updated
authorcu
Mon, 23 Oct 2017 00:50:09 +0100
changeset 555 f99817977494
parent 554 490079e16157
child 556 e6e87d5839c0
updated
slides/slides05.pdf
slides/slides05.tex
Binary file slides/slides05.pdf has changed
--- a/slides/slides05.tex	Mon Oct 23 00:36:34 2017 +0100
+++ b/slides/slides05.tex	Mon Oct 23 00:50:09 2017 +0100
@@ -529,21 +529,21 @@
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%      
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Protocol Attacks}
+% \begin{frame}[c]
+% \frametitle{Protocol Attacks}
 
-\begin{itemize}
-\item replay attacks
-\item reflection attacks
-\item man-in-the-middle attacks
-\item timing attacks
-\item parallel session attacks
-\item binding attacks (public key protocols)
-\item changing environment / changing assumptions\bigskip
+% \begin{itemize}
+% \item replay attacks
+% \item reflection attacks
+% \item man-in-the-middle attacks
+% \item timing attacks
+% \item parallel session attacks
+% \item binding attacks (public key protocols)
+% \item changing environment / changing assumptions\bigskip
 
-\item (social engineering attacks)
-\end{itemize}
-\end{frame}
+% \item (social engineering attacks)
+% \end{itemize}
+% \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -564,7 +564,7 @@
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
-\frametitle{Man-in-the-Middle}
+\frametitle{A Simple PK Protocol}
 
 ``Normal'' protocol run:\bigskip
 
@@ -582,6 +582,25 @@
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
+\frametitle{A Simple PK Protocol}
+
+
+\begin{center}
+\begin{tabular}{ll@{\hspace{2mm}}l}
+1. & \bl{$A \to B :$} & \bl{$K^{pub}_A$}\smallskip\\
+2. & \bl{$B \to A :$} & \bl{$K^{pub}_B$}\smallskip\\
+3. & \bl{$A \to B :$} & \bl{$\{A,m\}_{K^{pub}_B}$}\smallskip\\
+4. & \bl{$B \to A :$} & \bl{$\{B,m'\}_{K^{pub}_A}$}
+\end{tabular}
+\end{center}\pause\bigskip
+
+unfortunately there is a simple man-in-the- middle-attack
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
+
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
 \frametitle{Man-in-the-Middle}
 
 Attack:
@@ -599,48 +618,49 @@
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
-\frametitle{Man-in-the-Middle}
+\frametitle{A MITM Attack}
 
-Potential Prevention?
 
-\begin{itemize}
-\item \bl{$A$} sends public key  to \bl{$B$}
-\item \bl{$B$} sends public key  to \bl{$A$}
-\item \bl{$A$} encrypts message with \bl{$B$}'s public key, send's {\bf half} of the message
-\item \bl{$B$} encrypts message with \bl{$A$}'s public key, send's {\bf half} of the message
-\item \bl{$A$} sends other half, \bl{$B$} can now decrypt entire message
-\item \bl{$B$} sends other half, \bl{$A$} can now decrypt entire message
-\end{itemize}\pause
+\begin{center}
+\begin{tabular}{ll@{\hspace{2mm}}l}
+1. & \bl{$A \to E :$} & \bl{$K^{pub}_A$}\smallskip\\
+2. & \bl{$E \to B :$} & \bl{$K^{pub}_E$}\smallskip\\
+3. & \bl{$B \to E :$} & \bl{$K^{pub}_B$}\smallskip\\
+4. & \bl{$E \to A :$} & \bl{$K^{pub}_E$}\smallskip\\
+5. & \bl{$A \to E :$} & \bl{$\{A,m\}_{K^{pub}_E}$}\smallskip\\
+6. & \bl{$E \to B :$} & \bl{$\{E,m\}_{K^{pub}_B}$}\smallskip\\
+7. & \bl{$B \to E :$} & \bl{$\{B,m'\}_{K^{pub}_E}$}\smallskip\\
+8. & \bl{$E \to A :$} & \bl{$\{E,m'\}_{K^{pub}_A}$}
+\end{tabular}
+\end{center}\pause\medskip
 
-%\bl{$C$} would have to invent a totally new message
-\alert{Under which circumstances does this protocol prevent
-MiM-attacks, or does it?}
+and \bl{$A$} and \bl{$B$} have no chance to detect it
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
 
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Car Transponder (HiTag2)}
+% \begin{frame}[c]
+% \frametitle{Man-in-the-Middle}
+
+% Potential Prevention?
 
