Math4Security
Julio López Fenner Departamento Ciencias de Computación e Informática (DCI), Universidad de La Frontera, Temuco, Chile
February 1 - 5th, 2021 English Week 2021, IUT2, Université Grenoble Alpes, Grenoble, France Have I Been Powned?
Figure 1: Have I been p[assword]owned? https://haveibeenpwned.com/
1 Cyberattacks Worldwide
Figure 2: https://threatmap.checkpoint.com/
2 Do I really need Math 4 CyberSec?
Figure 3: https://startacybercareer.com/do-i-need-math-for-cyber-security/ 3 Outline
What is Security?
Math 4 Crypto Computational Number Theory & Algebra Probability & Statistics Elliptic Curves
Math 4 Attacks
Emerging Topic: IoT
4 What is Security? Shutdown or the most secure system
5
Figure 4: https://techlawforum.files.wordpress.com/2017/03/internet-shutdowns.jpg Security
6 Digital Footprints and social engineering
Figure 5: https://www.teachthought.com/the-future-of-learning/11-tips-for-students-tomanage-their-digital-footprints/ 7 Social Engineering: OSINT
Figure 6: https://www.pcwdld.com/osint-tools-and-software
8 OSINT
https://www.pcwdld.com/osint-tools-and-software • Recon-ng: A web reconnaissance and OSINT framework written in Python. It can automate the process of information-gathering by thoroughly and quickly exploring the open-source information on the web. • Shodan: Search engine for interconnected or IoT devices. It can also be used to monitor databases to see if they have data leaks on public sites, and it can even find hidden video game servers within corporate networks. • Maltego: Computer forensics, GHDB (Google Hacking Database), etc.
9 10 Steps for Cybersecurity
Figure 7: https://i.pinimg.com/originals/11/f9/ca/11f9caf74854ecba52b9d6067a7e6238.png 10 Information Security
Figure 8: https://www.techopedia.com/definition/10282/information-security-is 11 The Parkerian Hexad
Figure 9: https://i.pinimg.com/originals/11/f9/ca/11f9caf74854ecba52b9d6067a7e6238.png
12 The CIA Triad
13
Figure 10: https://i.pinimg.com/originals/11/f9/ca/11f9caf74854ecba52b9d6067a7e6238.png Parker 1998
Figure 11: https://i.pinimg.com/originals/11/f9/ca/11f9caf74854ecba52b9d6067a7e6238.png 14 Vulnerabilities of Computing Systems
Figure 12: https://books.google.co.in/books/about/Security_in_Computing.html?id=O3VB-zspJo4C
15 Find the X!
16 Figure 13: https://www.tshirtsandallstore.com/63-thickbox_default/why-do-we-need-math.jpg Responsive or Preemptive?
Figure 14: http://news.mit.edu/2016/ai-system-predicts-85-percent-cyber-attacks-using-input-human-experts-0418
17 Math for Cybersecurity
Entry level cyber security careers generally only require basic math concepts that are used in binary, cryptography or programming tasks, https://startacybercareer.com/do-i-need-math-for-cyber-security/
Contents
• Probability theory • Data Analysis & Statistics • Analysis of algorithms • Graph Theory • Complexity theory • Game Theory • Number theory • Visualization & String Analysis • Group theory • Linear Algebra
18 Math 4 Crypto Math 4 Crypto
Contents • Classical cryptographical constructions: Diffie Hellman Key exchange, discrete logarithm, RSA cryptosystems, digital signatures • Mathematical tools: primality testing, factorization algorithms, probability theory, information theory, collission algorithms • Innovations: Elliptic curves, latttice based cryptography, NTRU cryptosystems
19 The integers
20 Solving linear congruences
Divisibility Primality a divides b is a divisor of c is a Fundamental theorem of multiple of d is divisible by e with arithmetic: Every non-zero integer remainder r and integer division k. is a product of primes:
e1 e2 er b = k ·a+r, r ∈ {0, 1,... a−1}. n = ±p1 p2 ... pr .
The mod operator
a mod b := r ⇐⇒ a = q · b + r, 0 ≤ r < b
21 Solving linear congruences a · z = b mod n
22 Chinese remainder theorem
23 ∗ ∗ Residue Classes Zn and Euler’s phi function ϕ(n) := |Zn|
24 ∗ ∗ Residue Classes Zn and Euler’s phi function ϕ(n) := |Zn|
Zn = {[0], [1],... [n − 1]:[i] = i + nZ} the set of residue classes modulo n.
∗ −1 Zn = {α ∈ Zn : ∃α ⇐⇒ gcd(α, n) = 1}
the set of elements of Zn that have a multiplicative inverse.
n is prime n composite
∗ ∗ Zn = Zn \{[0]} Zn (Zn \{[0]}
25 Some properties of ϕ with primes
• ϕ(pe ) = pe − pe−1 = pe−1(p − 1)
e1 e2 er Qr • n = p1 · p2 ··· pr , then ϕ(n) = n i=1(1 − 1/pi ) ∗ ϕ(n) • Euler’s theorem: α ∈ Zn, then α = 1. p • Fermat’s little theorem: p prime, then for all α ∈ Zp: α = α. • Wilson’s theorem: p 6= 2 prime number: (p − 1)! = −1 mod p.
