetric”

PRIVATE KEYVery Fast – Very Very Secure if

Key, 128 bits, Used Once

PRIVATE KEYTakes care of all problems if you know only you and me have the

key.

HASH FUNCTIONMAKES ANYTHING ONE SIZE

Also called “digest” HASH FUNCTIONIf Signed Proves: INTEGRITY and

AUTHENTICITY

CHALLENGE RESPONSECHALLENGE RESPONSE

Proves you know something RIGHT NOW


X.509v3

Self Signed

Certificate AuthoritiesCertificate Authorities

Device AuthoritiesDevice Authorities

Other Authorities (Program, Mail, etc.)Other Authorities (Program, Mail, etc.)


Microsoft CAPI/CSP

• Cryptographic Application Program Interface (CAPI)

• Cryptographic Service Provider (CSP)– Windows Logon

– File Encryption/Decryption

– IPSec (IP Security Protocol) – virtual private network

– SSL/TLS – HTTPS

– Authenticode

• CAPI is the only thing allowed to call the CSP– CSP can also be replaced with crypto hardware, including smart

cards (smart cards are CSPs.)

• Unix/Java world: RSA PKCS#11 Cryptoki Protocol (same as CSP).


Interface Device Interface Device (IFD)(IFD)

CSPISO 7816 + PC/SC ICC Smartcard

PC or ServerPC or Server

ICCICC(Integrated(Integrated

CircuitCircuitCard)Card)

IFD IFD HandlerHandler ICC Resource ICC Resource

ManagerManager

Service ManagerService Manager(CSP)(CSP)

Interface Device Interface Device (IFD)(IFD)

ICCICC(Integrated(Integrated

CircuitCircuitCard)Card)

IFD IFD HandlerHandler

Crypto APICrypto API

Windows and other ApplicationsWindows and other Applications


CSP Functions

• CPAcquireContext Takes in table of function pointers and string identifying CSP container name. Returns handle to CSP for use by all other CSP.DLL functions.

• CPReleaseContext Releases context referred to by hProv handle. (Disconnects from CSP.)

• CPGenRandom Fills buffer with cbLen random bytes.

• CPGenKey Takes algorithm identifier for algorithm that will use this key. Generates and returns handle to a new key.

• CPDeriveKey Generates cryptographic session key using a hash of base data. Returns key handle, given handle to base data and an algorithm ID.

• CPDestroyKey Destroys key referenced by hKey handle.


CSP

• CPEncrypt/CPDecrypt Takes data, key handle, and optional hash handle. Encrypts or decrypts data in buffer.

• CPCreateHash Takes algorithm ID and optional key handle. Returns handle to hash object.

• CPHashData Hashes data buffer using hash object hHash.

• CPHashSessionKey Similar to CPHashData, but hashes key referenced by hKey instead of a raw data buffer.

• CPSignHash Takes signing key pair (dwKeySpec) and hash object (hHash), returns signed hash in a data buffer.

• CPDestroyHash Destroys hash object referenced by hHash.

• CPVerifySignatureTakes public key, hash object, and signature data buffer. Verifies signature and returns Boolean response (valid signature or not).


CSP

• CPGetUserKey Gets a handle to a permanent user key, given key specification (dwKeySpec).

• CPExportKey Securely exports key (hKey) in a blob encrypted with the public exchange key (kPubKey)

• CPImportKey Takes key blob and handle to exchange public key of destination user. Returns handle to imported key.


CSP Parameters• (p)hProv Handle to Cryptographic Service Provider. Required in all CSP.DLL functions.• (p)hKey Handle to a cryptographic key. Can be generated, derived or imported. Can be

destroyed, exported, or have its parameters modified. Used to encrypt, decrypt, and create hashes.

• (p)hHash Handle to hash object. Used in encrypt, decrypt, and signature/verification functions.

