Security Reference Handbook
76
Network Threats Cryptography Security Reference Handbook A comprehensive categorization of security technologies and their relative threats.
description
Security Reference Handbook
Transcript of Security Reference Handbook
Ne
two
rkT
hre
ats
Cry
pto
gra
ph
y
S e c u r i t y R e f e r e n c e H a n d b o o kA comprehensive categorization of security technologies and their relative threats.
Network Security PageNetwork Security Tools . . . . . . . . . . . . . . . . . . . . . . . . 2Network Security Related Standards . . . . . . . . . . . . . . . 3Authentication Schemes . . . . . . . . . . . . . . . . . . . . . . . 3Authorization Policy . . . . . . . . . . . . . . . . . . . . . . . . . 4Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Perimeter Security . . . . . . . . . . . . . . . . . . . . . . . . . . . 6Content Inspection . . . . . . . . . . . . . . . . . . . . . . . . . . 7Data in Motion Security . . . . . . . . . . . . . . . . . . . . . . . 8Best Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9Wireless Security Issues . . . . . . . . . . . . . . . . . . . . . . 10Incident Response . . . . . . . . . . . . . . . . . . . . . . . . . . 11Glossary of Network Security Terms . . . . . . . . . . . . . . . 12
Security ThreatsThreat Categories . . . . . . . . . . . . . . . . . . . . . . . . . . . 24Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25Info Gathering Techniques . . . . . . . . . . . . . . . . . . . . . 26Impersonation / Spoofing . . . . . . . . . . . . . . . . . . . . . 27Social Engineering (Attacks against people) . . . . . . . . . 28Computer Virus . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29Avenues of Attack . . . . . . . . . . . . . . . . . . . . . . . . . . 30Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31General Hacking . . . . . . . . . . . . . . . . . . . . . . . . . . . 32Denial of Service . . . . . . . . . . . . . . . . . . . . . . . . . . 33Cracking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34Hybrid Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . 35Piracy & Digital Rights Management (DRM) . . . . . . . . . . 36Noteworthy Organizations & Response Teams . . . . . . . . . 37Web Site Hacking . . . . . . . . . . . . . . . . . . . . . . . . . . 38Physical Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . 39Glossary of Security Threats Terms . . . . . . . . . . . . . . . . 40
CryptographyBasic Functionality of Crypto . . . . . . . . . . . . . . . . . . . 46Crypto Primary Function . . . . . . . . . . . . . . . . . . . . . . 47Symmetric/Asymmetric Function . . . . . . . . . . . . . . . . . 48Trust Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49Certificate Comparison . . . . . . . . . . . . . . . . . . . . . . . 50Secure Messaging with Public Key Cryptography . . . . . . . 51Public-Key Infrastructure & Digital Certificates . . . . . . . 52Relative Strength Comparisons . . . . . . . . . . . . . . . . . . 53ISO Reference/Security Protocols . . . . . . . . . . . . . . . . 54Related Standards . . . . . . . . . . . . . . . . . . . . . . . . . . 55IKE: Key Negotiation . . . . . . . . . . . . . . . . . . . . . . . . 56Time Stamping . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57Protocol Using Crypto . . . . . . . . . . . . . . . . . . . . . . . 58Secure Messaging . . . . . . . . . . . . . . . . . . . . . . . . . . 59Glossary of Cryptography Terms . . . . . . . . . . . . . . . . . . 61
About Symantec
Symantec, a world leader in Internet security technology, provides a broad range of content and networksecurity solutions to individuals and enterprises. The company is a leading provider of virus protection,firewall and virtual private network, vulnerability management, intrusion detection, Internet content ande-mail filtering, remote management technologies and security services to enterprises around the world.Symantec’s Norton brand of consumer security products leads the market in worldwide retail sales andindustry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 37 countries.For more information, please visit www.symantec.com.
3. Authentication Schemes
1
Network Security Reference Ne
two
rkT
hre
ats
Cry
pto
gra
ph
y
2
1. Network Security Tools
Security tools in use today
• Host-based Vulnerability Assessment Tools:
• ESM COPS, NCARP, crack, Tiger, logcheck, tklogger
• Network Traffic Analysis & Intrusion Detection Tools:
• NetProwler, tcpdump, synsniff, NOCOL, Shadow
• Security Management and Improvement Tools:
• ESM, crack, localmail, smrsh, logdaemon, npasswd, op, passwd+, S4-kit, sfingerd sudo, swatch, watcher, wuftpd, LPRng
• Firewall, Proxy amd Filtering Tools:
• Raptor, fwtk, ipfilter, ipfirewall, portmap v3, SOCKS, tcp_wrappers, smapd
• Network-Based Vulnerability Assessment Tools:
• NetRecon, nmap, nessus, SATAN, Internet Scanner
• Encryption Tools:
• md5, md5check, PGP, rpem, UFC-crypt
• One-Time Password Tools:
• OPIE, S/Key
• Secure Remote Access and Authorization Tools:
• RADIUS, TACACS+, SSL, SSH, Kerberos
Ne
two
rk
3
3. Authentication Schemes2. Network Security Related Standards
IETF: Internet Engineering Task forceorganization
IETF: Internet Engineering Task forceorganization
IEEE:Common Criteria: CVE: WAP:
W3C: World-Wide Web ConsortiumBS7799:ANSI (ISO/IEC):
http://www.ietf.org/
Working Groups:Open Specification for PGP (openpgp)Authenticated Firewall Traversal (aft)Common Authentication Tech (cat)IP Security Policy (ipsp)IP Security Protocol (ipsec)IP Security Remote Access (ipsra)Intrusion Detection Exchange (idwg)Kerberized Internet Negoc. Keys (kink)Kerberos WG (krb-wg)One Time Password Authentication (otp)Public-Key Infrastructure (X.509) (pkix)S/MIME Mail Security (smime)Secure Network Time Protocol (stime)Secure Shell (secsh)Securely Available Credentials (sacred)Sec Issues Network Event Log (syslog)Simple Public Key Infrastructure (spki)Transport Layer Security (tls)Web Transaction Security (wts)XML Digital Signatures (xmldsig)
Security related - RFCsAAA: 2903-06Algorithms/Crypto: 1319-21, 1984, 2040, 2082,2403-09, 2612, 2631, 2630, 2628, 2627PGP: 1991, 2015, 2440PKCS: 2437, 2985, 2986,PKI, X. 509: 2459, 2510-11, 2527-28, 2585,2692-93, 2559-60,RADIUS: 2139, 2313-15, 2618-2621, 2865-2869 S/MIME: 1847-8, 2311-12, 2631, 2632,Secure DNS: 2536-39, 2540-1, 3007, 3008, TLS(SSL): 2595VPN, Remote Access, IPsec: 1826-7, 2401, 2406,2402, 2888, 2685Other: 2504 Users’ security Handbook
2828 Internet Security Glossary3013 ISP Security Procedures
http://csrc.nist.gov/cc/(CTCPEC, FC, TCSEC and ITSECCommon Criteria for InformationTechnology Security Evaluation(CC) version 2.1, (ISO) 15408Smart Card Security UsersGroup (SCSUG): SCSUG SmartCard Protection Profile: SCPP v2.0
http://ieee-security.org/
802.10c LAN/MAN Security(SILS) Key Management
1363-2000Public Key Cryptography
1244.2 -2000MMS session Security
CVE:http://www.cve.mitre.org/A list of standardized Names for publiclyknown vulnerabilities and other informationsecurity exposures
WAPhttp://www.wapforum.org Wireless Transport Layer Security (like SSL)Class1: Anonymous Auth, Class 2: Server Auth, Class 3: Client AuthWPKI:Wireless PKI, (Like IETF PKIX)WML: Wireless Mark-up LanguageWML Script Crypto Library
ANSINCITS (ITI): Information Technology(includes X3, NCITS, ANSI/ISO)
ANSI NCITS 118-1998Personal Identification Number
X9 TG-8-1995 Check Security GuidelineX9 TG-5-1992 Information SecurityISO/IEC TR 13335: Management of IT SecurityISO/IEC 9979: Registration of crypto algorithmsISO/IEC 9798: Authentication, D-Sig...ISO/IEC 9797: Message Authentication CodesISO/IEC 15408: Common criteria for ITISO/IEC 14888: Digital SignaturesISO/IEC 11770: Key managementISO/IEC 10118: Hash FunctionsISO 9735: Electronic data interchange (EDIFACT)ISO 13491: Banking, Mag stripe card systemsISO 10202: Financial transaction cards
http://www.bsi-global.com/group.xhtml
http://www.c-cure.org
British Standard BS7799, first published inFebruary 1995, revised May 1999. "Code ofPractice for Information Security Management",due to become an internationalstandard (ISO/IEC 13335).1. Business Continuity Planning2. System Access Control3. System Dev & Maintenance4. Physical & Environmental5. Compliance6. Personnel Security7. Security Organization8. Computer & Network Management9. Asset Classification
W3C Securityhttp://www.w3.org/Security/Platform for PrivacyPreferences (P3P)XML-Signature WG (xmldsig)
MetadataPublic Policy RolePICS Signed Labels (Dsig)Vendor-Driven Secure XMLS2ML, AuthXML
Th
rea
tsC
ryp
tog
rap
hy
Something you know:PasswordsPersonal Identification Numbers (PIN)Keywords (mother’s maiden name, etc.)
Something you have:KeysTokens (hardware & software)CryptocardSmartcardsDigital certificates and private keys
Something you are (biometrics):Fingerprint Typing characteristicsIris or retina scan Body geometryVoiceprint
Remote authentication protocolsNTLM domains LDAPRADIUSKerberosTACACSPAP/CHAP
Authentication enhancementsTwo-factor authentication Single sign-onPassword and token, or Challenge Response Methodsbiometric and passwordOne-time passwords
4
3. Authentication Schemes
Ne
two
rk
5
4. Authorization Policy
IDEN
TITI
ESPO
LICI
ESDE
VICE
SM
ETH
ODS
Roles, Groups, Users (Person, Entities)
Rules for granting privileges / access
Gatekeepers such as Network Access Servers, Routers, remote access server, Dial-In devices possibly linked via LDAP to a directory or database
1. Simple permission rights (read, write, delete)2. (ACL): Access Control List3. Operating systems (NT or UNIX) functions, NT active directory4. Single sign-on schemes5. Object oriented databases (Active Directory - NDS)6. Privilege Management Infrastructure: (PMI)
Th
rea
tsC
ryp
tog
rap
hy
6
5. Administration
12
3
6
9
Routine Basis PeriodicalV.
Minimal
Satisfactory (all the above)
Outstanding (all the above plus)
• Properly configured event & alarm notification utilities on critical devices (Servers, Routers, Firewalls…)
• Annual Security audit by a reputable third-party
• Review Security Policy
• Subscribe to a vulnerabilty/threat service (e-securityonline…)
• Review security policy & compliance• Train and retrain personnel
• Check for vulnerabilities
• Proper use of a framework to help manage security• Use host and network IDS• Real-Time security awareness• Manage Change Control to reduce new vulnerabilities
• Correlate events & alarms from heterogenous devices• Integrate management of firewalls, IDS tools, AntiVirus,
vulnerabilities scanners, host syslog event data and more
• Employee/3rd party to conduct “white hat” testingto guarantee integrity
• Automate incident management as much as possible
• Apply security patches• Make sure passwords are not easily guessed
Ne
two
rk
7
6a. Perimeter Security
I N T E R N E T
Techniques to prevent unauthorized access and unwanted payloads to and from a network.
Th
rea
tsC
ryp
tog
rap
hy
8
6b. Perimeter Security (continued)
Packet-filtering FirewallControlling access to and from a network by analyzing the incoming and outgoing packet headers (IP address & port #) and letting them pass or blocking the packets.
Statefull InspectionAnalyze, track and follow each connection in a ‘state-table’ and monitor for policy violations
Proxy-based Firewall / ServerTerminates all sessions entering and leaving a network, and reestablishes those sessions using its own version of the protocol. This ensures that the protocol is authentic according to the firewall and limits the service’s function.
VPN Server / RouterA device to create a secure private network over public networks to connect nodes. These systems use encryption and other security mechanisms to ensure that only authorized users can access the network and that the cipher text data in transit is unintelligible.
Circuit-level Gateway Creates a client / server connection without interpreting the application protocol, similar to Packet-filtering. Once the connection has been made, packets can flow between the hosts without further checking.
Network Address Translator (NAT)Changes internal addresses, which might not be routable, to a valid external address for delivery over a public network. It also changes the external address to an internally useable format. NAT provides a basic type of firewall by hiding internal IP addresses.
•
•
•
•
•
•
•
•
•
•
•
•
Intrusion Detection System (IDS)A near real-time detection system either network-based, host-based or combination of both, that provides notification of an attack or exploit. It should promptly diagnose & notify the staff when an attack is in progress.
Remote Access Server (RAS), Access Control ServerEnables users to connect to a private network using a modem and supports protocols like TCP/IP, IPX, and NetBeui. VPN clients over the Internet to a corporation network are taking over traditional RAS connections.
Application GatewayAn application specific process providing proxy and translation services.It can apply security to specific applications, such as FTP and Telnet servers.
Content Inspection DeviceA device that inspects data for unwanted payloads (Virus), blocks specific URLs, blocks pre-identified ‘fingerprinted’ data, or performs key-word search & blocking. The device inspects both incoming and outgoing data.
Air Gap TechniquesA device that sits in between internal & external networks transferring data between the networks. Using shared memory to maintain a physical barrier between the networks. Imagine someone swapping floppy disks between two machines really quickly. Demilitarized Zone (DMZ)A segment of the network that sits between the Internet and an internal network's line of defense. Typically, the DMZ contains devices accessible to Internet traffic, such as Web (HTTP) servers, FTP servers, SMTP (e-mail) servers and DNS servers.
Ne
two
rk
9
7. Content Inspection
Source
Content Arriving from...
Internet Extranet
Intranet Internal
Disket tes or other exchangeable media
emai l
Web Page
Fi les
1
2Inbound
Inbound
Outbound
Internal
End User
PayloadMalicious Code
ViruesMacrosTrojans
Active contentMobile code
Unwanted ContentInappropriate
MaterialConfidential
SpamNon-Work related
Redundant messages(Jokes)
Large fi les(Videos)
ContentInspect ion
Engine
TechnologiesSignaturesHeuristics
Keyword search
Script based behaviorblocking & recognition
Pattern matching ofknown targets via
overlapping hash values
Support vectormachine analysis
Allow /Deny Lists(Web site or E-mail)
Full Word Relationship
Scanning
DDRTM
(Dynamic Document Review)
Th
rea
tsC
ryp
tog
rap
hy
10
8a. Data in Motion Security
I P s e c H o s tAny Networked Device
E N DS T A T I O N
( E . S . )
a ) VPN ( V i r t u a l P r i v a t e N e t w o r k )
E N DS T A T I O N
(E.S.)I N T E R M E D I A T E
S T A T I O N(I.S.)
