• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
E gov security_tut_session_2

E gov security_tut_session_2






Total Views
Views on SlideShare
Embed Views



1 Embed 51

http://www.egovacademy.ps 51



Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution-NonCommercial LicenseCC Attribution-NonCommercial License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    E gov security_tut_session_2 E gov security_tut_session_2 Presentation Transcript

    • ‫أكاديمية الحكومة اإللكترونية الفلسطينية‬The Palestinian eGovernment Academy www.egovacademy.psTutorial 5: Information Security Session 2Internet Risks and Attacks Dr. Mohammad Jubran University of Birzeit mjubran@birzeit.edu PalGov © 2011 1
    • AboutThis tutorial is part of the PalGov project, funded by the TEMPUS IV program of theCommission of the European Communities, grant agreement 511159-TEMPUS-1-2010-1-PS-TEMPUS-JPHES. The project website: www.egovacademy.psProject Consortium: Birzeit University, Palestine University of Trento, Italy (Coordinator ) Palestine Polytechnic University, Palestine Vrije Universiteit Brussel, Belgium Palestine Technical University, Palestine Université de Savoie, France Ministry of Telecom and IT, Palestine University of Namur, Belgium Ministry of Interior, Palestine TrueTrust, UK Ministry of Local Government, PalestineCoordinator:Dr. Mustafa JarrarBirzeit University, P.O.Box 14- Birzeit, PalestineTelfax:+972 2 2982935 mjarrar@birzeit.eduPalGov © 2011 2
    • © Copyright NotesEveryone is encouraged to use this material, or part of it, but should properlycite the project (logo and website), and the author of that part.No part of this tutorial may be reproduced or modified in any form or by anymeans, without prior written permission from the project, who have the fullcopyrights on the material. Attribution-NonCommercial-ShareAlike CC-BY-NC-SAThis license lets others remix, tweak, and build upon your work non-commercially, as long as they credit you and license their new creationsunder the identical terms. PalGov © 2011 3
    • Tutorial 5: Information SecuritySession 2: Internet Risks and AttacksSession 2 Outline: • Session 2 ILO’s. • Attacks on Internet Stack (IP, DNS, UDP, DOS, and DDOS). • Symmetric and Asymmetric Cryptography. PalGov © 2011 4
    • Tutorial 2: Session 5 ILOsAfter completing this session you will be able to:• A: Knowledge and Understanding • a1: Define the different risks and threats from being connected to networks, internet and web applications. • a2: Defines security standards and policies. • a3: Understand the basic principles of cryptography• B: Intellectual Skills • b1: Illustrate the different risks and threats from being connected. • b3: Design end-to-end secure and available systems. • b4: Design integrity and confidentiality services. PalGov © 2011 5
    • Tutorial 5: Information SecuritySession 2: Internet Risks and AttacksSession 2 Outline: • Session 2 ILO’s. • Attacks on Internet Stack (IP, DNS, UDP, DOS, and DDOS). • Symmetric and Asymmetric Cryptography. PalGov © 2011 6
    • Types of Attacks Experienced By Percent of Respondents -2010 / 2011 CSI Computer Crime and Security Survey PalGov © 2011 7
    • Types of Attacks Experienced By Percent of Respondents - 2010 / 2011 CSI Computer Crime and Security Survey continue 2005 2006 2007 2008 2009 2010 Malware infection 74% 65% 52% 50% 64% 67% Bots / zombies within the organization added in 2007 21% 20% 23% 29% Being fraudulently represented as sender of phishing messages added in 2007 26% 31% 34% 39% Password sniffing added in 2007 10% 9% 17% 12% Financial fraud 7% 9% 12% 12% 20% 9% Denial of service 32% 25% 25% 21% 29% 17% Extortion or blackmail associated with threat of attack or release of stolen option added in 2009 3% 1% data Web site defacement 5% 6% 10% 6% 14% 7% Other exploit of public-facing Web site option altered in 2009 6% 7% Exploit of wireless network 16% 14% 17% 14% 8% 7% Exploit of DNS server added in 2007 6% 8% 7% 2% Exploit of client Web browser option added in 2009 11% 10% Exploit of user’s social network profile option added in 2009 7% 5% Instant messaging abuse added in 2007 25% 21% 8% 5% Insider abuse of Internet access or e-mail 48% 42% 59% 44% 30% 25% Unauthorized access or privilege escalation by insider option altered in 2009 15% 13% System penetration by outsider option altered in 2009 14% 11% Laptop or mobile hardware theft or loss 48% 47% 50% 42% 42% 34%Theft of or unauthorized access to PII or PHI due to mobile device theft/loss option added in 2008 8% 6% 5%Theft of or unauthorized access to intellectual property due to mobile device option added in 2008 4% 6% 5% theft/loss Theft of or unauthorized access to PII or PHI due to all other causes option added in 2008 8% 10% 11% Theft of or unauthorized access to intellectual property due to all other option added in 2008 5% 8% 5% causes PalGov © 2011 8
