Download presentation
Presentation is loading. Please wait.
Published byTrevor Hunt Modified over 8 years ago
1
Modeling security 1
2
Models - encryption r Alice and Bob have the same key k r Alice and Bob exchange encrypted messages r Eve wants to get the plaintext. What can she do? r What can Eve do? r The model we studied: eavesdropping, known plaintext, chosen plaintext/ciphertext r Bad news for the attacker Any reasonable algorithm (e.g. AES) beats all of these The best current (2012) attack on AES in the model breaks it in time 2 126.2 and more than 2 80 chosen ciphertexts. 2
3
New security goals r We “know” how to do confidentiality, integrity and authentication. r Is anything else even needed Hint: we need to work even with those we don’t completely trust r n-out-of n secret sharing r t-out-of n secret sharing 3
4
4 Administrative Details r Grade – 100% test r Office hours :Wednesday 13:00-14:00 r E-mail – niv.gilboa@gmail.com r Tel. 054-6501047 r Bibliography: Security engineering / R. Anderson Foundations of Cryptography, I and II/ O. Goldreich
5
Principles for the attacker r The model is a simplification r Complexity is your friend r Find the weakest link r Know the system Model assumes that attacker has full knowledge. Real life is different. r Know the attacks 5
6
Know the system r An encryption system includes Users Physical environment Plaintext storage & plaintext input Encryption software / hardware (Almost always) – a larger hardware / software system such as a computer A key A communication channel r Any of these elements can be vulnerable r The model considers just the communication link and input to the encryption algorithm 6
7
Know the Attacks r On users Social attacks – bribe the user, threaten the user, swindle the user Outside our scope r Physical environment Input attacks: e.g. key loggers, a bug in the wall Outside our scope 7
8
More attacks r Device hardware Side channel attacks – e.g. timing Fault attacks – e.g. glitch Optical attacks Chemical attacks r Question: so many options, why isn’t this part of the model? r Answer: they all require physical proximity and that is considered impossible 8
9
An economic approach r An attacker’s potential utility Money, knowledge, ideology, vengeance r The risks Cost of an attack Probability of failure Risk of getting caught r Example – table of attacks on encryption system 9
10
What about the defense? r A breach / exploit / attack has costs r Defense has its own costs r Problems All attack avenues must be adequately blocked Attacker’s model: plans, capabilities, utility are imperfectly known r Principles Know the attacks and the defenses Layered defense Redundancy is good But, remember the utility! 10
11
Shocking example 11 Do you know what this is? Here’s a hint
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.