blob: 727040593d66a184a1f38c96c7910a9e810d160a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
# Security
Security requires a protection system but also consideration of the external environment.
A system is `secure` if its resources are used and accessed as intended under all circumstances.
Total security cannot be achieved.
Security Violations:
* breach of confidentiality: unauthorized reading of data.
* breach of integrity: unauthorized modification of data.
* breach of availability: unauthorized destruction of data.
* theft of service: unauthorized use of resources.
* denial of service: preventing legitimate use of the system.
Protecting a system:
* Physical: secure physical site and/or computer(s).
* Human: authorization of users. phishing, password re-use.
* Operating system: system must protect itself from security breaches.
* Network: Interception of data, interruption of communication.
Trojan Horse: A code segment that misuses its environment. (e.g. spyware)
Trap door: a hole left in the system usable by the creator of a program.
Logic bomb: code written to detect a certain condition and executes when it occurs.
Buffer Overflow: pop a shell.
Virus: a fragment of code embedded in a legitimate program.
Worm: a process that uses the `spawn` mechanism to duplicate itself.
Port Scanning: detects what ports are open on systems in a network.
Denial of Service: disrupting legitimate use of a system.
Protection mechanisms:
Cryptography: used to constrain the potential senders and/or receivers of a message.
Encryption: used to send messages securely across the network, protect data, files, disks etc.
Encryption algorithm consists of the following components:
* A set of `K` of keys.
* A set of `M` of messages.
* A set of `C` of ciphertexts.
* An encrypting function `E : K -> (M -> C)`
* A decrypting function `D : K -> (C -> M)`
Symmetric Encryption: same key is used to encrypt and decrypt.
Asymmetric Encryption: different encryption and decryption keys.
RSA is the most widely used asymmetric encryption algorithm. (elliptic curves uses shorter keys with same cryptographic strength)
```plaintext
Ke: public_key
Kd: private_key
N: (p * q) # two large prime numbers.
Eke,N(m) = m^ke mod N: encryption
```
Authentication: constraining set of potential senders of a message.
A `hash function` produces a fixed-size block of data called a `message digest` or `hash value` from message `m`.
Authentication algorithms:
* message-authentication code MAC: a crypto checksum is generated from the message using a secret key. The key must be shared to authenticate.
* digital-signature: enable anyone to verify authenticity of a message.
## Key distribution
* out of band: share key via paper or conversation.
digital certificate: is a public key digitially signed by a trusted party.
certificate authority: have their public keys included within web browsers.
## implementation
```plaintext
----------------
| Application |
----------------
| Presentation |
----------------
| Session |
---------------- -------------
| Transport | | SSL/TLS |
---------------- -------------
| Network | | IPSec/IKE |
---------------- -------------
| Data link |
----------------
| Physical |
----------------
```
|