26 Long story short: What can we do with integers?
Caesar’s encryption or affine encryption
x 7→ x + k mod 26, k ∈ Z26 2 x 7→ a · x + b mod 26 k = (a, b) ∈ Z26
Block (stream) encryption Example: Blocks of 10 bits https://www.usna.edu/Users/cs/wcbrown/courses/S18SI335/notes/03/notes.html
27 Long story short: What can we do with integers?
Figure 15: https://cdn.ttgtmedia.com/rms/onlineImages/block_stream_cipher_01_mobile.jpg
28 RSA or Public Key
Figure 16: https://www.isites.info/PastConferences/ISITES2015/ISITES2015/papers/B7-ISITES2015ID28.pdf 29 RSA Key Gen
30 Kerkhoff’s principles
31 Secrecy of the Key not the Method!
Diffie-Hellman Key exchange
Figure 17: https://www.practicalnetworking.net/wp-content/uploads/2015/11/dh-revised.png 32 Other Applications
Signatures
Figure 18: https://www.tutorialspoint.com/cryptography/images/public_key_cryptography.jpg 33 Other Applications
Hash functions
Figure 19: http://i.stack.imgur.com/eCCob.png 34 Hash functions for Crypto
Figure 20: commons.wikimedia.com
35 Birthday Paradox
Figure 21: https://demonstrations.wolfram.com/BirthdayParadoxProbabilityEstimates/ 36 Salting the Hash
Figure 22: https://crackstation.net/hashing-security.htm
Needs Random Numbers (Cryptographically secure)
Figure 23: https://laughingsquid.com/cloudflare-wall-of-lava-lamps/
37 Elliptic curve cryptosystems (ECC)
ECC Procedure • Discovered 1985 by Miller & • y 2 = x 3 + ax + b Koblitz • Horizontal symmetry • Base upon logarithms in finite • Any vertical line intersect the fields curve at three points at most • Provides equivalent security as RSA with shorter Key lengths,
Figure 24: 38 https://www.allaboutcircuits.com/technical-articles/elliptic-curve-cryptography-in-embedded-systems/ The Diffie-Hellman Elliptic-Curve Key Exchange (DHEC)
• Alice and Bob first agree to use the same curve and a few other parameters, and then they pick a random point G on the curve. • Alice choose secret α, Bob choose secret β and each determine αG and βG which they interchange publicly. • The secret is S = α(βG) = β(αG)
Figure 25: https://www.allaboutcircuits.com/technical-articles/elliptic-curve-cryptography-in-embedded-systems/
39 DHEC
DHEC uses a publicly known equation with large coefficients and modulus, for example, curve1559, which might very well be securing your browser right now.
Figure 26: https://www.allaboutcircuits.com/technical-articles/elliptic-curve-cryptography-in-embedded-systems/
Elliptic-curve Diffie-Hellman allows microprocessors to securely determine a shared secret key while making it very difficult for a bad actor to determine that same shared key.
40 The NSA-Cryptography controversy of 2012
Figure 27: https://itsfoss.com/nsas-encryption-algorithm-in-linux-kernel-is-creating-unease-in-the-community/comment-page-5/
41 NSA Backdoors?
• Random number generators: The Dual-EC-DBRG generator was based on an elliptic curve cryptosystem, ... was proposed as a standard by NIST (with the technical support of NSA) in 2006, and became a U.S. standard (NIST Special Publication 800-90A) in 2007. • Parameters for Dual-EC were specified as certain constants with no explanation or justification for those numbers. • “Based on public concerns and an evaluation of the algorithm, NIST is proposing the removal of the Dual Elliptic Curve Deterministic
Random Bit Generator.” https://www.nist.gov/news-events/news/2015/06/
nist-revises-key-computer-security-publication-random-number-generation • ISO blocks NSA’s latest IoT encryption systems amid murky tales of backdoors and bullying. Experts complain of shoddy tech specs and personal attacks https://www.theregister.co.uk/2018/04/25/nsa_iot_encryption/
42 NSA 2020?
Figure 28: https://searchsecurity.techtarget.com/news/252476828/NSA-reports-flaw-in-Windows-cryptography-core
Affects: HTTPS connections, signed files and emails and signed executable code.
Figure 29: https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF 43 Splitting the bits: SMPC
Shamir’s secret sharing
Figure 30: https://en.wikipedia.org/wiki/Shamir’s_Secret_Sharing and https://image.cagle.com/195595/750/195595.png
44 Splitting the bits: SMPC
An example
Figure 31: https://en.wikipedia.org/wiki/Shamir’s_Secret_Sharing
45 SMPC
Figure 32: https://en.wikipedia.org/wiki/Secure_multi-party_computation
46 SMPC
Figure 33: https://www.reddit.com/r/instar/comments/8k6yir/secure_multiparty_computation_smpc_in_a_nutshell/
47 Millionnaire’s problem
Figure 34: https://www.reddit.com/r/instar/comments/8k6yir/secure_multiparty_computation_smpc_in_a_nutshell/
48 Protocols
• Zero knowledge proof’s: Prove to other parties that [something] is true without revealing anything about that [something] • (Shamir’s) (Threshold) Secret Sharing: A pre-configured amount of parties have to agree (threshold) to decrypt the answer before the answer can be decrypted. • Oblivious Transfer: Fragmented data is sent without revealing what and when part of the data is sent.
