# HG changeset patch # User Christian Urban # Date 1413891438 -3600 # Node ID 9cf486aea7566487ff6dc5c9494aa854647ab476 # Parent 0d491b5654f97c90d7db36184f2ced1859b57c8f updated diff -r 0d491b5654f9 -r 9cf486aea756 slides/slides05.pdf Binary file slides/slides05.pdf has changed diff -r 0d491b5654f9 -r 9cf486aea756 slides/slides05.tex --- a/slides/slides05.tex Tue Oct 21 10:39:45 2014 +0100 +++ b/slides/slides05.tex Tue Oct 21 12:37:18 2014 +0100 @@ -51,9 +51,10 @@ \item car transponders \end{itemize}\medskip\pause -The point is that we cannot control the network: -An attacker can install a packet sniffer, inject packets, -modify packets, replay messages. +The point is that we cannot control the network: An attacker +can install a packet sniffer, inject packets, modify packets, +replay messages\ldots{}fake pretty much everything. + \end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% @@ -93,12 +94,12 @@ \end{center} \begin{itemize} -\item I am sitting at Starbuck. How can I be sure I am -really visiting Barclays? I have no control of the access -point. -\item How can I achieve that a secret key is established -in order to encrypt my conversation? I have no control over -the access point. +\item I am sitting at Starbuck. How can I be sure I am really + visiting Barclays? I have no control of the access + point. +\item How can I achieve that a secret key is established in + order to encrypt my mobile conversation? I have no + control over the access points. \end{itemize} \end{frame} @@ -128,17 +129,18 @@ Alice: & Thanks \end{tabular} \end{column} -\end{columns}\pause +\end{columns} +\onslide<2->{ \begin{center} \begin{tabular}{rl} \bl{$A \rightarrow S$}: & \bl{SYN}\\ \bl{$S \rightarrow A$}: & \bl{SYN-ACK}\\ \bl{$A \rightarrow S$}: & \bl{ACK}\\ \end{tabular} -\end{center} +\end{center}} -\only<2>{ +\only<3>{ \begin{textblock}{3}(11,5) \begin{bubble}[3.2cm] SYNflood attacks:\medskip\\ @@ -183,7 +185,7 @@ Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key \bl{$K_{AB}$}\bigskip -Passwords: +Password transmission: \begin{center} \bl{$A \rightarrow B: K_{AB}$} @@ -202,7 +204,7 @@ Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key \bl{$K_{AB}$}\bigskip -Simple Challenge Response: +Simple Challenge Response (solving the replay problem): \begin{center} \begin{tabular}{lll} @@ -213,10 +215,12 @@ \end{center}\pause \begin{itemize} -\item cannot replay since next time will be another challenge -\item \bl{$B$} authenticates \bl{$A$}, but \bl{$A$} does not -authenticate \bl{$B$} (be Eve in the middle, intercept -messages from \bl{$A$} and ignore last) +\item cannot be replayed since next time will be another + challenge \bl{$N$} +\item \bl{$B$} authenticates \bl{$A$}, but \bl{$A$} does not + authenticate \bl{$B$} (Eve can intercept + messages from \bl{$A$}, send random challenge + and ignore last) \end{itemize} \end{frame} @@ -236,9 +240,9 @@ \bl{$B \rightarrow A:$} & \bl{$\{N_A, N_B\}_{K_{AB}}$}\\ \bl{$A \rightarrow B:$} & \bl{$N_B$}\\ \end{tabular} -\end{center} +\end{center}\pause - +But requires shared secret key. \end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% @@ -331,27 +335,6 @@ \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ -\begin{frame}[c] -\frametitle{Protocol Attacks} - -\begin{itemize} -\item replay attacks -\item reflection attacks -\item man-in-the-middle attacks -\item timing attacks -\item parallel session attacks -\item binding attacks (public key protocols) -\item changing environment / changing assumptions\bigskip - -\item (social engineering attacks) -\end{itemize} -\end{frame}} -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - - %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c] @@ -398,11 +381,15 @@ Attack: \begin{itemize} -\item \bl{$A$} sends public key to \bl{$B$} --- \bl{$C$} intercepts this message and send his own public key -\item \bl{$B$} sends public key to \bl{$A$} --- \bl{$C$} intercepts this message and send his own public key +\item \bl{$A$} sends public key to \bl{$B$} --- \bl{$C$} + intercepts this message and send his own public key to + \bl{$B$} +\item \bl{$B$} sends public key to \bl{$A$} --- \bl{$C$} + intercepts this message and send his own public key + \bl{$A$} \item \bl{$A$} sends message encrypted with \bl{$C$}'s public key, \bl{$C$} decrypts it with its private key, re-encrypts with \bl{$B$}'s public key -\item similar +\item similar the other way \end{itemize} \end{frame}} @@ -417,10 +404,14 @@ \begin{itemize} \item \bl{$A$} sends public key to \bl{$B$} \item \bl{$B$} sends public key to \bl{$A$} -\item \bl{$A$} encrypts message with \bl{$B$}'s public key, send's {\bf half} of the message -\item \bl{$B$} encrypts message with \bl{$A$}'s public key, send's {\bf half} of the message -\item \bl{$A$} sends other half, \bl{$B$} can now decrypt entire message -\item \bl{$B$} sends other half, \bl{$A$} can now decrypt entire message +\item \bl{$A$} encrypts message with \bl{$B$}'s public key, + send's {\bf half} of the message to \bl{$B$} +\item \bl{$B$} encrypts message with \bl{$A$}'s public key, + send's {\bf half} of the message back to \bl{$A$} +\item \bl{$A$} sends other half, \bl{$B$} can now decrypt + entire message +\item \bl{$B$} sends other half, \bl{$A$} can now decrypt + entire message \end{itemize}\pause \bl{$C$} would have to invent a totally new message @@ -445,7 +436,7 @@ \small This process means that the transponder believes the car knows the key \bl{$K$}, and the car believes the transponder knows -the key \bl{$K$}. They should have authenticated themselves +the key \bl{$K$}. They have authenticated themselves to each other. \end{frame} @@ -469,6 +460,25 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c] +\frametitle{Protocol Attacks} + +\begin{itemize} +\item replay attacks +\item reflection attacks +\item man-in-the-middle attacks +\item timing attacks +\item parallel session attacks +\item binding attacks (public key protocols) +\item changing environment / changing assumptions\bigskip + +\item (social engineering attacks) +\end{itemize} +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] \frametitle{Best Practices} {\bf Principle 1:} Every message should say what it means: the interpretation of