전자정보보안기술 TECHNOLOGY DIGITAL INFORMATION SECURITY

DIGITAL INFORMATION SECURITY TECHNOLOGY

전자정보 보안기술

2019 Spring Semester Instructor: Jaewoo Lee

Some Slides from “Security Engineering”,Ross, 2008

Today Lecture

• Review

• Ch. 6: Distributed Systems

• Network Security

• Distributed Systems Security

Review: RSA

• Bob generate RSA key

• large primes p=61, q=53

 N=pq=3233, (p-1)(q-1)=3120

• Find e which is relative prime (서로소) to (p-1) and (q-1)

 1<e<3120  e=17

• Find d s.t. e*d mod (p-1)(q-1)=1  d=2753

• Public key: (N, e), Private key: d 

Bob post public key (3233,17) and keep private key 2753

• Alice want to send msg to Bob

• Alice get Bob’s public key in his homepage

• Alice encrypt P (=65)

• Alice send C to Bob

• Bob decrypt C

65¹⁷ mod 3233=2790 2790²⁷⁵³ mod 3233 = 65

Network Security

• To prevent resources and networks of organization from attack

• Network Separation (망분리)

• Separate inner network from outer network

OSI 7 layer

• OSI 7 layer

• Interconnect heterogeneous network

• Simplification, Standardization, Modularization

P2P

Multi-hop

Ethernet HW, Lan Cable Reliable Connection

HTTP, FTP Open System Interconnection

Data Link Layer

• MAC address

• Ethernet HW address (48bit)

• Vendor ID (3byte)+

Host ID (3byte)

• HEX(16진수) notation

• IP address (IPv4)

• A numerical label to the device in WWW

• 32bit (4byte)

• dot-decimal notation

• ARP

• A protocol mapping between MAC address and IP address

Media Access Control

Internet Protocol

Address Resolution Protocol

TCP/IP

OSI 참조모델 계층 TCP/IP 계층 Application

Application layer Presentation layer

Session layer

Application

layer Application

Protocol & service

Transport layer Transport layer TCP UDP

Network layer Internet layer IP ICMP ARP RARP 경로배정 protocol Data link layer Network

Interface layer Network driver software Physical layer Hardware NIC(Network interface card)

ICMP: Internet Control Message Protocol IGMP: Internet Group Management Protocol

상위계층

하위계층 IGMP ^IGMP

Transport layer protocol: TCP vs UDP

TCP UDP

Transport type Connection Connectionless

Connection Setup Connect (3way handshaking)

Disconnect (4way handshaking)

No connection setup

Reliability High Low

Speed Slow Fast

Influence to upper layers X need to handle End-To- End errors

Q. Which protocol does YouTube use?

Transmission Control Protocol User Datagram Protocol

3 Way Handshaking (Connect)

Related to IP spoofing, Session Hijacking

Distributed Systems

• Distributed Systems

• A set of computers that cooperate for common goals

• E.g., wireless sensor networks, world wide web (WWW)

Concurrency (Ch. 6.1)

• Processes are concurrent

• They run at the same time

• Concurrency increasing

1) Growing online business

2) Complex devices

Using old data

• Replay Attack (Ch. 3)

• ‘grabber’ example

• Race Condition Attack (Ch. 4)

• ‘mkdir’ example

• Time of Check To Time Of Use (TOCTTOU) attack

• Bugs caused by changes between the condition check and the use of the results of that check

• Bank example (balance: $3000)

Check Balance

Withdraw $2000 Deposit $1000

Check Balance Withdraw $2000

Deposit $1000

(Normal) (Under Attack)

The order of update

• Bank example

• Balance: $1000

Deposit $5000

Withdraw $2000

Deposit $5000

Withdraw $2000

(Normal)

(Under Attack)

Sol 1: process transaction based on the arrival time Sol 2: log-based update

Inconsistent Update

• Concurrent Data Modification

• Sol 1: Locking (avoid conflict)

• Sol 2: Call-back (allow conflict)

Thank you

Q&A