??? Yiter - PowerPoint PPT Presentation

About This Presentation

Title:

??? Yiter

Description:

Yiter itchen_at_kmu.edu.tw * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * Firewall ... – PowerPoint PPT presentation

Number of Views:28

Avg rating:3.0/5.0

Slides: 84

Provided by: cryp6

Category:

Tags: yiter

more less

Transcript and Presenter's Notes

Title: ??? Yiter

1
???????
??? Yiter itchen_at_kmu.edu.tw
1
2
(No Transcript)
3
?????

????- ????? ????,????????
??????, ??????????????
???????
Autorun.inf
xxx.exe (????, ???, ??)
Kavo_Killer.exe ??
WowUSBProtector ??
???????? autorun.inf ????
??????
http//wiki.kmu.edu.tw/index.php/Kavo_??

4
(No Transcript)
5
Kavo Killer
6
Wow USB protector
7
?????? XP Professional

Windows XP Professional
?? ? ?? ? ?? gpedit.msc (Windows XP Home Edition
??????)? ??
?? "????" ??, ????? ???? ? ?????? ? ??
??????? ? ?????? ??????
?? "????????" ???, ?? "???"
???? "???????" ?????, ?? "????"
??,?????????????

8
(No Transcript)
9
?????? XP Home

Windows XP Home (??? Windiws 2000)
?? ?? ? ?? ? ?? regedit
???????? HKEY_CURRENT_USER\SOFTWARE\Microsoft\Wind
ows\CurrentVersion\Policies\Explorer\NoDriveTypeAu
toRun
???? ????? 255,??? 255 (????????? autorun , ???
95 ??)
???

10
?????? XP Home
11
Outline(1/2)

?????
????????
?????
?????(Substitution, Transposition, DES)
??????(Advanced Encryption Standard, AES)
??????(RSA)
MAC
????

11
12
Outline(2/2)

???(Firewall)
????????
Packet Filtering
Application Gateway
Proxy Server
Screened Host Firewall

12
13
????????????
pw????
pw????
Sniffer, WireShark
pw????
eavesdropper
13
14
????????

Sniffer http//www.netscout.com
Wireshark http//www.wireshark.org
http//zh.wikipedia.org/zh-tw/Wireshark

14
15
WireShark
http//www.wireshark.org/download.html
16
????

?????????
????
318-1 ???????????????????????????,????????????????
????
318-2 ???????????????????????????,?????????
339-3 ??????????????,?????????????????
????????,?????????????,????????,??????????
??????????????????????,??
352 ???????????????,????????????,???
?????????????????
?????? ?????

17
?? -???????

358 ????????????????????????????????
,???????????????,??????????????? ?????????
359 ?????????????????????????,??????
?????,?????????????????????????
360 ??????????????????????????,?????
??????,????????????????????????
361 ??????????????????????,?????????
362 ??????????????,????????????,????
???????,???????????????????????? ?
363 ????????????????,??????

17
18
??????

Eavesdropping
OS??
Password???
Spoofing
Session Hijacking
??????virus?trapdoor
DOS, DDOS

18
19
???????
pw????
pw????
??
??
_at_
_at_
Sniffer, WireShark
_at_
eavesdropper
19
20
? ? ? ? ?
20
21
??,???????

????(Symmetric Key)??
KeKd
?????(Asymmetric Key)??
Ke?Kd

21
22
? ?
?????,????????, ?????,?????????? ?????,????????
?? ?,???????,????.? ????????,??????? ??,??????,???
??, ????????,???????, ???????,???????? ???,???????
??,?? ??????????.????? ??,????,???????? ?,????????
?,????. ?????,????????,? ???,????.??,???? ??????,?
????????. ...??????...
22
23
???

Substitution
Transposition

23
24
Substitution Ciphers(?????)

????????????
??apple???????bqqmf?
I love you ??j mpwf zpv
????????, ????????
???? Key ??

