sen-material: comparison slides/slides04.tex

equal deleted inserted replaced

-:4b2eeb0ddd81
+:07e4d8f64ca8
 \documentclass[dvipsnames,14pt,t]{beamer}
-\usepackage{beamerthemeplaincu}
+\usepackage{../slides}
-%\usepackage[T1]{fontenc}
+\usepackage{../graphics}
-\usepackage[latin1]{inputenc}
+\usepackage{../langs}
-\usepackage{mathpartir}
-\usepackage[absolute,overlay]{textpos}
-\usepackage{ifthen}
-\usepackage{tikz}
-\usepackage{pgf}
-\usepackage{calc}
-\usepackage{ulem}
-\usepackage{courier}
-\usepackage{listings}
-\renewcommand{\uline}[1]{#1}
 \usetikzlibrary{arrows}
-\usetikzlibrary{automata}
 \usetikzlibrary{shapes}
-\usetikzlibrary{shadows}
-\usetikzlibrary{positioning}
+\setmonofont[Scale=.88]{Consolas}
-\usetikzlibrary{calc}
+\newfontfamily{\consolas}{Consolas}
-\usepackage{graphicx}
+\hfuzz=220pt
-\definecolor{javared}{rgb}{0.6,0,0} % for strings
-\definecolor{javagreen}{rgb}{0.25,0.5,0.35} % comments
-\definecolor{javapurple}{rgb}{0.5,0,0.35} % keywords
-\definecolor{javadocblue}{rgb}{0.25,0.35,0.75} % javadoc
-\lstset{language=Java,
-	basicstyle=\ttfamily,
-	keywordstyle=\color{javapurple}\bfseries,
-	stringstyle=\color{javagreen},
-	commentstyle=\color{javagreen},
-	morecomment=[s][\color{javadocblue}]{/**}{*/},
-	numbers=left,
-	numberstyle=\tiny\color{black},
-	stepnumber=1,
-	numbersep=10pt,
-	tabsize=2,
-	showspaces=false,
-	showstringspaces=false}
-\lstdefinelanguage{scala}{
-morekeywords={abstract,case,catch,class,def,%
-do,else,extends,false,final,finally,%
-for,if,implicit,import,match,mixin,%
-new,null,object,override,package,%
-private,protected,requires,return,sealed,%
-super,this,throw,trait,true,try,%
-type,val,var,while,with,yield},
-otherkeywords={=>,<-,<\%,<:,>:,\#,@},
-sensitive=true,
-morecomment=[l]{//},
-morecomment=[n]{/*}{*/},
-morestring=[b]",
-morestring=[b]',
-morestring=[b]"""
-}
-\lstset{language=Scala,
-	basicstyle=\ttfamily,
-	keywordstyle=\color{javapurple}\bfseries,
-	stringstyle=\color{javagreen},
-	commentstyle=\color{javagreen},
-	morecomment=[s][\color{javadocblue}]{/**}{*/},
-	numbers=left,
-	numberstyle=\tiny\color{black},
-	stepnumber=1,
-	numbersep=10pt,
-	tabsize=2,
-	showspaces=false,
-	showstringspaces=false}
 % beamer stuff
-\renewcommand{\slidecaption}{APP 03, King's College London, 22 October 2014}
+\renewcommand{\slidecaption}{APP 04, King's College London}
-\makeatletter
+\newcommand{\bl}[1]{\textcolor{blue}{#1}}
-\def\verbatim@font{\consolas\footnotesize}
-\makeatother
 \begin{document}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
+\begin{frame}[t]
-\begin{frame}<1>[t]
 \frametitle{%
 \begin{tabular}{@ {}c@ {}}
 \\
 \LARGE Access Control and \\[-3mm]
 \LARGE Privacy Policies (4)\\[-6mm]
 Office: & S1.27 (1st floor Strand Building)\\
 Slides: & KEATS (also home work is there)\\
 \end{tabular}
 \end{center}
+\end{frame}
-\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
-\mode<presentation>{
-\begin{frame}[c]
+\begin{center}
+\includegraphics[scale=0.45]{../pics/trainwreck.jpg}\\
-\begin{center}
+last week: buffer overflow attacks
-\includegraphics[scale=0.45]{pics/trainwreck.jpg}\\
+\end{center}
-two weeks ago: buffer overflow attacks
-\end{center}
-\end{frame}}
+\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[fragile]
-\frametitle{D-Link Router, Buffer Overflows}
+\frametitle{D-Link Wifi Router, BOA}
+\small
-\begin{verbatim}
 As a proof-of-concept, the following URL allows
 attackers to control the return value saved on
 the stack (the vulnerability is triggered when
 executing "/usr/sbin/widget"):
-curl http://<target ip>/post_login.xml?hash=AAA...AAABBBB
+\begin{center}\footnotesize
+\pcode{curl http://<target ip>/post_login.xml?hash=AAA...AAABBBB}
+\end{center}
 The value of the "hash" HTTP GET parameter consists of
-292 occurrences of the 'A' character, followed by four
+292 occurrences of the \pcode{'A'} character, followed by four
-occurrences of character 'B'. In our lab setup, characters
+occurrences of character \pcode{'B'}. In our lab setup, characters
-'B' overwrite the saved program counter (%ra).
