Chapter 14b: Security II
Operating System Concepts Essentials – 2nd Edition
Silberschatz, Galvin and Gagne ©2013
Chapter 14: Security
 Cryptography as Security Tool
 User Authentication
 Implementing Security Defenses
 Firewalling to Protect Systems and Networks
Operating System Concepts Essentials – 2nd Edition
14.2
Silberschatz, Galvin and Gagne ©2013
Cryptography as a Security Tool
 Broadest security tool available

Internal to computer, source and destination of
messages known and protected
 OS
creates, manages, protects process IDs,
communication ports

Source and destination of messages on network
cannot be trusted without cryptography
 Local
–
Consider unauthorized host added
 WAN
–
network – IP address?
/ Internet – how to establish authenticity
Not via IP address
Operating System Concepts Essentials – 2nd Edition
14.3
Silberschatz, Galvin and Gagne ©2013
Cryptography
 Means to constrain potential senders (sources) and
/ or receivers (destinations) of messages

Based on secrets (keys)

Enables
 Confirmation
 Receipt
 Trust
of source
only by certain destination
relationship between sender and receiver
Operating System Concepts Essentials – 2nd Edition
14.4
Silberschatz, Galvin and Gagne ©2013
Encryption
 Constrains set of possible receivers of message
 Encryption algorithm consists of

Set K of keys

Set M of Messages

Set C of ciphertexts (encrypted messages)

A function E : K → (M → C)
each k  K, Ek is a function for generating
ciphertexts from messages
 For

A function D : K → (C → M).
 For each k  K, Dk is a function for generating
messages from ciphertexts
Operating System Concepts Essentials – 2nd Edition
14.5
Silberschatz, Galvin and Gagne ©2013
Encryption (Cont.)
 Encryption algorithm must provide essential property:
Given ciphertext c  C, a computer can compute m
such that Ek(m) = c only if it possesses k

A computer holding k can decrypt ciphertexts to the
plaintexts used to produce them

A computer not holding k cannot decrypt ciphertexts

Should be infeasible to derive k from ciphertexts
Operating System Concepts Essentials – 2nd Edition
14.6
Silberschatz, Galvin and Gagne ©2013
Symmetric Encryption
 Same key used to encrypt and decrypt

k must be kept secret
 DES was most commonly used symmetric block-
encryption algorithm (created by US Govt)

Encrypts one block of data at a time

Keys too short; now considered insecure
 Triple-DES considered more secure

Algorithm used 3 times using 2 or 3 keys
Operating System Concepts Essentials – 2nd Edition
14.7
Silberschatz, Galvin and Gagne ©2013
Symmetric Encryption
 2001 NIST adopted new block cipher - Advanced
Encryption Standard (AES)

Keys of 128, 192, or 256 bits, works on 128 bit blocks
 RC4 is most common symmetric stream cipher ;
known vulnerabilities

Encrypts/decrypts stream of bytes
 e.g.,

wireless transmission
Key is input to pseudo-random-bit generator
 Generates
an infinite keystream
Operating System Concepts Essentials – 2nd Edition
14.8
Silberschatz, Galvin and Gagne ©2013
Secure Communication over Insecure Medium
Operating System Concepts Essentials – 2nd Edition
14.9
Silberschatz, Galvin and Gagne ©2013
Asymmetric Encryption
 Public-key encryption each user has two keys:

public key
 published

key used to encrypt data
private key
 key
known only to individual user
 used
to decrypt data
Operating System Concepts Essentials – 2nd Edition
14.10
Silberschatz, Galvin and Gagne ©2013
Asymmetric Encryption
 Since one key is public, decryption must be difficult

Most common: RSA block cipher
 Makes
use of prime numbers
 Efficient
 No
algorithm for testing number primeness
efficient algorithm for finding prime factors of number
Operating System Concepts Essentials – 2nd Edition
14.11
Silberschatz, Galvin and Gagne ©2013
Asymmetric Encryption (Cont.)
 Computationally infeasible to derive kd,N from ke,N,
 ke
need not be secret; can be disseminated

ke is public key

kd is private key

N is product of two large, randomly chosen prime
numbers p and q (e.g., 512 bits each)

Encryption algorithm is Eke,N(m) = mke mod N, where ke
satisfies kekd mod (p−1)(q −1) = 1

Decryption algorithm is then Dkd,N(c) = ckd mod N
Operating System Concepts Essentials – 2nd Edition
14.12
Silberschatz, Galvin and Gagne ©2013
Asymmetric Encryption Example
 E.g., p = 7 and q = 13

N = 7∗13 = 91

(p−1)(q−1) = 72
 Select ke : relatively prime to 72 and< 72, yielding 5
 Calculate kd such that kekd mod 72 = 1, yielding 29
 Keys

Public key, ke,N = 5, 91

Private key, kd,N = 29, 91
Operating System Concepts Essentials – 2nd Edition
14.13
Silberschatz, Galvin and Gagne ©2013
Asymmetric Encryption Example
 Keys

