Computer Security CSE 543
Popular in Course
Popular in Computer Science and Engineering
This 0 page Class Notes was uploaded by Libby Kuhlman on Sunday November 1, 2015. The Class Notes belongs to CSE 543 at Pennsylvania State University taught by Staff in Fall. Since its upload, it has received 27 views. For similar materials see /class/233115/cse-543-pennsylvania-state-university in Computer Science and Engineering at Pennsylvania State University.
Reviews for Computer Security
Report this Material
What is Karma?
Karma is the currency of StudySoup.
Date Created: 11/01/15
CSE 543 Computer Security Lecture 8 PKI September 20 2007 URL httpwwwcsepsuedutjaegercse543 f07 PENNSTATE Meeting Someone New Anywhere in the Internet Public Key Infrastructure PENNTE System to securely distribute public keys Q Why is that hard Terminology Alice signs a certificate for Bob s name and key Alice is issuer and Bob is subject Alice wants to find a path to Bob s key Alice is verifierand Bob is target Anything that has a public key is a principal Anything trusted to sign certificates is a trust anchor Its certificate is a root certificate I l PENNSTATE What is a certificate A certificate makes an association between a user identityjobattribute and a private key contains public key information en has a validity period is signed by some certificate authority CA Issued by CA for some purpose Verisign is in the business of issuing certificates People trust Verisign to vet identity PENNSTATE Why do I trust the certificate A collections of root CA certificates baked into your browser vetted by the browser manufacturer supposedly closely guarded yeah right Root certificates used to validate certificate Vouches for certificate s authenticity Sigm What is a PKI Rooted tree of CAs Cascading issuance Any CA can issue cert CAs issue certs for children PENNSTATE Certificate Validation PENNSTATE PKI and Revocation Certificate may be revoked before expiration Lost private key Compromised Owner no longer authorized Revocation is hard The antimatter problem Verifiers need to check revocation state Loses the advantage of offline verification Revocation state must be authenticated CSE543 Computer and Network Security Fall 2007 Professor Jaeger Trust WEE What is trust Is the belief that someone or something will behave as expected or in your best interest Is is constant Is is transferable Is it transitive Is is reflexive 1o Risks of PKI We This is an overview of one of many perspectives of PKI technologies PKI was like many security technologies claimed to be a panacea It was intended to solve a very hard problem build trust on a global level Running a CA license to print money Basic premise Assertion 1 ecommerce does not need PKI Assertion 2 PKI needs ecommerce Really talking about a full PKI everyone has certs Risk 1 Who do we trust and for what PENNTE Argument CA is not inherently trustworthy Why doshould you trust a CA In reality they defer all legal liability for running a bad CA Risk in the hands of the certificate holder l 92 CounterArgument Incentives Any CA caught misbehaving is going to be out of business tomorrow This scenario is much worse than getting sued Risk held by everybody which is what you want Everyone has reason to be diligent I l Risk 2 Who is using my key PENNSTATE Argument key is basically insecure Your key is vulnerable deal with it In some places you are being held responsible after a compromise CounterArgument this is the price of technology You have to accept some responsibility in order to get benefit Will encourage people to use only safe technology Q what would happen is same law applied to VISA I l Risk 3 How secure is the verifier PENNSTATE Argument the things that verify your credential are fundamentally vulnerable Everything is based on the legitimacy of the verifier root public key Browsers transparently use certificates M 0 CounterArgument this is the price of technology You have to accept some risk in order to get benefit Will encourage people to use only safe technology Q What s in your browser I l Risk 4 Which John Robinson is he PENNSTATE Argument identity in PKI is reallytoo loosely defined No standards for getting credential No publicly known unqiue identifiers for people so how do you tell people apart M Think about Microsoft certificate l t 0g CounterArgument due diligence Only use certificates in well known circumstances When in doubt use other channels to help Q Is this true of other valued items checks I l PENNSTATE Risk 5 Is the CA an authority Argument there are things in certificates that claim authenticity and authorization of which they have no dominion rights such as the right to perform SSL this confuses authorization authority with authentication authority DNS attributes the CA is no the arbiter of these things CounterArgument this is OK because it is part of the implicit charge we give our CA we implicitly accept the CA as authority in several domains I l PENNSTATE Risks 6 and 7 6 Is the user part of the design Argument too many things hidden in use user has no ability to affect or see what is going on CounterArgument Users would screw it up anyway too sophisticated 7 Was it one CA or CARA Argument separation of registration from issuance allows forgery CounterArgument this is an artifact of organization only a problem when CA is bad in which case you are doomed anyway I l PENNSTATE Risks 8 and 9 8 How was the user authenticated Argument CAs do not have good information to work with so real identification is poor as VISA CounterArgument It has worked well in the physical work why not here 39 l l e l 92 9 How secure are the certificate practices Argument people don t use them correctly and don t know the implications of what they do use Point in fact revocation and expiration are largely ignored in real system deployments CounterArgument most are pretty good now probably won t burn us anytime soon I l Risk 9 How secure is the verifier PENNSTATE Argument the things that verify your credential are fundamentally vulnerable Everything is based on the legitimacy of the verifier root public key Browsers transparently use certificates M 0 CounterArgument this is the price of technology You have to accept some risk in order to get benefit Will encourage people to use only safe technology Q What s in your browser I l Risk 10 Why are we using CAs Argument We are trying to solve a painful problem authenticating users However certificates don t really solve the problem just give you another tool to implement it Hence it is not a panacea No delivered on it promises Counterargument PENNSTATE Single Sign On What