1 / 23

Intro To Secure Comm. Exercise 6

Intro To Secure Comm. Exercise 6. Problem. A vendor wishes to incorporate the following: Upon any login/change the vendor updates the cookie Cookie(SessionTime||{Item||Price}) What kind of attacks may be done? What kind of attackers may do it?

mcewen
Download Presentation

Intro To Secure Comm. Exercise 6

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Intro To Secure Comm.Exercise 6

  2. Problem • A vendor wishes to incorporate the following: • Upon any login/change the vendor updates the cookie • Cookie(SessionTime||{Item||Price}) • What kind of attacks may be done? • What kind of attackers may do it? • How does SSL help protect against certain attacks/adversaries?

  3. Solution • The interrogative adversary may easily change the cookie. • The attacks may be • extending the session time indefinitely • Changing products’ prices • SSL may prevent sniffing/active adversaries from intercepting the cookies and/or changing them while they’re transmitted

  4. Problem • The following is a cookie based login process • User • Login to server, provide user/password • Server • Set Cookie(username||h(password)) • The login process is protected with SSL. • The rest sessions are not. • Against what types of adversaries is this scheme effective?

  5. Solution • This scheme is immune to spoofing attacks, as no spoofer can generate the cookie • This scheme is immune to sniffing attacks as the secret is not sent in the clear. • However, active adversaries may do replay attacks after the initial login. • How may you defend against active adversaries? • Dictionary attacks are still possible, use SALT against them.

  6. Solution (2) • The simplest thing would be to protect the entire client-server protocol using SSL. • Developing a proprietary protocol may lead to more complex client-side applications.

  7. Problem • The following identifier is put into a cookie after user logon (to identify the session) • Cookie(GlobalId++) • What types of adversaries may attack this scheme? • What is the attack?

  8. Solution • The interrogative adversary may attack this easily. • The attack would be to guess the sequence number of another session. • Since this uses sequential numbers it is quite easy. • How will you mend this flaw? • Use cryptographic randomness • PRF(GlobalId||Date)

  9. IP-SEC

  10. Scenario • An organization connects to the Internet from multiple offices, and is concerned about: • Denial of service attacks from the Internet • Protect data on few key applications (mostly web) from unauthorized exposure • Efficiency and cost of solution • The organization considers employing IPSec as a solution

  11. Problem • When is IPSec not able to secure the connection under the previous conditions

  12. Solution • IPSec connections may not be reliable when an attack is orchestrated from inside the network (where IP sec is not utilized) • Using IPSec in tunnel mode enables such an attack from inside the network when a virus/worm attacks the computers.

  13. Problem • Few companies create extranet (shared VPN over Internet) using IP-sec. How can they (securely and efficiently)… • Prevent network attacker from counting CEO-to-CEO messages • Prevent insiders from eavesdropping on CEO-to-CEO messages

  14. Solution • Assuming • CEO1:10.0.0.1 • CEO2:11.0.0.1 • Use both transport mode and tunnel mode IPSec. • First use Transport mode IPSec • CEO1 SP : To CEO2 -> Encrypt Transport Mode • CEO2 SP : To CEO1 -> Encrypt Transport Mode

  15. Solution • Second, use IPSec tunnel mode between routers such that ALL messages are encrypted using tunnel mode (no differentiation between CEO messages and users’ messages) • This way, messages between CEOs are protected from being noticed from the internet (this is because the messages are designated to the routers) • Inside the network, the messages are still encrypted.

  16. Scenario

  17. Problem • The company enables IPSec in tunnel mode between each branch of the company. • Users are allowed to browse the internet freely. • How can a virus expose information sent from branch A to B?

  18. Solution • By sniffing the network, the virus can sniff packets sent between the branches. • The virus can then send the information to a host located on the internet. • Since the information between the branches is sent on the clear (until it reaches the VPN host) it is easily viewed.

  19. Attack explenation • Say computer A from office A send information to computer B in office B. • The virus sniffs the network and gets a hold of the message. • The virus sends the message using a connection to the internet, to an internet host.

  20. Problem • What if the routers are configured only to allow secured IPSec communication? • i.e. no internet forwarding. • Is the attack viable now?

  21. Solution • YES!!! • Through subliminal channels, the virus can communicate with the sniffer • Through timings • Through length of packets • In conjunction with the SPI field. • Assuming the SPI is different than other programs. • The eavesdropper can then identify the messages from the virus and identify them using timings/length of packets.

  22. Problem (Test Question) • חברה מעונינת להבטיח מספר יישומים קריטיים (משכורות, כח אדם, דו"חות מכירות) מפני תוקף חיצוני או פנימי. ההנחה היא שהתוקף עלול להשתלט על מחשב אחד או מחשבים מעטים, ובפרט מניחים שלא יוכל להשתלט על שרתים (שמאובטחים היטב) אלא רק על תחנות עבודה. מעונינים למנוע מהתוקף, אפילו אם הוא שולט על מחשב אחד שנמצא ברשת מקומית מסוימת, מלחשוף או לשנות הודעות בין מחשבים ברשת שאינם נשלטים על ידיו ובין אחד משרתי היישומים הקריטיים. מוצע להגן ע"י שימוש ב-IP-sec בשיטת ESP ומצב Transport, בין כל תחנת עבודה לבין השרתים שמריצים את אותם שירותים קריטיים. • הראה שפתרון זה עשוי שלא למנוע התקפה, ותוקף ששולט במחשב אחד ברשת עלול להיות מסוגל להתחזות לשרת היישום הקריטי. רמז: שרתים אחרים ברשת, שאינם מריצים את היישומים הקריטיים, אינם מריצים IP-sec.

  23. Solution • The key idea is that only application servers are protected with IPSec. • What about DNS servers? (or any other naming servers) • The following attack may happen • ADV takes control over some computer (a client/DNS) which are not protected. • ADV changes DNS record to point to the controlled computer • When the application needs to transmit information, it transmits to the wrong IP thus not protecting the data with IPSec. • The application is UNAWARE of it.

More Related