Computer security R. Shipsey CO3326 2009 Undergraduate study in Computing and related programmes This is an extract from a subject guide for an undergraduate course offered as part of the University of London International Programmes in Computing. Materials for these programmes are developed by academics at Goldsmiths. For more information, see: www.londoninternational.ac.uk This guide was prepared for the University of London International Programmes by: R. Shipsey This guide was produced by Sarah Rauchas, Department of Computing, Goldsmiths, University of London. This is one of a series of subject guides published by the University. We regret that due to pressure of work the author is unable to enter into any correspondence relating to, or arising from, the guide. If you have any comments on this subject guide, favourable or unfavourable, please use the form at the back of this guide. University of London International Programmes Publications Office 32 Russell Square London WC1B 5DN United Kingdom www.londoninternational.ac.uk Published by: University of London © University of London 2009 The University of London asserts copyright over all material in this subject guide except where otherwise indicated. All rights reserved. No part of this work may be reproduced in any form, or by any means, without permission in writing from the publisher. We make every effort to respect copyright. If you think we have inadvertently used your copyright material, please let us know. Contents Preface vii 1 Security 1 1.1 Introduction................................. 1 1.2 Whatissecurity? .............................. 1 1.2.1 Howisinformationsecuritydifferent? . 2 1.3 Featuresofasecuritysystem. 3 1.3.1 Confidentiality ........................... 4 1.3.2 Integrity............................... 4 1.3.3 Availability ............................. 4 1.3.4 Non-repudiation .......................... 4 1.3.5 Authentication ........................... 5 1.3.6 Accesscontrols ........................... 5 1.3.7 Accountability ........................... 5 1.4 Securityattacks............................... 5 1.5 Securitysystems .............................. 6 1.5.1 Riskanalysis ............................ 7 1.5.2 Designconsiderations . 7 1.6 Securitymodels............................... 8 1.7 Summary .................................. 8 1.8 Learningoutcomes ............................. 9 1.9 Sampleexaminationquestions . 9 2 Identification and authentication 11 2.1 Introduction................................. 11 2.2 User-namesandPasswords. 11 2.3 Threats ................................... 12 2.3.1 Passwordguessing ......................... 13 2.3.2 Numberofpasswords ....................... 14 2.3.3 Passwordspoofing ......................... 15 2.3.4 Userandsystemdefences . 17 2.4 Attackingthepasswordfile . 18 2.4.1 Cryptographicprotection . 18 2.4.2 Encryptingthepasswordfile. 19 2.4.3 Passwordsalting .......................... 20 2.4.4 One-timepasswords .. .. .. .. .. .. .. .. .. .. 20 2.4.5 Alternativemethodsforauthentication . 21 2.4.6 Authenticationfailure . 21 2.5 Summary .................................. 21 2.6 Learningoutcomes ............................. 21 2.7 Sampleexaminationquestions . 22 3 Access control 23 3.1 Introduction................................. 23 3.2 Accesscontrol................................ 23 3.2.1 Objectsandsubjects .. .. .. .. .. .. .. .. .. .. 24 3.2.2 Operationsandmodes . 24 i Computer security 3.2.3 Permissions ............................. 25 3.3 Stating and illustrating access control permissions . 25 3.3.1 Protectionringmodel . 25 3.3.2 Access control lists, matrices and graphs . 26 3.3.3 Ownershippolicy.......................... 27 3.4 Securitymodels............................... 29 3.4.1 TheBell-LaPadulamodel. 29 3.4.2 Unix – access control in practice . 31 3.5 Summary .................................. 33 3.6 Learningoutcomes ............................. 34 3.7 Sampleexaminationquestions . 34 4 Encryption 37 4.1 Introduction................................. 37 4.2 Thehistoryofencryption . .. .. .. .. .. .. .. .. .. .. 38 4.3 Perfectsecrecy–theone-timepad . 38 4.4 Substitutionciphers ............................ 40 4.4.1 Caesar’scipher ........................... 40 4.4.2 Randomsubstitutioncipher . 41 4.4.3 Improvingsecurity ......................... 43 4.4.4 Blocking............................... 43 4.5 Definitions.................................. 44 4.5.1 Typesofencryptionalgorithm . 45 4.6 Attackingacryptosystem. 45 4.6.1 Methodsofattack ......................... 46 4.7 Propertiesofagoodcryptosystem. 47 4.8 Summary .................................. 48 4.9 Learningoutcomes ............................. 48 4.10 Sample examination questions . 48 5 Symmetric key cryptosystems 49 5.1 Introduction................................. 