Title: Public-Key Cryptography
1Part 3
2 Public-Key Cryptography
3Problem with DES
- Imagine that a bank wants to give customers
remote access to their accounts using
conventional encryption. - To limit each customer's access to only his own
account, the bank would create millions of
encryption algorithms and keys. - This solution is impractical.
- On the other hand, giving the same encryption
algorithm and key to every customer, will not
guarantee the privacy.
3
4Public-key versus DES
- The solution to this problem is public key
encryption. - Every user has the same encryption algorithm and
key. - The decryption algorithm and key are kept secret.
- Anyone can encrypt information, but only an
authorized receiver can decrypt it. - The decryption algorithm is not the inverse of
the encryption algorithm. - In addition, the keys are different.
- Even with the encryption algorithm and encryption
key, an intruder still will be unable to decipher
the code.
4
5Public-key cryptography
- The public-key encryption is first publicly
proposed by Diffie and Hellman in 1976. - It is the first truly revolutionary advance in
encryption. - The public-key algorithms are based on
mathematical functions rather than on simple
operations on bit patterns. - Public-key cryptography is asymmetric, involving
the use of two separate keys. - The use of two keys has profound consequences in
the areas of confidentiality, key distribution,
and authentication.
5
6Misconceptions with Public-key
- Misconception 1
- Public-key encryption is more secure from
cryptanalysis than conventional encryption. - Fact
- The security of any encryption scheme depends on
- 1- the length of the key.
- 2- the computational work involved in
breaking a cipher.
6
7Misconceptions with Public-key
- Misconception 2
- Public-key encryption is a general-purpose
technique that has made conventional encryption
obsolete. - Fact
- On the contrary, because of the computational
overhead of current public-key encryption
schemes, there seems no foreseeable likelihood
that conventional encryption will be abandoned.
7
8Misconceptions with Public-key
- Misconception 3
- The key distribution is trivial when using
public-key encryption, compared to conventional
encryption. - Fact
- Some form of protocol is needed that is not
simpler or more efficient than those required for
conventional encryption.
8
9Public-key algorithm
A's Public key ring
B's public key
B's private key
Encryption Algorithm (RSA)
Decryption Algorithm
Network
User A
User B
9
10Ingredients of Public-key
- Plaintext
- This is the readable message that is fed into the
algorithm. - Encryption algorithm
- It performs various transformations on the
plaintext. - Public and private key
- This is a pair of keys that have been selected so
that if one is used for encryption, the other is
used for decryption. - Ciphertext
- This is the scrambled message produced as output.
- Decryption algorithm
- This algorithm accepts the ciphertext and the
matching key and produces the original plaintext.
10
11Basics of Public-key
- The public key of the pair is made public for
others to use. - The private key is known only to its owner.
- Public-key cryptographic algorithm relies on one
key for encryption and a different but related
key for decryption.
11
12Essential steps of Public-key
- 1- Each user generates a pair of keys to be used
for the encryption and decryption of messages. - 2- Each user places one of the two keys in a
public register or other accessible file. This is
the public key. The companion key is kept
private. - 3- Each user maintains a collection of public
keys obtained from others. - 4- If user A wishes to send a private message to
user B, then user A encrypts the message using
B's public key. - 5- When B receives the message, he decrypts it
using his own private key.
12
13Applications of public-key cryptography
- 1- Encryption/decryption
- Sender encrypts a message with the recipient's
public key. - 2- Digital signature
- The sender "signs" a message with his private
key. - Signing is achieved by a cryptographic algorithm
applied to the message or to a small block
(digest) of the message. - 3- Key exchange
- Two sides cooperate to exchange a session key.
13
14Requirements for public-key cryptography
- 1- It is computationally easy for a party B to
generate a pair (public key KUb, private key
KRb). - 2- It is computationally easy for a sender A,
knowing the public key and the message, M, to
generate the ciphertext. - 3- It is computationally easy for the receiver B
to decrypt the ciphertext using the private key
to recover the original message. - 4- It is computationally infeasible for an
opponent, knowing the public key, KUb, to
determine the private key, KRb.