NetworkServer
E d g e D e v i c e(Firewall/Router)
C e r t i f y i n gA u t h o r i t y
(Issues, Revokes Certificates)
I P s e cM a n a g e r
(Creates, Modifies, DeletesSecurity Associations/Rules)
I n t e r n e tC l o u d
V P N - V i r t u a l P r i v a t e N e t w o r k ( Tu n n e l - M o d e )
E n d - t o - E n d ( T r a n s p o r t - M o d e )
I n s i d e C o r p o r a t eN e t w o r k - I n t r a n e t
LT2P
LNS
PPP IP
Ne
two
rk
11
8b. Data in Motion Security, (continued)
I P S e c a n d S e c u r i t y
T u n n e l M o d e
Pol icy Agent
Appl icat ion
Transpor tTCP/UDP
IPSec Driver
IKE
User1 on host A
Pol icy Agent
Appl icat ion
Transpor tTCP/UDP
IPSec Driver
User2 on host B
Director ySer vices
IPSec Driver IPSec Driver
Securi ty Associat ion Securi ty Associat ion
IP Securi tyPol icy
IP Securi tyPol icy
IKE
SANegot iat ion
KeyExchange
IP HDR Data IP HDR Data
IP HDR
Encr ypted
IPSec HDRNew IP HDR Data
T r a n s p o r t M o d e
IPSec HDR
Encr ypted
IP HDR Data
IP LayerEncr ypted IP packets
b) IPSEC ( I E T F s t a n d a r d )
Th
rea
tsC
ryp
tog
rap
hy
12
8c. Data in Motion Security, (continued)
c ) SSL ( T L S )
SSL/TLS (https://)
First time exchange of messages with no client authenticationno session id, no client authentication
Message Type Direction Data Transferred
Client-hello C>S challenge data
Server-hello C<S connection-id, server-certificate, cipher-specs
Client-master-key C>S cipher-kind, clear-master-key, {secret-master-key}
server-public-key
Client-finish C>S {connection-id} client-write-key
Server-verify C<S {connection-data} server-write-key
Server-finish C<S {session-id} server-write-key
Browser
Ne
two
rk
13
9. Best Practices
Rules to Live by
1. Top Management MUST buy into the security initiative
2. Meet standard of due care
3. Some degree of security is better than nothing
4. Nothing is completely secure, so why aim for perfection
5. You’re only secure as your weakest link
6. Security is an Investment, not an expense
7. Protect “valuable” assets against probable threats
8. Layer security solutions by users & app plus logical entities
1.Preparation Create Security Usage PolicyConduct Risk AnalysisEstablish a Security Team Structure
2.Prevention Approving Security Changes/ModificationsOngoing Monitoring & Administration
3. Response Security ViolationsRestoration Review & Forensics
Developing a Plan
Securityarchitecture
guide
Periodic re-evaluation
Incidentresponse
procedures Acceptableuse policies System
administrationprocedures
Security Usage Policy
Riskassessment
Businessneeds
assessment
Administrative Authority
Local Comm Systems
Intranet
End Systems
Internet
Th
rea
tsC
ryp
tog
rap
hy
14
10a. Wireless Security Issues
Personal Area Network (PAN) & Local Area Network (LAN) (in building, campus, airport…)
Metropolitan & Wireless-Carrier(almost anywhere, cities…)
V.
Threats
Security Protocols
Threat: Employees cobbling together wireless net without IT involvementProtection: Notify employee of corp. regulations and scan for devices
Threat: Denial-of-Service via powerful interference transceiverProtection: Very expensive tempest or faraday environment or use of spread spectrum transmission –
(direct sequences)
Threat: Spamming a carrier’s wireless customersProtection: Use content filtering technology (BrightMail)
Threat: Eavesdropping (2-5 MHz at 1w) Protection: Link-level ciphering by MAC-entitiesThreat: Location independence, attacker’s physical location flexibility Protection: Authentication mechanism is critical
Services
802.11 WEP
Free-Based Local Area Access, Network Management, AntiVirus, Content Filtering, Vulnerability Assessment, IDS
Accounting, Billing, WAP, SMS (Short Message Service),AntiVirus, Content Filtering, Vulnerability Assessment, IDS
WAP (WTLS, WPKI)TDMA (EPE: Enhanced Privacy and Encryption)SME: Message Encryption, CMEA: Cellular Message Encryption AlgorithmCAVE: authentication algorithm, DCCH: Digital Control ChannelDTC: Digital Traffic Channel keys, VPM: Voice Privacy Mask
Device O/S
MS-Windows, Palm, PocketPC (MS-CE), Psion, EPOCGeneral OEMed Multivendor: Palm, PocketPC (MS-CE), EPOCMOBILE PHONE PROPRIETARY: Nokia, Motorola, Ericcson…Other: iMODE (DoCoMo), StarFISH
Transmission
IEEE 802.11, IrDA, BlueToothVOICE-CENTRIC W/SLOW DATA: TDMA, CDMA, GSMDATA-CENTRIC W/VOICE: CDPD, EDGE, GPRSBROADBAND VOICE/DATA: UTMS (3G-G3PP, 3GPP/2)
Ne
two
rk
15
10b. Wireless Security Issues (continued)
Transmission
IEEE 802.11, IrDA, BlueToothVOICE-CENTRIC W/SLOW DATA: TDMA, CDMA, GSMDATA-CENTRIC W/VOICE: CDPD, EDGE, GPRSBROADBAND VOICE/DATA: UTMS (3G-G3PP, 3GPP/2)
Bluetooth Security (Trusted Device)
User Interface
HCI
Link Manager/Link Controller
Application
1. Connect request to L2CAP2. L2CAP request access from the security manager3. Security manager: lookup in service database4. Security manager: lookup in device database5. If necessary, security manager enforces authentication
and encryption6. Security manager grants access7. L2CAP continues to set-up the connection
RFCOMM(or other multiplexing protocol)
Application Application
Query Registration
GeneralMgmtEntity
ServiceDatabase
L2CAP
Legend
SecurityManager
DeviceDatabase
1
24
5
7
6
3
Th
rea
tsC
ryp
tog
rap
hy
16
11a. Incident Response
Computer Forensics (After the fact, Preserve data for admissibility)
Rules1. Never mishandle evidence2. Never work with the original evidence by using Ghost to make copy disks and work
with ghosted copy3. Never trust the suspect’s operating system, (use a forensic Boot Disk)4. Document everything!
Incident Response Sequence
1. Understand the extent and source of an intrusion2. Protect sensitive data contained on systems3. Protect the systems, the networks, and their ability to continue operating as intended4. Recover systems5. Collect information to better understand what happened6. Support legal investigations7. Communicate with all parties that need to be made aware of an intrusion and its progress8. Collect and protect information associated with an intrusion9. Apply short-term solutions to contain an intrusion10. Eliminate all means of intruder access11. Return systems to normal operation12. Identify and implement security lessons learned
Ne
two
rk
17
11b. Incident Response, (continued)
T i m e T 0 T 1
P o l i c y
P r e p a r e
A n a l y z e
C o m m u n i c a t e
C o l l e c t a n d P r o t e c t
C o n t a i n
E l i m i n a t e
R e t u r n
L e s s o n s
T 2 T 3 T n T n + 1
P r e p a r e
P o l i c y
Preparation & Response Timeline
Th
rea
tsC
ryp
tog
rap
hy
18
12. Glossary of Network Security Terms
• Access Control: Protection of system resources against unauthorizedaccess.
• Access Control List (ACL): the identities of the system entities that arepermitted to access the resource.
• Access Control List (ACL): A collection of access control entries thatdefine a hierarchy of access rules to be evaluated when a serverreceives a request for access to a particular resource. See access con-trol entry (ACE).
• Accountability: The property of a system (including all of its systemresources) that ensures that the actions of a system entity may betraced uniquely to that entity, which can be held responsible for itsactions.
• Administrative Security: The management constraints, operational pro-cedures, accountability procedures, and supplemental controls estab-lished to provide an acceptable level of protection for sensitive data.
• Administrator: The person who installs and configures one or more CMSmanagers and sets up privileged users, or agents, for them.
• AH (Authentication Header): provides connectionless integrity, dataorigin authentication, and an optional anti-reply service for IPsec.
• Assets: Information or resources to be protected.• Assurance: Grounds for confidence that an entity meets its security
objectives.• Attribute Value Assertion (AVA): An assertion of the form attribute =
value, where attribute consists of a tag, such as an (organization) orUID (user ID), and value consists of a value, such as “Symantec” or alogin name. AVAs are used to form the distinguished name (DN) thatidentifies the subject of a certificate (called the subject name of thecertificate).
• Authentication: Confident identification; that is, assurance that a partyto some computerized transaction is not an impostor. Authenticationtypically involves the use of a password, certificate, PIN, or other infor-mation that can be used to validate identity over a computer network.
• Authentication Data: Information used to verify the claimed identity ofa user.
• Authorization: to convey official sanction, access or legal power to anentity.
• Biometric Authentication: A method of generating authentication infor-mation for a person by digitizing measurements of a physical charac-teristic, such as a fingerprint, a hand shape, a retina pattern, a speechpattern (voiceprint), or handwriting.
• Call Back: An authentication technique for terminals that remotelyaccess a computer via telephone lines. The host system disconnectsthe caller and then calls back on a telephone number that was previ-ously authorized for that terminal.
• Classification Level: A grouping of classified information to which a hier-archical, restrictive security label is applied to increase protection of thedata.
• Clean System: A computer system in which the operating system andapplication system software and files have just been freshly installedfrom trusted software distribution media.
• Common Criteria: This standard addresses data confidentiality, dataintegrity, and availability and may apply to other aspects of security. Itfocuses on threats to information arising from human activities, mali-cious or otherwise, but may apply to non-human threats. It applies tosecurity measures implemented in hardware, firmware, or software.
• Computer Emergency Response Team (CERT): An organization thatstudies computer and network INFOSEC in order to provide incidentresponse services to victims of attacks, publish alerts concerning vul-nerabilities and threats, and offer other information to help improvecomputer and network security.
• Confidentiality: the act of keeping something private and secret fromall but those who are authorized to see it.
• Configuration Control: The process of regulating changes to hardware,firmware, software, and documentation.
Ne
two
rk
19
12. Glossary of Network Security Terms
• Contingency Plan: A plan for emergency response, backup operations,and post-disaster recovery.
• Credentials: something that provides a basis for credit or confidence.• Data Integrity: The property whereby has not been changed,
destroyed, or lost in an unauthorized or accidental manner.• Directory Access Protocol (DAP): An OSI protocol [X519] for commu-
nication between a Directory. User Agent (a client) and a DirectorySystem Agent (a server).
• Disaster Plan: A synonym for “contingency plan”.• DNSSEC (Domain Name System Security Working Group): a pro-
posed IETF draft that will specify enhancements to the DNS protocol toprotect the DNS against unauthorized modification of data and againstmasquerading of data origin. It will add data integrity and authentica-tion capabilities to the DNS via digital signatures.
• Domain: Security usage: An environment or context that is defined bya security policy, security model, or security architecture.
• Dual Control: A procedure that uses two or more entities (usually per-sons) operating in concert to protect a system resource.
• Electronic Commerce: General usage: Business conducted throughpaperless exchanges of information, using electronic data interchange,electronic funds transfer (EFT) other paperless technologies.
• End-to-End Encryption: Continuous protection of data that flowsbetween two points in a network.
• ESP (Encapsulating Security Payload): a vehicle for access controlbased on distribution of cryptographic keys that provides data confi-dentiality and limited traffic flow confidentiality.
• Extranet: A computer network that an organization uses to carry appli-cation data traffic between the organization and its business partners.
• Evaluation Assurance Level (EAL): A package consisting of assurancecomponents from Part 3 that represents a point on the CommonCriteria predefined assurance scale.
• Filtering Router: An internetwork router that selectively prevents thepassage of data packets according to a security policy.
• Firewall: An internetwork gateway that restricts data communicationtraffic to and from one of the connected networks.
• Honey Pot: A system (e.g., a web server) or system resource (e.g., afile on a server), that is designed to be attractive to potential crackersand intruders, like honey is attractive to bears.
• https: HTTP enhanced by a security mechanism, which is usually SSL.• Identity-Based Security Policy: A security policy based on the identities
and/or attributes of users, a group of users, or entities acting onbehalf of the users and the resources/objects being accessed.
• IETF (Internet Engineering Task Force): An open standards group char-tered by the Internet Society (ISOC) which has a working group dedi-cated to security. (ietf.org)
• INFOSEC: security measures that implement and assure security servic-es in computer systems.
• Integrity: assurance that data is not modified (by unauthorized per-sons) during storage or transmittal.
• Internet Protocol security (IPsec): Architecture specifing (a) securityprotocols (AH and ESP), (b) security associations (c) key manage-ment (IKE), and (d) algorithms for authentication and encryption.
• Intrusion Detection: A security service that monitors and analyzes sys-tem events for the purpose of finding, and providing real-time or nearreal- time warning of, attempts to access system resources in an unau-thorized manner.
• IPsec (Internet Protocol Security): an IETF standard for TCP/IP layersecurity that provides encryption, host authentication and data integri-ty.
• ISA/KMP (Internet Security Association, Key Mgt. Protocol): definesthe procedures for authenticating a communicating peer, creation andmanagement of Security Associations, key generation techniques, andthreat mitigation (e.g., denial of service and replay attacks).
Th
rea
tsC
ryp
tog
rap
hy
20
12. Glossary of Network Security Terms
• Layer 2 Tunneling Protocol (L2TP): An Internet client-server protocolthat combines aspects of PPTP and L2F and supports tunneling of PPPover an IP network.
• L2 CAP (logical Link Control and Adaption Protocol): A protocol lay-ered over baseband protocols at the data link layer, providing connec-tion and connectionless data ervices.
• Lightweight Directory Access Protocol (LDAP): A client-server protocolthat supports basic use of the X.500 Directory.
