DOCSLIB.ORG

SSL/TLS) © Artech © Artech House (2016) ISBN

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
SSL/TLS) © Artech © Artech House (2016) ISBN Department of Informatics Lecture MINF4221: IT Security FS 2021 / Course No. 3089 Prof. Dr. Rolf Oppliger Version: 8.3.2021 Department of Informatics Lecturer − University of Zurich (adjunct professor) − eSECURITY Technologies Rolf Oppliger (founder and owner) − Swiss National Cyber Security Centre NCSC (scientific employee) − Artech House (author and series editor for information security and privacy) → rolf-oppliger.ch or rolf-oppliger.com FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 2 Department of Informatics Terms of Use This work is published with a Creative Commons Attribution No Derivatives (CC BY-ND) 4.0 license → http://creativecommons.org/licenses/by-nd/4.0/ No Derivative Work Attribution Creative Commons (version 4.0) FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 3 Department of Informatics Schedule – February 22, 2021 (~ slides 1 – 61) – March 8, 2021 (~ slides 62 – 107) – March 22, 2021 (~ slides 108 – 156) – March 29, 2021 (~ slides 157 – 208) The lectures are recorded in MS Teams and the – April 26, 2021 (~ slides 209 – 246) recordings are made available for later use. – May 10, 2021 (~ slides 247 – 299) If you want to ask questions without being recorded, – May 17, 2021 (~ slides 300 – 341) then you can either use the chat function or ask the – May 31, 2021 (reserve) question off-the-record (e.g., using phone or e-mail). – June 21, 2021 (exam) FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 4 Department of Informatics Recommended Reading – Matt Bishop, Computer Security: Art and Science, 2nd Edition, ISBN 9780321712332, Addison-Wesley Professional, 2019 – Matt Bishop, Introduction to Computer Security, ISBN 9780321247445, Addison- Wesley Professional, 2004 – Charles P. Pfleeger and Shari L. Pfleeger, Security in Computing, 5th Edition, ISBN 9780134085043, Prentice Hall, 2015 – Charles P. Pfleeger and Shari L. Pfleeger, Analyzing Computer Security: A Threat / Vulnerability / Countermeasure Approach, ISBN 9780132789462, Prentice Hall, 2012 – William Stallings and Lawrie Brown, Computer Security: Principles and Practice, 4th Edition, ISBN 9780134794105, Pearson, 2017 Specific topics → Artech House’s book series on information security and privacy FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 5 Department of Informatics Table of Contents Challenge me ! 1. Introduction [~ 10%] 2. Computer Security [~ 25%] 3. Communication Security [~ 25%] 4. Operational Environments and Applications [~ 25%] 5. Privacy and Data Protection [~ 10%] 6. Conclusions and Outlook [~ 5%] – The lecture mandates a self-study of the cryprographic fundamentals based on two chapters of a draft version of an upcoming book entitled «Cryptography 101: From Theory to Practice» – Questions can be asked during the lecture – Presentation of partiular cryptosystems (e.g., AES, RSA, DH, … ) is optional and available on request – Collective and individual execises are marked with a blue blackground FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 6 Department of Informatics Cryptography is everywhere FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 7 Department of Informatics Operation schedule of cryptography – Make precise statements about a practical (security) problem, e.g., protect the confidentiality of a message → definitions and assumptions – Propose solutions (i.e., algorithms or protocols) that solve the problem under the given assumptions – Prove the security of these solutions → proofs Cryptosystem Keyless Secret Key (symmetric) Public Key (asymmetric) • Random generators • Pseudorandom generators (e.g., key derivation) • Key exchange • Random functions • Pseudorandom functions • Asymmetric encryption • One-way functions • Symmetric encryption • Digital signatures • Cryptographic hash functions • Message authentication • Cryptographic protocols • Authentic encryption FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 8 Department of Informatics Limitations of cryptography – An implementation of a theoretically secure cryptosystem need not be secure in practice – Mind experiment / puzzle (due to Artur Ekert) → page 14, mind experiment 2 – Two rooms – One with 3 light switches and the other with 3 light bulbs – The wiring of the light switches and bulbs is unknown – The adversary has to find out the wiring, but he or she can enter each room only once A B C 1 2 3 – Theorist (e.g., mathematician): (Provably) impossible to solve (even for n>2 room entries and n+1 switches/bulbs) – Prcatitioner (e.g., physician): Permanently light on one bulb, light on another bulb for some time → the second one can be identified due to its heat – Beware of side channels and new ways of solving problems and breaking systems FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 9 Department of Informatics Quotes … (still related to cryptography) Necessity is the mother of invention, and computer networks are the mother of modern cryptography - Ronald L. Rivest (1997*) * In: CRYPTOGRAPHY AS DUCT TAPE → http://people.csail.mit.edu/rivest/Ducttape.txt Any sufficiently advanced technology is indistinguishable from magic - Arthur C. Clarke (1917 - 2008) James L. Massey, 2001 Dieter Gollmann, 2011 Cryptography – Science Cryptography – Magic, Science, or or Magic? Science Fiction? FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 10 Department of Informatics 1. Introduction 1.1 Terminology 1.2 Problem Statement 1.3 Security Metrics 1.4 Security Process 1.5 Security Principles 1.6 Standards and Best Practices FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 11 Department of Informatics Collective Exercise – Who has experienced a cyber attack? – Who remembers a cyber attack (from the media)? Alcoholics Anonymous FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 12 Department of Informatics Introduction 1.1 Terminology – The term security is hard to define → unanymously agreed definition – It is a state in which one experiences no (relevant) threat or security breach – It is neither possible to enumarate all possible (relevant) threats nor to verify their nonexistence → security can not be attested objectively or measured in a meaningful way – Instead, the notion of security is highly subjective Perceived security – What is «secure» or «insecure» depends on the per- son and his or her willingness to take risks – This may be perceived differently by different people – Characteristic function for the (subjective) perception of security (in approximated form) – Also, the notion of security is situational and always Time depends on many factors and circumstances 1st event 2nd event FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 13 Department of Informatics Introduction Terminology – In the English language, there are two related (complementary) terms – Safety refers to protection against unintended incidents → availlability, reliability, and stability – Security refers to protection against intended incidents and attacks → lack of security breaches – In the German language, the terms «Verlässlichkeit» or «Resilienz» («Widerstandsfähigkeit») are sometimes used to refer to safety and security – Information is a fourth production factor (in addition to ground, Information capital, and work) – As we are moving from an industrialized information society, infor- Work mation technology (IT) is getting more and more important – This also applies to IT security and the need to protect IT resources Ground against incidents and attacks Capital FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 14 Department of Informatics Introduction Terminology – IT security mainly focuses on the secure storage, processing, and transmission of data that encodes information in one way or another – Security goals – Availability – Confidentiality / secrecy – Integrity – Authenticity – Nonrepudiation / transparency – Accountability / traceability (CIA) – Anonymity – Pseudonymity – ... FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 15 Department of Informatics Introduction Threats Terminology – The following terms are important to meaningfully argue about (IT) security – Threat Vulnerability or – Vulnerability / weakness weakness – Countermeasure – Security breach Layers of defense (~ countermeasures) – The Swiss cheese model (attributed to James Reason) can be used to explain the terms and Security breach put them into perspective FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 16 Department of Informatics Individual Exercise – Take a real-world situation of your choice (e.g., a house, a stay in a foreign city, … ) and use the Swiss cheese model to discuss the relevant – Threats – Vulnerabilities – Countermeasures – Possible security breaches FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 17 Department of Informatics Introduction 1.2 Problem Statement – Key question in IT security How can one protect a computer system and its resources (mainly data) against attacks from the inside or outside? – Due to the asymmetric workload, it is possible and very likely that many attacks are mounted and that some of them are successful – There are many possibilities to attack a computer system (e.g., DDoS) – Direct attacks can sometimes be mitigated using technical means and countermeasures – Indirect attacks are simple to mount but difficult to mitigate → tend to be very powerful (e.g., social engineering attacks) FS 2021 IT Security (MINF4221), Prof. Dr. Rolf Oppliger Slide 18 Department of Informatics
Load more

Recommended publications
  • Libressl Presentatie2
    Birth of LibreSSL and its current status Frank Timmers Consutant, Snow B.V. Background What is LibreSSL • A fork of OpenSSL 1.0.1g • Being worked on extensively by a number of OpenBSD developers What is OpenSSL • OpenSSL is an open source SSL/TLS crypto library • Currently the de facto standard for many servers and clients • Used for securing http, smtp, imap and many others Alternatives • Netscape Security Services (NSS) • BoringSSL • GnuTLS What is Heartbleed • Heartbleed was a bug leaking of private data (keys) from both client and server • At this moment known as “the worst bug ever” • Heartbeat code for DTLS over UDP • So why was this also included in the TCP code? • Not the reason to create a fork Why did this happen • Nobody looked • Or at least didn’t admit they looked Why did nobody look • The code is horrible • Those who did look, quickly looked away and hoped upstream could deal with it Why was the code so horrible • Buggy re-implementations of standard libc functions like random() and malloc() • Forces all platforms to use these buggy implementations • Nested #ifdef, #ifndefs (up to 17 layers deep) through out the code • Written in “OpenSSL C”, basically their own dialect • Everything on by default Why was it so horrible? crypto_malloc • Never frees memory (Tools like Valgrind, Coverity can’t spot bugs) • Used LIFO recycling (Use after free?) • Included debug malloc by default, logging private data • Included the ability to replace malloc/free at runtime #ifdef trees • #ifdef, #elif, #else trees up to 17 layers deep • Throughout the complete source • Some of which could never be reached • Hard to see what is or not compiled in 1.
