Ramblings of a paranoid part 7
This presentation is the property of its rightful owner.
Sponsored Links
1 / 47

Ramblings of a paranoid part 7 PowerPoint PPT Presentation


  • 54 Views
  • Uploaded on
  • Presentation posted in: General

Ramblings of a paranoid part 7. Pete Hickey. What is the value of your PC?. Lets try to find whose PC is worth the most?. Laptop Theft. Growing crime Major reason for car break-ins “ You don’t know what you’ve got ‘till it’s gone.” Joni Mitchel. What is the value of your PC?.

Download Presentation

Ramblings of a paranoid part 7

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Ramblings of a paranoid part 7

Ramblings of a paranoidpart 7

Pete Hickey


What is the value of your pc

What is the value of your PC?

  • Lets try to find whose PC is worth the most?


Laptop theft

Laptop Theft

  • Growing crime

  • Major reason for car break-ins

    “You don’t know what you’ve got ‘till it’s gone.” Joni Mitchel


What is the value of your pc1

What is the value of your PC?

  • Most likely the value of your PC is much higher than its cost.

  • A brand new PC probably has the least value.

    • Value of the PC is

      • your time to set it up

      • the DATA it contains.


What is the value of the data

What is the value of the data?

  • Value to you?

    • Can you replace it?

    • Can you spell backup?

      • With the cost of zigabyte USB drives, no excuse.

  • Value to others

    • Identity theft?

      • Credit cards in web cache?

      • Tax forms from various years

    • Blackmail? / privacy


What is the value of the data1

What is the value of the data?

  • Law may REQUIRE you to have it encrypted.

    • Yes with medical data

    • Unknown with FIPPA.


What is the value of the data2

What is the value of the data?

  • Other people’s data?

    • People who trust you.

      • Old emails

      • Business/client data

  • Data which has no value?

    • Could have value in the future.


What is on your pc

What is on your PC

  • Do you even know?

  • In cache histories, etc.

    • Look up PC forensics

  • Do you purge old data?

    • What do you do when you get a new PC?

    • Pack rat syndrome


What is on your pc1

What is on your PC

  • Only a good thorough analysis will tell you for sure

  • There is a cost to inexpensive large capacity storage.

    • Never have to clean up!!!!!!!


A tool that helps

A tool that helps

  • Two obvious things are SINs and Credit Cards.

  • Student Cards????


Sin format

SIN format

  • 9 digits

    • xxx xxx xxx

    • xxx-xxx-xxx

    • xxxxxxxxx

    • Find all strings which look like those.


Sin format1

SIN format

  • There is also a checksum

  • Sum up 1,3,5,6,9 digits

  • Double digits in even locations

    • If result >10 add digits in result.

  • Result mod 10 should be zero

  • OR

  • Sum up 1,2,5,7 and twice digits 2,4,6,8

  • (10 – (Result mod 10 ) is last digit.


Sin format2

SIN format

  • Is 130 692 544 a valid SIN?

    1 + 0 + 9 + 5 + 4 = 19

    6 + (12->3) + 4 + 8 = 21

    (19+21) mod 10 = 0

    VALID


Sin format3

SIN format

  • 123 456 78x Find x so it could be a SIN

    • 1 + 3 + 5 + 7 = 16

    • 4 + 8 + 3 + 7 = 22

    • (16 + 22) mod 10 = 38 mod 10 = 8

    • Last digit must be 2!


Sin format4

SIN format

  • Is 123 456 782 a valid SIN?

  • Only value if there is other identifiable information with it.

  • Only you know that.


Credit cards

Credit Cards

  • VISA

    • 16 digits long, starts with 4

    • Four groups of four or 16 contiguous

  • MasterCard

    • Starts with 52, 53,54, or 55

    • 16 digits long, contiguous of 4 of four.

  • American Express

    • Starts with 34 or 37

    • 15 contiguous or four, six, five groups.


Audit tool

Audit tool

  • Most from USA

  • Spider

  • Modified FindSSNs to FindSINs

  • http://newmud.comm.uottawa.ca/~pete/FindSIN.zip

  • These are audit TOOLS, not magic.


Usb key

USB key

  • What is on your USB key?

  • Those running labs can tell you about lost keys

    • Forget

    • Holes in pockets.

    • Inexpensive, so you don’t care.


Encrypt your disk

Encrypt your disk

  • Lots of options here.

  • What do you want?

  • Required by law?

    • Yes

    • Maybe


Encryption algorithms

Encryption Algorithms

  • AES – Winner of competition

  • Serpent – more secure than AES, but lost

  • Twofish

  • Combinations AES-Twofish, Serpent-AES, etc.

  • All SYMETRIC encryption

    • Fast

    • Same key encrypt-decrypt


Hash algorithms

Hash Algorithms

  • One Way (trapdoor) function

  • SHA-512

  • RIPEmD-160

  • Whirlpool


Which to choose

Which to choose?

