You are on page 1of 76

Network Threats

Security Reference Handbook


A comprehensive categorization of security technologies and their relative threats.

Cryptography

Network Security Page Network Security Tools . . . . . . . . . . . . . . . . . . . . . . . . 2 Network Security Related Standards . . . . . . . . . . . . . . . 3 Authentication Schemes . . . . . . . . . . . . . . . . . . . . . . . 3 Authorization Policy . . . . . . . . . . . . . . . . . . . . . . . . . 4 Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Perimeter Security . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Content Inspection . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Data in Motion Security . . . . . . . . . . . . . . . . . . . . . . . 8 Best Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Wireless Security Issues . . . . . . . . . . . . . . . . . . . . . . 10 Incident Response . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Glossary of Network Security Terms . . . . . . . . . . . . . . . 12 Security Threats Threat Categories . . . . . . . . . . . . . . . . . . Profiles . . . . . . . . . . . . . . . . . . . . . . . . Info Gathering Techniques . . . . . . . . . . . . Impersonation / Spoofing . . . . . . . . . . . . Social Engineering (Attacks against people) Computer Virus . . . . . . . . . . . . . . . . . . . Avenues of Attack . . . . . . . . . . . . . . . . . Vulnerabilities . . . . . . . . . . . . . . . . . . . . General Hacking . . . . . . . . . . . . . . . . . . Denial of Service . . . . . . . . . . . . . . . . . Cracking . . . . . . . . . . . . . . . . . . . . . . . Hybrid Techniques . . . . . . . . . . . . . . . . . Piracy & Digital Rights Management (DRM) . Noteworthy Organizations & Response Teams Web Site Hacking . . . . . . . . . . . . . . . . . Physical Threats . . . . . . . . . . . . . . . . . . Glossary of Security Threats Terms . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40

Cryptography Basic Functionality of Crypto . . . . . . . . . . . . Crypto Primary Function . . . . . . . . . . . . . . . Symmetric/Asymmetric Function . . . . . . . . . . Trust Models . . . . . . . . . . . . . . . . . . . . . . . Certificate Comparison . . . . . . . . . . . . . . . . Secure Messaging with Public Key Cryptography Public-Key Infrastructure & Digital Certificates Relative Strength Comparisons . . . . . . . . . . . ISO Reference/Security Protocols . . . . . . . . . Related Standards . . . . . . . . . . . . . . . . . . . IKE: Key Negotiation . . . . . . . . . . . . . . . . . Time Stamping . . . . . . . . . . . . . . . . . . . . . Protocol Using Crypto . . . . . . . . . . . . . . . . Secure Messaging . . . . . . . . . . . . . . . . . . . Glossary of Cryptography Terms . . . . . . . . . . .

. . . . . . . . . . . . . . .

. . . . . . . . . . . . . . .

. . . . . . . . . . . . . . .

. . . . . . . . . . . . . . .

. . . . . . . . . . . . . . .

. . . . . . . . . . . . . . .

. . . . . . . . . . . . . . .

46 47 48 49 50 51 52 53 54 55 56 57 58 59 61

About Symantec
Symantec, a world leader in Internet security technology, provides a broad range of content and network security solutions to individuals and enterprises. The company is a leading provider of virus protection, firewall and virtual private network, vulnerability management, intrusion detection, Internet content and e-mail filtering, remote management technologies and security services to enterprises around the world. Symantecs Norton brand of consumer security products leads the market in worldwide retail sales and industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 37 countries. For more information, please visit www.symantec.com.

3. Authentication Network Security Reference Schemes

Network Threats Cryptography


1

Network

1. Network Security Tools

Security tools in use today


Host-based Vulnerability Assessment Tools: ESM COPS, NCARP, crack, Tiger, logcheck, tklogger Network Traffic Analysis & Intrusion Detection Tools: NetProwler, tcpdump, synsniff, NOCOL, Shadow Security Management and Improvement Tools:

ESM, crack, localmail, smrsh, logdaemon, npasswd, op, passwd+, S4-kit, sfingerd sudo, swatch, watcher, wuftpd, LPRng Firewall, Proxy amd Filtering Tools: Raptor, fwtk, ipfilter, ipfirewall, portmap v3, SOCKS, tcp_wrappers, smapd Network-Based Vulnerability Assessment Tools: NetRecon, nmap, nessus, SATAN, Internet Scanner Encryption Tools: md5, md5check, PGP, rpem, UFC-crypt One-Time Password Tools: OPIE, S/Key Secure Remote Access and Authorization Tools: RADIUS, TACACS+, SSL, SSH, Kerberos

3. Network 2. Authentication Security Schemes Related Standards

IETF:

Internet Engineering Task force organization

IETF:

Internet Engineering Task force organization

ANSI (ISO/IEC):
ANSI
NCITS (ITI): Information Technology (includes X3, NCITS, ANSI/ISO) ANSI NCITS 118-1998 Personal Identification Number X9 TG-8-1995 Check Security Guideline X9 TG-5-1992 Information Security ISO/IEC TR 13335: Management of IT Security ISO/IEC 9979: Registration of crypto algorithms ISO/IEC 9798: Authentication, D-Sig... ISO/IEC 9797: Message Authentication Codes ISO/IEC 15408: Common criteria for IT ISO/IEC 14888: Digital Signatures ISO/IEC 11770: Key management ISO/IEC 10118: Hash Functions ISO 9735: Electronic data interchange (EDIFACT) ISO 13491: Banking, Mag stripe card systems ISO 10202: Financial transaction cards

BS7799:
http://www.bsi-global.com/group.xhtml http://www.c-cure.org

W3C:

World-Wide Web Consortium

http://www.ietf.org/

Working Groups: Open Specification for PGP (openpgp) Authenticated Firewall Traversal (aft) Common Authentication Tech (cat) IP Security Policy (ipsp) IP Security Protocol (ipsec) IP Security Remote Access (ipsra) Intrusion Detection Exchange (idwg) Kerberized Internet Negoc. Keys (kink) Kerberos WG (krb-wg) One Time Password Authentication (otp) Public-Key Infrastructure (X.509) (pkix) S/MIME Mail Security (smime) Secure Network Time Protocol (stime) Secure Shell (secsh) Securely Available Credentials (sacred) Sec Issues Network Event Log (syslog) Simple Public Key Infrastructure (spki) Transport Layer Security (tls) Web Transaction Security (wts) XML Digital Signatures (xmldsig)

Security related - RFCs


AAA: 2903-06 Algorithms/Crypto: 1319-21, 1984, 2040, 2082, 2403-09, 2612, 2631, 2630, 2628, 2627 PGP: 1991, 2015, 2440 PKCS: 2437, 2985, 2986, PKI, X. 509: 2459, 2510-11, 2527-28, 2585, 2692-93, 2559-60, RADIUS: 2139, 2313-15, 2618-2621, 28652869 S/MIME: 1847-8, 2311-12, 2631, 2632, Secure DNS: 2536-39, 2540-1, 3007, 3008, TLS (SSL): 2595 VPN, Remote Access, IPsec: 1826-7, 2401, 2406, 2402, 2888, 2685 Other: 2504 Users security Handbook 2828 Internet Security Glossary 3013 ISP Security Procedures

British Standard BS7799, first published in February 1995, revised May 1999. "Code of Practice for Information Security Management", due to become an international standard (ISO/IEC 13335). 1. Business Continuity Planning 2. System Access Control 3. System Dev & Maintenance 4. Physical & Environmental 5. Compliance 6. Personnel Security 7. Security Organization 8. Computer & Network Management 9. Asset Classification

W3C Security http://www.w3.org/Security/ Platform for Privacy Preferences (P3P) XML-Signature WG (xmldsig) Metadata Public Policy Role PICS Signed Labels (Dsig) Vendor-Driven Secure XML S2ML, AuthXML

Threats

Common Criteria:
http://csrc.nist.gov/cc/ (CTCPEC, FC, TCSEC and ITSEC Common Criteria for Information Technology Security Evaluation (CC) version 2.1, (ISO) 15408 Smart Card Security Users Group (SCSUG): SCSUG Smart Card Protection Profile: SCPP v2.0

IEEE:
http://ieee-security.org/ 802.10c LAN/MAN Security (SILS) Key Management 1363-2000 Public Key Cryptography 1244.2 -2000 MMS session Security

CVE:
CVE:
http://www.cve.mitre.org/ A list of standardized Names for publicly known vulnerabilities and other information security exposures

WAP:
WAP
http://www.wapforum.org Wireless Transport Layer Security (like SSL) Class1: Anonymous Auth, Class 2: Server Auth, Class 3: Client Auth WPKI: Wireless PKI, (Like IETF PKIX) WML: Wireless Mark-up Language WML Script Crypto Library

Cryptography

Network

3. Authentication Schemes

Something you know:


Passwords Personal Identification Numbers (PIN) Keywords (mothers maiden name, etc.)

Something you have:


Keys Tokens (hardware & software) Cryptocard Smartcards Digital certificates and private keys

Something you are (biometrics):


Fingerprint Iris or retina scan Body geometry Voiceprint Typing characteristics

Remote authentication protocols


NTLM domains RADIUS Kerberos TACACS PAP/CHAP LDAP

Authentication enhancements
Two-factor authentication Password and token, or biometric and password One-time passwords Single sign-on Challenge Response Methods

4. Authorization Policy

POLICIES

IDENTITIES

Roles, Groups, Users (Person, Entities)

Rules for granting privileges / access

Threats

Gatekeepers such as Network Access Servers, Routers, remote access server, Dial-In devices possibly linked via LDAP to a directory or database

DEVICES

Cryptography

1. 2. 3. 4. 5. 6.

Simple permission rights (read, write, delete) (ACL): Access Control List Operating systems (NT or UNIX) functions, NT active directory Single sign-on schemes Object oriented databases (Active Directory - NDS) Privilege Management Infrastructure: (PMI)

METHODS

Network

5. Administration
Routine Basis
12 9 6 3

V.

Periodical

Minimal
Properly configured event & alarm notification utilities on critical devices (Servers, Routers, Firewalls) Apply security patches
6

Review Security Policy Check for vulnerabilities

Make sure passwords are not easily guessed

Satisfactory (all the above)


Proper use of a framework to help manage security Use host and network IDS Real-Time security awareness Manage Change Control to reduce new vulnerabilities Annual Security audit by a reputable third-party Subscribe to a vulnerabilty/threat service (e-securityonline) Review security policy & compliance Train and retrain personnel

Outstanding (all the above plus)


Correlate events & alarms from heterogenous devices Integrate management of firewalls, IDS tools, AntiVirus, vulnerabilities scanners, host syslog event data and more Automate incident management as much as possible Employee/3rd party to conduct white hat testing to guarantee integrity

6a. Perimeter Security

Techniques to prevent unauthorized access and unwanted payloads to and from a network.

Threats Cryptography

INTERNET

Network

6b. Perimeter Security (continued)

Packet-filtering Firewall Controlling access to and from a network by analyzing the incoming and outgoing packet headers (IP address & port #) and letting them pass or blocking the packets. Statefull Inspection Analyze, track and follow each connection in a statetable and monitor for policy violations Proxy-based Firewall / Server Terminates all sessions entering and leaving a network, and reestablishes those sessions using its own version of the protocol. This ensures that the protocol is authentic according to the firewall and limits the services function.

Intrusion Detection System (IDS) A near real-time detection system either network-based, host-based or combination of both, that provides notification of an attack or exploit. It should promptly diagnose & notify the staff when an attack is in progress. Remote Access Server (RAS), Access Control Server Enables users to connect to a private network using a modem and supports protocols like TCP/IP, IPX, and NetBeui. VPN clients over the Internet to a corporation network are taking over traditional RAS connections. Application Gateway An application specific process providing proxy and translation services.It can apply security to specific applications, such as FTP and Telnet servers. Content Inspection Device A device that inspects data for unwanted payloads (Virus), blocks specific URLs, blocks pre-identified fingerprinted data, or performs key-word search & blocking. The device inspects both incoming and outgoing data. Air Gap Techniques A device that sits in between internal & external networks transferring data between the networks. Using shared memory to maintain a physical barrier between the networks. Imagine someone swapping floppy disks between two machines really quickly. Demilitarized Zone (DMZ) A segment of the network that sits between the Internet and an internal network's line of defense. Typically, the DMZ contains devices accessible to Internet traffic, such as Web (HTTP) servers, FTP servers, SMTP (e-mail) servers and DNS servers.

VPN Server / Router A device to create a secure private network over public networks to connect nodes. These systems use encryption and other security mechanisms to ensure that only authorized users can access the network and that the cipher text data in transit is unintelligible. Circuit-level Gateway Creates a client / server connection without interpreting the application protocol, similar to Packetfiltering. Once the connection has been made, packets can flow between the hosts without further checking. Network Address Translator (NAT) Changes internal addresses, which might not be routable, to a valid external address for delivery over a public network. It also changes the external address to an internally useable format. NAT provides a basic type of firewall by hiding internal IP addresses.

