Objectives - PowerPoint PPT Presentation

1 / 51

About This Presentation

Title:

Objectives

Description:

Objectives Get a non-product-specific perspective onto security in IT Demystify the commonly used terminology know your RC2 from AES Bring together various ... – PowerPoint PPT presentation

Number of Views:101

Avg rating:3.0/5.0

Slides: 52

Provided by: TalS152

Category:

more less

Transcript and Presenter's Notes

Title: Objectives

1
Objectives

Get a non-product-specific perspective onto
security in IT
Demystify the commonly used terminology know
your RC2 from AES
Bring together various aspects of security into
an integrated whole
Make some simple recommendations

2
Agenda

Defining Integrated Security (level 200)
Some Techniques for Securing IT (level 250)
Recommendations (level 200)
Printed/online slides include a section that
covers security risk analysis process they are
self-explanatory (7 easy slides please read at
your leisure)
Warning this is a fast and furious A-to-Z type
of a session. Attend at your own risk.

3
Defining Security
4
Security

Definition (Cambridge Dictionary of English)
Ability to avoid being harmed by any risk, danger
or threat
therefore, in practice, an impossible goal ?
What can we do then?
Be as secure as needed
Ability to avoid being harmed too much by
reasonably predictable risks, dangers or threats
(Rafals Definition)

5
Assets

What we are securing?
Data
Services (i.e. business etc. applications or
their individually accessible parts)
This session is not about securing
People (sorry), cables, carpets, typewriters and
computers (?!)
Indeed we (IT people) will secure the data on
the computer or services it offers and we will
often request that a PC should be locked up with
an armed guard but how this is done is not really
our business
Sometimes known as physical security

6
Digital Security as Extension of Physical
Security of Key Assets
7
Aspects of Security

Confidentiality
? Your data/service provides no useful
information to unauthorised people
Integrity
? If anyone tampers with your asset it will be
immediately evident
Authenticity
? We can verify that asset is attributable to
its authors or caretakers
Non-repudiation
? The author or owner or caretaker of asset
cannot deny that they are associated with it
Identity
? We can verify who is the specific individual
entity associated with your asset

8
Additional Aspects of Data and Service Security

Authorisation
? It is clear what actions are permitted with
respect to your asset
Loss
? Asset is irrecoverably lost (or the cost of
recovery is too high)
Denial of access (aka denial of service)
? Access to asset is temporarily impossible
Static cryptography is useful but not
sufficient
Backups etc. needed
Behaviour (pattern) of access analysis needed

9
Cryptography

Using really hard mathematics to implement most
of the security aspects mentioned earlier
Static
Cannot detect or prevent problems arising from a
pattern of behaviour
Relies of physical security of Key Assets (such
as master private keys etc.)
Strength changes with time, depending on the
power of computers and developments in
cryptanalysis

10
Behaviour (Pattern) Analysis

Prohibits reaching an asset if history of access
is out-of-pattern, e.g.
Password lock-out after N unsuccessful attempts
Blocking packets at a router if too many come
from a given source
Stopping a user from seeing more than N records
in a database per day
Time-out of an idle secure session
Active
Cannot prevent unauthorised use of asset still
need crypto
Can prevent legitimate access need easy and
secure unlock mechanisms
Strength varies with sophistication on known
attacks

11
Integrated Security

Security should be Integrated Security
Static Active Across All Your Assets
Based On Risk Assessment

12
1st Conclusion

As 100 security is impossible, you need to
decide what needs to be secured and how well it
needs to be secured
In other words, you need
Asset list
Risk impact estimate for each asset

13
Some Techniques for Securing IT
14
What is Really Secure?

Look for systems
From well-know parties
With published (not secret!) algorithms
That generate a lot of interest
That have been hacked for a few years
That have been analysed mathematically
Absolutely do not improve algorithms yourself
Employ someone to attempt a break-in

