Home Page

Title Page

Contents

JJ II

J I

Page 1 of 37

Go Back

Full Screen

Close

Quit

INternet SECURITYG. Sivakumar

Computer Science DepartmentIndian Institute of Technology, Bombay

Mumbai 400076, Indiasiva@iitb.ac.in

Outline of Talk

• Internet and Security Overview

• Security Requirements, Threats and Mechanisms

• Cryptographic Protocols and Attacks

– Session Key Establishment

– Mutual Authentication

• Site Security Planning and Implementation

• Q&A

Home Page

Title Page

Contents

JJ II

J I

Page 2 of 37

Go Back

Full Screen

Close

Quit

Power of Networking

• Knowledge is Power

• Issac Newton– “... stood on the shoulders of giants.”

• ...

• Are there no bad aspects ofnetworking?

• If yes, no need for this lecture!

Home Page

Title Page

Contents

JJ II

J I

Page 3 of 37

Go Back

Full Screen

Close

Quit

Internet’s Dream

• Why should a fridge be on Internet?

• Will security considerations make this anightmare?

Home Page

Title Page

Contents

JJ II

J I

Page 4 of 37

Go Back

Full Screen

Close

Quit

Internet’s Growth andCharter

InformationAnyTime, AnyWhere, AnyForm, AnyDevice, ...WebTone like DialTone

Home Page

Title Page

Contents

JJ II

J I

Page 5 of 37

Go Back

Full Screen

Close

Quit

Security Concerns onInternet

Sample problems

• Highly contagious viruses

• Defacing web pages

• Credit card number theft

• On-line scams

• Intellectual property theft

• Wiping out data

• Denial of service

• Spam E-mails

• Reading private files

• Surveillance

Home Page

Title Page

Contents

JJ II

J I

Page 6 of 37

Go Back

Full Screen

Close

Quit

Who are the attackers?• Unintended blunders

• Hackers driven by technical challenge

• Disgruntled employees or customers

• Petty criminals

• Organized crime

• Organized terror groups

• Foreign espionage agents

• Information warfare

Home Page

Title Page

Contents

JJ II

J I

Page 7 of 37

Go Back

Full Screen

Close

Quit

Recent Top 10 AttacksSeewww.securityfocus.comandwww.sans.orgfor more details

1. Nimda Worm (IIS/MIME bugs)

2. Code Red Worm (Buffer Overflow)

3. Code Red II Worm

4. Spam Mail (Open Relays/Formmail)

5. CGI Attacks

6. SubSeven Trojan

7. Microsoft FrontPage Attacks

8. DNS Attacks

9. FTP Attacks

10. SSH CRC-32 Compensation Detection Attack

Home Page

Title Page

Contents

JJ II

J I

Page 8 of 37

Go Back

Full Screen

Close

Quit

Nimda and friendsNimda exploits

1. Microsoft IIS/PWS Escaped Characters Decoding Command ExecutionVulnerability

2. Microsoft IE MIME Header Attachment Execution Vulnerability

3. Microsoft IIS and PWS Extended Unicode Directory Traversal Vulnerabil-ity

4. Microsoft Office 2000 DLL Execution Vulnerability

and spreads itself via E-mail, Web-server attack, Web-browser code, Open Net-work Shares.

Home Page

Title Page

Contents

JJ II

J I

Page 9 of 37

Go Back

Full Screen

Close

Quit

Effect of Nimda, Code Red

Home Page

Title Page

Contents

JJ II

J I

Page 10 of 37

Go Back

Full Screen

Close

Quit

Common Vulnerabilities andExposures

Seecve.mitre.org.A nomenclature(and database) for indexing vulnerabilites. Critical to evaluatevarious approaches/tools.

Home Page

Title Page

Contents

JJ II

J I

Page 11 of 37

Go Back

Full Screen

Close

Quit

Security RequirementsInformal statements (formal is much harder)

• ConfidentialityProtection from disclosure to unauthorized persons

• IntegrityAssurance that information has not been modified unauthorizedly.

• AuthenticationAssurance of identity of originator of information.

• Non-RepudiationOriginator cannot deny sending the message.

• Availability Not able to use system or communicate when desired.