7. Content Inspection

Source
1

Payload
Malicious Code Virues Macros Trojans Active content Mobile code

Te c h n o l o g i e s
Signatures Heuristics Keyword search Script based behavior blocking & recognition Patter n matching of known targets via overlapping hash values Suppor t vector machine analysis Allow /Deny Lists
(Web site or E-mail)

email

Threats

Inbound Outbound Internal


End User

Inbound
We b P a g e

2 Unwanted Content Inappropriate Material Confidential Spam Non-Work related Redundant messages (Jokes) Large files (Videos)

Content Inspection Engine

Full Word Relationship Scanning


(Dynamic Document Review)

DDR

TM

Files

Cryptography

Content Arriving from... Internet Intranet Extranet Internal

Diskettes or other exchangeable media

Network

8a. Data in Motion Security

a) VPN (Vir tual Private Network)

Network Server
END STATION (E.S.) INTERMEDIATE STATION (I .S.) Internet Cloud
LNS

END STATION (E . S. )

10

Certifying Authority
(Issues, Revokes Certificates)

IPsec Manager
(Creates, Modifies, Deletes Security Associations/Rules)

IPsec Host
Any Networked Device

Edge Device
(Firewall/Router)

Inside Corporate Network - Intranet

V P N - V i r t u a l P r i v a t e N e t w o r k ( Tu n n e l - M o d e )

E n d - t o - E n d ( Tr a n s p o r t - M o d e )
LT2P PPP IP

8b. Data in Motion Security, (continued)

b) IPSEC (IETF standard)


D i r e c t or y Ser vices I P S e c u r it y P o l ic y SA Ne g ot i a t i on IPSe c Dr i v e r I KE Us e r 1 o n h o s t A S e c u r it y A s s o c ia t ion A p p l ic a t io n Key Exchange S e c u r i t y A s s oc i a t i on IKE U s e r 2 on h os t B I P S ec Driv er IP Security P ol i c y

Po l ic y Ag e n t

P ol i c y A g e n t

Threats

11
A p p l i c a t i on

Tr a n s p o r t T C P /UD P IP Layer Encr ypted IP packets

Tr a n s p or t TCP/UDP

IP S e c D r ive r

IPSec Driver

Cryptography

IPSec and Security

IP HDR
Tu n n e l M o d e

D a ta

IP HDR

Data
Transport Mode

New IP HDR

IPSec HDR

IP HDR

Data

IP HDR

IPSec HDR

Data Encr ypted

Encr ypted

Network

8c. Data in Motion Security, (continued)

c) SSL (TLS)

SSL/TLS

(https://)

Browser

First time exchange of messages with no client authentication no session id, no client authentication

12
Message Type Direction Data Transferred

Client-hello Server-hello Client-master-key

C>S C<S C>S

challenge data connection-id, server-certificate, cipher-specs cipher-kind, clear-master-key, {secret-masterkey} server-public-key {connection-id} client-write-key {connection-data} server-write-key {session-id} server-write-key

Client-finish Server-verify Server-finish

C>S C<S C<S

9. Best Practices

Rules to Live by
1. Top Management MUST buy into the security initiative 2. Meet standard of due care 3. Some degree of security is better than nothing 4. Nothing is completely secure, so why aim for perfection 5. Youre only secure as your weakest link 6. Security is an Investment, not an expense 7. Protect valuable assets against probable threats 8. Layer security solutions by users & app plus logical entities
L

Intranet
min
o

Ad

istrative Autho

rit

mm Sys tem l Co ca

End Systems

Threats

Internet

13

Developing a Plan 1. Preparation Create Security Usage Policy Conduct Risk Analysis Establish a Security Team Structure 2. Prevention Approving Security Changes/Modifications Ongoing Monitoring & Administration 3. Response Security Violations Restoration Review & Forensics Security Usage Policy Risk assessment Security architecture guide

Cryptography

Business needs assessment

Incident response procedures Acceptable use policies

System administration procedures

Periodic re-evaluation

Network

10a. Wireless Security Issues

Metropolitan & Wireless-Carrier


(almost anywhere, cities)

V. Personal Area Network (PAN) & Local Area Network (LAN)


(in building, campus, airport)

Threats
Threat: Eavesdropping (2-5 MHz at 1w) Protection: Threat: Location independence, attackers physical location flexibility Protection: Link-level ciphering by MAC-entities Authentication mechanism is critical

Threat: Employees cobbling together wireless net without IT involvement Protection: Notify employee of corp. regulations and scan for devices Threat: Spamming a carriers wireless customers Protection: Use content filtering technology (BrightMail) Threat: Denial-of-Service via powerful interference transceiver Protection: Very expensive tempest or faraday environment or use of spread spectrum transmission (direct sequences)

14

WAP (WTLS, WPKI) TDMA (EPE: Enhanced Privacy and Encryption) SME: Message Encryption, CMEA: Cellular Message Encryption Algorithm CAVE: authentication algorithm, DCCH: Digital Control Channel DTC: Digital Traffic Channel keys, VPM: Voice Privacy Mask

Security Protocols
802.11 WEP

Services
Accounting, Billing, WAP, SMS (Short Message Service), AntiVirus, Content Filtering, Vulnerability Assessment, IDS Free-Based Local Area Access, Network Management, AntiVirus, Content Filtering, Vulnerability Assessment, IDS

Device O/S
General OEMed Multivendor: Palm, PocketPC (MS-CE), EPOC MOBILE PHONE PROPRIETARY: Nokia, Motorola, Ericcson Other: iMODE (DoCoMo), StarFISH MS-Windows, Palm, PocketPC (MS-CE), Psion, EPOC

Transmission
VOICE-CENTRIC W/SLOW DATA: TDMA, CDMA, GSM DATA-CENTRIC W/VOICE: CDPD, EDGE, GPRS BROADBAND VOICE/DATA: UTMS (3G-G3PP, 3GPP/2) IEEE 802.11, IrDA, BlueTooth

10b. Wireless Security Issues (continued)


Transmission

VOICE-CENTRIC W/SLOW DATA: TDMA, CDMA, GSM DATA-CENTRIC W/VOICE: CDPD, EDGE, GPRS BROADBAND VOICE/DATA: UTMS (3G-G3PP, 3GPP/2)

IEEE 802.11, IrDA, BlueTooth

Bluetooth Security (Trusted Device)


User Interface General Mgmt Entity

Application

Application

Application

Threats

3 (or other multiplexing protocol) 7 2

RFCOMM

Security Manager
4

Service Database

15
Device Database

L2CAP
1 6 5

HCI Link Manager/Link Controller

1. 2. 3. 4. 5.

Connect request to L2CAP L2CAP request access from the security manager Security manager: lookup in service database Security manager: lookup in device database If necessary, security manager enforces authentication and encryption 6. Security manager grants access 7. L2CAP continues to set-up the connection

Legend Query Registration

Cryptography

Network

11a. Incident Response

Incident Response Sequence


1. Understand the extent and source of an intrusion 2. Protect sensitive data contained on systems 3. Protect the systems, the networks, and their ability to continue operating as intended 4. Recover systems 5. Collect information to better understand what happened 6. Support legal investigations 7. Communicate with all parties that need to be made aware of an intrusion and its progress
16

8. Collect and protect information associated with an intrusion 9. Apply short-term solutions to contain an intrusion 10. Eliminate all means of intruder access 11. Return systems to normal operation 12. Identify and implement security lessons learned Computer Forensics (After the fact, Preserve data for admissibility) Rules
1. Never mishandle evidence 2. Never work with the original evidence by using Ghost to make copy disks and work with ghosted copy 3. Never trust the suspects operating system, (use a forensic Boot Disk) 4. Document everything!

11b. Incident Response, (continued)

Preparation & Response Timeline

Lessons

Threats

Return Eliminate Contain

17

Collect and Protect Communicate Analyze

Prepare Policy

Prepare Policy

Cryptography

Time

T0

T1

T2

T3

Tn

Tn+1

Network

12. Glossary of Network Security Terms


Access Control: Protection of system resources against unauthorized access. Access Control List (ACL): the identities of the system entities that are permitted to access the resource. Access Control List (ACL): A collection of access control entries that define a hierarchy of access rules to be evaluated when a server receives a request for access to a particular resource. See access control entry (ACE). Accountability: The property of a system (including all of its system resources) that ensures that the actions of a system entity may be traced uniquely to that entity, which can be held responsible for its actions. Administrative Security: The management constraints, operational procedures, accountability procedures, and supplemental controls established to provide an acceptable level of protection for sensitive data. Administrator: The person who installs and configures one or more CMS managers and sets up privileged users, or agents, for them. AH (Authentication Header): provides connectionless integrity, data origin authentication, and an optional anti-reply service for IPsec. Assets: Information or resources to be protected. Assurance: Grounds for confidence that an entity meets its security objectives. Attribute Value Assertion (AVA): An assertion of the form attribute = value, where attribute consists of a tag, such as an (organization) or UID (user ID), and value consists of a value, such as Symantec or a login name. AVAs are used to form the distinguished name (DN) that identifies the subject of a certificate (called the subject name of the certificate). Authentication: Confident identification; that is, assurance that a party to some computerized transaction is not an impostor. Authentication typically involves the use of a password, certificate, PIN, or other information that can be used to validate identity over a computer network. Authentication Data: Information used to verify the claimed identity of a user. Authorization: to convey official sanction, access or legal power to an entity. Biometric Authentication: A method of generating authentication information for a person by digitizing measurements of a physical characteristic, such as a fingerprint, a hand shape, a retina pattern, a speech pattern (voiceprint), or handwriting. Call Back: An authentication technique for terminals that remotely access a computer via telephone lines. The host system disconnects the caller and then calls back on a telephone number that was previously authorized for that terminal. Classification Level: A grouping of classified information to which a hierarchical, restrictive security label is applied to increase protection of the data. Clean System: A computer system in which the operating system and application system software and files have just been freshly installed from trusted software distribution media. Common Criteria: This standard addresses data confidentiality, data integrity, and availability and may apply to other aspects of security. It focuses on threats to information arising from human activities, malicious or otherwise, but may apply to non-human threats. It applies to security measures implemented in hardware, firmware, or software. Computer Emergency Response Team (CERT): An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security. Confidentiality: the act of keeping something private and secret from all but those who are authorized to see it. Configuration Control: The process of regulating changes to hardware, firmware, software, and documentation.

18

12. Glossary of Network Security Terms


Contingency Plan: A plan for emergency response, backup operations, and post-disaster recovery. Credentials: something that provides a basis for credit or confidence. Data Integrity: The property whereby has not been changed, destroyed, or lost in an unauthorized or accidental manner. Directory Access Protocol (DAP): An OSI protocol [X519] for communication between a Directory. User Agent (a client) and a Directory System Agent (a server). Disaster Plan: A synonym for contingency plan. DNSSEC (Domain Name System Security Working Group): a proposed IETF draft that will specify enhancements to the DNS protocol to protect the DNS against unauthorized modification of data and against masquerading of data origin. It will add data integrity and authentication capabilities to the DNS via digital signatures. Domain: Security usage: An environment or context that is defined by a security policy, security model, or security architecture. Dual Control: A procedure that uses two or more entities (usually persons) operating in concert to protect a system resource. Electronic Commerce: General usage: Business conducted through paperless exchanges of information, using electronic data interchange, electronic funds transfer (EFT) other paperless technologies. End-to-End Encryption: Continuous protection of data that flows between two points in a network. ESP (Encapsulating Security Payload): a vehicle for access control based on distribution of cryptographic keys that provides data confidentiality and limited traffic flow confidentiality. Extranet: A computer network that an organization uses to carry application data traffic between the organization and its business partners. Evaluation Assurance Level (EAL): A package consisting of assurance components from Part 3 that represents a point on the Common Criteria predefined assurance scale. Filtering Router: An internetwork router that selectively prevents the passage of data packets according to a security policy. Firewall: An internetwork gateway that restricts data communication traffic to and from one of the connected networks. Honey Pot: A system (e.g., a web server) or system resource (e.g., a file on a server), that is designed to be attractive to potential crackers and intruders, like honey is attractive to bears. https: HTTP enhanced by a security mechanism, which is usually SSL. Identity-Based Security Policy: A security policy based on the identities and/or attributes of users, a group of users, or entities acting on behalf of the users and the resources/objects being accessed. IETF (Internet Engineering Task Force): An open standards group chartered by the Internet Society (ISOC) which has a working group dedicated to security. (ietf.org) INFOSEC: security measures that implement and assure security services in computer systems. Integrity: assurance that data is not modified (by unauthorized persons) during storage or transmittal. Internet Protocol security (IPsec): Architecture specifing (a) security protocols (AH and ESP), (b) security associations (c) key management (IKE), and (d) algorithms for authentication and encryption. Intrusion Detection: A security service that monitors and analyzes system events for the purpose of finding, and providing real-time or near real- time warning of, attempts to access system resources in an unauthorized manner. IPsec (Internet Protocol Security): an IETF standard for TCP/IP layer security that provides encryption, host authentication and data integrity. ISA/KMP (Internet Security Association, Key Mgt. Protocol): defines the procedures for authenticating a communicating peer, creation and management of Security Associations, key generation techniques, and threat mitigation (e.g., denial of service and replay attacks).

