CISC 210 - Class Today
• Looking Forward, Schedules
• Recap: Public key cryptography
• Secret Keys vs Public Keys
March 2005
R. Smith - University of St Thomas - Minnesota
1
Looking Forward
• Next Lab
– Due date is being pushed to the end of the semester
– I need to find a different way to run WireShark on the outside
• Viruses
– I’ll post a revised Chapter 3 with a section on viruses
• Cain and Abel, scanning, password cracking
– A security program I’ve been playing with
– I need to finish ‘sanitizing’ my laptop for the demonstration
– The password cracker is unreliable
March 2005
R. Smith - University of St Thomas - Minnesota
2
Presentation Schedule
Monday, May 11
• SQL Slammer
– Brakefield, Hart,
Wertish
• Active Directory
– Allers-Hatlie, Hooper
• Crypto Algorithms
– McNeil, Schwarz,
Tursich
• Botnets
– Heaney, Schreck
March 2005
Wednesday, May 13
• Conficker
– Hansohn, Lee
• Biometrics McCormick
• TBD - Chang
• HIPAA - Barrett
• Wireless Cracking
– Almutawa, Moore,
Winiarczyk
R. Smith - University of St Thomas - Minnesota
3
Public Key cryptography
• First successful version: Diffie Hellman
• ‘Distributive property’ of exponents
– (BX)Y = (BY)X
• Or, in Diffie-Hellman:
– (BX mod M)Y mod M = (BY mod M)X mod M
– (x) is Private Key; (BX mod M) is Public Key
• Why is it secure? Because…
– (BX mod M) * (BY mod M) mod M ! = (BY mod M)X mod M
– Modulus makes it impractical to reverse
March 2005
R. Smith - University of St Thomas - Minnesota
4
RSA
• More flexible variant
– Basic Math: Given M, My = Ciphertext; M = (My)-y
– y = Public Key; -y = Private Key (inverse of public key)
– RSA uses “Modular Inverse” instead of simple inverse
• Multiply two primes P x Q
– Product is the Modulus, part of the published key,
– 2 other numbers form rest of the key
• “Public” exponent “E” (often 3 or 65537)
• “Private” inverse “D” (computed from P, Q, and E)
• Works in both directions – encrypt and decrypt
March 2005
R. Smith - University of St Thomas - Minnesota
5
Using Public Key
• Diffie Hellman
– I can share one secret with another D-H user
• I use the other user’s PUBLIC key with my PRIVATE key
• RSA
– If I have a user’s PUBLIC key, I can send them a secret
• I encrypt the secret with THEIR public key
• They decrypt with their own private key
– I can use my PRIVATE key to “sign” things
• I encrypt a hash (checksum) with my PRIVATE key
• Others can check the result with my PUBLIC key
March 2005
R. Smith - University of St Thomas - Minnesota
6
Public Key vs Secret Key
• Secret Key is good:
• Hosts already known
• Small number of
hosts
• Many hosts and KDC
– KDC is well protected
• Revocation is easy
March 2005
• Public Key is good:
• Many hosts, not
known ahead of time
• Revocation not a
major concern
• Host security not
very reliable
R. Smith - University of St Thomas - Minnesota
7
Encrypting to “sign” some data
• Use private key to encrypt
March 2005
R. Smith - University of St Thomas - Minnesota
8
Applying a Digital Signature
• Hash it, encrypt the hash
March 2005
R. Smith - University of St Thomas - Minnesota
9
Checking the digital signature
• Use the public key to decrypt the encrypted
hash
March 2005
R. Smith - University of St Thomas - Minnesota
10
Authentication with public keys
• A variant of challenge-response
March 2005
R. Smith - University of St Thomas - Minnesota
11
FIPS 196 authentication
• Public key challenge-response
March 2005
R. Smith - University of St Thomas - Minnesota
12
RSA Encrypting Secret Keys
• First send the secret key, then send the data
Public
Key
Private
Key
Encryption
Procedure
Random
Number
Generator
John J. Jones
March 2005
Decryption
Procedure
Secret
Key
(temporary)
Clear Text
4327 4445219
{ }
Encryption
Procedure
Cipher
Text
Secret
Key
Clear Text
Decryption
Procedure
R. Smith - University of St Thomas - Minnesota
4327 4445219
John J. Jones