• Anonymity/PseudonomityFor applications like voting, instructor evalua-tion.

• Traffic AnalysisShould not even know who is communicating with whom.Why?

• Emerging ApplicationsOnline Voting (more later)

And all this with postcards (IP datagrams)!

Home Page

Title Page

Contents

JJ II

J I

Page 12 of 37

Go Back

Full Screen

Close

Quit

What is a ComputerNetwork?

Home Page

Title Page

Contents

JJ II

J I

Page 13 of 37

Go Back

Full Screen

Close

Quit

So, what’s Internet?• A bottom-up collection (interconnection) of networks

• TCP/IP is theonly common factor

• Bureaucracy-free, reliable, cheap

• Decentralized, democratic, chaotic

• Internet Society (www.isoc.org)

• Internet Engineering Task Force (www.ietf.org)

Home Page

Title Page

Contents

JJ II

J I

Page 14 of 37

Go Back

Full Screen

Close

Quit

Why is Internet Vulnerable?Quick overview of how Internet works.

Home Page

Title Page

Contents

JJ II

J I

Page 15 of 37

Go Back

Full Screen

Close

Quit

TRACEROUTEPackets Pings

Hostname %Loss Rcv Snt Last Best Avg Worst1. 192.168.106.129 0% 21 21 0 0 0 12. 144.16.122.100 0% 21 21 1 1 3 213. garbo-vsnl-radio.iitb.ac.in 0% 21 21 0 0 0 34. router-vsnl-radio.iitb.ac.in 0% 21 21 1 1 1 25. 203.197.31.154 0% 21 21 2 2 3 136. 203.197.33.129 0% 21 21 2 2 3 167. lvsb-vsb-stm-1.Bbone.vsnl.net.in 0% 21 21 3 2 3 58. 64.86.90.137 0% 21 21 479 206 349 5889. if-0-0.bb8.NewYork.teleglobe.net 0% 21 21 206 205 207 217

10. sl-gw9-nyc-7-0.sprintlink.net 0% 21 21 206 205 207 22011. sl-bb26-nyc-15-2.sprintlink.net 0% 21 21 206 206 207 21112. sl-bb27-nyc-8-0.sprintlink.net 0% 21 21 206 206 210 25613. sl-bb24-nyc-8-0.sprintlink.net 0% 21 21 206 206 207 21714. 144.232.9.118 0% 21 21 207 206 207 22015. dcr1-loopback.SantaClara.cw.net 0% 20 21 293 293 294 29616. ibr01-p5-0.sntc05.exodus.net 0% 20 21 295 294 295 30517. bbr02-g2-0.sntc05.exodus.net 0% 20 21 295 294 295 29918. bbr01-p7-0.sntc03.exodus.net 0% 20 21 294 294 295 30119. dcr04-g4-0.sntc03.exodus.net 0% 20 20 295 295 296 31620. csr01-ve241.sntc03.exodus.net 10% 18 20 307 295 305 44121. google-exodus.exodus.net 0% 20 20 303 294 295 30322. exbi2-1-1.net.google.com 0% 20 20 297 296 300 32023. www.google.com 0% 20 20 295 295 296 304

Home Page

Title Page

Contents

JJ II

J I

Page 16 of 37

Go Back

Full Screen

Close

Quit

Vulnerabilities• Application Security

– Buggy code

– Buffer Overflows

• Host Security

– Server side (multi-user/application)

– Client side (virus)

• Transmission Security

Home Page

Title Page

Contents

JJ II

J I

Page 17 of 37

Go Back

Full Screen

Close

Quit

Windows Top 10Vulnerabilities

Seehttp://www.sans.orgfor more info (CVE numbers, how to check/protectetc.)

1. Internet Information Services (IIS)

2. Microsoft Data Access Components (MDAC) (Remote Data Services)

3. Microsoft SQL Server

4. NETBIOS – Unprotected Windows Networking Shares

5. Anonymous Logon – Null Sessions

6. LAN Manager Authentication – Weak LM Hashing

7. General Windows Authentication – Accounts with No (or Weak) Pass-words

8. Internet Explorer

9. Remote Registry Access

10. Windows Scripting Host

Home Page

Title Page

Contents

JJ II

J I

Page 18 of 37

Go Back

Full Screen

Close

Quit

Unix Top 10 VulnerabilitiesSeehttp://www.sans.orgfor more info (CVE numbers, how to check/protectetc.)

