applied cryptography pt 2
play

Applied Cryptography (Pt. 2) Engineering Secure Software Last - PowerPoint PPT Presentation

Oct 24, 2022 •176 likes •425 views

Applied Cryptography (Pt. 2) Engineering Secure Software Last Revised: October 16, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 Recap Symmetric keys Benefit: fastest, mathematically the strongest Drawback:

  1. Applied Cryptography (Pt. 2) Engineering Secure Software Last Revised: October 16, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1

  2. Recap Symmetric keys ● Benefit: fastest, mathematically the strongest ○ Drawback: distributing the keys ○ Public keys ● Benefit: easier to distribute the keys ○ Drawback: trusting public keys is tricky ○ How to establish trust? ● SSH, SSL, PGP approach this differently ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 2

  3. SSL: Secure Sockets Layer SSL/TLS are the modern public-key encryption standards ● Protocols suffixed with “s”: https, ftps, etc. ○ Another algorithm implementation best left to the experts ○ Untrusted public keys? ● For ~$30/year, you can get your public key signed! ○ Seriously, this is how it works ■ e.g. VeriSign and GoDaddy are Certificate Authorities (CA’s) ■ Thus, trust the public key != trust the website ■ Ray of hope: letsencrypt.org ■ Self-signed certificate? ○ Not usually a good idea to accept them, but… ■ If the key changes, you will be alerted ■ You only need to trust the server once ■ SWEN-331: Engineering Secure Software Benjamin S Meyers 3

  4. PGP: Pretty Good Privacy Open protocol created in 1991 ● Primarily used for email encryption today ○ Very popular in open source culture ○ Combines symmetric-key and public-key cryptography ● Symmetric is much faster and harder to crack than public-key ○ Uses public-key to distribute the symmetric-key ○ Untrusted recipient now has your symmetric-key? ○ One-time symmetric-key only ■ Use a secure PRNG to generate symmetric-keys ■ SWEN-331: Engineering Secure Software Benjamin S Meyers 4

  5. PGP: Web of Trust How do you trust PGP public-keys? ● There are no PGP certificate authorities ○ Public-key databases are open ○ How do you know that the food you’re eating is disease-free? ● You trust the grocery store, who trusts the distributors, who trust the ○ farmers FDA is also a trusted third party ○ But when you trust the farmers directly, you trust their food more ○ In the same way, PGP incentivizes short trust chains ● Each person can “sign” someone else’s key, connecting you to them in a ○ web of trust Each “hop” diminishes the trust of a given public-key ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 5

  6. PGP: Web of Trust Direct Trust Andy Paul t s u r T t c e r i d n I Me Sid Jen Bryan Emilio SWEN-331: Engineering Secure Software Benjamin S Meyers 6

  7. PGP: Mean Shortest Distance How trusted should this key be? ● Geodesic paths (shortest paths) ○ Compare the mean geodesic distance to entire network mean ○ “Closeness” in social network analysis ○ Relatively trusted by the community? ● Many will trust you (direct connections) ○ If you are trusted by people who are trusts (indirect connections) ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 7

  8. Example: PGP Web of Trust Compute shortest distances for every pair in your community ● MSD Paul : (2+ ○ Paul → Karen: 2 ■ Paul Andy Jen Sid Emilio Karen Bryan SWEN-331: Engineering Secure Software Benjamin S Meyers 8

  9. Example: PGP Web of Trust Compute shortest distances for every pair in your community ● MSD Paul : (2+2+ ○ Paul → Karen: 2 ■ Paul Paul → Sid: 2 ■ Andy Jen Sid Emilio Karen Bryan SWEN-331: Engineering Secure Software Benjamin S Meyers 9

  10. Example: PGP Web of Trust Compute shortest distances for every pair in your community ● MSD Paul : (2+2+1+ ○ Paul → Karen: 2 ■ Paul Paul → Sid: 2 ■ Paul → Jen: 1 ■ Andy Jen Sid Emilio Karen Bryan SWEN-331: Engineering Secure Software Benjamin S Meyers 10 10

