the end of software security
play

The End of Software Security (and some Cryptography) Spring 2016 - PowerPoint PPT Presentation

Feb 17, 2024 •103 likes •870 views

CSE 484 / CSE M 584: Computer Security and Privacy The End of Software Security (and some Cryptography) Spring 2016 Ada (Adam) Lerner lerner@cs.washington.edu Thanks to Franzi Roesner, Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, John

  1. CSE 484 / CSE M 584: Computer Security and Privacy The End of Software Security (and some Cryptography) Spring 2016 Ada (Adam) Lerner lerner@cs.washington.edu Thanks to Franzi Roesner, Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others for sample slides and materials ...

  2. Buy ALL the Lottery Tickets • Some MIT students won $3.5M over seven years in the Mass. State lottery • In 1992, a group bought 5M out of 7M possible lottery tickets in Virginia 10/17/16 CSE 484 / CSE M 584 - Fall 2016 2

  3. Side Channel Attacks PwdCheck(RealPwd, CandidatePwd) // both 8 chars for i = 1 to 8 do if (RealPwd[i] != CandidatePwd[i]) then return FALSE return TRUE 10/16/16 CSE 484 / CSE M 584 - Fall 2016 3

  4. Side Channel Attacks • Timing • David mentioned telescope + camera to read bits off modem lights • Power usage • Sound • Error messages • Facial expressions, tone of voice 10/16/16 CSE 484 / CSE M 584 - Fall 2016 4

  5. Side Channel Attacks 10/16/16 CSE 484 / CSE M 584 - Fall 2016 5

  6. Side Channel Attacks • Timing • David mentioned telescope + camera to read bits off modem lights • Power usage • Sound • Error messages • Facial expressions, tone of voice 10/16/16 CSE 484 / CSE M 584 - Fall 2016 6

  7. Randomness Issues • Many applications (especially security ones) require randomness • If you use predictable randomness, bad things can happen 10/17/16 CSE 484 / CSE M 584 - Fall 2016 7

  8. Randomness Issues • Many applications (especially security ones) require randomness • If you use predictable randomness, bad things can happen 10/17/16 CSE 484 / CSE M 584 - Fall 2016 8

  9. Randomness Issues – Generate cryptographic keys – Generate passwords for new users – Shuffle the order of votes (in an electronic voting machine) – Shuffle cards (for an online gambling site) 10/16/16 CSE 484 / CSE M 584 - Fall 2016 9

  10. C’s rand() Function • C has a built-in random function: rand() unsigned long int next = 1; /* rand: return pseudo-random integer on 0..32767 */ int rand(void) { next = next * 1103515245 + 12345; return (unsigned int)(next/65536) % 32768; } /* srand: set seed for rand() */ void srand(unsigned int seed) { next = seed; } • Problem: don’t use rand() for security-critical applications! – Given a few sample outputs, you can predict subsequent ones 10/16/16 CSE 484 / CSE M 584 - Fall 2016 10

  11. Problems in Practice • One institution used (something like) rand() to generate passwords for new users – Given your password, you could predict the passwords of other users 10/16/16 CSE 484 / CSE M 584 - Fall 2016 11

  12. Problems in Practice • Kerberos (1988 - 1996) – Random number generator improperly seeded – Possible to trivially break into machines that rely upon Kerberos for authentication 10/16/16 CSE 484 / CSE M 584 - Fall 2016 12

  13. Problems in Practice • Debian Linux (2006-2008) – OpenSSL key generator seeded using only process ID. – Only ~32,000 choices for key… 10/16/16 CSE 484 / CSE M 584 - Fall 2016 13

  14. Problems in Practice • Online gambling websites – Random numbers to shuffle cards – Real money at stake – But what if poor choice of random numbers? 10/16/16 CSE 484 / CSE M 584 - Fall 2016 14

  15. 10/16/16 CSE 484 / CSE M 584 - Fall 2016 15

  16. More details: “How We Learned to Cheat at Online Poker: A Study in Software Security” http://www.cigital.com/papers/download/developer_gambling.php 10/16/16 CSE 484 / CSE M 584 - Fall 2016 16

