timestamps in security protocols
play

Timestamps in Security Protocols One method of handling this kind of - PowerPoint PPT Presentation

Oct 09, 2022 •258 likes •359 views

Timestamps in Security Protocols One method of handling this kind of problem is timestamps Proper use of timestamps can limit the time during which an exposed key is dangerous But timestamps have their own problems Lecture 6 Page 1

  1. Timestamps in Security Protocols • One method of handling this kind of problem is timestamps • Proper use of timestamps can limit the time during which an exposed key is dangerous • But timestamps have their own problems Lecture 6 Page 1 CS 236 Online

  2. Using Timestamps in the Needham-Schroeder Protocol • The trusted authority includes timestamps in his encrypted messages to Alice and Bob • Based on a global clock • When Alice or Bob decrypts, if the timestamp is too old, abort the protocol Lecture 6 Page 2 CS 236 Online

  3. Using Timestamps to Defeat Mallory K B E KB (K S ,Alice,T X ) K S K S Bob Mallory T X T X << T now E KB (K S ,Alice,T X ) T now Now Bob checks T X against his clock So Bob, fearing replay, discards K S And Mallory’s attack is foiled Lecture 6 Page 3 CS 236 Online

  4. Problems With Using Timestamps • They require a globally synchronized set of clocks – Hard to obtain, often – Attacks on clocks become important • They leave a window of vulnerability Lecture 6 Page 4 CS 236 Online

  5. The Suppress-Replay Attack • Assume two participants in a security protocol – Using timestamps to avoid replay problems • If the sender’s clock is ahead of the receiver’s, attacker can intercept message – And replay later, when receiver’s clock still allows it Lecture 6 Page 5 CS 236 Online

  6. Handling Clock Problems 1). Rely on clocks that are fairly synchronized and hard to tamper with – Perhaps GPS signals 2). Make all comparisons against the same clock – So no two clocks need to be synchronized Lecture 6 Page 6 CS 236 Online

  7. Is This Overkill? • Some of these attacks are pretty specialized – Requiring special access or information • Some can only achieve certain limited effects • Do we really care? Lecture 6 Page 7 CS 236 Online

  8. Why Should We Care? • Bad guys are very clever • Apparently irrelevant vulnerabilities give them room to show that • Changes in how you use protocols can make vulnerabilities more relevant • A protocol without a vulnerability is always better – Even if you currently don’t care Lecture 6 Page 8 CS 236 Online

  9. Something to Bear in Mind • These vulnerabilities aren’t specific to just these protocols • They are common and pop up all over – Even in cases where you aren’t thinking about a “protocol” • Important to understand them at a high conceptual level Lecture 6 Page 9 CS 236 Online

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Security Protocols Q: Why security protocols? Bob Alice A: To allow reliable communication over

Security Protocols Q: Why security protocols? Bob Alice A: To allow reliable communication over

Security Protocols Q: Why security protocols? Bob Alice A: To allow reliable communication over an untrusted channel (eg. Internet) 2 Security Protocols are out there Authentication Confidentiality Example: HTTPS (HTTP + TLS)

669 views • 42 slides
Security Protocols Security protocols are the intellectual core of security engineering

Security Protocols Security protocols are the intellectual core of security engineering

Security Protocols Security protocols are the intellectual core of security engineering They are where cryptography and system mechanisms meet They allow trust to be taken from where it exists to where it s needed But they are

941 views • 67 slides
Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols 01 Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief introduction to security protocols; Model checking of security protocols, particularly using the process

1.28k views • 110 slides
Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval,

Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval,

Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval, Steve Kremer, Itsaka Rakotonirina Inria Nancy Grand-Est Security protocols TLS Wifi @ PASS E-voting E-passport 2 24 Security protocols

830 views • 69 slides
Verifying Security Protocols and their Implementations Information Security and Cryptography

Verifying Security Protocols and their Implementations Information Security and Cryptography

Verifying Security Protocols and their Implementations Information Security and Cryptography Reading Group Presenter: C t lin Hri cu References Verified Interoperable Implementations of Security Protocols. Karthikeyan Bhargavan,

922 views • 70 slides
Security protocols, crypto etc Computer Science Tripos part 2 Steven J. Murdoch Slides

