1 / 71

20-771: Computer Security Lecture 12: Windows - Login

20-771: Computer Security Lecture 12: Windows - Login. Robert Thibadeau School of Computer Science Carnegie Mellon University Institute for eCommerce, Fall 2002. Today’s lecture. Windows 2000 Access II File Encryption/Decryption

amish
Télécharger la présentation

20-771: Computer Security Lecture 12: Windows - Login

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 20-771: Computer SecurityLecture 12: Windows - Login Robert Thibadeau School of Computer Science Carnegie Mellon University Institute for eCommerce, Fall 2002

  2. Today’s lecture • Windows 2000 Access II • File Encryption/Decryption • Go to http://rack4.ulib.org/certsrv and get an email certificate. Send it to two people in the class to establish encrypted and signed email. One exam question: • What did you have to do to get encrypted email to work with a few of your classmates?

  3. This Week • Read WS 12,13 More Windows Security Password Week

  4. Windows C-2 Security Model Users! It must be possible to control access to a resource by granting or denying access to individual users or named groups of users. Memory must be protected so that its contents cannot be read after a process frees it. Similarly, a secure file system, such as NTFS, must protect deleted files from being read. Users must identify themselves in a unique manner, such as by password, when they log on. All auditable actions must identify the user performing the action. System administrators must be able to audit security-related events. However, access to the security-related events audit data must be limited to authorized administrators. The system must be protected from external interference or tampering, such as modification of the running system or of system files stored on disk.

  5. Win 2000 Security A User User/groups Rights-e.g., delegation Active Directory DACLs for Authorization Files & Other Objects Internal Privacy : File Encryption YOU! Certs for Authentication username kerberos Services Some-other-time.. password Certs for Integrity Active Directory SACLs for Audit certificate Other Machines Web Visitor Web Site IIS – IE5 Secure Network Privacy SSL & IPSec Windows 2000 IPAAA Model User Agents DACLs File Encrypt Kerberos Authenticode SACLs Smartcard IPSec

  6. One DESX Key, Many Certs FILE OR DIRECTORY Administrator CERT /Public Key M Symmetric/Private/DESX/Encrypt/Decrypt Key A UserQ CERT /Public Key Q Symmetric/Private/DESX/Encrypt/Decrypt Key A UserR CERT /Public Key R Symmetric/Private/DESX/Encrypt/Decrypt Key A Some can be certs in Data Decryption Field or Data Recover Field

  7. File Encryption / Recovery Certificate • The symmetric encrypting key is encrypted using the public key derived from your EFS certificate. • The resulting encrypted data, along with your display name and a hash of the certificate, is stored in a named stream in the file that contains EFS metadata. • When EFS decrypts a file, it uses your private key to decrypt the symmetric encrypting key. EFS then uses the symmetric key to decrypt the data.

  8. Cipher utility • Why would you want to encrypt an encrypted file? Try being administrator and user. • Data Decryption Field (certs), and Data Recovery Field (certs) • Encrypt a file as a user, and see if you can decrypt it as somebody else (who is the default recovery manager). • Note: efsrecvr.exe as the Encrypted File System RECoVeR program you can use. You can also do this by right clicking and the security properties, owner.

  9. Cert (X.509) EFS Solution • Many certs can hide the SAME private/ symmetric/ session FEK (file encryption/decryption key) for a file. • These certs are SPECIAL FILE ENCRYPTION CERTS (using the user’s private/public key) • http://support.microsoft.com/support/kb/articles/Q273/8/56.ASP • The file can have several depending on the CERT which is user – Data Decryption Field • The file can have several recovery agents can have several depending on the CERT which is the recovery agent user.

  10. Exam: What is a security association?

  11. IPSec Classic Network Attacks • Snooping • Spoofing (TCP sequence numbers) • Password Compromise • Denial of Service Attacks (DoS) • TCP SYN : open tons of TCP connections • SMURF : drown with ping • Teardrop : fragmentation reassembly • Ping of Death : fake fragmentation parameters • Man-in-the-middle Attacks • Application-Level Attacks • Key Compromise

  12. IPSec is End to EndIPAxx • Client – to – Client • Transport Mode • One Authenticates but doesn’t encrypt • One Authenticates and Encrypts • Gateway – to – Gateway • Tunnel Mode (client to client is encapsulated) • Authenticates, Encrypts, and also hides source and destination!

  13. IPSec Detail • Authentication Header (AH) • Encapsulating Security Protocol (ESP) • Orig IP Header + AH + TCP + DATA (transport mode) • Authenticates whole packet • Orig IP Header + ESP Header + TCP + DATA + ESP Trailer + ESP Authentication (transport mode) • Authenticates whole ESP but not IP Header • Encrypts TCP-Trailer • New IP Header + ESP Header + Orig IP Header + TCP + DATA + ESP Trailer + ESP Authentication • Authenticates whole ESP but not IP Header • Encrypts Original IP header to ESP Trailer

  14. Denial of Service Protection • A counter … (ignore repeats)

  15. Guarding what’s Yours Sustainable Business Models Product Service Technology Policy Business of Security

  16. Online Shopping Is The Key Appeal Securely shop online Securely store PINs Share info w/friends Secure chat groups Pay-per-use services 66% 63% 54% 26% 26%

  17. Consumers Are Willing To Pay Fair Price For A Trusted PC If it costs: 84% $25 $50 $75 $100 $200 71% 57% 49% 34%

  18. Windows Authorization

  19. Features of Win 2000 • Multiple methods of authenticating internal and external users • Protection of files through easy to use encryption • Protection across network through transparent encryption • Per-property access control for objects (many more detailed uses than read, write, and execute) • Smart card support for authentication and hiding private keys • Transitive trust relationships between domains • Public Key Infrastructure (PKI – Certs handled transparently). • Code itself is routinely authenticated as to its source using PKI.