-\begin{enumerate}
-\item \bl{$C$} generates a random number \bl{$N$}
-\item \bl{$C$} calculates \bl{$(F,G) = \{N\}_K$}
-\item \bl{$C \to T$}: \bl{$N, F$}
-\item \bl{$T$} calculates \bl{$(F',G') = \{N\}_K$}
-\item \bl{$T$} checks that \bl{$F = F'$}
-\item \bl{$T \to C$}: \bl{$N, G'$}
-\item \bl{$C$} checks that \bl{$G = G'$}
-\end{enumerate}\pause
+% \begin{itemize}
+% \item \bl{$A$} sends public key  to \bl{$B$}
+% \item \bl{$B$} sends public key  to \bl{$A$}
+% \item \bl{$A$} encrypts message with \bl{$B$}'s public key, send's {\bf half} of the message
+% \item \bl{$B$} encrypts message with \bl{$A$}'s public key, send's {\bf half} of the message
+% \item \bl{$A$} sends other half, \bl{$B$} can now decrypt entire message
+% \item \bl{$B$} sends other half, \bl{$A$} can now decrypt entire message
+% \end{itemize}\pause
 
-\small
-This process means that the transponder believes the car knows
-the key \bl{$K$}, and the car believes the transponder knows
-the key \bl{$K$}. They have authenticated themselves
-to each other, or have they?
+% %\bl{$C$} would have to invent a totally new message
+% \alert{Under which circumstances does this protocol prevent
+% MiM-attacks, or does it?}
 
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+%\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
@@ -664,76 +684,38 @@
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Problems with EMV}
+% \begin{frame}[c]
+% \frametitle{Problems with EMV}
 
-\begin{itemize}
-\item it is a wrapper for many protocols
-\item specification by consensus (resulted unmanageable complexity)
-\item its specification is 700 pages in English plus 2000+ pages for testing, additionally some 
-further parts are secret
-\item other attacks have been found
-\end{itemize}
+% \begin{itemize}
+% \item it is a wrapper for many protocols
+% \item specification by consensus (resulted unmanageable complexity)
+% \item its specification is 700 pages in English plus 2000+ pages for testing, additionally some 
+% further parts are secret
+% \item other attacks have been found
+% \end{itemize}
 
-\end{frame}
+% \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Protocols are Difficult}
+% \begin{frame}[c]
+% \frametitle{Protocols are Difficult}
 
-\begin{itemize}
-\item even the systems designed by experts regularly fail\medskip
-\item the one who can fix a system should also be liable for the losses\medskip
-\item cryptography is often not the problem\bigskip\bigskip  
-\end{itemize}
+% \begin{itemize}
+% \item even the systems designed by experts regularly fail\medskip
+% \item the one who can fix a system should also be liable for the losses\medskip
+% \item cryptography is often not the problem\bigskip\bigskip  
+% \end{itemize}
 
