--- a/slides/slides04.tex Mon Oct 13 19:48:57 2014 +0100
+++ b/slides/slides04.tex Tue Oct 14 06:20:39 2014 +0100
@@ -1,86 +1,23 @@
\documentclass[dvipsnames,14pt,t]{beamer}
-\usepackage{beamerthemeplaincu}
-%\usepackage[T1]{fontenc}
-\usepackage[latin1]{inputenc}
-\usepackage{mathpartir}
-\usepackage[absolute,overlay]{textpos}
-\usepackage{ifthen}
-\usepackage{tikz}
-\usepackage{pgf}
-\usepackage{calc}
-\usepackage{ulem}
-\usepackage{courier}
-\usepackage{listings}
-\renewcommand{\uline}[1]{#1}
+\usepackage{../slides}
+\usepackage{../graphics}
+\usepackage{../langs}
\usetikzlibrary{arrows}
-\usetikzlibrary{automata}
\usetikzlibrary{shapes}
-\usetikzlibrary{shadows}
-\usetikzlibrary{positioning}
-\usetikzlibrary{calc}
-\usepackage{graphicx}
-
-\definecolor{javared}{rgb}{0.6,0,0} % for strings
-\definecolor{javagreen}{rgb}{0.25,0.5,0.35} % comments
-\definecolor{javapurple}{rgb}{0.5,0,0.35} % keywords
-\definecolor{javadocblue}{rgb}{0.25,0.35,0.75} % javadoc
-\lstset{language=Java,
- basicstyle=\ttfamily,
- keywordstyle=\color{javapurple}\bfseries,
- stringstyle=\color{javagreen},
- commentstyle=\color{javagreen},
- morecomment=[s][\color{javadocblue}]{/**}{*/},
- numbers=left,
- numberstyle=\tiny\color{black},
- stepnumber=1,
- numbersep=10pt,
- tabsize=2,
- showspaces=false,
- showstringspaces=false}
+\setmonofont[Scale=.88]{Consolas}
+\newfontfamily{\consolas}{Consolas}
-\lstdefinelanguage{scala}{
- morekeywords={abstract,case,catch,class,def,%
- do,else,extends,false,final,finally,%
- for,if,implicit,import,match,mixin,%
- new,null,object,override,package,%
- private,protected,requires,return,sealed,%
- super,this,throw,trait,true,try,%
- type,val,var,while,with,yield},
- otherkeywords={=>,<-,<\%,<:,>:,\#,@},
- sensitive=true,
- morecomment=[l]{//},
- morecomment=[n]{/*}{*/},
- morestring=[b]",
- morestring=[b]',
- morestring=[b]"""
-}
-
-\lstset{language=Scala,
- basicstyle=\ttfamily,
- keywordstyle=\color{javapurple}\bfseries,
- stringstyle=\color{javagreen},
- commentstyle=\color{javagreen},
- morecomment=[s][\color{javadocblue}]{/**}{*/},
- numbers=left,
- numberstyle=\tiny\color{black},
- stepnumber=1,
- numbersep=10pt,
- tabsize=2,
- showspaces=false,
- showstringspaces=false}
+\hfuzz=220pt
% beamer stuff
-\renewcommand{\slidecaption}{APP 03, King's College London, 22 October 2014}
-\makeatletter
-\def\verbatim@font{\consolas\footnotesize}
-\makeatother
+\renewcommand{\slidecaption}{APP 04, King's College London}
+\newcommand{\bl}[1]{\textcolor{blue}{#1}}
\begin{document}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}<1>[t]
+\begin{frame}[t]
\frametitle{%
\begin{tabular}{@ {}c@ {}}
\\
@@ -97,56 +34,58 @@
\end{tabular}
\end{center}
-
-\end{frame}}
- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
\begin{frame}[c]
\begin{center}
-\includegraphics[scale=0.45]{pics/trainwreck.jpg}\\
-two weeks ago: buffer overflow attacks
+\includegraphics[scale=0.45]{../pics/trainwreck.jpg}\\
+last week: buffer overflow attacks
\end{center}
-
-\end{frame}}
+\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[fragile]
-\frametitle{D-Link Router, Buffer Overflows}
+\frametitle{D-Link Wifi Router, BOA}
+\small
-\begin{verbatim}
As a proof-of-concept, the following URL allows
attackers to control the return value saved on
the stack (the vulnerability is triggered when
executing "/usr/sbin/widget"):
- curl http://<target ip>/post_login.xml?hash=AAA...AAABBBB
+\begin{center}\footnotesize
+\pcode{curl http://<target ip>/post_login.xml?hash=AAA...AAABBBB}
+\end{center}
The value of the "hash" HTTP GET parameter consists of
-292 occurrences of the 'A' character, followed by four
-occurrences of character 'B'. In our lab setup, characters
-'B' overwrite the saved program counter (%ra).
