Lecture 18: Confidentiality, Authorization, and Protocols

Prepared by Daniel Rosales

Midterm Grade Distribution

Kerckhoffs's Principle

• minimize what needs to be kept a secret for the whole system to work.
• technique developed in the 19th century before computers were invented.

Design- algorithm, code, network
The key is kept secret.

Would it not be easier to just keep the whole design a secret (security via obscurity)?
No, the DVD was based on this technique and it did not work. Plans will be leaked out.

Logging into Unix

• Structure: username:password:/home/username

• Hash Function: H(password) = S
• Structure: username:cryptographic checksum:/home/username
• Knowing S gives you little information about the password.
• In the original Unix system, a salt was used as H (password ^ salt) = S

Originally, the hash function was made to be expensive to frustrate hackers (using a brute force method). This did not work because computers became faster. /etc/shadow is used to store password hashes and is only readable by privileged users (root).

Authentication

• prevents masquerading
• trusted login agents: grants you access (e.g. access to /etc/shadow)

• password guessing (brute force)
• snoop the password (retain ascii values as password is typed, video)
• server impersonation
• magnetic or optical card
• change password using personal information (date of birth, etc.)
• IP address, MAC address
• finger prints, biometrics

• /bin/login
• In Linux, the process table entry contains the user ID. This cannot be changed. Internal Authentication continuously uses the ID for validity.

Authentication over a network.
We must assume attacker can snoop, alter, delete messages.
Example: Suppose we have client A and server B. We send a message, M, from A to B
Message: A->B { "I'm A" and my password is 'plugh'}
We can then use a key, k, such that

• {M} ^k + k -> M
• M + k -> {M} ^k

• how are both A and B to know the key
• replay attacks

we can use a nonce , random bit strings ( /dev/random produces random data based on "driver noise" but this can be subtly exploited)
An example of using a nonce is as follows: A->B { "I'm A" and my password is 'plugh' ^ nonce}^k

Public key System
This is slower than the previous authentication techniques
Private key: K, Public Key: U

• {M} ^U + K -> M
• M + U -> {M} ^K

Two Sample Protocols

• ~/.ssh/id_rsa.pub (public key)
• ~/.ssh/known_hosts (host servers as well as a copy of their public key)
• ~/.ssh/id_rsa (private key)

IPSEC

• much bigger than SSH
• corporate environment
• based on tunneling packets on untrusted networks (e.g. internet)

Authentication and Access Control

Having successfully completed authentication, we need to define access (authorization). This is represented above as a 3D array of booleans

Access Control Lists
attached to each file is a a list of who's to do what with that file
Example

• ls -l /etc/passwd
  _rw_r_ _r_ _ eggert root
• Who can change the ACL?
  only eggert
• Can you give away a file?
  Original Unix-Yes
  Berkeley Software Distribution (BSD)-no, because of quotas.

Capability
attached to each user is a list of files that the user is authorized to access (file descriptor in linux)

• must be unforgable
• must be consulted before any action is allowed
• Hardware or operating system support is needed

• Direct
  • map into address space (e.g. process can directly access graphics registers).
  • access check when creating map, ran at hardware speed.
  • Disadvantage: resource can become corrupted
• Indirect
  • issue service request via trusted handlers
  • OS can check each access (flexibility on entry to revoke access)
  • Disadvantage: slower than direct access with hardware

Windows- style of ACLs extend UNIX permissions (self, group, other)

Linux
ACLs are not of fixed size
We can use the command setfacl to set the file access control list
Example: set-facl -n group:tas:rwx