  11. Example: PGP Web of Trust Compute shortest distances for every pair in your community ● MSD Paul : (2+2+1+1+ ○ Paul → Karen: 2 ■ Paul Paul → Sid: 2 ■ Paul → Jen: 1 ■ Andy Jen Paul → Andy: 1 ■ Sid Emilio Karen Bryan SWEN-331: Engineering Secure Software Benjamin S Meyers 11 11

  12. Example: PGP Web of Trust Compute shortest distances for every pair in your community ● MSD Paul : (2+2+1+1+1)/5 = 1.4 ○ Paul → Karen: 2 ■ Paul Paul → Sid: 2 ■ Paul → Jen: 1 ■ Andy Jen Paul → Andy: 1 ■ Paul → Emilio: 1 ■ Sid Emilio Karen Bryan SWEN-331: Engineering Secure Software Benjamin S Meyers 12 12

  13. Example: PGP Web of Trust Compute shortest distances for every pair in your community ● MSD Paul : (2+2+1+1+1)/5 = 1.4 ○ MSD Andy : (2+2+1+1+1)/5 = 1.4 ○ Paul MSD Jen : (3+2+1+1+1)/5 = 1.6 ○ MSD Emilio : (3+2+1+1+1)/5 = 1.6 ○ Andy Jen MSD Karen : (4+3+2+2+1)/5 = 2.4 ○ MSD Sid : (4+3+2+2+1)/5 = 2.4 ○ Sid Emilio Nobody trusts Bryan ● Disconnected → Untrusted ○ Karen Bryan SWEN-331: Engineering Secure Software Benjamin S Meyers 13 13

  14. Source: https://xkcd.com/1181/ SWEN-331: Engineering Secure Software Benjamin S Meyers 14 14

  15. Cryptanalysis Definition: “the analytic investigation of an information ● system with the goal of illuminating hidden aspects of that system” [nsa.gov] In other words: breaking cryptography ● Comes in many forms ● Brute force attacks ○ Theoretical/algorithmic weaknesses ○ Side-channel attacks ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 15 15

  16. Side Channel Attacks Side channel: ● Information emitted from a physical implementation of a ○ cryptosystem Side channel vulnerabilities are mutually exclusive from ● algorithmic vulnerabilities Although coding vulnerabilities can lead to side channel attacks ○ e.g. password fields obscure the text to prevent someone ● from looking over your shoulder e.g. keeping the sticky note with your password on your ● monitor SWEN-331: Engineering Secure Software Benjamin S Meyers 16 16

  17. Timing Attacks Using the timing of an operation to gain information ● e.g. computing large prime numbers for SSL ● Constant concern for OpenSSL: CVE-2013-0169 ○ “Square and multiply” algorithm ○ Dependent on how many times you go through a for loop ○ e.g. timing for password lookups ● Does a user exist in MySQL → padding lookup time ○ e.g. cache-hit vs. cache-miss on a sensitive record ● SWEN-331: Engineering Secure Software Benjamin S Meyers 17 17

  18. Data Remanence Deleted data is not always deleted ● Hard drives release the memory, but it’s not necessarily ○ overwritten Magnetic fields can remain even after it’s been overwritten ○ e.g. rebooting a router ○ Many, many creative ways to do this ● Cold Boot Attack: Freezing RAM with liquid nitrogen ○ Hibernation files store RAM ○ Core dumps reveal sensitive information ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 18 18

  19. So many more... Power monitoring attacks ● Can predict which branch of an if-statement was taken by ○ monitoring power consumption Particularly nasty on embedded devices ○ Even AES encryption can be broken with way ○ Van Eck Phreaking (Radiation) → TEMPEST ● Acoustic analysis of hard drive/keyboard sounds ● Accelerometers in phones reveal what you type ● “Chatter” -- even the known existence of encrypted ● communication can be useful information SWEN-331: Engineering Secure Software Benjamin S Meyers 19 19

  20. Lessons from Side Channel Attacks Okay, so what? ● Can we do anything about this? ○ What must software engineers do? ○ Lesson 1: Identify your side channels ● Network chatter, timing, power, etc. ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 20 20