15
Behaviour (Pattern) Analysis

Fairly new area (with exceptions)
In addition to knowing your assets, you need to
know your perimeter (edge)
Do you?
Active access inspection and pattern matching are
the main techniques

16
Many Perimeters
Network Edge

External Network Edge
Between you and internet etc.
DMZ De-militarized Zone
Between network edge and all protected resources
Only minimal protection possible
Default Security Zone
The traditional LAN
High Security Zone
Network inside network
For key assets
Perimeter (Edge) of Isolation
Assets physically not connected to networks
Useful for some key assets (e.g. master keys)

17
Tools for Behaviour Analysis

Traditional Firewalls and Proxies around the
perimeters (edges)
Stateful packet inspection
Traditional Limiting number of accesses to Key
Assets
Password lock-outs
Newer Event Analysis and Active Agents
Rules can be programmed into some security
servers (ISA) or monitoring tools (MOM)
Neural networks are showing some promise for
out-of-pattern detection

18
Basic Crypto Terminology

Plaintext
The stuff you want to secure, typically readable
by humans (email) or computers (software, order)
Ciphertext
Unreadable, secure data that must be decrypted
before it can be used
Key
You must have it to encrypt or decrypt (or do
both)
Cryptanalysis
Hacking it by using science
Complexity Theory
How hard is it and how long will it take to run a
program

19
Symmetric Key Cryptography
Plain-text input
Plain-text output
Cipher-text
The quick brown fox jumps over the lazy dog
The quick brown fox jumps over the lazy dog
AxCv5bmEseTfid3)fGsmWe4,sdgfMwir3dkJeTsY8R\s_at_
!q3
Encryption
Decryption
Same key(shared secret)
20
Symmetric Pros and Cons

Weakness
Must agree the key beforehand
Securely pass the key to the other party
Strength
Simple and really very fast (order of 1000 to
10000 faster than asymmetric mechanisms)
Super-fast if done in hardware (DES, Rijndael)
Hardware is more secure than software, so DES
makes it really hard to be done in software, as a
prevention

21
Public Key Cryptography

Knowledge of the encryption key doesnt give you
knowledge of the decryption key
Receiver of information generates a pair of keys
Publish the public key in a directory
Then anyone can send him messages that only she
can read

22
Public Key Encryption
Clear-text Input
Clear-text Output
Cipher-text
The quick brown fox jumps over the lazy dog
The quick brown fox jumps over the lazy dog
Py75cbn)9fDebDFaqxzjFr_at_g5nmdFg5knvMdrkv
egMs
Encryption
Decryption
Different keys
Recipients private key
Recipients public key
23
Public Key Pros and Cons

Weakness
Extremely slow
Susceptible to known ciphertext attack
Strength
Solves problem of passing the key

24
Hybrid Encryption (Real World)
Launch key for nuclear missile RedHeat is...
25
Hybrid Decryption
fjdaj u539!3t t389E \_at_ 5e32\kd
26
Digital Signatures

Want to give plain text data to someone, and
allow them to verify the origin
Integrity, authenticity non-repudiation
Much more on this in my PKI session SEC390 at
1645 in room 6 today ?

27
DES, IDEA, RC2, RC5
S/MIME, SSL, Kerberos

Symmetric
DES (Data Encryption Standard) is the most
popular
Keys very short 56 bits
Brute-force attack took 3.5 hours on a machine
costing US1m in 1993. Today it probably is done
real-time.
Triple DES (3 DES) not much more secure but may
thwart NSA
Just say no, unless value of data is minimal
IDEA (International Data Encryption Standard)
Similar to DES, but not from NSA
128 bit keys
RC2 RC5 (by R. Rivest)
RC2 is older and RC5 newer (1994) - similar to
DES and IDEA