    • Types of Attacks Experienced By Percent of Respondents -2010 / 2011 CSI Computer Crime and Security Survey continue PalGov © 2011 9
    • Types of Attacks Experienced By Percent of Respondents -2010 / 2011 CSI Computer Crime and Security Survey continue Acting before attack is why you are being invited to this tutorial PalGov © 2011 10
    • Security Terminology Lecture slides by Lawrie Brown PalGov © 2011 11
    • Vulnerabilities and Attacks in computer security• Vulnerability: is a weakness which allows an attacker to reduce systems information assurance as a result of [1] – system susceptibility or flaw – attacker access to the flaw – and attacker capability to exploit the flaw• Vulnerable in system resource may result in – System being corrupted (loss of integrity) – System being leaky (no confidentiality) – System is down or doesn’t respond (unavailability)• Attacks exploited vulnerabilities and may be – Passive (eavesdropping ,release of message information, traffic analysis) – Active (masquerade, replay, modification, denial of service)[1]: The Three Tenents of Cyber Security". U.S. Air Force Software Protection Initiative. http://www.spi.dod.mil/tenets.htm. Retrieved 2009-12-15. PalGov © 2011 12
    • Countermeasures to Attacks in computer security• To deal with computer attacks actions should be taken (countermeasures) to minimize risks provided few constraints (complexity, effectiveness, cost, people’s convenience, …)• Countermeasures may be classified as – Prevention: to prevent and avoid being attacked – Detections: to detect attacks in order to handle them – Recover: to recover and restore the situation after being attacked PalGov © 2011 13
    • Security Taxonomy Lecture slides by Lawrie BrownAttacker Tool Vulnerability Action Target Unauthorized increase physical design probe account access Implementati discloser of command on scan process information script or corruption of program configuration flood data information autonomous denial of agent authenticate component service Info Theft of exchange bypass computer resources toolkit spoof network distributed read internetwork data tap copy steal modify delete PalGov © 2011 14
    • Classic Denial of Service Attacks Graphics from slides by Lawrie Brown• A denial-of-service attack (DoS attack) or distributed denial- of-service attack (DDoS attack) is an attempt to make a computer or network resource unavailable to its intended users[1] – network bandwidth – system resources – application resources PalGov © 2011 15
    • TCP Connection Handshake client server Send SYN (seq=x) 1 Receive SYN (seq=x) Send SYN-ACK 2 (seq=y, ack=x+1)Receive SYN-ACK(seq=y, ack=x+1) Send ACK (ack=y+1) 3 Receive ACK (ack=y+1) PalGov © 2011 16
    • SYN Spoofing Attack Attacker don’t need a high Client under attack is bandwidth connection to flooded with start the attack. attacker server spoofed clientSend SYN withspoofed source 1 address (seq=x) Receive SYN (seq=x) Send SYN-ACK (seq=y, ack=x+1) 2 Resend SYN-ACK after timeout Won’t send SYN-ACK because it didn’t start the connection Assume failed connection request PalGov © 2011 17
    • Types of Flooding Attacks• Flooding attack is a form of DoS attack in which the attacker try to overload the clients resources• It can be classified according to the network protocol used – ICMP Flood • Rely on the broadcast configuration of the network • uses ICMP packets, e.g echo request • typically allowed through because some are required • the attack usually done as follows: – Determining the IP address to attack – Determine a network with good bandwidth and resources to amplify the attack – Hacker will send huge amount of ICMP packets to a broadcast ip address for the network, with a spoofed source IP address to point to the client under attack. – Router or gateway deliver the broadcast at layer 2 to all the hosts in the network. – Hosts reply to the spoofed address causing a lot of traffic.. PalGov © 2011 18
    • Types of Flooding Attacks continue– UDP Flood • send a large number of UDP packets to random port to a specific client • client will check applications listening to that port • If none, then will send ICMP destination unreachable • To avoid being flooded with these packets, attacker may use a spoofed source address. • Countermeasure: use firewalls to block unwanted trafic– TCP SYN Flood • use TCP SYN (connection request) packets • but for volume attack • Countermeasure may include: SYN cookies provide protection against the SYN flood by eliminating the resources allocated on the target host. • Limiting the number of connection per source address is not a solution since attacker may use randomly generated spoofed source addresses. PalGov © 2011 19