+292 occurrences of the \pcode{'A'} character, followed by four
+occurrences of character \pcode{'B'}. In our lab setup, characters
+\pcode{'B'} overwrite the saved program counter (\pcode{\%ra}).\bigskip
+
-Discovery date: 06/03/2013
-Release date: 02/08/2013
-\end{verbatim}
+\begin{tabular}{@{}ll}
+Discovery date: & 06/03/2013\\
+Release date: & 02/08/2013
+\end{tabular}
-\mbox{}\footnotesize\hfill\url{http://pastebin.com/vbiG42VD}
+
+
+\hfill\url{http://roberto.greyhats.it/advisories/20130801-dlink-dir645.txt}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[fragile]
-\frametitle{Backdoors}
+\frametitle{D-Link Backdoors}
D-Link router flaw lets anyone login through "Joel's Backdoor":\medskip
+\begin{quote}\rm\small
If you tell your browser to identify itself as Joel's backdoor, instead of (say)
as Mozilla/5.0 AppleWebKit/536.30.1 Version/6.0.5, you're in without authentication.\medskip
@@ -154,19 +93,50 @@
You will laugh: it is
-\begin{verbatim}
-xmlset_roodkcableoj28840ybtide
-\end{verbatim}
-
+\begin{center}
+\pcode{xmlset_roodkcableoj28840ybtide}
+\end{center}
+\end{quote}\bigskip\bigskip
\hfill\footnotesize October 15, 2013\\
-\hfill\tiny\url{http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/}
-
+\hfill\footnotesize\url{http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/}
+
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
+\begin{frame}[fragile]
+
+CVE-2014-0476 chkrootkit vulnerability 4 Jun'14\medskip
+
+\begin{quote}\rm\small
+Hi,
+
+we just found a serious vulnerability in the chkrootkit package, which
+may allow local attackers to gain root access to a box in certain
+configurations (\pcode{/tmp} not mounted noexec). Steps to reproduce:
+
+\begin{itemize}
+\item Put an executable file named \pcode{update} with non-root owner in /tmp (not
+mounted noexec, obviously)
+\item Run chkrootkit (as uid 0)
+\end{itemize}
+
+Result: The file \pcode{/tmp/update} will be executed as root, thus effectively
+rooting your box, if malicious content is placed inside the file.
+
+If an attacker knows you are periodically running chkrootkit (like in
+cron.daily) and has write access to \pcode{/tmp} (not mounted noexec), he may
+easily take advantage of this.
+\end{quote}
+\mbox{}\\[-10mm]
+
+\hfill\footnotesize\url{http://seclists.org/oss-sec/2014/q2/430}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{Access Control in Unix}
@@ -176,16 +146,13 @@
\item mediate access to files, ports, processes according to \alert{roles} (user ids)\\
\item roles get attached with privileges\bigskip\\%
\hspace{8mm}
-\begin{tikzpicture}
-\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm]
-{\begin{minipage}{8cm}
+\begin{bubble}[8cm]
\alert{principle of least privilege:}\\
-programs should only have as much privilege as they need
-\end{minipage}};
-\end{tikzpicture}
+users and programs should only have as much privilege as they need
+\end{bubble}
\end{itemize}
-\end{frame}}
+\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -193,44 +160,83 @@
\begin{frame}[c]
\frametitle{Access Control in Unix (2)}
+
\begin{itemize}
-\item the idea is to restrict access to files and therefore lower the consequences of an attack\\[1cm]\mbox{}
+\item privileges are specified by file access permissions (``everything is a file'')\medskip
+\item there are 9 (plus 2) bits that specify the permissions of a file
+
+\begin{center}
+\begin{tabular}{l}
+\texttt{\$ ls -la}\\
+\texttt{-rwxrw-r-{}- \hspace{3mm} foo\_file.txt}
+\end{tabular}
+\end{center}
\end{itemize}
-\begin{textblock}{1}(2.5,9.5)
- \begin{tikzpicture}[scale=1]
-
- \draw[line width=1mm] (-.3, 0) rectangle (1.5,2);
- \draw (4.7,1) node {Internet};
- \draw (0.6,1.7) node {\footnotesize Interface};
- \draw (0.6,-0.4) node {\footnotesize \begin{tabular}{c}unprivileged\\[-1mm] process\end{tabular}};
- \draw (-2.7,-0.4) node {\footnotesize \begin{tabular}{c}privileged\\[-1mm] process\end{tabular}};
-
- \draw[line width=1mm] (-1.8, 0) rectangle (-3.6,2);
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{Login Process}
+
+
+\begin{itemize}
+\item login processes run under UID $=$ \pcode{0}\medskip