-\end{frame}
+% \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
 
 
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{A Simple PK Protocol}
 
 
-\begin{center}
-\begin{tabular}{ll@{\hspace{2mm}}l}
-1. & \bl{$A \to B :$} & \bl{$K^{pub}_A$}\smallskip\\
-2. & \bl{$B \to A :$} & \bl{$K^{pub}_B$}\smallskip\\
-3. & \bl{$A \to B :$} & \bl{$\{A,m\}_{K^{pub}_B}$}\smallskip\\
-4. & \bl{$B \to A :$} & \bl{$\{B,m'\}_{K^{pub}_A}$}
-\end{tabular}
-\end{center}\pause\bigskip
-
-unfortunately there is a simple man-in-the- middle-attack
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{A MITM Attack}
-
-
-\begin{center}
-\begin{tabular}{ll@{\hspace{2mm}}l}
-1. & \bl{$A \to E :$} & \bl{$K^{pub}_A$}\smallskip\\
-2. & \bl{$E \to B :$} & \bl{$K^{pub}_E$}\smallskip\\
-3. & \bl{$B \to E :$} & \bl{$K^{pub}_B$}\smallskip\\
-4. & \bl{$E \to A :$} & \bl{$K^{pub}_E$}\smallskip\\
-5. & \bl{$A \to E :$} & \bl{$\{A,m\}_{K^{pub}_E}$}\smallskip\\
-6. & \bl{$E \to B :$} & \bl{$\{E,m\}_{K^{pub}_B}$}\smallskip\\
-7. & \bl{$B \to E :$} & \bl{$\{B,m'\}_{K^{pub}_E}$}\smallskip\\
-8. & \bl{$E \to A :$} & \bl{$\{E,m'\}_{K^{pub}_A}$}
-\end{tabular}
-\end{center}\pause\medskip
-
-and \bl{$A$} and \bl{$B$} have no chance to detect it
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
-
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
 \frametitle{Interlock Protocol}
@@ -849,6 +831,30 @@
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
+\frametitle{Car Transponder (HiTag2)}
+
+\begin{enumerate}
+\item \bl{$C$} generates a random number \bl{$N$}
+\item \bl{$C$} calculates \bl{$(F,G) = \{N\}_K$}
+\item \bl{$C \to T$}: \bl{$N, F$}
+\item \bl{$T$} calculates \bl{$(F',G') = \{N\}_K$}
+\item \bl{$T$} checks that \bl{$F = F'$}
+\item \bl{$T \to C$}: \bl{$N, G'$}
+\item \bl{$C$} checks that \bl{$G = G'$}
+\end{enumerate}\pause
+
+\small
+This process means that the transponder believes the car knows
+the key \bl{$K$}, and the car believes the transponder knows
+the key \bl{$K$}. They have authenticated themselves
+to each other, or have they?
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
 \frametitle{Trusted Third Parties}
 
