1 / 134

Internet & Web Security

Internet & Web Security. References & Resources. Lincoln Stein, Web Security: A Step-by-Step Reference Guide Larry J. Hughes, Jr., Internet Security Techniques. What is web security?. Three parts of web security Three points of view Risks. Three components of web security. Browser Server

ellema
Télécharger la présentation

Internet & Web Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internet & Web Security

  2. References & Resources • Lincoln Stein, Web Security: A Step-by-Step Reference Guide • Larry J. Hughes, Jr., Internet Security Techniques

  3. What is web security? • Three parts of web security • Three points of view • Risks

  4. Three components of web security • Browser • Server • Connection between the two (I.e., the Internet!)

  5. Three points of view • User’s • Webmaster’s • Both parties’

  6. User’s point of view • Remote server’s ownership known and true • No viruses or other damaging documents / sw • Remote server respects user’s privacy • Doesn’t obtain / record / distribute private info

  7. Webmaster’s point of view • User won’t try to break in / alter contents • User won’t try to gain access to documents s/he’s not privy to • User won’t try to crash the server • User’s ID (if provided!) is true

  8. Both parties’ point of view • Network connection free of eavesdropping • Info between browser and server delivered intact, free from tampering

  9. Three (interdependent) parts • Document confidentiality • Client-side security • Server-side security

  10. Document confidentiality • Protect private information from • Eavesdropping • Fraudulent identities • Mostly via cryptography

  11. Client-side security • Protect user’s privacy and system’s integrity • Virus protection • Limit amount of info browser transmits (without user’s consent) • Protect organizations confidential information / network integrity • From Web browsing activities

  12. Server-side security • Protect server from • Break-ins • Site vandalism • Denial-of-service attacks • Mostly firewalls and OS security measures

  13. Risks • Risks that affect both client and server • Risks to the end user • Risks to the web site

  14. Risks that affect both client and server • Eavesdropping • “Packet sniffers” (more …) • Fraud

  15. Network snooping (sniffing) ... • Abuse of network debugging tools ... • Network interface into promiscuous mode ... • Solution: encrypt

  16. Abuse of network debugging tools ... • E.g., Network General's Expert Sniffer • etherfind (SunOS) • tcpdump (free on Internet) • Sniffer FAQ • comp.security, news.answers • ftp://ftp.iss.net/pub/faq/sniff • http://www.iss.net/iss/sniff.html

  17. Network interface into promiscuous mode ... • Report all packets to sniffer • Display / record • Analyze • Remote also possible

  18. Fraud • Authenticate • Individuals, organizations • Transactions • Documents • Solution: digital signatures, certification authorities

  19. Risks to the end user • Active content • Privacy infringement

  20. Active content • Browsers download and run SW without notice • Java applets • ActiveX controls • Plug-ins • Helper app’s • JavaScript • Malicious (not many) / buggy (???)

  21. Privacy infringement • Site-collected data on visitors • Server log (time, date, IP addr., document, referrer URL) • Proxy servers log (every site visited) • Cookies • User-provided data • Solutions: e.g., “stealth browser”

  22. Risks to the web site • Webjacking • Server and LAN break-ins • Denial-of-service attacks

  23. Webjacking • Break in & modify contents • Happens(ed) a lot • How? • Exploit holes in • OS, Web server, buggy SW • CGI scripts

  24. Server and LAN break-ins • Various attacks at different protocol layers (OSI, more …) • Defense: firewall

  25. Denial-of-service attacks • Cause server to crash / hang / “crawl” • OS, server, CGI scripts, Web site services • No real defenses • Place limits on resources used by server / other sw • Close known holes

  26. Part I: Document confidentiality • Basic cryptography • SSL, SET, and Digital Payment Systems

  27. Basic cryptography • How cryptography works • Symmetric cryptography • Public key cryptography • Online Resources • Printed Resources

  28. How cryptography works • Plaintext • Ciphertext • Cryptographic algorithm • Key Decryption Key Algorithm Plaintext Ciphertext Encryption

  29. Simple cryptosystem ... • Caesar Cipher • Simple substitution cipher • ROT-13 • half alphabet ==> 2 x ==> plaintext

  30. Keys cryptosystems … • keys and keyspace ... • secret-key and public-key ... • key management ... • strength of key systems ...