1. Remote Procedure Calls (RPC)

2. Apache Web Server

3. Secure Shell (SSH)

4. Simple Network Management Protocol (SNMP)

5. File Transfer Protocol (FTP)

6. R-Services (.rhosts) – Trust Relationships

7. Line Printer Daemon (LPD)

8. Sendmail

9. BIND/DNS

10. General Unix Authentication – Accounts with No or Weak Passwords

Home Page

Title Page

Contents

JJ II

J I

Page 19 of 37

Go Back

Full Screen

Close

Quit

Denial of Service:Real-world

Small shop-owner versus Supermarket

• What can the attacker do?

• What has he gained or compromised?

• What defence mechanisms are possible?

– Screening visitors using guards (who looks respectable?)

– VVIP security, but do you want to be isolated?

• what is the Internet equivalent?

Home Page

Title Page

Contents

JJ II

J I

Page 20 of 37

Go Back

Full Screen

Close

Quit

Yahoo DDoS attack• Caused traffic to Yahoo to zoom to 100s of Mbps

• Broke the capacity of machines at Yahoo and its ISPs

• Internet Control Message Protocol (ICMP) normally used for good pur-poses.

• Ping used to check “are you alive?’

Home Page

Title Page

Contents

JJ II

J I

Page 21 of 37

Go Back

Full Screen

Close

Quit

Yahoo DDoS attack

Home Page

Title Page

Contents

JJ II

J I

Page 22 of 37

Go Back

Full Screen

Close

Quit

Security Mechanisms• System Security:“Nothing bad happens to my computers and equipment”

virus, trojan-horse, logic/time-bombs, ...

• Network Security:

– Authentication Mechanisms“you are who you say you are”

– Access ControlFirewalls, Proxies “who can do what”

• Data Security: “for your eyes only”

– Encryption, Digests, Signatures, ...

Home Page

Title Page

Contents

JJ II

J I

Page 23 of 37

Go Back

Full Screen

Close

Quit

Cryptography and DataSecurity

• sine qua non[without this nothing :-]

Home Page

Title Page

Contents

JJ II

J I

Page 24 of 37

Go Back

Full Screen

Close

Quit

Symmetric/Private-KeyAlgorithms

Home Page

Title Page

Contents

JJ II

J I

Page 25 of 37

Go Back

Full Screen

Close

Quit

Asymmetric/Public-KeyAlgorithms

• Keys are duals (lock with one, unlock with other)

• Cannot infer one from other easily

• How to encrypt? How to sign?

Home Page

Title Page

Contents

JJ II

J I

Page 26 of 37

Go Back

Full Screen

Close

Quit

One way Functions

Mathematical Equivalents

• Factoring large numbers (product of 2 large primes)

• Discrete Logarithms

Home Page

Title Page

Contents

JJ II

J I

Page 27 of 37

Go Back

Full Screen

Close

Quit

Network SecurityMechanism Layers

Crptograhphic Protocolsunderly all security mechanisms. Real Challenge todesign good ones forkey establishment, mutual authenticationetc.

Home Page

Title Page

Contents

JJ II

J I

Page 28 of 37

Go Back

Full Screen

Close

Quit

Motivation for Session keysCombine Symmetric (fast) and Asymmetric (very slow) Methods using session(ephemeral) keys for the following additional reasons.

• Limit available cipher text(under a fixed key) for cryptanalytic attack;

• Limit exposurewith respect to both time period and quantity of data, in theevent of (session) key compromise;

• Avoid long-term storageof a large number of distinct secret keys (in thecase where one terminal communicates with a large number of others), bycreating keys only when actually required;

• Create independence across communicationssessions or applications. Noreplay attacks.

How to establish session keys over insecure medium where adversary is listen-ing to everything?Can be done even without any public key!Randomizationto rescue (like inCSMA/CD of Ethernet).

