Project: Simulated Encrypted File System (SEFS) Omar Chowdhury Fall 2015CS526: Information Security1.

Slides:



Advertisements
Similar presentations
Hashes and Message Digests
Advertisements

Lecture 5: Cryptographic Hashes
Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Module R2 CS450. Next Week R1 is due next Friday ▫Bring manuals in a binder - make sure to have a cover page with group number, module, and date. You.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
CMSC 414 Computer (and Network) Security Lecture 13 Jonathan Katz.
Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Lecture 13 Message Signing
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department
Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.
Csci5233 Computer Security1 GS: Chapter 6 Using Java Cryptography for Authentication.
MS systems use one of the following: LanManager Hash (LM) LanManager Hash (LM) NT LanManager (NTLM) NT LanManager (NTLM) Cached passwords Cached passwords.
Electronic Mail Security
Chapter 13 File Structures. Understand the file access methods. Describe the characteristics of a sequential file. After reading this chapter, the reader.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography.
Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.
Chapter 8: Scrambling Through Cryptography Security+ Guide to Network Security Fundamentals Second Edition.
Class 7 Practical Considerations CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Lecture 19 Page 1 CS 111 Online Authentication for Operating Systems What is authentication? How does the problem apply to operating systems? Techniques.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
1 Hashes and Message Digests. 2 Hash Also known as –Message digest –One-way function Function: input message -> output One-way: d=h(m), but not h’(d)
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
Chapter 15: Electronic Mail Security
SEC835 Runtime authentication Secure session management Secure use of cryptomaterials.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Password authentication Basic idea –User has a secret password –System checks password to authenticate user Issues –How is password stored? –How does system.
CS426Fall 2010/Lecture 61 Computer Security CS 426 Lecture 6 Cryptography: Message Authentication Code.
1 Memory Management Chapter 7. 2 Memory Management Subdividing memory to accommodate multiple processes Memory needs to be allocated to ensure a reasonable.
Week 4 - Friday.  What did we talk about last time?  Snow day  But you should have read about  Key management.
Authentication. Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0: Alice says “I am Alice” Failure scenario?? “I am Alice”
Lecture 18 Windows – NT File System (NTFS)
PGP & IP Security  Pretty Good Privacy – PGP Pretty Good Privacy  IP Security. IP Security.
PZAPR Parallel Zip Archive Password Recovery CSCI High Perf Sci Computing Univ. of Colorado Spring 2011 Neelam Agrawal Rodney Beede Yogesh Virkar.
PKCS #5: Password-Based Cryptography Standard
Yet another Pop Quiz COSC 6360 Fall The rules On any sheet of paper, please write  You full name, first name first  Today's date  Your answers.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
CS426Fall 2010/Lecture 51 Computer Security CS 426 Lecture 5 Cryptography: Cryptographic Hash Function.
File Systems - Part I CS Introduction to Operating Systems.
Dan Boneh Authenticated Encryption CBC paddings attacks Online Cryptography Course Dan Boneh.
CS555Spring 2012/Topic 151 Cryptography CS 555 Topic 15: HMAC, Combining Encryption & Authentication.
CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 13.Message Authentication.
Cryptography Hyunsung Kim, PhD University of Malawi, Chancellor College Kyungil University February, 2016.
@Yuan Xue Case Study (Mid-term question) Bob sells BatLab Software License Alice buys BatLab Credit card information Number of.
@Yuan Xue 285: Network Security CS 285 Network Security Message Authentication Code Data integrity + Source authentication.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
File-System Management
RSA Laboratories’ PKCS Series - a Tutorial
Chapter 5: The Art of Ensuring Integrity
Instructor Materials Chapter 5: The Art of Ensuring Integrity
ATTACKS ON WINZIP ENCRYPTION
Lesson 16-Windows NT Security Issues
CSE 484 Midterm Review “1st half of the quarter in 5 slides”
Instructor Materials Chapter 5: The Art of Ensuring Integrity
Instructor Materials Chapter 5: Ensuring Integrity
Presentation transcript:

Project: Simulated Encrypted File System (SEFS) Omar Chowdhury Fall 2015CS526: Information Security1

Motivation Traditionally files are stored in the disk in plaintext. If the disk gets stolen by a perpetrator, he can access all the data in the disk. Disk containing sensitive personal information getting stolen by hackers are very common. Fall 2015CS526: Information Security2

A Possible Defense (Encrypted File Systems) Defense: encrypt the files using some semantically secure encryption scheme. No one should be access/change the file’s contents without proper credentials. An individual with proper credentials should be able to perform all the necessary operations on the encrypted file. An encrypted file system (in short, EFS) can support such operations. Example: Solaris, Windows NT, and Linux support EFS. Fall 2015CS526: Information Security3

Goal of this Project Goal: Implement a simulated version of EFS Take-a-way message from cryptography lectures: Do not try to implement your own cryptography library rather use well-known cryptography libraries. We will specifically learn to usage of openSSL library. Additionally, we are trying something new this semester. To increase the communication between your classmates we want the projects to be inter-operable. Fall 2015CS526: Information Security4 Communication does not imply copying each other’s code