• Link encryption: Stepwise protection of data that flows between twopoints in a network, provided by encrypting data separately on eachnetwork link,
• Login: The act of a system entity gaining access to a session in whichthe entity can use system resources.
• Non-Repudiation Service: A security service that provide protectionagainst false denial of involvement in a communication.
• Object Identifier (OID): An official, globally unique name for a thing,written as a sequence of integers.
• On-line Certificate Status Protocol (OCSP): An Internet protocol usedby a client to obtain from a server the validity status and other infor-mation concerning a digital certificate.
• One-Time Password (OTP): Authentication technique in which eachpassword is used only once.
• Orange Book: the National Computer Security Center book entitled“Department of Defense Trusted Computer Systems EvaluationCriteria” that defines security requirements.
• OSCP: (Online Certificate Status Protocol): An internet standard forverification of an X.509 cert in PRIX. An excellent real-time validitycheck over basic CRLs.
• Password: A secret data value, usually a character string, that is usedas authentication information.
• Payment Gateway: SET usage: A system operated by an acquirer forthe purpose of providing electronic commerce services to the mer-chants.
• Penetration Test: A system test, often part of system certification, in whichevaluators attempt to circumvent the security features of the system.
• Point-to-Point Tunneling Protocol (PPTP): Client-server protocol thatenables a dial-up user to create a virtual extension of the dial-up linkacross a network by tunneling PPP over IP.
• Protection Profile (PP): An implementation-independent set of securityrequirements for a category of TOEs that meet specific consumerneeds.
• Proxy Server: A computer process that relays a protocol between clientand server computer systems, by appearing to the client to be the serv-er and appearing to the server to be the client.
• Public-Key Certificate: Digital certificate that contains a sequence ofdata items and has a digital signature computed on that sequence.
• RADIUS (Remote Authentication Dial-In User Service): an IETF pro-tocol (developed by Livingston, Enterprise), for distributed security thatsecures remote access to networks and network services against unau-thorized access. RADIUS comprised of two pieces: authentication serv-er code and client protocols.
• Risk: An expectation of loss expressed as the probability that a particu-lar threat will exploit a particular vulnerability with a particular harmfulresult.
• Root:1) A CA that is directly trusted by an end entity, or the CA that is the high-
est level. 2) A user account that has all privileges (including all security-related
privileges) and thus can manage the system and its other useraccounts.
• SCEP: (Simple Certificate Enrollment Protocol): a PKI communicationprotocol which leverages existing technology by using PKCS#7 andPKCS#10 to secure issuance of certificates to network devices in a scal-able manner.
Ne
two
rk
21
12. Glossary of Network Security Terms
• Secure Socket Layer (SSL): A protocol that allows mutual authentica-tion between a client and server and the establishment of an authen-ticated and encrypted connection. SSL runs above TCP/IP and belowHTTP, LDAP, IMAP, NNTP, and other high-level network protocols.
• Security: The condition of system resources being free from unautho-rized access and from unauthorized or accidental change, destruction,or loss.
• Security Architecture: A plan and set of principles that describe (a) thesecurity services that a system is required to provide to meet the needsof its users, (b) the system elements required to implement the serv-ices, and (c) the performance levels required in the elements to dealwith the threat environment.
• Security Audit: An independent review and examination of a system'srecords and activities to determine the adequacy of system controls,ensure compliance with established security policy and procedures,detect breaches in security services, and recommend any changes thatare indicated for countermeasures.
• Security Clearance: A determination that a person is eligible, under thestandards of a specific security policy, for authorization to access sen-sitive information or other system resources.
• Security Perimeter: The boundary of the domain in which a securitypolicy or security architecture applies.
• Separation of Duties: The practice of dividing the steps in a systemfunction among different individuals, so as to keep a single individualfrom subverting the process.
• Secure Electronic Transaction (SET): A protocol to provide confiden-tiality of transaction information, payment integrity, and authenticationof transaction participants for payment card transactions over unse-cured networks, such as the Internet.
• Single Sign-On: A system that enables a user to access multiple com-puter platforms or application systems after being authenticated justone time.
• SKIP (Simple Key for IP): simple key-management for Internet pro-tocols, developed by Sun Microsystems, Inc.
• Smart Card: A credit-card sized device containing one or more integrat-ed circuit chips, which perform the functions of a computer's centralprocessor, memory, and input/output interface.
• SMS (short message service): A globally accepted wireless service fortransmitting alphanumeric messages between mobile and external sys-tems.
• SOCKS: An Internet protocol [R1928] that provides a generalized proxyserver that enables client-server applications.
• Survivability: The ability of a system to remain in operation or exis-tence despite adverse conditions.
• Standards for Interoperable LAN/MAN Security (SILS): A developingset of IEEE standards including security management, Secure DataExchange protocol, Key Management, SDE Sublayer Management,SDE Security Labels, and PICS Conformance.
• Strength of Function (SOF): A qualification of a TOE security functionexpressing the minimum efforts assumed necessary to defeat itsexpected security behavior by directly attacking its underlying securitymechanisms.
• S/WAN (Secure Wide Area Network): RSA Data Security, Inc. drivenspecifications for implementing IPSEC to ensure interoperability amongfirewall and TCP/IP products. S/WAN's goal is to use IPSEC to allowcompanies to mix-and-match firewall and TCP/IP stack products tobuild Internet-based Virtual Private Networks (VPNs).
• System Integrity: “The quality that a system has when it can performits intended function in a unimpaired manner, free from deliberate orinadvertent unauthorized manipulation.”
• TACACS+ (Terminal Access Controller Access Control System): a pro-tocol that provides remote access authentication, authorization, andrelated accounting and logging services, used by Cisco Systems.
Th
rea
tsC
ryp
tog
rap
hy
22
12. Glossary of Network Security Terms
• Target of Evaluation (TOE): An IT product or system and its associatedadministrator and user guidance documentation that is the subject ofan evaluation.
• TEMPEST: A nickname for specifications and standards for limiting thestrength of electromagnetic emanations from electrical and electronicequipment and thus reducing vulnerability to eavesdropping.
• TLS (Transport Layer Security): an IETF draft, version 1 is based on theSecure Sockets Layer (SSL) version 3.0 protocol, and provides com-munications privacy over the Internet.
• Threat Analysis: An analysis of the probability of occurrences and con-sequences of damaging actions to a system.
• Token: An object that is used to control access and is passed betweencooperating entities in a protocol that synchronizes use of a sharedresource.
• TOE Security Functions (TSF): A set consisting of all hardware, soft-ware, and firmware of the TOE that must be relied upon for the correctenforcement of the TSP.
• Transport Layer Security (TLS): Internet protocol [R2246] based-onand very similar to SSL Version 3.0.
• Transport Mode: The IPsec protocol encapsulates the packets of upper-layer protocols.
• Trust: The extent to which someone who relies on a system can haveconfidence that the system meets its specifications.
• Tunnel: A communication channel created in a computer network byencapsulating (carrying, layering) a communication protocol's datapackets in (on top of) a second protocol that normally would be carried above,or at the same layer as, the first one.
• Tunnel-Mode IPsec: A secure connection between an End Station (ES)and an Intermediate Station (IS), or between two IS devices, alsoknown as a VPN.
• Validate: When referring to a process intended to establish the sound-ness or correctness of a construct.
• Validation: a means to provide timeliness of authorization to use ormanipulate information or resources.
• Verification: to authenticate, confirm or to establish accuracy.• Verify: When referring to a process intended to test or prove the truth
or accuracy of a fact or value.• Value-Added Network (VAN): A computer network or subnetwork that
transmits, receives, and stores EDI transactions on behalf of its cus-tomers.
• Virtual Private Network (VPN): A restricted-use, logical (i.e., artificialor simulated) computer network that is constructed from the systemresources of a relatively public, physical (i.e., real) network (such asthe Internet), often by using encryption and often by tunneling linksof the virtual network across the real network.
• VRRP (Virtual Router Redundancy Protocol): An election protocol thatdynamically assigns responibility for one or more virtual router(s) tothe VRRP router(s) on a LAN, allowing several routers on a multiaccesslink to utilize the same virtual IP address.
• WHOIS: An Internet utility that returns information about a domainname or IP address.
• XTACACS: An extension to the TACACS protocol (developed by Cisco)which permits sending and authenticating SLIP/PPP requests,CHAP/ARAP authentication etc.
Ne
two
rk
Th
rea
tsC
ryp
tog
rap
hy
23
Security Threats Reference
24
1. Threat Categories
S E C U R I T Y T H R E A T S
Insiders likeDisgruntledEmployees
Outsiders likeCrackersHackers
Natural Disasters
IgnorantEmployees
(Hardware/Software/Network)Bugs, Trap Doors
Product Failure (MTBF)A/C or Power Failure
(events that can be open security Breaches)
Floods FiresEarthquakesHurricanes
Human
Malicious Non-Malicious
Non-Human
Th
rea
tsN
etw
ork
25
2. Profiles (Who’s breaking in?)
Cry
pto
gra
ph
y
The Culprits Skill Knowledge of target Resources Motivation
Corporate Spies Med- High Med - High Med - High Financial, Competitive Gain
Governments High Med - High High National Interests(Intelligence Agencies)
Insiders Med High Med Financial, Revenge(Employees, Contractors) NOTE: Usually they have authority and access to some degree
Terrorists High Med Med - High Religious, Political Ideals
Career Criminals Med - High Med Med Financial, control/power
Hackers• Novice Low Low Low Intellectual curiosity, recognition
(Script Kiddie, Wannabe) NOTE: They have lots of time and are dangerous because they don’t always know what they are doing• Black Hat Med - High High Med Recognition, professed security
(Malicious) improvement• Grey Hat Med - High Med Med Playing both black & white hat
roles, for hire or not• White Hat Med - High No target Med Improved Security
(Noble or Old-school) (but write tools that are used by Novices)
• Hacktivist Med - High Med - High Lo - Med Political activist wanting to makea statement
26
3. Info Gathering Techniques
Th
rea
tsN
etw
ork
• Social Engineering techniques to gather account numbers, passwords, etc.• Accessing Public Material
1. Government websites, search engines, InterNIC and other online services2. Bulletin boards, log-in screens, phone directories, articles, news clippings,
financial statements3. Investigative services
• IP Address Scanning; ping, TJping, traceroute• Port Scanning; Ultrascan, NMAP, Slow Scan Attack, used to avoid detection• Utilities & Unix/NT Commands; Finger, Netstat, Rpcinfo, nslookup, whois, Browser to View Source,
Telnet to connect to any available port and see what you get, for example s/w version numbersexpn root @foo.com, rlogin, rsh, rexecd, look for /etc/shadow, /etc/passwd, /etc/aliases and try to mail these files back to yourself
• Man-in-the-middle;Packet sniffing via protocol analyzers (ethfind, sniff, netmon, tcpdump, for example) that have:
1. Physical network access: tapping in via a phone closet, unused network jack, or cable modem2. Compromise a host in the network path3. Rerouting data via spoofed RIP, DNS, or ICMP redirect packets
• War Dialing; an automated tool that finds internal modems to exploit. ToneLOC, AIO, Modem Hunterand Demon Dialer are other examples
• Rogue Applications; GetAdmin, NetBUS, BackOrifice to get info, passwords...• Dumpster Diving; After hours digging through corporate trash• Shoulder Surfing; or overhearing conversations on Airplane, Bus, Restroom, anywhere in public• Malicious Web Crawlers; search internet for vulnerable web sites (ie cgi bin vulnerabilities)
27
4. Impersonation / Spoofing
Cry
pto
gra
ph
y
Type of spoof
Anonymous remailer
Login
Routing
Third party
DNS spoofing
IP address
Session hijacking
Web spoofinghttp://www.cs.princeton.edu/sip/pub/spoofing.html
How to prevent it
Check source IP address of rawmessage or use digital signatures
Use digital signatures
Protect passwords or use strongauthentication
Don't use them with untrusted networks
Have InterNIC authenticatechanges to yourdomain
Use modified DNS that doesn'tcache entries
Block trusted internaladdresses from entering yournetwork
Encrypt sessions
Disable JavaScript, make sureyour browser's location line isalways visible, pay attention tothe URL’s displayed
Why it can happen
No authentication in SMTP
No authentication in SMTP
Careless with passwords
No authentication in RIP, ICMPredirects, sourcerouted packets
InterNIC doesn't fully authenti-cate unlesscustomer requests it
No authentication in DNS
Source address is rarelychecked.
Authentication already occurred
A "man in the middle attack"where the attacker rewrites allof the URLs on some Web pageso that they point to the attack-er's server rather than to somereal server
Scenario
Send bogus message with afake “From” line to an SMTPserver
Attacker sends email viaanonymous remailer account
Use someone else's login andpassword to get on a host
Send bogus RIP or ICMP redi-rect packets to a router, or senda source-routed packet to a host
Send bogus email to theInterNIC requesting bogusdomain name change oralternate IP address
Send an unsolicited replycontaining a bogus domainname/address pair to victim'sDNS server
Send a packet with a bogussource IP address to a trustinghost
Attacker inserts bogus packetsinto an established sesson,HUNT and Juggernaut areexamples
Attacker creates a “shadowcopy” of the entire website,traffic is funneled through theattacker’s machine, allowingmonitoring of the victim’sactivities, passwords, accountnumbers
28
5. Social Engineering (Attacks against people)
Th
rea
tsN
etw
ork
Authority Attack(with or without artifact)Using fake badge, utility service outfit to gaininfo or access or identify a key individual byname/title as supposed friend or acquaintanceor claiming authority and demandinginformation (impersonation)
Zero-Sum Knowledge AttackBaiting someone to add, deny or clarify pseudoknowledge of the attacker, claiming to knowmore than you do, to solicit more info
Exaggerated/Knee-jerk ResponseAttackMaking an outlandish lie in order to get aninformational response
Persistent AttackContinuos harassment using guilt, intimidationand other negative waysto reveal info
Stake-Out Attack Analyzing activity over time, people movement& actions, deliveries of supplies
The 10 AttackUsing a sexually attractive individual to gain infoor access
Rubber-Hose AttackBrute force, threatening, gun-to-head or blackmail
Pay-olla AttackBribery, plain and simple $$$
“The boy who cried wolf” AttackSetting off a series of false alarms that cause thevictim to disable their own alarm system
Help Desk AttackImpersonating a current or new end-user needinghelp with access to a net/server
“Go with the Flow” AttackCrowded venues are a great time and place togain access and information, such as a corporateparty that has hundreds of employees, just act likeyou’re one of them
Fake Survey/Questionnaire AttackWin a free trip to Hawaii, just answer these ques-tions about your network
12
3
6
9
C l a s s e s o f V i r u s e sPure Virus Malicious program that inserts some or all of its own code into another file. These "infected" files are usually program files or data files that contain executable content.
