Presentation is loading. Please wait.

Presentation is loading. Please wait.

Applied Cryptography part 2

Published byLizbeth Holt Modified over 6 years ago

Similar presentations

Presentation on theme: "Applied Cryptography part 2"— Presentation transcript:

1 Applied Cryptography part 2
Engineering Secure Software Applied Cryptography part 2

2 Recap Symmetric key: Public key:
Benefit: fastest, mathematically the strongest Drawback: distributing the keys Public key: Benefit: Easier to distribute the keys Drawback: Trusting public keys is tricky

3 SSL: Secure Sockets Layer
SSL (and/or TLS) is the public-key encryption standards today Protocols suffixed with “s” : https, ftps, etc. Another algorithm implementation best left to the experts HTTP Application Application HTTP SSL/TLC SSL/TLC TCP Transport Transport TCP IP Internet Internet IP Link Link

4 SSH Secure Shell SSH and public keys
Used for remote access into machines Ubiquitous for Unix-like systems Uses passwords by default SSH and public keys Key pairs have a one-time PRNG built in Private key Encrypted with a symmetric cipher Requires a “passphrase” to unlock Trust the public keys? authorized_keys Trust the host? known_hosts Thus, symmetric keys are used TWICE with SSH Passphrase: encrypt your private key (in case it’s stolen) In Transit: using an ephemeral key (nonce)

5 e.g. SSH Key pairs Untrusted public keys? me@client$ ssh-keygen –t rsa
Generating public/private rsa1 key pair... Enter file in which to save the key (~/.ssh/identity): Enter passphrase: Enter same passphrase again: Your public key has been saved in ~/.ssh/id_rsa.pub Your private key has been saved in ~/.ssh/id_rsa The key fingerprint is: 22:bc:0b:fe:f5:06:1d:c0:05:ea:59:09:e3:07:8a:8c Untrusted public keys? SSH-enabled servers don’t trust any public keys initially Need to copy your public key to the authorized_keys file on the server scp ~/id_rsa.pub ssh cat id_rsa.pub >> ~/.ssh/authorized_keys

6 SSH and known_hosts When I SSH into nitron, how do I know that this isn’t a malicious server who changed his network address? Answer: your known_hosts file Every server has a unique fingerprint First time you sign in, trust the key and add the key to your known_hosts cache Host changes? You’ll get a warning like this: @ WARNING: REMOTE HOST IDENTIFICATION HAS IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 8b:ff:a1:b5:08:2f:8f:fd:2e:2f:67:80:9e:ba:8d:ff. Please contact your system administrator. Add correct host key in /home/bob/.ssh/known_hosts to get rid of this message. Offending key in /home/bob/.ssh/known_hosts:2 RSA host key for has changed and you have requested strict checking. Host key verification failed.

7 Untrusted public keys? For ~$30/year, you too can get your public key signed!! Seriously, this is how it works e.g. Verisign & GoDaddy are “ceritificate authorities” (CA) Thus, trust the public key != trust the website Ray of hope: letsencrypt.org Self-signed certificate? Not usually a good idea to accept them, but… If the key changes, you will be alerted So you only need to trust the server once

8 Pretty Good Privacy An open protocol created in 1991
Primarily used for encryption today Very popular in open source culture Combines symmetric-key and public-key cryptography Symmetric is much faster and harder to crack than public-key Use public-key to distribute the symmetric key Untrusted recipient now has your symmetric key? One-time symmetric key only Use a secure PRNG to generate symmetric keys

9 PGP Web of Trust How do you trust PGP public keys?
Grocery Store Distributor Farmers How do you trust PGP public keys? There are no PGP “Certificate Authorities” Public key databases are open How do you know that the food you’re eating is disease-free? You trust the grocery store, who trusts the distributors, who trust the farmers FDA is also a trusted third party But, when you trust the farmers directly, you trust their food more In the same way, PGP incentivizes short trust chains Each person can “sign” someone else’s key, connecting you to them in the web of trust Each “hop” diminishes the trust of a given public key

10 PGP Mean Shortest Distance
How trusted should this key be? Geodesic paths (shortest paths) Compare the mean geodesic distance to the entire network mean “Closeness” in social network analysis Relatively trusted by the community? Many will trust you (direct connections) If you are trusted by people who are trusted (indirect) Low MSD? Not as relatively trusted Fewer people trust you Then less-trusted people trust you