  • They are all ‘good enough’

  • Unless working with top secret military

  • Weakness will be in the key.

    • Hashed password is key


Password is the weakness

Password is the weakness

“Choose your password wisely, Grasshopper.”


Key properties

Key properties

  • If the key is not well chosen, patterns may appear in the cypher text which may help to crack it.

  • We want to choose a key such that the encrypted data looks like white noise.


Key vs password

Key vs password.

  • Passwords do not make good keys.

    • Printable characters have first few bits as zero

    • Typically use about a third of its space.

      • 256 possible combinations

      • 52 letters, 10 digits, 20 special-> 80

        • Assume 128 to make math easier

  • Frequently some function will be used to ‘randomize’ the password.


Key vs password1

Key vs password

  • Assume key is 128 bits

    • 128 bits = 16 bytes

    • 128 bits -> 2**128 possible keys

      • 3.4 x 10 **38

    • Each character of a password is a byte

    • Example 8 character password

      • 80 ** 8 = 1.7 x 10**14

      • That assumes even distribution.


Key vs password2

Key vs password

  • Other password combinations

    • 6 mixed characters

      • 80 ** 6 = 2.1 x 10**11

    • 6 upper case letters

      • 26 ** 6 = 3 x 10 ** 8

    • Word in dictionary

      • 2 * 10 **6

    • Date + 3 digits

      • You do the math.


Oc transpo sto and encryption

OC Transpo (STO) and Encryption

  • Encrypted laptops attract buses

  • “What happens if the owner is hit by a bus?”

  • If laptop contains his taxes and family data, we don’t care.

  • What if it contains important information for the University?


Don t believe it s lost forever

Don’t believe it’s lost forever

  • Encryption people try to tell you that if you loose the key, the date is lost forever.

  • NOT TRUE!!!!!

  • You should be able to get it in 25-50 years.


Parameters for disk encryption

Parameters for disk encryption

  • Large scale encryption (policy) requires a managed system.

  • Users will complain if we make them encrypt, and they loose their password. Ask help desk workers if people forget passwords.

  • Escrow server


Backups

Backups!!

  • Do you want the backups to be encrypted as well.

  • Do you want to encrypt the backup?


Cost of encryption

Cost of encryption

  • Cost of the software

  • Cost of management

  • Cost in performance hit


What flavor of encryption

What flavor of encryption

  • File

  • Folder

  • Virtual Disk

  • Data Disk

  • Complete Disk


Encrypted file

Encrypted file

  • Easiest

  • Lowest performance hit

  • High maintenance if many files

  • Backup is encrypted


Encrypted folder

Encrypted folder

  • Everything put in a specific folder is encrypted.

  • Easier than individual files

  • Cache-working files not encrypted

  • Backup encrypted


Container

Container

  • File within file system is a virtual disk

  • Mounted as your X: disk

  • Everything on X: disk is encrypted

  • Backup may or may not be encrypted


Data disk encryption

Data disk encryption

  • At the file system level

  • Everything on data disk is encrypted

  • Backups probably not encrypted


Full system encryption

Full system encryption

  • Everything, including system files encrypted.

  • Gets caches, work files, temporary files, etc.


Advantages of full complete

Advantages of full/complete

  • User looses laptop

  • Were ALL files encrypted?

  • Did the user miss some?

  • With full system encryption, you can offer assurances that all data was encrypted.


What about

What about

  • Paging file

  • Hibernation file

  • Menory dump files

  • registry


Plausible deniability

Plausible Deniability

  • Under duress

  • You want to deny that you have any encrypted files.

  • Containers may appear to be data files.

  • Containers residing on ‘empty’ disk.

  • You cannot deny full disk encryption.


Border crossing

Border crossing

  • People should not bring laptops containing personal information across US border.

  • Customs may ask to decrypt system.

  • Not legal for them to see personal information.


Encryption of usb keys

Encryption of USB keys?

  • Portability?

    • Within an OS

    • Across different OS

  • Keys with encryption built in.

    • Do they need autorun on?

  • Password management


Encryption of desktops

Encryption of Desktops?

  • Although less frequently, they do get stolen.

  • Peace of mind with their disposal.

    • Disks should be wiped clean before disposal.


Other issues

Other issues

  • Policy pushed to machine?

  • Windows logon one also takes care of decrypting?

    • If not, two logons are needed.

  • Performance?

    • Hardware encryption of disks possible.

  • etc


Not a recomendation

Not a recomendation

  • TrueCrypt

  • Not good because it is not managed.

    • Unless you can afford to wait 25-50 years to handle forgotten passwords.

  • It is good to play with to get a feeling for the various parameters to consider.


Parameters for disk encryption1

Parameters for disk encryption

  • Folder, container, full disk

  • Escrow

  • Backups

  • What are needs


  • Login