24
25
Transposition Ciphers
??????? ??????? ?,????? ??????? ??????? ??????? ??
????? ?????? ??????? ,???,?? ??????? ?????? ?????
?? ??????? ,??,??? ????? ??????
25
26
??????? ??????? ?,????? ??????? ??????? ???????
??????? ?????? ??????? ,,???,? ??????? ??????? ?
?????? ??????? ,??,?? ?????? ??????
26
27
26???????????
???? ???? ???? ???? ???? ????
A 0.0856 J 0.0013 S 0.0607
B 0.0139 K 0.0042 T 0.1045
C 0.0297 L 0.0339 U 0.0249
D 0.0378 M 0.0249 V 0.0092
E 0.1304 N 0.0707 W 0.0149
F 0.0289 O 0.0797 X 0.0017
G 0.0199 P 0.0199 Y 0.0199
H 0.0528 Q 0.0012 Z 0.0008
I 0.0627 R 0.0677
28
?????

Caesar Cipher
Momoalphabetic Cipher
Hill Cipher
Playfair Cipher
Vegenere Cipher (Polyalphabetic cipher)
Permutation Cipher
One-Time Pad

28
29
DES(Data Encryption Standard)

Plaintext M(64 bits)
Ciphertext C(64 bits)
Key K(56 bits or 64 bits)
Round Function F(X, Y)
X(32 bits) and Y(48 bits)
Rounds 16

29
30
DES(Cont.)

IP initial permutation IP(M) (L, R)
FP final permutation IP.FP FP.IP
(Ln, Rn) (Rn-1, Ln-1 ? F(Rn-1, K))
F(X, Y) Perm(S_box( Ext(X) ? Y))
C FP(R, L)

30
31
DES(Fig.)
31
32
DES(One round)
32
33
Triple DES
33
34
AES (Advanced Encryption Standard)

Joan Daemen, Vincent Rijmen in Belgium
128/192/256 bit keys, 128 bit data
?? 4 ??? , 10/12/14 round
AddRoundKey
SubBytes
ShiftRows
MixColumns

http//zh.wikipedia.org/zh-tw/??????
35
AES - AddRoundKey
36
AES - SubBytes
37
AES - ShiftRows
38
AES - MixColumns
39
RSA????(?????)

?????????
??????????p, q(????21024)
2005?, 663bit RSA ??Lattice sieve ?
??? n p q ? ?(n)(p-1)(q-1)
?????? ?(n) ????? e?
(?? gcd (e, ?(n))1)
??????????? d such that
d ??e d 1 mod ?(n)?
?(e, n)? Public key,d? Private key?

39
40
RSA (??)

(Cd mod n)
((Me mod n)d mod n)
Med mod n
M(k (p-1) (q-1)) 1 mod n
M1 mod nM
(??e d 1 (mod ((p-1) (q-1)))?)
Fermats little Theorem ??(n) mod n 1
Where (?,n)1

40
41
RSA (??1)

????? p101, q53, n101535353
??4657
?A?????(eA,NA)(7,5353)
???????????????dA743,
Where eA, dA1 mod (10052)
????? 4657743 mod 5353 1003
????????(eA,NA )??????
10037mod 53534657

41
42
RSA ??2,B?A

????? p3, q5
n3515
F(n) (3-1)(5-1)8
?? m13
????11?As Public key (eA,NA)(11,15)
??????????? Private key dA3,

42
43
11?F(n) ????
11 8
13-2 3-(8-6) 3-86 (11-8)-82(11-8)
3(11-8)-8 3(11)-4(8) ?Public key 11?F(n)
???? ??(11)????3,????key
8 6
3 2
2
1
43
44
RSA ??2,B?A(Cont.)

eAdA1131 mod F(n)
B?As Public key??????1311 mod 15 7
A ????Private key ????????
73mod 1513

44
45
RSA (??3, ??)

Example(???, p3, q5, n15, e11, d3)
A???(m13)?A? Private key ??
133 mod 157
B?? (13,7)?As Public key ??????
711 mod 15 ????13
??????????

45
46
RSA??????

RSA??exponential algorithm
RSA?????DES??????
???RSA????DES?1000?
???RSA?????DES?100?
?RSA??????
digital signature
protocol??key exchange?

46
47
???? One-way Function

????????????? f ?One-way Function
1. ??????F??x, ??????f(x)y.
2. ????????f ??????y, ?????? ???x ??yf(x)
Example
y f(x) xnan-1 xn-1a1xa0 mod p

? f ?
X
Y
47
48
Message Authentication Codes (MAC)

MAC is an authentication tag (also called a
checksum) derived by appying an authentic-ation
scheme, together with a secret key, to a message.
There are four types of MACs
(1) unconditionally secure
(2) hash function-based
(3) stream cipher-based or
(4) block cipher-based.

