Please enable JavaScript.
Coggle requires JavaScript to display documents.
Cybersecurity - Coggle Diagram
Cybersecurity
Basic cryptographic concepts
Scope of cryptograpghy
Confidentiality
Only the right people can read the information
Authentication
The ability to verify the sender's identity
Integrity
Protecting information from being modified by unathorized parties
Anonymity
Ensuring the users's anonimity while communicating
Basic operations
Encryption
The process of converting plain text into ciphertext
Decryption
THe process of converting ciphertext into plaintext
Ciphertext - cannot be read
Plaintext - can be read
Cipher
An algorithm used to encrypt and decrypt data
Very old example
Ceasar Cipher
It is a substitution cipher
Each character in the message is substituted by another character
The letters in the second row are shifted of a given number of positions - if its the -> key = 3
Not too many combinations
Attacks
Brute Force
1 more item...
Cryptanalytic attack
1 more item...
Key
A piece on information used by the cipher to encrypt the plaintext (and that is necessary to decrypt the cyphertext)
Types
Symmetric Key encryption
The universal technique for providing
confidentiality
for
transmitted or stored data
Requirements
Strong
encryption algorithm - Cipher
Sender and receiver must have
obtained copies of the secret key
in a
secure fashion
and
must keep the key secure
To get a secure communication channel you need a secure channel - ridiculous
Keep the key secure - Confidentiality depends on this
Attacks
Brute Force attack
Try all the possible keys
Before trying all the possible combination of characters, useful to try with all the words in dictionaries
It is about the key size and how fast is our computer
On average half of all possible keys must be tried to achieve success
Recognizing the plaintext can be another very complex problem
Cryptanalytic attack
If the cipher is weak then it could be possible to find ways to decrypt the ciphertexts
Weak
Caused by some knwoledge of the general characteristics of the plaintext
Obtaining some plaintext-ciphertext pairs
Example WW2 Enigma Machine
If the attack is successful then
all the future and past messages
encrypted with that key are
compromised
Algorithms
Many different symmetric encryption algorithms have been proposed
It is
better
to use algorithms that are an
international standard
DES - Data Encryption Standard - 1977
Slow
Very insecure - key is too small
Key size = 56bits
3DES
Executes 3 times the standard DES
Very slow
Quite secure - key size =56*3
AES - Advanced Encryption Standard -2002
Key size = 128, 192, 256 bits
Very fast
Secure (now, future??)
Public Key encryption
Public Key encryption is based on some
complex mathematical problems
Assymetric encryption
Public key
- made as public as possible
Private key
- maintained carefully secret
Every couple of keys is generated together, the two keys are linked by some mathematical problems
It can provide
Confidentiality
Verification - Authenticity
Only possible if the message has been encrypted using the individual's private key
Problem - Impersonating Bob with a fake Bob's public key
Solution - Public Key certificates
The public key is certified by a certificate autority
2 more items...
Integrity-
Since the appropriate public key decrypts the data properly, this means the message was not modified during the transfer
Hybrid encryption
Symmetric is good for bulk data, less costly, but less secure
Asymmetric is good for security, but more costly
Set up a hybrid
Step 1 - Use the other's public key to encrypt the symmetric key
Step 3 - Other will decrypt with his/her own private key
Step 2 - Send the encrypted symmetric key through the wire
Step 4 - now you both have the same symmetric key and ready to send to bulk data
This is used by every safety protocol
Computer security
Basic principles
Principle 1 corollary
Sytems complexity
More complexity -> Less security
Empirical rule - Increasing the complexity of a systems leads to an
insecure system
Linear increase of complexity means
super-linear increase
of insecurity
Reasonably secure system? - KISS rule
Keep it Simple and Stupid
But this does
not mean
secure systems can not be complex or complicated
The protection system must be
as simple as possible
- If possible
very simple
Unnecessary complexity
can lead to
3 more items...
Principle 2
Entities composing a system
Most systems are composed of 3 types of entities
Software
Critical part of the system -
large exposed attack surface
Large
Many very complex programs
Each program made of thousands or millions of lines of
source code
Exposed
That can be accessed remotely (i.e. from the internet, from a wirelless network or from a user interface)
Attack surface
Everything that can be used by an attacker to violate the system
Often
other parts
of the system are
easier to attack
Attacking the software often requires some
technical skills
.