    • Some DoS attacks Lecture notes of Prof. Ruby Lee Attack Affected Area Example DescriptionNetwork Level Routers, IP Ascend Kill II, Attack attempts to exhaust hardware resourcesDevice Switches, “Christmas Tree Packets” using multiple duplicate packets or a software Firewalls bug.OS Level Equipment Vendor Ping of Death, Attack takes advantage of the way operating OS, End-User ICMP Echo Attacks, systems implement protocols. Equipment. TeardropApplication Level Finger Bomb Finger Bomb, Attack a service or machine by using anAttacks Windows NT RealServer application attack to exhaust resources. G2 6.0Data Flood Host computer or Smurf Attack (amplifier Attack in which massive quantities of data are(Amplification, network attack) sent to a target with the intention of using upOscillation, UDP Echo (oscillation bandwidth/processing resources.Simple Flooding) attack)Protocol Feature Servers, Client PC, SYN (connection depletion) Attack in which “bugs” in protocol are utilizedAttacks DNS Servers to take down network resources. Methods of attack include: IP address spoofing, and corrupting DNS server cache. PalGov © 2011 20
    • Countermeasures … to DoS attacks Lecture notes of Prof. Ruby Lee Attack Countermeasure Example Description OptionsNetwork Level Software patches, Ingress and Egress Software upgrades can fix known bugs andDevice packet filtering Filtering packet filtering can prevent attacking traffic from entering a network.OS Level SYN Cookies, drop SYN Cookies Shortening the backlog time and dropping backlog connections, backlog connections will free up resources. shorten timeout time SYN cookies proactively prevent attacks.Application Intrusion Detection GuardDog, other Software used to detect illicit activity.Level Attacks System vendors.Data Flood Replication and Load Akami/Digital Extend the volume of content under attack(Amplification, Balancing Island provide makes it more complicated and harder forOscillation, content distribution. attackers to identify services to attack andSimple Flooding) accomplish complete attacks.Protocol Feature Extend protocols to ITEF standard for Trace source/destination packets by a meansAttacks support security. itrace, DNSSEC other than the IP address (blocks against IP address spoofing). DNSSEC would provide authorization and authentication on DNS information. PalGov © 2011 21
    • Distributed Denial of Service Attacks• Let us read it together: “A Distributed Denial of Service (DDoS) attack uses many computers to launch a coordinated DoS attack against one or more targets. Using client/server technology, the perpetrator is able to multiply the effectiveness of the Denial of Service significantly by harnessing the resources of multiple unwitting accomplice computers which serve as attack platforms. Typically a DDoS master program is installed on one computer using a stolen account. The master program, at a designated time, then communicates to any number of "agent" programs, installed on computers anywhere on the internet. The agents, when they receive the command, initiate the attack. Using client/server technology, the master program can initiate hundreds or even thousands of agent programs within seconds”[1][1] Stein, Lincoln. The World Wide Web Security FAQ, Version 3.1.2, February 4, 2002. http://www.s3.org/security/faq/ PalGov © 2011 22
    • DDoS Control Hierarchy Graphics from slides by Lawrie Brown PalGov © 2011 23
    • Reflection Attacks• Attacker uses a spoofed source address and send many requests to many servers• Servers will respond to the client under attack (his IP is being spoofed by attacker)• If many servers response with good speed and bandwidth, client or target will be flooded with packets.• Countermeasure: block source spoofed packets PalGov © 2011 24
    • Amplification Attacks Graphics from slides by Lawrie Brown PalGov © 2011 25
    • DNS Amplification Attacks• Attacker uses an ip spoofed DNS inquiry to trigger a response from the DNS server to the target.• Attacker try to exploit DNS behavior to convert a small request to a much larger response – 60 byte request to 512 - 4000 byte response• attacker sends requests to multiple servers with high bandwidth connections, which flood target – need only moderate flow of request packets – DNS servers will also be loaded PalGov © 2011 26
    • DDoS Attack Defenses• three lines of defense against DDoS: – attack prevention and preemption – attack detection and filtering – attack source traceback and identification Avoid initial attack• Use of Firewalls• Check incoming/outgoing Packets (filtration)• Use a server farm and load balancer to offset the effects of a DDoS attack• countermeasure SYN flood attacks by discarding the first SYN packet, this will cause delay for legitimate users.• Change logical addressing (IP) of attacked systems. PalGov © 2011 27