14
15Requirements for public-key cryptography
- 5- It is computationally infeasible for an
opponent, knowing the public key, KUb, and a
ciphertext, C, to recover the original message. - 6- Either of the two related keys can be used for
encryption, with the other used for decryption.
15
16Differences between two schemes
Asymmetric symmetric Aspect
The secrete is personal. The secrete must be shared between users Key secrecy
Two keys Public private. One secrete key No. of keys
Different keys are used in each direction The key is used in both directions Direction
n personal secretes n(n-1)/2 shared secretes For n users
Plaintext and ciphertext are numbers Plaintext and ciphertext are symbols (characters or bits) Plaintext and ciphertext
Mathematical functions on numbers Simple operations on bits Operation
Encryption authentication key exchange. Encryption Applications
16
17The function
- A function is a rule that associates (maps) one
element in domain set A to one element in range
set B. - An invertible function is a function that
associates each element in the range with exactly
one element in domain.
17
18Trapdoor one-way function
- One-way function
- 1- f is easy to compute given x, yf (x) can be
easily computed. - 2- f -1 is difficult to compute given y, it is
computationally infeasible to calculate xf
-1(y). - Trapdoor one-way function
- 3- Given y and a trapdoor (secrete), x can be
computed easily.
18
19The RSA Encryption Algorithm
- It was developed in 1977 by Rivest, Shamir, and
Adleman at MIT and first published in 1978. - The RSA scheme is the most widely accepted and
implemented approach. - RSA is a block cipher in which the plaintext and
ciphertext are integers between 0 and (n-1) for
some n.
19
20Key generation of RSA
- Select two large prime numbers, p and q.
- The prime number is divisible only by 1 and
itself. - Calculate n p x q.
- Calculate y (p-1) x (q-1)
- Select a number that is relatively prime to y and
call it e. - This means that e is not a prime factor of y .
- Determine d such that (d x e) mod y 1.
- The public key used to encrypt is KUe,n
- The private key used to decrypt KRd,n.
20
21Encryption/decryption steps of RSA
- The encryption algorithm follows these steps
- Encode the data to be encrypted as a number to
create the plaintext M. - Calculate the ciphertext C as CMe (modulo n).
- Send C as the ciphertext.
- The decryption algorithm follows these steps
- Receive the ciphertext C.
- Calculate the plaintext MCd modulo n.
- Decode M to the original data.
21
22Operation of RSA
Key Generation Select p, q.
p and q are prime integers Calculate
npxq Calculate
y(p-1)(q-1). Select integer e
gcd(y,e)1 Calculate d
(exd) (mod y) 1 Public key
KUe,n Private key
KRd,n Encryption Algorithm Plaintext
M Ciphertext
C Me (mod n) Decryption
Algorithm Ciphertext
C Plaintext MCd (mod
n)
22
23Key generation of RSA
KUe,n
KRd,n
C Me mod n Encryption Algorithm
M Cd mod n Decryption Algorithm
23
24Example of RSA
- 1- Select two prime numbers, p7 and q17.
- 2- Calculate n pxq 7x17 119.
- 3- Calculate y (p-l)(q-1) 96.
- 4- Select e such that e is relatively prime to
y96 and less than y In this case, e5. - 5- Determine d such that dxe(mod 96)1 and dlt96.
- The correct value is d77, because 77x53854x96
1. - 6- The resulting public key is KU(5,119).
- 7- The resulting private key is KR(77,119).
24
25Example of RSA
25
26Reciprocity of RSA
- The RSA algorithm is reciprocal.
- This means that user A can use the B'private key
to send a message to user B, and - User B can decrypt the message using his own
public key. - Therefore, for the RSA cryptosystem, we have
- MD(E(M)).
