STRIDE – Part 3/3

Let’s take an example, where it is possible to implement STRIDE techniques to mitigate the threats. Note: Threats should be displayed as the highest priority. The figure below is an example of a server that is connected to many clients via the insecure network.

Screen Shot 2017-03-06 at 2.51.19 pm

 

Implementing STRIDE technique will help to find and fix the vulnerabilities of the system before they can be exploited by the attacker. Below are some of the vulnerabilities, that might be exploited by the attacker, which might cause threats to the system.

Attack the server STRIDE 1

  • Attacker intercepts the data, where the attacker can Tampering with data and Information disclosure or he/she can Spoofing identity.
    • Chance of occurring: (1 = very high).
    • The damage it causes: (10 = massive).
    • Risk: 10/1 = (10).

 

 

Attack the server STRIDE 2

  • Attacker floods server with bad data (Denial of service).
    • Chance of occurring: (1 = very high).
    • The damage it causes: (7 = high).
    • Risk: 7/1 = (7).

 

 

Attack the server STRIDE 3

  • Attacker accesses the configuration data, where the he/she can Tamper with data, Information disclosure and implement a Denial of service.
    • Chance of occurring: (5 = medium).
    • The damage it causes: (10 = massive).
    • Risk: 10/5 = (2).

 

 

Attack the server STRIDE 4

  • Attacker access persistent data or the audit log, where the he/she can Tamper with data, Information disclosure and implement a Denial of service.
    • Chance of occurring: (4 = medium).
    • The damage it causes: (8 = high).
    • Risk: 8/4 = (2).

 

There are several techniques that can be implemented to the STRIDE to mitigate these above threats such as;

  1. S – Strong authentication; and never store secrets.
  2. T – hashes, digital signatures; and tamer resistant protocols.
  3. R – Digital signature, time stamps; and secure logging.
  4. I – Strong access control mechanisms (ACLs), encryption; and never store secrets.
  5. D – Filtering, throttling; and QoS.
  6. E – Run with least privilege.

Screen Shot 2017-03-06 at 9.10.31 pm

Advertisements

Message Authentication Codes

Message Authentication Codes also known as (MACs) are similar techniques to the Digital Signatures. MACs use Symmetric keys between all parties; and they provide data integrity and message authentication, but not non-repudiation. In fact, MACs are much faster than Public-key signatures.

Basically, MAC takes an input of any size and produce a short and fixed-size output. The Message Authentication Codes’ security entirely relies on the infeasibility of computing the result by Oscar. In this scenario, it will be very difficult for Oscar to achieve the following:

  1. Existential forgery.
  2. Selective forgery.
  3. Key recovery.

 

This scenario is an example of the MAC and how it works:

  • Any party can start this communication, Bob will start for this example.
  • Bob will use the private-key to MAC the original message; then he will send it to Alice.
  • Alice will use the same private-key to verify that the message has been received from Bob.

screen-shot-2017-02-28-at-12-14-49-pm

In conclusion, there are some important thangs about MAC that you need to remember, for example:

  1. MAC provides data integrity and message authentication Meanwhile, Digital signature provides data integrity, message authentication and non-repudiation.
  2. MACs are much faster than Digital signatures.
  3. MACs use a key, but Hash functions do not use key.

 

Note: MACs are based on hash functions (e.g. HMAC) or on Block Ciphers (e.g. CBC-MAC).

Introduction to Hash Functions – Part 1/2

Digital Signatures (e.g. RSA Signatures) are great because they achieve data integrity, message authentication and non-repudiation. However, they have few problems especially when the message (x) is long. In another word (How do we sign a message (x) greater than the modulus n?). The following figure shows an alternative solution, which split the message into blocks and sign each block individually.

rsa-signature

This technique (the figure above) works perfectly, but will face some problems:

  1. Computational load: Public-Key operations are time-consuming.
  2. Transmission or storage overhead: Signature is as long as the message itself.
  3. Security: Similar problems to ECB mode of operation (remove individual blocks, inject old blocks).

 

The solution to solve this problem is very simple, which is by having a shorter “representation” of a message, so that we can (sign) that instead of the message itself. This solution is known as (hash function produce representation); and also it is called hash or message digest, or digital fingerprint.

hash-functions

Digital Signatures

I have defined previously some of the computer security terms and definitions. So far, the encryption and decryption operations provide confidentiality, where the information is kept secret from all but authorized parties (protect the information from being readable to unauthorised people). Whereas, many people do care about the other security properties such as, Integrity, Authentication, Non-repudiation and more (Remember the following terms).

  • Data Integrity: ensures that a message has not been modified in transit.
  • Message Authentication: ensures that the sender of a message is authentic.
  • Non-repudiation: ensures that the sender of a message cannot deny the creation of the message.
  • Identification: establishing and verifying the identity of an entity.
  • Access control: restricting access to the resources to privileged entities.
  • Availability: the electronic system is reliably available.
  • Auditing: provides evidence about security-relevant activities such as, keeping logs about certain events.
  • Physical security: providing protection against physical tampering and/or responses to physical tampering attempts.
  • Anonymity: providing protection against discovery and misuse of identity.