    [Show full text]
  • Low-Cost Traffic Analysis Of
    Low-Cost Traffic Analysis of Tor Steven J. Murdoch and George Danezis University of Cambridge, Computer Laboratory 15 JJ Thomson Avenue, Cambridge CB3 0FD United Kingdom {Steven.Murdoch,George.Danezis}@cl.cam.ac.uk Abstract Other systems, based on the idea of a mix, were de- veloped to carry low latency traffic. ISDN mixes [33] Tor is the second generation Onion Router, supporting propose a design that allows phone conversations to be the anonymous transport of TCP streams over the Inter- anonymised, and web-mixes [6] follow the same design pat- net. Its low latency makes it very suitable for common terns to anonymise web traffic. A service based on these tasks, such as web browsing, but insecure against traffic- ideas, the Java Anon Proxy (JAP)1 has been implemented analysis attacks by a global passive adversary. We present and is running at the University of Dresden. These ap- new traffic-analysis techniques that allow adversaries with proaches work in a synchronous fashion, which is not well only a partial view of the network to infer which nodes are adapted for the asynchronous nature of widely deployed being used to relay the anonymous streams and therefore TCP/IP networks [8]. greatly reduce the anonymity provided by Tor. Furthermore, The Onion Routing project has been working on stream- we show that otherwise unrelated streams can be linked level, low-latency, high-bandwidth anonymous communi- back to the same initiator. Our attack is feasible for the cations [35]. Their latest design and implementation, adversary anticipated by the Tor designers. Our theoreti- Tor [18], has many attractive features, including forward se- cal attacks are backed up by experiments performed on the curity and support for anonymous servers.
    [Show full text]
  • Technical Report RHUL–ISG–2019–1 27 March 2019
    20 years of Bleichenbacher attacks Gage Boyle Technical Report RHUL–ISG–2019–1 27 March 2019 Information Security Group Royal Holloway University of London Egham, Surrey, TW20 0EX United Kingdom Student Number: 100866673 Gage, Boyle 20 Years of Bleichenbacher Attacks Supervisor: Kenny Paterson Submitted as part of the requirements for the award of the MSc in Information Security at Royal Holloway, University of London. I declare that this assignment is all my own work and that I have acknowledged all quotations from published or unpublished work of other people. I also declare that I have read the statements on plagiarism in Section 1 of the Regulations Governing Examination and Assessment Offences, and in accordance with these regulations I submit this project report as my own work. Signature: Date: Acknowledgements I would first like to thank my project supervisor, Kenny Paterson. This project would not have been possible without his continuous encouragement to push the boundaries of my knowledge, and I am grateful for the commitment and expertise that he has provided throughout. Secondly, I would like to thank Nimrod Aviram for his invaluable advice, particularly with respect to algorithm implementation and understanding the finer details of this project. Further thanks should go to Raja Naeem Akram, Oliver Kunz and David Morrison for taking the time to teach me Python and how to run my source code on an Ubuntu server. I am grateful for the time that David Stranack, Thomas Bingham and James Boyle have spent proof reading this project, and for the continuous support from my part- ner, Lisa Moxham.