• hBaseData Data used to derive session key in CPDeriveKey.• hPubKey Public exchange key for key blob import and export, and signature verification.• Algid Specifies algorithm for generating or deriving keys, or creating hashes. For session

keys: RC2, RC4, or DES. For key pairs, EXCHANGE or SIGNATURE (key pair type). • dwBlobType Specifies type of key blob to create when exporting a key. SIMPLE,

PUBLICKEY, PRIVATEKEY, or OPAQUEKEY.• dwKeySpec Specifies EXCHANGE or SIGNATURE, the type of key pair to be used. Used to

sign hash and to get a permanent user key pair.• pbSignature/(p)cbSigLen Signature data buffer and length, used for signing and verification

of hashes.• szDescription Description of data to be signed or verified. Use not recommended.• phUserKey Handle to a permanent user key.• szContainer String identifying CSP container name to acquire (used for acquiring CSP

context).• pVTable Table of pointers (VtableProvStruct) to callback functions (used for acquiring CSP

context).• cbBufLen/cbLen/pbBuffer/pbData/(p)cbDataLen Buffers and lengths for various different

purposes • dwFlags Flags to customize operation of most CSP functions. Purpose differs for each

function.• dwParam Specifies parameter to get or change. Usually sets or uses values in a data

buffer.


Windows, Unix, etc etc…


Break!


InformationPrivacy

•Technology •Law

No matter how much you want to, you can’t get

technology out of privacy or the law out of privacy


Reasons

• There is no technically perfect solution possible : Thomas Jefferson’s notion of public and private.

– Therefore the Law becomes Indispensible

• Technology – actually the computer – will always surprise you : The Turing Principle

– Therefore Technology cannot be frozen to a form

• Technology – you need locks on the doors and policing of the laws

– This requires Technology


The Cookies Privacy Violation

Technology will Surprise You

DoubleClick

A Web Page has many Objects on it Each Object can put a cookie on your

machine


Reasons

• There is no technically perfect solution possible : Thomas Jefferson’s notion of public and private.

– Therefore the Law becomes Indispensible

• Technology – actually the computer – will always surprise you : The Turing Principle

– Therefore Technology cannot be frozen to a form

• Technology – you need locks on the doors and policing of the laws

– This requires Technology


Core Privacy Technology :Digital Contracts

• Technologists agreeing that there is no option but to have digital contracts

• Digital contracts can become the practice from which law evolves

– So the “Liability Regime” and the “Contract Regime” actually go hand in hand from a technology perspective.

P3P (www.w3.org/p3p) Semantics for the contract – what information, for what intended use, what will be done with it, what are my remedies,


ISTPA.org Framework

PI Container (PIC)

PI Contract

PI

Intended Use

Credentials

PoliciesConditionsPermissions

Identity CredentialsSignature


ISTPA.org Framework

Legal, Regulatory, and Policy Context

Security Foundation

Agent

Control

Interaction

Negotiation

Data Subject Data Requestor

Usage

PI, Preferences& PIC Repository

Agent

Control

Interaction

Negotiation

PIC Repository

PIContainer

(PIC)

EnforcementAuditCertificationValidation

Assurance Services


Privacy Server Protocol at CMUhttp://yuan.ecom.cmu.edu/psp

1.bilateral and negotiated agreements between client and server using HTTP or HTTPS.

2.agreements that have scope in time (a start and expiration),

3.agreements that have scope over digital and non-digital interactions (including mail and phone contacts),

4.agreements that cannot be repudiated 5.agreements that can be indexed by

the server using server-only Privacy Universal Identifiers (PUIDs).


More Review


Access• User and Group Access Rights is the Basis

for Unix Security AND Windows 2000 Security!

– Read, Write, Execute on a file/directory/device

• The biggest TCO (total cost of ownership) in a computer system is administering and working with access control.

– Because things just don’t work until you get the access rights working properly

– People think it is something wrong with the program when it is really just the security environment that is set wrong.

• A GREAT REASON to REALLY LEARN YOUR ACCESS CONTROL SYSTEM!