+\begin{center}
+\texttt{ps -axl | grep login}
+\end{center}\medskip
+
+\item after login, shells run under UID $=$ user (e.g.~501)\medskip
+\begin{center}
+\texttt{id cu}
+\end{center}\medskip\pause
+
+\item non-root users are not allowed to change the UID --- would break
+access control
+\item but needed for example for \texttt{passwd}
+\end{itemize}
- \draw[white] (1.7,1) node (X) {};
- \draw[white] (3.7,1) node (Y) {};
- \draw[red, <->, line width = 2mm] (X) -- (Y);
-
- \draw[red, <->, line width = 1mm] (-0.6,1) -- (-1.6,1);
- \end{tikzpicture}
-\end{textblock}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{Setuid and Setgid}
+
+The solution is that Unix file permissions are 9 + \underline{2 Bits}:
+\alert{Setuid} and \alert{Setgid} Bits
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\newcommand{\bl}[1]{\textcolor{blue}{#1}}
+\begin{itemize}
+\item When a file with setuid is executed, the resulting process will
+ assume the UID given to the owner of the file.
+\item This enables users to create processes as root (or another
+ user).\bigskip
+
+\item Essential for changing passwords, for example.
+\end{itemize}
+
+\begin{center}
+\texttt{chmod 4755 fobar\_file}
+\end{center}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{Access Control}
\begin{itemize}
-\item \bl{Discretionary Access Control:}\mbox{}\medskip\\
\small Access to objects (files, directories, devices, etc.) is permitted
+\item \bl{Discretionary Access Control:}\mbox{}\medskip\\
+
+\small Access to objects (files, directories, devices, etc.) is permitted
based on user identity. Each object is owned by a user. Owners can
specify freely (at their discretion) how they want to share their objects
with other users, by specifying which other users can have which
form of access to their objects.\medskip
-
Discretionary access control is implemented on any multi-user OS
+
+Discretionary access control is implemented on any multi-user OS
(Unix, Windows NT, etc.).
\end{itemize}
@@ -242,12 +248,14 @@
\frametitle{Access Control}
\begin{itemize}
-\item \bl{Mandatory Access Control:}\mbox{}\medskip\\
\small Access to objects is controlled by a system-wide policy, for example
+\item \bl{Mandatory Access Control:}\mbox{}\medskip\\
+
+\small Access to objects is controlled by a system-wide policy, for example
to prevent certain flows of information. In some forms, the system maintains
security labels for both objects and subjects (processes, users), based on
which access is granted or denied. Labels can change as the result of an
access. Security policies are enforced without the cooperation of users or
-application programs.\medskip
+application programs.\medskip
This is implemented today in special military operating system versions
(SELinux).
@@ -256,13 +264,9 @@
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-
-
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
\begin{frame}[c]
-\frametitle{Discretionary Access Control}
+\frametitle{\Large Discretionary Access Control}
In its most generic form usually given by an Access Control Matrix
of the form
@@ -276,24 +280,53 @@
\end{tabular}
\end{center}
+access privileges: {\bf r}ead, {\bf w}rite, e{\bf x}ecute, {\bf a}ppend
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-access privileges: {\bf r}ead, {\bf w}rite, e{\bf x}ecute, {\bf a}ppend
-\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\small
+
+\lstinputlisting[numbers=none,xleftmargin=-6mm]{lst}
+
+
+\begin{center}
+\begin{tabular}{ll}
+Members of group staff: & ping, bob, emma\\
+Members of group students: & emma\\
+\end{tabular}
+\end{center}
+
+\begin{center}
+\begin{tabular}{@{\hspace{-7mm}}r|c|c|c|c|c@{}}
+ & manual.txt & report.txt & microedit & src/code.c & src/code.h \\\hline
+ping & & & & &\\\hline
+bob & & & & &\\\hline
+emma & & & & &\\
+\end{tabular}
+\end{center}
+
+\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{Mandatory Access Control}
+\small
\begin{itemize}
-\item Restrictions to allowed information flows are not decided at the user’s
-discretion (as with Unix chmod), but instead enforced by system policies.