49 5.1.1 Symmetrickeycryptosystems . 50 5.2 Blockciphersandstreamciphers . 50 5.2.1 Streamciphers ........................... 50 5.2.2 Blockciphers ............................ 52 5.2.3 Blockciphermodes......................... 53 5.3 DESandTripleDES............................. 54 5.3.1 TripleDES.............................. 55 5.4 AdvancedEncryptionStandard(AES) . 57 5.5 Rijndael ................................... 57 5.5.1 Some other symmetric cryptosystems . 58 5.6 Summary .................................. 60 5.7 Learningoutcomes ............................. 60 5.8 Sampleexaminationquestions . 60 6 Hash functions 63 6.1 Introduction................................. 63 6.2 Hashfunctions ............................... 63 6.2.1 Properties of a cryptographically strong hash function . 64 6.2.2 Hash functions as one-way functions . 64 6.3 TheSecureHashAlgorithm(SHA) . 65 6.3.1 SHA-512 .............................. 66 6.4 Summary .................................. 68 6.5 Learningoutcomes ............................. 68 ii 6.6 Sampleexaminationquestions . 68 7 Asymmetric cryptosystems 71 7.1 Introduction................................. 71 7.2 Publickeycryptosystems. 71 7.3 Digitalsignatures.............................. 73 7.3.1 Using hash functions in digital signatures . 73 7.4 Modulararithmetic............................. 74 7.4.1 Exponentiation ........................... 76 7.4.2 Fastalgorithmforexponentiation . 77 7.4.3 Fast algorithm for modular exponentiation . 77 7.4.4 Modularinverses .......................... 78 7.4.5 Euclid’salgorithm ......................... 79 7.5 Computationalcomplexity. 82 7.5.1 Computational complexity of basic algorithms . 82 7.5.2 Complexityofthealgorithmforexponentiation . 83 7.6 Summary .................................. 84 7.7 Learningoutcomes ............................. 84 7.8 Sampleexaminationquestions . 85 8 RSA 87 8.1 Introduction................................. 87 8.2 Thefactorisationproblem . 87 8.2.1 Primenumbers ........................... 87 8.2.2 Factorisation ............................ 88 8.2.3 Fermat’sLittleTheorem . 89 8.2.4 UsingFermat’sLittleTheoremtosolveaproblem . 89 8.2.5 Mathematical summary . 91 8.3 RSA ..................................... 91 8.3.1 RSA–keygeneration . .. .. .. .. .. .. .. .. .. 91 8.3.2 RSA–encryption.......................... 92 8.3.3 RSA–decryption.......................... 92 8.3.4 RSA–anexample ......................... 92 8.4 Summary .................................. 93 8.5 Learningoutcomes ............................. 93 8.6 Sampleexaminationquestions . 94 9 El Gamal 95 9.1 Introduction................................. 95 9.2 Thediscretelogarithmproblem . 95 9.2.1 Finding a generator g ....................... 96 9.3 TheDiffie-Hellmankeyexchangeprotocol . 96 9.3.1 Diffie-Hellman and the man-in-the-middle attack . 98 9.4 ElGamal................................... 99 9.4.1 ElGamal–keygeneration. 99 9.4.2 ElGamal–encryption . 100 9.4.3 ElGamal–decryption . 100 9.4.4 ElGamal–anexample. 101 9.5 ComparisonofRSAandElGamal . 101 9.6 Summary .................................. 103 9.7 Learningoutcomes ............................. 103 9.8 Sample examination questions . 103 10 Key management 105 10.1Introduction................................. 105 iii Computer security 10.2Keymanagement .............................. 105 10.2.1Numberofkeys........................... 106 10.2.2 Symmetric key management issues . 107 10.3Keyexchangeprotocols . 108 10.3.1 Using asymmetric keys to exchange symmetric keys . 108 10.3.2 Needham-Schroederprotocol . 109 10.4Trustingpublickeys . 110 10.4.1Certificates ............................. 111 10.4.2Weboftrust............................. 111 10.5Keyescrow ................................. 114 10.5.1 2 of 2 keyescrowprotocol . 115 10.5.2 n of n keyescrowprotocol. 115 10.5.3 2 of 3 keyescrowprotocol . 116 10.6Summary .................................. 118 10.7Learningoutcomes .. .. .. .. .. .. .. .. .. .. .. .. 119 10.8 Sample examination questions . 120 11 PGP and other Internet protocols 121 11.1Introduction................................. 121 11.2SecurityforElectronicMail . 121 11.3PGP ..................................... 122 11.3.1PGPauthentication. 122 11.3.2PGPconfidentiality . 123 11.3.3PGPcompression . 124 11.3.4E-mailcompatibility . 125 11.3.5PGPkeyissues ........................... 127 11.4TLSandSSL................................. 127 11.5SSH ..................................... 128 11.6Summary .................................. 128 11.7Learningoutcomes .. .. .. .. .. .. .. .. .. .. .. .. 128 11.8 Sample examination questions . 129 A Sample examination paper 131 B Solutions 137 B.1 Subject guide activity solutions . 137 B.1.1 Chapter1 .............................