Worm Malicious program that has the ability to distribute itself to other users. The most common method of distribution is email.Trojan Horse Malicious program that masquerades as a useful or fun program, but actually performs malicious activity, such as destroying data.
Although there are three distinct classes of malicious programs, sometimes virus writers create programs that have attributes of more than one class, such as a trojan horse that deletes files and sends itself out to other users via email.
29
6. Computer Virus
Cry
pto
gra
ph
y
Malicious Activity
Network-awareinfection
Mass mailing
File destruction
Data export
System interception
Hardware damage
Visual payload
Backdoor/remote con-trol
Social engineering
Description
The ability to enumerate available network file stores andinfect files on those stores.
Sends emails out to other users, usually with the maliciouscode body embedded in or attached to the email.
Various files are removed from the system or corrupted.The files that are targeted for deletion may be particularfile types or all files on the system.
Finds personal information, such as passwords or creditcard numbers, and sends it to a predetermined email orInternet location.
Hooks are inserted into various system components toallow monitoring or disabling of those components or possi-bly the alteration of their functionality. Sometimes hooksare used to automatically launch the malicious program.
Attempt to flash the BIOS or erase the CMOS settings.
Displays messages or graphics.
Once installed on a system, these threats “listen” forcommands coming from other computers and thenexecute them.
Method that the virus writer users to falsely describe themalicious program to the user so that the user will beenticed to run the program.
Symptoms
Infected files detected on file servers or systems with open shares. Viruseswith this capability can spread through a network rapidly.
Email servers become slower and sometimes crash. The impact these typesof threats have can be considered a denial of service attack.
Programs may no longer launch; data files may no longer be available; gen-eral system instability.
Generally there are no outward signs of this activity, other than possible higherInternet access charges.
Additional emails may be sent with normal outgoing mail; browser functional-ity may be limited or altered.
Power On Self Test may not begin, hard drives may not be properly identi-fied.
Various messages or graphical images may appear. New icons may appear inthe system tray.
Excess network traffic, unusual activity on IP/UDP ports. Threats that performdenial of service attacks often use these backdoor mechanisms to carry outthe attack.
The user may get an email that has an intriguing or enticing subject or mes-sage. Sometimes users encounter files that have been posted to news groupsthat purport to be pictures of a risque nature.
Examples
W32.Funlove, W32.HLLW.Bymer,Worm.ExploreZip
VBS.LoveLetter, Wscript.Kakworm,W32.Prolin.Worm, Worm.ExploreZip
W32.Kriz, Worm.ExploreZip, VBS.NewLove.A
Buddylist, PWSteal.Trojan
W95.MTX, W32.Navidad, Happy99.Worm
W32.Kriz, W95.CIHW32.Navidad, KeyPanic.Trojan,
Happy99.Worm
Backdoor.SubSeven, BackOrifice, NetBus
W32.Funlove, PrettyPark.Worm, Mypics.Worm
Note: Information on these and other malicious programs can be found on the Symantec AntiVirus Research Center Web site at http://www.sarc.com.
30
7. Avenues of Attack
C a b l eM o d e m
F r e eN e i g h b o r h o o d
V i c t i m s
I S D N
M o d e m
x D S L
E X T E R N A LT H R E A T
XYZ Co.
I N T E R N A LT H R E A T
PARTNEROF XYZ Co .
R o u t e r
M a i l G a t e w a y
W e b S e r v e rV P N
S e r v e r
V P N
M o d e m o r C o m S e r v e r
E m p l o y e e , C o n t r a c t o r o rA c c e s s t o a W i r i n g C l o s e t o n - s i t e
D N S
C o mS e r v e r
S y s t e mA d m i n i s t r a t o r
S w i t c h
B A C K D O O R
T R U S T E D L I N K
I n t e r n a l N e t
UNIVERS ITY
Innocen t th i rd par t i es
Company
ISP
Un ivers i ty Transpor ta t ion(Removable Media,
Jazz, Zip, CD)
I S P 1
R o u t e r
C o mS e r v e r
R e m o t eA c c e s sS e r v e r
H e a dE n d
D e v i c e
P O P
P O P
I S P 2
I N T E R N E T
I n d i r e c t i o n f o r t h e a t t a c k e r i s c r i t i c a l ,a k a c o v e r i n g y o u r t r a c k s
F R O N T D O O R
O u t s i d e I n s i d e
Th
rea
tsN
etw
ork
31
8. Vulnerabilities
1. Easily Guessed Passwords• Too short• Too simple (not using numbers, both cases
and special characters)• Using common (dictionary) words• Using simple tricks (adding a number
or reversing the login name)
2. Out of date Software(Security Patches Not Installed)
3. Misadministration of Systems• Services left on (lots of defaults come with
every OS)• Accounts not closed, or too many accounts• Default accounts left in• Trusted services not sufficiently restricted
4. Not Keeping Secrets• Writing passwords down
(where people can see them)• Sending confidential data in email
(it’s like a postcard!)• Using protocols that transmit passwords
in the clear(FTP, HTTP, POP3, Telnet, SNMP)
• Sending confidential data in FTP or HTTP
5. Untrained Personnel with lackof Security Awareness
• Naivete to social engineering techniques• Don’t understand reasons and methods for
protecting private information
6. Running Trusted ServicesOver Untrusted Networks
• NFS• Windows Disk Sharing• ‘R’ commands (rsh, rlogin, rexec)• X Windows
7. Trusting Protocols that don’t Authenticate
• DNS • ICMP Redirect• SMTP • Source Routing Option• RIP
8. Trusting things you get from others• Executable code (Trojan Horses, Virii)• Active content (a special form of
executable code.Examples: JavaScript, ActiveX, Java, Macros, PostScript)
• Input data to your scripts (may contain specialcharacters, hidden commands or overflowbuffers)
9. Stupid Vendor Tricks• Trapdoors left in• Security not designed in• Poor applied cryptography, or using
40-bit ciphers
Cry
pto
gra
ph
y
32
9. General Hacking
Th
rea
tsN
etw
ork
1. Exploit misadministration- Guess or use purloined password to access
account via hole in firewall or dial-up modem.- Access services left on that are insecure
TFTP, etc.- Use leftover debugging tool to gain access
phf.cgi, files.pl
2. Exploit software bugs- Buffer overflow to run malicious code- Insert special characters in input to
victim’s application or web page- Use debug options or trapdoors in
unpatched software- Use race condition to increase level of
access (get root or administrator)
3. Get victim to run Trojan Horseprogram (like a game or cutedisplay) to install backdoorprogram
NetBus, BackOrifice which givesattacker access.
4. Exploit features accessible from outside, or on client hosts
- Malicious code embedded inactive/mobile code
- Javascript (Use Excel CALL function,for example)
- ActiveX - Java- NTFS Streams - Postscript- Make CD with AutoPlay that installs virus or
backdoor program.
5. Misc. Hacker tools- Core dump analyzer- Hex editor- Modem Jammer: Prevents modem calls from
being traced- Netcat: An excellent TCP/UDP connection tool by
“The Hobbit” and weld pond
6. E-shoplifting
- Modified html returned to vendor site
Internal Data Network Structure or CPU cycles
Attack Disk Bandwidth BufferOverflow or crash Notes
Upload large files via FTP X Fill the disk with junk dataCausing large error messages in logs X X X Overflow disk or bufferSYN Flood X Lock up port for short timeTeardrop X X Overlapping IP fragmentsSmurf X Redirected broadcast, spoof IP
address of victim a sourceSnork X Send spoofed error message to NT RPC port 135UDP Bomb X X Spoof packet between echo and chargen portsOOB attack X X Uses bogus urgent data pointer valuesPing of Death X X Buffer overflow of the IP datagramFlood Ping X X Swamps the networkWinNuke X X Send garbage to port 139 on NTLand X X Send spoof of victim as sourceMailbombs, spam X X Overloading email server/gateway or user’s
mailbox
33
10. Denial of Service
Cry
pto
gra
ph
y
Distributed Denial of Service Attack (DDos)Examples: Trinoo, TFN, TFN2K, Stacheldraht
A very serious threat that involves many machines in a coordinated attack to exhaust bandwidth, router processing capacity and network stack resources to break connectivity1) Create a DDoS network of machines by breaking in, gain root access & remote control, install attack software2) Send command packets to instruct all captured machines about type of flood attack, duration and target address3) The network of DDoS machines send streams of packets (with forged source addresses) to the victim (i.e. smurf attack to provoke multiple echoes aimed at victim)
Examples: Mailbombs Aenima 2.0 ZERO LENGTH WinGenocide Nuker LiquidNukerSYN FLOOD WIN NUKE Wnuke5 Avalanche 3.0 4.0
34
11. Cracking
Th
rea
tsN
etw
ork
Light-weight(Easy “Brain Dead” Stuff)
• No password at all,and you’re in
• Look around for password written down on something
• Finding a "Joe" account User name=password
• Password derived fromUser name (5-10% effective)
• Use back door leftbehind by a previous attacker
Welter-weight(Mostly time consuming)
• Dictionary Attacks based on
1.Collegiate wordlist/namelist,
2. English wordlist3. International wordlist
& pattern list4. Substitution filters;
o=0, 1=!, for=4, to=2, E=3
• Examples of Password/Passphrase Guessing
Crack v5.0L0pht Crack v2.0 for NTNetBUSFastZip Password Jack the Ripper
Middle-weight (Requires both brains andcomputer resources)
• Bruteforce/Exhaustive Key Search
• Asymmetric/SymmetricCipher this may take a
very long time depending on key length
• 40-bit: Minutes
• 56-bit: Hours/Days
• 128-bit: Forget it!
• SSL PKCS#1
Saltine Cracker
Heavy-weight(Hard - Rocket Science)
• Linear Crypto Analysis
• Differential Crypto Analysis
• Ciphertext-only attack
• Known-plaintext attack
• Chosen-plaintext attack
• Adaptive chosen-plaintext attack
• Chosen Cipher-text attack
• Chosen-key attack
35
12. Hybrid Attacks
An infinite number of hybrid attacks exist that use any combination of methods in different sequences depending on the target, level of knowledge and expertise of the attaker(s). The vast majority of attacks are “Hybrid” and this panel understates the possible number of combinations!
A few examples... Note: 80% of breakins include steps involving exploiting 1) known holes not patched
Exploit:Modfy, Steal, Destroy...DDoS, Deface WebsiteManipulate Data,CopyIntellectual Property(HR database, Payroll Info,Credit Cards...)
Information Gathering
Port ScanningPacket SniffingSocial EngineeringWar Dialing
Break-In & Gain ControlExploit well known defects,weak configurations in O/SS's Password Guessing/Cracking install “rootkit”Add user & privilegesfor remote control
2) easy to guess passwords.
Cry
pto
gra
ph
y
36
13. Piracy & Digital Rights Management (DRM)
Th
rea
tsN
etw
ork
Two different ways to think about anti-piracy... 1) Try to prevent theft of Intellectual Property
2) Locate & audit Intellectual Property violations
Copying & Distributing… Noteworthy Organizations:
Software Cracking ‘time-out’ & lic. code utilities, “Shared valid Lic. Code”Music Napster, ‘on-the-fly’ format changing, Audio jackers (sound card hacks)Video Macrovision hacks, std. Copying & format converting techniquesDocuments, Pictures…Cut & paste, screen print & scan, simple photo editor & scanners
DRM & Anti-Piracy Technology:Steganography & Watermarks: Embedded information within any type of digital content prior to distribution, hidden from detection. The files (images, executable software,
music…) can be sent without anyone knowing what lies inside unless they possess the specific utility and decipher keys to unlock and view the hidden info, like a legal Trademark or
Copyright notice.
Vendor Schemes & Proprietary Viewers: Combining both hardware and software technology to prevent piracy, i.e. gaming industry devices with unique ‘game cartridges’.
Other schemes: SDMI Portable Device, IBM cryptolope™, Adobe Acrobat Reader…
Software Audit & Metering Tools: Utilities that determine software license compliance. These tools can help networks stay legally compliant within all manufacturer's
software agreements thus reduce costs by allowing organizations to only purchase the software they need.
License & Asset Mgt Tools: License management involves the distribution, allocation and control of licenses acquired from software vendors. Also these automated
network tools can collect asset and software information throughout an organization, track software license compliance, meter software usage and provide critical information for
software/hardware upgrade planning.
Digital Asset Management (www.digital-integrity.com): Overlapping ‘Hash’ values or ‘fingerprinting’ valuable digital assets can be located and track, including
every critical sentence, paragraph, table, or image within an organization or the entire Internet. It’s possible to detect copied information between any file format (text within .doc pasted
into .pdf or .ppt). This technology will find copyright infringed material on the Internet or simply block it from leaving the company at the gateway.