+\item Restrictions to allowed information flows are not decided at the
+ user's discretion (as with Unix \pcode{chmod}), but instead enforced
+ by system policies.
-\item Mandatory access control mechanisms are aimed in particular at
-preventing policy violations by untrusted application software, which
-typically have at least the same access privileges as the invoking user.\medskip
+\item Mandatory access control mechanisms are aimed in particular at
+ preventing policy violations by untrusted application software,
+ which typically have at least the same access privileges as the
+ invoking user.\medskip
-Simple example: Air Gap Security.
Uses completely separate network and computer hardware for different application classes.
+Simple example: Air Gap Security. Uses completely separate network
+and computer hardware for different application classes.
\end{itemize}
\end{frame}
@@ -305,19 +338,28 @@
\frametitle{The Bell/LaPadula Model}
\begin{itemize}
-\item Formal policy model for mandatory access control in a military multi-level security environment.
All subjects (processes, users, terminals) and data objects (files, directories, windows, connections) are labeled with a confidentiality level, e.g.
+\item Formal policy model for mandatory access control in a military
+ multi-level security environment. All subjects (processes, users,
+ terminals, files, windows, connections) are labeled
+ with a confidentiality level, e.g.
\begin{center}
-unclassified < confidential < secret < top secret.
-\end{center}
+unclassified < confidential < secret < top secret
+\end{center}\medskip
-\item
The system policy automatically prevents the flow of information from high-level objects to lower levels. A process that reads top secret data becomes tagged as top secret by the operating system, as will be all files into which it writes afterwards.
-%Each user has a maximum allowed confidentiality level specified and cannot receive data beyond that level. A selected set of trusted subjects is allowed to bypass the restrictions, in order to permit the declassification of information.
+\item The system policy automatically prevents the flow of information
+ from high-level objects to lower levels. A process that reads top
+ secret data becomes tagged as top secret by the operating system, as
+ will be all files into which it writes afterwards.
+%Each user has a maximum allowed confidentiality level specified and
+%cannot receive data beyond that level. A selected set of trusted
+%subjects is allowed to bypass the restrictions, in order to permit
+%the declassification of information.
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
- \mode<presentation>{
\begin{frame}[c]
\frametitle{Bell-LaPadula}
\small
@@ -336,21 +378,16 @@
Bell-LaPadula: {\bf `no read up'} - {\bf `no write down'}
- \end{frame}}
- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%
+ \end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
- \mode<presentation>{
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{\begin{tabular}{c}Principle of\\[-2mm] Least Privilege\end{tabular}}
- \begin{tikzpicture}
- \draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm]
- {\normalsize\color{darkgray}
- \begin{minipage}{10cm}\raggedright
+ \begin{bubble}[10cm]
A principal should have as few privileges as possible to access a resource.