 Simple protocol for establishing a secure connection via a
@@ -1159,400 +1165,6 @@
 %\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 %
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Mid-Term}
-
-\begin{itemize}
-\item homework, handouts, programs\ldots
-\end{itemize}\bigskip\bigskip\bigskip
-
-\begin{center}
-{\huge\bf\alert{Any Questions?}}
-\end{center}
-
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Security Engineering}
-  
-  \begin{center}
-  \begin{tabular}{cc}
-  \raisebox{-0.8mm}{\includegraphics[scale=0.28]{../pics/flight.jpg}} &
-  \includegraphics[scale=0.31]{../pics/airbus.jpg}\\
-  \small Wright brothers, 1901 & \small Airbus, 2005 \\ 
-  \end{tabular}
-  \end{center}
-
-  \end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{1st Lecture}
-
-\begin{itemize}
-\item chip-and-pin, banks vs.~customers
-\begin{quote}\small\rm
- the one who can improve security should also be 
- liable for the losses 
-\end{quote}\pause\bigskip
-
-\item hashes and salts to guarantee data integrity\medskip
-\item storing passwords (you should know the difference between
-brute force attacks and dictionary attacks; how do salts help?)
-\end{itemize}
-
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{1st Lecture: Cookies}
-
-\begin{itemize}
-\item good uses of cookies?\medskip
-
-\item bad uses of cookies: snooping, tracking, profiling\ldots
-      the ``disadvantage'' is that the user is in
-      \alert{control}, because you can delete them 
-          
-          \begin{center} ``Please track me using cookies.''
-          \end{center}\bigskip\pause
-                 
-\item fingerprinting beyond browser cookies
-  \begin{quote}\small\rm
-  Pixel Perfect: Fingerprinting Canvas in HTML5\\ 
-  (a research paper from 2012)\\
-  \footnotesize
-  \url{http://cseweb.ucsd.edu/~hovav/papers/ms12.html}      
-  \end{quote}      
-\end{itemize}
-
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{1st Lecture: Cookies}
-
-\begin{itemize}
-\item a bit of JavaScript and HTML5 + canvas\medskip
-\begin{center}
-\begin{tabular}{cc}
-Firefox & Safari\\
-\includegraphics[scale=0.31]{../pics/firefox1.png} &
-\includegraphics[scale=0.31]{../pics/safari1.png} \\
-\tiny
-\pcode{55b2257ad0f20ecbf927fb66a15c61981f7ed8fc} &
-\tiny
-\pcode{17bc79f8111e345f572a4f87d6cd780b445625d3}
-\end{tabular}
-\end{center}\bigskip
-
-\item\small no actual drawing needed\pause
-\item\small in May 2014 a crawl of 100,000 popular 
-webpages revealed 5.5\% already use canvas 
-fingerprinting\smallskip
-\begin{center}\scriptsize
-\url{https://securehomes.esat.kuleuven.be/~gacar/persistent/the_web_never_forgets.pdf}
-\end{center}
-\end{itemize}
-
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{1st Lecture: Cookies}
-
-Remember the small web-app I showed you where a cookie 
-protected a counter?\bigskip 
-
-\begin{itemize}
-\item NYT, the cookie looks the ``resource'' - harm\medskip
-\item imaginary discount unlocked by cookie - no harm
-\end{itemize}
-
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
-
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[t]
-\frametitle{2nd Lecture: E-Voting}
-
-Where are paper ballots better than voice voting?\bigskip
-
-\begin{itemize}
-\item Integrity 
-\item \alert{Ballot Secrecy}
-\item Voter Authentication
-\item Enfranchisement
-\item Availability
-\end{itemize}
-
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[t]
-\frametitle{2nd Lecture: E-Voting}
-
-\begin{itemize}
-\item recently an Australian parliamentary committee 
-found: e-voting is highly vulnerable to hacking and Australia 
-will not use it any time soon\bigskip\pause
-\item Alex Halderman, Washington D.C.~hack
-\begin{center}
-\scriptsize
-\url{https://jhalderm.com/pub/papers/dcvoting-fc12.pdf}
-\end{center}\medskip
-
-\item PDF-ballot tampering at the wireless router (the modification 