  20. Windows Authentication • One, Two, Three Factor Authentication • What you know (Password) • What you have (Token) • Who you are (Biometric)

  21. “PASSWORD CONTROL WEEK”Kerberos • Why Kerberos? • How does Kerberos work • what interdomain “trust” means

  22. Win 2000 Security A User User/groups Rights-e.g., delegation Active Directory DACLs for Authorization Files & Other Objects Internal Privacy : File Encryption YOU! Certs for Authentication username kerberos Services Some-other-time.. password Certs for Integrity Active Directory SACLs for Audit certificate Other Machines Web Visitor Web Site IIS – IE5 Secure Network Privacy SSL & IPSec Windows 2000 IPAAA Model User Agents DACLs File Encrypt Kerberos Authenticode SACLs Smartcard IPSec

  23. Authentication Methods • Dialup (see MSDN for detail) • Distributed Password Authentication (DPA) • Extensible Authentication Protocol (EAP) (RFC 2284, PPP) • Secure Channel (Schannel) X.509 • SSL, TLS • Network • Windows NT LAN Manager (NTLM) • Windows “Challenge Response” • Just didn’t work LAN/WAN-wise • Standalone Professional/Server 2000 • Kerberos v5 (MIT, Athena Project)

  24. W2000 Security Services Domain Admin/Server Computer Cert Services Computer Security Management Active Directory Domain Logon/Kerberos Computer Client Computer

  25. Password Attacker Username Password Sniffer Obtains Securely Obtains Authentication Agent Resource Access Type In Assigns Securely Delivers YOU Weak Link in Authentication KERBEROS

  26. Password Attacker Username Password Sniffer Obtains Securely Obtains Securely Obtains Authentication Agent Resource Access Type In Assigns Securely Delivers YOU WS 10. Web (HTTP) Access ControlSafe/Dangerous? SSL KERBEROS SSL

  27. W2000 Security Services Domain Admin/Server Computer Cert Services Computer Security Management Active Directory HTTP Computer Domain Logon/Kerberos Computer Client Computer

  28. Why Kerberos (W2000) • Standard includes Unix (NTLM is proprietary) • RFC 1510, 1964 • Authentication is by credentials (doesn’t require consulting the resource) • Authenticates both Kerberos (permission) server and user client • Basis for Transitive Trust Relationships (via a shared interrealm – interdomain – key) • Kerberos was not RSA, now it is…to solve password problem with Smart Cards – we’ll deal with the basic Kerberos model – RSA enhancements are pretty obvious

  29. Why Kerberos (Kerberos) • Rely on each login session to assure identity of user and rely on each resource (ACLs) to grant access. • Problem: user may gain access to workstation and pretend to be somebody else • May alter IP address to look like somebody • May eavesdrop and use replay • Require user to prove identity for each service invoked and require servers to prove identity to clients. KERBEROS

  30. Kerberos Crypto • Private (symmetric) Key -> DES • Authentication • Uses time stamp and shared secret • Avoids replay attack (nonce also used) • Man in the middle a problem • Means if your machine has the wrong time, authentication doesn’t work! • Get “Atomtime” (MS should have done this!)

  31. Kerberos Authenticator Field

  32. Kerberos is REALLY complicated! • Uses DES, symmetric Private Keys : Not Public Key – makes things complicated! • You have to hide the private keys • Every message needs an often different private key • A LOT of the complication has to do with trying to let you login once while keeping you secure against replay. • TICKETS • Requires separate secure distribution of common private keys • For user: a username/password ARGH! • For services: physical distribution (OK) • Possibly Best Detailed Treatment is Stallings “Cryptography and Network Security” or Schneier “Applied Cryptography”

  33. More Kerberos Jargon • Kerberos Distribution Server (KDC) • Hides all secret keys! • Principal – anybody/anything • Rht.user • Rht.root • Rht.ftp • Realm (Domain) • Long-term key, login session key (long term gets login session)

  34. Kerberos • User Logs on JUST USERNAME / request service on host Authentication Server (AS) 2. AS verifies user access rights / Creates TGT and Session Key, encrypts with user password Client Computer 3. User password to decrypt / Sends ticket and authenticator Ticket Granting Server (TGS) 4. TGS decrypts ticket and authenticator / Create ticket for requested server Server (e.g., ftp, local system) 5. Send ticket and authenticator 6. Server verifies ticket and authenticator match/ Server can return an authenticator for itself. ONCE PER LOGON SESSION ONCE PER TYPE OF SERVICE ONCE PER SERVICE SESSION Other Realms/Domains