- ME(D(M)).
26
27Combining Techniques
- Asymmetric cryptography is much slower than
symmetric. - For encipherment of large message, symmetric key
is used. - Asymmetric key is used for sending secrete key
securely.
PU
Pr
PU
Pr
27
28 Authentication
- Key management
- User authentication
- Digital signature
- Pretty Good Privacy
29Deffie-Hellman Key Exchange
- The purpose is to enable two users to exchange a
secret key securely for subsequent encryption of
messages. - The Diffie-Hellman algorithm depends on its
effectiveness on the difficulty of computing
discrete logarithms. - There are two publicly known numbers a prime
number q and an integer a that is a primitive
root of q. - Suppose the users A and B wish to exchange a key.
- User A selects a random integer XA lt q and
compute - YA a XA mod q.
29
30Deffie-Hellman Key Exchange
- Similarly, user B interdentally selects a random
integer XBltq and computes - YB a XB mod q.
- Each side keeps the X value private and makes the
Y value available publicly to the other side. - User A computes the key as
- K (YB)XA mod q.
- and user B computes the key as
- K (YA)XB mod q.
- These two calculations produce identical results.
30
31Deffie-Hellman Key Exchange
Global Public Elements q
prime number a
a lt q
a is a
primitive root of q User A Key Generation Select
private XA XA lt q Calculate
public YA YAaXA mod q User B
Key Generation Select private XB
XBltq Calculate public YB
YBaXB mod q Generation of Secret Key by User
A K (YB)XA mod q Generation of Secret Key by
User B K (YA)XB mod q
31
32Example-1
- Assume the prime number q and a primitive root a
of q as - q 71 and a 7.
- A selects his private key as XA 5
- B selects his private key as XB 12.
- Each computes its public key
- YA 75 mod 71 51
- YB 712 mod 71 4
- After they exchange public keys, each can compute
the common secret key - K(YB)XA mod 71 45 mod 71 30
- K(YA)XB mod 71 5112 mod 71 30
32
33Example-2
- Assume the prime number q and a primitive root a
of q as - q 23 and a 7 gcd(a,q)1, altq
- A selects his private key as XA 3
- B selects his private key as XB 6.
- Each computes its public key
- YA 73 mod 23 343 mod 2321
- YB 76 mod 23 117649 mod 234
- After they exchange public keys, each can compute
the common secret key - K(YB)XA mod 23 43 mod 23 64 mod 23 18
- K(YA)XB mod 23 216 mod 2385766121 mod 23 18
33
34Man in the middle attack
- Weakness of Deffie-Hellman Key Exchange
- Intruder can fool A and B by creating two keys
- one between him and A.
- another between him and B.
- Two keys instead of one are created.
34
35Man in the middle attack
ya aXa mod q
ya
yi aXi mod q
yi
yi
yb aXb mod q
yb
K yiXa mod q
K yiXb mod q
K1 yaXi mod q
K2 ybXi mod q
K1
K2
35
36Key distribution center (KDC)
- The problem in man in the middle attack is that
the values of ya and yb are transmitted as
plaintext. - Any correspondence should be encrypted using
symmetric key this could create vicious circle. - The solution is a trusted third party KDC.
- A and B are both clients of KDC.
- A has a symmetric key KA with KDC.
- B has a symmetric key KB with KDC.
- Both A and B will share the session key KAB.
36
37First approach using KDC
Identity of A B
A, B
1
KAB
KB
A, B, KAB
2
Ticket
KB
A, B, KAB
3
Exchange data using KAB
37
38Needham-Schroeder Protocol
- This protocol uses multiple challenge-response
interaction between parties to achieve a flawless
protocol. - It uses 4 different nonces RA , RB , R1 and R2.