+\pcode{'B'} overwrite the saved program counter (\pcode{\%ra}).\bigskip
-Discovery date: 06/03/2013
-Release date:   02/08/2013
+\begin{tabular}{@{}ll}
-\end{verbatim}
+Discovery date: & 06/03/2013\\
+Release date:   & 02/08/2013
-\mbox{}\footnotesize\hfill\url{http://pastebin.com/vbiG42VD}
+\end{tabular}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\hfill\url{http://roberto.greyhats.it/advisories/20130801-dlink-dir645.txt}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[fragile]
-\frametitle{Backdoors}
+\frametitle{D-Link Backdoors}
 D-Link router flaw lets anyone login through "Joel's Backdoor":\medskip
+\begin{quote}\rm\small
 If you tell your browser to identify itself as Joel's backdoor, instead of (say)
 as Mozilla/5.0 AppleWebKit/536.30.1 Version/6.0.5, you're in without authentication.\medskip
 "What is this string," I hear you ask?
 You will laugh: it is
-\begin{verbatim}
+\begin{center}
-xmlset_roodkcableoj28840ybtide
+\pcode{xmlset_roodkcableoj28840ybtide}
-\end{verbatim}
+\end{center}
+\end{quote}\bigskip\bigskip
 \hfill\footnotesize October 15, 2013\\
-\hfill\tiny\url{http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/}
+\hfill\footnotesize\url{http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/}
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
+\begin{frame}[fragile]
+CVE-2014-0476 chkrootkit vulnerability 4 Jun'14\medskip
+\begin{quote}\rm\small
+Hi,
+we just found a serious vulnerability in the chkrootkit package, which
+may allow local attackers to gain root access to a box in certain
+configurations (\pcode{/tmp} not mounted noexec). Steps to reproduce:
+\begin{itemize}
+\item Put an executable file named \pcode{update} with non-root owner in /tmp (not
+mounted noexec, obviously)
+\item Run chkrootkit (as uid 0)
+\end{itemize}
+Result: The file \pcode{/tmp/update} will be executed as root, thus effectively
+rooting your box, if malicious content is placed inside the file.
+If an attacker knows you are periodically running chkrootkit (like in
+cron.daily) and has write access to \pcode{/tmp} (not mounted noexec), he may
+easily take advantage of this.
+\end{quote}
+\mbox{}\\[-10mm]
+\hfill\footnotesize\url{http://seclists.org/oss-sec/2014/q2/430}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
 \frametitle{Access Control in Unix}
 \begin{itemize}
 \item access control provided by the OS
 \item authenticate principals (login)
 \item mediate access to files, ports, processes according to \alert{roles} (user ids)\\
 \item roles get attached with privileges\bigskip\\%
 \hspace{8mm}
-\begin{tikzpicture}
+\begin{bubble}[8cm]
-\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm]
-{\begin{minipage}{8cm}
 \alert{principle of least privilege:}\\
-programs should only have as much privilege as they need
+users and programs should only have as much privilege as they need
-\end{minipage}};
+\end{bubble}
-\end{tikzpicture}
+\end{itemize}
-\end{itemize}
+\end{frame}
-\end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
 \frametitle{Access Control in Unix (2)}
-\begin{itemize}
-\item the idea is to restrict access to files and therefore lower the consequences of an attack\\[1cm]\mbox{}
+\begin{itemize}
-\end{itemize}
+\item privileges are specified by file access permissions (``everything is a file'')\medskip
+\item there are 9 (plus 2) bits that specify the permissions of a file
-\begin{textblock}{1}(2.5,9.5)
-\begin{tikzpicture}[scale=1]
+\begin{center}
+\begin{tabular}{l}
-\draw[line width=1mm] (-.3, 0) rectangle (1.5,2);
+\texttt{\$ ls -la}\\
-\draw (4.7,1) node {Internet};
+\texttt{-rwxrw-r-{}- \hspace{3mm} foo\_file.txt}
-\draw (0.6,1.7) node {\footnotesize Interface};
+\end{tabular}
-\draw (0.6,-0.4) node {\footnotesize \begin{tabular}{c}unprivileged\\[-1mm] process\end{tabular}};
+\end{center}
-\draw (-2.7,-0.4) node {\footnotesize \begin{tabular}{c}privileged\\[-1mm] process\end{tabular}};
+\end{itemize}
