Security Protocols: They’re so NOT
Security Protocols: They’re so NOT
Easy!
Easy!
Lecture Motivation
Lecture Motivation
In the last lecture we looked at some high-level descriptions of
key distribution and agreement schemes.
These protocols cannot be used as they were stated.
In implementation of the actual protocol, there are many
situations one should be careful of.
In this lecture, we will look at some common protocol failures
that arise when trying to implement security protocols
We will then look at some specific examples of security protocols
Lecture Outline
Lecture Outline
Some stories from the Dark Side…
Design Principles for building security protocols
Key tools for building robust security protocols
Naming
Encryption
Signing
Timestamps and nonces
Examples as we go…
Wide-Mouthed Frog
Denning-Sacco
Woo-Lam
Needham-Schroeder
We’ll end with a look at Kerberos
Tales from the Dark Side of Security…
Tales from the Dark Side of Security…
Prepayment in Electricity Meter Systems:
Present a (purchased) digital token to a power meter.
Digital token would convey an ID so it could not be duplicated or
forged…
Problem was that the rate information was not protected
Bank Fraud:
A bank would allow customers to present a bank card which had a
PIN code encrypted and stored on the magnetic strip
Teller had a copy of the encryption key and could check the PINs.
Flaw in design: adversary could alter the account number on the
card to someone else’s, while using his own PIN number… he
would check out ok… but the money would be drawn from
someone else’s account!
Flaw in design: PIN number was not connected to account #.
Tales from the Dark Side of Security, pg. 2
Tales from the Dark Side of Security, pg. 2
Pay-Per-View TV Hacks:
Decoders are personalized with a smart card. Smart card cannot
decrypt bulk content, so the bulk decryption is done on the decoder.
Many decoders have a microcontroller which passes messages
between the cryptoprocessor and the smart card
Attackers can go in and modify or replace the microcontroller, or
can introduce a PC between the decoder and the card in order to
manipulate messages exchanged.
Kentucky Fried Chip hack:
When a customer stops paying subscription, the system sends a
message to the decoder to disable the card.
The KFC hack replaced the microcontroller with a a version that
would block this message.
It was able to do this because the system message was sent in the
clear!