Security protocols, crypto etc Computer Science Tripos part 2 Steven J. Murdoch Slides

Security protocols, crypto etc Computer Science Tripos part 2 Steven J. Murdoch Slides originally by Ross Anderson Security Protocols Security protocols are the intellectual core of security engineering They are where cryptography

1.47k views • 118 slides
Outline Security Protocols Societal issues and cryptography CS 239 Key recovery

Outline Security Protocols Societal issues and cryptography CS 239 Key recovery

Outline Security Protocols Societal issues and cryptography CS 239 Key recovery cryptosystems Computer Security Designing secure protocols February 10, 2003 Basic protocols Key exchange Lecture 8 Lecture 8 Page 1 Page

148 views • 10 slides
(Still) Exploiting TCP Timestamps Veit N. Hailperin 1 1 scip AG Hack in Paris, June 2015 Veit N.

(Still) Exploiting TCP Timestamps Veit N. Hailperin 1 1 scip AG Hack in Paris, June 2015 Veit N.

(Still) Exploiting TCP Timestamps Veit N. Hailperin 1 1 scip AG Hack in Paris, June 2015 Veit N. Hailperin (scip AG) (Still) Exploiting TCP Timestamps HiP 2015 1 / 47 About Me Security Consultant &amp; Researcher @ scip AG @fenceposterror

623 views • 47 slides
Outline Preliminaries: Internet protocols, PKI, X.509, Encoding Internet Security

Outline Preliminaries: Internet protocols, PKI, X.509, Encoding Internet Security

Outline Preliminaries: Internet protocols, PKI, X.509, Encoding Internet Security Protocols Application layer security (email) PGP, S/MIME Transport layer security Bart Preneel SSL / TLS June 2003 Network layer

571 views • 19 slides
Human Errors in Security Protocols David Basin joint work with Sa a Radomirovi and Lara

Human Errors in Security Protocols David Basin joint work with Sa a Radomirovi and Lara

Human Errors in Security Protocols David Basin joint work with Sa a Radomirovi and Lara Schmid Institute of Information Security Recap Security Protocols We have defined the Dolev-Yao adversary communicating agents that follow a

618 views • 51 slides
Security in in Security 802.11 Data Link Link Protocols Protocols 802.11 Data Gianluca Dini

Security in in Security 802.11 Data Link Link Protocols Protocols 802.11 Data Gianluca Dini

Security in in Security 802.11 Data Link Link Protocols Protocols 802.11 Data Gianluca Dini Gianluca Dini Dept. of Ingegneria dellInformazione University of Pisa, Italy Via Diotisalvi 2, 56100 Pisa gianluca.dini@ing.unipi.it If you

467 views • 35 slides
Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security

Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security

Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security Symposium, 2008 Many Protocols Authentication and key exchange SSL/TLS, Kerberos, IKE, JFK, IKEv2, Wireless and mobile computing Mobile IP, WEP,

959 views • 71 slides
Security Bugs in Protocols are Really Bad! Marsh Ray PhoneFactor Protocol Bugs Objectives

Security Bugs in Protocols are Really Bad! Marsh Ray PhoneFactor Protocol Bugs Objectives

Security Bugs in Protocols are Really Bad! Marsh Ray PhoneFactor Protocol Bugs Objectives Discuss the complexities in mitigating security bugs occurring in network protocols. Describe some current issues. Leave time for Q&amp;A.

631 views • 50 slides
Proving Properties of Security Protocols by Induction Lawrence C. Paulson Computer Laboratory

Proving Properties of Security Protocols by Induction Lawrence C. Paulson Computer Laboratory

Proving Security Protocols 1 L. C. Paulson Proving Properties of Security Protocols by Induction Lawrence C. Paulson Computer Laboratory University of Cambridge Proving Security Protocols 2 L. C. Paulson Cryptographic Protocol Analysis

389 views • 24 slides
Protocols II Computer Security Lecture 12 David Aspinall School of Informatics University of

Protocols II Computer Security Lecture 12 David Aspinall School of Informatics University of

Protocols II Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 17th February 2011 Outline Introduction Shared-key Authentication Asymmetric authentication protocols Key exchange protocols Combined