Public key, ke,N = 5, 91

Private key, kd,N = 29, 91
 Encrypt message 69 with public key results in
cyphertext 62

Eke,N(m) = mke mod N = 69 ^ 5 mod 91 = 62
 Cyphertext decoded with private key

Dkd,N(c) = ckd mod N = 62 ^ 29 mod 91 = 69
Operating System Concepts Essentials – 2nd Edition
14.14
Silberschatz, Galvin and Gagne ©2013
Encryption using RSA Asymmetric Cryptography
Operating System Concepts Essentials – 2nd Edition
14.15
Silberschatz, Galvin and Gagne ©2013
Cryptography (Cont.)
 Symmetric cryptography based on transformations
 Asymmetric based on mathematical functions

Asymmetric much more computationally intensive

Typically not used for bulk data encryption
Operating System Concepts Essentials – 2nd Edition
14.16
Silberschatz, Galvin and Gagne ©2013
Chapter 14: Security
 Cryptography as Security Tool
 User Authentication
 Implementing Security Defenses
 Firewalling to Protect Systems and Networks
Operating System Concepts Essentials – 2nd Edition
14.17
Silberschatz, Galvin and Gagne ©2013
Authentication
 Constrains set of potential senders of message

Complementary to encryption

Can also prove message unmodified
Operating System Concepts Essentials – 2nd Edition
14.18
Silberschatz, Galvin and Gagne ©2013
Authentication
 Algorithm components:

A set K of keys

A set M of messages

A set A of authenticators

A function S : K → (M → A)
each k  K, Sk is a function for generating
authenticators from messages
 For

A function V : K → (M × A → {true, false}).
each k  K, Vk is a function for verifying
authenticators on messages
 For
Operating System Concepts Essentials – 2nd Edition
14.19
Silberschatz, Galvin and Gagne ©2013
Authentication (Cont.)
 For message m, computer can generate
authenticator a  A (such that Vk(m, a) = true)
only if it possesses k

Thus, computer holding k can generate
authenticators on messages so that any other
computer possessing k can verify them

Computer not holding k cannot generate
authenticators on messages that can be verified
using Vk
Operating System Concepts Essentials – 2nd Edition
14.20
Silberschatz, Galvin and Gagne ©2013
Authentication (Cont.)
 Since authenticators are generally exposed, it must
not be feasible to derive k from authenticators
 Practically, if Vk(m,a) = true, we know m has not
been modified

If we share k with only one entity, we know where the
message originated
Operating System Concepts Essentials – 2nd Edition
14.21
Silberschatz, Galvin and Gagne ©2013
Authentication – Hash Functions
 Basis of authentication
 Creates small, fixed-size block of data message
digest (hash value) from m
 Hash Function H must be collision resistant on m

Infeasible to find m’ ≠ m such that H(m) = H(m’)
 If H(m) = H(m’), then m = m’

Message has not been modified
Operating System Concepts Essentials – 2nd Edition
14.22
Silberschatz, Galvin and Gagne ©2013
Authentication – Hash Functions
 Common message-digest functions include:

MD5 – produces 128-bit hash

SHA-1 - which outputs 160-bit hash
Operating System Concepts Essentials – 2nd Edition
14.23
Silberschatz, Galvin and Gagne ©2013
Authentication - MAC
 Symmetric encryption used in message-
authentication code (MAC) algorithm
 Cryptographic checksum generated from message
using secret key

Can securely authenticate short values
Operating System Concepts Essentials – 2nd Edition
14.24
Silberschatz, Galvin and Gagne ©2013
Authentication – Digital Signature
 Based on asymmetric keys and digital signature
algorithm
 Authenticators produced are digital signatures
 Useful – anyone can verify authenticity of message
Operating System Concepts Essentials – 2nd Edition
14.25
Silberschatz, Galvin and Gagne ©2013
Authentication (Cont.)
 Why authentication (if subset of encryption)?

Fewer computations (except for RSA digital
signatures)

Authenticator usually shorter than message

Sometimes want authentication but not confidentiality
 Signed
patches
Operating System Concepts Essentials – 2nd Edition
14.26
Silberschatz, Galvin and Gagne ©2013
Key Distribution
 Delivery of symmetric key is challenge

Sometimes done out-of-band
 E.g.,
using snail mail
 Asymmetric keys proliferate – stored on key ring

Even asymmetric key distribution needs care
 E.g.,
man-in-the-middle attack
Operating System Concepts Essentials – 2nd Edition
14.27
Silberschatz, Galvin and Gagne ©2013
Digital Certificates
 Proof of who or what owns public key

Public key digitally signed a trusted party
 Trusted party receives proof of ID from entity

Certifies public key belongs to entity
 Certificate authority is trusted party –

Their public keys included with web browser distros

They vouch for other authorities via digitally signatures
Operating System Concepts Essentials – 2nd Edition
14.28
Silberschatz, Galvin and Gagne ©2013
Man-in-the-middle Attack on Asymmetric Cryptography
Operating System Concepts Essentials – 2nd Edition
14.29
Silberschatz, Galvin and Gagne ©2013
Implementation of Cryptography
 Can be done at various layers of ISO Reference Model

SSL at Transport layer

Network layer is typically IPSec
 IKE
for key exchange
 Basis
of Virtual Private Networks (VPNs)
 Why not just at lowest level?

