Class 1 Background, Tools, and Trust CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman

This class Will discuss historical and modern work in security focusing on advanced concepts Coursework consists of: 1.Reading from “Cryptography Engineering,” “Security Engineering,” and papers 2.Class discussions 3.Quizzes, mid-terms, and a final exam

Administrative stuff Me: – Office: 316A Nichols Readings, quizzes, etc. on schedule page Watch for quiz announcements Periodically check main page for news and schedule page for changes and slides

Administrative stuff II Office hours: – Monday 3 – 4:30 PM – Thursday 2:30 – 4 PM – Or by appointment – In 316A Nichols or by teleconference Be sure to do the reading!! How was the reading?

Things to remember I can be wrong; papers can be wrong; anyone can be wrong! This class is experimental – if the workload is too heavy, if you’re not learning, if you are bored, let me know! Please contact me for any reason – , stop by my office, or make an appointment If you don’t understand something, ask!

More things to remember Secure hardware: FAIL! Mobile software agents: FAIL! Loss of security is a one-way trip* * Some exceptions apply – e.g. confidentiality, integrity (sometimes) Attacks only get better Security should be considered in design There is such a thing as too much security

Reading papers Read critically – Pretend you know it’s broken and let the writer convince you otherwise (or not!) Think like an adversary Are there implicit assumptions? Are the explicit assumptions reasonable? Some resources are online – (website external resources )external resources

Me being selfish Any questions about my research? (Just what is it that I do around here? :)

Security basics “What is being secured?” – And security goal/property “Secure against what?” – Threat/attacker model, players and resources Kerckhoffs’ principle – Roughly, the only thing secret about a security system should be the secret key Shannon’s maxim – “The enemy knows the system”

Safety vs. security Think like an adversary! Random → malicious faults Engineering for security: “What’s the worst that can happen?” Assume it will… Always, always, ALWAYS state your assumptions!

Security: fundamental differences Real world: physical, intuitive – Risk assessment People are not even good at this in the real world! – Trusted vs. trustworthy – Forensics, physical evidence Forgery – Fail “evident,” e.g. theft – Scale of failures

Building secure systems Players – Incentives and resources Adversary model – Logical or illogical: cost vs. payoff Levels of assurance Proactive vs. reactive enforcement – Fail-closed/secure or fail-open/insecure? – Method of returning to secure states

What does “secure” mean? Secrecy/Confidentiality Authenticity Integrity Privacy/Anonymity – Pseudonymity – Unlinkability – Deniability Accountability

Always state your assumptions!

More basics Trusted vs. trustworthy – e.g. the recent SSL Certificate Authority fiasco Risk, hazard, vulnerability – Adversary, ROI, scale Assurance levels – “Rainbow” book series, Common Criteria Method of returning to secure states Fail-closed/secure or fail-open/insecure?

Attack success variants Derive/recover secret key – Total break Forge signature/tag on any message – Universal break Forge for some chosen messages – Selective break Forge for some (garbled?) message – Existential break xkcd.com

Security mechanisms (incomplete list) Access control Authentication Separation of roles Logging Trusted components in the hands of trustworthy parties

Questions?