  21. Lessons from Side Channel Attacks Okay, so what? ● Can we do anything about this? ○ What must software engineers do? ○ Lesson 1: Identify your side channels ● Network chatter, timing, power, etc. ○ Lesson 2: You have not identified all of your side channels ● SWEN-331: Engineering Secure Software Benjamin S Meyers 21 21

  22. Lessons from Side Channel Attacks Okay, so what? ● Can we do anything about this? ○ What must software engineers do? ○ Lesson 1: Identify your side channels ● Network chatter, timing, power, etc. ○ Lesson 2: You have not identified all of your side channels ● Lesson 3: Better testing ● Realistic production environments ○ Third-party testers with security experience ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 22 22

  23. Keeping Up Networking and cryptographic algorithms are constantly ● changing New networking protocols, new models ○ Broken cryptographic algorithms ○ You will need to keep up with the news on algorithms ● Organizations: ○ CWE ■ OWASP: Open Web Application Security Project ■ Bloggers & Researchers: ○ Bruce Schneier: https://www.schneier.com/ ■ Steve Gibson: https://www.grc.com/news.htm ■ Gary McGraw: https://www.synopsys.com/ ■ SWEN-331: Engineering Secure Software Benjamin S Meyers 23 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography &

HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography &

HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography & http://cseweb.ucsd.edu/users/mihir/cse207/ Brief History: Proliferation of computers and communication systems in 1960s brought with it a demand to protect

273 views • 24 slides
Applied Cryptography Lecture 1 Applied Cryptography Lecture 1 Our first encounter with secrecy:

Applied Cryptography Lecture 1 Applied Cryptography Lecture 1 Our first encounter with secrecy:

Applied Cryptography Lecture 1 Applied Cryptography Lecture 1 Our first encounter with secrecy: Secret-Sharing Secrecy Secrecy Cryptography is all about controlling access to information Access to learning and/or influencing

2.01k views • 171 slides
Course Information CS 838 Applied Cryptography Instructor: Thomas Ristenpart Website:

Course Information CS 838 Applied Cryptography Instructor: Thomas Ristenpart Website:

Course Information CS 838 Applied Cryptography Instructor: Thomas Ristenpart Website: http://pages.cs.wisc.edu/ rist/cs838/ 1 / 55 Cryptography usage Did you use any cryptography today? 2 / 55 Cryptography usage Did you use any

851 views • 83 slides
Introduction to Cryptography Summarized from Applied Cryptography, Protocols, Algorithms, and

Introduction to Cryptography Summarized from Applied Cryptography, Protocols, Algorithms, and

Introduction to Cryptography Summarized from Applied Cryptography, Protocols, Algorithms, and Source Code in C , 2nd. Edition, Bruce Schneier, John Wiley & Sons, Inc. Outline Cryptographic Protocols Introduction Introduction

759 views • 45 slides
Classical Cryptography CS461/ECE422 Fall 2009 1 Reading CS Chapter 9 section 1 through 2.2

Classical Cryptography CS461/ECE422 Fall 2009 1 Reading CS Chapter 9 section 1 through 2.2

Classical Cryptography CS461/ECE422 Fall 2009 1 Reading CS Chapter 9 section 1 through 2.2 Applied Cryptography , Bruce Schneier Handbook of Applied Cryptography, Menezes, van Oorschot, Vanstone Available online

739 views • 43 slides
Cryptography Made to Measure Workshop on Applied Cryptography Matt Robshaw NTU, Singapore

Cryptography Made to Measure Workshop on Applied Cryptography Matt Robshaw NTU, Singapore

Cryptography Made to Measure Workshop on Applied Cryptography Matt Robshaw NTU, Singapore Orange Labs December 3, 2020 Paris, France Orange Labs A New Kind of Network Telecommunication companies like France Tlcom / Orange are

601 views • 36 slides
Symmetric Key Encryp.on 9/9/2009 598MAN Applied Cryptography 1 Outline Recall:

Symmetric Key Encryp.on 9/9/2009 598MAN Applied Cryptography 1 Outline Recall:

Symmetric Key Encryp.on 9/9/2009 598MAN Applied Cryptography 1 Outline Recall: defini.ons of encryp.on Perfect secrecy CPA security CCA security Today Prac.cal construc.ons 9/9/2009 598MAN Applied Cryptography

490 views • 28 slides
Applied Cryptography (Pt. 1) Engineering Secure Software Last Revised: October 13, 2020

Applied Cryptography (Pt. 1) Engineering Secure Software Last Revised: October 13, 2020

Applied Cryptography (Pt. 1) Engineering Secure Software Last Revised: October 13, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 Networks, Cryptography, and You Most application developers Dont implement networking

333 views • 30 slides
Bitcoin & Blockchain applied cryptography problems Adam Back <adam@blockstream.com>

Bitcoin & Blockchain applied cryptography problems Adam Back <adam@blockstream.com>

Bitcoin & Blockchain applied cryptography problems Adam Back <adam@blockstream.com> Cryptography adoption criteria Conservative security assumptions Or graceful security degradation Reasonably compact serialisation

1.18k views • 22 slides
T riple Handshake: can cryptography, formal methods, and applied security be friends?

T riple Handshake: can cryptography, formal methods, and applied security be friends?

T riple Handshake: can cryptography, formal methods, and applied security be friends? http://miTLS.org Karthik Bhargavan Markulf Kohlweiss with Antoine Delignat-Lavaud, Cdric Fournet, Alfredo Pironti, Pierre-Yves Strub, Santiago Zanella

639 views • 46 slides
Cast of Characters Alice and Bob Applied Cryptography Week 1 Alice and Bob are always sending

Cast of Characters Alice and Bob Applied Cryptography Week 1 Alice and Bob are always sending

Cast of Characters Alice and Bob Applied Cryptography Week 1 Alice and Bob are always sending secret messages to Basic Tools and Protocols each other. Eve Frank Beatrous Eve is always listening in (Eavesdropping) on Alices and Bobs

245 views • 7 slides
Isogeny-Based Public-Key Cryptography David Jao Department of Combinatorics & Optimization

Isogeny-Based Public-Key Cryptography David Jao Department of Combinatorics & Optimization

Isogeny-Based Public-Key Cryptography David Jao Department of Combinatorics & Optimization Centre for Applied Cryptographic Research June 17, 2016 CENTRE FOR APPLIED CRYPTOGRAPHIC RESEARCH (CACR) Motivation: Post-Quantum Cryptography

355 views • 16 slides
Authentication CS461/ECE422 1 Reading Chapter 10 from Handbook of Applied Cryptography

Authentication CS461/ECE422 1 Reading Chapter 10 from Handbook of Applied Cryptography

Authentication CS461/ECE422 1 Reading Chapter 10 from Handbook of Applied Cryptography http://www.cacr.math.uwaterloo.ca/hac/ about/chap10.pdf 2 Overview Basics of an authentication system Passwords Storage Selection

410 views • 38 slides
Public Key Cryptography G. Eric Moorhouse, UW Math References A.J. Menezes, P.C. van Oorschot

Public Key Cryptography G. Eric Moorhouse, UW Math References A.J. Menezes, P.C. van Oorschot

Public Key Cryptography G. Eric Moorhouse, UW Math References A.J. Menezes, P.C. van Oorschot and S.A. Vanstone, Applied Cryptography, CRC Press, 1997. D.R. Stinson, Cryptography: Theory and Prac- tice, CRC Press, 1995. R.L. Rivest, A. Shamir

443 views • 20 slides
CSCE 790 Secure Computer Systems Applied Cryptography Professor Qiang Zeng Spring 2020

CSCE 790 Secure Computer Systems Applied Cryptography Professor Qiang Zeng Spring 2020

CSCE 790 Secure Computer Systems Applied Cryptography Professor Qiang Zeng Spring 2020 Symmetric vs. Asymmetric Cryptography Symmetric cipher is much faster With asymmetric ciphers, you can post your Public Key to the world