    • Attack Prevention• block spoofed source addresses – on routers as close to source as possible – still far too rarely implemented• rate controls in upstream distribution nets – on specific packets types – e.g. some ICMP, some UDP, TCP/SYN• use modified TCP connection handling – use SYN cookies when table full – or selective or random drop when table full• block IP directed broadcasts• block suspicious services & combinations• manage application attacks with “puzzles” to distinguish legitimate human requests• good general system security practices• use mirrored and replicated servers when high-performance and reliability required PalGov © 2011 28
    • Tutorial 5: Information SecuritySession 2: Internet Risks and AttacksSession 2 Outline: • Session 2 ILO’s. • Attacks on Internet Stack (IP, DNS, UDP, DOS, and DDOS). • Symmetric and Asymmetric Cryptography. PalGov © 2011 29
    • Symmetric and Asymmetric Cryptography• Cryptography – The science and art of engineering and designing ciphers;• Cryptanalysis – The science and art of analysing and breaking them;• Cryptology – Both the above. Plain encryptio Cipher decryptio Plain text n text n text PalGov © 2011 30
    • Standardizing Encryption and Decryption• We want robust reusable components to do encryption and decryption. – Standardize the algorithm; allows public review. – Concentrate the information that makes the process unique into a key. Plain encryptio Cipher decryptio Plain text n text n text encryptio decryptio n Key n Key PalGov © 2011 31
    • Symmetric and Asymmetric Systems• Symmetric encryption: both keys used for encryption (encryption key) and for decryption (decryption key) are the same. – Keys are shared secretly (key distribution is an issue to look for) – Both partes trust each other to keep the keys secret from public.• Asymmetric encryption: the key used for encryption (encryption key is different than the one used for decryption (decryption key), they might be used in different formats. – The two keys are owned and managed separately – One of the keys is kept private, but the other one is made available to public (public key). PalGov © 2011 32
    • Symmetric Systems Kinds of Cipher• There are three common families of cipher: – Substitution ciphers • Replace each symbol independently of the others – Stream ciphers • Process each symbol in a way that depends on its position in the input stream – Block ciphers • Divide input into blocks and apply the same algorithm to each block in sequence – but may depend on position in the sequence of blocks. – Might require adding padding bits (e.g. 14 bits all set to zeros at the end of a block of 50 bits if the encryption algo. requires blocks of 64 bits) PalGov © 2011 33
    • Digital Encryption Standard (DES) and 3DES• DES is a Feistel Cipher – Block size 64 bits – Key size 56 bits – 16 stages; each has a 48 bit key formed from the user key – One-way function (will be discussed later) is SP • Expand to 48 bits (4 bits to 6 bits) • Mix in stage key with XOR • Pass through S-boxes that map 6 bits back to 4 and then permute results.• Key now generally seen as too short – Best shortcuts need 242 known texts to recover key.• Using the current technology, DES has been broken – broken: plain text can be recovered from the encrypted text within a reasonable amount of time.• To improve strength, Triple DES provides three keys – Three stages • Encrypt with key one • Decrypt with key two • Encrypt with key three – This structure chosen so that if all three keys are set equal, result is single DES PalGov © 2011 34
    • Advanced Encryption Standard (AES)• AES returns to the Substitution Permutation (SP) structure – Used 128 bit (16 byte) blocks and 128, 192 or 256 bit keys • S-box is 8 bit to 8 bit, derived from group theory to have good properties • Linear transformation is based on laying data out as a 4*4 grid of bytes and applying matrix operations • Bytes from a key stream derived from the user key are added in to each byte of the matrix to complete the stage. • There are 10, 12 or 14 stages depending on key length.• It is expect to hold against cryptanalysis for some time depending on the advancements of technology and computations power PalGov © 2011 35
    • Styles of Block Encryption• Electronic Code Book – Each block is coded independently. – this is weak, because equal text blocks give equal cipher texts. – inference can then be used to break the cipher.• Chain Coding (Cipher Block Chaining) – Block N is XORed with the encrypted version of block (N-1). – Start with an agreed initial vector (key). – the text generated is different each time; – any change makes the rest of the message unreadable. Ci-1 Mi encrypt Ci PalGov © 2011 36