  17. 10/16/16 CSE 484 / CSE M 584 - Fall 2016 17

  18. PS3 and Randomness http://www.engadget.com/2010/12/29/hackers-obtain- ps3-private-cryptography-key-due-to-epic-programm/ • 2010/2011: Hackers found/released private root key for Sony’s PS3 • Key used to sign software – now can load any software on PS3 and it will execute as “trusted” • Due to bad random number: same “random” value used to sign all system updates 10/16/16 CSE 484 / CSE M 584 - Fall 2016 18

  19. PS3 and Randomness • Example Current Event report from a past iteration of 484 – https://catalyst.uw.edu/gopost/conversation/kohno/ 452868 10/16/16 CSE 484 / CSE M 584 - Fall 2016 19

  20. 10/16/16 CSE 484 / CSE M 584 - Fall 2016 20

  21. Other Problems • Key generation – Ubuntu removed the randomness from SSL, creating vulnerable keys for thousands of users/servers – Undetected for 2 years (2006-2008) • Live CDs, diskless clients – May boot up in same state every time • Virtual Machines – Save state: Opportunity for attacker to inspect the pseudorandom number generator’s state – Restart: May use same “psuedorandom” value more than once 10/16/16 CSE 484 / CSE M 584 - Fall 2016 21

  22. https://xkcd.com/221/ 10/16/16 CSE 484 / CSE M 584 - Fall 2016 22

  23. Obtaining Pseudorandom Numbers • For security applications, want “cryptographically secure pseudorandom numbers” • Libraries include cryptographically secure pseudorandom number generators • Linux: – /dev/random – /dev/urandom - nonblocking, possibly less entropy • Internally: – Entropy pool gathered from multiple sources 10/16/16 CSE 484 / CSE M 584 - Fall 2016 23

  24. Where do (good) random numbers come from? • Humans: keyboard, mouse input • Timing: interrupt firing, arrival of packets on the network interface • Physical processes: unpredictable physical phenomena 10/16/16 CSE 484 / CSE M 584 - Fall 2016 24

  25. Software Security: Defenses in Summary 10/16/16 CSE 484 / CSE M 584 - Fall 2016 25

  26. Buffer Overflow Defense Catalog • Execute bit off on heap/stack • StackGuard (canaries) • PointGuard (encrypted pointers) • ASLR • str n cpy vs strcpy • Static analysis, dynamic analysis • Type safe languages (e.g., Java) 10/17/16 CSE 484 / CSE M 584 - Fall 2016 26

  27. Fuzz Testing • Generate “random” inputs to program – Sometimes conforming to input structures (file formats, etc.) • See if program crashes – If crashes, found a bug – Bug may be exploitable • Surprisingly effective • Now standard part of development lifecycle 10/16/16 CSE 484 / CSE M 584 - Fall 2016 27

  28. General Principles • Check inputs 10/16/16 CSE 484 / CSE M 584 - Fall 2016 28

  29. Shellshock • Example: Shellshock (September 2014) – Vulnerable servers processed input from web requests, passed (user-provided) environment variables (like user agent, cookies…) to CGI scripts – Maliciously crafted environment variables exploited a bug in bash to execute arbitrary code env x='() { :;}; echo OOPS' bash -c : 10/16/16 CSE 484 / CSE M 584 - Fall 2016 29

  30. Software Security Principles • Check/sanitize inputs • Check all return values • Least privilege • Securely clear memory (passwords, keys, etc.) • Failsafe defaults • Defense in depth – Also: prevent, detect, respond • NOT: security through obscurity 10/16/16 CSE 484 / CSE M 584 - Fall 2016 30

  31. General Principles • Reduce size of trusted computing base (TCB) • Simplicity, modularity – But: Be careful at interface boundaries! • Minimize attack surface • Use vetted component • Security by design – But: tension between security and other goals • Open design? Open source? Closed source? – Different perspectives 10/16/16 CSE 484 / CSE M 584 - Fall 2016 31