39Needham-Schroeder Protocol
A
1
RB
2
A, B, RA
3
RB
RA, B, KAB
4
A, RB, KAB
KAB
A, RB, KAB
5
R1
KAB
6
R1-1, R2
KAB
7
R2-1
39
40Kerberos
- It is an authentication protocol and a key
distribution center designed at MIT. - It is named after the three-headed dog in Greek
mythology that guards the gates of Hades. - Three servers are involved in the Kerberos
protocol - 1- an authentication server (AS),
- 2- a ticket-granting server (TGS),
- 3- a real (data) server that provides
services to others.
40
41Kerberos servers
- Each user registeredwith AS.
- It grants a user ID and Password.
- It verifies user, issues session key and sends
ticket to TGS.
1
Authentication Server (KDS)
Request ticket for TGS
2
A-TGS session key and ticket for TGS
Ticket Granting Server
- It issues ticket for B.
- It provides session key KAB.
3
Request ticket for B
4
A-B session key and ticket for B
Real Server
5
Request service
6
Provide service
42Kerberos operation
A
1
KTG
KS
A, KS
2
KTG
B
T
3
A,KS
KB
4
A,KAB
B,KAB
KB
KAB
T
5
A,KAB
KAB
6
T1
Requesting and receiving services using KAB.
42
43User Authentication
44User authentication
- Authentication is a procedure that verifies the
identity of one entity for another. - An entity can be a person, a process, a client,
or a server. - In message authentication, the identity of the
sender is verified for each single message. - In user authentication, the user identity is
verified once for the entire duration of system
access.
44
45User authentication
Approaches of user authentication
User authentication with symmetric-key
User authentication with public-key
Digital signature
Using Symmetric key only
Using a nonce
Bidirectional authentication
45
46Using symmetric key only
- A sends his identity and password in an encrypted
message using symmetric key KAB. - Intruder can store data and authentication
message and resend them later to B. - B has no way to know that this is a replay of a
previous message ( no guarantee for freshness).
KAB
A, Password
A sends data to B using KAB
46
47Using a nonce
- A nonce is a large random number that is used
only once a one-time number. - B uses a nonce to challenge A.
- A responds by encrypting nonce with symmetric key
KAB.
A
1
RB
2
RB
3
A sends data to B using KAB
47
48Bidirectional authentication
- Both A and B need to authenticate each other.
- A has its nonce RA, and B has RB.
A, RA
1
RB
2
RA
RB
3
A sends data to B using KAB
48
49Digital Signature
50Digital Signature and Authentication
- Authentication
- It is the technique by which an entity verifies
that his partner is who he purports to be and not
an imposter. - It can be easily achieved if both parties share a
common secret key or keys. - However, it is much more nicely done using public
key cryptography.
50
51Digital Signature and Authentication
- Suppose that User A wants to send a message to
User B. - It is not important that the message be kept
secret. - User A wants User B to be certain that the
message is indeed from him. - User A uses his own private key to encrypt the
message or part of it. - When User B receives the ciphertext, he finds
that he can decrypt it with User A's public key. - Thus proving that the message must have been
encrypted by User A.
51
52Digital Signature and Authentication
- No one else has User A's private key.
- Therefore no one else could have created a
ciphertext that could be decrypted with User A's
public key. - Therefore, the entire encrypted message serves as
an electronic or digital signature. - In addition, it is impossible to alter the
message without access to User A's private key. - So the message is authenticated both in terms of
source and in terms of data integrity.
52
53Digital Signature and Authentication
A's private key
A's public key
Encryption Algorithm (RSA)
Decryption Algorithm
Network
User A
User B
53
54Digital Signature and Authentication
- It is important to emphasize that the encryption
process just described does not provide
confidentiality. - The message being sent is safe from alteration
but not safe from eavesdropping. - A more secure approach is to use recipient's
public key to encrypt the message, so that only
the recipient can read it. - This step is only necessary if both
authentication and secrecy are needed.