    [Show full text]
  • TLS Deep Dive
    12/9/17 TLS Deep Dive Website Security & More Joe Pranevich December 5, 2017 Today’s Session – Overview of TLS – Connection Establishment – Testing Tools – Recent Security Issues 1 12/9/17 What is SSL/TLS? – Core internet protocols (IP, TCP, HTTP) were designed without default security – SSL was invented in 1995 by Netscape to support encryption of web traffic for ecommerce and other uses. – SSL/TLS sits above TCP. It can be used to encrypt many protocols, but mostly used for HTTP. – Over two decades, SSL has been improved (with vulnerabilities discovered in older versions). The name was changed to TLS in 1999. SSL & TLS Timeline Protocol Released Notes SSLv2 1995 Vulnerable, depreciated in 2011 SSLv3 1996 Vulnerable, depreciated in 2015 TLS 1.0 1999 At risk, no longer permitted by PCI TLS 1.1 2006 TLS 1.2 2008 TLS 1.3 TBD Internet Draft 2 12/9/17 But Wait, There’s More! – TLS supports dozens of different encryption methods, compression methods, hashing functions, and other details. – Clients and servers select from a menu of these options to negotiate the best security (more on that later) – Most of these options have their own security histories, some have been deprecated, etc. Key Concepts – Shared Key Cryptography (Symmertric) – Public/Private Key Cryptography (Asymmetric) – Hashing 3 12/9/17 Connection Establishment – TLS Handshake – Cipher negotiation – Certificate Validation – Device Compatibility TLS Handshake – Part One – Client sends a “hello” message saying that they want TLS. – It includes TLS version, ciphers it supports, and other details – Server sends a “hello” message back. – It selects the most secure matching TLS version and ciphers – Connection will fail if client and server cannot agree on protocols and ciphers 4 12/9/17 Client Devices Have Different Capabilities As Do Servers & Load Balancers 5 12/9/17 We Care About The Intersection Backwards Compatibility Warning! – Web browsers and operating systems get updated frequently; you can usually rely on web users having a recent TLS stack when they connect to you.
    [Show full text]
  • Copyrighted Material
    Stichwortverzeichnis A B Abstreitbarkeit 167 Bequemlichkeit 30 Adblocker 96 Bitcoin 110 – Adblock Plus 96 Blackberry 215 – Disconnect 96 Bookmarks siehe Favoriten – Ghostery 96 Browser 68, 75 – Privacy Badger 96 – Add-on 87, 90 – uBlock 97 – Apple Safari 77 Add-on – Cache 88 – Browser 87, 90 – Chromium 78 – E-Mail-Client 126 – Chronik 87 – Enigmail siehe Enigmail – Fingerprinting 85, 98 – GpgOL 137 – Google Chrome 77 – Mailvelope 130, 132 – HTML-Engine 80 – Thunderbird 139 – Hygiene 88 Adium 170 – Iceweasel 78 Advanced Programming Interface (API) 90, – Inkognito-Modus 86 182 – integrierte Suche 84 Android – Internet Explorer 77 – Android Privacy Guard (App) 156 – Konqueror 78 – K9 Mail (E-Mail-Client) 156 – Microsoft Edge 92 – OpenKeychain (App) 156 – Midori 78 – PGP 156 – Mosaic 68 – R2Mail2 (E-Mail-Client) 158 – Mozilla Firefox 68, 76 – S/MIME 156 – Netscape Navigator 68 Anonymität 206 COPYRIGHTED– Opera 77MATERIAL AOL Instant Messenger (AIM) 164 – Plug-in 87 Apple Mail – Prole (Identitäten) 87 – PGP 145 – Synchronisation von Einstellungen – S/MIME 155 86 Authentizierung 167, 169, 176, 179 – Web (Epiphany) 78 – Adium 172 Buffer Overow 82 – Multifaktor- 201 Bugs 82 – Pidgin 169 Bundesamt für Sicherheit in der Informations- Authentizität 29, 54, 56 technik (BSI) 215 233 Stichwortverzeichnis C – E-Mail-Adresse 119 Caesar-Chiffre 36 – Header 121 Certicate Authority siehe Zertizierungsstelle – Provider 129, 131, 139 Chain of Trust siehe Web of Trust – Server 122 Chaos Computer Club (CCC) 133 Eingangsverschüsselung 125 Chat 161 Electronic
    [Show full text]
  • Arxiv:1911.09312V2 [Cs.CR] 12 Dec 2019
    Revisiting and Evaluating Software Side-channel Vulnerabilities and Countermeasures in Cryptographic Applications Tianwei Zhang Jun Jiang Yinqian Zhang Nanyang Technological University Two Sigma Investments, LP The Ohio State University [email protected] [email protected] [email protected] Abstract—We systematize software side-channel attacks with three questions: (1) What are the common and distinct a focus on vulnerabilities and countermeasures in the cryp- features of various vulnerabilities? (2) What are common tographic implementations. Particularly, we survey past re- mitigation strategies? (3) What is the status quo of cryp- search literature to categorize vulnerable implementations, tographic applications regarding side-channel vulnerabili- and identify