Attacking the human
in the system requires skills that are not about computing
Humanware
Human in the loop - often the weakest link in the system
Social engineering
the use of
deception
to
manipulate individuals
into divulging
confidential or personal
information that may be used for
fraudulent purposes
- phising emails
Weakest
Lack of knowledge
Overload
Fatique
Bad design
Goodwill
1 more item...
Lack of attention
Stupidity ( both users and system administrators)
Hardware
All the modern hardware composed of
Hardware
Software
Firmware
1 more item...
Can be tampered by an attacker
Tampered
Interfere with something in order to
cause damage
or to
make unathorized alterations
Even the
physical security
of systems and devices is hard to guarantee (for eg.
unathorized access
)
Physical security
Evil maid attack - example of unathorized alteration of personal devices
Security as a process
It is a
never ending process
and
not a product
Reasonable secure system
Endless work
Education
Today is secure - tomorrow might not - everyday new faults are discovered
Lack of updates ->
fragile and insecure
systems
Updating is not easy
Are the updates
available
for
all
of your devices? - until
when it is supported
?
If available
4 more items...
Always a dangerous operation
Fixing bugs can introduce new bugs, instability, side-effects
Need of
cost/benefit
evaulation
It is costly -
time consuming
It is based on
partial information
1 more item...
Principle 1
Non existence of secure systems
The software is often far from perfect
Implementation bugs
Design errors
Unbreakable system is a myth
Impenetrable bank vault
Unsinkable boat
The security level of a given system is determined by the
Amount of time necessary to break the system
Amount of money or resources required
Probability of success
What are we protecting? From who? Why?
Why?
Most times the adversary is
rational
Most times the adversary has an
economic goal
That is
not always true
when the adversary is a
government
Principle 3
Security = knowledge
Knowledge of the system
Real security is based in
deep knowledge
(of the system to be protected)
What are the effect of this principle on software?
System
Open
Key charactherictics
5 more items...
Examples
4 more items...
Advantage
4 more items...
Disadvantage
3 more items...
Closed
Key charactherictics
4 more items...
Examples
4 more items...
Advantages
4 more items...
Disadvantages
4 more items...
Source
Open
Teacher prefer this since it can be
3 more items...
But this do not guarantee that the system is secure
Theoretically possible to check all the code of a system like linux - it is
not practically possible
million lines of codes
Closed
TRUST
Prefer to trust a community
Prefer to trust a company
Users education - form of knowledge
It is not that simple to invest in education
It is costly
Perception of security - lack of importance
Wrong habits - we have always done this way
Ideological resistance - information anarchism
Cost of security procedures - vs productive investments
Security of a cryptosystem
Kerchkhoffs's principle
A cryptosystem should be secure even if everything about the system,
except the key
is public knowledge - 1883
Shannon's reformulation
The enemy knows the system
Makes security robust and realistic
Cryptosystems must
not
rely on security by obscurity
Assume that the adversary has full knowledge of the cryptosystem except the key
Security relies only on the secrecy of the key, not the algorithm
It is realistic, it can be tested by the public and it is resilient (if system is exposed the key alone ensures security)
Security through obscurity
Relying on the
design or implementation secrecy
as the main method of providing security
It is wrong!!!
But this
does not mean to publish all the details about my sytem internals
Main concepts and terminology
Fundamental questions
What assets
do we need to
protect
?
Protection
Definiton
The
protection
afforded to an automated information system in order to attain the applicable objectives of preserving
integrity, availability
and
confidentiality
of
information resources
CIA Triad
Core elements
Data and services
Ensuring
Confidentiality
3 more items...
Integrity
3 more items...
Availability
2 more items...
CIAAA Pentagram
Authenticity
Property of being
genuine
and being able to be
verified
and
trusted
Example - confidence in the validity of a transmission, a message or a message originator
Accountability
The requirement for
actions of an entity
to be
traced uniquely to that entity
Example - ability to find the originator of a transmission, a message or an action
How
are those assets
threatened
?
What
can we do to
counter those threats?