11 e.g. MSD Web of Trust Compute shortest distances for every pair in your community D’Angelo & Avon MSD = / 3 = 1.34 Stringer MSD = / 3 = 1 Nobody trusts Omar Disconnected  Untrusted D’Angelo Avon Stringer Prop Joe Omar

12 e.g., MSD Web of Trust MSD for A?
= (2 (B) + 1 (C) + 2 (D) + 3 (E) + 4 (F) + 3 (G)) / 6 = 15/6 = 2.5 A C D F B G

13 Alt text: if you want to be extra safe, check that there's a big block of jumbled characters at the bottom.

14 Cryptanalysis Definition: “the analytic investigation of an information system with the goal of illuminating hidden aspects of that system” [NSA.gov] In other words: breaking cryptography Comes in many forms Brute force attacks Theoretical/Algorithmic weaknesses Side-channel attacks

15 Side Channel Attacks Side channel
Information emitted from a physical implementation of a cryptosystem Side channel vulnerabilities are mutually exclusive from algorithmic vulnerabilities Although coding vulnerabilities can lead to side channel attacks e.g. Password fields obscure the text to prevent someone from looking over your shoulder e.g. Keeping the sticky on your monitor

16 Timing attacks Use the timing of an operation to gain information
e.g. computing large prime numbers for SSL Constant concern for OpenSSL CVE “Square and multiply” algorithm e.g. timing for checking for a password e.g. cache-hit vs. cache-miss on a sensitive record

17 Data Remanence Deleted data is not always deleted
Hard drives release the memory, but it’s not necessarily overwritten Magnetic fields can remain even after it’s been overwritten Many, many creative ways to do this… Freezing RAM with liquid nitrogen Hibernation files Core dumps

18 So many more… Power monitoring attacks
Can predict which branch of an if-statement was taken by monitoring power Particularly nasty on embedded devices Even AES can be broken this way Acoustic analysis of hard drive sounds “Chatter” - even the known existence of encrypted communication can be useful information

19 Lessons from Side Channels
Okay, so what? Can we even do anything about this? What must software engineers do? Lesson 1: Identify your side channels Network chatter, timing, power, etc. Lesson 2: You have not identified all of your side channels Lesson 3: Better testing Realistic production environments Third-party testers with security experience

20 Keeping Up Networking & crypto algorithms are constantly changing
New networking protocols, new models Broken crypto algorithms You will need to keep up with the news on algorithms Organizations: CWE, OWASP Bloggers & Researchers Bruce Schneier: Steve Gibson: Gary McGraw: IEEE Privacy & Security

Download ppt "Applied Cryptography part 2"

Similar presentations

Engineering Secure Software. Networks, Crypto, & You.  Most application developers… Don’t implement networking protocols Don’t implement encryption algorithms.

Engineering Secure Software. Networks, Crypto, & You.  Most application developers… Don’t implement networking protocols Don’t implement encryption algorithms.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
NSRC Workshop Some fundamental security concerns... Confidentiality - could someone else read my data? Integrity - has my data been changed? Authentication.

NSRC Workshop Some fundamental security concerns... Confidentiality - could someone else read my data? Integrity - has my data been changed? Authentication.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.
Copyright © 1995-2003 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.

03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.
CSCI 6962: Server-side Design and Programming

CSCI 6962: Server-side Design and Programming
CRYPTOGRAPHY PROGRAMMING ON ANDROID Jinsheng Xu Associate Professor North Carolina A&T State University.

CRYPTOGRAPHY PROGRAMMING ON ANDROID Jinsheng Xu Associate Professor North Carolina A&T State University.
Security & Cryptographic Methods Unix System Administration May 28, 2008 Rabat, Morocco Hervey Allen.

Security & Cryptographic Methods Unix System Administration May 28, 2008 Rabat, Morocco Hervey Allen.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
Engineering Secure Software. Recap  Symmetric key: Benefit: fastest, mathematically the strongest Drawback: distributing the keys  Public key: Benefit:

Engineering Secure Software. Recap  Symmetric key: Benefit: fastest, mathematically the strongest Drawback: distributing the keys  Public key: Benefit:
Masud Hasan 03-60-475 SecueEmail VS Hushmail Project 2.

Masud Hasan Secue VS Hushmail Project 2.
Security & Cryptographic Methods PacNOG 6 Hervey Allen PacNOG 6 Hervey Allen.

Security & Cryptographic Methods PacNOG 6 Hervey Allen PacNOG 6 Hervey Allen.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Similar presentations

Ads by Google