sen-material: comparison slides/slides05.tex

equal deleted inserted replaced

-:490079e16157
+:f99817977494
 share a single key between many entities
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
+% \begin{frame}[c]
-\frametitle{Protocol Attacks}
+% \frametitle{Protocol Attacks}
-\begin{itemize}
+% \begin{itemize}
-\item replay attacks
+% \item replay attacks
-\item reflection attacks
+% \item reflection attacks
-\item man-in-the-middle attacks
+% \item man-in-the-middle attacks
-\item timing attacks
+% \item timing attacks
-\item parallel session attacks
+% \item parallel session attacks
-\item binding attacks (public key protocols)
+% \item binding attacks (public key protocols)
-\item changing environment / changing assumptions\bigskip
+% \item changing environment / changing assumptions\bigskip
-\item (social engineering attacks)
+% \item (social engineering attacks)
-\end{itemize}
+% \end{itemize}
-\end{frame}
+% \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
 \frametitle{Public-Key Infrastructure}
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
-\frametitle{Man-in-the-Middle}
+\frametitle{A Simple PK Protocol}
 ``Normal'' protocol run:\bigskip
 \begin{itemize}
 \item \bl{$A$} sends public key  to \bl{$B$}
 with its private key
 \end{itemize}
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Man-in-the-Middle}
-Attack:
-\begin{itemize}
-\item \bl{$A$} sends public key  to \bl{$B$}  --- \bl{$C$} intercepts this message and send his own public key
-\item \bl{$B$} sends public key  to \bl{$A$} --- \bl{$C$} intercepts this message and send his own public key
-\item \bl{$A$} sends message encrypted with \bl{$C$}'s public key, \bl{$C$} decrypts it
-with its private key, re-encrypts with \bl{$B$}'s public key
-\item similar for other direction
-\end{itemize}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Man-in-the-Middle}
-Potential Prevention?
-\begin{itemize}
-\item \bl{$A$} sends public key  to \bl{$B$}
-\item \bl{$B$} sends public key  to \bl{$A$}
-\item \bl{$A$} encrypts message with \bl{$B$}'s public key, send's {\bf half} of the message
-\item \bl{$B$} encrypts message with \bl{$A$}'s public key, send's {\bf half} of the message
-\item \bl{$A$} sends other half, \bl{$B$} can now decrypt entire message
-\item \bl{$B$} sends other half, \bl{$A$} can now decrypt entire message
-\end{itemize}\pause
-%\bl{$C$} would have to invent a totally new message
-\alert{Under which circumstances does this protocol prevent
-MiM-attacks, or does it?}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Car Transponder (HiTag2)}
-\begin{enumerate}
-\item \bl{$C$} generates a random number \bl{$N$}
-\item \bl{$C$} calculates \bl{$(F,G) = \{N\}_K$}
-\item \bl{$C \to T$}: \bl{$N, F$}
-\item \bl{$T$} calculates \bl{$(F',G') = \{N\}_K$}
-\item \bl{$T$} checks that \bl{$F = F'$}
-\item \bl{$T \to C$}: \bl{$N, G'$}
-\item \bl{$C$} checks that \bl{$G = G'$}
-\end{enumerate}\pause
-\small
-This process means that the transponder believes the car knows
-the key \bl{$K$}, and the car believes the transponder knows
-the key \bl{$K$}. They have authenticated themselves
-to each other, or have they?
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-A Man-in-the-middle attack in real life:
-\begin{itemize}
-\item the card only says yes to the terminal if the PIN is correct
-\item trick the card in thinking transaction is verified by signature
-\item trick the terminal in thinking the transaction was verified by PIN
-\end{itemize}
-\begin{minipage}{1.1\textwidth}
-\begin{center}
-\mbox{}\hspace{-6mm}\includegraphics[scale=0.5]{../pics/chip-attack.png}
-\includegraphics[scale=0.3]{../pics/chipnpinflaw.png}
-\end{center}
-\end{minipage}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Problems with EMV}
-\begin{itemize}
-\item it is a wrapper for many protocols
-\item specification by consensus (resulted unmanageable complexity)
-\item its specification is 700 pages in English plus 2000+ pages for testing, additionally some
-further parts are secret
-\item other attacks have been found
-\end{itemize}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Protocols are Difficult}
-\begin{itemize}
-\item even the systems designed by experts regularly fail\medskip
-\item the one who can fix a system should also be liable for the losses\medskip
-\item cryptography is often not the problem\bigskip\bigskip
-\end{itemize}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
 \frametitle{A Simple PK Protocol}
 \end{center}\pause\bigskip
 unfortunately there is a simple man-in-the- middle-attack
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{Man-in-the-Middle}
+Attack:
+\begin{itemize}
+\item \bl{$A$} sends public key  to \bl{$B$}  --- \bl{$C$} intercepts this message and send his own public key
+\item \bl{$B$} sends public key  to \bl{$A$} --- \bl{$C$} intercepts this message and send his own public key
+\item \bl{$A$} sends message encrypted with \bl{$C$}'s public key, \bl{$C$} decrypts it
+with its private key, re-encrypts with \bl{$B$}'s public key
+\item similar for other direction
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
 \frametitle{A MITM Attack}
 \end{center}\pause\medskip
 and \bl{$A$} and \bl{$B$} have no chance to detect it
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+% \begin{frame}[c]
+% \frametitle{Man-in-the-Middle}
+% Potential Prevention?
