20771: Computer Security Lecture 6: Privacy, CSP

1
20-771 Computer SecurityLecture 6 Privacy, CSP
Review

• Robert Thibadeau
• School of Computer Science
• Carnegie Mellon University
• Institute for eCommerce, Fall 2002

2
Todays lecture

• Unix Access
• Nestor 30th. XML and XML Security

3
This Week

• Mid Term on Wednesday
• Essay / Closed Book!
• Know IPAAA(A) and be ready to analyze and
  synthesize using it.
• Know Crypto Elements and be able to use them.
• Know how a X.509v3 Cert works as a Device
• Know TLS DH vs RSA
• Know Unix Access Model
• Have done your Linux Task

4
The How-Toof Computer Security

• Integrity Is it what it represents itself to
  be?
• Privacy Is it hidden from those without a right
  to see it?
• Authentication Is it from who it pretends to be
  from?
• Authorization Is it provided to who it is
  supposed to be provided to?
• Auditability Do I have a record of how it was
  used?
• Availability Is it there (Usually Integrity)?

It the service or the total data, program,
machine, facility, network that is secure whose
intention is being protected.
5
IPAAAAfor messages

• Integrity (message integrity it is the message
  sent or the one it was)
• Privacy (message is secret it cant be spied)
• Authentication (source and recipient are who they
  say they are)
• Authorization (recipient is permitted to read
  source is permitted to send)
• Auditability (the message can be proven to be
  passed successfully)
• Availability? (the message was not blocked in
  passage)

6
IPAAAAfor Login Access

• Integrity
• (login integrity it is the login it pretends
  to be change in transit or trojan horse login)
• Privacy
• (login is secret it cant be spied)
• Authentication
• (source is who he says he is?)
• Authorization
• (login accomplishes access permissioning
  perfectly?)
• Auditability
• (do I have a record?)
• Availability?
• (does it reliably take the login and reliably
  give you access?)

7
Other things to Secure?
8
Crypto Toolkit
PUBLIC KEY ONE KEY OPENS OTHER KEY CLOSES ONE KEY
PUBLIC ONE KEY PRIVATE Also called asymmetric
and trap door
PUBLIC KEY Send ONLY TO YOU (public key closes)
PUBLIC KEY - SIGNING Receive ONLY FROM ME (public
key opens)
PRIVATE KEY Very Fast Very Very Secure if Key,
128 bits, Used Once
PRIVATE KEY ONE KEY OPENS AND CLOSES Also called
symmetric
PRIVATE KEY Takes care of all problems if you
know only you and me have the key.
HASH FUNCTION MAKES ANYTHING ONE SIZE Also called
digest
HASH FUNCTION If Signed Proves INTEGRITY and
AUTHENTICITY
CHALLENGE RESPONSE
CHALLENGE RESPONSE Proves you know something
RIGHT NOW
9
X.509v3

• Self Signed
• Certificate Authorities
• Device Authorities
• Other Authorities (Program, Mail, etc.)

10
Microsoft CAPI/CSP

• Cryptographic Application Program Interface
  (CAPI)
• Cryptographic Service Provider (CSP)
• Windows Logon
• File Encryption/Decryption
• IPSec (IP Security Protocol) virtual private
  network
• SSL/TLS HTTPS
• Authenticode
• CAPI is the only thing allowed to call the CSP
• CSP can also be replaced with crypto hardware,
  including smart cards (smart cards are CSPs.)
• Unix/Java world RSA PKCS11 Cryptoki Protocol
  (same as CSP).

11
CSPISO 7816 PC/SC ICC Smartcard
PC or Server
Interface Device (IFD)
IFD Handler
ICC Resource Manager
ICC (Integrated Circuit Card)
Service Manager (CSP)
Interface Device (IFD)
IFD Handler
Crypto API
ICC (Integrated Circuit Card)
Windows and other Applications
12
CSP Functions

• CPAcquireContext Takes in table of function
  pointers and string identifying CSP container
  name. Returns handle to CSP for use by all other
  CSP.DLL functions.
• CPReleaseContext Releases context referred to by
  hProv handle. (Disconnects from CSP.)
• CPGenRandom Fills buffer with cbLen random bytes.
• CPGenKey Takes algorithm identifier for algorithm
  that will use this key. Generates and returns
  handle to a new key.
• CPDeriveKey Generates cryptographic session key
  using a hash of base data. Returns key handle,
  given handle to base data and an algorithm ID.
• CPDestroyKey Destroys key referenced by hKey
  handle.