  35. Kerberos • User Logs on JUST USERNAME / request service on host Authentication Server (AS) 2. AS verifies user access rights / Creates TGT and Session Key, encrypts with user password Client Computer 3. User password to decrypt / Sends ticket and authenticator Ticket Granting Server (TGS) 4. TGS decrypts ticket and authenticator / Create ticket for requested server Server (e.g., ftp, local system) 5. Send ticket and authenticator 6. Server verifies ticket and authenticator match/ Server can return an authenticator for itself. Shared Secret is Password Shared Secret in TGT Shared Secret with Service Shared Secret in Ticket Shared Secret with other Realm Other Realms/Domains

  36. Kerberos Private DES Keys • Username/password -> generates private key • Other Kerberos Principal Keys • Server Authentication Keys • Login Session Keys • Shared Application Service Keys • Ticket Granting Service Key • Code has to know what kind of message it is getting to know what private key to use.

  37. Kerberos Across Realm Authentication • Across Domain • Authenticates a Principal • Shared “interrealm” key • Steps • User logs into realm 1 • AS in realm 1 sends TGT to user • Requests of realm 1 TGS the session ticket in Realm 2 • Realm 1 TGT sends client a “referral ticket” • User sends referral to TGS in Realm 2 • Realm 2 TGS sends session ticket for server in Realm 2 • Done!

  38. What is “Trust”? • You bring up the security panel on object. • You allow someone read/write/modify/etc access to object. • With trust you can allow someone/some-group in another DOMAIN to have access. the SID is permitted in the object’s ACE/ACL • End of story. • At DOMAIN controller I can turn on or off trust relationships (availability to see the domains in the security settings) with other DOMAINS. • …underneath is KERBEROS AND PKI!

  39. Break!

  40. Core Password Technology • One way hash into a code (e.g., MD5, SHA, crypt) • Hashes are good enough that nobody tries to crack them since it is probably not necessary • Even administrator cannot read the password • W2000 Permits decryptable passwords as an option! • Use a match on the code to give access • Dictionary Attacks are the way to go! • Administrator can get access independently • Guess of password can get access independently • Use a match on the code to authenticate you. • Guess of password can look like you

  41. Password Length • 1 character 4 0.1% • 2 characters 5 0.2% • 3 characters 66 2.0% • 4 characters 188 5.7% • 5 characters 317 9.5% • 6 characters 1160 34.7% • 7 characters 813 24.4% • 8 characters 780 23.4%

  42. Password Guessing Report

  43. Dan Klein Article • http://www.klein.com/dvk/publications/passwd.pdf • http://yuan.ecom.cmu.edu/security02/passwordsactual.htm

  44. www.authenticator.com • Shows Good Passwords • Random Generation • Password Changing Regimens • Problems • Impossible to remember • Best Login • Amazon : email and password • Problem : easy to impersonate

  45. Methods to keep track of passwords • anagrams “the flock of 7 geese flew 3 miles” tfo7Gf3m” • cycles : if it was, then now it should be … • download software that does password management – some examples • http://www.ijen.net/passman.htm • http://www.execpc.com/~sbd/PassKeep.html • http://www.keyscreen.com/KeyScreen(s)4/passpls.htm • http://www.m-tech.ab.ca/index.html

  46. Win 2000 • Remote administration is very strong • If you an crack it (using older versions of Windows, Unix, Macs on the Network), you may gain access to the strong system • Result, you can suck the blood out without getting caught (e.g., you can completely encrypt data on the disk that only you can see!). • Problem: Passwords can be guessed • Problem: In RAM things are NOT PROTECTED! This is for Windows 2004.

  47. WS 9. Configuring Win NT Web Server • Know how to set one up (what to expect from IIS) • Windows 2000 is IIS 5 • Security Scanner http://security1.norton.com

  48. IIS • Microsoft Internet Information Server • Like Apache and all others Has Own Layer of Authorization and Authentication • Apache is completely separate (see .htaccess) • IIS is/can be completely integrated into the Domain • Including trust among domains • Front Page • Yet another access/authorization layer permitting authoring but no other access in domain • Careful! FP uses “.htaccess” type files peppered around the active directory giving FP access (not integrated into the ACLS!) • DO NOT APPLY GLOBAL ACCESS CHANGES ON FP DIRECTORIES WITHOUT USING FP! (You may need a special FP administration tool to re-set all the access controls).

  49. IIS • Standard HTTP Server • Can basically behave exactly like one that utilizes all the features of HTTP and related protocols (e.g., SSL, CGI, virtual hosting). • Very easy to manage (right click and look). • Since users/groups in and between domains are the same as in Active Directory, use “security” (not sharing) to set up Web Access. • Creating the user “WebServer” for the web server (p. 230 Stein) is probably still good. Note this is the creator-owner of the server and has to have local login rights.

  50. Access Rights Don’t make yourself a web author and web master – you’ll wind up being a web author!

More Related