|
|
@@ -0,0 +1,151 @@
|
|
|
+# Computer Security - lesson 2
|
|
|
+#### Stefano Zanero
|
|
|
+###### 11 March 2016
|
|
|
+## Security as risk management
|
|
|
+In the equation Risk=AssetxVulnerabilities X Threats
|
|
|
+
|
|
|
+We can control only the vulnerabilities, and we need to reduce the risk by
|
|
|
+reducing vulnerabilites.
|
|
|
+There is a __direct cost__ of doing security and it is composed of:
|
|
|
+- Management cost
|
|
|
+- Operational cost
|
|
|
+- Equipment
|
|
|
+
|
|
|
+But the more relevant part are the __indirect costs__
|
|
|
+- Less usability es: a phone with pinlock is more slow than a locked one
|
|
|
+or airport security makes traveling slower.
|
|
|
+- Slower performance
|
|
|
+
|
|
|
+Doing some types of security checks can reduce productivity
|
|
|
+We need to balance these costs with the risk reduction.
|
|
|
+
|
|
|
+Security is not a problem that can be solved by throwing money at it,
|
|
|
+For example adding another layer of metal to the caveau will not
|
|
|
+ make it more secure if the keypad is still broken.
|
|
|
+
|
|
|
+### Airport security example
|
|
|
+Under the airport security *identity checks* are not a security measure,
|
|
|
+because we have not a list of terrorist names and anyway they won't use
|
|
|
+their real name; *identity checks* are only a commercial measure,
|
|
|
+to avoid ticket reselling.
|
|
|
+
|
|
|
+The *buddy systems*: requiring two different people for doing a particular job
|
|
|
+is used in finance, nuclear weapons or flights cockpit.
|
|
|
+The *positive bag match* is making sure that the luggage is loaded on the plane
|
|
|
+only if the passenger is taking the plane - Backerby disaster
|
|
|
+
|
|
|
+The airlines policies are thought to avoid anything but the suicide attacks
|
|
|
+
|
|
|
+Before 9/11 policies were only considering non suicide hijackers
|
|
|
+After 9/11 the plane is considered as a weapon and the cabin is locked during flight
|
|
|
+And in case of hijacking the pilot has to land the plane somewhere regardless of
|
|
|
+what happens outside the cabin.
|
|
|
+
|
|
|
+The liquid restriction policy was made after a failed liquid bomb attack,
|
|
|
+it failed because the metal detector avoided carrying a detonator.
|
|
|
+and it was not necessary but it was made because people wanted to know
|
|
|
+that a countermeasure was taken.
|
|
|
+
|
|
|
+The liquid restraint is still there because it can't be taken away,
|
|
|
+otherwise someone could blame you even if the restraint would have been not effective.
|
|
|
+
|
|
|
+Bad security measures are taken because they fit well in the agenda of people
|
|
|
+taking decisions.
|
|
|
+More things often result in more hassle and in more cost but they do not raise security.
|
|
|
+On the contrary the illusion of security is a security breach itself.
|
|
|
+
|
|
|
+For example lithium batteries are a more serious issue for security but a cellphone ban
|
|
|
+would destroy the business.
|
|
|
+
|
|
|
+### Boundaries
|
|
|
+A __trusted__ element is not a *trustworthy* one but is the one that when compromised,
|
|
|
+breaks the system.
|
|
|
+For example in a computer the CPU is a trusted device because you trust it on making its work.
|
|
|
+So we set a __boundary__ on things you can't control.
|
|
|
+
|
|
|
+A little more paranoia is *helpful*, but in general you need to be secure against the enemy
|
|
|
+that you think you're facing, for example the NSA, your employer, your fiancee.
|
|
|
+
|
|
|
+## Cryptography
|
|
|
+Starting from the greek society writing became more diffused and some
|
|
|
+ systems were created like the strip of sheep skin rounded over a particular stick
|
|
|
+In the following centuries cryptography was more of a wit game (creating/breaking it)
|
|
|
+While during WWII cryptography (and its cracking by Turing) played a key role.
|
|
|
+
|
|
|
+Alan Turing worked at Bletchley Park and created The Bomb, based on poland models
|
|
|
+it was not general purpose but it breaked the Enigma code.