48
49
MAC -2

Hash function H(m1, m2, , mt)m
???Hash function MD5, SHA-1, ...
MAC is key-dependent one-way hash function
MAC are computed and verified with the same key
A B ???? key K
A send H(K, M) to B
B can reproduce As result

49
50
???????????

?????
DES, IDEA, AES(MARS, RC6, Rijndael, Serpent, and
Twofish), ...
??????
RSA, ElGamal, Elliptic Curve Cryptography

50
51
??(1/)

?????

Session Key
Session Key
I am Yiter
Asdvh
I am Yiter
DES
DES
51
52
??(2/)

??????

?????
??? Public key
???Private Key
_at_SDFGSASDF
I am Yiter
I am Yiter
RSA
RSA
52
53
??(3/)

?????????????

???Private Key
??? Public key
Session Key
(
Session Key
RSA
RSA
Session Key
Session Key
I am ???
Dthfgbshgzxcv
I am ???
AES
AES
Bdve_at_dgrse
53
54
??(4/)????

Example(???, p3, q5, n15, e11, d3)
?????(m13)?A???Private key ??????? 133 mod 157
A ???????(m13, c7)????B
B ??A? Public key (eA,NA)???????
m711 mod 15 13
?mm ?????

54
55
??(5/) ??????
??
??
Hashing
????
??
Hashing
????
????
????
????
Secret Key
Public Key
55
56
??(6/)

?????????????

???Private Key
??? Public key
Session Key
(
Session Key
RSA
RSA
Session Key
Session Key
Dthfgbshgzxcv
Rijndael
Rijndael
56
57
SSL Architecture
57
58
SSL Firefox Example
Https//...
59
Firefox - Facebook
Http//...
???
60
IE- Facebook
Http//...
61
IE-Yahoo
Https//...
62
????????

????
????
??

63
???? -??,??

??????
Pc cillin (Officescan), Norton, Kaspersky, AVG,
Avast, Avira (???), PC Tools, Comodo, ClamWin,
BitDefender, F-Secure, Dr. Web
??? spybot
????? Ad-aware
???? WowUSBProtector, Kavo_Killer

63
64
Firewall

??
??????????????????????????, ????????
A firewall system is used to control access to
or from a protected network ( a site ).
??? pcanywhere

64
65
Firewall??
65
66
Firewall ???

????????
????(Packet Filtering)
Application Gateway (Dual-homed Gateway)
Proxy Server
Screened Host Firewall

66
67
????????

???????????????(.log)
?????
??????
???????????????
????????????

67
68
????(Packet Filtering)
68
69
??????????

????(ICP, UDP, ICMP)??????
???????????(port 80, 443...)
??????IP?????(.edu)

Block or filter protocols?ports?and?addresses?
69
70
???????

??
Most Common ,easy and cheap
Fully transparency, no impact to user
??
Little or no logging capability
Complex filtering rules may become unmanageable
Rules are difficult to test thoroughly

70
71
Application GatewayDual-homed Gateway
71
72
Application Gateway??
72
73
Application Gateway

?????????????, ?????????????
????????
?Firewall?????, ?????????
???????????(FTP, Telnet)
???(.log)??????????????
??IP?????

73
74
Proxy Server
Proxy Server ??Internet ???????, ????????
???extra logging?and?advanced authentication?
Client
Proxy Server
Remote Server
Cache
74
75
Screened Host Firewall
Screened Host Firewall????? (packet filter)
?????? (application gateway) ???
75
76
Screened Host Firewall

?????????????
???????????????
???????????????
???????????????????

76
77
Screened Host Firewall

??
More flexibility.
Router filtering rules are simplified .
??
Less security. (packet can go directly inside)

77
78
Screened Subnet Firewall
78
79
Subnet v.s. Host Screened
Gateway

Subnet ? Host????Gateway?????,?????????????????,??
?????????????
??
More expensive
complex management
Less security if permit special?trusted?service.

79
80
What Cant a Firewall Protect Against

Firewalls cant protect against attacks that
dont go through the firewall , or rules that
make a leak.
Firewalls cant protect against?data driven?
attacks , like?Virus?.

80
81
Firewall?????