Business Software Alliancehttp://www.bsa.org/
Software & Information Industry Associationhttp://www.siia.net/
37
14. Noteworthy Organizations & Response Teams
Security Info, portals and moreCSI (Computer Security Institute) www.gocsi.comeSecurity Online www.esecurityonline.comInfoSysSec www.infosyssec.comNew Order neworder.box.skPacket Storm http://packetstorm.securify.comSearchSecurity www.searchsecurity.comSecurity Focus www.securityfocus.comTruSecureTM - ICSA www.truesecure.comWhitehats www.whitehats.com
Vulnerabilities listsSecurity Focus www.securityfocus.comCERT Coordination Center www.cert.orgCVE (Common Vulnerabilities & Exposures) cve.mitre.orgSANS Institute (System Administration, Networking, and Security) www.sans.org
Vendors & Managed Security ProvidersSymantec www.symantec.comSARC (Symantec Antivirus Research Center) www.sarc.comMicrosoft Security Group www.microson.com/securityCISCOTM Network Security Council www.cisco.com/securityISSTM X-Force xforce.iss.net@Stake www.atstake.comSecurify www.securify.comCounterpane www.counterpane.com
Certification CentersCheckmarkTM www.check-mark.comICSATM www.truesecure.comVB100% (West Coast Labs) www.av-test.com/Virus Test Center http://agn-www.informatik.uni-hamburg.de/vtc/Common Criteria http://csrc.nist.gov/cc/aa/aalist.htm
OrganizationsCERIAS www.cerias.purdue.eduCERT Coordination Center www.cert.orgCVE (Common Vulnerabilities & Exposures) cve.mitre.orgFIRST (Forum of Incident & Response Security Teams) www.first.comISSATM (Information Systems Security Association) www.issa-tntl.orgNSI National Security Institute www.nsi.orgSANS Institute (System Administration, Networking, and Security) www.sans.orgUSENIX / SAGE www.usenix.org
GovernmentDOJ (Department of Justice) www.usdoj.govFBI (Federal Bureau of Investigation) www.fbi.gov.scitech.htmICAT http://icat.nist.govNIST (National Institute of Stds & Technology) www.nist.govNSA (National Security Agency) www.nsa.gov
Miscellaneous Sites2600 magazme www.2600.comAntiOnline www.antionline.comArdent-Hacker.net www.ardent-hacker.netCult of the Dead Cow www.cultdeadcow.netDef Con www.defcon.orgDigiCrime www.digicrime.com/dc.htmlEFF (Electronic Frontier Foundation) www.eff.orgHack Factor X, “HFX” www.hfactorx.orgHacker News Network www.hackernews.comHappy Hacker www.happyhacker.orgTechnotronic www.technotronic.comThe Hideaway www.hideaway.netWebFringe www.webfringe.comAttrition www.attrition.orgInformation Assurance Technology Analysis Center iac.dtic.mil/iatac
Cry
pto
gra
ph
y
Observe, Copy, Steal Data• Sniffing, port scanning• Hack system access, gain access to credit cards• Exploit database, application
Modify, Corrupt, Change Content• e-Shoplifting by changing html• http based attacks• feed invalid data (enter wrong data)• exploit CGI bin holes• exploit unpatched O/S and webserver software holes
Disrupt, Degrade Denial• Denial of service attacks• Syn flood• Smurf attacks• DNS exploits
Masquerade, Impersonate• Spoofing• DNS exploits
38
15. Web Site Hacking
Th
rea
tsN
etw
ork
39
16. Physical Threats
1st, Gain Physical AccessG
ener
al
Sophis
tica
ted
2nd, The Attack- Breaking in by knocking down a door,
crowbar attack...
- Crawl under a computer raised floor, through ceiling space
- Picking a mechanical lock, obtaining or duplicating keys
- Activate Door Open button on the inside or slide flat panel under door to activate the motionunlock sensor
Stealing the computer, laptop at Airport or Back-up tape, disks and replacing with blanks
- Boot disk on locked system, NTFS2DOS.exe hack
- Unlocked wiring closets in public areas then sniff/destroy/whatever
- Dumpster diving for ‘deadtree’ items or media
- Recovering shredded/pseudo destroyed material
- Surveillance by either looking over someone’s shoulder "shoulder-surfing" high-powered photography, cameras for viewing, listening to PIN entries
- Circumvent Alarm System
- Motion, passive IR (temperature), microwave (reflection)
- Badge systems / card reader / FOBS / LC tuned circuits man-in-the-middle attack between ‘panel’ and ‘control machine’
- Hack card reader or duplicate cards - relatively easy - (12 bit Person Code, 8 bit Install code)
- Biometrics access control attack false positive (design flaws) hacks on fingerprint readers, replay
- Wire tapping & recording video or audio
- Trojan attacks (undetected/unattended agent)
- Keyboard typing, swap out keyboard for similar looking recording kb or one that sends data out by RF signal
- Smart card tampering, may be very difficult
- RF transmitter, van Eck radiation, CRT image capture
- Exploiting BIOS faults (special password, certain key combo)
- Obtaining keying material/private key of a CA, or local key ring then crack it
Cry
pto
gra
ph
y
40
17. Glossary of Security Threats Terms
LEGEND
Electronic Mail TCP / IP (Internet or Intranet)
Web Sites / Browser Applications
Person / Identity Computer / Device
Active attack: An attack which results in an unauthorized statechange, such as the manipulation of files or the adding of unau-thorized files or programs.
Active cheater: An attacker that is one of the parties involved inthe protocol and disrupts the process in an attempt to cheat(PKCS #1 SSL attack).
Anonymous remailer: usually an Internet email service, in which youcan send and receive email without knowing its origins (sender) orreceiver.Attack: An attempt to bypass security controls on a computer. Theattack may alter, release, or deny data. Whether an attack will suc-ceed depends on the vulnerability of the computer system and theeffectiveness of existing countermeasures.
Audit trail: In computer security systems, a chronological record of sys-tem resource usage. This includes user login, file access, other variousactivities, and whether any actual or attempted security violationsoccurred, legitimate and unauthorized.
Back Door: A hole in the security of a computer system deliberately leftin place by designers or maintainers. Synonymous with trap door; ahidden software or hardware mechanism used to circumvent securitycontrols. A secret way to enter a computer or program that bypassesnormal operating mode.
Birthday attack: Based on the statistical probability that finding twoidentical elements in a known finite space, the expected effort takesthe square root of the key space number of steps. With only 23 peo-ple in a room, there is a better chance than even, that two have thesame birthday.
Black-Hat hacker: A criminal or malicious hacker, opposite of a whitehat hacker.
Data Diddling: The act of intentionally entering false information into asystem or modifying existing data. Also known as a darkside hacker.
Bomb: A general synonym for crash, normally of software or operatingsystem failures.
Brute force attack: Typically a known-plaintext attack that exhausts allpossible key or password combinations.
Carding: The act of generating and or creating phony credit cards or call-ing cards, usually by knowing something about the card numberingalgorithm.
Chosen ciphertext attack: A cryptanalytic attack by choosing knownciphertext to be decrypted and have access to the decrypted plaintext.For example, having access to a tamperproof blackbox that doesautomatic decryption.
Chosen-key attack: The attacker does not possess the key, but onlysome knowledge about the relationship between different keys. This isan obscure and usually impractical attack.
Correlation attack: Combining the output of several stream ciphertextsequences in some nonlinear manner. Thus revealing a correlation withthe combined keystream and attacked using linear algebra.
Countermeasures: An active process that responds to an attack, puttingup a defense or launching a retaliatory response.
Th
rea
tsN
etw
ork
41
17. Glossary of Security Threats Terms
Crack: A popular hacking tool used to decode encrypted passwords.System administrators also use Crack to assess weak passwords bynovice users in order to enhance the security.
• Cracker: One who breaks into computer systems or accounts.• Cracking: The act of breaking into a computer system or account; what
a cracker does. Contrary to widespread myth, this does not usuallyinvolve some mysterious leap of hackerly brilliance, but rather persist-ence and the dogged repetition of a handful of fairly well-known tricksthat exploit common weaknesses in the security of target systems.
Craming: A subtle scam used to get someone to change telephone longdistance carriers without their knowledge.
Cryptanalysis: 1) The analysis of a cryptographic system and/or itsinputs and outputs to derive confidential variables and/or sensitivedata including cleartext. 2) Operations performed in convertingencrypted messages to plaintext without initial knowledge of the cryp-to-algorithm and/or key employed in the encryption.
Data driven attack: A form of attack that is encoded in innocuousseeming data that is executed by a user or a process to implement anattack. A data driven attack is a concern for firewalls, since it may getthrough the firewall in data form and launch an attack against a sys-tem behind the firewall.
Data mining (warehousing): The act of collecting information to builda database or personal dossier.
Demon dialer (see war dialer): A program, which repeatedly calls thesame telephone number. This is benign and legitimate for access to aBBS or malicious when used as a denial of service attack.
Denial of service: Action(s) that prevents any part of an informationsystem from functioning in accordance with its intended purpose.Usually flooding a system to prevent it from servicing normal and legit-imate requests.
Derf: Gaining physical access to a computer that is currently logged inby an absent minded individual.
Dictionary attack: Trying to discover a password by comparing a pass-word file with a list of known hashed values of password.
Differential linear cryptanalysis: A relatively new attack that com-bines both differential and linear cryptanalysis.
DNS spoofing: Assuming the DNS name of another system by eithercorrupting the name service cache of a victim system, or by compro-mising a domain name server for a valid domain.
Eavesdropping: Surreptitious interception of information sent over anetwork by an entity for which the information was not intended.
FIN attack: Using the FINish flag within the TCP header to tear down asession or as a method of stealth scanning against ports.
Firewall: A system or combination of systems that enforces a boundarybetween two or more networks. Gateway that limits access betweennetworks in accordance with local security policy.
Fork Bomb: (see Logic Bomb): Also known as Logic Bomb - Code thatcan be written in one line of code on any Unix system; used to recur-sively spawn copies of itself, "explodes" eventually eating all theprocess table entries and effectively locks up the system.Hacker: A person who enjoys exploring the details of computers and
how to stretch their capabilities. A malicious or inquisitive meddler whotries to discover information by poking around. A person who enjoyslearning the details of programming systems and how to stretch theircapabilities, as opposed to most users who prefer to learn only theminimum necessary.
Hacking: Unauthorized use, or attempts to circumvent or bypass thesecurity mechanisms of an information system or network.
Cry
pto
gra
ph
y
42
17. Glossary of Security Threats Terms
Hijacking (IP): An action whereby an active, established session isintercepted and co-opted by the unauthorized user. IP splicing attacksmay occur after an authentication has been made, permitting theattacker to assume the role of an already authorized user. Primary pro-tections against IP splicing rely on encryption at the session or networklayer.
ICMP Flood: A denial of service attack that sends a host more ICMPecho requests (“ping”) packets than the protocol implementation can
handle.Indirection: Covering your tracks so that the target cannot identify orprove who is attacking them.
Internet worm: A worm program that was unleashed on the Internet in1988. Robert T. Morris wrote it as an experiment that got out of hand.
Intrusion detection: Pertaining to techniques, which attempt to detectintrusion into a computer or network by observation of actions, securi-ty, logs, or audit data. Detection of break-ins or attempts either manu-ally or via software expert systems that operate on logs or other infor-mation available on the network.
IP spoofing: An attack whereby a system attempts to impersonateanother system by using a false source IP address.
Joe account: An account where the user name and password are thesame.
Keystroke logger: A program that records everything a user enters viaa keyboard.
Known-plaintext attack: The cryptanalyst has access not only to theciphertext of several messages, and also the plaintext. The challengeis to deduce the key or keys used to encrypt or an algorithm to decryptany new messages encrypted with the same key or keys.
Leapfrog attack: Use of user-id and password information obtained illic-itly from one host to compromise another host. The act of TELNETingthrough one or more hosts in order to preclude a trace (a standardcracker procedure).
Letterbomb: A piece of email containing live data intended to do mali-cious things to the recipient's machine or terminal. Under UNIX, a let-terbomb can also try to get part of its contents interpreted as a shellcommand to the mailer. The results of this could range from silly todenial of service.
Linear crypt analysis: An attack using linear approximations to describethe action of a block cipher. If you XOR some plaintext, XOR ciphertext,then the results, you get a single bit that is the XOR of some of thekey bits.
Logic Bomb: Also known as a Fork Bomb - A resident computer programwhich, when executed, checks for a particular condition or particularstate of the system which, when satisfied, triggers the perpetration ofan unauthorized act.
Mail bomb: The mail sent to urge others to send massive amounts ofemail to a single system or person, with the intent to crash the recip-ient's system. Mail bombing is widely regarded as a serious offense.
Malicious code: Hardware, software, of firmware that is intentionallyincluded in a system for an unauthorized purpose; e.g. a Trojan horse.
Man-in-the-middle: An active attack that typically is gaining informa-tion by sniffing or tapping a line between two unsuspecting parties.
Misrepresentation: The presentation of an entity as a person or organ-ization that it is not. For example, a web site might pretend to be afurniture store when it is really just a site that takes credit-card pay-ments but never sends any goods. Misrepresentation is one form ofimpersonation. See also spoofing.
Th
rea
tsN
etw
ork
43
17. Glossary of Security Threats Terms
• NAK attack: Negative Acknowledgment - A penetration technique whichcapitalizes on a potential weakness in an operating system that doesnot handle asynchronous interrupts properly and thus, leaves the sys-tem in an unprotected state during such interrupts.
Pagejacking: A masquerade attack in which the attacker copies (steals)a home page or other material from the target server, divertingbrowsers from the target server to the attacker’s server.
Packet sniffing: The act of monitoring the packets on a network seg-ment to pick up useful information like logins and passwords. See alsoSniffer.
• Passive attack: Attack, which does not result in an unauthorized statechange, such as an attack that only monitors and/or records data.
• Penetration: The successful unauthorized access to an automatedsystem.
Perimeter security: The technique of securing a network by controllingaccess to all entry and exit points of the network. Usually associated withfirewalls and/or filters.
Phage: A program that modifies other programs or databases in unau-thorized ways; especially one that propagates a virus or Trojan horse.
PHF hack: The phf.cgi script which comes with some web servers as adiagnostic tool can be used by an attacker to run other commands ata privileged level.
Phracker: An individual who combines phone phreaking with computerhacking.
Phreaker: An individual fascinated by the telephone system.Commonly, an individual who uses his knowledge of the telephone sys-tem to make calls at the expense of another.
Piggyback attack: The gaining of unauthorized access to a system viaanother user's legitimate connection.
Ping-of-Death: An attack using an echo request (ping) IP datagramwith over 65,507 bytes of data (creating an illegal, oversized IPdatagram). This buffer overflow causes some systems to crash or lockup.
Ping sweep: An attack that sends ICMP echo requests (“pings”) to arange of IP addresses, with the goal of finding hosts that can be probedfor vulnerabilities.
Port scanning: An attack that sends client requests to a range of serv-er port addresses on a host, with the goal of finding an active port andexploiting a known vulnerability.
Probe: Any effort to gather information about a machine or its users forthe apparent purpose of gaining unauthorized access to the system ata later date.
Prowler: A daemon that is run periodically to seek out and erase corefiles, truncate administrative log files, nuke lost & found directories, andotherwise clean up.
Replay attack: A attack in which a valid data transmission is malicious-ly or fraudulently repeated, either by the originator or by an adversarywho intercepts the data and retransmits.
Replicator: Any program that acts to produce copies of itself. Examplesinclude; a program, a worm, a fork bomb or virus. It is even claimedby some that UNIX and C are the symbiotic halves of an extremely suc-cessful replicator.
Retro-Virus: A retro-virus is a virus that waits until all possible backupmedia are infected too, so that it is not possible to restore the systemto an uninfected state.