common strategies to eliminate them. We then ties? Past work only surveyed attack techniques and media evaluate popular libraries and applications, quantitatively [20–31], without offering unified summaries for software measuring and comparing the vulnerability severity, re- vulnerabilities and countermeasures that are more useful. sponse time and coverage. Based on these characterizations This paper provides a comprehensive characterization and evaluations, we offer some insights for side-channel of side-channel vulnerabilities and countermeasures, as researchers, cryptographic software developers and users. well as evaluations of cryptographic applications related We hope our study can inspire the side-channel research to side-channel attacks. We present this study in three di- community to discover new vulnerabilities, and more im- rections. (1) Systematization of literature: we characterize portantly, to fortify applications against them. the vulnerabilities from past work with regard to the im- plementations; for each vulnerability, we describe the root cause and the technique required to launch a successful 1.
    [Show full text]
  • Crypto Projects That Might Not Suck
    Crypto Projects that Might not Suck Steve Weis PrivateCore ! http://bit.ly/CryptoMightNotSuck #CryptoMightNotSuck Today’s Talk ! • Goal was to learn about new projects and who is working on them. ! • Projects marked with ☢ are experimental or are relatively new. ! • Tried to cite project owners or main contributors; sorry for omissions. ! Methodology • Unscientific survey of projects from Twitter and mailing lists ! • Excluded closed source projects & crypto currencies ! • Stats: • 1300 pageviews on submission form • 110 total nominations • 89 unique nominations • 32 mentioned today The People’s Choice • Open Whisper Systems: https://whispersystems.org/ • Moxie Marlinspike (@moxie) & open source community • Acquired by Twitter 2011 ! • TextSecure: Encrypt your texts and chat messages for Android • OTP-like forward security & Axolotl key racheting by @trevp__ • https://github.com/whispersystems/textsecure/ • RedPhone: Secure calling app for Android • ZRTP for key agreement, SRTP for call encryption • https://github.com/whispersystems/redphone/ Honorable Mention • ☢ Networking and Crypto Library (NaCl): http://nacl.cr.yp.to/ • Easy to use, high speed XSalsa20, Poly1305, Curve25519, etc • No dynamic memory allocation or data-dependent branches • DJ Bernstein (@hashbreaker), Tanja Lange (@hyperelliptic), Peter Schwabe (@cryptojedi) ! • ☢ libsodium: https://github.com/jedisct1/libsodium • Portable, cross-compatible NaCL • OpenDNS & Frank Denis (@jedisct1) The Old Standbys • Gnu Privacy Guard (GPG): https://www.gnupg.org/ • OpenSSH: http://www.openssh.com/
    [Show full text]
  • Privacy As Security
    Privacy as Security Dr George Danezis Microsoft Research, Cambridge, UK. [email protected] Dr George Danezis Privacy as Security Key Thesis and Outline What is this talk about? I Explore the relations between notions of `privacy' and `traditional security'. I Key thesis: Privacy is better understood as security! How do we proceed? I Introduction to Privacy. I Revisiting security/privacy properties. Dr George Danezis Privacy as Security Scope Ground rules of this talk: I High-level: keep out the very technical details. Implementation issues, system specific, cryptography, statistics, standards. I Focus on technology and technology policy. There is also law, sociology, political science, and politics. I Look at privacy in the context of computer security Security properties, adversary models, security policies, . I A clear focus on the real world and its constraints. Dr George Danezis Privacy as Security Caricature of the debate: Security or Privacy \Privacy" important but. I . what about abuse and accountability? I . difficulties for Law Enforcement? I . copyright or libel? I (. what does a good, honest person has to hide anyway?) Established wisdom: I Need for a balance... I Control/limit dangerous technology (or research). I Result: Surveillance by design ! no privacy (often). Caricature conclusion: Security is most important! Dr George Danezis Privacy as Security Security and Privacy in Context A brief history of security, and where does privacy fit? I Early days (Pre-1970s): Security for the Government and Military. Focus on confidentiality properties. Some work on Tamper resistance, signal intelligence, . Keep secrets using computer security. I 70s to 90s: Commercial security and security for enterprises.