 

Symmetric Key is not enough to provide full-security, since it does not provide all the previous properties. Therefore, it is important to implement/introduce Digital Signatures. In fact, Digital Signatures provide Data Integrity, Message Authentication and Non-repudiation. The following steps explain how Digital Signatures work:

  1. Any party can start this communication, either Alice or Bob, by generating two keys (public-key and private-key). In our scenario, Bob has generated the two keys.
  2. Bob sends his public-key to Alice, while keeping his private-key
  3. The message (x) that Bob wants to send will be signed via the Bob’s (private-key).
  4. The message (x); along with Bob’s signature will be sent to Alice.
  5. Alice will verify the received message (x) via Bob’s public-key. This ensures that Bob has sent the message (message integrity, authentication and non-repudiation).

 

This PowerPoint file explains the digital-signatures process step-by-step.

For more information about Digital Signature.

Diffie-Hellman – PART 2/2

Let’s take a real example of the DHKE and to figure out how to generate and exchange keys securely between two parties.

  1. Choose a large prime p.
  2. Choose a primitive root g of p.
  3. Publish p and g.

Alice and Bob must agree on the values of p and g; (where g for example is 2 or 5).

Find the attacked PowerPoint slides for a dhke-example.

 

In conclusion, the DHKE provides both parties to know (k = gAB mod p). Meanwhile, Oscar knows (p, g, gA mod p and gB mod p), which is not enough to compute (gAB mod p), unless Oscar computes the discrete logarithm of (gA mod p) or (gB mod p) to find either A or B.

Therefore, the security of DHKE depends on the difficulty of the discrete logarithm problem.

 

The most common problem that occur with DHKE that it is susceptible to Man-In-The-Middle (MITM) attack, where both parties (Alice and Bob) believe that they share a secret key with each other, whereas they share a secret key with Oscar via MITM attack. However, it is possible to mitigate/thwart the MITM attack by implementing Digital Signature when exchanging the value.

Digital Signature is a browser technique that defend against MITM by doing the following:

  • Digital signature on exchanged values.
  • Alice signs gA mod p, Bob signs gB mod p.
  • This proves that it was they who generated these values.

Note: modern browsers use Diffie-Hellman to communicate with websites (https://…).

Find the attacked PowerPoint slides for more information about the mitm-attack.

This link shows which algorithms your browser supports, for example
DHE-RSA Is for key exchange
AES128 Is for symmetric encryption (See SK lecture)
SHA Is for Message Authentication (See next lecture)
DHE-RSA Diffie-Hellman Ephemeral with RSA digital signatures

Facts about Public-Key Algorithm and How to Build It

The Asymmetric schemes are based on a “one-way function f()”:

  • Computing y = f(x) is computationally easy.
  • Computing x = f-1(y) is computationally infeasible.

 

One way functions, in fact, are based on mathematically hard problems such as:

  1. Factoring Integers (e.g. RSA): Given a composite integer n, find its prime factors.
  2. Discrete Logarithm (e.g. Diffie-Hellman, Elgamal & DSA): Given a, y and m, find x such that ax = y mod m.
  3. Elliptic Curves or EC (e.g. ECDH & ECDSA): Generalization of discrete logarithm

Remember: The problems are considered mathematically hard, but no proof exists (so far).

Note: There are many other public-key schemes such as, NTRU or systems based on hidden field equations, which are not in wide spread use. Often, their security is not very well understood.

 

Facts about Asymmetric Algorithms:

  1. Public-key algorithms have capabilities that symmetric ciphers do not have, in particular digital signature and key establishment functions.
  2. Public-key algorithms are computationally intensive (a nice way of saying that they are slow), and hence are poorly suited for bulk data encryption.
  3. Only three families of public-key schemes are widely used. This is considerably fewer than in the case of Symmetric algorithms.

Basic Protocol for Public-Key Encryption

The basic protocol for the Asymmetric Cryptography works as the following:

  1. Either the sender or the receiver, Bob for example, will generate two keys (public-key and private-key).
  2. Bob will distribute his (public-key) publicly to everyone.
  3. The other parties, Alice for example, will use Bob’s (public-key) to send an encrypted message back to Bob.
  4. Bob will receive the (encrypted) message from Alice (unreadable message up till now).
  5. Bob will use his (private-key) to decrypt the received message (become readable now).

Note: if Oscar interrupt the communication and gain the encrypted message, it will be very difficult for him to decrypt it, since Bob only has the (private-key).

screen-shot-2017-02-21-at-5-30-11-pm

 

As a real-life example, everyone has an email address nowadays, where every email is linked with a secret password. Think of it this way, you give your email address to other people to send you emails/messages (public-key), while you are the only person who can read this emails/messages by accessing to your email address with your private password (private-key).

 

The main services that Asymmetric Cryptography provides:

  • Key Distribution: For example, Diffie-Hellman Key Exchange & RSA (without a pre-shared secret key).
  • Non-repudiation and Digital Signatures: For example, RSA, DSA or ECDSA. (that provides message integrity).
  • Identification: Using challenge-response protocols with digital signatures.
  • Encryption: For example, RSA/Elgamal.

However, the main disadvantage that Asymmetric Algorithms is about 1000 times slower than Symmetric Algorithms (Computationally very intensive).

 

In conclusion, it looks as though Asymmetric Cryptography (public-key schemes) can provide all functionality needed in modern security protocols such as SSL/TLS. However, the major drawback in practice is that encryption of data is extremely computationally demanding with (public-key algorithms). Many Block and Stream ciphers can encrypt 1000 times faster in software than (public-key algorithms). On the other hand, Symmetric Cryptography (private-key algorithms) are poor at providing digital signatures and key establishment/transport functionality. Hence, most practical protocols are hybrid protocols, which incorporate both Symmetric Algorithms and Asymmetric Algorithms.