273 views • 26 slides
APPLIED CRYPTOGRAPHY: FROM ALGORITHMS TO LIBRARIES @ABSTRACTJ GOAL OF THIS PRESENTATION

APPLIED CRYPTOGRAPHY: FROM ALGORITHMS TO LIBRARIES @ABSTRACTJ GOAL OF THIS PRESENTATION

APPLIED CRYPTOGRAPHY: FROM ALGORITHMS TO LIBRARIES @ABSTRACTJ GOAL OF THIS PRESENTATION ALGORITHMS An algorithm must be seen to be believed. Donald E. Knuth THIS TALK IS NOT ABOUT ALGORITHMS, ONLY SECURITY the state of being

1.03k views • 74 slides
Introduction to Computer Security Session 1.5 Usable Security and Secure Messaging Prof. Nadim

Introduction to Computer Security Session 1.5 Usable Security and Secure Messaging Prof. Nadim

CSCI-UA.9480 Introduction to Computer Security Session 1.5 Usable Security and Secure Messaging Prof. Nadim Kobeissi 1.5a Usable Security: Then and Now 2 CSCI-UA.9480: Introduction to Computer Security Nadim Kobeissi Humans are

1.24k views • 67 slides
Hardening PGP using GnuPG and Yubikey hybrid multifactor authentication and cryptography John

Hardening PGP using GnuPG and Yubikey hybrid multifactor authentication and cryptography John

Hardening PGP using GnuPG and Yubikey hybrid multifactor authentication and cryptography John Roman Linux System Administrator RAND Corporation SCALE 2017 Roman, John PGP PGP 101 public/private keyrings Roman, John PGP PGP 101

690 views • 42 slides
Experiment Talks (RIXS/XES) A new x-ray emission spectrometer is available at the CLSS beamline

Experiment Talks (RIXS/XES) A new x-ray emission spectrometer is available at the CLSS beamline

Experiment Talks (RIXS/XES) A new x-ray emission spectrometer is available at the CLSS beamline of ALBA Laura Simonelli CLSS beamline responsible Dominique Heinis Wojciech Olszewski Carlo Marini Laura Simonelli Nitya Ramanan Laura

703 views • 17 slides
Combinatorics and topology of toric arrangements II. Topology of arrangements in the complex torus

Combinatorics and topology of toric arrangements II. Topology of arrangements in the complex torus

Combinatorics and topology of toric arrangements II. Topology of arrangements in the complex torus (An invitation to combinatorial algebraic topology) Emanuele Delucchi (SNSF / Universit e de Fribourg) Toblach/Dobbiaco February 23, 2017

543 views • 42 slides
Universality of group embeddability Filippo Calderoni University of Turin Polytechnic di Turin

Universality of group embeddability Filippo Calderoni University of Turin Polytechnic di Turin

Universality of group embeddability Filippo Calderoni University of Turin Polytechnic di Turin 27th July 2016 1/22 Borel reducibility In the framework of Borel reducibility, relations are defined over Polish or standard Borel spaces.

467 views • 44 slides
Secure Messaging Some slides adapted from Dr. Raluca Ada Popa at UC Berkeley End to End

Secure Messaging Some slides adapted from Dr. Raluca Ada Popa at UC Berkeley End to End

Secure Messaging Some slides adapted from Dr. Raluca Ada Popa at UC Berkeley End to End Encryption Only the two parties communicating can decrypt messages Forward Secrecy Key compromise doesnt compromise past session keys

424 views • 23 slides
Launchpad GPG & SSH Key Basics Class on making and importing your own GPG & SSH Key(s)

Launchpad GPG & SSH Key Basics Class on making and importing your own GPG & SSH Key(s)

Launchpad GPG & SSH Key Basics Class on making and importing your own GPG & SSH Key(s) into Launchpad Making your GPG Key Ok the things you'll need for this process. 1) Email Client such as Thunderbird. 2) A GPG/PGP Key Plugin for

449 views • 6 slides
Human Factors Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI)

Human Factors Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI)

CS 563 - Advanced Computer Security: Human Factors Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI) Administrative Learning Objectives : Discuss the practical consideration of usability of security

459 views • 31 slides

More recommend