Known Information

1
Introduction

• Known Information
• Software Complexity
• Encryption Schemes
• Secure Web Documents
• Digital Signatures
• Firewalls
• Viruses, worms, Trojan Horses
• Protecting your privacy

2
Known Information

• Introduction
• Volunteered Information
• Information Collection

3
Known Information
Introduction

• Telephone listings
• Public events
• Company profile

4
Known Information
Volunteered Information

• Filling out a form on Web site

Information Collection

• Internet simplifies information collection
• Search engines

5
Software Complexity

• Contributing Factors
• Browsers, Networks, Operating Systems, and
  Servers

6
Software Complexity
Contributing Factors

• Program size
• Software interface
• Market forces
• Team development

Browsers, Networks, Operating Systems, and
Servers
Patches
7
What is network security?

• Secrecy only sender, intended receiver should
  understand msg contents
• sender encrypts msg
• receiver decrypts msg
• Authentication sender, receiver want to confirm
  identity of each other
• Message Integrity sender, receiver want to
  ensure message not altered (in transit, or
  afterwards) without detection

8
Internet security threats

• Packet sniffing
• broadcast media
• promiscuous NIC reads all packets passing by
• can read all unencrypted data (e.g. passwords)
• e.g. C sniffs Bs packets

C
A
B
9
Internet security threats

• IP Spoofing
• can generate raw IP packets directly from
  application, putting any value into IP source
  address field
• receiver cant tell if source is spoofed
• e.g. C pretends to be B

C
A
B
10
Internet security threats

• Denial of service (DOS)
• flood of maliciously generated packets swamp
  receiver
• Distributed DOS (DDOS) multiple coordinated
  sources swamp receiver
• e.g., C and remote host SYN-attack A

C
A
B
11
The language of cryptography
plaintext
plaintext
ciphertext
Figure 7.3 goes here

• symmetric key crypto sender, receiver keys
  identical
• public-key crypto encrypt key public, decrypt
  key secret

12
Encryption Schemes

• Basic Concepts
• Prime Numbers
• Private Key Cryptography
• Public Key Cryptography
• Hashing Algorithms

13
Encryption Schemes
Basic Concepts

• Method of encoding information
• Plaintext
• Ciphertext
• Cipher
• Encryption key
• Decrypt (decipher)

14
Encryption Schemes
Prime Numbers

• Whole-number factors are 1 and itself
• Composite numbers
• Almost prime
• Key

15
Encryption Schemes
Private Key Cryptography

• Sender and receiver share same private key
• Key used to encrypt plaintext and decrypt
  Ciphertext is the same D(E(Plaint
  ext)) Plaintext
  
  

16
Symmetric key cryptography

• substitution cipher substituting one thing for
  another
• monoalphabetic cipher substitute one letter for
  another

plaintext abcdefghijklmnopqrstuvwxyz
ciphertext mnbvcxzasdfghjklpoiuytrewq
E.g.
Plaintext bob. i love you. alice
ciphertext nkn. s gktc wky. mgsbc

• Q How hard to break this simple cipher?
• brute force (how hard?)
• other?

17
Public Key Cryptography

• public key cryptography
• radically different approach sender, receiver do
  not share secret key
• encryption key public (known to all)
• decryption key private (known only to receiver)

• symmetric key crypto
• requires sender, receiver know shared secret key
• Q how to agree on key in first place
  (particularly if never met)?

18

• Public Key Cryptography - Authentication
• Every sender has private key, e.g Alice has
  EA,,
• Every person has a public key, e.g. Alice key
  DA
• Alice sends a message to Bob
  EA(Plaintext) Ciphertext
  
  Bob can decrypt it using Alice public key
  
  and be sure that it was sent by Alice
  
  DA ( EA( Plaintext )) Plaintext
• It does not support privacy

19

• Public Key Cryptography - Confidentiality
• Every sender has private key, e.g Alice and Bob
  have EA,,, EB
• Every person has a public key, e.g. Alice and Bob
  keys DA DB
• Alice sends a message to Bob using Bobs public
  key DB (Plaintext) Ciphertext
  
  Bob can decrypt it using his
  private key
  EB(Ciphertext) Plaintext

20
Public key cryptography

• Figure 7.7 goes here

21
Encryption Schemes
Hashing Algorithms

• Verify that the message received is the same as
  message sent
• Compute value based on plaintext message
  e.g. product of number of as,
  es and hs plus os you
  are being followed, use backroads, hurry
  hash of the message is
  (3 x 4 x
  1) 4 16
• hash attached to the ciphertext
• if Bobs calculated hash is different than 16 he
  knows that the message has been altered
  

