week 12 wednesday n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
CS363 PowerPoint Presentation
Download Presentation
CS363

Loading in 2 Seconds...

play fullscreen
1 / 33

CS363 - PowerPoint PPT Presentation


  • 105 Views
  • Uploaded on

Week 12 - Wednesday. CS363. Last time. What did we talk about last time? Making a business case for security Quantifying security. Questions?. Project 3. Security alert: Heartbleed.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'CS363' - red


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
last time
Last time
  • What did we talk about last time?
  • Making a business case for security
  • Quantifying security
security alert heartbleed
Security alert: Heartbleed
  • Recall that SSL (well, TLS) is the protocol that uses public key cryptography to negotiate symmetric keys for secure web traffic
    • Typically shown with a small padlock icon
    • https sites always use SSL while http sites sometimes use it
  • A vulnerability was found in OpenSSL getting random snapshots of memory from the web servers running it
  • The bug (called CVE-2014-0160) targets the heartbeat part of SSL, which keeps the session going without traffic
security alert continued
Security alert continued
  • Researchers working at Codenomicon and Google revealed the bug on April 7
  • Lastpass (a password manager) and Tumblr have told their users to change their passwords
  • Particularly troubling is that the bug can be exploited without leaving any traces
  • Follow the story here:
    • http://bits.blogs.nytimes.com/2014/04/08/flaw-found-in-key-method-for-protecting-data-on-the-internet/?_php=true&_type=blogs&hp&_r=0
widespread impact
Widespread impact
  • Who is affected?
    • Oh, everyone
  • Compromised versions of OpenSSL have been available since December 31, 2011, with widespread adoption on March 14, 2012
  • OpenSSL is used on  Apache and nginx webservers
    • Combined they account for 2/3 of all websites in the world
  • SSL is also used for e-mail authentication and lots of other stuff
  • Bruce Schneier called the bug "catastrophic" and said, "On the scale of 1 to 10, this is an 11."
  • Essentially everyone should change all passwords for everything
consequences
Consequences
  • Any password on any site that uses OpenSSL has potentially been revealed to the world
  • The passwords protecting the servers themselves have potentially been exposed
  • Intelligence agencies could very easily have stolen everyone's passwords and secret information
  • It's possible that private keys signing SSL certificates have been stolen
    • Lots of certificates will need to be reissued
security alert what can you do
Security alert: What can you do?
  • The authoritative site for information is:
    • http://heartbleed.com/
  • Test sites you're worried about:
    • http://filippo.io/Heartbleed/
  • This site has some good tips:
    • http://blog.agilebits.com/2014/04/08/imagine-no-ssl-encryption-its-scary-if-you-try/
  • Ironically, you might want to wait to change your passwords
    • If you change them before the servers are patched, you're increasing your exposure
  • Now's a great time to start using two-factor security
economic questions
Economic questions
  • Key questions a business needs to answer to make security decisions are:
    • How much should be invested in security to protect assets with a given value?
    • What is the likely impact of a security breach?
    • What are the costs and benefits of sharing information?
  • Economics is the science of general decision making, and we can look to that field for models
a dizzying array of models
A dizzying array of models
  • Some research shows that it doesn't make sense to increase security investment as the vulnerability of an asset increases
    • Past some point, it's too expensive to protect really vulnerable assets
  • A security breach can have a devastating impact on stock price
    • But research shows that the market reaction is small when no confidential information is exposed
game theory
Game theory
  • The subfield of economics that studies strategic decision making is called game theory
  • Game theory generally assumes rational agents who seek to make a decision that maximizes their utility function (often described in terms of money)
  • We can try to characterize decisions about cybersecurity in a game theory framework
game theory example
Game theory example
  • When the game is simple enough, game theory will look at it as a payoff matrix
  • A classic example is the Battle of the Sexes game, in which the woman wants to go to the opera, but the man wants to go to the football game
  • However, both enjoy being together more than going to their preferred events
prisoner s dilemma
Prisoner's dilemma
  • Another example of game theory is the Prisoner's Dilemma
  • Two criminals are captured by the police
    • Both can be convicted on a lesser charge
    • If one rats on the other, they can get them on a bigger charge
  • Each has the option to rat or stay quiet
  • From a game theory perspective, it's always better to rat
game theory in security decisions
Game theory in security decisions
  • Companies are in competition with other companies
  • Thus, they may make security decisions based on what other companies do
  • Research indicates that when two companies A and B are competing, a game theory model reveals the following:
    • If A shares more information about security breaches with B, B shares more and also invests more in security
    • If A and B have a product that can be substituted for the other's, information sharing and security investment for A and B both increase
    • Security breach information sharing and security investment increase with firm size and industry size
other issues
Other issues
  • Game theory is only one approach, and it assumes rational agents
  • Humans are not rational
    • When payoff is small, people focus on the risk
    • When the risk is small, people focus on the payoff
  • Security decisions are made in groups
    • Research shows that groups tend to have more extreme views than individuals
    • Dominant personalities (whether innately dominant or because of positions of power) tend to affect outcomes greatly
organizational culture
Organizational culture
  • Security decisions are also made in the context of an organization culture
  • Different organizations value different things
  • An organization's practices are made up of the following:
    • Symbols
      • Jargon, gestures, pictures, objects
    • Heroes
      • Role models and accomplished practitioners
    • Rituals
      • Anything socially important but not essential to the business
  • These practices stem from the organization's values
characterizing organization culture
Characterizing organization culture
  • One way to look at an organizational culture is to see where it falls on various spectrums
  • These spectrums are not intended to be positive or negative
    • A company can make either extreme or something in the middle useful
the right approach for the right job
The right approach for the right job
  • When you make security recommendations, make sure that they are a good fit for your employer
    • Results-driven businesses might prefer penetrate-and-patch to best-practice training
    • Professional organizations might certify its security professionals, but parochial ones might reward developers with the fewest flaws
    • Normative organizations might develop a security methodology that is always used, but pragmatic ones might have a project-by-project strategy
  • If all your suggestions are bad fits for your job, are you at the wrong place?
economics wrap up
Economics wrap-up
  • Economics and privacy
    • Differential pricing means that you get better prices if you let companies record your data
      • Loyalty cards at supermarkets, Amazon, Gilt…
    • What are the tradeoffs?
  • Economics and integrity
    • Disclosing software flaws means that more people can attack
    • But it also encourages companies to fix flaws faster
  • Economics and regulation
    • Can the market fix itself through capitalism?
    • If not, the government has to regulate security
    • Some research shows that piracy does not hurt the music industry
  • An externality is a situation where someone feels an economic impact without being involved in the market or negotiations
    • Example: You leave the lights in your dorm room on all the time because you don't pay the electric bill
encryption modes1
Encryption modes
  • We never discussed these three main encryption modes when we were discussing cryptography
  • You shouldn't leave the class without knowing about them
  • In Project 2, many of you created working implementations of AES
  • These implementations have a significant security flaw if operated as they were in Project 2
electronic codebook mode
Electronic Codebook Mode
  • A number of different encryption modes were proposed for DES
  • Most of these modes can be used by any block cipher
  • Electronic Codebook Mode (ECB) is the simplest (and least secure)
  • In ECB, each block (64 bits in DES) is independently encrypted with the same key
  • ECB is only recommended for sending a single block