Root kit: A collection of tools that allows a hacker to provide a backdoorinto a system, collect information on other systems on the network,mask the fact that the system is compromised, and much more.Rootkit is a classic example of Trojan Horse software.
Cry
pto
gra
ph
y
44
17. Glossary of Security Threats Terms
• Root: The highest level of access to a Unix computer.SATAN: Security Administrator Tool for Analyzing Networks - A tool forremotely probing and identifying the vulnerabilities of systems on IPnetworks. A freeware program which helps to identify system securityweaknesses.
Scanner/port scanning: An information gathering method or tool inwhich all possible port numbers are accessed to determine which serv-ices are running or available on a host.
Script-Kiddie: A person who aspires to be a hacker/cracker but has verylimited knowledge or skills related to information system. Usually asso-ciated with young teens that collect and use simple malicious programsobtained from the Internet.
Secure shell: A completely encrypted shell connection between twomachines protected by a super long pass-phrase.
Sequence number: A number used to coordinate an upcoming TCP ses-sion. Has been guessed as part of a spoofing attack.
Session hijacking: A sophisticated attack in which the attacker spoofsboth ends of a TCP session in progress, thereby gaining unauthorizedaccess to the session and system.
Slamming: The act of changing a telephone customer's long distanceservice provider without their knowledge or permission.
Shell: A software layer that provides the interface between a user andthe operating system of a computer.
Shoulder surf: To look over someone’s shoulder to view a passphraseor pin to gain access at a later time.
Smurfing: A denial of service attack in which an attacker spoofs thesource address of an echo-request ICMP (ping) packet to the broadcastaddress for a network, causing the machines in the network to responden masse to the victim thereby clogging its network.
Snarf: To grab a large document or file for the purpose of using it withor without the author's permission.
Sniffer/sniffing: A program running on a computer or device that'sattached to a network that filters, captures, and records network traf-fic, i.e. packets. Comes from a Network General (now NetworkAssociates) protocol analyzer product known as Sniffer.
Social engineering: A euphemism for non-technical or low-technologymeans such as lies, impersonation, tricks, bribes, blackmail, andthreats - used to attack information systems.
Spam: Unsolicited commercial email (UCE). The electronic mail equiv-alent of junk mail.
Spoofing: Pretending to be someone else. The deliberate inducement ofa user or a resource to take an incorrect action. Attempt to gain accessto a system by pretending to be an authorized user. Impersonating,masquerading, and mimicking are forms of spoofing.
Steganography: The practice of hiding secrets in otherwise normal look-ing data files, like JPEG pictures, etc.
Subversion: Occurs when an intruder modifies the operation of theintrusion detector to force false negatives to occur.
SYN flood attack: When the SYN queue is flooded, no new connectioncan be opened.
Threat: The means through which the ability or intent of a threat agentto adversely affect an automated system, facility, or operation can bemanifest. A potential violation of security.
Trapdoor: A hidden computer flaw known to an intruder, or a hiddencomputer mechanism (usually software) installed by an intruder, whocan activate the trap door to gain access to a computer.
Traffic analysis: Monitoring data or encrypted data to or from a specif-ic target to learn patterns.
Tripwire: A software tool that generates one way hash signatures ofsensitive files which are used to detect tampering or alteration.
Th
rea
tsN
etw
ork
45
17. Glossary of Security Threats Terms
Trojan Horse: An apparently useful and innocent program containingadditional hidden code which allows the unauthorized collection,exploitation, falsification, or destruction of data.
TTY watcher: A hacker tool that allows hackers with even a smallamount of skill to hijack terminals. It has a GUI interface.
Virus: A program that can "infect" other programs by modifying them toinclude a, possibly evolved, copy of itself.
Wannabe hacker: A novice hacker, see Script-Kiddie.
War dialer: A program that will automatically dial a range of telephonenumber looking for a modem/computer to answer. A program thatdials a given list or range of numbers and records those, which answerwith handshake tones, which might be entry, points to computer ortelecommunications systems.
White Hat Hacker: One who usually does not break into unauthorizedsystems, but they do sometimes write the tools that get used by thenovices and black hat hackers.
Whitemail: The dissemination of false information for financial gain viaemail.
Worm: Independent program that replicates from machine to machineacross network connections often clogging networks and informationsystems as it spreads.
Cry
pto
gra
ph
y
Cryptography Reference
Cry
pto
gra
ph
y
47
48
1. Basic Functionality of Crypto
Authentication:Who are you?
1 Authorization:Where are you al lowed to go?
2 Integrity:Not changed or modif ied
4Confidentiality:Privacy/Encr ypt ion
3
TOP SECRET
Non-Reputation:Digi ta l s ignature.
5Th
rea
tsC
ryp
tog
rap
hy
Ne
two
rk
49
2. Crypto Primary Function
S Y M M E T R I C K E YA L G O R I T H M
P U B L I C K E Y( A S Y M M E T R I C )
A L G O R I T H M
M E S S A G E D I G E S T( H A S H A L G O R I T H M )
( P r i v a t e & C o n f i d e n t i a l ) ( M e s s a g e I n t e g r i t y ) D IG I TA L S IGNATURESENCRYPT ION
StreamCipher
RC4SEALWAKEA5PKZIP
BlockCipher
DES, 3DESRC2, RC5, RC6 IDEACASTBlowfish,TwofishMARSRIJNDAEL (AES)Serpent
DiscreteLog
DSAECCDiffie-HellmanElGamal Encrytion,(Diffie-Hellman-Merkle-Vernam-ElGamal)
Factoring
RSA LUC
MD2MD5SHASHA-1RIPE-MD160
KeyManagement
ISA/KMPSKIPPhoturisDiffie-HellmanElGamalIKE(ISA/KMP w/OAKLEY)
Public-KeyInfrastructure
PKIXSPKISDSIPGPDNSSEC
( A u t h e n t i c / N o n - R e p u d i a t i o n )
50
3. Symmetric /Asymmetric Function
S y m m e t r i c ( C o n v e n t i o n a l ) E n c r y p t i o n
Shared Key
CiphertextEncryptionAlgorithm
DecryptionAlgorithm
PlaintextPlaintext
BobAlice
A s y m m e t r i c ( P u b l i c K e y ) E n c r y p t i o n
Box transportedto Bob.
Bob retrievesdocument.
Alice places documentin dual-key strongbox.
BobAlice
1
Alice locks box withBob’s publickey.
2
3
Bob unlocks boxwith his privatekey.
4
5
Th
rea
tsN
etw
ork
Cry
pto
gra
ph
y
51
4. Trust Models
H I E R A R C H I A L D I R E C T( P e e r t o p e e r )
Alice Bob
Leaf Node
Key Generator
Certificate Directory
Registration Authority
Name Server
CertificateCertificateAuthority
Bob and Aliceexchangekeys in asecure fashion.
1
Alice signsBob’skey andreturns it.
2
Bob sends Carol hiskey, signed by Alice.Carol can now trust Bob's key.
4
Carol and Aliceexchange keys in asecure fashion; Caroltrusts Alice as anintroducer
3
Alice
Bob Carol
B a s i c W e b o f T r u s t ( p r i m i t i v e )
T h i r d P a r t y S e r v i c e s
D I S T R I B U T E D( W e b o f T r u s t )
I f c e r t i f i c a t e ' s k e y i s c o m p r o m i s e d ,h o w m a n y o t h e r s d o e s i t a f f e c t
Affects One
Affects Few
Affects Many
Affects Very Many
Affects All
Signer SigneeCross-Signed
(signed one another)
Root CA
USA Japan France Brazil
Employer
Friend
JapanCorp.
Leaf Nodes
Individuals
You
Spouse
Individuals
USAGov.
USACorp.
BrazilUniv.
BrazilCorp.
FrenchGov.
52
5. Certificate Comparison
SIGNATURE: Spouse
SIGNATURE: Co-worker
SIGNATURE: Employer
• Packet header field • Timestamp• Version number • Signer Key ID• Length of following info, MD Calc.• Signature classification• Public-Key Type• Message Digest Algorithm• String of data holding the signed digest
USER ID: [email protected]
USER ID: [email protected]
• Packet header f ie ld• 255 character octe t s t r ing
( typical ly RFC 822)
S U B K E Y P A C K E T
• Packet header field• Similar to Main Public-Key Packet
SUBKEY S IGNATURE PACKET
• Packet header field• Similar to signature packet
P U B L I C K E Y P A C K E T
• Packet header f ie ld• Vers ion number• Timestamp of key creat ion• Val idi ty per iod• Publ ic-Key type (RSA, DSA, DH)• Key Mater ia l
ASSERT ION
P G P v 5 a n d l a t e r
VERSION (OF CERTIFICATE FORMAT)
CERTIFICATE SERIAL NUMBERCer t i f i ca t ionAuthor i ty ' s
Pr iva teKey
SIGNATURE ALGORITHM IDENTIFIER(FOR CERTIFICATE ISSUER'S SIGNATURE
ISSUER(CERTIFICATION AUTHORITY) X.500 NAME
VALIDITY PERIOD(START AND EXPIRATION DATES/TIMES)
SUBJECTX.500 NAME
ISSUER UNIQUE IDENTIFIER
ISSUER UNIQUE IDENTIFIER
SUBJECTPUBLIC KEY
INFORMATION
ALGORITHM IDENTIFIER
PUBLIC KEY VALUE
CERTIFICATION AUTHORITY'SDIGITAL SIGNATURE
CRITICAL FIELD VALUETYPE
NON-CRITICAL FIELD VALUETYPE
GenerateDigital
Signature
X . 5 0 9 v 3
EXTE
NSIO
NS
Th
rea
tsN
etw
ork
Cry
pto
gra
ph
y
53
6. Secure Messaging with Public Key Cryptography
AliceBobTo:
BobTo:
BobTo:
AliceBobTo:
BillJan Sue
Bob
Alice
Alice
AliceAlice
Alice
Router
Router
I N T E R N E T
Alice
Alice creates a message for Bob
1
Alice encryptsmessage with Bob’s public key
2
Compress message (ZIP)
C
Seal message (MD5, SHA1)
A
Alice signs message with her private key(RSA, DSA)
B
Encrypt message with randomsession key (IDEA,CAST, Triple DES) andBob’s public key(RSA, Diffie-Hellman)
D
Alice mails message (SMTP, X.400, etc.)
3
Bob retrieves message (SMTP, X.400, etc.)
4
Bob decrypts Alice’s message with his private key
5
Bob reads message
6
K E Y L E G E N D
Public Key
Private Key
S T E P 2 : T R A N S P A R E N T P R O C E D U R E
A
Decompress message (UNZIP)
C
Bob verifiesAlice’s signature with her public key (RSA, DSA)
B
Examine seal for tampering (MD5, SHA-1)
S T E P 5 : T R A N S P A R E N T P R O C E D U R E
54
7. Public-Key Infrastructure & Digital Certificates
Employee, Indiv idualor Device needs Cer t .
Generate Key-Pair(Local or Central )
Ident i fy At t r ibute(Name, Org, Emp#…)
Cer t i f icate Authori tyreceives request(Vet t ing Process)
Regis t rat ion Authori tyreceives request(Vet t ing Process)
Director y/Database/Reposi tor y(Publ ished Cer t i f icate)
Many combination of Locally Hostedor Remote Hosted Services
Cer t Created & Issued(Signing Process)
Status Not i f icat ion
Rejected
Approved
Reje
cted
Sta
tus N
oti
fica
tio
n
Retr
ieve C
ert
S T E P 1 : O B T A I N C E R T I F I C A T E S T E P 2 : U S I N G C E R T I F I C A T E
O C S P P R O C E S S
either
Pending(…)
ValidCertificate!
Cer tificate Authority Processing Center
Enterprise Network
Certificate StatusDatabase
Issuing CAOCSP Responder
SignedOCSP Response
AccessGranted!
End User
Cert
Resource
1. A user presents a certificate and requests to access a protected Enterprise resource. The request is signed with the user’s private key corresponding to their certificate. The Enterprise OCSP client and toolkit verify that the certificate chain and signature are correct.
2. The Enterprise OCSP client then composes and sends an OCSP request to the OCSP Responder of the Certificate Authority that issued the user’s certificate.
3. The CA OCSP Responder obtains the certificate status in real tirne from the certificate status database.
4. The CA OCSP Responder generates an OCSP response that states the certificate status, signs the response, and sends it to the Enterprise OCSP client.
5. The Enterprise OCSP client parses the response and verifies its signature to determine that the response is legitimate.
6. If the response states that the certificate is valid, the Enterprise OCSP client application verifies that the user is authorized for access to the resource. If so, the OCSP client grants the user access to the requested resource.
1 2
5
3
4Submit Cer t i f icateRequest (PKCS 10)
OCSP StatusRequest
OCSP Client and Toolkit
6
Th
rea
tsN
etw
ork
Cry
pto
gra
ph
y
55
8. Relative Strength Comparisons
Average Time for Exhaustive Key SearchKey Number of Time required Time required Length... Possible Keys at 1 encryption/µsec at 106encryptions/µsec
32 bits 232= 4.3 x 109 231µsec = ~36 min ~2 millisec56 bits 256 = 7.2 x 1016 255 µsec = 1142 yrs ~10 hours
128 bits 2128= 3.4 x 1038 2127µsec = ~5 x 1024
~5 x 1018 yrs
Average Times needed to search half the symmetric key-space(worst case scenario would be twice as long)
A T T A C K E R ’ S C A P A B I L I T Y
Key Individual Small Academic Large MilitaryLength Attacker Group Network Company Intelligence(bits) Agency
40 weeks days hours milliseconds microseconds56 centuries decades years hours seconds64 millennia centuries decades days minutes80 infeasible infeasible infeasible centuries centuries
128 infeasible infeasible infeasible infeasible millenniaAssumptions are based on 1997 technology:Individual Attacker: one high-end desktop machine and software
(217 – 2 24 keys/second)Small Group: 16 high-end machines and software
(221 – 2 24 keys/second)Academic Network: 256 high-end machines and software
(225 – 2 28 keys/second)Large Company: $1,000,000 hardware budget
(243 keys/second)Military Intelligence Agency: $1,000,000,000 hardware budget and advanced technology
(255 keys/second)
Brute Force Attack
Passphrase Guessing (dictionary attack) Using easy-to-remember English words results in approximately 1.3 bits of entropy per character,(word space) vs. purely random characters (total space).
