
































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Material Type: Notes; Professor: Greenstadt; Class: Computer and Network Security; Subject: Computer Science; University: Drexel University; Term: Winter 2009;
Typology: Study notes
1 / 40
This page cannot be seen from the preview
Don't miss anything!

































Rachel Greenstadt January 6, 2009
Your name
Year at drexel
Why interested in Computer Security and CS 475?
Something else interesting about you
Current events in “Computer and Network Security”
The Computer In security Industry
About CS 475
What is “Computer and Network Security”
Write down your answers and swap with a neighbor
maps names to ip addresses
www.drexel.edu 144.118.31.
distributed: root server delegates to .edu server delegates to drexel.edu server
don’t want badhacker.drexel.edu answering for www.drexel.edu
supposed to be solved by transaction ID (# btwn 0 and 65535 that real server knows, others don’t)
TTL only stops lookups for www.foo.com, not random other names like name1.foo.com, name2.foo.com, etc
name83.foo.com can win www.foo.com by delegating his answer to www.foo.com at some wrong address (6.6.6.6)
via: Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Weger How ssl web security is supposed to work
2007 chosen prefix collision for MD
can put collision bits in the key for the cert (supposed to look random)
some more complications (some parts of the cert are specified by the CA, but they were able to guess these)
Alice Bob EBob(g x ) g y , H(K) K= g xy This depends on the hardness of discrete log (hard to find x from g x ) Now both sides have a symmetric key, K= g xy , Why do we need to encrypt g x ? Why do we need H(K)? What’s still broken?
The following lines were removed from md_rand.c
valgrind and purify (useful debugging tools) complained about uninitialized memory
As a result, randomness in debian generated keys (SSL and SSH) was reduced to 15 bits (32, unique keys) and cryptographic ops were suspect MD_Update(&m,buf,j); [ .. ] MD_Update(&m,buf,j); /* purify complains */
7,000-8,000 vulnerabilities per year (CERT)
Leveled off after 2006, but
malware and trojans increased 300% 2007 (according to microsoft)
Increasing vectors web 2.0 (esp wordpress), online games
Data aggregators compile in-depth dossiers on everyone
Choicepoint sold 163,000 record to identity thieves in 2005
Often this data is lost, stolen, or misused
Privacy Rights Clearinghouse documents the loss of 246,134,559 sensitive records since 2005
This sort of attack on the rise in 2008...mostly attacking web sites