Bits

• 010 = 2 =~ 020 (if you know these are bits!)

• 100 = 4 =~ 400

• 4577 (100 101 111 111)

• 4755 (100 111 101 101) – very common for executables


Unix Access Protections• What has access protections u-rwx g-rwx o-rwx?

– Files – Directories– Devices (/dev/)– Programs (must have execute bit set).

• All these have ONE user and ONE group that owns them.• Each User is ONE user and ONE DEFAULT group but many group memberships.• Types of protections applied when creating/modifying

– User : rwx (u-rwx, -rwx------, or 0700)– Group : rwx (g-rwx, ----rwx---, or 0070) – other members of user’s group– Other : rwx (o-rwx, -------rwx, or 0007)– A directory : d (d--------- -> set automatically by file system)– SGID : (-----s--- or 2000) inherit group protections– umask 002 : automatically let everybody in group rwx

» Need private user group : user mary, group mary if umask 002 not 022.• A user can be a member of many groups but only the primary defaults to write unless

directory permission is set to overcome user permission (sgid bit set on directory).• When access is provided to a group, every member gets it.


Unix Access Control Model

FileFilerw(x/s)rwxrw(x/t)rw(x/s)rwxrw(x/t)

DirectoryDirectorydrwxrw(x/s)rwxdrwxrw(x/s)rwx

DevicesDevicesSome-other-time..Some-other-time..

YOU!YOU!

User aUser a

Group aGroup a

Group b..Group b..

Access Control List/VectorAccess Control List/Vector

umask 022umask 022

77SpecialSpecial sstsst

77UserUser

uurwxrwx

77GroupGroup

ggrwxrwx

77OtherOther

oorwxrwx

User aUser a

Group bGroup b

Execute Create Execute Create Delete xDelete x

User aUser a

Group bGroup b


Access Control Commands

• ls –l ; shows ACLs on files, directories, devices

• chmod o+rw file ; changes ACL on files, directories, devices

• groupadd group ; adds a group• gpasswd –a user group ; adds a user to a

group• chgrp user group ; changes the DEFAULT

group of a user.• touch file ; causes your ownership to go to

file• umask 002 ; changes your creation mask


Special Bits do ONE thing eachdrwsrwsrwt

• 4 Set User ID : causes an executable file (a program) to go into the access permissions of the owner of the file (note, group or OTHER could execute it!) not the person executing it.

• 2 Set Group ID : causes a new file that is being created in a directory to have the group ID of the directory, not the person (User) that is creating the file.

• 1 Sticky Bit : Causes a new file that is being created in a directory to not be deletable by just anybody in that directory but by the user who created the file. The file is ‘sticky’ because not-just-anybody can delete it.


umask

• Applies only when you are creating (touching, modifying) a file (directory, device…)

• 022 is the general default : only you can write a file but everybody else can read and execute it. It is a mask on the file settings given by environment.

• 002 lets everybody in your group write the file.

• 000 lets everybody write the file.• 277 lets only you read and execute (safety)• Just type “umask 277” in a shell window and

now when you make a file, it will have these attributes.


Special Unix Users

• Root can do anything except when he has protected himself, but he can change the self protections

• User -> can do what he is allowed to do by his who he is, his group memberships, and the file/directory/device ACLs

• Special Groups -> wheel


Some Peso default user-groups/etc/group

• GROUP : passwd : GID : user list

• root:*:0:maint,operator,root,sync

• bin:*:1:bin,anon,daemon,root

• daemon:*:2:bin,daemon,root

• sys:*:3:bin,adm,root

• adm:*:4:adm,daemon,root

• lp:*:7:lp,daemon

• wheel:*:10:root

• mail:*:12:mail,mmdf

• opr:*:13:halt,opr,reboot,shutdown,news

• news:*:13:halt,opr,reboot,shutdown,news

• uucp:*:14:uucp

lecture 7, 20-771: computer security, fall 2002 1 20-771: computer security lecture 6: privacy, csp...

Documents