54
55Digital Signature
- Digital signature can provide integrity,
authentication and nonrepudiation, but cannot
provide privacy. - 1- Integrity
- It is preserved because changing the message will
make the decrypted message unreadable. - 2- Authentication
- Encrypting the message with ones key cannot be
decrypted with others key. - 3- Nonrepudiation
- Encrypting with private key of a user cannot be
denied.
55
56Signature, ciphering and Authentication
- The following approach provides three key
objectives - The receiver can verify the claimed identity of
the sender, because only the sender's public key
will decrypt it. - The sender cannot later repudiate the contents of
the message, because only the possessor of the
specific private key could have guaranteed it. - The receiver cannot possibly have concocted the
message himself.
56
57Signature, ciphering and Authentication
B's public key
A's public key
A's private key
B's private key
Encryption Algorithm
Decryption Algorithm
User A
User B
57
58Signing the digest
- Public-key encryption is efficient if the message
is short. - The user creates a miniature version or digest of
the document and signs it. - To create the digest, we use a hash function.
58
59Properties of Hash function
- 1- The hash function creates a fixed-size digest
from a variable-length message. - 2- Hashing is one-way
- The digest can only be created from the message,
not vice versa. - 3- Hashing is a one-to-one function
- Two messages will not create the same digest.
Hash function
59
60Creating a Hash function
- This can be accomplished using iteration.
- A function with variable-size input is not used.
- A function with fixed-size input (compression
function) is created and used as many times as
necessary. - The compression function compresses an n-bit
string to create an m-bit string ngtm. - The scheme is called an iterated cryptographic
hash function.
Compression Hash function
60
61Merkle-Damgard scheme
Padding/length
Original message
n bits
n bits
n bits
M1
M2
Mr
Compression function
- Message and padding are appended to be divisible.
- H0 is set to a fixed value (initial vector IV).
- Hi f (Hi-1 , Mi).
- Hr is the cryptographic hash function of message
h(M).
61
62Two groups of compression functions
- 1- Hash function made from scratch
- These are particularly designed for this
purpose. - The two most common hash functions are
- Message Digest 5 (MD5) produce 120-b digest.
- Secure Hash Algorithm 1 (SHA-1) produces 160-b.
- 2- Hash function based on block ciphers
- A symmetric-key block cipher can be used as a
one-way compression function.
62
63Signing the digest at sender site
- The digest is encrypted (signed) using the
senders private key. - The encrypted digest is attached to the original
message and sent to the receiver.
To B
Message
Message
Signed Digest
Hash
A's private key
Encryption Algorithm
Signed Digest
Digest
63
64At receiver site
- The receiver separates the message from encrypted
digest. - He applies the same hash function to the message
to create a second digest. - He decrypts the received digest using senders
public key.
Message
Signed Digest
From A
Hash
Decryption Algorithm
A's public key
Digest
Digest
Compare
64
65Pretty Good Privacy (PGP)
- PGP protocol is used at the application layer of
Internet in sending e-mail. - It provides all 4 aspects of security
- privacy, integrity, authentication and
nonrepudiation. - PGP uses digital signature (a combination of
hashing and public key encryption) to provide
integrity, authentication and nonrepudiation. - It uses a combination of secret-key and
public-key encryption to provide privacy. - It uses one hash function, one secret key and two
private-public key pairs.
65
66PGP at sender site
Digital signature
Privacy
B's Public key
One time secret key
Encrypt
Emailsigned digest
Email
Message
Signed Digest
Encrypt
Hash
Encrypted (secret key message digest)
A's private key
Signed Digest
Encrypt
Digest
66
67PGP at receiver site
Encrypted (secret key)
Decrypt
Encrypted (secret key message digest)
One time secret key
Encrypted (message digest)
Decrypt
Message
Signed Digest
Hash
Decrypt
Digest
Digest
Compare
67
68 Network Security
- Proxy server
- Firewalls
- Intrusion detection
- Malicious programs
69Proxy Server
- A proxy server is an intermediary between a
network host and other hosts outside the network.
