Web Security Sandy Kutin CSPP 532 8701 Web
Web Security Sandy Kutin CSPP 532 8/7/01
Web security: an overview z. Company wants to build web site y. Online purchasing y. Requests for service or support y. Viewing data files online z. How do we make this process secure? y. Confidentiality y. Authentication z. Usual answer: cryptography
TCP/IP in 60 seconds z Computers communicate packets, not connection z Packets are directed from to machine z Smart nodes, stupid network via Applications TCP machine IP y. Contrasts with phone network z Internet Protocol controls this movement z Transfer Control Protocol: packets at destination z Could insert cryptography at any layer
IPsec z. IPsec works at IP level z. Transparent to applications z. Slows everything down Applications TCP IPsec z. Some say it’s the future, some say it’s not z. If every packet is encrypted: negates performance-optimization, firewalls
Ha. SSLe-free Solution z. Secure Sockets Layer (SSL) z. Works at TCP level z. Developed by Netscape z“Applications” now includes: Applications SSL Record TCP IP y. Handshake, Alert, Cipher Spec Change z. Packets encoded by SSL Record Protocol z. Implemented in web server, browser z. Successor: Transport Layer Security (TLS)
Lo. SSLess Communication z. SSL Record Protocol: y 1. Fragment data into blocks; can compress y 2. Append MAC to each block: x. MAC = H(K | pad 2 | H(K | pad 1 | info | data)) x. H could be MD 5 or SHA-1; similar to HMAC xinfo includes sequencing, length information y 3. Encrypt each block (symmetric) y 4. Append header, send fragment
Busine. SSLike Handshake z. How do we establish a session key? y 1. Client says “hello”: version, random number y 2. Server says “hello”: same, includes key exchange method, optional certificate y 3. Client initiates key exchange (may just generate master, send it using RSA) y 4. Both sides compute various keys from master, random numbers in hello messages y 5. Confirmation messages
Helple. SSLy Hoping z. So, does SSL secure our site? z. Confidential, authenticated transactions are important, but not the only issue z. Threat model: who might attack, and how y. Steal customer data (credit cards) y. Steal private corporate data y. Deface web site y. Denial of Service: prevent us from working z. SSL has nothing to do with any of these
Trial Separation z. How do we keep corporate data secure? z. Solution: keep it separate z. Only mix information when you have to: use a floppy, or a laptop z. Partial solution: restrict web server’s access privileges (e. g. , firewall, DMZ) z. OK if data flow is mostly to the server z. What about credit card numbers?
Bob Alice Stallings, page 464 (from the web site)
SET, I project z Secure Electronic Transaction (SET) z Master. Card, Visa z Alice sends Bob order, encrypted card info z Bob forward card info to MC/Visa z MC/Visa pays Bob z Bob never gets card number z Credit card company never gets order information
Building a Better Mou. SETrap z. OI = order info (include time), OIMD = H(OI) z. PI = payment info (& time), PIMD = H(PI) z. Alice signs (OIMD | PIMD) (SHA-1, RSA) z. Alice sends Bob OI, ECC(PI), PIMD, sig S z. Bob compute OIMD, checks signature S z. Bob sends OIMD, ECC(PI), S to MC/Visa z. They decrypt, check PI, check signature S z. They transfer funds, Bob ships item to Alice
Improving our Mind. SET z. Think outside the box y. Q: How do we store credit card numbers? y. A: Store them so we can’t read them z. Application-level solutions: harder to implement, but better targeted to problems z. Cryptography is only part of the solution z. Any system can be broken z. Build a threat model, measure costs
Breaking and Entering z. Enemy could break in y. Could corrupt data (deface web site) y. Could steal data (including passwords) y. Could gain control of system z. Firewalls help, but there’s always a way in z. Keep data separate whenever possible z. Educate users about viruses, Trojan horses z. Install patches as often as you can
Intruder Alert z. Home security: locks stop easy attacks z. Better: door, window alarms y(as long as they don’t go through the walls) z. Even better: motion detectors z. Alarms don’t stop anything directly, but they alert the authorities z. Fear of alarms forces criminals to hurry, make mistakes
Law and Order z. Deterrent to robbery: fear of prosecution z. After a crime, police gather fingerprints, DNA, eyewitnesses z. Not aimed at stopping crime or recovering goods, but at punishing criminals z. Hard to do in computer crime; criminals often minors or foreign nationals
Intrusion Detection z. No matter what systems and protocols we use, people will break in if they want z. Hard to defend against determined teenagers with nothing else to do z. Solution: monitor system, detect intrusions, watch for unusual activity z. Honeypots: trap intruders z. Gather evidence; maybe prosecute z. At the very least, close off the holes
Denial of Service Attacks z. One approach: break in, crash the server z. Another: flood the server with bad requests z. Distributed Denial of Service (DDo. S): y. Take over PCs around the country/world y. Use them to overload a site z. Only solution: have hardware routers detect bad packets z. Almost impossible; Windows XP may make it worse
Here’s looking at you, Ki. DDo. S z. In the real world: to attack, you have to put yourself at risk. Not on the Internet. z. In the real world: attackers must learn skills. Not on the Internet. z. One person discovers a hole, writes a script; now “script kiddies” can use it z. Patches don’t work. Attackers will always be ahead of users. z. Beta testing doesn’t uncover security holes
Gibson Research Corporation z. Steve Gibson’s GRC. com: security z. Attacked, repeatedly, by DDo. Ss. No defense. “Nothing more than the whim of a 13 -year old hacker is required to knock any user, site, or server right off the Internet. ” z. Solution: Distributed Responsibility z. Owners responsible for their machines z. ISPs responsible for their routers z. Software writers responsible for bugs
EXPensive Problem z. Attackers usually spoof source IP addresses, to conceal their location z. Easy to do in UNIX (as root) z. Not possible in Windows 9 x/ME, but possible in Windows 2000/XP z. Microsoft says: we’re fixing a bug z. Gibson says: there’s no legitimate reason home users would need this feature
Bruce Schneier: Counterpane z. Author of “Applied Cryptography” z. Feels only monitoring, intrusion detection, active response can do any good z. Counterpane. com: corporate security z. Solution: Insurance z. Insure against damages from attacks z. Lower rates for following good practices
Recommended Reading z. Secret-sharing: y. Schneier, Sections 3. 7, 23. 2 z. SSL, SET: Stallings, Chapter 14 z. General security: y. Stallings, Chapters 15 -16 ywww. grc. com/dos/ ywww. counterpane. com
- Slides: 23