  31. Keys and keyspace … • ROT: key is N • Brute force: 25 values of N • IDEA in PGP: 2128 numeric keys • 1 billion keys / sec ==> >10,781,000,000,000,000,000,000 years

  32. Key Decryption Plaintext Ciphertext Plaintext Encryption Sender Recipient Symmetric cryptography • DES • Triple DES, DESX, GDES, RDES • RC2, RC4, RC5 • IDEA • Blowfish

  33. DES • Data Encryption Standard • US NIST (‘70s) • 56-bit key • Good then • Not enough now (cracked June 1997) • Discrete blocks of 64 bits • Often w/ CBC (cipherblock chaining) • Each blocks encr. depends on contents of previous

  34. Triple DES, DESX, GDES, RDES • Variants on DES: decrease risk of brute-force guessing • Triple-DES • 1. W/ Key 1 • 2. W/ Key 2 • 3. W/ Key 1 • ==> Effective key length ~168 bits

  35. RC2, RC4, RC5 • Proprietary (RSA Data Security, Inc.) • Variable length keys(up to 2,048 bits) • Outside US: 40-bit versions of RC2 & RC4 • ==> Web browsers & servers

  36. IDEA • Int’l Data Encryption Algorithm • Patented (AscomTech AG) • Popular in Europe • 128-bit key ==> more secure than DES • (One of) at heart of PGP • (Other is RSA)

  37. Blowfish • Unpatented (Bruce Schneier) • In many commercial & freeware • Var-length key (up to 448 bits)

  38. Symmetric not fit for Internet • Spontaneous comm ==> can’t exchange keys • Multiway comm ==> key secrecy compromised

  39. Public key cryptography • Two-in-one • Cryptography • Digital signatures

  40. Key Key Decryption Recipient’s secret key Recipient’s public key Encryption Public key cryptography • Asymmetric Plaintext Ciphertext Plaintext Recipient Senders

  41. Key Key Decryption Sender’s public key Sender’s secret key Recipient Sender Encryption Digital signatures • But, problem ... Authenticated Plaintext Plaintext Digital signature y =?

  42. Key Recipient’s secret key Key Key Key Sender’s public key Recipient’s public key Recipient Sender Sender’s secret key Combining cryptography and digital signature Signature text Message text Authenticated Message y =? Digital signature Ciphertext

  43. Problem ... • Can cut & paste from older • Solutions • A --> B: random “challenge” phrase • B --> A: sign w/ secret key, return • A: decrypts w/ B’s public key, compare to original • Or, message digest functions

  44. Message digest functions & message integrity • One-way hashes • Digital fingerprint for original message • Sender ... • Recipient

  45. Sender • 1. Run message through digest function • 2. Sign hash with secret key • 3. Send signed hash & original message to recipient

  46. Recipient • Decrypt hash w/ sender’s public key • Compare with result of running message through digest function • Match ==> verified integrity • In SSL (later): Message Authenticity Check (MAC) • MAC = digest(secret + digest(secret - message))

  47. Message digest functions • MD4 (Rivest, MIT) • 128-bit hashes • Weaknesses ==> • MD5 (Rivest) • Most widely used • SHA: Secure Hash Algorithm (NIST) • 160-bit hash

  48. Digital envelopes • Public key encryption SLOWER than symmetric ==> Hybrid • 1. Random secret key (“session key”; discard when done) • 2. Encrypt message w/ session key & symmetric alg. • Encrypt session key w/ recipient’s public key (==> “digital envelope”) • Send encrypted message + digital envelope

  49. Key Key Key Session key Session key Recipient’s secret key Key Recipient’s public key Recipient Sender Digital envelopes Message plaintext Message plaintext Ciphertext

  50. Certifying authorities & public key infrastructure • Large public-key database • ==> management? Trusted third party • Certifying authorities (CA)

More Related