69
70Functions of Proxy Server
- 1- Caching of Web documents
- If corporate users access information on a Web
server, that information is cached to the local
proxy server. - This allows anyone to access this information
locally. - This reduces the amount of network traffic on the
Internet. - This leads to improved performance for the
corporate intranet and the Internet.
70
71Functions of Proxy Server
- 2- Corporate firewall access
- A proxy can provide safe passage for corporate
users to the Internet through a firewall. - This allows protected use of HTTP and FTP.
71
72Functions of Proxy Server
- 3- Filtering client transactions
- The proxy can control access to Web servers by
filtering client transactions. - Filtering is accomplished by limiting or denying
access to specific URLs, IP, host names, Web
contents and users. - In addition, you can deny access to an individual
by specifying that person's user name.
72
73Functions of Proxy Server
- 4- Transaction logging
- Administrators can track client activity and
customize which data to record. - This data includes accessed URLs, dates and
times, and the byte counts of all data that has
been transferred. - Information on routing and success of a
transaction can also be logged and used to
evaluate network performance.
73
74Functions of Proxy Server
- 5- Securing the host
- A proxy server can secure or block the host from
users accessing the site from the Internet. - 6- Enhanced administration
- Advanced logging and reporting, monitoring,
automatic proxy configuring, remote management.
74
75Firewall
- It is a secure computer system placed between a
trusted network and an untrusted one such as
Internet.
- Corporate network
- supervised.
- Controlled.
- Protected.
- Internet
- over which you have no control.
Security perimeter
75
76Functions of Firewall
- Filtering packets.
- Serving as a circuit-level or application-level
gateway. - Detecting intrusions.
- Providing enhanced password authentication.
- Logging and reporting.
- Taking evasive actions.
- Permitting encrypted access (with a VPN).
76
77Components of Firewall
- 1- Two routers that do packet filtering.
- 2- An application gateway.
Application gateway
Packet filtering router
Packet filtering router
Internet
- Every packet must transit 2 filters and an
application gateway to go in or out. - No other route exists.
Firewall
Inside LAN
Outside LAN
Corporate network
Security perimeter
77
78Packet filter
- Each packet filter is a router that inspects
every incoming or outgoing packet to be
inspected. - Packets meeting some criterion are forwarded
normally. - Those that fail the test are dropped.
- The packet filter on the inside LAN checks
outgoing packets and the one on the outside LAN
checks incoming packets. - Packets crossing the first hurdle go to the
application gateway for further examination. - Packet filters are typically driven by tables
configured by the system administrator.
78
79Table of packet filter
Intranet
Internet
1
2
Packet filter
Destination Port Destination IP Source Port Source IP Interface
131.34.0.0 1
23 (Telnet) (any) 1
194.78.20.8 1
80 (http) 2
79
80The application gateway
- Rather than just looking at raw packets, the
gateway operates at the application level. - A mail gateway, for example, can be set up to
examine each message going in or coming out. - For each one it makes a decision to transmit or
discard it based on header fields, message size,
or even contents. - Combined with encryption and packet filtering,
this arrangement offers a limited amount of
security at the cost of some inconveniences.
80
81The application gateway
malicious
http Proxy
Internet
All http packets
Accepted packets
Proxy Firewall
http Server
81
82Intrusion Detection
83Intruders
Security problem of networked system may be
Hostile trespass by software
Hostile trespass by users
- Unauthorized user logs on to computer.
- Takes the form of a virus, worm or Trojan horse.
- Authorized user acquires privileges beyond those
authorized.
83
84Intrusion techniques
- The objective of intruder is to gain access to a
system or to increase the range of privileges
accessible on a system. - This requires intruder to acquire protected
information such as passwords. - Each system must maintain a file that associates
a password with each authorized user. - This file should be stored with protection.