-\draw[line width=1mm] (-1.8, 0) rectangle (-3.6,2);
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\draw[white] (1.7,1) node (X) {};
-\draw[white] (3.7,1) node (Y) {};
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\draw[red, <->, line width = 2mm] (X) -- (Y);
+\begin{frame}[c]
+\frametitle{Login Process}
-\draw[red, <->, line width = 1mm] (-0.6,1) -- (-1.6,1);
-\end{tikzpicture}
-\end{textblock}
+\begin{itemize}
+\item login processes run under UID $=$ \pcode{0}\medskip
-\end{frame}}
+\begin{center}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\texttt{ps -axl | grep login}
-\newcommand{\bl}[1]{\textcolor{blue}{#1}}
+\end{center}\medskip
+\item after login, shells run under UID $=$ user (e.g.~501)\medskip
+\begin{center}
+\texttt{id cu}
+\end{center}\medskip\pause
+\item non-root users are not allowed to change the UID --- would break
+access control
+\item but needed for example for \texttt{passwd}
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{Setuid and Setgid}
+The solution is that Unix file permissions are 9 + \underline{2 Bits}:
+\alert{Setuid} and \alert{Setgid} Bits
+\begin{itemize}
+\item When a file with setuid is executed, the resulting process will
+assume the UID given to the owner of the file.
+\item This enables users to create processes as root (or another
+user).\bigskip
+\item Essential for changing passwords, for example.
+\end{itemize}
+\begin{center}
+\texttt{chmod 4755 fobar\_file}
+\end{center}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
 \frametitle{Access Control}
 \begin{itemize}
 \item \bl{Discretionary Access Control:}\mbox{}\medskip\\
 \small Access to objects (files, directories, devices, etc.) is permitted
 based on user identity. Each object is owned by a user. Owners can
 specify freely (at their discretion) how they want to share their objects
 with other users, by specifying which other users can have which
 form of access to their objects.\medskip
 \begin{frame}[c]
 \frametitle{Access Control}
 \begin{itemize}
 \item \bl{Mandatory Access Control:}\mbox{}\medskip\\
 \small Access to objects is controlled by a system-wide policy, for example
 to prevent certain flows of information. In some forms, the system maintains
 security labels for both objects and subjects (processes, users), based on
 which access is granted or denied. Labels can change as the result of an
 access. Security policies are enforced without the cooperation of users or
 \end{itemize}
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{\Large Discretionary Access Control}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{Discretionary Access Control}
 In its most generic form usually given by an Access Control Matrix
 of the form
 \begin{center}
 john          & $\varnothing$ & r, w, x&  r, x\\\hline
 sendmail  & a & $\varnothing$ &  r, x\\
 \end{tabular}
 \end{center}
 access privileges: {\bf r}ead, {\bf w}rite, e{\bf x}ecute, {\bf a}ppend
-\end{frame}}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\small
+\lstinputlisting[numbers=none,xleftmargin=-6mm]{lst}
+\begin{center}
+\begin{tabular}{ll}
+Members of group staff: & ping, bob, emma\\
+Members of group students: & emma\\
+\end{tabular}
+\end{center}
+\begin{center}
+\begin{tabular}{@{\hspace{-7mm}}r|c|c|c|c|c@{}}
+& manual.txt & report.txt & microedit & src/code.c & src/code.h \\\hline
+ping & & & & &\\\hline
+bob & & & & &\\\hline
+emma   & & & & &\\
+\end{tabular}
+\end{center}
+\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
 \frametitle{Mandatory Access Control}
+\small
-\begin{itemize}
-\item Restrictions to allowed information flows are not decided at the user’s
+\begin{itemize}
-discretion (as with Unix chmod), but instead enforced by system policies.
+\item Restrictions to allowed information flows are not decided at the
+user's discretion (as with Unix \pcode{chmod}), but instead enforced
-\item Mandatory access control mechanisms are aimed in particular at
+by system policies.