Threats Cryptography

19

Network

12. Glossary of Network Security Terms


Layer 2 Tunneling Protocol (L2TP): An Internet client-server protocol that combines aspects of PPTP and L2F and supports tunneling of PPP over an IP network. L2 CAP (logical Link Control and Adaption Protocol): A protocol layered over baseband protocols at the data link layer, providing connection and connectionless data ervices. Lightweight Directory Access Protocol (LDAP): A client-server protocol that supports basic use of the X.500 Directory. Link encryption: Stepwise protection of data that flows between two points in a network, provided by encrypting data separately on each network link, Login: The act of a system entity gaining access to a session in which the entity can use system resources. Non-Repudiation Service: A security service that provide protection against false denial of involvement in a communication. Object Identifier (OID): An official, globally unique name for a thing, written as a sequence of integers. On-line Certificate Status Protocol (OCSP): An Internet protocol used by a client to obtain from a server the validity status and other information concerning a digital certificate. One-Time Password (OTP): Authentication technique in which each password is used only once. Orange Book: the National Computer Security Center book entitled Department of Defense Trusted Computer Systems Evaluation Criteria that defines security requirements. OSCP: (Online Certificate Status Protocol): An internet standard for verification of an X.509 cert in PRIX. An excellent real-time validity check over basic CRLs. Password: A secret data value, usually a character string, that is used as authentication information. Payment Gateway: SET usage: A system operated by an acquirer for the purpose of providing electronic commerce services to the merchants. Penetration Test: A system test, often part of system certification, in which evaluators attempt to circumvent the security features of the system. Point-to-Point Tunneling Protocol (PPTP): Client-server protocol that enables a dial-up user to create a virtual extension of the dial-up link across a network by tunneling PPP over IP. Protection Profile (PP): An implementation-independent set of security requirements for a category of TOEs that meet specific consumer needs. Proxy Server: A computer process that relays a protocol between client and server computer systems, by appearing to the client to be the server and appearing to the server to be the client. Public-Key Certificate: Digital certificate that contains a sequence of data items and has a digital signature computed on that sequence. RADIUS (Remote Authentication Dial-In User Service): an IETF protocol (developed by Livingston, Enterprise), for distributed security that secures remote access to networks and network services against unauthorized access. RADIUS comprised of two pieces: authentication server code and client protocols. Risk: An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability with a particular harmful result. Root: 1) A CA that is directly trusted by an end entity, or the CA that is the highest level. 2) A user account that has all privileges (including all security-related privileges) and thus can manage the system and its other user accounts. SCEP: (Simple Certificate Enrollment Protocol): a PKI communication protocol which leverages existing technology by using PKCS#7 and PKCS#10 to secure issuance of certificates to network devices in a scalable manner.

20

12. Glossary of Network Security Terms


Secure Socket Layer (SSL): A protocol that allows mutual authentication between a client and server and the establishment of an authenticated and encrypted connection. SSL runs above TCP/IP and below HTTP, LDAP, IMAP, NNTP, and other high-level network protocols. Security: The condition of system resources being free from unauthorized access and from unauthorized or accidental change, destruction, or loss. Security Architecture: A plan and set of principles that describe (a) the security services that a system is required to provide to meet the needs of its users, (b) the system elements required to implement the services, and (c) the performance levels required in the elements to deal with the threat environment. Security Audit: An independent review and examination of a system's records and activities to determine the adequacy of system controls, ensure compliance with established security policy and procedures, detect breaches in security services, and recommend any changes that are indicated for countermeasures. Security Clearance: A determination that a person is eligible, under the standards of a specific security policy, for authorization to access sensitive information or other system resources. Security Perimeter: The boundary of the domain in which a security policy or security architecture applies. Separation of Duties: The practice of dividing the steps in a system function among different individuals, so as to keep a single individual from subverting the process. Secure Electronic Transaction (SET): A protocol to provide confidentiality of transaction information, payment integrity, and authentication of transaction participants for payment card transactions over unsecured networks, such as the Internet. Single Sign-On: A system that enables a user to access multiple computer platforms or application systems after being authenticated just one time. SKIP (Simple Key for IP): simple key-management for Internet pro-

tocols, developed by Sun Microsystems, Inc.

Smart Card: A credit-card sized device containing one or more integrated circuit chips, which perform the functions of a computer's central processor, memory, and input/output interface. SMS (short message service): A globally accepted wireless service for transmitting alphanumeric messages between mobile and external systems. SOCKS: An Internet protocol [R1928] that provides a generalized proxy server that enables client-server applications. Survivability: The ability of a system to remain in operation or existence despite adverse conditions. Standards for Interoperable LAN/MAN Security (SILS): A developing set of IEEE standards including security management, Secure Data Exchange protocol, Key Management, SDE Sublayer Management, SDE Security Labels, and PICS Conformance. Strength of Function (SOF): A qualification of a TOE security function expressing the minimum efforts assumed necessary to defeat its expected security behavior by directly attacking its underlying security mechanisms. S/WAN (Secure Wide Area Network): RSA Data Security, Inc. driven specifications for implementing IPSEC to ensure interoperability among firewall and TCP/IP products. S/WAN's goal is to use IPSEC to allow companies to mix-and-match firewall and TCP/IP stack products to build Internet-based Virtual Private Networks (VPNs). System Integrity: The quality that a system has when it can perform its intended function in a unimpaired manner, free from deliberate or inadvertent unauthorized manipulation. TACACS+ (Terminal Access Controller Access Control System): a protocol that provides remote access authentication, authorization, and related accounting and logging services, used by Cisco Systems.

Threats Cryptography

21

Network

12. Glossary of Network Security Terms


Target of Evaluation (TOE): An IT product or system and its associated administrator and user guidance documentation that is the subject of an evaluation. TEMPEST: A nickname for specifications and standards for limiting the strength of electromagnetic emanations from electrical and electronic equipment and thus reducing vulnerability to eavesdropping. TLS (Transport Layer Security): an IETF draft, version 1 is based on the Secure Sockets Layer (SSL) version 3.0 protocol, and provides communications privacy over the Internet. Threat Analysis: An analysis of the probability of occurrences and consequences of damaging actions to a system. Token: An object that is used to control access and is passed between cooperating entities in a protocol that synchronizes use of a shared resource. TOE Security Functions (TSF): A set consisting of all hardware, software, and firmware of the TOE that must be relied upon for the correct enforcement of the TSP. Transport Layer Security (TLS): Internet protocol [R2246] based-on and very similar to SSL Version 3.0. Transport Mode: The IPsec protocol encapsulates the packets of upperlayer protocols. Trust: The extent to which someone who relies on a system can have confidence that the system meets its specifications. Tunnel: A communication channel created in a computer network by encapsulating (carrying, layering) a communication protocol's data packets in (on top of) a second protocol that normally would be carried above, or at the same layer as, the first one. Tunnel-Mode IPsec: A secure connection between an End Station (ES) and an Intermediate Station (IS), or between two IS devices, also known as a VPN. Validate: When referring to a process intended to establish the soundness or correctness of a construct. Validation: a means to provide timeliness of authorization to use or manipulate information or resources. Verification: to authenticate, confirm or to establish accuracy. Verify: When referring to a process intended to test or prove the truth or accuracy of a fact or value. Value-Added Network (VAN): A computer network or subnetwork that transmits, receives, and stores EDI transactions on behalf of its customers. Virtual Private Network (VPN): A restricted-use, logical (i.e., artificial or simulated) computer network that is constructed from the system resources of a relatively public, physical (i.e., real) network (such as the Internet), often by using encryption and often by tunneling links of the virtual network across the real network. VRRP (Virtual Router Redundancy Protocol): An election protocol that dynamically assigns responibility for one or more virtual router(s) to the VRRP router(s) on a LAN, allowing several routers on a multiaccess link to utilize the same virtual IP address. WHOIS: An Internet utility that returns information about a domain name or IP address. XTACACS: An extension to the TACACS protocol (developed by Cisco) which permits sending and authenticating SLIP/PPP requests, CHAP/ARAP authentication etc.

22

Security Threats Reference

Threats Cryptography

23

Network

1. Threat Categories

SECURITY THREATS

Human

Non-Human (Hardware/Software/Network) Bugs, Trap Doors Product Failure (MTBF) A/C or Power Failure
(events that can be open security Breaches)

Natural Disasters Floods Fires Earthquakes Hurricanes

Threats

Malicious

Non-Malicious

24

Outsiders like Crackers Hackers

Insiders like Disgruntled Employees

Ignorant Employees

2. Profiles (Whos breaking in?)

The Culprits
Corporate Spies Governments
(Intelligence Agencies)

Skill
Med- High High Med High Med - High Low Med - High Med - High Med - High Med - High

Knowledge of target
Med - High Med - High High Med Med Low High Med No target Med - High

Resources
Med - High High Med Med - High Med Low Med Med Med Lo - Med

Motivation
Financial, Competitive Gain National Interests Financial, Revenge Religious, Political Ideals Financial, control/power Intellectual curiosity, recognition Recognition, professed security improvement Playing both black & white hat roles, for hire or not Improved Security
(but write tools that are used by Novices)

Insiders Terrorists Career Criminals Hackers Novice Black Hat


(Malicious)

(Employees, Contractors) NOTE: Usually they have authority and access to some degree 25

(Script Kiddie, Wannabe) NOTE: They have lots of time and are dangerous because they dont always know what they are doing

Cryptography

Grey Hat White Hat


(Noble or Old-school)

Hacktivist

Political activist wanting to make a statement

Network

3. Info Gathering Techniques

Social Engineering techniques to gather account numbers, passwords, etc. Accessing Public Material
1. Government websites, search engines, InterNIC and other online services 2. Bulletin boards, log-in screens, phone directories, articles, news clippings, financial statements 3. Investigative services

Threats

IP Address Scanning; ping, TJping, traceroute Port Scanning; Ultrascan, NMAP, Slow Scan Attack, used to avoid detection Utilities & Unix/NT Commands; Finger, Netstat, Rpcinfo, nslookup, whois, Browser to View Source,
26 Telnet to connect to any available port and see what you get, for example s/w version numbers expn root @foo.com, rlogin, rsh, rexecd, look for /etc/shadow, /etc/passwd, /etc/aliases and try to mail these files back to yourself

Man-in-the-middle;
Packet sniffing via protocol analyzers (ethfind, sniff, netmon, tcpdump, for example) that have: 1. Physical network access: tapping in via a phone closet, unused network jack, or cable modem 2. Compromise a host in the network path 3. Rerouting data via spoofed RIP, DNS, or ICMP redirect packets War Dialing; an automated tool that finds internal modems to exploit. ToneLOC, AIO, Modem Hunter and Demon Dialer are other examples

Rogue Applications; GetAdmin, NetBUS, BackOrifice to get info, passwords... Dumpster Diving; After hours digging through corporate trash Shoulder Surfing; or overhearing conversations on Airplane, Bus, Restroom, anywhere in public Malicious Web Crawlers; search internet for vulnerable web sites (ie cgi bin vulnerabilities)

4. Impersonation / Spoofing
Type of spoof
Email

Scenario
Send bogus message with a fake From line to an SMTP server Attacker sends email via anonymous remailer account Use someone else's login and password to get on a host Send bogus RIP or ICMP redirect packets to a router, or send a source-routed packet to a host Send bogus email to the InterNIC requesting bogus domain name change or alternate IP address Send an unsolicited reply containing a bogus domain name/address pair to victim's DNS server Send a packet with a bogus source IP address to a trusting host Attacker inserts bogus packets into an established sesson, HUNT and Juggernaut are examples Attacker creates a shadow copy of the entire website, traffic is funneled through the attackers machine, allowing monitoring of the victims activities, passwords, account numbers

Why it can happen


No authentication in SMTP

How to prevent it
Check source IP address of raw message or use digital signatures Use digital signatures

Anonymous remailer

No authentication in SMTP

Login

Careless with passwords

Protect passwords or use strong authentication Don't use them with untrusted networks

Routing

No authentication in RIP, ICMP redirects, source routed packets InterNIC doesn't fully authenticate unless customer requests it No authentication in DNS

Third party

Have InterNIC authenticate changes to your domain Use modified DNS that doesn't cache entries

27

DNS spoofing

IP address

Source address is rarely checked. Authentication already occurred

Block trusted internal addresses from entering your network

Cryptography

Session hijacking

Encrypt sessions

Web spoofing http://www.cs.princeton.edu/si p/pub/spoofing.html

A "man in the middle attack" where the attacker rewrites all of the URLs on some Web page so that they point to the attacker's server rather than to some real server

Disable JavaScript, make sure your browser's location line is always visible, pay attention to the URLs displayed

Network

5. Social Engineering (Attacks against people)

Authority Attack (with or without artifact)


Using fake badge, utility service outfit to gain info or access or identify a key individual by name/title as supposed friend or acquaintance or claiming authority and demanding information (impersonation)

The 10 Attack
Using a sexually attractive individual to gain info or access

Rubber-Hose Attack
Brute force, threatening, gun-to-head or blackmail

Zero-Sum Knowledge Attack

Pay-olla Attack
Bribery, plain and simple $$$

Threats

Baiting someone to add, deny or clarify pseudo knowledge of the attacker, claiming to know more than you do, to solicit more info

The boy who cried wolf Attack


Setting off a series of false alarms that cause the victim to disable their own alarm system

28

Exaggerated / Knee-jerk Response Attack


Making an outlandish lie in order to get an informational response

Help Desk Attack


Impersonating a current or new end-user needing help with access to a net/server

Persistent Attack
12 9 6 3

Continuos harassment using guilt, intimidation and other negative ways to reveal info

Go with the Flow Attack


Crowded venues are a great time and place to gain access and information, such as a corporate party that has hundreds of employees, just act like youre one of them

Stake-Out Attack
Analyzing activity over time, people movement & actions, deliveries of supplies

Fake Survey/Questionnaire Attack


Win a free trip to Hawaii, just answer these questions about your network

6. Computer Virus
Classes of Viruses

Pure Virus Malicious program that inserts some or all of its own code into another file. These "infected" files are usually program files or data files that contain executable content. Worm Malicious program that has the ability to distribute itself to other users. The most common method of distribution is email. Trojan Horse Malicious program that masquerades as a useful or fun program, but actually performs malicious activity, such as destroying data. Although there are three distinct classes of malicious programs, sometimes virus writers create programs that have attributes of more than one class, such as a trojan horse that deletes files and sends itself out to other users via email.