49 ZKP’s
50
Figure 35: https://101blockchains.com/zero-knowledge-proof/ ZKP’s (continued)
Figure 36: https://www.cryptologie.net/article/193/schnorrs-signature-and-non-interactive-protocols/
51 ZKP’s (continued)
Figure 37: https://www.cryptologie.net/article/193/schnorrs-signature-and-non-interactive-protocols/
52 Oblivious Transfer
Oblivious Transfer (OT): ”... a type of protocol in which a sender transfers one of potentially many pieces of information to a receiver, but remains oblivious as to what piece (if any) has been transferred. Claude Crépeau showed that Rabin’s oblivious transfer is equivalent to 1-2 oblivious transfer”. • https://www.semanticscholar.org/topic/ Oblivious-transfer/333513 • https://en.wikipedia.org/wiki/Oblivious_transfer https://crypto.stanford.edu/~dabo/courses/cs355_ spring14/syllabus.html • https://www.cis.upenn.edu/~nadiah/courses/ cis800-02-f13/hemenway-otsmc.pdf (No lo veremos ahora) • https://github.com/mayank0403/ Oblivious-Transfer-and-Zero-Knowledge-Proof 53 1-out of 2 OT
• Alice has two messages, m0, m11 and wants to send exactly one of them to Bob. Bob does not want Alice to know which one he receives. • Alice generates an RSA key pair, comprising the modulus N, the public exponent e and the private exponent d.
• She also generates two random values, x0, x1 and sends them to Bob along with her public modulus and exponent. • Bob picks b to be either 0 or 1, and selects either the first or second
xb.
54 1-out of 2 OT (Contd.)
• Bob generates a random value k and blinds xb by computing e v = (xb + k ) mod N, which he sends to Alice.
• Alice doesn’t know (and hopefully cannot determine) which of x0 and x1 Bob chose. She applies both of her random values and comes d up with two possible values for k:k0 = (v − x0) mod N and d k1 = (v − x1) mod N. One of these will be equal to k and can be correctly decrypted by Bob (but not Alice), while the other will produce a meaningless random value that does not reveal any information about k.
55 1-out of 2 OT (Contd...)
• She combines the two secret messages with each of the possible 0 0 keys, m0 = m0 + k0 and m1 = m1 + k1, and sends them both to Bob. • Bob knows which of the two messages can be unblinded with k, so 0 he is able to compute exactly one of the messages mb = mb − k.
56 Some Applications
Figure 38: https://www.reddit.com/r/instar/comments/8k6yir/secure_multiparty_computation_smpc_in_a_nutshell/
57 Math 4 Attacks Attacks = preemptive defense
Attack is the secret of defense; defense is the planning of an at- tack. Sun Tzu, The Art of War
58 Attacks
Stream Ciphers Lattice Based • Linear Feedback Shift Registers • Lattice Reduction (LSFR) Keystream Generators • Coppersmith small roots • Correlation attacks, Maximum Likelihood • Algebraic • Non linear FSR’s • Cube Attacks
59 Emerging Topic: IoT IoT
IoT: A world of interconnected smart devices
Figure 39: https://www.edureka.co/blog/iot-applications/
Smart: appliances (fridge, dishwasher, coffe machine...)/ home (Intruder detection, doors, lights, heating...)/ health (Pace counter, heart rate,
rfids...)/ Transportation (air taxis, train...) 60 But...
• Loss of Privacy/control • Subversion potential • Mistaken Id. • other
Figure 40: Smart Home Environment 61 Future of encryption
• homomorphic encryption • honey - e • functional - e • quantum key - e
https://www.nsf.gov/discoveries/disc_videos.jsp?org=NSF& cntn_id=136673&media_id=79594
62 Thank You
Figure 41: Gary Larson: The far side 63 Further info
• An interview with Prof. Damgard on SMPC https://video.itu.dk/video/20232796/ ivan-damgard-secure-multi-party-computation-1 • SMPC in a nutshell https://www.reddit.com/r/instar/comments/8k6yir/ secure_multiparty_computation_smpc_in_a_nutshell/ • Gary Larson’s The far side: https://www.theverge.com/2019/12/17/21026417/ the-far-side-gary-larson-comic-website-first-time and https://www.thefarside.com/ • An article on homomorphic encryption 2016: Homomorphic Encryption Algorithms for Securing Data against Untrusted Cloud, G. Somani, S. Garg, International Journal of Advanced Research in Computer and Communication Engineering ISO 3297:2007 Certified, Vol. 5, Issue 7, July 2016
64