- \end{minipage}};
- \end{tikzpicture}\bigskip\bigskip
+ \end{bubble}\bigskip\bigskip
\small
\begin{itemize}
@@ -358,11 +395,10 @@
\item[] $\Rightarrow$ Bob should lower his security level
\end{itemize}
- \end{frame}}
- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%
+ \end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
- \mode<presentation>{
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{Biba Policy}
\small
@@ -380,17 +416,16 @@
E.g.~Firewalls: you can read from inside the firewall, but not from outside\\
Phishing: you can look at an approved PDF, but not one from a random email\\
- \end{frame}}
- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%
+ \end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
\begin{frame}[c]
-\frametitle{\begin{tabular}{@ {}c@ {}}Security Levels (2)\end{tabular}}
+\frametitle{Security Levels (2)}
\begin{itemize}
-\item Bell --- La Padula preserves data secrecy, but not data integrity\bigskip\pause
+\item Bell-La Padula preserves data secrecy, but not data
+ integrity\bigskip\pause
\item Biba model is for data integrity
@@ -400,18 +435,15 @@
\end{itemize}
\end{itemize}
-\end{frame}}
+\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
\begin{frame}[c]
\frametitle{Shared Access Control}
\begin{center}
-\includegraphics[scale=0.7]{pics/pointsplane.jpg}
+\includegraphics[scale=0.7]{../pics/pointsplane.jpg}
\end{center}
\begin{textblock}{11}(10.5,10.5)
@@ -425,30 +457,34 @@
\end{itemize}
\end{textblock}
-\end{frame}}
+\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
\begin{frame}[c]
-\frametitle{Lessons from Access Control}
+\frametitle{\Large Lessons from Access Control}
Not just restricted to Unix:
\begin{itemize}
\item if you have too many roles (i.e.~too finegrained AC), then
hierarchy is too complex\\
- \textcolor{gray}{you invite situations like\ldots let's be root}\bigskip
+ \textcolor{gray}{you invite situations like\ldots lets be root}\bigskip
+
+\item you can still abuse the system\ldots\bigskip\pause
-\item you can still abuse the system\ldots
+\item
+ policies (a finite system)\\
+ computer system (infinite)\medskip\\
+Q: Does your policy ensure that a tainted file cannot affect your
+core system files?
\end{itemize}
-\end{frame}}
+\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
- \mode<presentation>{
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[t]
\frametitle{Protocols}
@@ -468,32 +504,185 @@
\item<2-> there can be several sessions in parallel (think of wifi routers)
\end{itemize}
- \end{frame}}
- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+ \end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{\Large Cryptographic Protocol Failures}
+
+Ross Anderson and Roger Needham wrote:\bigskip
+
+\begin{quote}\rm
+\alert{A lot of the recorded frauds were the result of this kind of
+ blunder, or from management negligence pure and simple.} However,
+there have been a significant number of cases where the designers
+protected the right things, used cryptographic algorithms which were
+not broken, and yet found that their systems were still successfully
+attacked.
+\end{quote}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+ \begin{frame}<1-3>[c]
+ \frametitle{Oyster Cards}
+
+ \includegraphics[scale=0.4]{../pics/oysterc.jpg}
+
+ \begin{itemize}
+ \item good example of a bad protocol\\ (security by obscurity)\bigskip
+ \item<3-> ``Breaching security on Oyster cards should not
+ allow unauthorised use for more than a day, as TfL promises to turn
+ off any cloned cards within 24 hours\ldots''
+ \end{itemize}
+
+ \only<2>{
+ \begin{textblock}{12}(0.5,0.5)
+ \begin{bubble}[11cm]\footnotesize
+ {\bf Wirelessly Pickpocketing a Mifare Classic Card}\medskip
+
+ The Mifare Classic is the most widely used contactless smartcard on the
+ market. The stream cipher CRYPTO1 used by the Classic has recently been
+ reverse engineered and serious attacks have been proposed. The most serious
+ of them retrieves a secret key in under a second. In order to clone a card,
+ previously proposed attacks require that the adversary either has access to
+ an eavesdropped communication session or executes a message-by-message
+ man-in-the-middle attack between the victim and a legitimate
+ reader. Although this is already disastrous from a cryptographic point of
+ view, system integrators maintain that these attacks cannot be performed
+ undetected.\smallskip
+
+ This paper proposes four attacks that can be executed by an adversary having
+ only wireless access to just a card (and not to a legitimate reader). The
+ most serious of them recovers a secret key in less than a second on ordinary
+ hardware. Besides the cryptographic weaknesses, we exploit other weaknesses
+ in the protocol stack. A vulnerability in the computation of parity bits
+ allows an adversary to establish a side channel. Another vulnerability