Strong OK Weak example # of characters complexity word space total space time-to-break total space
“dogie” 5 25 (lowercase) 12 bits 23.5 bits 40 minutes“br1a9Az” 7 62 (alphanumeric) 24 bits 41.7 bits 22 years“,tHX1lb<V+” 10 95 (full keyboard) 40 bits 65.7 bits infeasible (3.8 x 108yrs)
Key Lengths
Public Key
Symmetric Asymmetric EllipticCipher (RSA,DSA,DH) Curve(Conventional)
40 bits 274 bits 57 bits56 bits 384 bits 80 bits64 bits 512 bits 106 bits80 bits 1024 bits 132 bits96 bits 1536 bits 160 bits
112 bits 2048 bits 185 bits120 bits 2560 bits 237 bits128 bits 3072 bits 256 bits
56
9. ISO Reference/Security Protocols
Data Network
User Appl icat ion Proxy Based Firewal l
Packet F i l ter - c i rcui t layer
SSL Handshake Protocol
SSL Protocol
• L2TP, L2F, PPTP• LinkLayer Point-to-Point
Hardware Encryptors• Mac Layer Fil tering
(switches)
2
1
3
4
5
6
7
ISO Reference Model Dis tr ibuted data ser vice
Syntax independent messages
Network independent messages
Physical connect ion to network hardware
Plan Data Stream
Encr ypted Data Packets
Appl icat ion Layer
Presentat ion Layer
Sess ion Layer
Transpor t Layer
Network Layer
Data L ink Layer
Physical Layer
SSL Record Protocol
IPsec/VPN
Socks, Proxies
Th
rea
tsN
etw
ork
Cry
pto
gra
ph
y
57
10. Related Standards
ANSI Banking and Security Standards
ANSI # SubjectX3.92 Data Encryption Algorithm (DEA)X3.106 Data Encryption Algorithm (DEA)X9.8 PIN management and securityX9.9 Message authentication (wholesale)X9.17 Key management (wholesale; symmetric)X9.19 Message authentication (retail)X9.23 Encryption of messages (wholesale)X9.24 Key management (retail)X9.26 Sign-on authentication (wholesale)X9.30:1 Public Key, Digital Signature AlgorithmX9.30:2 Public Key, Secure Hash AlgorithmX9.55 Extensions to Public Key Certificates & CRLsX9.57 Certificate Management for Financial Services
U.S. Government Standards - NIST (FIPS)
FIPS# SubjectFIPS 46-2 DESFIPS 74 Guidelines for using DESFIPS 81 DES modes of operationFIPS 102 Guidelines for certification & accreditationFIPS 112 Password usageFIPS 113 Data authentication (CBC-MAC)FIPS 140-1 Cryptomodule security requirementsFIPS 171 Key management using X9.17FIPS 180-1 Secure hash standard (SHA-1)FIPS 181 Automated password generatorFIPS 185 Key escrow (Clipper & Skipjack)FIPS 186 Digital Signature Standard (DSS)FIPS 188 Standard security labels for info transferFIPS 190-191 Guidelines for authentication & analyzing LANFIPS 196 Entity authentication (asymmetric)
PKCS
No. PKCS title
1 RSA encryption standard3 Diffie-Hellman key-agreement standard5 Password-based encryption standard6 Extended-certificate syntax standard7 Cryptographic message syntax standard
No. PKCS title
8 Private-Key information syntax standard9 Selected attribute types10 Certification request syntax standard11 Cryptographic token interface standard12 Personal information exchange syntax standard
58
11. IKE: Key Negotiation
• Establ ish SAs• Key mater ia l• Dif f ie-Hel lman exchange• Protect ion for IPSec negot iat ion
• Hash• Encr ypt ion• Authent icat ion• Dif f ie-Hel lman group• SA l i fe t ime
• Protect ion v ia ESP• Integri ty v ia AH• Request Keys from IKE
• Hash• Encr ypt ion• PFS group• SA l i fe t ime• Mode
E L E M E N T S
Main mode
Quick Mode
SA Request IPSec (triggered by ACL)
IKE SA Offer - DES, SHA_1, RSA, sig, D-H group 1 lifetime
Policy Match accept offer
Alice D-H exchange: KE, nonce
Bob D-H exchange: KE, nonce
Alice Authenticate D-H apply SHA Hash
Bob Authenticate D-H apply SHA Hash
F U N C T I O N S
E L E M E N T S F U N C T I O N S
IKE
IPSecLifetimeExpires
Bob IKESA Inbound EstablishedOutbound Established
Alice IKESA Inbound Established
Outbound Established
ISAKMP Phase1
Oakley Main Mode
In the clear
Protected
IPSec
Alice Bob
Th
rea
tsN
etw
ork
Cry
pto
gra
ph
y
59
12. Time Stamping
C r e a t e D o c u m e n t I d e n t i f i e r1
C r e a t e T i m e S t a m p2
S t o r e D a t a L o c a l l y3
1. Calculate a hash or fingerprint for data file of any size and is a unique value that is based on the exact content of the data file.
2. An internet-based server adds the current time to the fingerprint, signs that intermediate product (SHA-1 digest + current time) using public key encryption, generating a time stamp. The time stamp is delivered back to the client software for storage.
3. The time stamp is delivered back to the client software for storage.
Any file
Client's computerusing IP Protector
Current time(official UTC sync)
• Standard CMS(PKCS#7) record
ConstructTime Stamp
SignTime Stamp
PrivateKey
DigiStamp’s server
Computer message digest (SHA-1)
Fingerprint(HASH)
Send to independenttime stamping authority
01010010011010
01010010011010 01010010011010
15March2000 9:24am
01010010011010
12
3
6
9
• Verified locally with public key
OriginalPlaintext
Signed
DigitalSignatureadded (DSA,SHA-1) usingsender’sprivate key.
1
Compressed
Documentwith signaturecompressed.
2
Encrypted
Compressedfile encryptedwith one-timesession key(IDEA, CASTTriple DES).
3
Keyed
Encryptedcopy of sessionkey added(DH) usingreceiver’spublic key.
4
Armored
File convertedto ASCII armorformat.
5
Attacker
Message transferredviainsecurechannel.(telephone,satellite,microwave)
6
Alice
60
13a. Secure Messaging
Th
rea
tsN
etw
ork
Cry
pto
gra
ph
y
61
13b. Secure Messaging
ker Attacker Dearmor Dekey
ASCII armorremoved.
8
Decrypt
One-time(IDEA, CAST,Triple DES)session keyrecovered usingrecipient’s private key.
9
Decompress
File decryptedusing one-timesession key(IDEA, CAST,Triple DES).
10
Verify
File decompressedrevealingsignature andplaintextmessage.
11
OriginalPlaintext
Signatureverified usingsender’s publickey (DSA, SHA-1).
12
Bob
Messagereceivedin ASCIIarmorformat.
7
62
14. Protocol Using Crypto
Applications Protocols Status RFC #s Public Key Symmetric Key Length Hash Encoding Cert Type Trust Model
Store & Forward DMS (MSP) RSA DES, 3DES, IDEA 56,128 MD5 base 64, ASN.1 X.509 H(e-mail) MOSS RFC 1847,1848 RSA DES 56 MD5 base 64 X.509 H,D
PEM RFC 1241,2,3,4 RSA DES 56 MD5 RADIX 64 X.509 HPGP RFC 1991 RSA, DH IDEA, CAST, 3DES 128 MD5, SHA-1 RADIX 64 PGP H,D,WPGP/MIME RFC 2015,1847 RSA, DH IDEA, CAST, 3DES 128 MD5, SHA-1 RADIX 64 PGP H,D,WS/MIME RFC 1847 RSA RC2, RC4, 3DES 40,128 MD5, SHA-1 ASN.1 X.509 H,D
Network TLS (SSL) RFC RSA, DH 3DES, RC2, RC4, DES-CBC40,128 MD5, SHA X.509 HTransport PCT draft RSA DES, RC2, RC4, IDEA MD5, SHA X.509 D,H(Browser) SHTTP draft RSA DES, 3DES, DES, CBC MD2, MD5 base 64 X.509 D,H, Kerb,RSA
Voice Clipper FIPS RSA Skipjack 80PGPfone DH Blowfish, CAST, 3DES 160,128 GSM, ADPCM D
Session Key IKE RFC RSA RC2, DES, 3DES MD5, SHA-1 ASN.I X.509 D, HManagement SKIP RSA DES, IDEA, RC4 MD5 D, H
Network Kerberos RFC 1510 DES-CBC, DES MD4, MD5, CRC32Authentication PAP RFC 1334 MD5(Login) CHAP RFC 1994 MD5
TACACS RFC 927RADIUSCAT RFC 2078,2228 RSA DES 56 MDS, SHA-1 X.509 D, HOTP RFC 2289,2243 MD4, MD5, SHA X.509 D, H
D = Distributed H = Hierarchy W = Web of Trust
Cry
pto
gra
ph
yT
hre
ats
Ne
two
rk
63
Glossary of Cryptography Terms
LegendAlgorithm Methods
Symmetric/Conventional Certificate
Asymmetric/Public Key Standard
Message Digest/Hash Protocol
Organization API
RED = Algorithm GREEN = OrganizationBLUE = Protocol/API/Standard
A5: a trade-secret cryptographic algorithm used in European cel-lular telephones.
AES (Advanced Encryption Standard): NIST approved stan-dards, assumed for next 20 - 30 years.
AKEP (Authentication Key Exchange Protocol): Key transportbased on symmetric encryption allowing two parties toexchange a shared secret key, secure against passive adver-saries.
Algorithm (encryption): A set of mathematical rules (logic)used in the processes of encryption and decryption.
ASN.1 (Abstract Syntax Notation One): ISO/IEC standard forencoding rules used in X.509 certificates, two types exist; DER(Distinguished Encoding Rules), BER (Basic Encoding Rules).
Attribute Certificate: A digital certificate that binds a set ofdescriptive data items, either directly to a subject name or to theidentifier of another certificate that is a public-key certificate.Asymmetric keys: a separate but integrated user key-pair, com-prised of one public-key and one private-key. Each key is oneway, meaning that a key used to encrypt information cannot beused to decrypt the same data.
Authorization Certificate: an electronic document to prove one’saccess or privilege rights; also to prove one is who they saythey are.
Blind Signature: ability to sign documents without knowledge ofcontent, similar to a notary public.
Block Cipher: a symmetric cipher operating on blocks of plain-text and ciphertext, usually 64 bits.
Blowfish: a 64-bit block symmetric cipher consisting of keyexpansion and data encryption. A fast, simple, and compactalgorithm in the public domain written by Bruce Schneier.
CA (Certificate Authority): a trusted third party (TTP) who cre-ates certificates that consist of assertions on various attributesand binds them to an entity and or to their public key.
CAPI (Crypto API): Microsoft’s crypto API for Windows-basedoperating systems and applications.
CAST: A 64-bit block cipher using 64-bit key, six S-boxes with 8-bitinput and 32-bit output, developed in Canada by Carlisle Adamsand Stafford Tavares.
cry
pto
gra
ph
y
Cry
pto
gra
ph
y
64
Glossary of Cryptography Terms
CBC (Cipher Block Chaining): the process of having plaintextXORed with the previous ciphertext block before it is encrypted,thus adding a feedback mechanism to a block cipher.
Certificate (digital certificate): An electronic document attachedto a public key by a trusted third party, which provides proofthat the public key belongs to a legitimate owner and has notbeen compromised.
Certificate Enrollment Protocol (CEP): Specifies how a devicecommunicates with a CA, including how to retrieve the CA'spublic key, how to enroll a device with the CA, and how toretrieve a CRL. CEP uses PKCS #7 and PKCS #10.
Certificate Extensions: An X.509 v3 certificate contains anextensions field that permits any number of additional fields tobe added to the certificate. Certificate extensions provide a wayof adding information such as alternative subject names andusage restrictions to certificates.
CFB (Cipher Feedback Mode): A block cipher that has beenimplemented as a self-synchronizing stream cipher.
Certification: endorsement of information by a trusted entity.Certificate Management Messages over CryptographicMessage Syntax (CMC): Message format used to convey arequest for a certificate to a Registration Manager or CertificateManager.
Certificate Management Message Formats (CMMF): Messageformats used to convey certificate requests and revocationrequests from end entities to a Registration Manager orCertificate Manager and to send a variety of information to endentities.
Certificate Management Systems (CMS): A highly configurableset of software components and tools for creating, deploying,and managing certificates. CMS comprises three major subsys-tems that can be installed in different CMS instances in differ-ent physical locations: Certificate Manager, RegistrationManager, and Data Recovery Manager.
Certificate Revocation Tree (CRT): A mechanism for distributingnotice of certificate revocations.
CHAP (Challenge Handshake Authentication Protocol): a ses-sion-based, two-way password authentication scheme.
Ciphertext: the results of manipulating either characters or bitsvia substitution, transposition or cryptographic operations.
Cleartext: characters in a human readable form or bits in amachine readable form (also called plaintext).
CPS (Certificate Practice Statement): Describe the policies, prac-tices, and procedures employed by a CA. (Certificate Authority)CRL (Certificate Revocation List): an online, up-to-date list ofpreviously issued certificates that are no longer valid.
Cross-certification: two or more organizations or CertificateAuthorities that share some level of trust.
Cryptanalysis: The art or science of transferring ciphertext intoplaintext without initial knowledge of the key used to encryptthe plaintext.
Cryptography: the art and science of creating messages thathave some combination of being private, signed, unmodified,with non-repudiation.
Th
rea
tsN
etw
ork
65
Glossary of Cryptography Terms
Cryptoperiod: specific time span during which a cryptographickey is authorized, or for which a key setting remains in effect.
Cryptosystem: a system comprised of cryptographic algorithms,all possible plaintext, ciphertext, and keys.
Data Integrity: a method of ensuring information has not beenaltered by unauthorized or unknown means.
Decryption: the process of turning ciphertext back into plaintext.DES (Data Encryption Standard): a 64-bit block cipher, sym-
metric algorithm also known as Data Encryption Algorithm(DEA) by ANSI and DEA-1 by ISO. Widely used for over 20years, adopted in 1976 as FIPS 46.
Diffie-Hellman: the first public key algorithm, invented in1976, using discrete logarithms in a finite field.
Digital Signature: The digital equivalent of a written signature,providing cryptographic evidence that the original document isauthentic unaltered, not forged and non-repudiable, almost alwaysusing a public-key algorithm.
