CISC 210 - Class Today • Looking Forward, Schedules • Recap: Public key cryptography • Secret Keys vs Public Keys March 2005 R. Smith - University of St Thomas - Minnesota 1 Looking Forward • Next Lab – Due date is being pushed to the end of the semester – I need to find a different way to run WireShark on the outside • Viruses – I’ll post a revised Chapter 3 with a section on viruses • Cain and Abel, scanning, password cracking – A security program I’ve been playing with – I need to finish ‘sanitizing’ my laptop for the demonstration – The password cracker is unreliable March 2005 R. Smith - University of St Thomas - Minnesota 2 Presentation Schedule Monday, May 11 • SQL Slammer – Brakefield, Hart, Wertish • Active Directory – Allers-Hatlie, Hooper • Crypto Algorithms – McNeil, Schwarz, Tursich • Botnets – Heaney, Schreck March 2005 Wednesday, May 13 • Conficker – Hansohn, Lee • Biometrics McCormick • TBD - Chang • HIPAA - Barrett • Wireless Cracking – Almutawa, Moore, Winiarczyk R. Smith - University of St Thomas - Minnesota 3 Public Key cryptography • First successful version: Diffie Hellman • ‘Distributive property’ of exponents – (BX)Y = (BY)X • Or, in Diffie-Hellman: – (BX mod M)Y mod M = (BY mod M)X mod M – (x) is Private Key; (BX mod M) is Public Key • Why is it secure? Because… – (BX mod M) * (BY mod M) mod M ! = (BY mod M)X mod M – Modulus makes it impractical to reverse March 2005 R. Smith - University of St Thomas - Minnesota 4 RSA • More flexible variant – Basic Math: Given M, My = Ciphertext; M = (My)-y – y = Public Key; -y = Private Key (inverse of public key) – RSA uses “Modular Inverse” instead of simple inverse • Multiply two primes P x Q – Product is the Modulus, part of the published key, – 2 other numbers form rest of the key • “Public” exponent “E” (often 3 or 65537) • “Private” inverse “D” (computed from P, Q, and E) • Works in both directions – encrypt and decrypt March 2005 R. Smith - University of St Thomas - Minnesota 5 Using Public Key • Diffie Hellman – I can share one secret with another D-H user • I use the other user’s PUBLIC key with my PRIVATE key • RSA – If I have a user’s PUBLIC key, I can send them a secret • I encrypt the secret with THEIR public key • They decrypt with their own private key – I can use my PRIVATE key to “sign” things • I encrypt a hash (checksum) with my PRIVATE key • Others can check the result with my PUBLIC key March 2005 R. Smith - University of St Thomas - Minnesota 6 Public Key vs Secret Key • Secret Key is good: • Hosts already known • Small number of hosts • Many hosts and KDC – KDC is well protected • Revocation is easy March 2005 • Public Key is good: • Many hosts, not known ahead of time • Revocation not a major concern • Host security not very reliable R. Smith - University of St Thomas - Minnesota 7 Encrypting to “sign” some data • Use private key to encrypt March 2005 R. Smith - University of St Thomas - Minnesota 8 Applying a Digital Signature • Hash it, encrypt the hash March 2005 R. Smith - University of St Thomas - Minnesota 9 Checking the digital signature • Use the public key to decrypt the encrypted hash March 2005 R. Smith - University of St Thomas - Minnesota 10 Authentication with public keys • A variant of challenge-response March 2005 R. Smith - University of St Thomas - Minnesota 11 FIPS 196 authentication • Public key challenge-response March 2005 R. Smith - University of St Thomas - Minnesota 12 RSA Encrypting Secret Keys • First send the secret key, then send the data Public Key Private Key Encryption Procedure Random Number Generator John J. Jones March 2005 Decryption Procedure Secret Key (temporary) Clear Text 4327 4445219 { } Encryption Procedure Cipher Text Secret Key Clear Text Decryption Procedure R. Smith - University of St Thomas - Minnesota 4327 4445219 John J. Jones 13 SSL Encryption • Socket layer encryption • The old story of Mosaic becoming Netscape • Practical example of successful security – Won on the basis of its practical application – Security mechanisms themselves weren’t the deciding factor March 2005 R. Smith - University of St Thomas - Minnesota 14 Basic SSL • RSA to protect a shared secret March 2005 R. Smith - University of St Thomas - Minnesota 15 SSL Phase 1 • pre master secret March 2005 R. Smith - University of St Thomas - Minnesota 16 Build the secret • Combine single secret and nonces to make more secrets March 2005 R. Smith - University of St Thomas - Minnesota 17 The rest of SSL March 2005 R. Smith - University of St Thomas - Minnesota 18 Web Requirements • Customers – Can buy things and handle related issues (returns) through the web site – Info is only available as needed to handle their orders, etc. • Implementation – Order processing is as automated as possible – As little down time as possible, especially for order entry • Employees – Can surf the web and use e-mail – Can use shared file and print services • Outsiders – Can visit the commercial web site and buy things – Can not access internal company components March 2005 R. Smith - University of St Thomas - Minnesota 19 How the Web Works • GET – reading data from a site – Passive, relies purely on HTML text files • POST – sending data to a site – Requires an ‘active’ response on the server side – Web site ‘programming’ via PHP, Perl, etc. • Modern sites: active scripts and a database E-Commerce Tools • • • • Web servers + shopping carts Database servers Warehousing/shipping applications 3rd party support – Payment processing; package tracking • • • • • Network server hosts “Back end” hosts E-mail servers Routers and firewalls to control flow & access Encrypting gateways for distributed companies March 2005 R. Smith - University of St Thomas - Minnesota 21 Making things Interesting • Or, at least, complicated • Physical locations – Web hosting location – Warehouse(s) for merchandise – Company headquarters • Are these all in one place? March 2005 R. Smith - University of St Thomas - Minnesota 22 Enterprise network architecture • How many sites? Do we connect them? How? • Do all employees get to surf the Web? • Which sites provide a “public face”? • Which sites host critical systems? – I.e. those that directly affect the company’s immediate business • Which sites administer critical systems? March 2005 R. Smith - University of St Thomas - Minnesota 23 Some questions • How do we use these tools to build an ecommerce site? • How might we use different types of firewalls? March 2005 R. Smith - University of St Thomas - Minnesota 24 E-Commerce: Conflicting Goals • Efficiency • Security – Sell lots of stuff at little expense – Make the customers happy – – – – – Accept lots of connections Respond quickly to net requests High availability Send merchandise quickly Handle customer problems/returns quickly – Accurate feedback on merchandise availability – Accurate status on existing order and shipped pkgs March 2005 – – – – Detect fraudulent purchases Keep company activities private Make payments accurately Block hacker attacks – Record purchases accurately – Don’t send merchandise unless paid for – Don’t accept returns unless bought here – Limit the scope of attacks – On-line payment verification – Keep records to help identify long term bad trends R. Smith - University of St Thomas - Minnesota 25 That’s it • Questions? Creative Commons License This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/us/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. March 2005 R. Smith - University of St Thomas - Minnesota 26