-is nearly undetectable and leaves no traces; MITM attack with firmware 
-updating)
-\begin{center}
-\scriptsize
-\url{http://galois.com/wp-content/uploads/2014/11/technical-hack-a-pdf.pdf}
-\end{center}
-
-\end{itemize}
-
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\tikzset{alt/.code args={<#1>#2#3#4}{%
-  \alt<#1>{\pgfkeysalso{#2}}{\pgfkeysalso{#3}} % \pgfkeysalso doesn't change the path
-}}
-
-\begin{frame}[t]
-\frametitle{\begin{tabular}{c}3rd Lecture:\\ Buffer Overflow Attacks\end{tabular}}
-
-\begin{itemize}
-\item the problem arises from the way C/C++ organises its function calls\\[-8mm]\mbox{}
-\end{itemize}
-
-\begin{center}
-\begin{tikzpicture}[scale=1]
-%\draw[black!10,step=2mm] (0,0) grid (9,4);
-%\draw[black!10,thick,step=10mm] (0,0) grid (9,4);
-
-\node at (0.5,4.5) {\small\begin{tabular}{l}main\\[-2mm] prog.\end{tabular}};
-\draw[line width=0mm, white, alt=<2->{fill=red}{fill=blue}] (0,2.5) rectangle (1,3.8);
-\draw[line width=0mm, white, alt=<9->{fill=red}{fill=blue}] (0,0.2) rectangle (1,0.5);
-\draw[line width=1mm, alt=<3->{fill=yellow}{fill=blue}] (0,2.0) rectangle (1,2.5);
-\draw[line width=1mm, alt=<6->{fill=red}{fill=blue}] (0,1.0) rectangle (1,2.0);
-\draw[line width=1mm, alt=<7->{fill=yellow}{fill=blue}] (0,0.5) rectangle (1,1.0);
-\draw[line width=1mm] (0,0) -- (0,4);
-\draw[line width=1mm] (1,0) -- (1,4);
-
-\node at (3.5,3.5) {\small\begin{tabular}{l}fact(n)\end{tabular}};
-\draw[line width=1mm, alt=<{4-5,8}>{fill=red}{fill=blue}] (3,1.0) rectangle (4,3.0);
-
-\onslide<3-4>{\draw[->, line width=1mm,red] (1,2.3) to node [above,sloped,midway] {n=4} (3,3);}
-\onslide<5>{\draw[<-, line width=1mm,red] (1,2.3) to node [above,sloped,midway] {res=24} (3,1);}
-
-\onslide<7-8>{\draw[->, line width=1mm,red] (1,0.8) to node [above,sloped,midway] {n=3} (3,3);}
-\onslide<9>{\draw[<-, line width=1mm,red] (1,0.8) to node [above,sloped,midway] {res=6} (3,1);}
-
-
-\node at (7.75,3.9) {\small\begin{tabular}{l}stack\end{tabular}};
-\draw[line width=1mm] (7,3.5) -- (7,0.5) -- (8.5,0.5) -- (8.5,3.5);
-
-\onslide<3,4,7,8>{
-\node at (7.75, 1.4) {ret};
-\draw[line width=1mm] (7,1.1) -- (8.5,1.1);
-\node at (7.75, 2.0) {sp};
-\draw[line width=1mm] (7,2.3) -- (8.5,2.3);
-}
-\onslide<3,4>{
-\node at (7.75, 0.8) {4};
-\draw[line width=1mm] (7,1.7) -- (8.5,1.7);
-}
-\onslide<7,8>{
-\node at (7.75, 0.8) {3};
-\draw[line width=1mm] (7,1.7) -- (8.5,1.7);
-}
-
-
-\end{tikzpicture}
-\end{center}
-
-\end{frame}
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[t]
-
-\begin{center}
-\begin{tikzpicture}[scale=1]
-%\draw[black!10,step=2mm] (0,0) grid (9,4);
-%\draw[black!10,thick,step=10mm] (0,0) grid (9,4);
-
-\node at (0.5,4.5) {\small\begin{tabular}{l}main\\[-2mm] prog.\end{tabular}};
-\draw[line width=0mm, white, alt=<2->{fill=red}{fill=blue}] (0,2.5) rectangle (1,3.8);
-\draw[line width=1mm, white, fill=blue] (0,1.0) rectangle (1,2.0);
-\draw[line width=1mm, alt=<3->{fill=yellow}{fill=blue}] (0,2.0) rectangle (1,2.5);
-\draw[line width=1mm] (0,0) -- (0,4);
-\draw[line width=1mm] (1,0) -- (1,4);
-
-\node at (3.5,3.5) {\small\begin{tabular}{l}fact(n)\end{tabular}};
-\draw[line width=0mm, alt=<{4-}>{red, fill=red}{blue, fill=blue}] (3,2.8) rectangle (4,3.0);
-\draw[line width=0mm, alt=<{5-}>{red, fill=red}{blue, fill=blue}] (3,2.8) rectangle (4,2.0);
-\draw[line width=0mm, alt=<{7-}>{red, fill=red}{blue, fill=blue}] (3,2.0) rectangle (4,1.0);
-\draw[line width=1mm] (3,1.0) rectangle (4,3.0);
-
-\onslide<3->{\draw[->, line width=1mm,red] (1,2.3) to node [above,sloped,midway] {n=4} (3,3);}
-\onslide<5->{\draw[<-, line width=2mm,red] (4,2) to node [above,sloped,midway] 
-{\begin{tabular}{l}user\\[-1mm] input\end{tabular}} (6,2);}
-\onslide<8->{\draw[<-, line width=1mm,red] (1,-2) to (3,1);}
-
-\node at (7.75,3.9) {\small\begin{tabular}{l}stack\end{tabular}};
-\draw[line width=1mm] (7,3.5) -- (7,-0.1) -- (8.5,-0.1) -- (8.5,3.5);