Malicious Activity
Network-aware infection Mass mailing

Description
The ability to enumerate available network file stores and infect files on those stores. Sends emails out to other users, usually with the malicious code body embedded in or attached to the email. Various files are removed from the system or corrupted. The files that are targeted for deletion may be particular file types or all files on the system. Finds personal information, such as passwords or credit card numbers, and sends it to a predetermined email or Internet location. Hooks are inserted into various system components to allow monitoring or disabling of those components or possibly the alteration of their functionality. Sometimes hooks are used to automatically launch the malicious program. Attempt to flash the BIOS or erase the CMOS settings. Displays messages or graphics. Once installed on a system, these threats listen for commands coming from other computers and then execute them. Method that the virus writer users to falsely describe the malicious program to the user so that the user will be enticed to run the program.

Symptoms
Infected files detected on file servers or systems with open shares. Viruses with this capability can spread through a network rapidly. Email servers become slower and sometimes crash. The impact these types of threats have can be considered a denial of service attack. Programs may no longer launch; data files may no longer be available; general system instability.

Examples
W32.Funlove, W32.HLLW.Bymer, Worm.ExploreZip VBS.LoveLetter, Wscript.Kakworm, W32.Prolin.Worm, Worm.ExploreZip W32.Kriz, Worm.ExploreZip, VBS.NewLove.A

File destruction

Data export

Generally there are no outward signs of this activity, other than possible higher Internet access charges.

Buddylist, PWSteal.Trojan

29

System interception

Additional emails may be sent with normal outgoing mail; browser functionality may be limited or altered.

W95.MTX, W32.Navidad, Happy99.Worm

Hardware damage Visual payload Backdoor/remote control

Power On Self Test may not begin, hard drives may not be properly identified. Various messages or graphical images may appear. New icons may appear in the system tray. Excess network traffic, unusual activity on IP/UDP ports. Threats that perform denial of service attacks often use these backdoor mechanisms to carry out the attack. The user may get an email that has an intriguing or enticing subject or message. Sometimes users encounter files that have been posted to news groups that purport to be pictures of a risque nature.

W32.Kriz, W95.CIH W32.Navidad, KeyPanic.Trojan, Happy99.Worm Backdoor.SubSeven, BackOrifice, NetBus

Social engineering

W32.Funlove, PrettyPark.Worm, Mypics.Worm

Note: Information on these and other malicious programs can be found on the Symantec AntiVirus Research Center Web site at http://www.sarc.com.

Network

7. Avenues of Attack
Employee, Contractor or Access to a Wiring Closet on-site

Indirection for the attacker is critical, aka covering your tracks

INTERNAL THREAT

Innocent third parties Company ISP University

Tr a n s p o r t a t i o n
(Removable Media, Jazz, Zip, CD)

INTERNET

Threats

Modem

or

Com

Server

30
BACK
ISP 1 Com Server ISP 2
VPN

DOOR
Switch

POP
UNIVERSITY

POP
Head End Device

TRUSTED
Internal Net

LINK
Web

System Administrator
VPN Server Server Mail Gateway DNS

Remote Access Server

Free Neighborhood Victims

Com Server

PA R T N E R OF XYZ Co.
Router

ISDN Cable Modem Modem

Router

FRONT
xDSL

DOOR

XYZ Co.

EXTERNAL THREAT
Outside Inside

8. Vulnerabilities

1. Easily Guessed Passwords Too short Too simple (not using numbers, both cases and special characters) Using common (dictionary) words Using simple tricks (adding a number or reversing the login name) 2. Out of date Software (Security Patches Not Installed) 3. Misadministration of Systems Services left on (lots of defaults come with every OS) Accounts not closed, or too many accounts Default accounts left in Trusted services not sufficiently restricted 4. Not Keeping Secrets Writing passwords down (where people can see them) Sending confidential data in email (its like a postcard!) Using protocols that transmit passwords in the clear (FTP, HTTP, POP3, Telnet, SNMP) Sending confidential data in FTP or HTTP 5. Untrained Personnel with lack of Security Awareness Naivete to social engineering techniques Dont understand reasons and methods for protecting private information

6. Running Trusted Services Over Untrusted Networks NFS Windows Disk Sharing R commands (rsh, rlogin, rexec) X Windows 7. Trusting Protocols that dont Authenticate DNS ICMP Redirect SMTP Source Routing Option RIP

8. Trusting things you get from others Executable code (Trojan Horses, Virii) Active content (a special form of executable code. Examples: JavaScript, ActiveX, Java, Macros, PostScript) Input data to your scripts (may contain special characters, hidden commands or overflow buffers) 9. Stupid Vendor Tricks Trapdoors left in Security not designed in Poor applied cryptography, or using 40-bit ciphers

31

Cryptography

Network

9. General Hacking

1. Exploit misadministration
- Guess or use purloined password to access account via hole in firewall or dial-up modem. - Access services left on that are insecure TFTP, etc. - Use leftover debugging tool to gain access phf.cgi, files.pl

4. Exploit features accessible from outside, or on client hosts


- Malicious code embedded in active/mobile code - Javascript (Use Excel CALL function, for example) - ActiveX - Java - NTFS Streams - Postscript - Make CD with AutoPlay that installs virus or backdoor program.

Threats

2. Exploit software bugs 32


- Buffer overflow to run malicious code - Insert special characters in input to victims application or web page - Use debug options or trapdoors in unpatched software - Use race condition to increase level of access (get root or administrator)

5. Misc. Hacker tools


- Core dump analyzer - Hex editor - Modem Jammer: Prevents modem calls from being traced - Netcat: An excellent TCP/UDP connection tool by The Hobbit and weld pond

3. Get victim to run Trojan Horse program (like a game or cute display) to install backdoor program
NetBus, BackOrifice which gives attacker access.

6. E-shoplifting
- Modified html returned to vendor site

10. Denial of Service

Attack Upload large files via FTP Causing large error messages in logs SYN Flood Teardrop Smurf Snork UDP Bomb OOB attack Ping of Death Flood Ping WinNuke Land Mailbombs, spam

Disk X X

Network Bandwidth

Internal Data Structure or BufferOverflow X X X

CPU cycles or crash X X

Notes Fill the disk with junk data Overflow disk or buffer Lock up port for short time Overlapping IP fragments Redirected broadcast, spoof IP address of victim a source Send spoofed error message to NT RPC port 135 Spoof packet between echo and chargen ports Uses bogus urgent data pointer values Buffer overflow of the IP datagram Swamps the network Send garbage to port 139 on NT Send spoof of victim as source Overloading email server/gateway or users mailbox
LiquidNuker

X X X X X X X X X

X X X X X X X

33

Examples:

Mailbombs SYN FLOOD

Aenima 2.0 WIN NUKE

ZERO LENGTH Wnuke5

WinGenocide Avalanche 3.0 4.0

Nuker

Cryptography

Distributed Denial of Service Attack (DDos) Examples: Trinoo, TFN, TFN2K, Stacheldraht A very serious threat that involves many machines in a coordinated attack to exhaust bandwidth, router processing capacity and network stack resources to break connectivity 1) Create a DDoS network of machines by breaking in, gain root access & remote control, install attack software 2) Send command packets to instruct all captured machines about type of flood attack, duration and target address 3) The network of DDoS machines send streams of packets (with forged source addresses) to the victim (i.e. smurf attack to provoke multiple echoes aimed at victim)

Network

11. Cracking

Light-weight (Easy Brain Dead Stuff)

Welter-weight (Mostly time consuming) Dictionary Attacks based on 1.Collegiate wordlist/namelist, 2. English wordlist 3. International wordlist & pattern list 4. Substitution filters; o=0, 1=!, for=4, to=2, E=3 Examples of Password/ Passphrase Guessing Crack v5.0 L0pht Crack v2.0 for NT NetBUS FastZip Password Jack the Ripper

Threats

Middle-weight (Requires both brains and computer resources) Bruteforce/Exhaustive Key Search Asymmetric/Symmetric Cipher this may take a very long time depending on key length 40-bit: Minutes 56-bit: Hours/Days 128-bit: Forget it! SSL PKCS#1 Saltine Cracker

Heavy-weight (Hard - Rocket Science) Linear Crypto Analysis Differential Crypto Analysis Ciphertext-only attack Known-plaintext attack Chosen-plaintext attack Adaptive chosen-plain text attack Chosen Cipher-text attack Chosen-key attack

34

No password at all, and youre in Look around for password written down on something Finding a "Joe" account User name=password Password derived from User name (5-10% effective) Use back door left behind by a previous attacker

12. Hybrid Attacks

An infinite number of hybrid attacks exist that use any combination of methods in different sequences depending on the target, level of knowledge and expertise of the attaker(s). The vast majority of attacks are Hybrid and this panel understates the possible number of combinations!
A few examples... Note: 80% of breakins include steps involving exploiting 1) known holes not patched 2) easy to guess passwords.

35

Information Gathering Port Scanning Packet Sniffing Social Engineering War Dialing

Break-In & Gain Control Exploit well known defects, weak configurations in O/SS's Password Guessing/ Cracking install rootkit Add user & privileges for remote control

Exploit: Modfy, Steal, Destroy... DDoS, Deface Website Manipulate Data,Copy Intellectual Property
(HR database, Payroll Info, Credit Cards...)

Cryptography

Network

13. Piracy & Digital Rights Management (DRM)

Two different ways to think about anti-piracy... Copying & Distributing Software Cracking time-out & lic. code utilities, Shared valid Lic. Code Music Napster, on-the-fly format changing, Audio jackers (sound card hacks) Video Macrovision hacks, std. Copying & format converting techniques Documents, PicturesCut & paste, screen print & scan, simple photo editor & scanners

1) Try to prevent theft of Intellectual Property 2) Locate & audit Intellectual Property violations Noteworthy Organizations: Business Software Alliance http://www.bsa.org/ Software & Information Industry Association http://www.siia.net/

Threats

36

DRM & Anti-Piracy Technology:


Steganography & Watermarks: Embedded information within any type of digital content prior to distribution, hidden from detection. The files (images, executable software, music) can be sent without anyone knowing what lies inside unless they possess the specific utility and decipher keys to unlock and view the hidden info, like a legal Trademark or Copyright notice. Vendor Schemes & Proprietary Viewers: Combining both hardware and software technology to prevent piracy, i.e. gaming industry devices with unique game cartridges. Other schemes: SDMI Portable Device, IBM cryptolope, Adobe Acrobat Reader Software Audit & Metering Tools: Utilities that determine software license compliance. These tools can help networks stay legally compliant within all manufacturer's software agreements thus reduce costs by allowing organizations to only purchase the software they need. License & Asset Mgt Tools: License management involves the distribution, allocation and control of licenses acquired from software vendors. Also these automated network tools can collect asset and software information throughout an organization, track software license compliance, meter software usage and provide critical information for software/hardware upgrade planning. Digital Asset Management (www.digital-integrity.com): Overlapping Hash values or fingerprinting valuable digital assets can be located and track, including every critical sentence, paragraph, table, or image within an organization or the entire Internet. Its possible to detect copied information between any file format (text within .doc pasted into .pdf or .ppt). This technology will find copyright infringed material on the Internet or simply block it from leaving the company at the gateway.