-preventing policy violations by untrusted application software, which
-typically have at least the same access privileges as the invoking user.\medskip
+\item Mandatory access control mechanisms are aimed in particular at
+preventing policy violations by untrusted application software,
-Simple example: Air Gap Security.
+which typically have at least the same access privileges as the
-Uses completely separate network and computer hardware for different application classes.
+invoking user.\medskip
+Simple example: Air Gap Security. Uses completely separate network
+and computer hardware for different application classes.
 \end{itemize}
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
 \frametitle{The Bell/LaPadula Model}
 \begin{itemize}
-\item Formal policy model for mandatory access control in a military multi-level security environment.
+\item Formal policy model for mandatory access control in a military
-All subjects (processes, users, terminals) and data objects (files, directories, windows, connections) are labeled with a confidentiality level, e.g.
+multi-level security environment. All subjects (processes, users,
-\begin{center}
+terminals, files, windows, connections) are labeled
-unclassified < confidential < secret < top secret.
+with a confidentiality level, e.g.
-\end{center}
+\begin{center}
+unclassified < confidential < secret < top secret
-\item
+\end{center}\medskip
-The system policy automatically prevents the flow of information from high-level objects to lower levels. A process that reads top secret data becomes tagged as top secret by the operating system, as will be all files into which it writes afterwards.
-%Each user has a maximum allowed confidentiality level specified and cannot receive data beyond that level. A selected set of trusted subjects is allowed to bypass the restrictions, in order to permit the declassification of information.
+\item The system policy automatically prevents the flow of information
-\end{itemize}
+from high-level objects to lower levels. A process that reads top
+secret data becomes tagged as top secret by the operating system, as
-\end{frame}
+will be all files into which it writes afterwards.
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%Each user has a maximum allowed confidentiality level specified and
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%cannot receive data beyond that level. A selected set of trusted
-\mode<presentation>{
+%subjects is allowed to bypass the restrictions, in order to permit
+%the declassification of information.
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
 \frametitle{Bell-LaPadula}
 \small
 \begin{itemize}
 This restricts information flow $\Rightarrow$ military\bigskip\bigskip\pause
 Bell-LaPadula: {\bf `no read up'} - {\bf `no write down'}
-\end{frame}}
+\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
 \begin{frame}[c]
 \frametitle{\begin{tabular}{c}Principle of\\[-2mm] Least Privilege\end{tabular}}
-\begin{tikzpicture}
+\begin{bubble}[10cm]
-\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm]
-{\normalsize\color{darkgray}
-\begin{minipage}{10cm}\raggedright
 A principal should have as few privileges as possible to access a resource.
-\end{minipage}};
+\end{bubble}\bigskip\bigskip
-\end{tikzpicture}\bigskip\bigskip
 \small
 \begin{itemize}
 \item Bob ($T\!S$) and Alice ($S$) want to communicate
 \item[] $\Rightarrow$ Bob should lower his security level
 \end{itemize}
-\end{frame}}
+\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
 \begin{frame}[c]
 \frametitle{Biba Policy}
 \small
 Data Integrity (rather than data confidentiality)
 \end{itemize}\bigskip\bigskip\pause
 E.g.~Firewalls: you can read from inside the firewall, but not from outside\\
 Phishing: you can look at an approved PDF, but not one from a random email\\
-\end{frame}}
+\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
-\mode<presentation>{
+\frametitle{Security Levels (2)}
-\begin{frame}[c]
-\frametitle{\begin{tabular}{@ {}c@ {}}Security Levels (2)\end{tabular}}
+\begin{itemize}
+\item Bell-La Padula preserves data secrecy, but not data
-\begin{itemize}
+integrity\bigskip\pause
-\item Bell --- La Padula preserves data secrecy, but not data integrity\bigskip\pause
 \item Biba model is for data integrity
 \begin{itemize}
 \item read: your own level and above
 \item write: your own level and below
 \end{itemize}
 \end{itemize}
-\end{frame}}
+\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
 \begin{frame}[c]
 \frametitle{Shared Access Control}
 \begin{center}
-\includegraphics[scale=0.7]{pics/pointsplane.jpg}
+\includegraphics[scale=0.7]{../pics/pointsplane.jpg}
 \end{center}
 \begin{textblock}{11}(10.5,10.5)
 \small
 To take an action you\\[-1mm]
 \item 2 MDs, or\\[-5mm]
 \item 3 Ds
 \end{itemize}
 \end{textblock}
-\end{frame}}
+\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
+\begin{frame}[c]
-\begin{frame}[c]
+\frametitle{\Large Lessons from Access Control}
-\frametitle{Lessons from Access Control}
 Not just restricted to Unix:
 \begin{itemize}
 \item if you have too many roles (i.e.~too finegrained AC), then
 	hierarchy is too complex\\
-	\textcolor{gray}{you invite situations like\ldots let's be root}\bigskip
+	\textcolor{gray}{you invite situations like\ldots lets be root}\bigskip
-\item you can still abuse the system\ldots
+\item you can still abuse the system\ldots\bigskip\pause
-\end{itemize}
+\item
+policies (a finite system)\\
-\end{frame}}
+computer system (infinite)\medskip\\
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+Q: Does your policy ensure that a tainted file cannot affect your
+core system files?
