Mercurial Mercurial > hg > sen-material / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
slides/slides05.tex
changeset 255 9cf486aea756
parent 254 0d491b5654f9
child 256 e272713e34ff 
--- a/slides/slides05.tex	Tue Oct 21 10:39:45 2014 +0100
+++ b/slides/slides05.tex	Tue Oct 21 12:37:18 2014 +0100
@@ -51,9 +51,10 @@
 \item car transponders
 \end{itemize}\medskip\pause
 
-The point is that we cannot control the network:
-An attacker can install a packet sniffer, inject packets,
-modify packets, replay messages. 
+The point is that we cannot control the network: An attacker
+can install a packet sniffer, inject packets, modify packets,
+replay messages\ldots{}fake pretty much everything.
+
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 
 
@@ -93,12 +94,12 @@
 \end{center}
 
 \begin{itemize}
-\item I am sitting at Starbuck. How can I be sure I am
-really visiting Barclays? I have no control of the access
-point.
-\item How can I achieve that a secret key is established 
-in order to encrypt my conversation? I have no control over
-the access point.
+\item I am sitting at Starbuck. How can I be sure I am really
+      visiting Barclays? I have no control of the access
+      point.
+\item How can I achieve that a secret key is established in
+      order to encrypt my mobile conversation? I have no
+      control over the access points. 
 \end{itemize}
 
 \end{frame}
@@ -128,17 +129,18 @@
 Alice:  & Thanks
 \end{tabular}
 \end{column}
-\end{columns}\pause
+\end{columns}
 
+\onslide<2->{
 \begin{center}
 \begin{tabular}{rl}
 \bl{$A \rightarrow S$}: & \bl{SYN}\\
 \bl{$S \rightarrow A$}: & \bl{SYN-ACK}\\
 \bl{$A \rightarrow S$}: & \bl{ACK}\\
 \end{tabular}
-\end{center}
+\end{center}}
 
-\only<2>{
+\only<3>{
 \begin{textblock}{3}(11,5)
 \begin{bubble}[3.2cm]
 SYNflood attacks:\medskip\\
@@ -183,7 +185,7 @@
 Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key
 \bl{$K_{AB}$}\bigskip
 
-Passwords:
+Password transmission:
 
 \begin{center}
 \bl{$A \rightarrow B: K_{AB}$} 
@@ -202,7 +204,7 @@
 Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key
 \bl{$K_{AB}$}\bigskip
 
-Simple Challenge Response:
+Simple Challenge Response (solving the replay problem):
 
 \begin{center}
 \begin{tabular}{lll}
@@ -213,10 +215,12 @@
 \end{center}\pause
 
 \begin{itemize}
-\item cannot replay since next time will be another challenge
-\item \bl{$B$} authenticates \bl{$A$}, but \bl{$A$} does not 
-authenticate \bl{$B$} (be Eve in the middle, intercept 
-messages from \bl{$A$} and ignore last)
+\item cannot be replayed since next time will be another
+      challenge \bl{$N$}
+\item \bl{$B$} authenticates \bl{$A$}, but \bl{$A$} does not
+      authenticate \bl{$B$} (Eve can intercept
+      messages from \bl{$A$}, send random challenge 
+      and ignore last) 
 \end{itemize}
 
 \end{frame}
@@ -236,9 +240,9 @@
 \bl{$B \rightarrow A:$} & \bl{$\{N_A, N_B\}_{K_{AB}}$}\\
 \bl{$A \rightarrow B:$} & \bl{$N_B$}\\
 \end{tabular} 
-\end{center}
+\end{center}\pause
 
-
+But requires shared secret key.
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
@@ -331,27 +335,6 @@
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{Protocol Attacks}
-
-\begin{itemize}
-\item replay attacks
-\item reflection attacks
-\item man-in-the-middle attacks
-\item timing attacks
-\item parallel session attacks
-\item binding attacks (public key protocols)
-\item changing environment / changing assumptions\bigskip
-
-\item (social engineering attacks)
-\end{itemize}
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-
  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
@@ -398,11 +381,15 @@
 Attack:
 
 \begin{itemize}
-\item \bl{$A$} sends public key  to \bl{$B$}  --- \bl{$C$} intercepts this message and send his own public key
-\item \bl{$B$} sends public key  to \bl{$A$} --- \bl{$C$} intercepts this message and send his own public key
+\item \bl{$A$} sends public key  to \bl{$B$}  --- \bl{$C$} 
+  intercepts this message and send his own public key to 
+  \bl{$B$}
+\item \bl{$B$} sends public key  to \bl{$A$} --- \bl{$C$} 
+  intercepts this message and send his own public key 
+  \bl{$A$}  
 \item \bl{$A$} sends message encrypted with \bl{$C$}'s public key, \bl{$C$} decrypts it
 with its private key, re-encrypts with \bl{$B$}'s public key 
-\item similar
+\item similar the other way
 \end{itemize}
 
 \end{frame}}
@@ -417,10 +404,14 @@
 \begin{itemize}
 \item \bl{$A$} sends public key  to \bl{$B$}
 \item \bl{$B$} sends public key  to \bl{$A$}
-\item \bl{$A$} encrypts message with \bl{$B$}'s public key, send's {\bf half} of the message
-\item \bl{$B$} encrypts message with \bl{$A$}'s public key, send's {\bf half} of the message
-\item \bl{$A$} sends other half, \bl{$B$} can now decrypt entire message
-\item \bl{$B$} sends other half, \bl{$A$} can now decrypt entire message
+\item \bl{$A$} encrypts message with \bl{$B$}'s public key, 
+  send's {\bf half} of the message to \bl{$B$}
+\item \bl{$B$} encrypts message with \bl{$A$}'s public key, 
+ send's {\bf half} of the message back to \bl{$A$}
+\item \bl{$A$} sends other half, \bl{$B$} can now decrypt 
+ entire message
+\item \bl{$B$} sends other half, \bl{$A$} can now decrypt 
+ entire message
 \end{itemize}\pause
 
 \bl{$C$} would have to invent a totally new message
@@ -445,7 +436,7 @@
 \small
 This process means that the transponder believes the car knows
 the key \bl{$K$}, and the car believes the transponder knows
-the key \bl{$K$}. They should have authenticated themselves
+the key \bl{$K$}. They have authenticated themselves
 to each other.
 
 \end{frame}
@@ -469,6 +460,25 @@
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
+\frametitle{Protocol Attacks}
+
+\begin{itemize}
+\item replay attacks
+\item reflection attacks
+\item man-in-the-middle attacks
+\item timing attacks
+\item parallel session attacks
+\item binding attacks (public key protocols)
+\item changing environment / changing assumptions\bigskip
+
+\item (social engineering attacks)
+\end{itemize}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
 \frametitle{Best Practices}
 
 {\bf Principle 1:} Every message should say what it means: the interpretation of
sen-material