Conclusions In our increasingly connected world, security has become a mandatory feature. The threats are continuously growing. Hacking moved from a fun hobby activity of amateurs to a professional activity with strong financial incentives. A significant element of the security toolbox is awareness and knowledge. The ten laws and their associated rules are good starting points for educating, training and analyzing. These laws may be useful indicators of the soundness of a system or a service provider. They can be used as heuristics within a larger framework of risk man- agement. They may be used as discussion topics to create a common ground and to start building mutual trust with new partners. They may be used for educational purposes when introducing security. These rules may seem common sense. Security involves in most cases obeying common sense rules. Unfortunately, people have not imported common sense- based practices when migrating from the physical world to the digital world and embracing dematerialization. The only area of security that does not obey common sense is the interaction with users (for instance, through social engineering). Humans are predictably irrational [122]. The initial cautionary note of the introduction has to be repeated at the end of this book. Security is a complex problem. It does not fit well with a Manichean vision. Security is about equilibrium. Security is relative, never absolute. Thus, the rules must never be taken literally and considered as absolute rules. The reader will have to use his judgment when analyzing something through the prism of these ten laws. I urge the reader to never forget that security is an extremely complex task. Security systems and the development of secure solutions should be handled exclusively by well-trained security experts. As illustrated by the inserts “The Devil Is in the Detail,” it is far too easy to mess up the overall security with a small mistake or a minor detail in an implementation. Security is hard, and we cannot rely on amateurs. I will maintain some resources about these ten laws on the website https://eric- diehl.com/ten-laws/, such as a poster with the ten laws, and new examples. The reader may contact me at [email protected]. © Springer International Publishing Switzerland 2016 257 E. Diehl, Ten Laws for Security, DOI 10.1007/978-3-319-42641-9 Appendix A A Brief Introduction to Cryptography A.1 Symmetric Cryptography Symmetric cryptography is the oldest form of cryptosystem (Fig. A.1). Alice and Bob share the same key K. She applies to message m an algorithm E, called K c E m encryption, using the shared key . The result ciphertext is ¼ fgK ðÞ. To retrieve the clear text, Bob applies to message c an algorithmÀÁD, called K D c D E m m decryption, using the shared key i such that fgK ðÞ¼ fgK fgK ðÞ¼ . The most deployed symmetric cryptosystem is AES. The key length of 128 bits is considered secure. A.2 Asymmetric Cryptography In 1976, two researchers, Whitfield Diffie and Martin Hellman, in a famous seminal paper [204] built the foundations of a new type of cryptosystem: asymmetric cryptography (Fig. A.2). Here, Bob owns a pair of keys: the public key Kpub and the private key Kpri. Both keys are linked with a mathematical relationship. To securely Fig. A.1 Symmetric cryptography © Springer International Publishing Switzerland 2016 259 E. Diehl, Ten Laws for Security, DOI 10.1007/978-3-319-42641-9 260 Appendix A: A Brief Introduction to Cryptography Fig. A.2 Asymmetric cryptography send a message m to Bob, Alice obtains a copy of Bob’s public key Kpub. She applies to message m an algorithm E, called encryption, using Bob’s public key Kpub. The resulting ciphertext is c ¼ E K ðÞm . fgpub To retrieve the clear text, Bob applies to message c an algorithm D, called decryption, using his private key Kpri such that D K ðÞ¼c D K fgpri fgpri E K ðÞm ¼ m. fgpub The encryption and decryption algorithms are designed such that, at least in theory, without the knowledge of the private key Kpri, it would be infeasible for Eve to find m from c. More precisely, Eve does not find out any information about m except its length (except by breaking the underlying hard-to-solve mathematical problem). Therefore, it is paramount that Bob keeps his private key secret. However, Bob, as its name indicates, can safely distribute his public key to everybody, even to the malicious Eve. Asymmetric cryptography can provide both integrity and authentication. Bob wants to send a message m to Alice. He does not look for confidentiality, but he wants Alice to be sure that the message has originated from him (authentication) and that Charlie did not tamper