Security and Crypto Algorithms

1
Security and Crypto Algorithms

• Introduction
• Cryptography
• Example car remote authentication
• Example secure web transactions
• Reading Ross Anderson, Security Engineering
  (available online)

2
Computer Security

• Lots of nasty people want to break into our
  computers
• Steal passwords (eg, for online bank)
• Steal data (eg, military plans)
• Shut down our system (extortionist threatening
  e-commerce website)
• How do we stop them?

3
Attacks

• Attacks can be technological
• Eg, computer virus, distributed denial of service
• Attacks can be physical
• Key-logger on victims keyboard
• Attacks can be social
• Convince victim to tell you his password

4
Defences

• Defences can be intended to stop attacks
• Defences can be intended to minimise liability in
  event of attack
• Fancy firewalls (in some cases)

5
Attacks

• Most attacks exploit human weakness
• Much more common than technology attacks
• People are usually the weakest link

6
Ex Getting passwords

• Some techniques which is most common?
• Break encryption used to send passwords over the
  Internet
• Get computer virus onto victims system
• Plant key-logger on victims keyboard
• Search victims office for written-down password
• Look over victims shoulder while he types
• Phone victim, pretend to be DIT (phishing)
• Set up website which asks for password, assume
  this will be the same as bank password
• Buy victim drink in pub, find out name of dog,
  children, etc

7
Getting passwords

• People attacks (phishing, pub, looking over
  shoulder, etc) much more common than
  technological attacks!
• Ex phishing attack on Abdn Uni staff
• Attacker used password to take over mail server
• So Microsoft blocked email to student accounts
• So security should focus on people first
• But put this aside for rest of lecture so can
  talk about software

8
Secure coding

• For most programmers, biggest impact of security
  is secure coding
• Avoiding bugs which can be exploited by hackers
  and other attackers
• Taken very seriously at Microsoft and many other
  software houses

9
Example Insecure Code

• Boolean checkPIN(String userPIN, int realPIN)
• try
• int userPINint Integer.parseInt(userPIN)
  
• if (userPINint ! realPIN)
• return false
• catch (NumberFormatException e)
• System.out.println(PIN is not a
  number!)
• return true

10
Example

• If attackers enters Fred as PIN, this causes
  NumberFormatException
• Error message printed
• But then true returned from method
• Ie, PIN verified!
• Many programmers dont think about what happens
  in an exception handler after the error is logged

11
Secure Coding

• Many such things that programmers need to be
  aware of
• Worst problem is buffer overflow
• Mostly for C programs, not a big issue in Java
• Source of 2/3 (?) of security updates/patches to
  software

12
Cryptography

• Algorithms to encrypt plaintext message into a
  ciphertext that looks like gibberish
• Charge 300 to VISA 4560720112985409 becomes
• iQA/AwUBO8RZysYL3oijlaCiEQI3OwCgm7UzwxUW26KR/emgIB
  sFavKAdgAoN4F
• Algorithms to decrypt ciphertext back into the
  original plaintext
• iQA/AwUBO8RZysYL3oijlaCiEQI3OwCgm7UzwxUW26KR/emgIB
  sFavKAdgAoN4F becomes
• Charge 300 to VISA 4560720112985409

13
Cryptography Terminology

• Encryption and decryption are based on an
  algorithm and a key
• sometimes two keys, one for encryption and one
  for decryption
• The algorithm is assumed to be public knowledge,
  but the key is secret
• Cryptanalysis is deciphering a text without
  knowing the key
• speciality of GCHQ, NSA, etc

14
Cryptography Usage

• Privacy we encrypt messages so third parties
  cannot read them
• snoopers cannot read your credit card number when
  you send it to Amazon
• Authenticity we encrypt messages to prove they
  are not from by a third party
• snoopers cannot forge an encrypted message to
  Amazon ordering 300 of books and charging it to
  our account

15
Cryptographic Systems

• Three building blocks
• Encrypt/decrypt using same key
• Known as secret key
• Encrypt/decrypt using different keys
• Usually a public key and a private key
• Encrypt only (decrypt impossible)
• No key (not needed)
• Known message digest (or hash confusing)

16
Mathematical Cryptography

• Modern cryptography has a strong mathematical
  basis
• Algorithms based on mathematics, especially
  number theory
• Formal theories about difficulty of cryptanalysis
  without knowing key
• Although generally assume P NP
• Details in Anderson

17
Secret key crypto SP-Networks

• Secret keys done using SP-networks
• An SP network is a series of substitutions and
  transpositions
• substitution map bytes (characters) into other
  bytes using a lookup table
• transpositions mix up bits from the different
  bytes.
• Repeat N times
• Reverse process to decrypt

18
Example

• Substitution
• A -
• c - ß
• Etc
• Transposition
• Swap 4 low-order bits of adjacent bytes
• Dr (x44, x72) - Bt (x42, x74)

19
Key

• Key can control substitutions and transpositions
• Easier (and as effective) to add key to result
  after a round
• Can modify key after each round

20
AES

• Advanced Encryption Standard (AES)
• http//www.formaestudio.com/rijndaelinspector/arch
  ivos/rijndaelanimation.html
• SP-Network with 10-14 rounds
• Substitution and transpositions are fixed
• Key added after each round
• Keys are 16-32 bytes
• Default for US govt
• many others will use it as well
• Probably cannot be cracked with current
  technology.

