# HG changeset patch # User Christian Urban # Date 1353420369 0 # Node ID 807393d1efff4bee29d399b41b1553e62d6018b1 # Parent 2eaca58f9bcc86791d2fbc68e65681b05fded75b updated diff -r 2eaca58f9bcc -r 807393d1efff slides08.pdf Binary file slides08.pdf has changed diff -r 2eaca58f9bcc -r 807393d1efff slides08.tex --- a/slides08.tex Tue Nov 20 11:58:23 2012 +0000 +++ b/slides08.tex Tue Nov 20 14:06:09 2012 +0000 @@ -286,7 +286,9 @@ \item timing attacks \item parallel session attacks \item binding attacks (public key protocols) -\item changing environment / changing assumptions +\item changing environment / changing assumptions\bigskip + +\item (social engineering attacks) \end{itemize} \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% @@ -395,7 +397,7 @@ \end{tabular} \end{center}\bigskip\pause -Assume nonces are represented as bit-sequences of the same length +Assume nonces are represented as bit-sequences of the same length as keys \begin{center} \begin{tabular}{@{}l@{}} \bl{$A \rightarrow B :$} \bl{$A, \{N_A\}_{K_{AB}}$}\\ @@ -424,7 +426,7 @@ \end{tabular} \end{center}\bigskip\pause -but nothing is for free: then you need to synchronise time and possibly become victim to +but nothing is for free: then you need to synchronise time and possibly become a victim to timing attacks \end{frame}} @@ -470,7 +472,7 @@ \end{tabular} \end{center}\bigskip -\bl{$A$} knows \bl{$K^{prig}_A$} and can verify the message came from \bl{$CA$} +\bl{$A$} knows \bl{$K^{priv}_A$} and can verify the message came from \bl{$CA$} in response to \bl{$A$}'s message and trusts \bl{$K^{pub}_{B}$} is \bl{$B$}'s public key @@ -506,7 +508,7 @@ There are plenty of other protocols and attacks. This could go on ``forever''.\pause\bigskip -attacks because of changing environment +We look here on one more kind of attacks that are because of a changing environment. \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% @@ -536,14 +538,15 @@ \only<4>{ \begin{itemize} -\item But suddenly the environment changed: rail transport got privatised creating many companies -cheating each other -\item revenue from monthly tickets was distributed according to a formula where the ticket was bought +\item but suddenly the environment changed: rail transport got privatised creating many +competing companies +potentially cheating each other +\item revenue from monthly tickets was distributed according to a formula involving where the ticket was bought\ldots \end{itemize}} \only<5>{ \begin{itemize} -\item apart from bad outsiders (passengers) you also had bad insiders (rail companies) +\item apart from bad outsiders (passengers), you also had bad insiders (rail companies) \item chaos and litigation ensued \end{itemize}} @@ -590,19 +593,43 @@ \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c] -\frametitle{Good Practices} +\frametitle{Problems with WEP (Wifi)} \begin{itemize} -\item explicit principles (you authenticate all data you might rely on) -\item the one who can fix a system should also be liable for the losses +\item a standard ratified in 1999 +\item the protocol was designed by a committee not including cryptographers +\item it used the RC4 encryption algorithm which is a stream cipher requiring a unique nonce +\item WEP did not allocate enough bits for the nonce +\item for authenticating packets it used CRC checksum which can be easily broken +\item the network password was used to directly encrypt packages (instead of a key negotiation protocol)\bigskip +\item encryption was turned of by default \end{itemize} \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] +\frametitle{Protocols are Difficult} + +\begin{itemize} +\item even the systems designed by experts regularly fail\medskip +\item try to make everything explicit (you need to authenticate all data you might rely on)\medskip +\item the one who can fix a system should also be liable for the losses\medskip +\item cryptography is not {\bf the} answer\bigskip\bigskip +\end{itemize} + +Logic is one way protocols are studied in academia + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c]