14. Noteworthy Organizations & Response Teams

Security Info, portals and more


CSI (Computer Security Institute) eSecurity Online InfoSysSec New Order Packet Storm SearchSecurity Security Focus TruSecureTM - ICSA Whitehats www.gocsi.com www.esecurityonline.com www.infosyssec.com neworder.box.sk http://packetstorm.securify.com www.searchsecurity.com www.securityfocus.com www.truesecure.com www.whitehats.com

Organizations
CERIAS www.cerias.purdue.edu CERT Coordination Center www.cert.org CVE (Common Vulnerabilities & Exposures) cve.mitre.org FIRST (Forum of Incident & Response Security Teams) www.first.com ISSATM (Information Systems Security Association) www.issa-tntl.org NSI National Security Institute www.nsi.org SANS Institute (System Administration, Networking, and Security) www.sans.org USENIX / SAGE www.usenix.org

Vulnerabilities lists
Security Focus www.securityfocus.com CERT Coordination Center www.cert.org CVE (Common Vulnerabilities & Exposures) cve.mitre.org SANS Institute (System Administration, Networking, and Security) www.sans.org

Government
DOJ (Department of Justice) FBI (Federal Bureau of Investigation) ICAT NIST (National Institute of Stds & Technology) NSA (National Security Agency) www.usdoj.gov www.fbi.gov.scitech.htm http://icat.nist.gov www.nist.gov www.nsa.gov

37

Vendors & Managed Security Providers


Symantec SARC (Symantec Antivirus Research Center) Microsoft Security Group CISCOTM Network Security Council ISSTM X-Force @Stake Securify Counterpane www.symantec.com www.sarc.com www.microson.com/security www.cisco.com/security xforce.iss.net www.atstake.com www.securify.com www.counterpane.com

Miscellaneous Sites
2600 magazme AntiOnline Ardent-Hacker.net Cult of the Dead Cow Def Con DigiCrime EFF (Electronic Frontier Foundation) Hack Factor X, HFX Hacker News Network Happy Hacker Technotronic The Hideaway WebFringe Attrition Information Assurance Technology Analysis Center www.2600.com www.antionline.com www.ardent-hacker.net www.cultdeadcow.net www.defcon.org www.digicrime.com/dc.html www.eff.org www.hfactorx.org www.hackernews.com www.happyhacker.org www.technotronic.com www.hideaway.net www.webfringe.com www.attrition.org iac.dtic.mil/iatac

Cryptography

Certification Centers
CheckmarkTM ICSATM VB100% (West Coast Labs) Virus Test Center Common Criteria www.check-mark.com www.truesecure.com www.av-test.com/ http://agn-www.informatik.uni-hamburg.de/vtc/ http://csrc.nist.gov/cc/aa/aalist.htm

Network

15. Web Site Hacking

Disrupt, Degrade Denial


Denial of service attacks Syn flood Smurf attacks DNS exploits

Observe, Copy, Steal Data


Sniffing, port scanning Hack system access, gain access to credit cards Exploit database, application

Threats

38

Masquerade, Impersonate
Spoofing DNS exploits

Modify, Corrupt, Change Content


e-Shoplifting by changing html http based attacks feed invalid data (enter wrong data) exploit CGI bin holes exploit unpatched O/S and webserver software holes

16. Physical Threats

1st, Gain Physical Access


- Breaking in by knocking down a door, crowbar attack... - Crawl under a computer raised floor, through ceiling space

2nd, The Attack


Stealing the computer, laptop at Airport or Back-up tape, disks and replacing with blanks - Boot disk on locked system, NTFS2DOS.exe hack - Unlocked wiring closets in public areas then sniff/destroy/whatever - Dumpster diving for deadtree items or media - Recovering shredded/pseudo destroyed material - Surveillance by either looking over someones shoulder "shoulder-surfing" high-powered photography, cameras for viewing, listening to PIN entries

General

- Picking a mechanical lock, obtaining or duplicating keys - Activate Door Open button on the inside or slide flat panel under door to activate the motion unlock sensor

39

- Circumvent Alarm System - Motion, passive IR (temperature), microwave (reflection)

- Wire tapping & recording video or audio - Trojan attacks (undetected/unattended agent) - Keyboard typing, swap out keyboard for similar looking recording kb or one that sends data out by RF signal - Smart card tampering, may be very difficult - RF transmitter, van Eck radiation, CRT image capture - Exploiting BIOS faults (special password, certain key combo) - Obtaining keying material/private key of a CA, or local key ring then crack it

Sophisticated

- Badge systems / card reader / FOBS / LC tuned circuits man-in-the-middle attack between panel and control machine - Hack card reader or duplicate cards - relatively easy - (12 bit Person Code, 8 bit Install code) - Biometrics access control attack false positive (design flaws) hacks on fingerprint readers, replay

Cryptography

Network

17. Glossary of Security Threats Terms


LEGEND
Electronic Mail Web Sites / Browser Person / Identity TCP / IP (Internet or Intranet) Applications Computer / Device

Birthday attack: Based on the statistical probability that finding two identical elements in a known finite space, the expected effort takes the square root of the key space number of steps. With only 23 people in a room, there is a better chance than even, that two have the same birthday. Black-Hat hacker: A criminal or malicious hacker, opposite of a white hat hacker. Data Diddling: The act of intentionally entering false information into a system or modifying existing data. Also known as a darkside hacker. Bomb: A general synonym for crash, normally of software or operating system failures. Brute force attack: Typically a known-plaintext attack that exhausts all possible key or password combinations. Carding: The act of generating and or creating phony credit cards or calling cards, usually by knowing something about the card numbering algorithm. Chosen ciphertext attack: A cryptanalytic attack by choosing known ciphertext to be decrypted and have access to the decrypted plaintext. For example, having access to a tamperproof blackbox that does automatic decryption. Chosen-key attack: The attacker does not possess the key, but only some knowledge about the relationship between different keys. This is an obscure and usually impractical attack. Correlation attack: Combining the output of several stream ciphertext sequences in some nonlinear manner. Thus revealing a correlation with the combined keystream and attacked using linear algebra. Countermeasures: An active process that responds to an attack, putting up a defense or launching a retaliatory response.

40

Active attack: An attack which results in an unauthorized state change, such as the manipulation of files or the adding of unauthorized files or programs. Active cheater: An attacker that is one of the parties involved in the protocol and disrupts the process in an attempt to cheat (PKCS #1 SSL attack). Anonymous remailer: usually an Internet email service, in which you can send and receive email without knowing its origins (sender) or receiver. Attack: An attempt to bypass security controls on a computer. The attack may alter, release, or deny data. Whether an attack will succeed depends on the vulnerability of the computer system and the effectiveness of existing countermeasures. Audit trail: In computer security systems, a chronological record of system resource usage. This includes user login, file access, other various activities, and whether any actual or attempted security violations occurred, legitimate and unauthorized. Back Door: A hole in the security of a computer system deliberately left in place by designers or maintainers. Synonymous with trap door; a hidden software or hardware mechanism used to circumvent security controls. A secret way to enter a computer or program that bypasses normal operating mode.

Threats

17. Glossary of Security Threats Terms

Crack: A popular hacking tool used to decode encrypted passwords. System administrators also use Crack to assess weak passwords by novice users in order to enhance the security. Cracker: One who breaks into computer systems or accounts. Cracking: The act of breaking into a computer system or account; what a cracker does. Contrary to widespread myth, this does not usually involve some mysterious leap of hackerly brilliance, but rather persistence and the dogged repetition of a handful of fairly well-known tricks that exploit common weaknesses in the security of target systems. Craming: A subtle scam used to get someone to change telephone long distance carriers without their knowledge. Cryptanalysis: 1) The analysis of a cryptographic system and/or its inputs and outputs to derive confidential variables and/or sensitive data including cleartext. 2) Operations performed in converting encrypted messages to plaintext without initial knowledge of the crypto-algorithm and/or key employed in the encryption. Data driven attack: A form of attack that is encoded in innocuous seeming data that is executed by a user or a process to implement an attack. A data driven attack is a concern for firewalls, since it may get through the firewall in data form and launch an attack against a system behind the firewall. Data mining (warehousing): The act of collecting information to build a database or personal dossier. Demon dialer (see war dialer): A program, which repeatedly calls the same telephone number. This is benign and legitimate for access to a BBS or malicious when used as a denial of service attack. Denial of service: Action(s) that prevents any part of an information system from functioning in accordance with its intended purpose. Usually flooding a system to prevent it from servicing normal and legitimate requests.

Derf: Gaining physical access to a computer that is currently logged in by an absent minded individual. Dictionary attack: Trying to discover a password by comparing a password file with a list of known hashed values of password. Differential linear cryptanalysis: A relatively new attack that combines both differential and linear cryptanalysis. DNS spoofing: Assuming the DNS name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain. Eavesdropping: Surreptitious interception of information sent over a network by an entity for which the information was not intended. FIN attack: Using the FINish flag within the TCP header to tear down a session or as a method of stealth scanning against ports. Firewall: A system or combination of systems that enforces a boundary between two or more networks. Gateway that limits access between networks in accordance with local security policy. Fork Bomb: (see Logic Bomb): Also known as Logic Bomb - Code that can be written in one line of code on any Unix system; used to recursively spawn copies of itself, "explodes" eventually eating all the process table entries and effectively locks up the system. Hacker: A person who enjoys exploring the details of computers and how to stretch their capabilities. A malicious or inquisitive meddler who tries to discover information by poking around. A person who enjoys learning the details of programming systems and how to stretch their capabilities, as opposed to most users who prefer to learn only the minimum necessary. Hacking: Unauthorized use, or attempts to circumvent or bypass the security mechanisms of an information system or network.

41

Cryptography

Network

17. Glossary of Security Threats Terms

42

Hijacking (IP): An action whereby an active, established session is intercepted and co-opted by the unauthorized user. IP splicing attacks may occur after an authentication has been made, permitting the attacker to assume the role of an already authorized user. Primary protections against IP splicing rely on encryption at the session or network layer. ICMP Flood: A denial of service attack that sends a host more ICMP echo requests (ping) packets than the protocol implementation can handle. Indirection: Covering your tracks so that the target cannot identify or prove who is attacking them. Internet worm: A worm program that was unleashed on the Internet in 1988. Robert T. Morris wrote it as an experiment that got out of hand. Intrusion detection: Pertaining to techniques, which attempt to detect intrusion into a computer or network by observation of actions, security, logs, or audit data. Detection of break-ins or attempts either manually or via software expert systems that operate on logs or other information available on the network. IP spoofing: An attack whereby a system attempts to impersonate another system by using a false source IP address. Joe account: An account where the user name and password are the same. Keystroke logger: A program that records everything a user enters via a keyboard. Known-plaintext attack: The cryptanalyst has access not only to the ciphertext of several messages, and also the plaintext. The challenge is to deduce the key or keys used to encrypt or an algorithm to decrypt any new messages encrypted with the same key or keys.

Leapfrog attack: Use of user-id and password information obtained illicitly from one host to compromise another host. The act of TELNETing through one or more hosts in order to preclude a trace (a standard cracker procedure). Letterbomb: A piece of email containing live data intended to do malicious things to the recipient's machine or terminal. Under UNIX, a letterbomb can also try to get part of its contents interpreted as a shell command to the mailer. The results of this could range from silly to denial of service. Linear crypt analysis: An attack using linear approximations to describe the action of a block cipher. If you XOR some plaintext, XOR ciphertext, then the results, you get a single bit that is the XOR of some of the key bits. Logic Bomb: Also known as a Fork Bomb - A resident computer program which, when executed, checks for a particular condition or particular state of the system which, when satisfied, triggers the perpetration of an unauthorized act. Mail bomb: The mail sent to urge others to send massive amounts of email to a single system or person, with the intent to crash the recipient's system. Mail bombing is widely regarded as a serious offense. Malicious code: Hardware, software, of firmware that is intentionally included in a system for an unauthorized purpose; e.g. a Trojan horse. Man-in-the-middle: An active attack that typically is gaining information by sniffing or tapping a line between two unsuspecting parties. Misrepresentation: The presentation of an entity as a person or organization that it is not. For example, a web site might pretend to be a furniture store when it is really just a site that takes credit-card payments but never sends any goods. Misrepresentation is one form of impersonation. See also spoofing.

Threats

17. Glossary of Security Threats Terms

NAK attack: Negative Acknowledgment - A penetration technique which capitalizes on a potential weakness in an operating system that does not handle asynchronous interrupts properly and thus, leaves the system in an unprotected state during such interrupts. Pagejacking: A masquerade attack in which the attacker copies (steals) a home page or other material from the target server, diverting browsers from the target server to the attackers server. Packet sniffing: The act of monitoring the packets on a network segment to pick up useful information like logins and passwords. See also Sniffer. Passive attack: Attack, which does not result in an unauthorized state change, such as an attack that only monitors and/or records data. Penetration: The successful unauthorized access to an automated system. Perimeter security: The technique of securing a network by controlling access to all entry and exit points of the network. Usually associated with firewalls and/or filters. Phage: A program that modifies other programs or databases in unauthorized ways; especially one that propagates a virus or Trojan horse. PHF hack: The phf.cgi script which comes with some web servers as a diagnostic tool can be used by an attacker to run other commands at a privileged level. Phracker: An individual who combines phone phreaking with computer hacking. Phreaker: An individual fascinated by the telephone system. Commonly, an individual who uses his knowledge of the telephone system to make calls at the expense of another. Piggyback attack: The gaining of unauthorized access to a system via another user's legitimate connection.

Ping-of-Death: An attack using an echo request (ping) IP datagram with over 65,507 bytes of data (creating an illegal, oversized IP datagram). This buffer overflow causes some systems to crash or lock up. Ping sweep: An attack that sends ICMP echo requests (pings) to a range of IP addresses, with the goal of finding hosts that can be probed for vulnerabilities. Port scanning: An attack that sends client requests to a range of server port addresses on a host, with the goal of finding an active port and exploiting a known vulnerability. Probe: Any effort to gather information about a machine or its users for the apparent purpose of gaining unauthorized access to the system at a later date. Prowler: A daemon that is run periodically to seek out and erase core files, truncate administrative log files, nuke lost & found directories, and otherwise clean up. Replay attack: A attack in which a valid data transmission is maliciously or fraudulently repeated, either by the originator or by an adversary who intercepts the data and retransmits. Replicator: Any program that acts to produce copies of itself. Examples include; a program, a worm, a fork bomb or virus. It is even claimed by some that UNIX and C are the symbiotic halves of an extremely successful replicator. Retro-Virus: A retro-virus is a virus that waits until all possible backup media are infected too, so that it is not possible to restore the system to an uninfected state. Root kit: A collection of tools that allows a hacker to provide a backdoor into a system, collect information on other systems on the network, mask the fact that the system is compromised, and much more. Rootkit is a classic example of Trojan Horse software.