do Schneier and Ellison say about 880 CSE 543 Computer Security Fall 2006 Lecture 8 Trusted Computing October 3 2006 URL httpwwwcsepsuedutjaegercse543 f06 PENNSTATE Background Background and Related Work sections for your course project are due on 1012 formerly 1010 It should be at least 28 pages long add figures if necessary and relevant 1 for problem 1 for related work longer than problem Should cover 1020 related works beyond just citation Writing style counts so use good grammar get readers This is 5 of your grade so take it very seriously You need to make some critical assessments about what work is relevant and why Background Current status of the technology related to the problem What s the problem Why hasn t it been solved yet some high level related work Related work PENNSTATE A good related work section should include works If they address the central problem If they address a related problem If they identified the problem If they use the same methodology for a similar problem If your work was inspired by them It should be a narrative about the field its logical relatives the problems it faces advances and failures and motivating articles Show how the body of work holds together in some philosophical or technological way Demonstrate mastery of subject matter to establish credentials for paper often a fatality if done wrong I J Tru wort y Computing Microsoft Palladium NGSCB How il wurks Windows OS NemorK cpu E Slang Chipsal 1 no Grapmcs What R does w an amends means 2 innnae rm gammy Aume mm new 1 m mm mm mug an an m mar4k mu m mm all u mwumumammr PENNSTATE Example of FUD Trusted Computing An Animated Short 39 hIlpwwwlalkonnelc What is Trust mfg dictionarycom Firm reliance on the integrity ability or character of a person or thing What do you trust Trust Exercise Do we trust our computers PENNSTATE Trust a system that you are forced to trust because you have no choice US DoD A trusted computer does not mean a computer is trustworthy B Schneier Trusted Computing Base Trusted Computing Base TCB Hardware Firmware Operating System etc There is always a level at which we must rely on trust How can we shrink the TCB Trusted Computing PENNSTATE Components according to Wikipedia Secure O Memory Curtaining Sealed Storage Remote Attestation Requires hardware support 39 Trusted Platform Module W25 The Trusted Platform Module TPM provides hardware support for seaed storage and remote attestation What else can it do wwwtrustedcomputinggrouporg RUS TED COMPUTING GROUPquot TPM Component Architecture Platform Attestation Nonvelatlle Confi uration Identity Pregram Storage 9 Code Register PCR Key AIK O l l Rand m SHA1 Key RSA Exec Number Englne Generation Engine Engine Generator TPM Discrete Components PENNTE InputOutput lO Allows the TPM to communicate with the rest of the system NonVolatile Storage Stores long term keys for the TPM Platform Configuration Registers PCRs Provide state storage Attestation Identity Keys Ale PublicPrivate keys used for remote attestation Program Code Firmware for measuring platform devices Random Number Generator RNG Used for key generation nonce creation etc I l TPM Discrete Components PENNSTATE SHA I Engine Used for computing signatures creating key Blobs etc RSA Key Generation Creates signing keys storage keys etc 2048 bit RSA Engine Provides RSAfunctions for signing encryptiondecryption OptIn Allows the TPM to be disabled Execution Engine Executes Program Code performing TPM initialization and measurement taking Tracking State PENNSTATE Platform Configuration Registers PCRs maintain state values A PCR can only be modified through the Extend operation ExtendPCRi value PCRi SHA1PCRi value The only way to place a PCR into a state is to extend it a certain number of times with specific values Measurement Flow Transitive Trust Application Code OS Loader Code PENNSTATE Secure vs Authenticated Boot Secure boot stops execution if measurements are not correct Authenticated boot measures each boot state and lets remote systems determine if it is correct The Trusted Computing Group architecture uses authenticated boot CSE543 Computer and Network Security Fall 2006 Professor Jaeger PublicPrivate Keys Endorsement Key EK Only one EK pair for the lifetime of the TPM Usually set by manufacturer Private portion never leaves the TPM Storage Root Key SRK Created as part of creating a new platform owner Used for protected storage Manages other keys eg storage keys Private portion never leaves the TPM Attestation Identity Keys Ale Used for remote attestation The TPM may have multiple Ale I l PENNSTATE Protected Storage The TPM has limited storage capacity Key pairs are commonly stored on the system but are encrypted by a storage key Users can protect data by allowing the TPM to control access to the symmetric key Access to keys can be sealed to a particular PCR state PENNSTATE Remote Attestation Before remote attestation can A occur the challenger must 390 quot V have either knowledge of the public portion of an AIK or a S gw39rmtagcr W gt 0 quot CA s public key Old standards required the Privacy CA to know the TPM s PUBlic Endorsement Key PUBEK Direct Anonymous Attestation DAA added to the latest specifications uses a zero knowledge proof to ensure the TPM is real I l PENNSTATE Using TCG Protecting keys and data Approaches Trusted Platform on Demand TPoD IBM Research Tokyo Linux Integrity Measurement Architecture Sailer et al USENIX Security 2004 BIND A Finegrained Attestation Service for Secure Distributed Systems Shi et al IEEE SampP 2005 Network Authentication Trusted Network Connect TNC wwwtrustedcomputinddrouoord How would you do this CSE543 Computer and Network Security Fall 2006 Professor Jaeger PENNSTATE Using TCG Many claim TCG will aid DRM How might one use the TPM for DRM Discuss Trusted Computing is a doubleedged sword so is cryptography PENNSTATE False Claims Having a TPM will keep me from using opensource software No the TCG architecture only specifies authenticated boot This simply records each step but does not and cannot stop the use of opensource operating systems eg Linux TCG PalladiumNGSCB and DRM are all the same No the TPM and TCG are only one of the components required for NGSCB to function Loss of Internet Anonymity The addition of DAA allows Privacy CAs to function with zeroknowledge proofs Others See assigned reading PENNSTATE Challenges What is the correct 08 state How do you verify this state in a heterogeneous environment Do security updates keep me from functioning Administrative overhead Must they know the state of my machine How do we take benefit of the TPM and Trusted Computing