    [Show full text]
  • Opportunistic Keying As a Countermeasure to Pervasive Monitoring
    Opportunistic Keying as a Countermeasure to Pervasive Monitoring Stephen Kent BBN Technologies Abstract This document was prepared as part of the IETF response to concerns about “pervasive monitoring” (PM) [Farrell-pm]. It begins by exploring terminology that has been used in IETF standards (and in academic publications) to describe encryption and key management techniques, with a focus on authentication and anonymity. Based on this analysis, it propose a new term, “opportunistic keying” to describe a goal for IETF security protocols, in response to PM. It reviews key management mechanisms used in IETF security protocol standards, also with respect to these properties. The document explores possible impediments to and potential adverse effects associated with deployment and use of techniques that would increase the use of encryption, even when keys are distributed in an unauthenticated manner. 1. What’s in a Name (for Encryption)? Recent discussions in the IETF about pervasive monitoring (PM) have suggested a desire to increase use of encryption, even when the encrypted communication is unauthenticated. The term “opportunistic encryption” has been suggested as a term to describe key management techniques in which authenticated encryption is the preferred outcome, unauthenticated encryption is an acceptable fallback, and plaintext (unencrypted) communication is an undesirable (but perhaps necessary) result. This mode of operation differs from the options commonly offered by many IETF security protocols, in which authenticated, encrypted communication is the desired outcome, but plaintext communication is the fallback. The term opportunistic encryption (OE) was coined by Michael Richardson in “Opportunistic Encryption using the Internet Key Exchange (IKE)” an Informational RFC [RFC4322].
    [Show full text]
  • TLS Attacks & DNS Security
    IAIK TLS Attacks & DNS Security Information Security 2019 Johannes Feichtner [email protected] IAIK Outline TCP / IP Model ● Browser Issues Application SSLStrip Transport MITM Attack revisited Network Link layer ● PKI Attacks (Ethernet, WLAN, LTE…) Weaknesses HTTP TLS / SSL FLAME FTP DNS Telnet SSH ● Implementation Attacks ... ● Protocol Attacks ● DNS Security IAIK Review: TLS Services All applications running TLS are provided with three essential services Authentication HTTPS FTPS Verify identity of client and server SMTPS ... Data Integrity Detect message tampering and forgery, TLS e.g. malicious Man-in-the-middle TCP IP Encryption Ensure privacy of exchanged communication Note: Technically, not all services are required to be used Can raise risk for security issues! IAIK Review: TLS Handshake RFC 5246 = Establish parameters for cryptographically secure data channel Full handshake Client Server scenario! Optional: ClientHello 1 Only with ServerHello Client TLS! Certificate 2 ServerKeyExchange Certificate CertificateRequest ClientKeyExchange ServerHelloDone CertificateVerify 3 ChangeCipherSpec Finished ChangeCipherSpec 4 Finished Application Data Application Data IAIK Review: Certificates Source: http://goo.gl/4qYsPz ● Certificate Authority (CA) = Third party, trusted by both the subject (owner) of the certificate and the party (site) relying upon the certificate ● Browsers ship with set of > 130 trust stores (root CAs) IAIK Browser Issues Overview Focus: Relationship between TLS and HTTP Problem? ● Attacker wants to access encrypted data ● Browsers also have to deal with legacy websites Enforcing max. security level would „break“ connectivity to many sites Attack Vectors ● SSLStrip ● MITM Attack …and somehow related: Cookie Stealing due to absent „Secure“ flag… IAIK Review: ARP Poisoning How? Attacker a) Join WLAN, ● Sniff data start ARP Poisoning ● Manipulate data b) Create own AP ● Attack HTTPS connections E.g.