13
CSP

• CPEncrypt/CPDecrypt Takes data, key handle, and
  optional hash handle. Encrypts or decrypts data
  in buffer.
• CPCreateHash Takes algorithm ID and optional key
  handle. Returns handle to hash object.
• CPHashData Hashes data buffer using hash object
  hHash.
• CPHashSessionKey Similar to CPHashData, but
  hashes key referenced by hKey instead of a raw
  data buffer.
• CPSignHash Takes signing key pair (dwKeySpec) and
  hash object (hHash), returns signed hash in a
  data buffer.
• CPDestroyHash Destroys hash object referenced by
  hHash.
• CPVerifySignatureTakes public key, hash object,
  and signature data buffer. Verifies signature
  and returns Boolean response (valid signature or
  not).

14
CSP

• CPGetUserKey Gets a handle to a permanent user
  key, given key specification (dwKeySpec).
• CPExportKey Securely exports key (hKey) in a blob
  encrypted with the public exchange key (kPubKey)
• CPImportKey Takes key blob and handle to exchange
  public key of destination user. Returns handle
  to imported key.

15
CSP Parameters

• (p)hProv Handle to Cryptographic Service
  Provider. Required in all CSP.DLL functions.
• (p)hKey Handle to a cryptographic key. Can be
  generated, derived or imported. Can be
  destroyed, exported, or have its parameters
  modified. Used to encrypt, decrypt, and create
  hashes.
• (p)hHash Handle to hash object. Used in encrypt,
  decrypt, and signature/verification functions.
• hBaseData Data used to derive session key in
  CPDeriveKey.
• hPubKey Public exchange key for key blob import
  and export, and signature verification.
• Algid Specifies algorithm for generating or
  deriving keys, or creating hashes. For session
  keys RC2, RC4, or DES. For key pairs, EXCHANGE
  or SIGNATURE (key pair type). 
• dwBlobType Specifies type of key blob to create
  when exporting a key. SIMPLE, PUBLICKEY,
  PRIVATEKEY, or OPAQUEKEY.
• dwKeySpec Specifies EXCHANGE or SIGNATURE, the
  type of key pair to be used. Used to sign hash
  and to get a permanent user key pair.
• pbSignature/(p)cbSigLen Signature data buffer and
  length, used for signing and verification of
  hashes.
• szDescription Description of data to be signed or
  verified. Use not recommended.
• phUserKey Handle to a permanent user key.
• szContainer String identifying CSP container name
  to acquire (used for acquiring CSP context).
• pVTable Table of pointers (VtableProvStruct) to
  callback functions (used for acquiring CSP
  context).
• cbBufLen/cbLen/pbBuffer/pbData/(p)cbDataLen
  Buffers and lengths for various different
  purposes 
• dwFlags Flags to customize operation of most CSP
  functions. Purpose differs for each function.
• dwParam Specifies parameter to get or change.
  Usually sets or uses values in a data buffer.

16
Windows, Unix, etc etc
Assume the Host can be Trusted
Trojans Don't Exist?
17
Break!
18
InformationPrivacy

• Law

• Technology

No matter how much you want to, you cant get
technology out of privacy or the law out of
privacy
19
Reasons

• There is no technically perfect solution possible
  Thomas Jeffersons notion of public and
  private.
• Therefore the Law becomes Indispensible
• Technology actually the computer will always
  surprise you The Turing Principle
• Therefore Technology cannot be frozen to a form
• Technology you need locks on the doors and
  policing of the laws
• This requires Technology

20
The Cookies Privacy Violation

• Technology will Surprise You
• DoubleClick
• A Web Page has many Objects on it
• Each Object can put a cookie on your machine

21
Reasons

• There is no technically perfect solution possible
  Thomas Jeffersons notion of public and
  private.
• Therefore the Law becomes Indispensible
• Technology actually the computer will always
  surprise you The Turing Principle
• Therefore Technology cannot be frozen to a form
• Technology you need locks on the doors and
  policing of the laws
• This requires Technology

22
Core Privacy Technology Digital Contracts

• Technologists agreeing that there is no option
  but to have digital contracts
• Digital contracts can become the practice from
  which law evolves
• So the Liability Regime and the Contract
  Regime actually go hand in hand from a
  technology perspective.
• P3P (www.w3.org/p3p) Semantics for the contract
  what information, for what intended use, what
  will be done with it, what are my remedies,

23
ISTPA.org Framework
24
ISTPA.org Framework
25
Privacy Server Protocol at CMUhttp//yuan.ecom.cm
u.edu/psp

• bilateral and negotiated agreements between
  client and server using HTTP or HTTPS.
• agreements that have scope in time (a start and
  expiration),
• agreements that have scope over digital and
  non-digital interactions (including mail and
  phone contacts),
• agreements that cannot be repudiated
• agreements that can be indexed by the server
  using server-only Privacy Universal Identifiers
  (PUIDs). 