13
SSL Encryption
• Socket layer encryption
• The old story of Mosaic becoming Netscape
• Practical example of successful security
– Won on the basis of its practical application
– Security mechanisms themselves weren’t the deciding factor
March 2005
R. Smith - University of St Thomas - Minnesota
14
Basic SSL
• RSA to protect a shared secret
March 2005
R. Smith - University of St Thomas - Minnesota
15
SSL Phase 1
• pre master secret
March 2005
R. Smith - University of St Thomas - Minnesota
16
Build the secret
• Combine single secret and nonces to make
more secrets
March 2005
R. Smith - University of St Thomas - Minnesota
17
The rest of SSL
March 2005
R. Smith - University of St Thomas - Minnesota
18
Web Requirements
• Customers
– Can buy things and handle related issues (returns) through the
web site
– Info is only available as needed to handle their orders, etc.
• Implementation
– Order processing is as automated as possible
– As little down time as possible, especially for order entry
• Employees
– Can surf the web and use e-mail
– Can use shared file and print services
• Outsiders
– Can visit the commercial web site and buy things
– Can not access internal company components
March 2005
R. Smith - University of St Thomas - Minnesota
19
How the Web Works
• GET – reading data from a site
– Passive, relies purely on HTML text files
• POST – sending data to a site
– Requires an ‘active’ response on the server side
– Web site ‘programming’ via PHP, Perl, etc.
• Modern sites: active scripts and a database
E-Commerce Tools
•
•
•
•
Web servers + shopping carts
Database servers
Warehousing/shipping applications
3rd party support
– Payment processing; package tracking
•
•
•
•
•
Network server hosts
“Back end” hosts
E-mail servers
Routers and firewalls to control flow & access
Encrypting gateways for distributed companies
March 2005
R. Smith - University of St Thomas - Minnesota
21
Making things Interesting
• Or, at least, complicated
• Physical locations
– Web hosting location
– Warehouse(s) for merchandise
– Company headquarters
• Are these all in one place?
March 2005
R. Smith - University of St Thomas - Minnesota
22
Enterprise network architecture
• How many sites? Do we connect them? How?
• Do all employees get to surf the Web?
• Which sites provide a “public face”?
• Which sites host critical systems?
– I.e. those that directly affect the company’s immediate
business
• Which sites administer critical systems?
March 2005
R. Smith - University of St Thomas - Minnesota
23
Some questions
• How do we use these tools to build an ecommerce site?
• How might we use different types of firewalls?
March 2005
R. Smith - University of St Thomas - Minnesota
24
E-Commerce: Conflicting Goals
• Efficiency
• Security
– Sell lots of stuff at little expense
– Make the customers happy
–
–
–
–
–
Accept lots of connections
Respond quickly to net requests
High availability
Send merchandise quickly
Handle customer
problems/returns quickly
– Accurate feedback on
merchandise availability
– Accurate status on existing order
and shipped pkgs
March 2005
–
–
–
–
Detect fraudulent purchases
Keep company activities private
Make payments accurately
Block hacker attacks
– Record purchases accurately
– Don’t send merchandise unless
paid for
– Don’t accept returns unless
bought here
– Limit the scope of attacks
– On-line payment verification
– Keep records to help identify long
term bad trends
R. Smith - University of St Thomas - Minnesota
25
That’s it
• Questions?
Creative Commons License
This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United
States License. To view a copy of this license, visit
http://creativecommons.org/licenses/by-sa/3.0/us/ or send a letter to Creative
Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA.
March 2005
R. Smith - University of St Thomas - Minnesota
26