+% \begin{itemize}
+% \item \bl{$A$} sends public key  to \bl{$B$}
+% \item \bl{$B$} sends public key  to \bl{$A$}
+% \item \bl{$A$} encrypts message with \bl{$B$}'s public key, send's {\bf half} of the message
+% \item \bl{$B$} encrypts message with \bl{$A$}'s public key, send's {\bf half} of the message
+% \item \bl{$A$} sends other half, \bl{$B$} can now decrypt entire message
+% \item \bl{$B$} sends other half, \bl{$A$} can now decrypt entire message
+% \end{itemize}\pause
+% %\bl{$C$} would have to invent a totally new message
+% \alert{Under which circumstances does this protocol prevent
+% MiM-attacks, or does it?}
+%\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+A Man-in-the-middle attack in real life:
+\begin{itemize}
+\item the card only says yes to the terminal if the PIN is correct
+\item trick the card in thinking transaction is verified by signature
+\item trick the terminal in thinking the transaction was verified by PIN
+\end{itemize}
+\begin{minipage}{1.1\textwidth}
+\begin{center}
+\mbox{}\hspace{-6mm}\includegraphics[scale=0.5]{../pics/chip-attack.png}
+\includegraphics[scale=0.3]{../pics/chipnpinflaw.png}
+\end{center}
+\end{minipage}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+% \begin{frame}[c]
+% \frametitle{Problems with EMV}
+% \begin{itemize}
+% \item it is a wrapper for many protocols
+% \item specification by consensus (resulted unmanageable complexity)
+% \item its specification is 700 pages in English plus 2000+ pages for testing, additionally some
+% further parts are secret
+% \item other attacks have been found
+% \end{itemize}
+% \end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+% \begin{frame}[c]
+% \frametitle{Protocols are Difficult}
+% \begin{itemize}
+% \item even the systems designed by experts regularly fail\medskip
+% \item the one who can fix a system should also be liable for the losses\medskip
+% \item cryptography is often not the problem\bigskip\bigskip
+% \end{itemize}
+% \end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
 \frametitle{Interlock Protocol}
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
+\frametitle{Car Transponder (HiTag2)}
+\begin{enumerate}
+\item \bl{$C$} generates a random number \bl{$N$}
+\item \bl{$C$} calculates \bl{$(F,G) = \{N\}_K$}
+\item \bl{$C \to T$}: \bl{$N, F$}
+\item \bl{$T$} calculates \bl{$(F',G') = \{N\}_K$}
+\item \bl{$T$} checks that \bl{$F = F'$}
+\item \bl{$T \to C$}: \bl{$N, G'$}
+\item \bl{$C$} checks that \bl{$G = G'$}
+\end{enumerate}\pause
+\small
+This process means that the transponder believes the car knows
+the key \bl{$K$}, and the car believes the transponder knows
+the key \bl{$K$}. They have authenticated themselves
+to each other, or have they?
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
 \frametitle{Trusted Third Parties}
 Simple protocol for establishing a secure connection via a
 mutually trusted 3rd party (server):
 %\end{quote}
 %
 %\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Mid-Term}
-\begin{itemize}
-\item homework, handouts, programs\ldots
-\end{itemize}\bigskip\bigskip\bigskip
-\begin{center}
-{\huge\bf\alert{Any Questions?}}
-\end{center}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Security Engineering}
-\begin{center}
-\begin{tabular}{cc}
-\raisebox{-0.8mm}{\includegraphics[scale=0.28]{../pics/flight.jpg}} &
-\includegraphics[scale=0.31]{../pics/airbus.jpg}\\
-\small Wright brothers, 1901 & \small Airbus, 2005 \\
-\end{tabular}
-\end{center}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{1st Lecture}
-\begin{itemize}
-\item chip-and-pin, banks vs.~customers
-\begin{quote}\small\rm
-the one who can improve security should also be
-liable for the losses
-\end{quote}\pause\bigskip
-\item hashes and salts to guarantee data integrity\medskip
-\item storing passwords (you should know the difference between
-brute force attacks and dictionary attacks; how do salts help?)