22
Secure Web Documents

• if whole skeleton key or locked padlock -
  document secure
• else document not secure
• Secure server - using encryption
• the URL usually begins with shttp//
• checking access permission
• agreeing on an encryption scheme
• Sniffing- intercepting transmitted packets
• submitting information from form to a CGI scipt
  with the get method is not secure

23
Digital Signatures

• Introduction
• Digital Signature Example
• Pretty Good Privacy

24
Digital Signatures
Introduction

• Mechanism used to officially sign electronic
  document
• Verify sender and content of message

25
Digital Signatures

• Cryptographic technique analogous to hand-written
  signatures.
• Sender (Bob) digitally signs document,
  establishing he is document owner/creator.
• Verifiable, nonforgeable recipient (Alice) can
  verify that Bob, and no one else, signed document.

• Simple digital signature for message m
• Bob encrypts m with his private key dB, creating
  signed message, dB(m).
• Bob sends m and dB(m) to Alice.

26
Digital signature Signed message digest

• Alice verifies signature and integrity of
  digitally signed message

• Bob sends digitally signed message

27
Digital Signatures

• Suppose Alice receives msg m, and digital
  signature dB(m)
• Alice verifies m signed by Bob by applying Bobs
  public key eB to dB(m) then checks eB(dB(m) )
  m.
• If eB(dB(m) ) m, whoever signed m must have
  used Bobs private key.

• Alice thus verifies that
• Bob signed m.
• No one else signed m.
• Bob signed m and not m.
• Non-repudiation
• Alice can take m, and signature dB(m) to court
  and prove that Bob signed m.

28
Pretty good privacy (PGP)

• Internet e-mail encryption scheme, a de-facto
  standard.
• Uses symmetric key cryptography, public key
  cryptography, hash function, and digital
  signature as described.
• Provides secrecy, sender authentication,
  integrity.
• Inventor, Phil Zimmerman, was target of 3-year
  federal investigation.

A PGP signed message

• ---BEGIN PGP SIGNED MESSAGE---
• Hash SHA1
• BobMy husband is out of town tonight.Passionately
  yours, Alice
• ---BEGIN PGP SIGNATURE---
• Version PGP 5.0
• Charset noconv
• yhHJRHhGJGhgg/12EpJlo8gE4vB3mqJhFEvZP9t6n7G6m5Gw2
  
• ---END PGP SIGNATURE---

29
Firewalls

• Security mechanism
• Protect LANs from Internet
• Network layer
• Proxy servers

30
Firewalls

• To prevent denial of service attacks
• SYN flooding attacker establishes many bogus TCP
  connections. Attacked host allocs TCP buffers
  for bogus connections, none left for real
  connections.
• To prevent illegal modification of internal data.
• e.g., attacker replaces CIAs homepage with
  something else
• To prevent intruders from obtaining secret info.

isolates organizations internal net from larger
Internet, allowing some packets to pass, blocking
others.

• Two firewall types
• packet filter
• application gateways

31
Packet Filtering

• Example 1 block incoming and outgoing datagrams
  with IP protocol field 17 and with either
  source or dest port 23.
• All incoming and outgoing UDP flows and telnet
  connections are blocked.
• Example 2 Block inbound TCP segments with ACK0.
• Prevents external clients from making TCP
  connections with internal clients, but allows
  internal clients to connect to outside.

• Internal network is connected to Internet through
  a router.
• Router manufacturer provides options for
  filtering packets, based on
• source IP address
• destination IP address
• TCP/UDP source and destination port numbers
• ICMP message type
• TCP SYN and ACK bits

32
Application gateways

• Filters packets on application data as well as on
  IP/TCP/UDP fields.
• Example allow select internal users to telnet
  outside.

1. Require all telnet users to telnet through
gateway. 2. For authorized users, gateway sets up
telnet connection to dest host. Gateway relays
data between 2 connections 3. Router filter
blocks all telnet connections not originating
from gateway.
33
Limitations of firewalls and gateways

• IP spoofing router cant know if data really
  comes from claimed source
• If multiple apps. need special treatment, each
  has own app. gateway.
• Client software must know how to contact gateway.
• e.g., must set IP address of proxy in Web browser

• Filters often use all or nothing policy for UDP.
• Tradeoff degree of communication with outside
  world, level of security
• Many highly protected sites still suffer from
  attacks.