Intrusion fighting
Intrusion detection
Intrusion prevention
84
85First defense Password protection
Protection of password file
Access control
One-way encryption
- The system stores only encrypted form of users
password. - When a user presents a password, the system
encrypts that password and compares it with the
stored value. - In practice, hash function is used.
- Access to password file is limited to one or a
very few accounts.
85
86Techniques for learning passwords
- Try default passwords that are shipped with the
system. - Exhaustively try all short passwords (up to 3
characters). - Collect information about users such as names,
books, hobbies. - Try users phone numbers, ID numbers and room
numbers. - Try all legitimate license plate numbers.
- Use a Trojan horse to bypass restrictions on
access and copy the password file. - Tap the line between a remote user and the host
system.
86
87Password importance
- The front line of defense against intruders is
the password system. - Multi-user systems require that a user provide ID
as well as password. - Password serves to authenticate individual
logging on. - The importance of ID as a security way arises
from - ID determines whether a user is authorized to
gain access to a system. - ID determines the privileges accorded to the
user. - ID is used as discretionary access control.
87
88Securing password in UNIX systems
- Passwords are never stored in the clear.
- Each user selects a password of 8 printable
characters. - This is converted to 56-b that serves as a key of
DES. - DES algorithm is modified using 12-b salt value
related to time of assignment. - DES is exercised with 64-b block of zeros.
- The output serves as input for second encryption.
- Process is repeated for 25 encryptions.
- The resulting 64-b is translated into
11-character sequence. - The ciphered password is stored together with
salt and ID.
88
89Securing password in UNIX systems
User ID
Salt
E(Pwd)
Salt
Password
12 bits
56 bits
a Loading a new Password.
Crypt (3) DES
Load
11 characters
Password file
User ID
Salt
E(Pwd)
Password
User ID
Salt
b Verifying a Password.
Crypt (3) DES
Password file
Encrypted password
Compare
89
90Securing password in UNIX systems
- The salt serves three purposes
- It prevents duplicate passwords from being
visible in the password file. - It increases the length of the password without
requiring the user to remember additional
characters. This increases possible passwords and
complicated guessing passwords. - It prevents the use of a hardware implementation
of DES.
90
91Password selection strategies
- It is needed to eliminate guessable passwords
while allowing the user to select a password that
is memorable. - Four techniques are in use for password
selection - 1- Computer-generated passwords.
- 2- Reactive password checking.
- 3- Proactive password checking.
- 4- User education.
91
92Password selection strategies
- 1- Computer-generated passwords
- If the password are quite random in nature, users
will not be able to remember them even
pronounceable. - 2- Reactive password checking
- The system periodically runs its own password
cracker to find guessable passwords. - The system cancels them and notifies the user.
- It is resource intensive if job is done right.
- Also, passwords remain vulnerable until checking.
92
93Password selection strategies
- 3- Proactive password checking
- It is the most promising.
- A user is allowed to select password.
- At time of selecting, the system checks to see if
password is allowable, and if not, rejects it. - With sufficient guidance from the system, users
can select memorable un-guessable passwords. - It strikes a balance between user acceptability
and strength.
93
94Password selection strategies
- 4- User education
- Users are alerted with importance of unguessable
passwords. - Users are provided with guidelines for selecting
passwords. - The following rules could be enforced
- All passwords must be at least 8 characters long.
- Passwords must include at least one each of
uppercase, lowercase, numeric digits and
punctuation marks. - Do not use common names or nicknames.
- Do not use common personal information (date of
birth). - Do not repeat letters or digits in the password.
94
95Password aging
- It controls how often the users must change their
passwords. - The following rules could be enforced
- Maximum password age amount of time a user can
keep it. - Minimum password age amount of time a user must
keep it before changing. - Password history determines the number of
passwords the operating system will remember. - Minimum password length lowest number of
characters. - Password complexity.