-\end{itemize}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{1st Lecture: Cookies}
-\begin{itemize}
-\item good uses of cookies?\medskip
-\item bad uses of cookies: snooping, tracking, profiling\ldots
-the ``disadvantage'' is that the user is in
-\alert{control}, because you can delete them
-\begin{center} ``Please track me using cookies.''
-\end{center}\bigskip\pause
-\item fingerprinting beyond browser cookies
-\begin{quote}\small\rm
-Pixel Perfect: Fingerprinting Canvas in HTML5\\
-(a research paper from 2012)\\
-\footnotesize
-\url{http://cseweb.ucsd.edu/~hovav/papers/ms12.html}
-\end{quote}
-\end{itemize}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{1st Lecture: Cookies}
-\begin{itemize}
-\item a bit of JavaScript and HTML5 + canvas\medskip
-\begin{center}
-\begin{tabular}{cc}
-Firefox & Safari\\
-\includegraphics[scale=0.31]{../pics/firefox1.png} &
-\includegraphics[scale=0.31]{../pics/safari1.png} \\
-\tiny
-\pcode{55b2257ad0f20ecbf927fb66a15c61981f7ed8fc} &
-\tiny
-\pcode{17bc79f8111e345f572a4f87d6cd780b445625d3}
-\end{tabular}
-\end{center}\bigskip
-\item\small no actual drawing needed\pause
-\item\small in May 2014 a crawl of 100,000 popular
-webpages revealed 5.5\% already use canvas
-fingerprinting\smallskip
-\begin{center}\scriptsize
-\url{https://securehomes.esat.kuleuven.be/~gacar/persistent/the_web_never_forgets.pdf}
-\end{center}
-\end{itemize}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{1st Lecture: Cookies}
-Remember the small web-app I showed you where a cookie
-protected a counter?\bigskip
-\begin{itemize}
-\item NYT, the cookie looks the ``resource'' - harm\medskip
-\item imaginary discount unlocked by cookie - no harm
-\end{itemize}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[t]
-\frametitle{2nd Lecture: E-Voting}
-Where are paper ballots better than voice voting?\bigskip
-\begin{itemize}
-\item Integrity
-\item \alert{Ballot Secrecy}
-\item Voter Authentication
-\item Enfranchisement
-\item Availability
-\end{itemize}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[t]
-\frametitle{2nd Lecture: E-Voting}
-\begin{itemize}
-\item recently an Australian parliamentary committee
-found: e-voting is highly vulnerable to hacking and Australia
-will not use it any time soon\bigskip\pause
-\item Alex Halderman, Washington D.C.~hack
-\begin{center}
-\scriptsize
-\url{https://jhalderm.com/pub/papers/dcvoting-fc12.pdf}
-\end{center}\medskip
-\item PDF-ballot tampering at the wireless router (the modification
-is nearly undetectable and leaves no traces; MITM attack with firmware
-updating)
-\begin{center}
-\scriptsize
-\url{http://galois.com/wp-content/uploads/2014/11/technical-hack-a-pdf.pdf}
-\end{center}
-\end{itemize}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\tikzset{alt/.code args={<#1>#2#3#4}{%
-\alt<#1>{\pgfkeysalso{#2}}{\pgfkeysalso{#3}} % \pgfkeysalso doesn't change the path
-}}
-\begin{frame}[t]
-\frametitle{\begin{tabular}{c}3rd Lecture:\\ Buffer Overflow Attacks\end{tabular}}
-\begin{itemize}
-\item the problem arises from the way C/C++ organises its function calls\\[-8mm]\mbox{}
-\end{itemize}
-\begin{center}
-\begin{tikzpicture}[scale=1]
-%\draw[black!10,step=2mm] (0,0) grid (9,4);
-%\draw[black!10,thick,step=10mm] (0,0) grid (9,4);
-\node at (0.5,4.5) {\small\begin{tabular}{l}main\\[-2mm] prog.\end{tabular}};