+ regarding nested authentications provides enough plaintext for a speedy
+ known-plaintext attack.\hfill{}(a paper from 2009)
+ \end{bubble}
+ \end{textblock}}
+
+ \end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}<1->[t]
+\frametitle{Another Example}
+
+In an email from Ross Anderson\bigskip\small
+
+\begin{tabular}{l}
+From: Ross Anderson <Ross.Anderson@cl.cam.ac.uk>\\
+Sender: cl-security-research-bounces@lists.cam.ac.uk\\
+To: cl-security-research@lists.cam.ac.uk\\
+Subject: Birmingham case\\
+Date: Tue, 13 Aug 2013 15:13:17 +0100\\
+\end{tabular}
+
+
+\only<2>{
+\begin{textblock}{12}(0.5,0.8)
+\begin{bubble}[11cm]
+\footnotesize
+As you may know, Volkswagen got an injunction against the University of
+Birmingham suppressing the publication of the design of a weak cipher
+used in the remote key entry systems in its recent-model cars. The paper
+is being given today at Usenix, minus the cipher design.\medskip
+
+I've been contacted by Birmingham University's lawyers who seek to prove
+that the cipher can be easily obtained anyway. They are looking for a
+student who will download the firmware from any newish VW, disassemble
+it and look for the cipher. They'd prefer this to be done by a student
+rather than by a professor to emphasise how easy it is.\medskip
+
+Volkswagen's argument was that the Birmingham people had reversed a
+locksmithing tool produced by a company in Vietnam, and since their key
+fob chip is claimed to be tamper-resistant, this must have involved a
+corrupt insider at VW or at its supplier Thales. Birmingham's argument
+is that this is nonsense as the cipher is easy to get hold of. Their
+lawyers feel this argument would come better from an independent
+outsider.\medskip
+
+Let me know if you're interested in having a go, and I'll put you in
+touch
+
+Ross
+\end{bubble}
+\end{textblock}}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
-\frametitle{A mutual authentication protocol}
+\frametitle{Authentication Protocols}
+
+
+Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key \bl{$K_{AB}$}\bigskip
+
+Passwords:
+
+\begin{center}
+\bl{$B \rightarrow A: K_{AB}$}
+\end{center}\pause\bigskip
+
+Problem: Eavesdropper can capture the secret and replay it; \bl{$A$} cannot confirm the
+identity of \bl{$B$}
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{Authentication Protocols}
+
+Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key \bl{$K_{AB}$}\bigskip
+
+Simple Challenge Response:
\begin{center}
\begin{tabular}{ll}
-\bl{$A \rightarrow B$:} & \bl{$N_a$}\\
-\bl{$B \rightarrow A$:} & \bl{$\{N_a, N_b\}_{K_{ab}}$}\\
-\bl{$A \rightarrow B$:} & \bl{$N_b$}\\
-\end{tabular}
-\end{center}\pause
+\bl{$A \rightarrow B:$} & \bl{$N$}\\
+\bl{$B \rightarrow A:$} & \bl{$\{N\}_{K_{AB}}$}\\
+\end{tabular}
+\end{center}
-An attacker \bl{$E$} can launch an impersonation attack by
-intercepting all messages for \bl{$B$} and make \bl{$A$} decrypt her own challenges.
\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
+\frametitle{Authentication Protocols}
+
+Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key \bl{$K_{AB}$}\bigskip
+
+Mutual Challenge Response:
+
+\begin{center}
+\begin{tabular}{ll}
+\bl{$A \rightarrow B:$} & \bl{$N_A$}\\
+\bl{$B \rightarrow A:$} & \bl{$\{N_A, N_B\}_{K_{AB}}$}\\
+\bl{$A \rightarrow B:$} & \bl{$N_B$}\\
+\end{tabular}
+\end{center}
+
+%\pause
+%An attacker \bl{$E$} can launch an impersonation attack by
+%intercepting all messages for \bl{$B$} and make \bl{$A$} decrypt her
+%own challenges.
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
\frametitle{Nonces}
\begin{enumerate}
@@ -512,7 +701,7 @@
\item if only you and me know the key, the message must have come from you
\end{itemize}
-\end{frame}}
+\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -527,7 +716,7 @@
\end{tabular}
\end{center}
-The attack:
+The attack (let $A$ decrypt her own messages):
\begin{center}
\begin{tabular}{ll}
@@ -544,47 +733,6 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{Identify Friend or Foe}
-
-\begin{center}
-\onslide<3->{\mbox{}\hspace{3.4cm}\includegraphics[scale=0.55]{pics/MigInMiddle.jpg}}
-\end{center}
-
-\begin{textblock}{6}(0.3,2)
-\onslide<2->{
-198?: war between Angola (supported by Cuba)
-and Namibia (supported by SA)}
-\end{textblock}
-
-\begin{textblock}{3}(12.5,4.6)
- \onslide<3->{
- \begin{tikzpicture}
- \node at (0,0) [single arrow, fill=red,text=white, rotate=-50, shape border rotate=180]{``bystander''};
- \end{tikzpicture}}
- \end{textblock}
-
-\begin{textblock}{3}(10.9,10)
- \onslide<3->{
- \begin{tikzpicture}
- \node at (0,0) [single arrow, fill=red,text=white, rotate=-40, shape border rotate=180]{attacker};
- \end{tikzpicture}}
- \end{textblock}
-
-\only<4->{
-\begin{textblock}{6}(0.3,9)
-being outsmarted by Angola/Cuba
-ended SA involvement (?)
