Security Attacks Active and Passive Active Masquerade impersonation

  • Slides: 19
Download presentation
Security Attacks: Active and Passive • Active • • • Masquerade (impersonation) Replay Modification

Security Attacks: Active and Passive • Active • • • Masquerade (impersonation) Replay Modification of message Denial of service Passive • Traffic analysis • Release of message contents Códigos y Criptografía Francisco Rodríguez Henríquez

Classes of Security Attacks • • Interruption Interception Modification Fabrication Códigos y Criptografía Anita

Classes of Security Attacks • • Interruption Interception Modification Fabrication Códigos y Criptografía Anita Betito Francisco Rodríguez Henríquez

Classes of Security Attacks: Interruption • Interruption • Availability • Interception • Modification •

Classes of Security Attacks: Interruption • Interruption • Availability • Interception • Modification • Fabrication Códigos y Criptografía Anita Betito Francisco Rodríguez Henríquez

Classes of Security Attacks: Interception • Interruption • Interception • Confidentiality • Modification •

Classes of Security Attacks: Interception • Interruption • Interception • Confidentiality • Modification • Fabrication Códigos y Criptografía Anita Betito Francisco Rodríguez Henríquez

Classes of Security Attacks: modification • Interruption • Interception • Modification • Integrity •

Classes of Security Attacks: modification • Interruption • Interception • Modification • Integrity • Fabrication Códigos y Criptografía Anita Betito Francisco Rodríguez Henríquez

Classes of Security Attacks: fabrication • • Interruption Interception Modification Fabrication • Authenticity Códigos

Classes of Security Attacks: fabrication • • Interruption Interception Modification Fabrication • Authenticity Códigos y Criptografía Anita Betito Francisco Rodríguez Henríquez

Security Services • Confidentiality - protect info value • Authentication - protect info origin

Security Services • Confidentiality - protect info value • Authentication - protect info origin (sender) • Identification - ensure identity of users • Integrity - protect info accuracy • Non-repudiation - protect from deniability • Access control - access to info/resources • Availability Códigos y Criptografía - ensure info delivery Francisco Rodríguez Henríquez

Some Practical Applications "Any sufficiently advanced technology is indistinguishable from magic. ” Arthur C.

Some Practical Applications "Any sufficiently advanced technology is indistinguishable from magic. ” Arthur C. Clarke. • • secure mail secure communications network authentication electronic voting electronic notary digital money (digital wallet) data distribution Códigos y Criptografía Francisco Rodríguez Henríquez

Secure Mail: PGP (Pretty Good Privacy) • Pretty Good Privacy was created by Philip

Secure Mail: PGP (Pretty Good Privacy) • Pretty Good Privacy was created by Philip R. Zimmermann. For that, he was the target of a three-year criminal investigation, because the US government held that US export restrictions for cryptographic software were violated when PGP spread all around the world following its 1991 publication as freeware. Despite of this government persecution, PGP nonetheless became the most widely used email encryption software in the world. • PGP is a freeware. A copy of the software can be obtain at, PGP download site: http: //web. mit. edu/network/pgp. html Códigos y Criptografía Francisco Rodríguez Henríquez

Secure Communications • Scenarios – – Security for real time electronic links local area

Secure Communications • Scenarios – – Security for real time electronic links local area networks link encryption cellular (and ordinary) phones and faxes • Goals – message privacy – sender and recipient authentication – non repudiation • Tools – – – Códigos y Criptografía key agreement protocols secret key cryptosystems public key cryptosystems digital signatures certicates Francisco Rodríguez Henríquez

Data Distribution • Scenarios – conditional access TV – software distribution via CD ROM

Data Distribution • Scenarios – conditional access TV – software distribution via CD ROM – information bulletin boards • Goals – broadcast operation (TV, CD ROM) – message privacy – selective reception • Tools – secret key cryptography – public key cryptography – secure hardware Códigos y Criptografía Francisco Rodríguez Henríquez

Electronic Voting • Scenarios – general elections – shareholders meetings – secure distributed computation

Electronic Voting • Scenarios – general elections – shareholders meetings – secure distributed computation • Goals – anonymity – fairness – accountability • Tools – RSA based mathematics – blind signatures – sender untraceability protocols Códigos y Criptografía Francisco Rodríguez Henríquez

Digital Money (Digital Wallet) • Scenarios – replacement for paper money – more flexible

Digital Money (Digital Wallet) • Scenarios – replacement for paper money – more flexible than credit cards • Goals – – – – anonymity untraceability fairness dividability transferability off line (from bank) operations universality • Tools – more RSA based mathematics – zero knowledge protocols – secure hardware tokens Códigos y Criptografía Francisco Rodríguez Henríquez

Some Research Interests in Cryptography • • • Design of cryptographic algorithms Analysis of

Some Research Interests in Cryptography • • • Design of cryptographic algorithms Analysis of cryptographic algorithms Design of cryptographic protocols Hardware and software implementations Applications of cryptography Códigos y Criptografía Francisco Rodríguez Henríquez

Cryptography Schemes Sender Message Receiver Adversary Problem: How to have secure communication over an

Cryptography Schemes Sender Message Receiver Adversary Problem: How to have secure communication over an insecure channel? Códigos y Criptografía Francisco Rodríguez Henríquez

Solution A: Trusted Third Party using this model requires us to: • • design

Solution A: Trusted Third Party using this model requires us to: • • design an algorithm for the security transformation generate the secret information used by the algorithm develop methods to distribute the secret information specify a protocol enabling the principals to use the transformation & secret info for a security service Códigos y Criptografía Francisco Rodríguez Henríquez

Solution B: Secret-key cryptography key: e or d Sender Ciphertext C : = f(e;

Solution B: Secret-key cryptography key: e or d Sender Ciphertext C : = f(e; M) Receiver M : = g(d; C) Adversary • Exchange the key over a secure channel • Functions f(e; -) and g(d; -) are inverses of one another • Encryption and decryption processes are symmetric Códigos y Criptografía Francisco Rodríguez Henríquez

Problems with secret key cryptography: • requires establishment of a secure channel for key

Problems with secret key cryptography: • requires establishment of a secure channel for key exchange • two parties cannot start communication if they never met Códigos y Criptografía Francisco Rodríguez Henríquez

Alternative: Public Key Cryptography • requires establishment of a public key directory in which

Alternative: Public Key Cryptography • requires establishment of a public key directory in which everyone publishes their encryption keys • two parties can start communication even they never met • provides ability to sign digital data Códigos y Criptografía Francisco Rodríguez Henríquez