






Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This document from eecs 482 explores secure communication and computation, focusing on the importance of encryption and authentication in the face of insecure networks. Symmetric and public-key encryption, digital signatures, and the use of encryption in ssl, ssh, and pgp. It also discusses the challenges of public-key encryption and methods for authenticating published public keys. Additionally, the document touches on authentication and authorization, access control lists and capabilities, and principles for secure systems.
Typology: Study notes
1 / 10
This page cannot be seen from the preview
Don't miss anything!







EECS 482
1
Hardware reality: insecure networks
later)
sage from your IP address
nal message, insert a new message that pretends to befrom the original sender
Secure communication
data the sender sends
the right sender
request
yet)
Encryption is the main tool used to provide secure communi-
cation
Basic idea
text) pairs
EECS 482
2
e-key = d-key (i.e. symmetric)
called “secret key” encryption)
Analogous to writing data on a floppy and placing the floppy
inside a box with a padlock, then sending the box to thereceiver via an untrusted courier. When the receiver getsthe box and opens it, he/she knows:• the true sender wrote the data on the floppy (authentica-
tion)
dentiality)
Symmetric-key encryption algorithms are fastE.g. I send message to registrar with a student’s grade
How do sender and receiver get a shared secret key in the first
place?
EECS 482
4
Public-key encryption used in
Problems with public-key encryption
encryption. Solve by using public-key to exchange ashort-lived symmetric key (session key)
E.g. A wants to communicate with B, so A and B must learn
each other’s public keys (A-public and B-public). Villainhas two public keys V-public1 and V-public2.• what if villain manages to convince A that B’s public key
is V-public1? And what if villain can convince B thatA’s public key is V-public2?
crypt(“From A” crypt(message, A-private), V-public1)
How to authenticate the published public key?pgp: verify the “fingerprint” of a public key via the telephone
or a trusted web server
SSL example: your web browser wants to communicate with
e-trade. You want to ensure that only e-trade can see yourmessages; e-trade wants to be sure that you are really whoyou say you are.
step 1: assure you that your messages can be read only be e-
trade• e-trade has public key, but how to learn this securely?• certification authority (e.g. verisign) vouches for the
authenticity of e-trade’s public key
verisign: crypt(“e-trade’s public key is X”, verisign-pri-vate)
is vouching for e-trade’s public key
shared session key (could be secret key)
EECS 482
5
step 2: assure e-trade that you are really who you say you are
sign
sion key)
session key is really from you.
Example using symmetric-key encryption (same is possible
with public-key encryption)• I send message to bank using symmetric-key encryption
encrypt(“transfer $100 to U-M”, key)
encrypted message, then replays it later. Bank transfers another
$100 to U-M.
How to defend against this attack?
EECS 482
7
Authentication is the process of you proving your identity to
the operating system. It may also include the operatingsystem proving its identity to you.
Many ways to do authenticationPasswords
words?instead of storing the password, the OS can store a one-way function of the password
Authenticate based on a physical token (that can’t be easily
forged)• e.g. your ticket to the football game• but what if your token is stolen?
Authenticate based on both a physical token and a password
disabling card after small number of guesses
Authenticate based on biometric token
How do companies authenticate customers?
EECS 482
8
Access control matrixTwo approaches for how to store this information: access con-
trol lists (ACLs) and capabilities
Access control lists
and in what ways they can access it
authenticated a login time) has permissions to access thefile
e.g. aprakash, pmchen both belong to the “faculty”group, and file3 could have ACL <faculty, rw>
thinking he is someone else. E.g. sendmail runs as root.Attacker can subvert sendmail and get it to run attackcode. System allows arbitrary access, because the sys-tem thinks this code is root’s code.
Capabilities
access and how they are allowed to access it
this type of access
file
to a car, you have the power to enter the car. If you pos-sess the ignition key to a car, you have the power todrive the car.
bility (especially since capabilities are stored at theuser).
(unforgeable). e.g. the capability might includeencrypt(file name, system key).
How does the owner of an object revoke permissions for a user
in an ACL system?
How does the owner of an object revoke permissions for a user
in a capability system?
file
file
file
user
rw
rw
rw
user
-^
r^
rw
EECS 482
10
Buffer overflow
fails to check the length of that input
they corrupt the return address on the stack, they canforce the program to jump to their code.
Trojan horse
something evil
the villain
ment) with a macro that runs when the document isopened (it runs with the user’s identity)
Ken Thompson (creator of Unix) wrote a self-replicating piece
of attack code
goal: put a backdoor into the login program to allow “ken” to
login as root without knowing password1. make it possible (easy)2. hide it (tricky)
Step 1: modify login.c
(code A) if (name
==
“ken”)
login
as
root
But this is really obvious to anyone looking at login.c How to
hide the attack code?
Step 2: modify C compiler
(code B) if (compiling login.c) compile code A
into
binary
Now you can remove code A from login.c, and still have a
backdoor. But this is now obvious in the compiler. How tohide the compiler attack code?
Step 3: distribute a buggy C compiler binary
(code C) if (compiling
C
compiler),
compile
code
B
into
binary