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[t]
 \frametitle{Protocols}
 \mbox{}
 \item<2-> indicates one ``protocol run'', or session,  which specifies some
 order in the communication
 \item<2-> there can be several sessions in parallel (think of wifi routers)
 \end{itemize}
-\end{frame}}
+\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
-\mode<presentation>{
+\frametitle{\Large Cryptographic Protocol Failures}
-\begin{frame}[c]
-\frametitle{A mutual authentication protocol}
+Ross Anderson and Roger Needham wrote:\bigskip
+\begin{quote}\rm
+\alert{A lot of the recorded frauds were the result of this kind of
+blunder, or from management negligence pure and simple.} However,
+there have been a significant number of cases where the designers
+protected the right things, used cryptographic algorithms which were
+not broken, and yet found that their systems were still successfully
+attacked.
+\end{quote}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}<1-3>[c]
+\frametitle{Oyster Cards}
+\includegraphics[scale=0.4]{../pics/oysterc.jpg}
+\begin{itemize}
+\item good example of a bad protocol\\ (security by obscurity)\bigskip
+\item<3->  ``Breaching security on Oyster cards should not
+allow unauthorised use for more than a day, as TfL promises to turn
+off any cloned cards within 24 hours\ldots''
+\end{itemize}
+\only<2>{
+\begin{textblock}{12}(0.5,0.5)
+\begin{bubble}[11cm]\footnotesize
+{\bf Wirelessly Pickpocketing a Mifare Classic Card}\medskip
+The Mifare Classic is the most widely used contactless smartcard on the
+market. The stream cipher CRYPTO1 used by the Classic has recently been
+reverse engineered and serious attacks have been proposed. The most serious
+of them retrieves a secret key in under a second. In order to clone a card,
+previously proposed attacks require that the adversary either has access to
+an eavesdropped communication session or executes a message-by-message
+man-in-the-middle attack between the victim and a legitimate
+reader. Although this is already disastrous from a cryptographic point of
+view, system integrators maintain that these attacks cannot be performed
+undetected.\smallskip
+This paper proposes four attacks that can be executed by an adversary having
+only wireless access to just a card (and not to a legitimate reader). The
+most serious of them recovers a secret key in less than a second on ordinary
+hardware. Besides the cryptographic weaknesses, we exploit other weaknesses
+in the protocol stack. A vulnerability in the computation of parity bits
+allows an adversary to establish a side channel. Another vulnerability
+regarding nested authentications provides enough plaintext for a speedy
+known-plaintext attack.\hfill{}(a paper from 2009)
+\end{bubble}
+\end{textblock}}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}<1->[t]
+\frametitle{Another Example}
+In an email from Ross Anderson\bigskip\small
+\begin{tabular}{l}
+From: Ross Anderson <Ross.Anderson@cl.cam.ac.uk>\\
+Sender: cl-security-research-bounces@lists.cam.ac.uk\\
+To: cl-security-research@lists.cam.ac.uk\\
+Subject: Birmingham case\\
+Date: Tue, 13 Aug 2013 15:13:17 +0100\\
+\end{tabular}
+\only<2>{
+\begin{textblock}{12}(0.5,0.8)
+\begin{bubble}[11cm]
+\footnotesize
+As you may know, Volkswagen got an injunction against the University of
+Birmingham suppressing the publication of the design of a weak cipher
+used in the remote key entry systems in its recent-model cars. The paper
+is being given today at Usenix, minus the cipher design.\medskip
+I've been contacted by Birmingham University's lawyers who seek to prove
+that the cipher can be easily obtained anyway. They are looking for a
+student who will download the firmware from any newish VW, disassemble
+it and look for the cipher. They'd prefer this to be done by a student
+rather than by a professor to emphasise how easy it is.\medskip