43

Cryptography

Network

17. Glossary of Security Threats Terms

44

Root: The highest level of access to a Unix computer. SATAN: Security Administrator Tool for Analyzing Networks - A tool for remotely probing and identifying the vulnerabilities of systems on IP networks. A freeware program which helps to identify system security weaknesses. Scanner/port scanning: An information gathering method or tool in which all possible port numbers are accessed to determine which services are running or available on a host. Script-Kiddie: A person who aspires to be a hacker/cracker but has very limited knowledge or skills related to information system. Usually associated with young teens that collect and use simple malicious programs obtained from the Internet. Secure shell: A completely encrypted shell connection between two machines protected by a super long pass-phrase. Sequence number: A number used to coordinate an upcoming TCP session. Has been guessed as part of a spoofing attack. Session hijacking: A sophisticated attack in which the attacker spoofs both ends of a TCP session in progress, thereby gaining unauthorized access to the session and system. Slamming: The act of changing a telephone customer's long distance service provider without their knowledge or permission. Shell: A software layer that provides the interface between a user and the operating system of a computer. Shoulder surf: To look over someones shoulder to view a passphrase or pin to gain access at a later time. Smurfing: A denial of service attack in which an attacker spoofs the source address of an echo-request ICMP (ping) packet to the broadcast address for a network, causing the machines in the network to respond en masse to the victim thereby clogging its network. Snarf: To grab a large document or file for the purpose of using it with or without the author's permission.

Sniffer/sniffing: A program running on a computer or device that's attached to a network that filters, captures, and records network traffic, i.e. packets. Comes from a Network General (now Network Associates) protocol analyzer product known as Sniffer. Social engineering: A euphemism for non-technical or low-technology means such as lies, impersonation, tricks, bribes, blackmail, and threats - used to attack information systems. Spam: Unsolicited commercial email (UCE). The electronic mail equivalent of junk mail. Spoofing: Pretending to be someone else. The deliberate inducement of a user or a resource to take an incorrect action. Attempt to gain access to a system by pretending to be an authorized user. Impersonating, masquerading, and mimicking are forms of spoofing. Steganography: The practice of hiding secrets in otherwise normal looking data files, like JPEG pictures, etc. Subversion: Occurs when an intruder modifies the operation of the intrusion detector to force false negatives to occur. SYN flood attack: When the SYN queue is flooded, no new connection can be opened. Threat: The means through which the ability or intent of a threat agent to adversely affect an automated system, facility, or operation can be manifest. A potential violation of security. Trapdoor: A hidden computer flaw known to an intruder, or a hidden computer mechanism (usually software) installed by an intruder, who can activate the trap door to gain access to a computer. Traffic analysis: Monitoring data or encrypted data to or from a specific target to learn patterns. Tripwire: A software tool that generates one way hash signatures of sensitive files which are used to detect tampering or alteration.

Threats

17. Glossary of Security Threats Terms

Trojan Horse: An apparently useful and innocent program containing additional hidden code which allows the unauthorized collection, exploitation, falsification, or destruction of data. TTY watcher: A hacker tool that allows hackers with even a small amount of skill to hijack terminals. It has a GUI interface. Virus: A program that can "infect" other programs by modifying them to include a, possibly evolved, copy of itself. Wannabe hacker: A novice hacker, see Script-Kiddie. War dialer: A program that will automatically dial a range of telephone number looking for a modem/computer to answer. A program that dials a given list or range of numbers and records those, which answer with handshake tones, which might be entry, points to computer or telecommunications systems. White Hat Hacker: One who usually does not break into unauthorized systems, but they do sometimes write the tools that get used by the novices and black hat hackers. Whitemail: The dissemination of false information for financial gain via email. Worm: Independent program that replicates from machine to machine across network connections often clogging networks and information systems as it spreads.

45

Cryptography

Cryptography Reference

47

Cryptography

Threats

Network

1. Basic Functionality of Crypto

48

RET SEC TOP

Authentication: Wh o are you?

2 Authorization: W here are you allowed t o go?

Confidentiality: Pri v a cy / E n cr y p t i on

4 In te g ri ty: N ot ch a n ge d or m od i f i e d

Non-Reputation: D i gi t a l si gn atur e.

Cryptography

2. Crypto Primary Function

ENCRYPTION
(Private & Confidential)

D I G I TA L S I G N AT U R E S
( Authentic/Non-Repudiation) (Message Integrity)

SYMMETRIC KEY ALGORITHM

PUBLIC KEY (ASYMMETRIC) ALGORITHM

MESSAGE DIGEST (HASH ALGORITHM)

Key Management ISA/KMP SKIP Photuris Diffie-Hellman ElGamal IKE (ISA/KMP w/OAKLEY)

49

Stream Cipher RC4 SEAL WAKE A5 PKZIP

Block Cipher

Discrete Log

Factoring Public-Key Infrastructure PKIX SPKI SDSI PGP DNSSEC

DES, 3DES RC2, RC5, RC6 IDEA CAST Blowfish,Twofish MARS RIJNDAEL (AES) Serpent

DSA RSA LUC ECC Diffie-Hellman ElGamal Encrytion, (Diffie-HellmanMerkle-VernamElGamal)

MD2 MD5 SHA SHA-1 RIPE-MD160

Network

3. Symmetric /Asymmetric Function

Threats

Symmetric (Conventional) Encryption

Asymmetric (Public Key) Encryption


2

Al

ice

Shared Key

Bo

50

Al

ice

Alice locks box with Bobs public key.

Bob unlocks box with his private b Bo key.

Plaintext

Encryption Algorithm

Ciphertext

Decryption Algorithm

Plaintext

Alice places document in dual-key strongbox.

Box transported to Bob.

Bob retrieves document.

Cryptography

4. Trust Models
DISTRIBUTED (Web of Trust) DIRECT (Peer to peer)

HIERARCHIAL

Root CA

USA

Japan

France

Brazil

Friend Individuals Individuals Alice Bob

Employer Spouse USA Gov. USA Corp. Japan Corp. French Gov. Brazil Brazil Corp. Univ. You Affects One Affects Very Many

If certificate's key is compromised, how many others does it affect

Affects Few

Affects All

51

Affects Many Cross-Signed (signed one another)

Signer Leaf Nodes

Signee

Third Party Services

Basic Web of Trust (primitive)


Name Server

Registration Authority

1 Bob and Alice exchange keys in a secure fashion.


Alice

3 Carol and Alice exchange keys in a secure fashion; Carol trusts Alice as an introducer

Key Generator

2 Alice signs Bobs key and returns it.


Certificate Authority

Certificate Leaf Node

Bob

4 Bob sends Carol his key, signed by Alice. Carol can now trust Bob's key.

Carol

Certificate Directory

Network

5. Certificate Comparison

PGP v5 and later


P U B L I C K E Y PA C K E T Packet he a d e r f i e ld Version n u m b e r Times tam p of ke y c r e a t i on Validity p e r i od Public-Ke y t y p e (R S A , D S A , D H ) Key Mat e r i a l

X.509 v3
VERSION (OF CERTIFICATE FORMAT)
Certification Authority's Private Key

CERTIFICATE SERIAL NUMBER SIGNATURE ALGORITHM IDENTIFIER (FOR CERTIFICATE ISSUER'S SIGNATURE

USER ID: alice@home.com USER ID: alice@work.com

Threats

Pac ke t h e a d e r f i e ld 25 5 c h a r a c t e r oc t e t st r i n g (typ i c a lly R F C 822)

ISSUER (CERTIFICATION AUTHORITY) X.500 NAME VALIDITY PERIOD (START AND EXPIRATION DATES/TIMES) SUBJECT X.500 NAME SUBJECT PUBLIC KEY INFORMATION ALGORITHM IDENTIFIER PUBLIC KEY VALUE

52

SIGNATURE: Spouse SIGNATURE: Co-worker SIGNATURE: Employer Packet header field Timestamp Version number Signer Key ID Length of following info, MD Calc. Signature classification Public-Key Type Message Digest Algorithm String of data holding the signed digest

Generate Digital Signature

ISSUER UNIQUE IDENTIFIER ISSUER UNIQUE IDENTIFIER TYPE TYPE CRITICAL NON-CRITICAL FIELD VALUE FIELD VALUE EXTENSIONS

Cryptography

S U B K E Y PA C K E T Packet header field Similar to Main Public-Key Packet S U B K E Y S I G N AT U R E PA C K E T Packet header field Similar to signature packet ASSERTION

CERTIFICATION AUTHORITY'S DIGITAL SIGNATURE

6. Secure Messaging with Public Key Cryptography

1 Alice creates a message for Bob

2 Alice encrypts message with Bobs public key


Jan

3 Alice mails message


(SMTP, X.400, etc.)
Router

4 Bob retrieves message


(SMTP, X.400, etc.)

5 Bob decrypts Alices message with his private key

6 Bob reads message

Bill

Sue

Bob

INTERNET

To:

b Bo
Router

To:

Bo

b
Al

Bo ice

To:

53
S T E P 5 : T R A N S PA R E N T P R O C E D U R E

S T E P 2 : T R A N S PA R E N T P R O C E D U R E

A Seal message
(MD5, SHA1)

B Alice signs message with her private key


(RSA, DSA)

C Compress message
(ZIP)

D Encrypt message with random session key (IDEA, CAST, Triple DES) and Bobs public key
(RSA, Diffie-Hellman)
ice
To:

A Decompress message
(UNZIP)

B Examine seal for tampering


(MD5, SHA-1)

C Bob verifies Alices signature with her public key


(RSA, DSA)

KEY LEGEND Public Key

Al ic Al e

ice
Al

Al

ice

ic Al

e Al ice

Private Key

Al

ice

Bo

Network

7. Public-Key Infrastructure & Digital Certificates


STEP 1: OBTAIN CERTIFICATE Employee, Individual or Device needs Cert. Cert
Status Notification

STEP 2: USING CERTIFICATE 1 Enterprise Network 2

Generate Key-Pair (Local or Central)


Rejected

OCSP Status Request Resource Valid Certificate! OCSP Client and Toolkit 5

Access Granted!
Retrieve Cert

End User

Identify Attribute (Name, Org, Emp#)

Certificate Authority Processing Center 4 3

Threats

Submit Certificate Request (PKCS 10)

54
either Approved Certificate Authority receives request (Vetting Process) Pending () Rejected Registration Authority receives request (Vetting Process) Signed OCSP Response OCSP PROCESS Issuing CA OCSP Responder

Certificate Status Database

1. A user presents a certificate and requests to access a protected Enterprise resource. The request is signed with the users private key corresponding to their certificate. The Enterprise OCSP client and toolkit verify that the certificate chain and signature are correct. 2. The Enterprise OCSP client then composes and sends an OCSP request to the OCSP Responder of the Certificate Authority that issued the users certificate.

Cryptography

Cert Created & Issued (Signing Process)

Status Notification

3. The CA OCSP Responder obtains the certificate status in real tirne from the certificate status database. 4. The CA OCSP Responder generates an OCSP response that states the certificate status, signs the response, and sends it to the Enterprise OCSP client. 5. The Enterprise OCSP client parses the response and verifies its signature to determine that the response is legitimate. 6. If the response states that the certificate is valid, the Enterprise OCSP client application verifies that the user is authorized for access to the resource. If so, the OCSP client grants the user access to the requested resource.

Director y/Database/Repositor y (Published Certificate)

Many combination of Locally Hosted or Remote Hosted Services

8. Relative Strength Comparisons

Key Lengths
Public Key

Brute Force Attack


Average Times needed to search half the symmetric key-space (worst case scenario would be twice as long)
A T T A C K E R S C A P A B I L I T Y

Symmetric Asymmetric Elliptic Cipher (RSA,DSA,DH) Curve


(Conventional)

40 56 64 80 96 112 120 128

bits bits bits bits bits bits bits bits

274 384 512 1024 1536 2048 2560 3072

bits bits bits bits bits bits bits bits

57 80 106 132 160 185 237 256

bits bits bits bits bits bits bits bits

Key Individual Length Attacker (bits) 40 56 64 80 128 weeks centuries millennia infeasible infeasible

Small Group days decades centuries infeasible infeasible

Academic Network hours years decades infeasible infeasible

Large Company milliseconds hours days centuries infeasible

Military Intelligence Agency microseconds seconds minutes centuries millennia

55

Assumptions are based on 1997 technology: Individual Attacker: one high-end desktop machine and software (217 2 24 keys/second) Small Group: 16 high-end machines and software (221 2 24 keys/second) Academic Network: 256 high-end machines and software (225 2 28 keys/second) Large Company: $1,000,000 hardware budget (243 keys/second) Military Intelligence Agency: $1,000,000,000 hardware budget and advanced technology (255 keys/second)

Average Time for Exhaustive Key Search


Key Length... 32 bits 56 bits 128 bits Number of Possible Keys Time required at 1 encryption/sec Time required at 106 encryptions/sec 232 = 4.3 x 109 231 sec = ~36 min ~2 millisec 16 56 255 sec = 1142 yrs ~10 hours 2 = 7.2 x 10 24 2128 = 3.4 x 1038 2127sec = ~5 x 10 ~5 x 1018 yrs

Passphrase Guessing (dictionary attack)


Strong OK Weak example

Using easy-to-remember English words results in approximately 1.3 bits of entropy per character, (word space) vs. purely random characters (total space).
complexity 25 (lowercase) 62 (alphanumeric) 95 (full keyboard) word space 12 bits 24 bits 40 bits total space 23.5 bits 41.7 bits 65.7 bits time-to-break total space 40 minutes 22 years infeasible (3.8 x 108yrs)