-\draw[line width=0mm, white, alt=<2->{fill=red}{fill=blue}] (0,2.5) rectangle (1,3.8);
-\draw[line width=0mm, white, alt=<9->{fill=red}{fill=blue}] (0,0.2) rectangle (1,0.5);
-\draw[line width=1mm, alt=<3->{fill=yellow}{fill=blue}] (0,2.0) rectangle (1,2.5);
-\draw[line width=1mm, alt=<6->{fill=red}{fill=blue}] (0,1.0) rectangle (1,2.0);
-\draw[line width=1mm, alt=<7->{fill=yellow}{fill=blue}] (0,0.5) rectangle (1,1.0);
-\draw[line width=1mm] (0,0) -- (0,4);
-\draw[line width=1mm] (1,0) -- (1,4);
-\node at (3.5,3.5) {\small\begin{tabular}{l}fact(n)\end{tabular}};
-\draw[line width=1mm, alt=<{4-5,8}>{fill=red}{fill=blue}] (3,1.0) rectangle (4,3.0);
-\onslide<3-4>{\draw[->, line width=1mm,red] (1,2.3) to node [above,sloped,midway] {n=4} (3,3);}
-\onslide<5>{\draw[<-, line width=1mm,red] (1,2.3) to node [above,sloped,midway] {res=24} (3,1);}
-\onslide<7-8>{\draw[->, line width=1mm,red] (1,0.8) to node [above,sloped,midway] {n=3} (3,3);}
-\onslide<9>{\draw[<-, line width=1mm,red] (1,0.8) to node [above,sloped,midway] {res=6} (3,1);}
-\node at (7.75,3.9) {\small\begin{tabular}{l}stack\end{tabular}};
-\draw[line width=1mm] (7,3.5) -- (7,0.5) -- (8.5,0.5) -- (8.5,3.5);
-\onslide<3,4,7,8>{
-\node at (7.75, 1.4) {ret};
-\draw[line width=1mm] (7,1.1) -- (8.5,1.1);
-\node at (7.75, 2.0) {sp};
-\draw[line width=1mm] (7,2.3) -- (8.5,2.3);
-}
-\onslide<3,4>{
-\node at (7.75, 0.8) {4};
-\draw[line width=1mm] (7,1.7) -- (8.5,1.7);
-}
-\onslide<7,8>{
-\node at (7.75, 0.8) {3};
-\draw[line width=1mm] (7,1.7) -- (8.5,1.7);
-}
-\end{tikzpicture}
-\end{center}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[t]
-\begin{center}
-\begin{tikzpicture}[scale=1]
-%\draw[black!10,step=2mm] (0,0) grid (9,4);
-%\draw[black!10,thick,step=10mm] (0,0) grid (9,4);
-\node at (0.5,4.5) {\small\begin{tabular}{l}main\\[-2mm] prog.\end{tabular}};
-\draw[line width=0mm, white, alt=<2->{fill=red}{fill=blue}] (0,2.5) rectangle (1,3.8);
-\draw[line width=1mm, white, fill=blue] (0,1.0) rectangle (1,2.0);
-\draw[line width=1mm, alt=<3->{fill=yellow}{fill=blue}] (0,2.0) rectangle (1,2.5);
-\draw[line width=1mm] (0,0) -- (0,4);
-\draw[line width=1mm] (1,0) -- (1,4);
-\node at (3.5,3.5) {\small\begin{tabular}{l}fact(n)\end{tabular}};
-\draw[line width=0mm, alt=<{4-}>{red, fill=red}{blue, fill=blue}] (3,2.8) rectangle (4,3.0);
-\draw[line width=0mm, alt=<{5-}>{red, fill=red}{blue, fill=blue}] (3,2.8) rectangle (4,2.0);
-\draw[line width=0mm, alt=<{7-}>{red, fill=red}{blue, fill=blue}] (3,2.0) rectangle (4,1.0);
-\draw[line width=1mm] (3,1.0) rectangle (4,3.0);
-\onslide<3->{\draw[->, line width=1mm,red] (1,2.3) to node [above,sloped,midway] {n=4} (3,3);}
-\onslide<5->{\draw[<-, line width=2mm,red] (4,2) to node [above,sloped,midway]
-{\begin{tabular}{l}user\\[-1mm] input\end{tabular}} (6,2);}
-\onslide<8->{\draw[<-, line width=1mm,red] (1,-2) to (3,1);}
-\node at (7.75,3.9) {\small\begin{tabular}{l}stack\end{tabular}};
-\draw[line width=1mm] (7,3.5) -- (7,-0.1) -- (8.5,-0.1) -- (8.5,3.5);
-\onslide<3->{
-\node at (7.75, 0.2) {4};
-\draw[line width=1mm,alt=<6->{fill=red}{fill=white}] (7,0.5) rectangle (8.5,1.1);
-\node at (7.75, 0.8) {\alt<6->{@a\#}{ret}};
-\draw[line width=1mm,alt=<6->{fill=red}{fill=white}] (7,1.1) rectangle (8.5,1.7);
-\node at (7.75, 1.4) {\alt<6->{!?w;}sp};
-}
-\onslide<4->{
-\draw[line width=1mm,fill=red] (7,1.7) rectangle (8.5,3.0);