+Volkswagen's argument was that the Birmingham people had reversed a
+locksmithing tool produced by a company in Vietnam, and since their key
+fob chip is claimed to be tamper-resistant, this must have involved a
+corrupt insider at VW or at its supplier Thales. Birmingham's argument
+is that this is nonsense as the cipher is easy to get hold of. Their
+lawyers feel this argument would come better from an independent
+outsider.\medskip
+Let me know if you're interested in having a go, and I'll put you in
+touch
+Ross
+\end{bubble}
+\end{textblock}}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{Authentication Protocols}
+Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key \bl{$K_{AB}$}\bigskip
+Passwords:
+\begin{center}
+\bl{$B \rightarrow A: K_{AB}$}
+\end{center}\pause\bigskip
+Problem: Eavesdropper can capture the secret and replay it; \bl{$A$} cannot confirm the
+identity of \bl{$B$}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{Authentication Protocols}
+Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key \bl{$K_{AB}$}\bigskip
+Simple Challenge Response:
 \begin{center}
 \begin{tabular}{ll}
-\bl{$A \rightarrow B$:} & \bl{$N_a$}\\
+\bl{$A \rightarrow B:$} & \bl{$N$}\\
-\bl{$B \rightarrow A$:} & \bl{$\{N_a, N_b\}_{K_{ab}}$}\\
+\bl{$B \rightarrow A:$} & \bl{$\{N\}_{K_{AB}}$}\\
-\bl{$A \rightarrow B$:} & \bl{$N_b$}\\
+\end{tabular}
-\end{tabular}
+\end{center}
-\end{center}\pause
-An attacker \bl{$E$} can launch an impersonation attack by
+\end{frame}}
-intercepting all messages for \bl{$B$} and make \bl{$A$} decrypt her own challenges.
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\frametitle{Authentication Protocols}
-\mode<presentation>{
+Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key \bl{$K_{AB}$}\bigskip
+Mutual Challenge Response:
+\begin{center}
+\begin{tabular}{ll}
+\bl{$A \rightarrow B:$} & \bl{$N_A$}\\
+\bl{$B \rightarrow A:$} & \bl{$\{N_A, N_B\}_{K_{AB}}$}\\
+\bl{$A \rightarrow B:$} & \bl{$N_B$}\\
+\end{tabular}
+\end{center}
+%\pause
+%An attacker \bl{$E$} can launch an impersonation attack by
+%intercepting all messages for \bl{$B$} and make \bl{$A$} decrypt her
+%own challenges.
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
 \frametitle{Nonces}
 \begin{enumerate}
 \item I generate a nonce (random number) and send it to you encrypted with a key we share
 \item you could only have generated your answer after I send you my initial
 message
 \item if only you and me know the key, the message must have come from you
 \end{itemize}
-\end{frame}}
+\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
 \bl{$B \rightarrow A$:} & \bl{$\{N_a, N_b\}_{K_{ab}}$}\\
 \bl{$A \rightarrow B$:} & \bl{$N_b$}\\
 \end{tabular}
 \end{center}
-The attack:
+The attack (let $A$ decrypt her own messages):
 \begin{center}
 \begin{tabular}{ll}
 \bl{$A \rightarrow E$:} & \bl{$N_a$}\\
 \textcolor{gray}{$E \rightarrow A$:} & \textcolor{gray}{$N_a$}\\
 \small Solutions: \bl{$K_{ab} \not= K_{ba}$} or include an id in the second message
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{Identify Friend or Foe}
-\begin{center}
-\onslide<3->{\mbox{}\hspace{3.4cm}\includegraphics[scale=0.55]{pics/MigInMiddle.jpg}}
-\end{center}
-\begin{textblock}{6}(0.3,2)
-\onslide<2->{
-198?: war between Angola (supported by Cuba)
-and Namibia (supported by SA)}
-\end{textblock}
-\begin{textblock}{3}(12.5,4.6)
-\onslide<3->{
-\begin{tikzpicture}
-\node at (0,0) [single arrow, fill=red,text=white, rotate=-50, shape border rotate=180]{``bystander''};
-\end{tikzpicture}}
-\end{textblock}
-\begin{textblock}{3}(10.9,10)
-\onslide<3->{
-\begin{tikzpicture}
-\node at (0,0) [single arrow, fill=red,text=white, rotate=-40, shape border rotate=180]{attacker};
-\end{tikzpicture}}
-\end{textblock}
-\only<4->{
-\begin{textblock}{6}(0.3,9)
-being outsmarted by Angola/Cuba
-ended SA involvement (?)