26
More Review
27
Access

• User and Group Access Rights is the Basis for
  Unix Security AND Windows 2000 Security!
• Read, Write, Execute on a file/directory/device
• The biggest TCO (total cost of ownership) in a
  computer system is administering and working with
  access control.
• Because things just dont work until you get the
  access rights working properly
• People think it is something wrong with the
  program when it is really just the security
  environment that is set wrong.
• A GREAT REASON to REALLY LEARN YOUR ACCESS
  CONTROL SYSTEM!

28
Bits

• 010 2 020 (if you know these are bits!)
• 100 4 400
• 4577 (100 101 111 111)
• 4755 (100 111 101 101) very common for
  executables

29
Unix Access Protections

• What has access protections u-rwx g-rwx o-rwx?
• Files
• Directories
• Devices (/dev/)
• Programs (must have execute bit set).
• All these have ONE user and ONE group that owns
  them.
• Each User is ONE user and ONE DEFAULT group but
  many group memberships.
• Types of protections applied when
  creating/modifying
• User rwx (u-rwx, -rwx------, or 0700)
• Group rwx (g-rwx, ----rwx---, or 0070) other
  members of users group
• Other rwx (o-rwx, -------rwx, or 0007)
• A directory d (d--------- -gt set automatically
  by file system)
• SGID (-----s--- or 2000) inherit group
  protections
• umask 002 automatically let everybody in group
  rwx
• Need private user group user mary, group mary
  if umask 002 not 022.
• A user can be a member of many groups but only
  the primary defaults to write unless directory
  permission is set to overcome user permission
  (sgid bit set on directory).
• When access is provided to a group, every member
  gets it.

30
Unix Access Control Model
Access Control List/Vector
File rw(x/s)rwxrw(x/t)
User a
YOU!
Group b
Directory drwxrw(x/s)rwx
User a
User a
Group a
Group b
Group b..
Devices Some-other-time..
umask 022
Execute Create Delete x
31
Access Control Commands

• ls l shows ACLs on files, directories,
  devices
• chmod orw file changes ACL on files,
  directories, devices
• groupadd group adds a group
• gpasswd a user group adds a user to a group
• chgrp user group changes the DEFAULT group of a
  user.
• touch file causes your ownership to go to file
• umask 002 changes your creation mask

32
Special Bits do ONE thing eachdrwsrwsrwt

• 4 Set User ID causes an executable file (a
  program) to go into the access permissions of the
  owner of the file (note, group or OTHER could
  execute it!) not the person executing it.
• 2 Set Group ID causes a new file that is being
  created in a directory to have the group ID of
  the directory, not the person (User) that is
  creating the file.
• 1 Sticky Bit Causes a new file that is being
  created in a directory to not be deletable by
  just anybody in that directory but by the user
  who created the file. The file is sticky
  because not-just-anybody can delete it.

33
umask

• Applies only when you are creating (touching,
  modifying) a file (directory, device)
• 022 is the general default only you can write a
  file but everybody else can read and execute it.
  It is a mask on the file settings given by
  environment.
• 002 lets everybody in your group write the file.
• 000 lets everybody write the file.
• 277 lets only you read and execute (safety)
• Just type umask 277 in a shell window and now
  when you make a file, it will have these
  attributes.

34
Special Unix Users

• Root ? can do anything except when he has
  protected himself, but he can change the self
  protections
• User -gt can do what he is allowed to do by his
  who he is, his group memberships, and the
  file/directory/device ACLs
• Special Groups -gt wheel

35
Some Peso default user-groups/etc/group

• GROUP passwd GID user list
• root0maint,operator,root,sync
• bin1bin,anon,daemon,root
• daemon2bin,daemon,root
• sys3bin,adm,root
• adm4adm,daemon,root
• lp7lp,daemon
• wheel10root
• mail12mail,mmdf
• opr13halt,opr,reboot,shutdown,news
• news13halt,opr,reboot,shutdown,news
• uucp14uucp