-\node[white] at (7.75, 2.4) {buffer};
-}
-\end{tikzpicture}
-\end{center}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[t]
-\frametitle{\begin{tabular}{c}3rd Lecture:\\[-3mm]
-Buffer Overflow Attacks\end{tabular}}
-US National Vulnerability Database\\
-\small(636 out of 6675 in 2014)
-\begin{center}
-\begin{tikzpicture}
-\begin{axis}[
-xlabel={year},
-ylabel={\% of total attacks},
-ylabel style={yshift=0em},
-enlargelimits=false,
-xtick={1997,1999,...,2015},
-xmin=1996.5,
-xmax=2016,
-ymax=21,
-ytick={0,5,...,20},
-scaled ticks=false,
-axis lines=left,
-width=11cm,
-height=5cm,
-ybar,
-nodes near coords=
-{\footnotesize
-$\pgfmathprintnumber[fixed,fixed zerofill,precision=1,use comma]{\pgfkeysvalueof{/data point/y}}$},
-x tick label style={font=\scriptsize,/pgf/number format/1000 sep={}}]
-\addplot
-table [x=Year,y=Percentage] {../handouts/bufferoverflows.data};
-\end{axis}
-\end{tikzpicture}
-\end{center}
-\scriptsize
-\url{http://web.nvd.nist.gov/view/vuln/statistics}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[t]
-\frametitle{\begin{tabular}{c}4th Lecture:\\ Unix Access Control\end{tabular}}
-\begin{itemize}
-\item privileges are specified by file access permissions (``everything is a file'')
-\end{itemize}\medskip
-\begin{center}
-\begin{tikzpicture}[scale=1]
-\draw[line width=1mm] (-.3, 0) rectangle (1.5,2);
-\draw (4.7,1) node {Internet};
-\draw (-2.7,1.7) node {\footnotesize Application};
-\draw (0.6,1.7) node {\footnotesize Interface};
-\draw (0.6,-0.4) node {\footnotesize \begin{tabular}{c}unprivileged\\[-1mm] process\end{tabular}};
-\draw (-2.7,-0.4) node {\footnotesize \begin{tabular}{c}privileged\\[-1mm] process\end{tabular}};
-\draw[line width=1mm] (-1.8, 0) rectangle (-3.6,2);
-\draw[white] (1.7,1) node (X) {};
-\draw[white] (3.7,1) node (Y) {};
-\draw[red, <->, line width = 2mm] (X) -- (Y);
-\draw[red, <->, line width = 1mm] (-0.6,1) -- (-1.6,1);
-\end{tikzpicture}
-\end{center}
-\begin{itemize}
-\item the idea is to make the attack surface smaller and
-mitigate the consequences of an attack
-\end{itemize}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[fragile,t]
-\frametitle{\begin{tabular}{c}4th Lecture:\\ Unix Access Control\end{tabular}}
-\begin{itemize}
-\item when a file with setuid is executed, the resulting process will assume the
-UID given to the owner of the file
-\end{itemize}
-\footnotesize\tt
-\begin{center}
-\begin{verbatim}
-$ ls -ld . * */*
-drwxr-xr-x 1 ping staff  32768 Apr  2 2010 .
--rw----r-- 1 ping students  31359 Jul 24 2011 manual.txt
--r--rw--w- 1 bob students    4359 Jul 24 2011 report.txt
--rwsr--r-x 1 bob students  141359 Jun  1 2013 microedit
-dr--r-xr-x 1 bob staff      32768 Jul 23 2011 src
--rw-r--r-- 1 bob staff      81359 Feb 28 2012 src/code.c
--r--rw---- 1 emma students    959 Jan 23 2012 src/code.h
-\end{verbatim}
-\end{center}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[t]
-\frametitle{\begin{tabular}{c}4th Lecture:\\ Unix Access Control\end{tabular}}
-\begin{itemize}
-\item Alice wants to have her files readable,
-\alert{except} for her office mates.\bigskip
-\item make sure you understand the setuid and setgid bits;
-why are they necessary for login and passwd
-\end{itemize}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \end{document}
 %%% Local Variables:

changeset 555	f99817977494
parent 518	e1fcfba63a31
child 556	e6e87d5839c0