  32. Does Open Source Help? • Different perspectives… • Happy example: – Linux kernel backdoor attempt thwarted (2003) (http://www.freedom-to-tinker.com/?p=472) • Sad example: – Heartbleed (2014) • Vulnerability in OpenSSL that allowed attackers to read arbitrary memory from vulnerable servers (including private keys) 10/16/16 CSE 484 / CSE M 584 - Fall 2016 32

  33. http://xkcd.com/1354/ 10/16/16 CSE 484 / CSE M 584 - Fall 2016 33

  34. http://xkcd.com/1354/ 10/16/16 CSE 484 / CSE M 584 - Fall 2016 34

  35. http://xkcd.com/1354/ 10/16/16 CSE 484 / CSE M 584 - Fall 2016 35

  36. Responsible Disclosure • What do you do if you’ve found a security problem in a real system? • Say – A commercial website? – UW grade database? – Boeing 787? – TSA procedures? 10/16/16 CSE 484 / CSE M 584 - Fall 2016 36

  37. Abj sbe Xzr pelcgbtencul! Now for some cryptography!

  38. Cryptography and Security • Art and science of protecting our information . – Keeping it private , if we want privacy. – Protecting its integrity , if we want to avoid forgeries. Images from Wikipedia and Barnes & Noble 10/16/16 CSE 484 / CSE M 584 - Fall 2016 38

  39. Some Thoughts About Cryptography • Cryptography only one small piece of a larger system • Must protect entire system – Physical security – Operating system security – Network security – Users – Cryptography 10/16/16 CSE 484 / CSE M 584 - Fall 2016 39

  40. Some Thoughts About Cryptography • “Security only as strong as the weakest link” – Need to secure weak links – But not always clear what the weakest link is (different adversaries and resources, different adversarial goals) – Crypto failures may not be (immediately) detected 10/17/16 CSE 484 / CSE M 584 - Fall 2016 40

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

deel 2 sws1 1 Software and Web Security - 1 & 2 Software is the main source of security

deel 2 sws1 1 Software and Web Security - 1 & 2 Software is the main source of security

Software and Web Security deel 2 sws1 1 Software and Web Security - 1 & 2 Software is the main source of security vulnerabilities esp in systems accessible via a network part 1 security problems in machine code, compiled from C(++)

1.35k views • 67 slides
Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 & 2 y Software

Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 & 2 y Software

1 Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 & 2 y Software is the main source of security vulnerabilities esp in systems accessible via a network i t ibl i t k part 1 part 1 security problems

672 views • 65 slides
Software Security By Hunter Stevenson Khalid Alharbi CSCI 5828 Foundations of Software

Software Security By Hunter Stevenson Khalid Alharbi CSCI 5828 Foundations of Software

Software Security By Hunter Stevenson Khalid Alharbi CSCI 5828 Foundations of Software Engineering Spring 2012 What is the talk NOT about? Cryptography. Database security. Operating Systems security. Network security.

1.37k views • 121 slides
Software Security: Defenses & Principles CS 161: Computer Security Prof. Vern Paxson TAs:

Software Security: Defenses & Principles CS 161: Computer Security Prof. Vern Paxson TAs:

Software Security: Defenses & Principles CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ January 25, 2011 Testing for Software Security Issues

444 views • 42 slides
Engineering Secure Software The Basics of Software Security Terminology Vulnerabilities Trust

Engineering Secure Software The Basics of Software Security Terminology Vulnerabilities Trust

Engineering Secure Software The Basics of Software Security Terminology Vulnerabilities Trust Boundary Attacks Threats Application Attacker Exploit Vulnerability : a software defect with security consequences Threat : a potential danger to

1.54k views • 80 slides
Software In-Security Buffer overflows Overview Web Application security Malware OS

Software In-Security Buffer overflows Overview Web Application security Malware OS

Lecture overview Table of contents: Introduction to SW security Software In-Security Buffer overflows Overview Web Application security Malware OS security topics Code scanning Emmanuel Benoist Taught by Ulrich

479 views • 13 slides
CS-412 Software Security Introduction Mathias Payer EPFL, Spring 2019 Mathias Payer CS-412