-\end{textblock}}
-\only<5->{
-\begin{textblock}{6}(0.3,13)
-IFF opened up a nice side-channel attack
-\end{textblock}}
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
 \frametitle{Encryption to the Rescue?}
 \end{itemize}
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{Person-in-the-Middle}
+``Normal'' protocol run:\bigskip
+\begin{itemize}
+\item \bl{$A$} sends public key  to \bl{$B$}
+\item \bl{$B$} sends public key  to \bl{$A$}
+\item \bl{$A$} sends message encrypted with \bl{$B$}'s public key, \bl{$B$} decrypts it
+with its private key
+\item \bl{$B$} sends message encrypted with \bl{$A$}'s public key, \bl{$A$} decrypts it
+with its private key
+\end{itemize}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{Person-in-the-Middle}
+Attack:
+\begin{itemize}
+\item \bl{$A$} sends public key  to \bl{$B$}  --- \bl{$C$} intercepts this message and send his own public key
+\item \bl{$B$} sends public key  to \bl{$A$} --- \bl{$C$} intercepts this message and send his own public key
+\item \bl{$A$} sends message encrypted with \bl{$C$}'s public key, \bl{$C$} decrypts it
+with its private key, re-encrypts with \bl{$B$}'s public key
+\item similar for other direction
+\end{itemize}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{Person-in-the-Middle}
+Prevention:
+\begin{itemize}
+\item \bl{$A$} sends public key  to \bl{$B$}
+\item \bl{$B$} sends public key  to \bl{$A$}
+\item \bl{$A$} encrypts message with \bl{$B$}'s public key, send's {\bf half} of the message
+\item \bl{$B$} encrypts message with \bl{$A$}'s public key, send's {\bf half} of the message
+\item \bl{$A$} sends other half, \bl{$B$} can now decrypt entire message
+\item \bl{$B$} sends other half, \bl{$A$} can now decrypt entire message
+\end{itemize}\pause
+\bl{$C$} would have to invent a totally new message
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
 \frametitle{Binding Attacks}
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
-\begin{frame}[t]
-\frametitle{Changing Environment Attacks}
-\begin{itemize}
-\item all protocols rely on some assumptions about the environment
-(e.g., cryptographic keys cannot be broken)\bigskip\pause
-\end{itemize}
-\only<2>{
-\begin{itemize}
-\item in the ``good olden days'' (1960/70) rail transport was cheap, so fraud was not
-worthwhile
-\end{itemize}}
-\only<3>{
-\begin{itemize}
-\item when it got expensive, some people bought cheaper monthly tickets for a suburban
-station and a nearby one, and one for the destination and a nearby one
-\item a large investment later all barriers were automatic and tickets could record state
-\end{itemize}}
-\only<4>{
-\begin{itemize}
-\item but suddenly the environment changed: rail transport got privatised creating many
-competing companies
-potentially cheating each other
-\item revenue from monthly tickets was distributed according to a formula involving where the ticket was bought\ldots
-\end{itemize}}
-\only<5>{
-\begin{itemize}
-\item apart from bad outsiders (passengers), you also have bad insiders (rail companies)
-\item chaos and litigation ensued
-\end{itemize}}
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
 \begin{frame}[c]
 A Man-in-the-middle attack in real life:
 \begin{itemize}
-\item the card only says yes or no to the terminal if the PIN is correct
+\item the card only says yes to the terminal if the PIN is correct
 \item trick the card in thinking transaction is verified by signature
 \item trick the terminal in thinking the transaction was verified by PIN
 \end{itemize}
 \begin{minipage}{1.1\textwidth}
 \begin{center}
-\mbox{}\hspace{-6mm}\includegraphics[scale=0.5]{pics/chip-attack.png}
+\mbox{}\hspace{-6mm}\includegraphics[scale=0.5]{../pics/chip-attack.png}
-\includegraphics[scale=0.3]{pics/chipnpinflaw.png}
+\includegraphics[scale=0.3]{../pics/chipnpinflaw.png}
 \end{center}
 \end{minipage}
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \item it is a wrapper for many protocols
 \item specification by consensus (resulted unmanageable complexity)
 \item its specification is 700 pages in English plus 2000+ pages for testing, additionally some
 further parts are secret
 \item other attacks have been found
-\item one solution might be to require always online verification of the PIN with the bank
 \end{itemize}
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \item try to make everything explicit (you need to authenticate all data you might rely on)\medskip
 \item the one who can fix a system should also be liable for the losses\medskip
 \item cryptography is often not {\bf the} answer\bigskip\bigskip
 \end{itemize}
-logic is one way protocols are studied in academia
+\end{frame}}
-(you can use computers to search for attacks)
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\frametitle{Best Practices}
-\mode<presentation>{
-\begin{frame}[c]
+{\bf Principle 1:} Every message should say what it means: the interpretation of
-\frametitle{\begin{tabular}{@ {}c@ {}}Schneier: Step 1\end{tabular}}
+a message should not depend on the context.\bigskip\pause
-{\bf What assets are you trying to protect?}\bigskip
+{\bf Principle 2:} If the identity of a principal is essential to the meaning of a message, it is prudent
+to mention the principal’s name explicitly in the message (though difficult).\bigskip
-This question might seem basic, but a surprising number of people never ask it. The question involves understanding the scope of the problem. For example, securing an airplane, an airport, commercial aviation, the transportation system, and a nation against terrorism are all different security problems, and require different solutions.