# of characters 5 7 10

dogie br1a9Az ,tHX1lb<V+

Network

9. ISO Reference/Security Protocols

Us er A ppl ic at ion
ISO Reference Model

Pr o x y Ba se d F ir e w a ll S S L Pr o t o co l S S L H a n d sh a k e Pr o t o co l

Di s tr i b u ted d a ta se r vice
Pla n Da ta Str ea m

A ppl ic at ion Layer

Threats

S y nt ax independent mes s a ges Enc r yp ted Data Pa c k ets P re s en t at ion Layer

S S L R e co r d Pr o t o co l S o ck s, Pr o x i e s

56

Se s s ion Layer
Net w o rk independent mes s a ges

4 3 2

Tran s por t Laye r Ne t work Laye r D at a Lin k Laye r P h ys ic al Layer


Phy sical co nnec tion t o net w o rk har d war e

Pa ck e t F il t e r - ci r cuit l a yer IPse c/V PN L2TP, L2F, PPTP LinkLayer Point-to-Point Hardware Encr yptors Mac Layer Filtering (switches)

Cryptography

D at a Net work

10. Related Standards

U.S. Government Standards - NIST (FIPS)


FIPS# FIPS 46-2 FIPS 74 FIPS 81 FIPS 102 FIPS 112 FIPS 113 FIPS 140-1 FIPS 171 FIPS 180-1 FIPS 181 FIPS 185 FIPS 186 FIPS 188 FIPS 190-191 FIPS 196 Subject DES Guidelines for using DES DES modes of operation Guidelines for certification & accreditation Password usage Data authentication (CBC-MAC) Cryptomodule security requirements Key management using X9.17 Secure hash standard (SHA-1) Automated password generator Key escrow (Clipper & Skipjack) Digital Signature Standard (DSS) Standard security labels for info transfer Guidelines for authentication & analyzing LAN Entity authentication (asymmetric)

ANSI Banking and Security Standards


ANSI # X3.92 X3.106 X9.8 X9.9 X9.17 X9.19 X9.23 X9.24 X9.26 X9.30:1 X9.30:2 X9.55 X9.57 Subject Data Encryption Algorithm (DEA) Data Encryption Algorithm (DEA) PIN management and security Message authentication (wholesale) Key management (wholesale; symmetric) Message authentication (retail) Encryption of messages (wholesale) Key management (retail) Sign-on authentication (wholesale) Public Key, Digital Signature Algorithm Public Key, Secure Hash Algorithm Extensions to Public Key Certificates & CRLs Certificate Management for Financial Services

57

PKCS
No. 1 3 5 6 7 PKCS title RSA encryption standard Diffie-Hellman key-agreement standard Password-based encryption standard Extended-certificate syntax standard Cryptographic message syntax standard No. 8 9 10 11 12 PKCS title Private-Key information syntax standard Selected attribute types Certification request syntax standard Cryptographic token interface standard Personal information exchange syntax standard

Network

11. IKE: Key Negotiation

IKE Main mode IPSec Lifetime Expires Quick Mode

Hash E n c r y p t io n A ut h en t ic a t io n Dif f ie- H ellm a n g ro up SA lif et im e ELEMENTS

E s t a b lis h S A s Key m a t eria l Dif f ie- H ellm a n ex c h a n ge Pro t ec t io n f o r I PSec n eg ot i at i on FUNCTIONS

IPSec

Threats

Hash E n c r y p t io n PF S g ro up S A lif et im e Mo d e ELEMENTS

Pro t ec t io n v ia E SP I n t eg rit y v ia A H Req ues t Key s f ro m I KE

FUNCTIONS

58
SA Request IPSec (triggered by ACL)

IKE SA Offer - DES, SHA_1, RSA, sig, D-H group 1 lifetime

Alice

Policy Match accept offer Alice D-H exchange: KE, nonce

Bob
In the clear

Cryptography

ISAKMP Phase1

Bob D-H exchange: KE, nonce


Oakley Main Mode Protected

Alice Authenticate D-H apply SHA Hash Bob IKE SA Inbound Established Outbound Established Bob Authenticate D-H apply SHA Hash Alice IKE SA Inbound Established Outbound Established

12. Time Stamping

Create Document Identifier

Any file 01010010011010

1. Calculate a hash or fingerprint for data file of any size and is a unique value that is based on the exact content of the data file.

Client's computer using IP Protector


2 Create Time Stamp

Computer message digest (SHA-1)

Fingerprint (HASH)

Send to independent time stamping authority

DigiStamps server
15March2000 9:24am

01010010011010
12 9 6 3

01010010011010

01010010011010

2. An internet-based server adds the current time to the fingerprint, signs that intermediate product (SHA-1 digest + current time) using public key encryption, generating a time stamp. The time stamp is delivered back to the client software for storage.

59

Current time (official UTC sync)

Construct Time Stamp

Private Key

Sign Time Stamp

Store Data Locally

Standard CMS (PKCS#7) record

Verified locally with public key

3. The time stamp is delivered back to the client software for storage.

Threats

Network

13a. Secure Messaging

60

1 Digital Signature added (DSA, SHA-1) using senders private key.

2 Document with signature compressed.

3 Compressed file encrypted with one-time session key (IDEA, CAST Triple DES).

4 Encrypted copy of session key added (DH) using receivers public key.

5 File converted to ASCII armor format.

6 Message transferred via insecure channel. (telephone, satellite, microwave)

Alice

Original Plaintext

Signed

Compressed

Encrypted

Keyed

Armored

Attacker

Cryptography

13b. Secure Messaging

7 Message received in ASCII armor format.

8 ASCII armor removed.

9 One-time (IDEA, CAST, Triple DES) session key recovered using recipients private key.

10 File decrypted using one-time session key (IDEA, CAST, Triple DES).

11 File decompressed revealing signature and plaintext message.

12 Signature verified using senders public key (DSA, SHA-1).

61

Attacker

Dearmor

Dekey

Decrypt

Decompress

Verify

Original Plaintext

Bob

Network

14. Protocol Using Crypto

Applications

Protocols

Status

RFC #s

Public Key RSA RSA RSA RSA, DH RSA, DH RSA RSA, DH RSA RSA RSA DH RSA RSA

Symmetric DES, 3DES, IDEA DES DES IDEA, CAST, 3DES IDEA, CAST, 3DES RC2, RC4, 3DES

Key Length 56,128 56 56 128 128 40,128

Hash MD5 MD5 MD5 MD5, SHA-1 MD5, SHA-1 MD5, SHA-1 MD5, SHA MD5, SHA MD2, MD5

Encoding base 64, ASN.1 base 64 RADIX 64 RADIX 64 RADIX 64 ASN.1

Cert Type X.509 X.509 X.509 PGP PGP X.509 X.509 X.509 X.509

Trust Model H H,D H H,D,W H,D,W H,D H D,H D,H, Kerb,RSA

Threats

Store & Forward DMS (MSP) (e-mail) MOSS PEM PGP PGP/MIME S/MIME Network Transport (Browser) Voice TLS (SSL) PCT SHTTP Clipper PGPfone IKE SKIP Kerberos PAP CHAP TACACS RADIUS CAT OTP

RFC RFC RFC RFC RFC RFC draft draft FIPS

1847,1848 1241,2,3,4 1991 2015,1847 1847

62

3DES, RC2, RC4, DES-CBC40,128 DES, RC2, RC4, IDEA DES, 3DES, DES, CBC Skipjack 80 Blowfish, CAST, 3DES 160,128 RC2, DES, 3DES DES, IDEA, RC4 DES-CBC, DES

base 64

GSM, ADPCM MD5, SHA-1 MD5 MD4, MD5, CRC32 MD5 MD5 ASN.I X.509

D D, H D, H

Session Key Management

RFC

Cryptography

Network Authentication (Login)

RFC RFC RFC RFC RFC RFC

1510 1334 1994 927 2078,2228 2289,2243 RSA

DES

56

MDS, SHA-1 MD4, MD5, SHA

X.509 X.509

D, H D, H

D = Distributed H = Hierarchy W = Web of Trust

Glossary of Cryptography Terms

Legend
Algorithm
Symmetric/Conventional Asymmetric/Public Key Message Digest/Hash Organization RED = Algorithm BLUE = Protocol/API/Standard

Methods
Certificate Standard Protocol API GREEN = Organization

A5: a trade-secret cryptographic algorithm used in European cellular telephones. AES (Advanced Encryption Standard): NIST approved standards, assumed for next 20 - 30 years. AKEP (Authentication Key Exchange Protocol): Key transport based on symmetric encryption allowing two parties to exchange a shared secret key, secure against passive adversaries. Algorithm (encryption): A set of mathematical rules (logic) used in the processes of encryption and decryption. ASN.1 (Abstract Syntax Notation One): ISO/IEC standard for encoding rules used in X.509 certificates, two types exist; DER (Distinguished Encoding Rules), BER (Basic Encoding Rules).

Attribute Certificate: A digital certificate that binds a set of descriptive data items, either directly to a subject name or to the identifier of another certificate that is a public-key certificate. Asymmetric keys: a separate but integrated user key-pair, comprised of one public-key and one private-key. Each key is one way, meaning that a key used to encrypt information cannot be used to decrypt the same data. Authorization Certificate: an electronic document to prove ones access or privilege rights; also to prove one is who they say they are. Blind Signature: ability to sign documents without knowledge of content, similar to a notary public. Block Cipher: a symmetric cipher operating on blocks of plaintext and ciphertext, usually 64 bits. Blowfish: a 64-bit block symmetric cipher consisting of key expansion and data encryption. A fast, simple, and compact algorithm in the public domain written by Bruce Schneier. CA (Certificate Authority): a trusted third party (TTP) who creates certificates that consist of assertions on various attributes and binds them to an entity and or to their public key. CAPI (Crypto API): Microsofts crypto API for Windows-based operating systems and applications. CAST: A 64-bit block cipher using 64-bit key, six S-boxes with 8-bit input and 32-bit output, developed in Canada by Carlisle Adams and Stafford Tavares.

63

Network

Glossary of Cryptography Terms

64

Cryptography

CBC (Cipher Block Chaining): the process of having plaintext XORed with the previous ciphertext block before it is encrypted, thus adding a feedback mechanism to a block cipher. Certificate (digital certificate): An electronic document attached to a public key by a trusted third party, which provides proof that the public key belongs to a legitimate owner and has not been compromised. Certificate Enrollment Protocol (CEP): Specifies how a device communicates with a CA, including how to retrieve the CA's public key, how to enroll a device with the CA, and how to retrieve a CRL. CEP uses PKCS #7 and PKCS #10. Certificate Extensions: An X.509 v3 certificate contains an extensions field that permits any number of additional fields to be added to the certificate. Certificate extensions provide a way of adding information such as alternative subject names and usage restrictions to certificates. CFB (Cipher Feedback Mode): A block cipher that has been implemented as a self-synchronizing stream cipher. Certification: endorsement of information by a trusted entity. Certificate Management Messages over Cryptographic Message Syntax (CMC): Message format used to convey a request for a certificate to a Registration Manager or Certificate Manager. Certificate Management Message Formats (CMMF): Message formats used to convey certificate requests and revocation requests from end entities to a Registration Manager or Certificate Manager and to send a variety of information to end entities.

Certificate Management Systems (CMS): A highly configurable set of software components and tools for creating, deploying, and managing certificates. CMS comprises three major subsystems that can be installed in different CMS instances in different physical locations: Certificate Manager, Registration Manager, and Data Recovery Manager. Certificate Revocation Tree (CRT): A mechanism for distributing notice of certificate revocations. CHAP (Challenge Handshake Authentication Protocol): a session-based, two-way password authentication scheme. Ciphertext: the results of manipulating either characters or bits via substitution, transposition or cryptographic operations. Cleartext: characters in a human readable form or bits in a machine readable form (also called plaintext). CPS (Certificate Practice Statement): Describe the policies, practices, and procedures employed by a CA. (Certificate Authority) CRL (Certificate Revocation List): an online, up-to-date list of previously issued certificates that are no longer valid. Cross-certification: two or more organizations or Certificate Authorities that share some level of trust. Cryptanalysis: The art or science of transferring ciphertext into plaintext without initial knowledge of the key used to encrypt the plaintext. Cryptography: the art and science of creating messages that have some combination of being private, signed, unmodified, with non-repudiation.

Threats

Glossary of Cryptography Terms

Cryptoperiod: specific time span during which a cryptographic key is authorized, or for which a key setting remains in effect. Cryptosystem: a system comprised of cryptographic algorithms, all possible plaintext, ciphertext, and keys. Data Integrity: a method of ensuring information has not been altered by unauthorized or unknown means. Decryption: the process of turning ciphertext back into plaintext. DES (Data Encryption Standard): a 64-bit block cipher, symmetric algorithm also known as Data Encryption Algorithm (DEA) by ANSI and DEA-1 by ISO. Widely used for over 20 years, adopted in 1976 as FIPS 46. Diffie-Hellman: the first public key algorithm, invented in 1976, using discrete logarithms in a finite field. Digital Signature: The digital equivalent of a written signature, providing cryptographic evidence that the original document is authentic unaltered, not forged and non-repudiable, almost always using a public-key algorithm. Direct Trust: an establishment of peer-to-peer confidence. Discrete Logarithm: the underlying mathematical problem used by asymmetric algorithms, like Diffie-Hellman and Elliptic Curve. It is the inverse problem of modular exponentiation, which is a one-way function. DSA (Digital Signature Algorithm): a public-key digital signature algorithm proposed by NIST for use in DSS. DSS (Digital Signature Standard): a NIST proposed standard (FIPS) for digital signatures using DSA.