Direct Trust: an establishment of peer-to-peer confidence.Discrete Logarithm: the underlying mathematical problem used
by asymmetric algorithms, like Diffie-Hellman and EllipticCurve. It is the inverse problem of modular exponentiation,which is a one-way function.
DSA (Digital Signature Algorithm): a public-key digital signa-ture algorithm proposed by NIST for use in DSS.
DSS (Digital Signature Standard): a NIST proposed standard(FIPS) for digital signatures using DSA.
ECC (Elliptic Curve Cryptosystem): a unique method for creat-ing public-key algorithms based on mathematical curves overfinite fields or with large prime numbers.
EES (Escrowed Encryption Standard): a proposed U.S. govern-ment standard for escrowing private keys.
ElGamal Scheme: used for both digital signatures and encryptionbased on discrete logarithms in a finite field, can be used withthe DSA function.
Encryption: the process of disguising a message in such a wayas to hide its substance.
Entropy: a mathematical measurement of the amount of uncer-tainty or randomness.
FIPS (Federal Information Processing Standard): U.S. gov-ernment standards published by NIST.
GAK (Government Access to Keys): a method for the govern-ment to escrow individuals’ private keys.
GSS-API (Generic Security Services API): IETF RFC 1508 is ahigh level security API, which isolates session-oriented applica-tion code from implementation details.
Hash: a one-way function - a function that produces a messagedigest that cannot be reversed to produce the original.
Hierarchical Trust: a graded series of entities that distribute trustin an organized fashion, commonly used in X.509 issuing certi-fying authorities.
IDEA (International Data Encryption Algorithm): a 64-bitblock symmetric cipher using 128-bit keys based on mixingoperations from different algebraic groups. Considered one ofthe strongest algorithms.
66
Glossary of Cryptography Terms
Identity Certificate: a signed statement which binds a key to thename of an individual and has the intended purpose of delegat-ing authority from that named individual to the public key.
IKE (Internet Key Exchange): a manual and automatic keyexchange method combining ISA/KMP and Oakley KeyExchange, as described in IETF IPsec specification.
ISO (International Organization for Standardization): respon-sible for a wide range of standards, like the OSI model and inter-national relationship with ANSI on X.509.
ITU-T (International Telecommunication Union Telecommunication):formally the CCITT (Consultative Committee for InternationalTelegraph and Telephone), a worldwide telecommunications tech-nology standards organization.Kerberos: a trusted-third-party authentication protocol developedat MIT.
Key: a means of gaining or preventing access, possession, orcontrol represented by any one of a large number of values.
Key Escrow/Recovery: a mechanism that allows a third partyto retrieve the cryptographic keys used for data confidentiality,with the ultimate goal of recovery of encrypted data.
Key Exchange: a scheme for two or more nodes to transfer asecret session key across an unsecured channel.
Key Length: the number of bits representing the key size; thelonger the key, the stronger it is.
Key Management: the process and procedure for safely storingand distributing accurate cryptographic keys, the overall processof generating and distributing cryptographic key to authorizedrecipients in a secure manner.
Key Splitting: a process for dividing portions of a single keybetween multiple parties, none having the ability to reconstructthe whole key.
KTC (Key Translation Center): a trusted server that makes akey chosen by one party available to another party by re-encrypting (translating) it by a key shared with the requestingparty.
LRA (Local Registration Agent): an entity appointed by a CA or RAto assist other entities in applying for certificates, revoking theircertificates or both.
MAA (Message Authenticator Algorithm): an ISO standard thatproduces a 32-bit hash, designed for IBM mainframes.
MAC (Message Authentication Code): a key-dependent one-way hash function, requiring the use of the identical key to ver-ify the hash.
MD2 (Message Digest 2): 128-bit one-way hash functiondesigned by Ron Rivest, dependent on a random permutationof bytes.
MD4 (Message Digest 4): The predecessor of MD5, later foundto be weak.
MD5 (Message Digest 5): 128-bit one-way hash functiondesigned by Ron Rivest, very widely used.
Message Digest (also MD): A number that is derived from amessage. Change a single character in the message and themessage will have a different message digest.
MIC (Message Integrity Check): Same as Message Digest.Micalg (MIC algorithm) used to identify the MIC algorithmused in signing MIME Messages.
Th
rea
tsN
etw
ork
Cry
pto
gra
ph
y
67
Glossary of Cryptography Terms
MIME (Multipurpose Internet Mail Extensions): a freely avail-able set of specifications that offers a way to interchange textin languages with different character sets, and multi-media e-mail among many different computer systems that use Internetmail standards.
Modulus: The defining constant in modular arithmetic, and usu-ally a part of the public key in asymmetric cryptography
NIST (National Institute for Standards and Technology): adivision of the U.S. Dept. of Commerce that publishes open,interoperability standards called FIPS.
Non-repudiation: preventing the denial of previous commitmentsor actions.
NSA (National Security Agency): a United States cryptologicorganization tasked with making and breaking codes andciphers.
Oakley: The "Oakley Session Key Exchange" provides a hybridDiffie-Hellman session key exchange for use within theISA/KMP framework. Oakley provides the important propertyof "Perfect Forward Secrecy.”
One-Time Pad: a large nonrepeating set of truly random key let-ters used for encryption, considered the only perfect encryptionscheme, invented by Major J. Mauborgne and G. Vernam in1917. Not widely used because key management is impracti-cal.
One-Way function: a function of a variable string to create afixed length value representing the original pre-image, alsocalled message digest, fingerprint, message integrity check(MIC).
PAP (Password Authentication Protocol): an authenticationprotocol that allows PPP peers to authenticate one another,does not prevent unauthorized access but merely identifies theremote end.
Passphrase: an easy-to-remember phrase used for bettersecurity than a single password, key crunching converts it intoa random key.
Password: a sequence of characters or word that a subjectsubmits to a system for purposes of authentication, validation,or verification.
Perfect Forward Secrecy: a cryptosystem in which theciphertext yields no possible information about the plaintext,except possibly the length.
PGP (Pretty Good Privacy): an application & protocol (RFC1991) for secure email and file encryption developed by PhillipR. Zimmermann, originally published as Freeware, the sourcecode has always been available for public scrutiny. PGP uses avariety of algorithms, like IDEA, RSA, Diffie-Hellman, CAST,DSA, MD5, SHA-1 for providing encryption, authentication,message integrity, and key management. PGP is based on the“Web-of-Trust” model and has world-wide deployment.
PGP/MIME: an IETF standard (RFC 2015) that provides privacyand authentication using the Multipurpose Internet MailExtensions (MIME) security content types described in RFC1847, currently deployed in PGP 5.0 and later.
68
Glossary of Cryptography Terms
PKCS (Public Key Crypto Standards): set of “de facto” stan-dards for public key cryptography developed in cooperation withan informal consortium (Apple, DEC, Lotus, Microsoft, MIT, RSAand Sun) that includes algorithm specific and algorithm independ-ent implementation standards. Specifications defining messagesyntax and other protocols controlled by RSA Data Security Inc.
PKI (Public Key Infrastructure): a widely available and acces-sible certificate system for obtaining an entity’s public-key withsome degree of certainty that you have the ‘right’ key and ithas not been revoked.
PKIX: A contraction of "Public-Key Infrastructure (X.509)", thename of the IETF working group that is specifying an architec-ture and set of protocols needed to support an X.509-based PKIfor the Internet.
Plaintext (or cleartext): the human readable data or messagebefore it is encrypted.
Private Key: the privately held “secret” component of an inte-grated asymmetric key pair, often referred to as the decryptionkey.
Public Key: the publicly available component of an integratedasymmetric key pair often referred to as the encryption key.
RA (Registration Authority): responsible for authorizing entitiesor LRA, distinguished by unique names, as members of a secu-rity domain, this involves associated a user with specific keymaterial. RAs work on behalf of the CA.
Random Number: an important aspect to many cryptosystems,and a necessary element in generating a unique key(s) that areunpredictable to an adversary .
RC2 (Rivest Cipher 2): variable key size, 64-bit block symmetriccipher, once a proprietary algorithm of RSA, Data Security Inc.
RC4 (Rivest Cipher 4): variable key size stream cipher, once aproprietary algorithm of RSA Data Security, Inc.
RC5 (Rivest Cipher 5): a block cipher with a variety of parame-ters, block size, key size, and number of rounds.
RIPE-MD: an algorithm developed for the European Community’sRIPE project, designed to resist known cryptanalysis attacks andproduce a 128/160-bit hash value, a variation of MD4.
Revocation: retraction of certification or authorization.ROT-13 (Rotation Cipher): a simple substitution (Caesar)cipher, rotating each 26 letters 13 places.
RSA: short for RSA Data Security, Inc.; or referring to: Ron Rivest,Adi Shamir, and Len Adleman; or to the algorithm they invent-ed. The RSA algorithm is used in public-key cryptography and isbased on the fact that it is easy to multiply two large primenumbers together, but hard to factor them out of the product.
S-Box: A nonlinear substitution function (thus “S-Box”) basic toblock ciphers (eg. DES and CAST), where an input is XOR-edand converted to an output (6 bits and 4 bits, respectively, inDES) and which provides the core of such ciphers’ security.
SA (Security Association): a simplex (uni-directional) logicalconnection that specifies a security process through the use ofAH and ESP.
SAFER (Secure And Fast Encryption Routine): a non-propri-etary block cipher 64-bit key encryption algorithm. Not patent-ed, available license free. Developed by Massey, who devel-oped IDEA.
Th
rea
tsN
etw
ork
Cry
pto
gra
ph
y
69
Glossary of Cryptography Terms
Salt: a random string that is concatenated with passwords beforeoperated on by a one-way function; helps prevent against suc-cessful dictionary attacks.
Secret Key: either the “private key” in public-key (asymmetric)algorithms or the “session key” in symmetric algorithms.
Secure Channel: a means of conveying information from oneentity to another such that an adversary does not have the abil-ity to reorder, delete, insert or read (SSL, IPSEC, whispering insomeone’s ear).
Self-Signed Certificate: A public-key certificate for which thepublic key bound by the certificate and the private key used tosign the certificate are components of the same key pair
Session Key: The secret (symmetric) key used to encrypt eachset of data on a transaction basis. A different session key isused for each communication session.
SHA-1 (Secure Hash Algorithm): the 1994 revision to SHA,developed by NIST, (FIPS 180-1) used with DSS produces a160-bit hash, similar to MD4, very popular and is widely imple-mented.
Skipjack: The 80-bit key encryption algorithm contained in NSA’sClipper chip. The algorithm is classified; NSA will not releaseinformation on how it works. It has a backdoor feature for gov-ernment access.
SKMP (Secure-Key Management Protocol): an IBM proposedkey-recovery architecture that uses a key encapsulation tech-nique to provide the key and message recovery to a trustedthird-party escrow agent.
Smart Cards: tamper-resistant hardware devices that store pri-vate keys and other sensitive information.
SOQ: a widely adopted standard for digital certificates that usesANSI.1 encoding and carries cryptographic material and X.500conventional content.
S/MIME (Secure Multipurpose Mail Extension): a proposedstandard developed by a consortium of e-mail software vendorsled by RSADSI, for encrypting and/or authenticating MIMEdata. S/MIME defines a format for the MIME data, the algo-rithms that must be used for interoperability (RSA, RC2, SHA-1), and the additional operational concerns such as X.509 cer-tificates and transport over the Internet.
SPI (Security Parameter Index): the combination of destinationaddress, a security protocol and an SPI uniquely identifies a secu-rity association (SA).
SSH (Secure Shell): an IETF proposed protocol for securing thetransport layer by providing encryption, cryptographic hostauthentication, and integrity protection.
SSL (Secure Socket Layer): developed by Netscape to providesecurity and privacy over the Internet. Supports server and clientauthentication and maintains the security and integrity of thetransmission channel. Operates at the transport layer and mim-ics the “sockets library,” allowing it to be application independ-ent. Encrypts the entire communication channel and does notsupport digital signatures at the message level.Steganography: Methods of hiding the existence of a messageor other data, i.e., digital watermark or “invisible” ink.
Stream cipher: a class of symmetric-key encryption operating onthe plaintext one byte (or one bit) at a time.
Substitution cipher: the characters of the plaintext are substi-tuted with other characters to form the cipher text.
Cry
pto
gra
ph
y
70
Glossary of Cryptography Terms
Symmetric algorithm: an encryption algorithm in which thesame secret key is used for both encryption and decryption. Alsoknown as conventional, secret-key and single-key algorithms.Block and stream ciphers are classes of symmetric algorithms.
Timestamping: recording the time of creation or existence ofinformation.
TLSP (Transport Layer Security Protocol): ISO 10736, draftinternational standard.
Transposition cipher: the plain text remains the same but theorder of the characters is transposed.
Triple DES: an encryption configuration in which the DES algo-rithm is used three times with three different keys.
Trust: a firm belief or confidence in the honesty, integrity, justice,reliability, etc., of a person, company, and so forth.
TTP (Trusted Third-Party): a responsible party in which all par-ticipants involved agree upon in advance to provide a service orfunction, such as certification, by binding a public-key to an enti-ty, time-stamping, or key-escrow.
Web of Trust: a distributed trust model used by PGP to validatethe ownership of a public key where the level of trust is cumu-lative, based on the individuals knowledge of the ‘introducers’.
XOR (eXclusive Or opeRation): exclusive - or operation, a mathe-matical way to represent differences.
X.509v3: an ITU-T digital certificate that is an internationallyrecognized electronic document used to prove identity andpublic key ownership over a communication network. Itcontains the issuer’s name, the user’s identifying information,and the issuer’s digital signature, as well as other possibleextensions in version 3.
Zeroed: the degaussing, erasing or overwriting of electronicallystored data.
Th
rea
tsN
etw
ork
3
Glossary of Cryptography Terms
Ne
two
rkT
hre
ats
Cry
pto
gra
ph
y
The information in this document is subject to change without notice and must not be construed as a commitment on the part of Symantec Corporation. Symantec assumes no responsibility for any errors that may appear in this document. No part of thisdocument may be reproduced, stored in a retrieval system, or transmitted, in any form a by any means - graphic, electronic, or mechanical, including photocopying and recording - without the ,prior written permission of the copyright owner. Symantec and theSymantec logo are U.S. registered trademarks of Symantec Corporation. Other brands and products are trademarks of their respective holders).
Copyright © 2001 Symantec Corporation. All Rights Reserved. Printed in the United States of America 08/01 09-71-00385
