SystemsSec 2016W Lecture 10: Difference between revisions

From Soma-notes
Created page with "= Updates = == Literature Review Papers == * Assignments are being replaced with a literature review paper (a paper in which a collection of papers are analyzed and discusse..."
 
No edit summary
 
Line 1: Line 1:
= Updates =
= Topics & Readings =


== Literature Review Papers ==
* Updates
* Computer Security Research
* Secure Hashes
* TLS
* SSH
 
= Class Notes =
 
== Updates ==
 
=== Literature Review Papers ===


* Assignments are being replaced with a literature review paper (a paper in which a collection of papers are analyzed and discussed)
* Assignments are being replaced with a literature review paper (a paper in which a collection of papers are analyzed and discussed)
Line 7: Line 17:
* Multiple grading schemes at end of semester (20% literature review paper, 10% hacking journal and vice-versa)
* Multiple grading schemes at end of semester (20% literature review paper, 10% hacking journal and vice-versa)


== Midterm and Final Exam ==
=== Midterm and Final Exam ===


* Midterm and final will be essay-based; sample questions will be provided to help with studying
* Midterm and final will be essay-based; sample questions will be provided to help with studying
* Midterm topics to be announced in a in a future lecture
* Midterm topics to be announced in a in a future lecture


== Hacking Journals ==
=== Hacking Journals ===


* During reading week, you will receive a mark for your hacking journals to-date
* During reading week, you will receive a mark for your hacking journals to-date
Line 19: Line 29:
* Hacking journals likely to end by mid-March
* Hacking journals likely to end by mid-March


= Computer Security Research =
== Computer Security Research ==


* Unlike other computer science disciplines, computer security revolves around conferences
* Unlike other computer science disciplines, computer security revolves around conferences
Line 37: Line 47:
* If working individually, paper should be approximately 10 pages double-spaced.
* If working individually, paper should be approximately 10 pages double-spaced.


= Secure Hashes =
== Secure Hashes ==


* Generating one can be done on command line (md5sum, sha1sum, sha256sum)
* Generating one can be done on command line (md5sum, sha1sum, sha256sum)
Line 55: Line 65:
** SHA256: Hash function
** SHA256: Hash function


= TLS =
== TLS ==
 
* protocol used to talk to web server securely with a secure, encrypted connection
* protocol used to talk to web server securely with a secure, encrypted connection
* algorithms: AES is the block cipher used, GCM is the mode, RSA is part of the public key exchange
* algorithms: AES is the block cipher used, GCM is the mode, RSA is part of the public key exchange
Line 63: Line 74:
** block ciphers require shared keys
** block ciphers require shared keys


= SSH =
== SSH ==
 
* “known_hosts” file located in your /.ssh folder contain public keys of machines that you can connect to
* “known_hosts” file located in your /.ssh folder contain public keys of machines that you can connect to
* “authorized_keys” contains public keys of machines that you have authorized to connect to your machine
* “authorized_keys” contains public keys of machines that you have authorized to connect to your machine

Latest revision as of 19:14, 27 February 2016

Topics & Readings

  • Updates
  • Computer Security Research
  • Secure Hashes
  • TLS
  • SSH

Class Notes

Updates

Literature Review Papers

  • Assignments are being replaced with a literature review paper (a paper in which a collection of papers are analyzed and discussed)
  • End of March: submit a small literature review paper (possibly written in a group of 3 to 4 people)
  • Multiple grading schemes at end of semester (20% literature review paper, 10% hacking journal and vice-versa)

Midterm and Final Exam

  • Midterm and final will be essay-based; sample questions will be provided to help with studying
  • Midterm topics to be announced in a in a future lecture

Hacking Journals

  • During reading week, you will receive a mark for your hacking journals to-date
  • After reading week, the course will be mostly focused on research papers
  • Going forward, focus of hacking journals should be to go in-depth rather than breadth
  • Hacking journals likely to end by mid-March

Computer Security Research

Secure Hashes

  • Generating one can be done on command line (md5sum, sha1sum, sha256sum)
  • MD5 represents a 128-bit hash as a 32 digit hexadecimal; usage is discouraged since it has been terribly compromised
  • SHA-1 hashes are bit longer but have also been compromised; Google is discouraging SHA-1 for websites and SSL encryption by displaying warnings in Chrome
  • SHA-256 is recommended
  • A property of any secure hash: a 1-bit change in input must lead to, on average, half of the bits changing in the output
  • Generally, it is computationally impossible to reverse a hash unless the hash function is broken in which case, shortcuts can be used.
  • Computationally infeasible to break SHA-256 right now
  • A birthday-attack is a fast brute force attack on a crypto algo (example: decreasing search space to increase chances of collision)
  • Common use of hashes: software distribution (e.g., ISOs, disk images, BitTorrent)
    • This allows you to verify that integrity of a download
    • Caveat: if someone can alter your download, they can likely alter the publicly listed hash
  • Key terminology
    • RSN: robust secure network
    • AES: block cipher
    • SHA256: Hash function

TLS

  • protocol used to talk to web server securely with a secure, encrypted connection
  • algorithms: AES is the block cipher used, GCM is the mode, RSA is part of the public key exchange
  • Diffie-Hellman: the first public key algorithm that was created; used for key exchange, not authentication;
    • example: talking to someone across the world
    • in order to have a secure channel to talk with them, you can use block ciphers
    • block ciphers require shared keys

SSH

  • “known_hosts” file located in your /.ssh folder contain public keys of machines that you can connect to
  • “authorized_keys” contains public keys of machines that you have authorized to connect to your machine
  • if a public key changes, you’ll get an error
  • Large corporations use their own certificates
    • provides a secure connection to their proxy
    • let’s them monitor activity
  • Encryption can very easily be your enemy