CS-412 Software Security Introduction Mathias Payer EPFL, Spring 2019 Mathias Payer CS-412

CS-412 Software Security Introduction Mathias Payer EPFL, Spring 2019 Mathias Payer CS-412 Software Security Course outline Secure software lifecycle Security policies Attack vectors Defense strategies: mitigations and testing Case

681 views • 49 slides
CS412 Software Security Secure Software Lifecycle Mathias Payer EPFL, Spring 2019 Mathias Payer

CS412 Software Security Secure Software Lifecycle Mathias Payer EPFL, Spring 2019 Mathias Payer

CS412 Software Security Secure Software Lifecycle Mathias Payer EPFL, Spring 2019 Mathias Payer CS412 Software Security Software liveliness Software is not a one-shot effort Software development, production, and maintenance are cost/labor

449 views • 23 slides
CS412 Software Security Web Security Mathias Payer EPFL, Spring 2019 Mathias Payer CS412

CS412 Software Security Web Security Mathias Payer EPFL, Spring 2019 Mathias Payer CS412

CS412 Software Security Web Security Mathias Payer EPFL, Spring 2019 Mathias Payer CS412 Software Security Web (and internet) security: two views Just a long running network service Complex application with multiple layers and components.

577 views • 47 slides
Introduction Gang Tan Penn State University Spring 2019 CMPSC 447: Software Security Why a

Introduction Gang Tan Penn State University Spring 2019 CMPSC 447: Software Security Why a

Introduction Gang Tan Penn State University Spring 2019 CMPSC 447: Software Security Why a course on software security? Software plays a major role in the modern society But is a major source of security problems. Software is the

659 views • 30 slides
Secure Software Development TDDC90 Software Security Ulf Kargn Institutionen fr

Secure Software Development TDDC90 Software Security Ulf Kargn Institutionen fr

Secure Software Development TDDC90 Software Security Ulf Kargn Institutionen fr Datavetenskap (IDA) Avdelningen fr Databas- och Informationsteknik (ADIT) Original slides by Marcus Bendtsen Agenda Securing the software

1.91k views • 65 slides
Chapter 11 Software Security Secure programs Security implies some degree of trust that the

Chapter 11 Software Security Secure programs Security implies some degree of trust that the

Chapter 11 Software Security Secure programs Security implies some degree of trust that the program enforces expected C onfidentiality I ntegrity A vailability How can we look at software component and assess its

837 views • 49 slides
CS527 Software Security Secure Software Lifecycle Mathias Payer Purdue University, Spring 2018

CS527 Software Security Secure Software Lifecycle Mathias Payer Purdue University, Spring 2018

CS527 Software Security Secure Software Lifecycle Mathias Payer Purdue University, Spring 2018 Mathias Payer CS527 Software Security Software liveliness Software is not a one-shot effort Software development, production, and maintenance are

725 views • 23 slides
Web Security TDDC90 Software Security Ulf Kargn Institutionen fr Datavetenskap (IDA)

Web Security TDDC90 Software Security Ulf Kargn Institutionen fr Datavetenskap (IDA)

Web Security TDDC90 Software Security Ulf Kargn Institutionen fr Datavetenskap (IDA) Avdelningen fr Databas- och Informationsteknik (ADIT) Original slides by Marcus Bendtsen Some recent attacks 2 A game changer The Internet

1.17k views • 87 slides
Software Security Return to Libc and ROP Jan Nordholz Prof. Jean-Pierre Seifert Security in

Software Security Return to Libc and ROP Jan Nordholz Prof. Jean-Pierre Seifert Security in

Software Security Return to Libc and ROP Jan Nordholz Prof. Jean-Pierre Seifert Security in Telecommunications TU Berlin SoSe 2014 jan (sect) Software Security SoSe 2014 1 / 13 Recap: Overflow Bugs Ingredients: fixed-size buffer on the

429 views • 13 slides
CS527 Software Security Web Security Mathias Payer Purdue University, Spring 2018 Mathias Payer