.NET Fx
PGP
S/MIME, SSL
.NET Fx
28
Rijndael
.NET Fx

Standard replacement for DES for US government,
and, probably for all of us as a result
Winner of the AES (Advanced Encryption Standard)
competition run by NIST (National Institute of
Standards and Technology in US) in 1997-2000
Comes from Europe (Belgium) by Joan Daemen and
Vincent Rijmen. X-files stories less likely
(unlike DES).
Symmetric block-cipher (128, 192 or 256 bits)
with variable keys (128, 192 or 256 bits, too)
Fast and a lot of good properties, such as good
immunity from timing and power (electric)
analysis
Construction deceptively similar to DES (S-boxes,
XORs etc.) but really different

29
CAST and GOST

CAST
Canadians Carlisle Adams Stafford Tavares
64 bit key and 64 bit of data
Chose your S-boxes
Seems resistant to differential linear
cryptanalysis and only way to break is brute
force (but key is a bit short!)
GOST
Soviet Unions version of DES but with a
clearer design and many more repetitions of the
process
256 bit key but really 610 bits of secret, so
pretty much tank quality
Backdoor? Who knows

30
Careful with Streams!

Do NOT use a block cipher in a loop
Use a crypto-correct technique for treating
streams of data, such as CBC (Cipher Block
Chaining)
.NET Framework implements it as ICryptoTransform
on a crypto stream with any supported algorithm

31
RC4

Symmetric
Fast, streaming encryption
R. Rivest in 1994
Originally secret, but published on sci.crypt
Related to one-time pad, theoretically most
secure
But!
It relies on a really good random number
generator
And that is the problem

PPTP
32
RSA, DSA, ElGamal, ECC

Asymmetric
Very slow and computationally expensive need a
computer
Very secure
Rivest, Shamir, Adleman 1978
Popular and well researched
Strength in todays inefficiency to factorise
into prime numbers
Some worries about key generation process in some
implementations
DSA (Digital Signature Algorithm) NSA/NIST
thing
Only for digital signing, not for encryption
Variant of Schnorr and ElGamal sig algorithm
ElGamal
Relies on complexity of discrete logarithms
ECC (Elliptic Curve Cryptography)
Really hard maths and topology
Better than RSA, in general and under a mass of
research

SSL, PGP
.NET Fx
.NET Fx
33
Quantum Cryptography

Method for generating and passing a secret key or
a random stream
Not for passing the actual data, but thats
irrelevant
Polarisation of light (photons) can be detected
only in a way that destroys the direction
(basis)
So if someone other than you observes it, you
receive nothing useful and you know you were
bugged
Perfectly doable over 10-50km long fibre-optic
link
But seems pretty perfect, if a bit tedious and
slow
Dont confuse it with quantum computing, which
wont be with us for at least another 50 years or
so, or maybe longer

34
MD5, SHA

Hash functions not encryption at all!
Goals
Not reversible cant obtain the message from its
hash
Hash much shorter than original
Two messages wont have the same hash
MD5 (R. Rivest)
512 bits hashed into 128
Mathematical model still unknown
But it resisted major attacks
SHA (Secure Hash Algorithm)
US standard based on MD5

S/MIME, SSL, PGP, Digital Sigs
.NET Fx
.NET Fx
35
Diffie-Hellman, SSL, Certs
PGP

Methods for key exchange
DH is very clever since you always generate a new
key-pair for each asymmetric session
STS, MTI, and certs make it even safer
Certs (certificates) are the most common way to
exchange public keys
Foundation of Public Key Infrastructure (PKI)
SSL uses a protocol to exchange keys safely
See session on PKI

Everyone
36
Cryptanalysis

Brute force
Good for guessing passwords, and some 40-bit
symmetric keys (in some cases needed only 27
attempts)
Frequency analysis
For very simple methods only (US mobiles)
Linear cryptanalysis
For stronger DES-like, needs 243 plain-cipher
pairs
Differential cryptanalysis
Weaker DES-like, needs from 214 pairs
Power and timing analysis
Fluctuations in response times or power usage by
CPU