Logistics Team: You can work in a team of consisting of (maximum) two members. Fall 2015CS526: Information Security5 Project (1) User Authentication (2) Simplified SEFS (3) Full SEFS Inter-operability: 5% of the total project points. 20% 30% 45%

Part 1 – User Authentication using Passwords Username: Allowed characters: “a-zA-Z0-9” Length: >5 and <32 Password: Allowed characters: Length: >8 and <32 Salt: Randomly generated for each password Length 32 bytes Hashing algorithm: PKCS5_PBKDF2_HMAC_SHA1 Fall 2015CS526: Information Security6 Password file username:salt:hashedPassword ……………………………………….. passwd Field Separator Plaintext Hexadecimal 32 bytes

register_user(u,p,pFile) delete_user(u,p,pFile) is_user_valid(u,pFile) match_user(u,p,pFile) change_user_password(u,p,p n,pFile) Part 1 – Functionalities Fall 2015CS526: Information Security7 Password file u2:salt2:hashedPassword2 u1:salt1:hashedPassword1 u3:salt3:hashedPassword3 passwd Returns: OKAY -> 1 ERROR -> -1 Functions developed in this part of the project for checking user authentication will be used in the next two parts of the project.

Part 2 – Simplified SEFS Simplified SEFS Master key: Randomly generated, 128 bit Master IV: Randomly generated, 128 bit A sample master key file will be given to you which contains the binary representation of a key and IV. A sample key and IV loading program is given to you. A sample random key and IV generator program is given to you. Fall 2015CS526: Information Security8 Chunk file – Name can contain only alphanumeric characters File name length maximum 20 characters. Plaintext File F Meta File F.meta Chunk File Rname After encryption

Part 2 – File Format Fall 2015CS526: Information Security9 Meta file format Chunk file format File owner username Number of Chunks File size Start Chunk Name End Chunk Name Chunk name – Encryption key – Chunk HMAC IV (in plaintext) Next Chunk Name Size of File Content in this Chunk Plaintext file content 1 Same NULL

Master File List (Simplified SEFS Integrity Protection) Fall 2015CS526: Information Security10 File NameSHA256 Digest of the Meta file ………

Part 2 – Functionality create_file(u,p,filename) delete_file(u,p,filename) encrypt_file(u,p,filename) decrypt_file(u,p,filename,pfilename) read_from_file(u,p,filename,position,len) write_to_file(u,p,filename,position,newcontent) file_size(u,p,filename) file_integrity_check(u,p,filename) system_health_check() Fall 2015CS526: Information Security11 Returns: OKAY -> 1 ERROR -> -1 Returns: OKAY -> char * ERROR -> NULL

Part 2 – Read Operation Fall 2015CS526: Information Security12 Meta file format Chunk file format File owner username Number of Chunks File size Start Chunk Name End Chunk Name Chunk name – Encryption key – Chunk HMAC IV (in plaintext) Next Chunk Name Size of File Content in this Chunk Plaintext file content Master Key and IV

Full SEFS Generalization of the simplified SEFS. Each chunk can hold at most 1024 bytes of plaintext data. Each plaintext file can be divided into multiple encrypted chunk files. If a file has less than 1024 bytes of data, you are required to pad it with ASCII character 0 to make it 1024 bytes. Space restriction: You are required to use the minimum number of chunk files for storing each plaintext file Example: If you have a chunk containing 512 bytes of data and the user wants to write 200 bytes to the end of the chunk, you cannot create a new chunk and instead have to write into that chunk. Fall 2015CS526: Information Security13

Part 2 – Full SEFS Read Operation Fall 2015CS526: Information Security14 Meta file format Chunk file format File owner username Number of Chunks File size Start Chunk Name End Chunk Name Chunk name – Encryption key – Chunk HMAC IV (in plaintext) Next Chunk Name Size of File Content in this Chunk Plaintext file content ….

Potential Pitfalls Memory leaks – a lot of the operations of the project require pointer manipulation, make sure to free the pointer after usage File operations – file operations in C is complicated, you cannot write in the middle of a file without overwriting the content. You have to manually move the following content and then write something Error checking – a lot of errors can potentially happen during the operation and it is paramount that you do handle these errors. Do not assume inputs are well-formed. Perform input validation when applicable. Fall 2015CS526: Information Security15

Different parameters username a-zA-Z0-9 Length >= 6 and < 32 Password Length >= 9 and < 32 Password salt Randomly generated 32 bytes Master key 128 bits Master IV 128 bits Chunk keys 128 bits, randomly generated For encryption use, AES in the CTR mode Chunk IVs 128 bits, randomly generated Chunk names are randomly generated and cannot have space character in it For padding use the ASCII character 0 For hash mac, use HMAC with EVP_sha256() For digest, use SHA256 For password hash, use PKCS5_PBKDF2_HMAC_SHA1 with iteration value Fall 2015CS526: Information Security16

Questions If you do not understand any specifics, please do not make your own assumptions rather confirm with me. Making arbitrary, easy to implement assumptions will surely ensure you losing 5% of the inter-operability. Direct any questions related to the project to me through piazza, or drop by my office during office hours (LWSN 2142 R, Thursday 11:30am - Fall 2015CS526: Information Security17