21
Java

• Java has many operators that manipulate bits
• (and) (or) (exclusive or)
• (2 versions of right-shift)
• Javax.crypto cryptographic functions

22
Public Key Cryptography

• Algorithms with different encryption and
  decryption keys
• knowing encryption key does not tell you
  decryption key, and vice-versa
• RSA is best known
• We can publish one key and keep other secret
• Much slower (1000 times) than AES

23
Public Key Cryptography

• Privacy - public encryption key, private
  decryption key
• Anyone can send me a message that no one else can
  read
• Authenticity - private encryption key, public
  decryption key
• I can send a message to anyone else, and they can
  verify that it came from me

24
Maths Prime Numbers (RSA)

• Public encrypt key
• N product of two primes P and Q
• E another number (some constraints)
• Encryption Take plaintext to power E, ciphertext
  is result modulo N
• Decryption take cipher text to power D,
  plaintest is result mod N
• D is private key
• D cannot be calculated from E and N (public
  key), unless N can be factored

25
Example

• P 3, Q 11, N PQ 33 E 3
• Plaintext 5
• Ciphertext 5 3 mod 33 26
• D 7 (computed from P, Q)
• Decrypt 267 mod 33 5

26
Cryptanalysis

• Can derive private key from public key if can
  factor the N component of public key
• Can factor 512-bit number with 100s of CPU-years
• Available to NSA, GCHQ (not random hacker)
• Cannot factor 1024-bit number with present
  technology and maths

27
Message Digest Functions

• Produce a fixed length key (typically 20 bytes)
  from a message of arbitrary size.
• Given just key, cannot produce a text that hashes
  to this key
• Example use password storage
• if we store hashed passwords, then attacker wont
  know password even if he can read the password
  file

28
MD5

• Popular hash func for passwords, etc
• 64 rounds, in each round texts is broken into
  4-byte chunks which are combined in various ways
• Same idea as SP-Network, but not reversible
• If MD5(X) Y and you are given Y
• Cannot find X from Y
• Some people think may be able to find XX such
  that MD5(XX) is also Y

29
Systems

• How do all these components (secret key, public
  key, hash) work together in a complete system?
• How can a car key identify itself to a car
• How can we send our credit card number to Amazon
  securely?

30
Problem Car Remote

• Drivers want remote controls to open their car
• Send radio signal to car
• How stop attacker from faking right signal and
  getting into your car?
• Need protocol (algorithm) to identify remote to
  car
• Similar to military IFF (identify friend/foe)

31
Version 1 Password

• Version 1 car and remote programmed with same
  password
• Remote broadcasts password to car
• Car opens if password correct
• Vulnerability
• Thief can snoop and record password signal
• If only a small number (64K) of passwords, thief
  can sit in a car park and try them all
• Ideas for better protocols for identifying remote
  to car?

32
Version 2 Encrypt using key

• Version 2 car and remote programmed with same
  key for AES-like encryption algorithm
• Remote generates random number, encrypts it,
  sends number and encrypted version to car
• Car opens if (a) has never seen number before,
  and (b) encryption is correct according to its
  prestored key
• Key known to both but not transmitted
• So cannot be snooped
• Vulnerability thief can jam car, snoop signal
  from remote, and then replay

33
Version 3 Challenge Response

• Version 3 car and remote programmed with same
  key for AES-like encryption algorithm
• As in Version 2
• Remote request entry
• Car (not remote) picks random number, sends to
  remote
• More expensive, car and remote both need to send
  and receive
• Remote encrypts it, sends back to car
• Car opens if encryption is correct
• Vulnerability man in middle
• Complex, wouldnt be used against a car, is a
  concern in military applications

34
Man-in-Middle

• Two attackers, A1 and A2
• A1 is by car
• A2 is by victim (who is not near car)
• Both carry radio transceivers
• A2 convinces victim to press button on remote
• A1/A2 use trans to send request-entry signal to
  car random number back to remote encrypted
  number back to car
• Car opens for A1

35
Evolution

• Attacks get more sophisticated to deal with
  defences, so defenses get more sophisticated to
  deal with the new attacks, so attacks get more
  soph
• Common pattern in security
• At some point accept vulnerabilities
• Man-in-middle for car-remote

36
Prob Sending credit-card num

• Want to send credit card information and other
  sensitive data on Internet
• Concerned that net snoopers will be able to
  intercept and read
• Unclear how realistic this is in practice, unless
  CIA/NSA/GCHQ is attacker
• How can we use crypto to protect data?

37
Protocol (simplified)

• Amazon sends us its public key
• Accompanied by digital signature
• Based on certificate authority (eg,Verisign)
• Verisign uses its private key to encrypt (message
  digest of) Amazons public key
• Amazon sends this along with the actual key, in a
  certificate
• We compute digest of key and compare to decrypted
  version of Verisign-encrypted digest
• Using Verisigns public key, preloaded in our
  browser by Microsoft or Mozilla
• If match, accept key

38
Protocol (simplified)

• We can use Amazons public key to encrypt our
  credit-card info, and send this to Amazon
• More common to generate a random AES key (session
  key), and send an encrypted version of this to
  Amazon
• We can use this session key to encrypt the actual
  data

39
Protocol

• This is basis of SSL (https) protocol
• Actual protocol is much more complicated
• Main vulnerability is human (?)
• Can attacker convince Verisign to sign a
  certificate saying the attacker is Amazon?
• How well does Verisign check people who apply for
  certificates
• Sometimes not very thorough

40
Final Thoughts

• Remember that people are almost always the
  weakest link!
• Focus on them, not technology
• Be aware of secure coding principles when writing
  code
• Cryptography can help, but it needs to be part of
  a system
• More info in CS3515