989 views • 73 slides
Real-World Protocols Prof. Tom Austin San Jos State University Real-World Protocols Next,

Real-World Protocols Prof. Tom Austin San Jos State University Real-World Protocols Next,

CS 166: Information Security Real-World Protocols Prof. Tom Austin San Jos State University Real-World Protocols Next, we look at real protocols SSH a simple &amp; useful security protocol SSL practical security on the Web

1.27k views • 112 slides
Graph Traversal Graph Traversal with DFS/BFS One of the most fundamental graph problems is to

Graph Traversal Graph Traversal with DFS/BFS One of the most fundamental graph problems is to

Graph Traversal Graph Traversal with DFS/BFS One of the most fundamental graph problems is to traverse every Tyler Moore edge and vertex in a graph. CSE 3353, SMU, Dallas, TX For correctness, we must do the traversal in a systematic way so

736 views • 5 slides
A Method to Estimate the Timestamp Accuracy of Measurement Hardware and Software Tools Patrik

A Method to Estimate the Timestamp Accuracy of Measurement Hardware and Software Tools Patrik

A Method to Estimate the Timestamp Accuracy of Measurement Hardware and Software Tools Patrik Arlos Blekinge Institute of Technology Inter-arrival time Mean: 1230 s Min: 1110 s Max: 1623 s Std.dev: 44.8 s Mean: 1230 s Min: 1230

420 views • 14 slides
How to use Dates &amp; Times with pandas Manipulating Time Series Data in Python Date &amp; Time

How to use Dates &amp; Times with pandas Manipulating Time Series Data in Python Date &amp; Time

MANIPULATING TIME SERIES DATA IN PYTHON How to use Dates &amp; Times with pandas Manipulating Time Series Data in Python Date &amp; Time Series Functionality At the root: data types for date &amp; time information Objects for points in

279 views • 25 slides
Towards Minimising Timestamp Usage in Application Software A Case Study of the Mattermost

Towards Minimising Timestamp Usage in Application Software A Case Study of the Mattermost

Christian Burkert , Hannes Federrath Towards Minimising Timestamp Usage in Application Software A Case Study of the Mattermost Application 26.09.2019 Project: Employee Privacy in Development and Operations 26.09.2019 | Christian Burkert,

731 views • 39 slides
On Optimal Hash Tree Traversal for Interval Time-Stamping Helger Lipmaa Helsinki University of

On Optimal Hash Tree Traversal for Interval Time-Stamping Helger Lipmaa Helsinki University of

On Optimal Hash Tree Traversal for Interval Time-Stamping Helger Lipmaa Helsinki University of Technology { helger } @tcs.hut.fi http://www.tcs.hut.fi/helger ISC02, 02.10.2002 On Optimal Hash Tree Traversal for Interval Time-Stamping

945 views • 45 slides
We Weaver: A Hig High h Performance, Tr Transa sacti tional Gr Graph Dat Datab abas ase

We Weaver: A Hig High h Performance, Tr Transa sacti tional Gr Graph Dat Datab abas ase

We Weaver: A Hig High h Performance, Tr Transa sacti tional Gr Graph Dat Datab abas ase e Bas ased ed on on Refi Refinab able e Times estam amps By Dubey et al. Presented by: Ishank Jain Department of Computer Science

401 views • 24 slides
The PKIX Standards and PKI Implementations Simos Xenitellis University of London

The PKIX Standards and PKI Implementations Simos Xenitellis University of London

The PKIX Standards and PKI implementations The PKIX Standards and PKI Implementations Simos Xenitellis University of London S.Xenitellis@rhbnc.ac.uk 1 16th May, 2000, University of London The PKIX Standards and PKI implementations Agenda

513 views • 29 slides
W3C Workshop on Next Steps for XML Signature and XML Encryption The importance of incorporating

W3C Workshop on Next Steps for XML Signature and XML Encryption The importance of incorporating

W3C Workshop on Next Steps for XML Signature and XML Encryption The importance of incorporating XAdES extensions into ongoing XML-Sig work Authors: Juan Carlos Cruellas Universitad Politcnica de Catalua cruellas@ac.upc.edu Giles

404 views • 29 slides

More recommend