-\end{textblock}}
-\only<5->{
-\begin{textblock}{6}(0.3,13)
-IFF opened up a nice side-channel attack
-\end{textblock}}
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
\frametitle{Encryption to the Rescue?}
@@ -638,7 +786,63 @@
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{Person-in-the-Middle}
+``Normal'' protocol run:\bigskip
+
+\begin{itemize}
+\item \bl{$A$} sends public key to \bl{$B$}
+\item \bl{$B$} sends public key to \bl{$A$}
+\item \bl{$A$} sends message encrypted with \bl{$B$}'s public key, \bl{$B$} decrypts it
+with its private key
+\item \bl{$B$} sends message encrypted with \bl{$A$}'s public key, \bl{$A$} decrypts it
+with its private key
+\end{itemize}
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{Person-in-the-Middle}
+
+Attack:
+
+\begin{itemize}
+\item \bl{$A$} sends public key to \bl{$B$} --- \bl{$C$} intercepts this message and send his own public key
+\item \bl{$B$} sends public key to \bl{$A$} --- \bl{$C$} intercepts this message and send his own public key
+\item \bl{$A$} sends message encrypted with \bl{$C$}'s public key, \bl{$C$} decrypts it
+with its private key, re-encrypts with \bl{$B$}'s public key
+\item similar for other direction
+\end{itemize}
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{Person-in-the-Middle}
+
+Prevention:
+
+\begin{itemize}
+\item \bl{$A$} sends public key to \bl{$B$}
+\item \bl{$B$} sends public key to \bl{$A$}
+\item \bl{$A$} encrypts message with \bl{$B$}'s public key, send's {\bf half} of the message
+\item \bl{$B$} encrypts message with \bl{$A$}'s public key, send's {\bf half} of the message
+\item \bl{$A$} sends other half, \bl{$B$} can now decrypt entire message
+\item \bl{$B$} sends other half, \bl{$A$} can now decrypt entire message
+\end{itemize}\pause
+
+\bl{$C$} would have to invent a totally new message
+
+\end{frame}}
+ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
@@ -760,60 +964,20 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
-\begin{frame}[t]
-\frametitle{Changing Environment Attacks}
-
-\begin{itemize}
-\item all protocols rely on some assumptions about the environment
-(e.g., cryptographic keys cannot be broken)\bigskip\pause
-\end{itemize}
-
-\only<2>{
-\begin{itemize}
-\item in the ``good olden days'' (1960/70) rail transport was cheap, so fraud was not
-worthwhile
-\end{itemize}}
-
-\only<3>{
-\begin{itemize}
-\item when it got expensive, some people bought cheaper monthly tickets for a suburban
-station and a nearby one, and one for the destination and a nearby one
-\item a large investment later all barriers were automatic and tickets could record state
-\end{itemize}}
-
-\only<4>{
-\begin{itemize}
-\item but suddenly the environment changed: rail transport got privatised creating many
-competing companies
-potentially cheating each other
-\item revenue from monthly tickets was distributed according to a formula involving where the ticket was bought\ldots
-\end{itemize}}
-
-\only<5>{
-\begin{itemize}
-\item apart from bad outsiders (passengers), you also have bad insiders (rail companies)
-\item chaos and litigation ensued
-\end{itemize}}
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
\begin{frame}[c]
A Man-in-the-middle attack in real life:
\begin{itemize}
-\item the card only says yes or no to the terminal if the PIN is correct
+\item the card only says yes to the terminal if the PIN is correct
\item trick the card in thinking transaction is verified by signature
\item trick the terminal in thinking the transaction was verified by PIN
\end{itemize}
\begin{minipage}{1.1\textwidth}
\begin{center}
-\mbox{}\hspace{-6mm}\includegraphics[scale=0.5]{pics/chip-attack.png}
-\includegraphics[scale=0.3]{pics/chipnpinflaw.png}
+\mbox{}\hspace{-6mm}\includegraphics[scale=0.5]{../pics/chip-attack.png}
+\includegraphics[scale=0.3]{../pics/chipnpinflaw.png}
\end{center}
\end{minipage}
@@ -831,8 +995,6 @@
\item its specification is 700 pages in English plus 2000+ pages for testing, additionally some
further parts are secret
\item other attacks have been found
-
-\item one solution might be to require always online verification of the PIN with the bank
\end{itemize}
\end{frame}}
@@ -870,8 +1032,20 @@
\item cryptography is often not {\bf the} answer\bigskip\bigskip
\end{itemize}
-logic is one way protocols are studied in academia
-(you can use computers to search for attacks)
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{Best Practices}