CS527 Software Security Web Security Mathias Payer Purdue University, Spring 2018 Mathias Payer

CS527 Software Security Web Security Mathias Payer Purdue University, Spring 2018 Mathias Payer CS527 Software Security Daemons / Services / Servers A daemon is a long running service that serves outside requests. A web server, a mail

503 views • 31 slides
Downloading and preparing survey data using the Qualtrics API in the Stata ecosystem Danial

Downloading and preparing survey data using the Qualtrics API in the Stata ecosystem Danial

Downloading and preparing survey data using the Qualtrics API in the Stata ecosystem Danial Hoepfner Gibson Consulting Group dhoepfner@gibsonconsult.com danial.hoepfner@gmail.com July 31, 2020 Outline Motivation qualtrics.ado

479 views • 16 slides
Using itsunix.albany.edu for Windows: 1) Download PuTTY at

Using itsunix.albany.edu for Windows: 1) Download PuTTY at

Using itsunix.albany.edu for Mac: 1) Open the Terminal. Searching terminal on Spotlight can open the terminal. This will allow you to use the command line on the Mac. 2) To connect to itsunix.albany.edu type the following command: ssh X

162 views • 4 slides
Samba Server Installation, Configuration, and Security Stephen Hilt shilt@cs.siu.edu History

Samba Server Installation, Configuration, and Security Stephen Hilt shilt@cs.siu.edu History

Samba Server Installation, Configuration, and Security Stephen Hilt shilt@cs.siu.edu History SMB Server Message Block IBM First definition of NetBIOS - Sep, 1984 CIFS Common Internet File System CIFS is an enhanced

235 views • 20 slides
Chapter 6: System Data Files and Information CMPS 105: Systems Programming Prof. Scott Brandt T

Chapter 6: System Data Files and Information CMPS 105: Systems Programming Prof. Scott Brandt T

Chapter 6: System Data Files and Information CMPS 105: Systems Programming Prof. Scott Brandt T Th 2-3:45 Soc Sci 2, Rm. 167 Introduction Lots of system parameters, configuration information, and status information is stored in files

150 views • 14 slides
OpenPrinting OpenPrinting By: Glen W. P By: Glen W. Petr trie Senior Softw Senior Software A

OpenPrinting OpenPrinting By: Glen W. P By: Glen W. Petr trie Senior Softw Senior Software A

OpenPrinting OpenPrinting By: Glen W. P By: Glen W. Petr trie Senior Softw Senior Software A re Architect chitect EPSON EPSON 1 15-17 November 2004 Free Standard Group: OpenPrinting Agenda Introduction Working Group Reviews

1.24k views • 105 slides
WiMAX Hacking 2010 Pierce, Goldy, and aSmig feat. sanitybit DEFCON 18 Updated slides, code, and

WiMAX Hacking 2010 Pierce, Goldy, and aSmig feat. sanitybit DEFCON 18 Updated slides, code, and

WiMAX Hacking 2010 Pierce, Goldy, and aSmig feat. sanitybit DEFCON 18 Updated slides, code, and discussion at https://groups.google.com/group/wimax-hacking The Technology WiMAX: a broadband wireless Internet technology 802.16, similar

983 views • 34 slides
Preview question In the Unix access control model, subjects are primarily identified by their:

Preview question In the Unix access control model, subjects are primarily identified by their:

Preview question In the Unix access control model, subjects are primarily identified by their: CSci 5271 A. email address Introduction to Computer Security Day 9: OS security basics B. username Stephen McCamant C. executable inode

462 views • 6 slides
ECE 7970 Advanced Cryptography Applications in Emerging Wireless Networks Chapter 0:

ECE 7970 Advanced Cryptography Applications in Emerging Wireless Networks Chapter 0:

ECE 7970 Advanced Cryptography Applications in Emerging Wireless Networks Chapter 0: Important information Dr. Mohamed Mahmoud http://iweb.tntech.edu/mmahmoud/ mmahmoud@tntech.edu 1 - Course I nform ation I nstructor : Dr. Mohamed M. E.

426 views • 13 slides

More recommend