-
-\onslide<3->{
-\node at (7.75, 0.2) {4};
-\draw[line width=1mm,alt=<6->{fill=red}{fill=white}] (7,0.5) rectangle (8.5,1.1);
-\node at (7.75, 0.8) {\alt<6->{@a\#}{ret}};
-\draw[line width=1mm,alt=<6->{fill=red}{fill=white}] (7,1.1) rectangle (8.5,1.7);
-\node at (7.75, 1.4) {\alt<6->{!?w;}sp};
-}
-
-\onslide<4->{
-\draw[line width=1mm,fill=red] (7,1.7) rectangle (8.5,3.0);
-\node[white] at (7.75, 2.4) {buffer};
-}
-
-\end{tikzpicture}
-\end{center}
-
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[t]
-\frametitle{\begin{tabular}{c}3rd Lecture:\\[-3mm] 
-Buffer Overflow Attacks\end{tabular}}
-
-US National Vulnerability Database\\ 
-\small(636 out of 6675 in 2014)
-
-\begin{center}
-\begin{tikzpicture}
-\begin{axis}[
-    xlabel={year},
-    ylabel={\% of total attacks},
-    ylabel style={yshift=0em},
-    enlargelimits=false,
-    xtick={1997,1999,...,2015},
-    xmin=1996.5,
-    xmax=2016,
-    ymax=21,
-    ytick={0,5,...,20},
-    scaled ticks=false,
-    axis lines=left,
-    width=11cm,
-    height=5cm,
-    ybar,
-    nodes near coords=
-     {\footnotesize
-      $\pgfmathprintnumber[fixed,fixed zerofill,precision=1,use comma]{\pgfkeysvalueof{/data point/y}}$},
-    x tick label style={font=\scriptsize,/pgf/number format/1000 sep={}}]
-\addplot
-  table [x=Year,y=Percentage] {../handouts/bufferoverflows.data};
-\end{axis}
-\end{tikzpicture}
-\end{center}
-
-\scriptsize
-\url{http://web.nvd.nist.gov/view/vuln/statistics}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[t]
-\frametitle{\begin{tabular}{c}4th Lecture:\\ Unix Access Control\end{tabular}}
-
-\begin{itemize}
-\item privileges are specified by file access permissions (``everything is a file'') 
-\end{itemize}\medskip
-
-\begin{center}
-  \begin{tikzpicture}[scale=1]
-  
-  \draw[line width=1mm] (-.3, 0) rectangle (1.5,2);
-  \draw (4.7,1) node {Internet};
-  \draw (-2.7,1.7) node {\footnotesize Application};
-  \draw (0.6,1.7) node {\footnotesize Interface};
-  \draw (0.6,-0.4) node {\footnotesize \begin{tabular}{c}unprivileged\\[-1mm] process\end{tabular}};
-  \draw (-2.7,-0.4) node {\footnotesize \begin{tabular}{c}privileged\\[-1mm] process\end{tabular}};
-  
-  \draw[line width=1mm] (-1.8, 0) rectangle (-3.6,2);
-
-  \draw[white] (1.7,1) node (X) {};
-  \draw[white] (3.7,1) node (Y) {};
-  \draw[red, <->, line width = 2mm] (X) -- (Y);
- 
-  \draw[red, <->, line width = 1mm] (-0.6,1) -- (-1.6,1);
-  \end{tikzpicture}
-\end{center}
-
-\begin{itemize}
-\item the idea is to make the attack surface smaller and 
-mitigate the consequences of an attack
-\end{itemize}
-
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[fragile,t]
-\frametitle{\begin{tabular}{c}4th Lecture:\\ Unix Access Control\end{tabular}}
-
-\begin{itemize}
-\item when a file with setuid is executed, the resulting process will assume the 
-UID given to the owner of the file
-\end{itemize}
-
-\footnotesize\tt
-\begin{center}
-\begin{verbatim}
-$ ls -ld . * */*
-drwxr-xr-x 1 ping staff  32768 Apr  2 2010 .
--rw----r-- 1 ping students  31359 Jul 24 2011 manual.txt
--r--rw--w- 1 bob students    4359 Jul 24 2011 report.txt
--rwsr--r-x 1 bob students  141359 Jun  1 2013 microedit
-dr--r-xr-x 1 bob staff      32768 Jul 23 2011 src
--rw-r--r-- 1 bob staff      81359 Feb 28 2012 src/code.c
--r--rw---- 1 emma students    959 Jan 23 2012 src/code.h
-\end{verbatim}
-\end{center}
-
-
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[t]
-\frametitle{\begin{tabular}{c}4th Lecture:\\ Unix Access Control\end{tabular}}
-
-\begin{itemize}
-\item Alice wants to have her files readable, 
-\alert{except} for her office mates.\bigskip
-
-\item make sure you understand the setuid and setgid bits; 
-  why are they necessary for login and passwd
-\end{itemize}
-
-
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
 
 
 \end{document}