Home Page

Title Page

Contents

JJ II

J I

Page 29 of 37

Go Back

Full Screen

Close

Quit

Diffie-Hellman KeyEstablishment Protocol

Home Page

Title Page

Contents

JJ II

J I

Page 30 of 37

Go Back

Full Screen

Close

Quit

Man-in-the-middle attack

• Authentication was missing!

• Can be solved if Kasparov and Anand know each other’s public key(Needham-Schroeder).

• Yes, but different attack possible.

Home Page

Title Page

Contents

JJ II

J I

Page 31 of 37

Go Back

Full Screen

Close

Quit

Needham-SchroederProtocol

Home Page

Title Page

Contents

JJ II

J I

Page 32 of 37

Go Back

Full Screen

Close

Quit

Attack by Lowe (1995)

Home Page

Title Page

Contents

JJ II

J I

Page 33 of 37

Go Back

Full Screen

Close

Quit

Why Are Security ProtocolsOften Wrong?

They aretrivial programs built from simple primitives,BUT, they are compli-cated by

• concurrency

• a hostile environment

– a bad user controls the network

– Concern: active attacks masquerading, replay, man-in-middle, etc.

• vague specifications

– we have to guess what is wanted

• Ill-defined concepts

Protocol flaws rather than cryptosystem weaknessesFormal Methodsneeded!

Home Page

Title Page

Contents

JJ II

J I

Page 34 of 37

Go Back

Full Screen

Close

Quit

Online Voting ProtocolsAre we ready for elections via Internet?

• George Bush(Nov 2000, dimpled chads)

• Pervez Musharaf(April 2002)

• Gujarat(Dec 12, 2002)

E-Voting Protocols Requirements

• No loss of votes already cast (reliability)

• No forging of votes (authentication)

• No modification of votes cast (integrity)

• No multiple voting

• No vote secrecy violation (privacy)

• No vulnerability to vote coercion

• No vulnerability to vote selling or trading protocols (voter is an adversary)

• No loss of ability to cast and accept more votes (availability, no denial ofservice)

Home Page

Title Page

Contents

JJ II

J I

Page 35 of 37

Go Back

Full Screen

Close

Quit

Other Desirable Propertiesmust not only be correct and secure, but also be seen to be so by skeptical (buteducated and honest) outsiders.

• Auditability:

Failure or procedural error can be detected and corrected, especially theloss of votes.

• Verifiability: Should be able to prove

– My vote was counted

– All boothes were counted

– The number of votes in each booth is the same as the number of peoplewho voted

– No one I know who is ineligible to vote did so

– No one voted twice

– ...

without violating anonymity, privacy etc.Zero Knowledge Proofs

Home Page

Title Page

Contents

JJ II

J I

Page 36 of 37

Go Back

Full Screen

Close

Quit

RFC 2196 Site SecurityHandbook

Guidelines for any organization joining Internet

1. Risk Assessment (Assets/Threats)

2. Security Policies

3. Security Architecture and Services

• Firewalls, VPN, Encryption, ...

• Authentication

• Confidentiality, Integrity

• Authorization and Access Control

• Backups

4. Usage Monitorig and Auditing

5. Intrusion/Attack Detection

6. Security Incident Handling

No silver bulletor one timefix!Eternal Vigilance is the price of libertyhttp://web.iitb.ac.in

Home Page

Title Page

Contents

JJ II

J I

Page 37 of 37

Go Back

Full Screen

Close

Quit

References• Books

– TCP/IP Illustratedby Richard Stevens, Vols 1-3, Addison-Wesley.

– Applied Cryptography - Protocols, Algorithms, and Source Code in Cby BruceSchneier, Jon Wiley & Sons, Inc. 1996

– Cryptography and Network Security: Principles and Practiceby William Stallings (2ndEdition), Prentice Hall Press; 1998.

– Practical Unix and Internet Security,Simson Garfinkel and Gene Spafford, O’Reillyand Associates, ISBN 1-56592-148-8.

• Web sites

– www.cerias.purdue.edu(Centre for Education and Research in Information Assuranceand Security)

– www.sans.org(System Administration, Audit, Network Security)

– cve.mitre.org(Common Vulnerabilities and Exposures)

– csrc.nist.gov(Computer Security Resources Clearinghouse)

– www.vtcif.telstra.com.au/info/security.html