    • Cryptographic Strength• We can measure the strength of a system in terms of the number of trials needed to break it in a given situation. – For brute force attacks this is likely to relate to the effective key size – e.g. a 16 bit key needs 215 trials on average to find the key. – However, given more information, such as specific plaintext to cipher- text correspondences, this number can be significantly reduced. PalGov © 2011 37
    • Cryptography - Forms of Attack• Brute force – Try all keys, assumes you can recognize success! – Current specialised hardware can do 1011 key tests/sec• Cut and paste – If diffusion is low, we can substitute parts of known messages at known offsets in e.g. a banking transaction.• Known plaintext or known ciphertext – Shortcut the brute force costs by having examples of matching plain and cipher texts. Inject plaintext to see ciphertext, or inject known ciphertext to see decrypted plaintext. PalGov © 2011 38
    • Key Distribution• In symmetric cryptography the secret key must be shared and in public key cryptography the private key need to be delivered to its owner.• Key Distribution Center (KDC): – Jubran and Ahmad need shared symmetric key. – KDC: server shares different secret key with each registered user (many users) (KJ-KDC, KA-KDC, KX-KDC) – Jubran, Ahmad know own symmetric keys, KA-KDC KB-KDC , for communicating with KDC. KA-KDC KJ-KDC Jubran X KJ-KDC KX-KDC KX-KDC KDC Ahmad KY-KDC KA-KDC PalGov © 2011 39
    • Key Distribution Center (KDC) Q: How does KDC allow Bob, Alice to determine shared symmetric secret key to communicate with each other? Uses A,J to 1.KA-KDC(A,J) generate R1 Ahmad KA-KDC KJ-KDC KA-KDC 2.KA-KDC(R1, KB-KDC(A,R1) ) KX-KDC Alice KDCknows R1 KY-KDC Jubran KJ-KDC PalGov © 2011 40
    • How Useful is a KDC?• KDC trust may be questionable, it may expose our keys to others• Centralized processing and single point of failure• Must always be online to support secure communication• In practice, the KDC model is mostly used within single organizations (e.g. Kerberos) but not more widely. PalGov © 2011 41
    • Public Key Styles• The keys are different, one of them is kept private and the other one can be made public, text encrypted by either of them can be decrypted by the other – Confidentiality: sender will encrypt the message using my public key (known by everyone), but only myself can decrypt the message using my private key (kept secret, known only to me). – Authentication: I use my private key to encrypt a message (only myself can do that using my private key), anyone who use my public key to decrypt the message is sure that it was encrypted using my private key (myself assuming I kept the private key secret) – non-repudiation: a message decrypted using my public key is defiantly being encrypted using my private key, and so I can’t deny creating it (off course assuming I kept my key secret). – Motivation question: a message being encrypted using private key of A, what does the following cases imply • The message is being decrypted using A’s public key. • The message is being decrypted using B’s public key... (but you don’t know the original message)? To be discussed next. PalGov © 2011 42
    • Factoring. RSA Algorithm• Ciphersbased on the problem of factorizing large numberswhich have few prime factors.•E.g. RSA: – key is of order 1-2000 bits; message is split into blocks of similar size.•Find a number N that is the product of two large prime numbers, p and q.Pick a public exponent e. Secret exponent d is now given by ed mod (p-1)(q-1) = 1 – N,e is the public key. N,d is the private key e C  M modulo N•Infinite possibilities for d and M, and computationally expensive to factor Ninto p and q, so encrypted message C is secure M  C d modulo N PalGov © 2011 43
    • Use of PKC in Communications• Public keys are hard to generate and expensive to use.• So we try to minimize their use. – use for exchanges in the authorization process; – use to transfer a fresh session key; – use symmetric encryption for the session data; – change session keys often enough. PalGov © 2011 44
    • Hash Functions and MACs• We often want to know whether a message or document has been modified since its creation.• Can do this by calculating a smaller value represents the document – Changing the document changes this value – The major concern in deciding what algorithm to use is to avoid collisions• In general, a small value representing a larger object is called a hash and generated by a hash function.• The hash used in this specific application is called a message authentication code (MAC) or Message Integrity Code (MIC). PalGov © 2011 45