with the message (integrity). For that purpose, Bob signs the message m. Bob applies to m a mathematical function called a signature using his private key Kpri. The result, r, called a signature, is r ¼ S K ðÞm .He fgpri sends m and r together to Alice. Alice verifies the signature using Bob’s public key Kpub. The signature r is valid if V K ðÞ¼r m, where V is an algorithm called fgpub Verification. In other words, the signature inverts the respective roles of the public and private keys. The main difference with MAC is that the signing entity and the verifying entity use different keys. In fact, most implemented signature schemes use an additional cryptographic hash function (Sect. A.3). Using the cryptographic hash function H, we obtain the new signature scheme r ¼ S K ðÞHmðÞ and the signature r is verified if fgpri Appendix A: A Brief Introduction to Cryptography 261 V K ðÞ¼r HmðÞ. Signing the hash of the message rather than the full message fgpub has several advantages such as a fixed length of signature, regardless of the size of signed data, and efficiency. Calculating the hash of a large dataset is faster than signing the same large dataset with asymmetric cryptography. The robustness of asymmetric cryptography relies on the difficulty of solving some difficult mathematical problems. Typical problems are the factorization of composite numbers made of two large prime numbers, or the difficulty of calcu- lating discrete logarithms in finite fields or on elliptic curves. Currently, the most widely used asymmetric cryptosystem is RSA. The name stems from the initials of its three inventors: Ron Rivest, Adi Shamir, and Leonard Adleman. RSA can be used for both encryption and signature. It was invented in 1977 [399] and is still considered secure. RSA Ltd. patented this algorithm. Since 2000, the algorithm is in the public domain; hence, it is not anymore protected by patents. It is currently estimated that RSA requires a key length of at least 2048 bits to be safe [52]. The security of a 2048-bit key of RSA is considered equivalent to the security of an 110-bit key for symmetric cryptography. In recent years, a new kind of asymmetric cryptosystem, Elliptic Curve Cryptosystems, has become mainstream. Here the size of the keys is smaller, and the footprint of the imple- mentation is smaller than RSA; 256-bit ECC keys are considered secure today. A.3 Hash Functions A cryptographic hash function, also sometimes called a one-way hash function, has the following characteristics: • The hash of any arbitrary size of data will always have a fixed size. • Changing any bit of the hashed data generates a very different hash result, e.g., it may change every bit of the hash with a probability of 0.5. • It is extremely difficult to find a message m such that its hash value is equal to an arbitrary value. • It is extremely difficult to find two messages m1 and m2 such that their respective hash values are equal. This property is called collision resistance. Currently, the most widely used hash function is SHA-1. However, in 2005, studies demonstrated that the robustness of SHA-1 was severely weakening [158, 400]. In October 2012, NIST selected KECCAK as the new SHA-3 [401] (Sect. 3.2.1). MD5 is another widely deployed hash function. MD5 hashes often serve as unique identifiers for torrents in P2P networks or file management. However, it was shown in 2004 that MD5 is not collision resistant. Appendix B Other Ten (or More) Laws of Security B.1 Microsoft Microsoft has published its ten laws of immutable security [219]. 1. If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore. 2. If a bad guy can alter the operating system on your computer, it’s not your computer anymore. 3. If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore. 4. If you allow a bad guy to upload programs to your website, it’s not your website anymore. 5. Weak passwords trump strong security. 6. A computer is only as secure as the administrator is trustworthy. 7. Encrypted data is only as secure as the decryption key. 8. An out-of-date virus scanner is only marginally better than no virus scanner at all. 9. Absolute anonymity is not practical, in real life or on the Web. 10. Technology is not a panacea. B.2 Building Secure Software In 2001, John Viega and Gary McGraw published a book describing how to build secure software [402]. They listed ten guidelines. 1. Secure the weakest link 2. Practice defense in depth 3. Fail securely 4. Follow the principle of least privilege 5. Compartmentalize 6. Keep it simple © Springer International Publishing Switzerland 2016 263 E.
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages23 Page
-
File Size-