Might need more knowledge than available at low levels

E.g., User authentication; e-mail delivery
Operating System Concepts Essentials – 2nd Edition
14.30
Silberschatz, Galvin and Gagne ©2013
User Authentication
 Crucial to identify users correctly

Protection systems depend on user ID
 User identity most often established through
passwords

Special case of either protection keys or capabilities
 Passwords must be kept secret

Frequent change of passwords

History to avoid repeats
Use of “non-guessable” passwords
 Log all invalid access


Unauthorized transfer
Operating System Concepts Essentials – 2nd Edition
14.31
Silberschatz, Galvin and Gagne ©2013
User Authentication
 Passwords may be encrypted or used only once

Does encrypting passwords solve the exposure problem?
 Might
solve sniffing
 Consider shoulder surfing
 Consider Trojan horse keystroke logger
 How are passwords stored at authenticating site?
–
Hash function..
Operating System Concepts Essentials – 2nd Edition
14.32
Silberschatz, Galvin and Gagne ©2013
Passwords
 Encrypt to avoid having to keep secret

But keep secret anyway
 (e.g.,
UNIX uses superuser-only readable file)

Use algorithm that’s easy to compute; difficult to invert

Only encrypted password stored, never decrypted

Add “salt” to avoid same password being encrypted to
same value
Operating System Concepts Essentials – 2nd Edition
14.33
Silberschatz, Galvin and Gagne ©2013
Passwords
 One-time passwords

Use function based on seed to compute a password

Hardware device / key fob to generate the password
 Changes
very frequently
Operating System Concepts Essentials – 2nd Edition
14.34
Silberschatz, Galvin and Gagne ©2013
Passwords
 Biometrics

Some physical attribute (fingerprint, hand scan)
 Multi-factor authentication

Need two or more factors for authentication
 e.g.,
USB “dongle”, biometric measure, and password
Operating System Concepts Essentials – 2nd Edition
14.35
Silberschatz, Galvin and Gagne ©2013
Chapter 14: Security
 Cryptography as Security Tool
 User Authentication
 Implementing Security Defenses
 Firewalling to Protect Systems and Networks
Operating System Concepts Essentials – 2nd Edition
14.36
Silberschatz, Galvin and Gagne ©2013
Implementing Security Defenses
 Defense in depth

Most common security theory

Multiple layers of security
 Security policy describes what is being secured
 Vulnerability assessment compares real state of
system / network compared to security policy
Operating System Concepts Essentials – 2nd Edition
14.37
Silberschatz, Galvin and Gagne ©2013
Implementing Security Defenses
 Intrusion detection to find system / network intrusions

Signature-based detection spots known patterns

Anomaly detection spots differences from normal
 Can

detect zero-day attacks
False-positives and false-negatives a problem
Operating System Concepts Essentials – 2nd Edition
14.38
Silberschatz, Galvin and Gagne ©2013
Implementing Security Defenses
 Virus protection

Search all programs (or programs at execution) for
known virus patterns

Run programs in sandbox => can’t damage system
 Auditing, accounting, and logging of all or specific
system or network activities
 Practice safe computing – avoid sources of
infection, download from only “good” sites, etc
Operating System Concepts Essentials – 2nd Edition
14.39
Silberschatz, Galvin and Gagne ©2013
Chapter 14: Security
 Cryptography as Security Tool
 User Authentication
 Implementing Security Defenses
 Firewalling to Protect Systems and Networks
Operating System Concepts Essentials – 2nd Edition
14.40
Silberschatz, Galvin and Gagne ©2013
Firewalling to Protect Systems and Networks
 Network firewall placed between trusted and
untrusted hosts

Firewall limits access between security domains
 Can be tunneled or spoofed

Tunneling allows disallowed protocol to travel within
allowed protocol (e.g., telnet inside of HTTP)

Firewall rules typically based on host name or IP
address (which can be spoofed)
Operating System Concepts Essentials – 2nd Edition
14.41
Silberschatz, Galvin and Gagne ©2013
Firewalling to Protect Systems and Networks
 Personal firewall is software layer on given host

Can monitor / limit traffic to and from host
 Application proxy firewall understands application
protocol; can control them (e.g., SMTP)
 System-call firewall monitors all important system
calls

Applies rules to them
 (e.g.,
this program can execute that system call)
Operating System Concepts Essentials – 2nd Edition
14.42
Silberschatz, Galvin and Gagne ©2013
Network Security Through Domain Separation Via Firewall
Operating System Concepts Essentials – 2nd Edition
14.43
Silberschatz, Galvin and Gagne ©2013
End of Chapter 14b
Operating System Concepts Essentials – 2nd Edition
Silberschatz, Galvin and Gagne ©2013