37
Breaking It on 10 Million
Symme-tric Key ECC Key RSA Key Time to Break Machines Memory
56 112 420 lt 5 mins 10000 Trivial
80 160 760 600 months 4300 4GB
96 192 1020 3 million years 114 170GB
128 256 1620 10E16 years 0.16 120TB
From a report by Robert Silverman, RSA
Laboratories, 2000
38
Some Recommendations
39
Strong Systems

It is always a mixture! Changes all the time
Symmetric
Min. 128 bits for RC2 RC5, 3DES, IDEA,
carefully analysed RC4, 256 bit better
Asymmetric
RSA, ElGamal, Diffie-Hellman (for keys) with
minimum 1024 bits (go for the maximum, typically
4096, if you can afford it)
Hash
Either MD5 or SHA but with at least 128 bit
results, 256 better

40
Weak Systems

Anything with 40-bits (including 128 and 56 bit
versions with the remainder fixed)
CLIPPER
A5 (GSM mobile phones outside US)
Vigenère (US mobile phones)
Dates from 1585!
Unverified certs with no trust
Weak certs (as in many class 1 personal certs)

41
Summary

Decide what to secure and how
Have someone fulfil the role of CSO (Chief
Security Officer)
Combine static crypto-based security with active
behaviour (pattern) analysis
Use reasonably strong security mechanisms
Balance security against accessibility

42
Resources Reading

Visit www.microsoft.com/security
Attend sessions on PKI (incl. SEC390)
For more detail, read
Applied Cryptography, B. Schneier, John Wiley
Sons, ISBN 0-471-12845-7
Foundations of Cryptography, O. Goldereich,
www.eccc.uni-trier.de/eccc-local/ECCC-Books/oded_
book_readme.html
Handbook of Applied Cryptography, A.J. Menezes,
CRC Press, ISBN 0-8493-8523-7
PKI, A. Nash et al., RSA Press, ISBN
0-07-213123-3
Cryptography in C and C, M. Welschenbach,
Apress, ISBN 1-893115-95-X (includes code
samples CD)

43
Community Resources

Community Resources
http//www.microsoft.com/communities/default.mspx
Most Valuable Professional (MVP)
http//www.mvp.support.microsoft.com/
Newsgroups
Converse online with Microsoft Newsgroups,
including Worldwide
http//www.microsoft.com/communities/newsgroups/de
fault.mspx
User Groups
Meet and learn with your peers
http//www.microsoft.com/communities/usergroups/de
fault.mspx

44
evaluations
Please dont forget to complete your online
Evaluation Form
45
Risk Analysis for IT SecurityA Bonus Section for
Your Reading Pleasure
46
Examples

Asset
Internal mailbox of your Managing Director
Risk Impact Estimate (examples!)
Risk of loss Medium impact
Risk of access by staff High impact
Risk of access by press Catastrophic impact
Risk of access by a competitor High impact
Risk of temporary no access by MD Low impact
Risk of change of content Medium impact

47
Creating Your Asset List

List all of your named assets starting with the
most sensitive
Your list wont ever be complete, keep updating
as time goes on
Create default all other assets entries
Divide them into logical groups based on their
probability of attacks or the risk of their
location between perimeters

48
Risk Impact Assessment

For each asset and risk attach a measure of
impact
Monetary scale if possible (difficult) or
relative numbers with agreed meaning
E.g. Trivial (1), Low (2), Medium (3), High (4),
Catastrophic (5)
Ex
Asset Internal MD mailbox
Risk Access to content by press
Impact Catastrophic (5)

49
Risk Probability Assessment

Now for each entry measure probability the loss
may happen
Real probabilities (difficult) or a relative
scale (easier) such as Low (0.3), Medium, (0.6),
and High (0.9)
Ex
Asset Internal MD mailbox
Risk Access to content by press
Probability Low (2)

50
Risk Exposure and Risk List