    [Show full text]
  • Software-Defined Networking: Improving Security for Enterprise and Home Networks
    Worcester Polytechnic Institute Digital WPI Doctoral Dissertations (All Dissertations, All Years) Electronic Theses and Dissertations 2017-04-24 Software-defined etN working: Improving Security for Enterprise and Home Networks Curtis Robin Taylor Worcester Polytechnic Institute Follow this and additional works at: https://digitalcommons.wpi.edu/etd-dissertations Repository Citation Taylor, C. R. (2017). Software-defined Networking: Improving Security for Enterprise and Home Networks. Retrieved from https://digitalcommons.wpi.edu/etd-dissertations/161 This dissertation is brought to you for free and open access by Digital WPI. It has been accepted for inclusion in Doctoral Dissertations (All Dissertations, All Years) by an authorized administrator of Digital WPI. For more information, please contact [email protected]. Software-defined Networking: Improving Security for Enterprise and Home Networks by Curtis R. Taylor A Dissertation Submitted to the Faculty of the WORCESTER POLYTECHNIC INSTITUTE In partial fulfillment of the requirements for the Degree of Doctor of Philosophy in Computer Science by May 2017 APPROVED: Professor Craig A. Shue, Dissertation Advisor Professor Craig E. Wills, Head of Department Professor Mark Claypool, Committee Member Professor Thomas Eisenbarth, Committee Member Doctor Nathanael Paul, External Committee Member Abstract In enterprise networks, all aspects of the network, such as placement of security devices and performance, must be carefully considered. Even with forethought, networks operators are ulti- mately unaware of intra-subnet traffic. The inability to monitor intra-subnet traffic leads to blind spots in the network where compromised hosts have unfettered access to the network for spreading and reconnaissance. While network security middleboxes help to address compromises, they are limited in only seeing a subset of all network traffic that traverses routed infrastructure, which is where middleboxes are frequently deployed.
    [Show full text]
  • Jane Hutt: Businesses That Have Received Welsh Government Grants During 2011/12
    Jane Hutt: Businesses that have received Welsh Government grants during 2011/12 1 STOP FINANCIAL SERVICES 100 PERCENT EFFECTIVE TRAINING 1MTB1 1ST CHOICE TRANSPORT LTD 2 WOODS 30 MINUTE WORKOUT LTD 3D HAIR AND BEAUTY LTD 4A GREENHOUSE COM LTD 4MAT TRAINING 4WARD DEVELOPMENT LTD 5 STAR AUTOS 5C SERVICES LTD 75 POINT 3 LTD A AND R ELECTRICAL WALES LTD A JEFFERY BUILDING CONTRACTOR A & B AIR SYSTEMS LTD A & N MEDIA FINANCE SERVICES LTD A A ELECTRICAL A A INTERNATIONAL LTD A AND E G JONES A AND E THERAPY A AND G SERVICES A AND P VEHICLE SERVICES A AND S MOTOR REPAIRS A AND T JONES A B CARDINAL PACKAGING LTD A BRADLEY & SONS A CUSHLEY HEATING SERVICES A CUT ABOVE A FOULKES & PARTNERS A GIDDINGS A H PLANT HIRE LTD A HARRIES BUILDING SERVICES LTD A HIER PLUMBING AND HEATING A I SUMNER A J ACCESS PLATFORMS LTD A J RENTALS LIMITED A J WALTERS AVIATION LTD A M EVANS A M GWYNNE A MCLAY AND COMPANY LIMITED A P HUGHES LANDSCAPING A P PATEL A PARRY CONSTRUCTION CO LTD A PLUS TRAINING & BUSINES SERVICES A R ELECTRICAL TRAINING CENTRE A R GIBSON PAINTING AND DEC SERVS A R T RHYMNEY LTD A S DISTRIBUTION SERVICES LTD A THOMAS A W JONES BUILDING CONTRACTORS A W RENEWABLES LTD A WILLIAMS A1 CARE SERVICES A1 CEILINGS A1 SAFE & SECURE A19 SKILLS A40 GARAGE A4E LTD AA & MG WOZENCRAFT AAA TRAINING CO LTD AABSOLUTELY LUSH HAIR STUDIO AB INTERNET LTD ABB LTD ABER GLAZIERS LTD ABERAVON ICC ABERDARE FORD ABERGAVENNY FINE FOODS LTD ABINGDON FLOORING LTD ABLE LIFTING GEAR SWANSEA LTD ABLE OFFICE FURNITURE LTD ABLEWORLD UK LTD ABM CATERING FOR LEISURE LTD ABOUT TRAINING
    [Show full text]