34
Viruses, Trojan Horses, and Worms

• Some software is a security risk
• The mainstream news calls all such software
  viruses, but there are three different classes
  of such software
• A virus is a computer program that can replicate
  itself through files to move from computer to
  computer
• Some viruses are benign
• Others are very destructive

35
Viruses, Trojan Horses, and Worms

• A Trojan horse is a program that slips into a
  computer under the guise of another program
• Someone could e-mail a game to you that contains
  a Trojan horse. If you run the game you also run
  the Trojan horse
• The Trojan horse could record your keystrokes or
  allow someone to access your computer

36
Viruses, Trojan Horses, and Worms

• A worm is a program that is similar to a virus,
  but spreads through a network
• Software can be exploited by worms
• Some worms run over several computers
• Others communicate among themselves over the
  network
• A worm may be malicious or may take up system
  resources, causing a slowdown in performance

37
Viruses, Trojan Horses, and Worms

• You can take control and secure your computer
• Use antivirus software and keep it updated
• Antivirus software can scan files moving from the
  computer onto disks and CDs
• Your email and downloaded files can also be
  scanned
• Since new viruses are created every day, the data
  files needed to detect these viruses needs to be
  kept up-to-date

38
Viruses, Trojan Horses, and Worms

• Keep floppy disks out of your floppy drive unless
  you are actively working with the files on the
  floppy disk
• Some viruses can hide on the boot sector on a
  floppy
• These are triggered when the computer starts up
  and accesses the floppy disk
• If you need to work without a virus scanner
  running in the background, you should manually
  scan each file before opening or executing it

39
Viruses, Trojan Horses, and Worms

• Install a firewall on your home computer
  (especially if you use a broadband connection)
• Do not download files offered to you in chat
  rooms or personal Web pages
• For maximum safety, encrypt all files that
  contain sensitive information or store them
  offline on removable media
• Do not leave your computer connected to the
  Internet any longer than necessary

40
E-Mail Viruses

• E-mail is the number one source of computer
  viruses
• Attachments are the most common culprit
• Some attachments contain scripts
• A script is a small program written in a
  scripting language (e.g. Visual Basic)
• You can take precautions
• Configure your mailer to not open attachments
  automatically
• Save attachments and scan them first

41
E-Mail Viruses

• Microsoft Word documents are a popular source of
  viruses
• Someone can spread a virus unknowingly
• Precautions include
• Keeping your antivirus software up-to-date
• Saving an attachment and make sure that it is
  scanned before you open it
• Not opening a document that contains a macro

42
E-Mail Viruses

• Mailers that render messages into Web-like
  displays are susceptible to script attacks
• Some messages contain scripts
• If the script is automatically executed, it can
  cause harm
• Some threats can contain a blend of different
  types of attacks
• Nimda
• Love Letter

43
Hacker Attacks and Intrusions

• Hacker intrusions are less likely than viruses,
  but are more devastating
• Many companies monitor their computers, so home
  computers are easier targets
• It doesnt take much effort to break into a
  computer that is not protected
• Tools exist to make breaking into a computer as
  easy as point-and-click
• The existence of such tools doesnt mean that it
  is okay

44
Hacker Attacks and Intrusions

• The results can range from
• A hacker changing your wallpaper to
• Adding, changing, or deleting files
• You can take precautions to protect your computer
• The precautions are similar to those discussed
  earlier in regard to viruses
• Install a firewall, a software program that acts
  as a boundary between your computer and the
  outside world

45
Shopping Online

• Purchasing items online does have some risk
• There are some precautions you can take
• Using a credit card is better than a check
• Bank/debit cards are not equipped with the same
  consumer protections as credit cards
• Use the secure page, which uses the Secure
  Sockets Layer (SSL) when ordering

46
Shopping Online

• When using one-click shopping, choose a good id
  and password
• Though convenient, reusing the same ones is risky

47
Protecting Your Privacy

• The Internet has provided opportunities for data
  collection that go far beyond a marketers
  wildest dreams
• Your browser contains information about you,
  including the types of sites you visit
• Web pages can also be programmed to collect
  information about you, such as when you visited
  the site
• The Online Personal Privacy Act (2002) limits the
  kinds of information that is collected

48
Protecting Your Privacy

• To protect your privacy
• Do not provide personal information unless it is
  needed for a credit card transaction
• Do not provide your Social Security Number or
  other sensitive information
• When you do provide personal information, read
  the sites Privacy Policy
• Some companies sell your information, but you can
  opt-out of this

49
Protecting Your Privacy

• If you plan to use a portal, and have a
  personalized page, then you may need to supply
  personal information
• Be aware that this same information can be used
  by advertisers