-\only<2>{
+\end{frame}}
-\begin{tikzpicture}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm]
-{\begin{minipage}{10cm}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\small You like to prevent: ``It would be terrible if this sort of attack ever happens; we need to do everything in our power to prevent it.''
+\mode<presentation>{
-\end{minipage}};
+\begin{frame}[c]
-\end{tikzpicture}}
-\end{frame}}
+{\bf Principle 3:} Be clear about why encryption is being
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+done. Encryption is not cheap, and not asking precisely why it is
+being done can lead to redundancy. Encryption is not synonymous with
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+security.
-\mode<presentation>{
-\begin{frame}[c]
+\begin{center}
-\frametitle{\begin{tabular}{@ {}c@ {}}Schneier: Step 2\end{tabular}}
+Possible Uses of Encryption
-{\bf What are the risks to these assets?}\bigskip
+\begin{itemize}
+\item Preservation of confidentiality: \bl{$\{X\}_K$} only those that have \bl{$K$} may recover \bl{$X$}.
-Here we consider the need for security. Answering it involves understanding what is being defended, what the consequences are if it is successfully attacked, who wants to attack it, how they might attack it, and why.
+\item Guarantee authenticity: The partner is indeed some particular principal.
+\item Guarantee confidentiality and authenticity: binds two parts of a message ---
-\end{frame}}
+\bl{$\{X,Y\}_K$} is not the same as \bl{$\{X\}_K$} and \bl{$\{Y\}_K$}.
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\end{itemize}
+\end{center}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{@ {}c@ {}}Schneier: Step 3\end{tabular}}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-{\bf How well does the security solution mitigate those risks?}\bigskip
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-Another seemingly obvious question, but one that is frequently ignored. If the security solution doesn't solve the problem, it's no good. This is not as simple as looking at the security solution and seeing how well it works. It involves looking at how the security solution interacts with everything around it, evaluating both its operation and its failures.
+\mode<presentation>{
+\begin{frame}[c]
-\end{frame}}
+\frametitle{Best Practices}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+{\bf Principle 4:} The protocol designer should know which trust relations his protocol depends on, and why the dependence is necessary. The reasons for particular trust relations being acceptable should be explicit though they will be founded on judgment and policy rather than on logic.\bigskip
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
+Example Certification Authorities: CAs are trusted to certify a key only after proper steps
-\frametitle{\begin{tabular}{@ {}c@ {}}Schneier: Step 4\end{tabular}}
+have been taken to identify the principal that owns it.
-{\bf What other risks does the security solution cause?}\bigskip
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-This question addresses what might be called the problem of unintended consequences. Security solutions have ripple effects, and most cause new security problems. The trick is to understand the new problems and make sure they are smaller than the old ones.
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{@ {}c@ {}}Schneier: Step 5\end{tabular}}
-{\bf What costs and trade-offs does the security solution impose?}\bigskip
-Every security system has costs and requires trade-offs. Most security costs money, sometimes substantial amounts; but other trade-offs may be more important, ranging from matters of convenience and comfort to issues involving basic freedoms like privacy. Understanding these trade-offs is essential.
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \end{document}
 %%% Local Variables:
 %%% mode: latex

changeset 241	07e4d8f64ca8
parent 121	01f7e799e6ce
child 243	dd94cbf9eba7