|
|
|
+
|
|
|
+Shannon was also an important subject for Crypto history.
|
|
|
+In 1949 wrote a paper named "Communication theory of secrecy"
|
|
|
+And we are still using the same terminology (plaintext, cyphertext)
|
|
|
+
|
|
|
+Shannon used the Kerckhoffs principle (1883) in his paper and it is the following:
|
|
|
+A cryptographic system is secure only if the attacker can't break it even knowing the algorithm.
|
|
|
+This makes necessary a key to use with the algorithm to avoid the algorithm itself being sufficient to decrypt
|
|
|
+Also we must not be able to derive the key from a plaintext and cyphertext couple.
|
|
|
+
|
|
|
+Shannon wondered if there exists a perfect cipher.
|
|
|
+A perfect cipher should not diffuse information.
|
|
|
+An example of information diffusion is the other players moves in a card game.
|
|
|
+
|
|
|
+__Shannon theorem__
|
|
|
+```
|
|
|
+In a perfect cipher the number of keys must be greater or equal to the number of possible messages
|
|
|
+```
|
|
|
+If we have less keys than messages, i can say that the ciphertext generated by those keys are excluded
|
|
|
+this way we have an information leak.
|
|
|
+
|
|
|
+So perfect cipher exists, the minimal one is called __one time pad__
|
|
|
+__XOR__ is an operation used often in cryptography because it is reversible.
|
|
|
+
|
|
|
+The key used in one time pad is burned when used, and you need to communicate securely a key
|
|
|
+as long as the message, so it is practically unusable.
|
|
|
+
|
|
|
+Practically *no real world cypher is perfect*
|
|
|
+
|
|
|
+### Imperfections and brute force
|
|
|
+The keys can be found by __bruteforcing__ or trying all the possible keys
|
|
|
+until you find an output that makes sense.
|
|
|
+If the key is as long as the message, we can get all the possible cyphertexts that makes sense
|
|
|
+not only the right one.
|
|
|
+
|
|
|
+```
|
|
|
+Any real world algorithm is vulnerable to bruteforce
|
|
|
+```
|
|
|
+
|
|
|
+That is an uneliminable issue
|
|
|
+An algorithm is broken if there is a faster way than bruteforce to break it
|
|
|
+
|
|
|
+### Breaking cyphers
|
|
|
+- __cyphertext attack__ analyst has only ciphertexts with the same given key.
|
|
|
+This attack is the most powerful because we need only cyphertext (less requirements)
|
|
|
+- __known plaintext attack__
|
|
|
+- __chosen plaintext attack__
|
|
|
+
|
|
|
+```
|
|
|
+We don't have a way to know if an algorithm is robust, we can only try to break it and if we succeed we know it wasn't
|
|
|
+```
|
|
|
+In symmetric cryphtography we need to share securely the key, this is an `Elephant in the room` problem,
|
|
|
+(a problem that is enourmous but nobody speaks about).
|
|
|
+
|
|
|
+It was an issue until in 1976 Diffie and Hellman introduced asymmetric encryption.
|
|
|
+
|
|
|
+exercise: broke the zip example without bruteforcing
|
|
|
+
|
|
|
+### Symmetric encryption
|
|
|
+__Substitution__ also called Caesar cipher, every letter is shifted of the key amount.
|
|
|
+- issues: english have only 26 charachters so we have only 25 keys (bruteforce).
|
|
|
+It is also a monoalphabetic cypher, so repetitions and structured of the words are visible.
|
|
|
+- polyalphabetic way: More secure way of doing it
|
|
|
+__Transposition__ (or diffusion) means swapping the values of given bits
|
|
|
+- For example by writing horizontally in a matrix the charachters of the plaintext
|
|
|
+and reading vertically the cyphertext
|
|
|
+- It can't be breaked by pen and paper but with a simple python program.
|
|
|
+
|
|
|
+Modern diffusion and substitution algorithms: DES, IDEA, AES
|
|
|
+
|
|
|
+### Case study: DES
|
|
|
+During auditing NSA suggested the adoption of different S-boxes than the originals
|
|
|
+S-Boxes: tables for doing substitutions.
|
|
|
+
|
|
|
+
|