ECC (Elliptic Curve Cryptosystem): a unique method for creating public-key algorithms based on mathematical curves over finite fields or with large prime numbers. EES (Escrowed Encryption Standard): a proposed U.S. government standard for escrowing private keys. ElGamal Scheme: used for both digital signatures and encryption based on discrete logarithms in a finite field, can be used with the DSA function. Encryption: the process of disguising a message in such a way as to hide its substance. Entropy: a mathematical measurement of the amount of uncertainty or randomness. FIPS (Federal Information Processing Standard): U.S. government standards published by NIST. GAK (Government Access to Keys): a method for the government to escrow individuals private keys. GSS-API (Generic Security Services API): IETF RFC 1508 is a high level security API, which isolates session-oriented application code from implementation details. Hash: a one-way function - a function that produces a message digest that cannot be reversed to produce the original. Hierarchical Trust: a graded series of entities that distribute trust in an organized fashion, commonly used in X.509 issuing certifying authorities. IDEA (International Data Encryption Algorithm): a 64-bit block symmetric cipher using 128-bit keys based on mixing operations from different algebraic groups. Considered one of the strongest algorithms.

65

Network

Glossary of Cryptography Terms

66

Cryptography

Identity Certificate: a signed statement which binds a key to the name of an individual and has the intended purpose of delegating authority from that named individual to the public key. IKE (Internet Key Exchange): a manual and automatic key exchange method combining ISA/KMP and Oakley Key Exchange, as described in IETF IPsec specification. ISO (International Organization for Standardization): responsible for a wide range of standards, like the OSI model and international relationship with ANSI on X.509. ITU-T (International Telecommunication Union Telecommunication): formally the CCITT (Consultative Committee for International Telegraph and Telephone), a worldwide telecommunications technology standards organization. Kerberos: a trusted-third-party authentication protocol developed at MIT. Key: a means of gaining or preventing access, possession, or control represented by any one of a large number of values. Key Escrow/Recovery: a mechanism that allows a third party to retrieve the cryptographic keys used for data confidentiality, with the ultimate goal of recovery of encrypted data. Key Exchange: a scheme for two or more nodes to transfer a secret session key across an unsecured channel. Key Length: the number of bits representing the key size; the longer the key, the stronger it is. Key Management: the process and procedure for safely storing and distributing accurate cryptographic keys, the overall process of generating and distributing cryptographic key to authorized recipients in a secure manner.

Key Splitting: a process for dividing portions of a single key between multiple parties, none having the ability to reconstruct the whole key. KTC (Key Translation Center): a trusted server that makes a key chosen by one party available to another party by reencrypting (translating) it by a key shared with the requesting party. LRA (Local Registration Agent): an entity appointed by a CA or RA to assist other entities in applying for certificates, revoking their certificates or both. MAA (Message Authenticator Algorithm): an ISO standard that produces a 32-bit hash, designed for IBM mainframes. MAC (Message Authentication Code): a key-dependent oneway hash function, requiring the use of the identical key to verify the hash. MD2 (Message Digest 2): 128-bit one-way hash function designed by Ron Rivest, dependent on a random permutation of bytes. MD4 (Message Digest 4): The predecessor of MD5, later found to be weak. MD5 (Message Digest 5): 128-bit one-way hash function designed by Ron Rivest, very widely used. Message Digest (also MD): A number that is derived from a message. Change a single character in the message and the message will have a different message digest. MIC (Message Integrity Check): Same as Message Digest. Micalg (MIC algorithm) used to identify the MIC algorithm used in signing MIME Messages.

Threats

Glossary of Cryptography Terms

MIME (Multipurpose Internet Mail Extensions): a freely available set of specifications that offers a way to interchange text in languages with different character sets, and multi-media email among many different computer systems that use Internet mail standards. Modulus: The defining constant in modular arithmetic, and usually a part of the public key in asymmetric cryptography NIST (National Institute for Standards and Technology): a division of the U.S. Dept. of Commerce that publishes open, interoperability standards called FIPS. Non-repudiation: preventing the denial of previous commitments or actions. NSA (National Security Agency): a United States cryptologic organization tasked with making and breaking codes and ciphers. Oakley: The "Oakley Session Key Exchange" provides a hybrid Diffie-Hellman session key exchange for use within the ISA/KMP framework. Oakley provides the important property of "Perfect Forward Secrecy. One-Time Pad: a large nonrepeating set of truly random key letters used for encryption, considered the only perfect encryption scheme, invented by Major J. Mauborgne and G. Vernam in 1917. Not widely used because key management is impractical. One-Way function: a function of a variable string to create a fixed length value representing the original pre-image, also called message digest, fingerprint, message integrity check (MIC).

PAP (Password Authentication Protocol): an authentication protocol that allows PPP peers to authenticate one another, does not prevent unauthorized access but merely identifies the remote end. Passphrase: an easy-to-remember phrase used for better security than a single password, key crunching converts it into a random key. Password: a sequence of characters or word that a subject submits to a system for purposes of authentication, validation, or verification. Perfect Forward Secrecy: a cryptosystem in which the ciphertext yields no possible information about the plaintext, except possibly the length. PGP (Pretty Good Privacy): an application & protocol (RFC 1991) for secure email and file encryption developed by Phillip R. Zimmermann, originally published as Freeware, the source code has always been available for public scrutiny. PGP uses a variety of algorithms, like IDEA, RSA, Diffie-Hellman, CAST, DSA, MD5, SHA-1 for providing encryption, authentication, message integrity, and key management. PGP is based on the Web-of-Trust model and has world-wide deployment. PGP/MIME: an IETF standard (RFC 2015) that provides privacy and authentication using the Multipurpose Internet Mail Extensions (MIME) security content types described in RFC 1847, currently deployed in PGP 5.0 and later.

67

Network

Glossary of Cryptography Terms

68

Cryptography

PKCS (Public Key Crypto Standards): set of de facto standards for public key cryptography developed in cooperation with an informal consortium (Apple, DEC, Lotus, Microsoft, MIT, RSA and Sun) that includes algorithm specific and algorithm independent implementation standards. Specifications defining message syntax and other protocols controlled by RSA Data Security Inc. PKI (Public Key Infrastructure): a widely available and accessible certificate system for obtaining an entitys public-key with some degree of certainty that you have the right key and it has not been revoked. PKIX: A contraction of "Public-Key Infrastructure (X.509)", the name of the IETF working group that is specifying an architecture and set of protocols needed to support an X.509-based PKI for the Internet. Plaintext (or cleartext): the human readable data or message before it is encrypted. Private Key: the privately held secret component of an integrated asymmetric key pair, often referred to as the decryption key. Public Key: the publicly available component of an integrated asymmetric key pair often referred to as the encryption key. RA (Registration Authority): responsible for authorizing entities or LRA, distinguished by unique names, as members of a security domain, this involves associated a user with specific key material. RAs work on behalf of the CA. Random Number: an important aspect to many cryptosystems, and a necessary element in generating a unique key(s) that are unpredictable to an adversary .

RC2 (Rivest Cipher 2): variable key size, 64-bit block symmetric cipher, once a proprietary algorithm of RSA, Data Security Inc. RC4 (Rivest Cipher 4): variable key size stream cipher, once a proprietary algorithm of RSA Data Security, Inc. RC5 (Rivest Cipher 5): a block cipher with a variety of parameters, block size, key size, and number of rounds. RIPE-MD: an algorithm developed for the European Communitys RIPE project, designed to resist known cryptanalysis attacks and produce a 128/160-bit hash value, a variation of MD4. Revocation: retraction of certification or authorization. ROT-13 (Rotation Cipher): a simple substitution (Caesar) cipher, rotating each 26 letters 13 places. RSA: short for RSA Data Security, Inc.; or referring to: Ron Rivest, Adi Shamir, and Len Adleman; or to the algorithm they invented. The RSA algorithm is used in public-key cryptography and is based on the fact that it is easy to multiply two large prime numbers together, but hard to factor them out of the product. S-Box: A nonlinear substitution function (thus S-Box) basic to block ciphers (eg. DES and CAST), where an input is XOR-ed and converted to an output (6 bits and 4 bits, respectively, in DES) and which provides the core of such ciphers security. SA (Security Association): a simplex (uni-directional) logical connection that specifies a security process through the use of AH and ESP. SAFER (Secure And Fast Encryption Routine): a non-proprietary block cipher 64-bit key encryption algorithm. Not patented, available license free. Developed by Massey, who developed IDEA.

Threats

Glossary of Cryptography Terms


Salt: a random string that is concatenated with passwords before operated on by a one-way function; helps prevent against successful dictionary attacks. Secret Key: either the private key in public-key (asymmetric) algorithms or the session key in symmetric algorithms. Secure Channel: a means of conveying information from one entity to another such that an adversary does not have the ability to reorder, delete, insert or read (SSL, IPSEC, whispering in someones ear). Self-Signed Certificate: A public-key certificate for which the public key bound by the certificate and the private key used to sign the certificate are components of the same key pair Session Key: The secret (symmetric) key used to encrypt each set of data on a transaction basis. A different session key is used for each communication session. SHA-1 (Secure Hash Algorithm): the 1994 revision to SHA, developed by NIST, (FIPS 180-1) used with DSS produces a 160-bit hash, similar to MD4, very popular and is widely implemented. Skipjack: The 80-bit key encryption algorithm contained in NSAs Clipper chip. The algorithm is classified; NSA will not release information on how it works. It has a backdoor feature for government access. SKMP (Secure-Key Management Protocol): an IBM proposed key-recovery architecture that uses a key encapsulation technique to provide the key and message recovery to a trusted third-party escrow agent. Smart Cards: tamper-resistant hardware devices that store private keys and other sensitive information. SOQ: a widely adopted standard for digital certificates that uses ANSI.1 encoding and carries cryptographic material and X.500 conventional content. S/MIME (Secure Multipurpose Mail Extension): a proposed standard developed by a consortium of e-mail software vendors led by RSADSI, for encrypting and/or authenticating MIME data. S/MIME defines a format for the MIME data, the algorithms that must be used for interoperability (RSA, RC2, SHA1), and the additional operational concerns such as X.509 certificates and transport over the Internet. SPI (Security Parameter Index): the combination of destination address, a security protocol and an SPI uniquely identifies a security association (SA). SSH (Secure Shell): an IETF proposed protocol for securing the transport layer by providing encryption, cryptographic host authentication, and integrity protection. SSL (Secure Socket Layer): developed by Netscape to provide security and privacy over the Internet. Supports server and client authentication and maintains the security and integrity of the transmission channel. Operates at the transport layer and mimics the sockets library, allowing it to be application independent. Encrypts the entire communication channel and does not support digital signatures at the message level. Steganography: Methods of hiding the existence of a message or other data, i.e., digital watermark or invisible ink. Stream cipher: a class of symmetric-key encryption operating on the plaintext one byte (or one bit) at a time. Substitution cipher: the characters of the plaintext are substituted with other characters to form the cipher text.

69

Network

Glossary of Cryptography Terms

70

Cryptography

Symmetric algorithm: an encryption algorithm in which the same secret key is used for both encryption and decryption. Also known as conventional, secret-key and single-key algorithms. Block and stream ciphers are classes of symmetric algorithms. Timestamping: recording the time of creation or existence of information. TLSP (Transport Layer Security Protocol): ISO 10736, draft international standard. Transposition cipher: the plain text remains the same but the order of the characters is transposed. Triple DES: an encryption configuration in which the DES algorithm is used three times with three different keys. Trust: a firm belief or confidence in the honesty, integrity, justice, reliability, etc., of a person, company, and so forth. TTP (Trusted Third-Party): a responsible party in which all participants involved agree upon in advance to provide a service or function, such as certification, by binding a public-key to an entity, time-stamping, or key-escrow. Web of Trust: a distributed trust model used by PGP to validate the ownership of a public key where the level of trust is cumulative, based on the individuals knowledge of the introducers. XOR (eXclusive Or opeRation): exclusive - or operation, a mathematical way to represent differences.

X.509v3: an ITU-T digital certificate that is an internationally recognized electronic document used to prove identity and public key ownership over a communication network. It contains the issuers name, the users identifying information, and the issuers digital signature, as well as other possible extensions in version 3. Zeroed: the degaussing, erasing or overwriting of electronically stored data.

Threats

Glossary of Cryptography Terms

Cryptography

Threats

Network

The information in this document is subject to change without notice and must not be construed as a commitment on the part of Symantec Corporation. Symantec assumes no responsibility for any errors that may appear in this document. No part of this document may be reproduced, stored in a retrieval system, or transmitted, in any form a by any means - graphic, electronic, or mechanical, including photocopying and recording - without the ,prior written permission of the copyright owner. Symantec and the Symantec logo are U.S. registered trademarks of Symantec Corporation. Other brands and products are trademarks of their respective holders). Copyright 2001 Symantec Corporation. All Rights Reserved. Printed in the United States of America 08/01 09-71-00385

You might also like