95
96Second defense Intrusion detection
- The best intrusion prevention system will fail.
- The second line of defense is intrusion
detection. - It is based on the assumption that intruder
behavior differs from that of legitimate user. - Intrusion detection allows the followings
- If intrusion is detected quickly, intruder can be
identified and ejected from the system before any
damage. - Effective intrusion detection can serve as a
deterrent. - Intrusion detection enables data collection about
intrusion techniques to strengthen intrusion
prevention.
96
97Intrusion detection approaches
- 1- Statistical anomaly detection
- Collect data of behavior of legitimate users over
a period. - Statistical tests are applied to check intrusion
behavior. - Threshold detection defines threshold for
frequency of occurrence of various events. - A profile based activity of each user is
developed and used to detect changes. - 2- Rule-based detection
- Define a set of rules to decide intrusion
behavior. - Develop rules to detect deviation from previous
pattern. - An expert system searches for suspicious behavior.
97
98Honeports
- It is a relatively recent innovation in intrusion
detection. - Honeports are decoy systems that are designed to
lure a potential attacker away from critical
systems. - Honeports are designed to
- Divert an attacker from accessing critical
systems. - Collect information about attackers activity.
- Encourage the attacker to stay on the system long
enough for administrators to respond.
98
99Malicious programs
Malicious programs
Self-contained independent program
Needs host program and cannot exist
independently
Bacteria
Worms
Logic bombs
Trojan horses
Viruses
Trapdoors
99
100Malicious programs
- 1- Trapdoors
- A secrete entry point into a program that allows
gain access without going through the usual
security access procedure. - Trap doors have been used legitimately by
programmers to debug and test programs. - Trap doors become threats when they are used by
unscrupulous programmers to gain unauthorized
access. - It is difficult to implement operating system
controls for trap doors.
100
101Malicious programs
- 2- Logic bombs
- One of the oldest types of program threats.
- It is a code embedded in legitimate program that
is set to explode when certain conditions are
met. - Examples of conditions are presence or absence of
certain files, a particular day of the week or
application.
101
102Malicious programs
- 3- Trojan horses
- It is a useful program containing a hidden code
that when invoked performs some unwanted or
harmful function. - Motivations for Trojan horse
- 1- Accomplish functions indirectly that
unauthorized user could not accomplish directly
such as reading files. - The apparently useful program when executed
changes the invoking users files permissions to
make files readable. - 2- Data destruction through deleting users
files.
102
103Nature of viruses
- The virus is a program that can infect other
programs by modifying them. - The modification includes a copy of a virus
program, which can then go on to infect other
programs. - Biological viruses are tiny scraps of genetic
code that can take over a living cell making
replicas of virus. - A computer virus makes perfect copies of itself
to pass into new programs. - The infection can be spread from computer to
another through swapping disks or sending
programs over a network.
103
104Phases of virus lifetime
1- Dormant phase
- The virus is idle. Not all viruses have this
stage. - The virus will be activated by some event such as
date, program or file.
2- Propagation phase
- The virus places a copy into other programs or on
a disk. - Each infected program now will enter propagation
phase.
3- Triggering phase
- The virus is activated to perform its function.
4- Execution phase
- The function is performed. It may be harmless as
message on screen. - It may be damaging as destruction of programs and
files.
104
105Types of viruses
- 1- Parasitic virus
- The most common.
- It attaches itself to executable files and
replicates by infecting other executable files. - 2- Memory-resident virus
- It logged in main memory as part of a resident
system program. - The virus infects every program that executes.
- 3- Boot sector virus
- It infects a master boot record and spreads when
a system is booted from the disk containing the
virus.
105
106Types of viruses
- 4- Stealth virus
- It is a form of virus explicitly designed to hide
itself from detection by antivirus software. - 5- Polymorphic virus
- It mutates with every infection, making detection
by the signature of the virus impossible.
106
107(No Transcript)
108(No Transcript)