P1

P2

P3

Encrypt

Encrypt

Encrypt

K

K

K

C1

C2

C3

problems with ecb
Problems with ECB
  • ECB is not considered secure for arbitrary length messages
  • The problem:
    • Block A encrypted with key K will always look the same
    • If the attacker can learn the value of block A through other channels, he or she will be able to recognize it when it is sent later
    • Even if the value of block A is never known, a repeated block means that part of the message repeats a previous message
  • When the two following modes are used, the encrypted value of block A is dependent on previous blocks
cipher block chaining mode
Cipher Block Chaining Mode
  • Cipher Block Chaining (CBC) is acceptable for general purpose block transmission and authentication
  • The input to the encryption is the XOR of the next block of plaintext with the previous block of ciphertext

P1

P3

P2

Encrypt

Encrypt

Encrypt

K

K

K

C1

C2

C3

cipher feedback mode
Cipher Feedback Mode
  • Cipher Feedback (CFB) is also acceptable for general purpose block transmission and authentication
  • The input to the encryption is the previous block of ciphertext, generating a pseudorandom value, which is XOR'd with the current block of plaintext

IV

Encrypt

Encrypt

Encrypt

K

K

K

P3

P2

P1

C3

C1

C2

semantic security
Semantic security
  • A cryptosystem is semantically secure if (with high probability) no additional information about a message can be gained from its ciphertext in polynomial time
  • It's like perfect secrecy but with computational complexity built-in
  • Using CBC or CFB increases semantic security since identical message blocks are usually not encrypted the same way
next time
Next time…
  • Privacy principles and policies
  • Exam 2 post mortem
reminders
Reminders
  • Read Chapter 10
  • Keep working on Project 3 Phase 1
  • Talk on the Shadow programming language
    • Tonight in E281 at 6pm