    • Properties of a Hash• What an attacker will typically be doing is taking a signed document and trying to change it to another one which has the same hash but different semantics – This is why collisions are important – the aim is to find a collision with the original value.• Need a wide enough hash, or attacker can just try a series of changes until a collision is found – Can play with non-significant content, like white space to find a collision, or use antonyms e.g. small -> big. – Documents with a lot of hidden redundant information, such as Word documents, make this easier.• One technique is to use message blocks as keys to repeatedly encrypt a partial hash, mixing input with output to make the process non-invertible. PalGov © 2011 46
    • Signature• Just encrypting the text to be signed leaves it open to a chosen message attack – Get target to sign an apparently innocent nonsense message, constructed from random data encrypted with their public key and something you want them to sign; – Can extract original random bits, which have now been encrypted with both public and private keys, leaving signed forged message.• Also asymmetric encryption is computationally expensive• So form a one way hash of message to be signed, and encrypt that instead. • This is one area where message digest functions or message authentication codes (MAC) are used. PalGov © 2011 47
    • Capabilities• One particular use of signature is to represent authority within operating systems.• Authority is represented by a small capability object containing – An action id – A process identity – Some signature information• A requested action is permitted if a capability corresponding to it is also presented• The operating system supports transfer of capabilities, changing the signature accordingly• The cryptographic requirements can be quite weak because lifetimes are typically short (average process lifetime). PalGov © 2011 48
    • Public Key Infrastructure• What is Public Key Infrastructure (PKI)1) Set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates[1]2) Simply a system in which public keys are binded to user identities by means of Certification Authority.[1]: "LPKI - A Lightweight Public Key Infrastructure for the Mobile Environments", Proceedings of the 11th IEEE International Conference on Communication Systems (IEEE ICCS08), pp.162-166, Guangzhou, China, Nov. 2008. PalGov © 2011 49
    • Certification AuthoritiesCertification authority (CA)• generates a signed certificate using CA’s private key which binds a particular entity to its public key.• An entity responsible to issue, revoke and manage digital certificates – Verify the identity and information provided by the entity asking for certificate – may generate private and public keys for entities. – binds the identity and associated info. of an entity with its public key using the CA’s private key  public key certificate – Public key certificates are authentic as they can’t be altered without detection. PalGov © 2011 50
    • Certification Authorities continue• Procedure to obtain a CA signed digital certificate: – Submit a proof of identity and any other information to be included in the certificate to CA (usually done offline) – CA uses its private key to bind the provided information by the entity to its public key – Again, the asymmetric key pair might be generated by the CA, or the public key is provided by the entity itself. – Again, Certificate contains • Owner’s distinguished name • Owners public key • Issuer’s distinguished name • Issuer’s digital signature PalGov © 2011 51
    • Certification Authorities continue• How to validate a public key within a certificate: – Get the CA signed certificate (from the entity itself or elsewhere) – The CA public key must be known for you. – Use the CA public key to verify the signature within the certificate. “notice: entity info and public key are binded by the CA private key” – If the signature is valid then accept the public key. Digital Certificate of Jubran Use KCA to verify · Some info. the binding If Kj is truly binded · Public key; Kj between Sj and Kj to Sj then use it · Siganture; Sj CA public key KCA PalGov © 2011 52
    • Certification Authority continueImportant: you must TRUST the CA in order to TRUSTthe digital certificate including the public key signed byit, and so any digitally signed messages validatedusing this public key PalGov © 2011 53
    • Some General Conclusions• Cryptography is hard, and widespread testing and comment is needed – Don’t roll your own – reuse well analysed solutions• Keep algorithm choice modular – If progress demands greater strength, be able to change algorithms as a configuration matter• More is not necessarily better – Offering multiple solutions leads to interworking problems, and negotiation becomes a vulnerability. – Don’t encrypt already encrypted material – may have side effects that weaken the whole system. PalGov © 2011 54
    • Summary• In this session we discussed the following: – Overview and awareness topics on attacks on Internet Stacks – More focus was toward denial of service and distributed denial of service. – Introduction to cryptography and hash functions PalGov © 2011 55