Professional Documents
Culture Documents
Introduction 3 Authentication 4
Security measures must address both: The authentication problem involves determining if the identity
physical, and of a user is the person they say they are.
Passwords authenticate the user by having the user provide their Short passwords may be guessed by enumeration. System
id and password. If the password matches the one stored in the administrators will often place restrictions(such as a minimum
system then the system assumes that the user is legitimate. length, requiring upper and lower case characters, not being a
Passwords are extremely common as they are easy to use, dictionary word) on the kinds of passwords. This makes them
difficult to guess by enumeration. However, it also makes
understandable, and require no additional hardware.
passwords more difficult to remember!
However, passwords are vulnerable as it is difficult to keep a
password secret. Passwords can be compromised by: Some systems also age passwords forcing users to regularly
change their password.
being guessed,
accidentally exposed, or
illegally transferred.
It may be difficult to keep passwords secret on a system. Passwords may be obtained by shoulder surfing. This is when
Encryption is often used to keep passwords to address this someone looks over your shoulder to get you password.
problem. A function f is used that is simple to compute but
Also passwords are vulnerable to sniffing. This is when an
extremely difficult to invert(these are known as one way
intruder watches the data on the network as it is being
functions). Given a password w, rather than storing w on the
transfered.
system, an encrypted version f(w) may be stored. Whenever a
password is checked it is encrypted using f and checked against One approach to address these problems is one-time passwords,
f(w). Hence, knowing the value of f(w) does not help determine this is where a password is only used a single time. Hence, if an
w. intruder obtains a password it is of no value as a different
password is used in the next transaction.
Old versions of UNIX allowed encrypted passwords to be
public. One variation of one time passwords is to use a code book or
one-time pad. This approach uses a list of single-use passwords.
These are only used once and then crossed off the list.
One-time Passwords 9 One-time Passwords 10
Paired passwords may be used where the computer randomly Another approach is to use a function that combines a seed with
selects a challenge and the user must correctly respond. a secret.
This approach may be generalized to use an algorithm as a
password. Computer
Computer seed
User User
challenge : 22 seed
f(seed,secret) f(seed,secret)
response : 34 = ?? generated
password
Often users will execute programs written by other users. This Logic Bombs are sections of code embedded into legitimate
provides an opportunity for misuse which may undermine the program that are set to 'go off' when particular conditions are
security of the system. These types of threats are known as meet. These pre-date viruses.
program threats. The most common program threats are:
An example may be an employee may set the logic bomb to go
logic bombs, off if his ID is removed from the payroll.
Trojan horses, and
trap doors.
Trojan Horse 13 Trap Doors 14
A Trojan horse is a program that performs a hidden function in A trapdoor is a secret, undocumented entry point into a
addition to (or completely replacing) its stated and obvious program. This allows a predator to circumvent the security
function. measures. Trapdoors may have been used for debugging when
Two examples of Torjan horses are: the system was developed and never removed. However, they
may have also been intentionally placed in the program to
Replacing common utility programs (eg ls with your own provide away of undermining security of the system.
insidious version of ls)
A program that is identical to the user interface for logging in.
When a person 'logs in' the program can capture the victims
password.
Operating systems generally provide a mechanism for processes Worms are complete programs that reproduce themselves.
to spawn other processes. This feature may be misused. The two These processes will rapidly spread across the system
most common methods for achieving this are: significantly degrading the system performance.
worms, and An example of a worm is the program unleashed by Morris, a
viruses. first-year Cornell graduate student, on November 2, 1988.
worm
Viruses 17 Threat Monitoring 18
Viruses are fragments of code that embed them-self in The computer system may be examined or monitored for
legitimate programs. potential security problems. This is known as threat
Viruses are often spread by programs down-loaded from the monitoring.
Internet, emails, or by the exchange of disks. Some examples of threat monitoring include:
There are a variety of anti-virus programs that are available. checking if passwords are repeatedly entered incorrectly,
However, they are generally limited in that they can only check raid process creation while the user is not logged on,
for viruses that are currently known.
checking for easy to guess passwords,
unauthorized programs in system directories, and
changes to system programs or protection settings.
These threats may be flagged or addressed automatically.
Firewall 19 Encryption 20
For many organizations the Internet has become an Often the security of information can't be guaranteed either
indispensable resource. This introduces a security nightmare. A when it is stored or transferred. Encryption provides a way of
common solution to this problem is a firewall. Firewalls securing such information.
separate the organizations computers from the untrusted
Internet. Firewalls will limit the types of actions that computers encryption key decryption key
connecting in from the Internet may perform.
Firewall
Internet
demilitarized zone
(DMZ)
Encryption 21 DES 22
A symmetric key system uses the same key for both encryption plain text (64 bits)
and decryption.
In this case both keys must be kept secret. This approach suffers Initial Transposition
from the key distribution problem. Each iteration
Iteration 0
DES(Data Encryption Standard) is the most popular approach
key 56 bits
(1977 the National Bureau of Standards). Hardware Iteration 1
implementations exist which makes encryption and decryption Ki
fast. DES uses a 56 bit key and will encode 64 bit messages. F( , )
However, by 1999 hardware existed that could crack DES in a Iteration 15
few hours. So new DES variants exist that use larger keys.
Swap
Inverse Transposition
The problem with DES is how do you tell the person you are Alice Bob
sending information to the key. This is a classic catch 22
situation!
Diffie, Hellman and Merkle could see there was a way you
could solve this problem. They final came up with what is
known as the Diffie-Hellman-Merkle key exchange scheme.
(around 1976)
Eve
Alice Bob
Diffie-Hellman-Merkle key exchange 25 Encryption 26
Public Keys 27