+
+{\bf Principle 1:} Every message should say what it means: the interpretation of
+a message should not depend on the context.\bigskip\pause
+
+{\bf Principle 2:} If the identity of a principal is essential to the meaning of a message, it is prudent
+to mention the principal’s name explicitly in the message (though difficult).\bigskip
+
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -879,30 +1053,24 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
-\frametitle{\begin{tabular}{@ {}c@ {}}Schneier: Step 1\end{tabular}}
-{\bf What assets are you trying to protect?}\bigskip
+{\bf Principle 3:} Be clear about why encryption is being
+done. Encryption is not cheap, and not asking precisely why it is
+being done can lead to redundancy. Encryption is not synonymous with
+security.
-This question might seem basic, but a surprising number of people never ask it. The question involves understanding the scope of the problem. For example, securing an airplane, an airport, commercial aviation, the transportation system, and a nation against terrorism are all different security problems, and require different solutions.
+\begin{center}
+Possible Uses of Encryption
-\only<2>{
-\begin{tikzpicture}
-\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm]
-{\begin{minipage}{10cm}
-\small You like to prevent: ``It would be terrible if this sort of attack ever happens; we need to do everything in our power to prevent it.''
-\end{minipage}};
-\end{tikzpicture}}
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{itemize}
+\item Preservation of confidentiality: \bl{$\{X\}_K$} only those that have \bl{$K$} may recover \bl{$X$}.
+\item Guarantee authenticity: The partner is indeed some particular principal.
+\item Guarantee confidentiality and authenticity: binds two parts of a message ---
+\bl{$\{X,Y\}_K$} is not the same as \bl{$\{X\}_K$} and \bl{$\{Y\}_K$}.
+\end{itemize}
+\end{center}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{@ {}c@ {}}Schneier: Step 2\end{tabular}}
-{\bf What are the risks to these assets?}\bigskip
-
-Here we consider the need for security. Answering it involves understanding what is being defended, what the consequences are if it is successfully attacked, who wants to attack it, how they might attack it, and why.
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -910,40 +1078,17 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
-\frametitle{\begin{tabular}{@ {}c@ {}}Schneier: Step 3\end{tabular}}
+\frametitle{Best Practices}
+
+{\bf Principle 4:} The protocol designer should know which trust relations his protocol depends on, and why the dependence is necessary. The reasons for particular trust relations being acceptable should be explicit though they will be founded on judgment and policy rather than on logic.\bigskip
-{\bf How well does the security solution mitigate those risks?}\bigskip
-Another seemingly obvious question, but one that is frequently ignored. If the security solution doesn't solve the problem, it's no good. This is not as simple as looking at the security solution and seeing how well it works. It involves looking at how the security solution interacts with everything around it, evaluating both its operation and its failures.
+Example Certification Authorities: CAs are trusted to certify a key only after proper steps
+have been taken to identify the principal that owns it.
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{@ {}c@ {}}Schneier: Step 4\end{tabular}}
-
-{\bf What other risks does the security solution cause?}\bigskip
-
-This question addresses what might be called the problem of unintended consequences. Security solutions have ripple effects, and most cause new security problems. The trick is to understand the new problems and make sure they are smaller than the old ones.
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{@ {}c@ {}}Schneier: Step 5\end{tabular}}
-
-{\bf What costs and trade-offs does the security solution impose?}\bigskip
-
-Every security system has costs and requires trade-offs. Most security costs money, sometimes substantial amounts; but other trade-offs may be more important, ranging from matters of convenience and comfort to issues involving basic freedoms like privacy. Understanding these trade-offs is essential.
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-
\end{document}
%%% Local Variables: