75 %
25 %
Information about LISA2001

Published on August 14, 2007

Author: Octavio


Where has all the Crypto Gone? Long Time Coming.(With apologies to Pete Seeger):  Where has all the Crypto Gone? Long Time Coming. (With apologies to Pete Seeger) Greg Rose Overview:  Overview Five years ago… Key management problems Public Key Infrastructures What crypto is used IPsec End-to-end Conclusions 5 years ago…:  5 years ago… Opening of the USENIX Security Symposium focusing on Applications of Cryptography, San Jose, 1996 Football teams using encrypted radio Airline news had item on IPSec 'It seems that for every problem, crypto is part of the solution' 'Clearly we are entering a new era of deployment of Cryptography' … we were using…:  … we were using… PGP 2.6 SSH SSL VPNs SWIPE (prototype IPsec) SecurID style tokens, S/Key … but now we use …:  … but now we use … PGP (multiple versions with interop problems) SSH v2 SSL v3, TLS VPNs (but more mobile) IPsec (still not by any means ubiquitous) SecurID style tokens In other words, basically the same stuff, but upgraded a bit. Also during that period:  Also during that period EFF’s Deep Crack, DES effectively useless MD5 suspect RC4 showing its age, broken when used wrong Most deployed mobile phone algorithms broken SET came and went again But on the positive side:  But on the positive side AES process completes (I can say that today…) More open deliberations in previously closed standards (eg. telephony, 802.11) More open source versions of existing stuff OpenSSL OpenPGP, GPG Crypto file systems Good random number generation Cryptosystems, Key Management, and Hard Stuff:  Cryptosystems, Key Management, and Hard Stuff What is a cryptosystem? What are keys? Why do we have to manage them? Why is managing them hard? What is a Public Key Infrastructure? Why don’t they work? Cryptosystems:  Cryptosystems Nothing to do with SEX! Everything to do with security. A cryptosystem is a cryptographic algorithm, the key or password management the environment the network the protocol the people everything else Key (Cryptovariable) Management:  Key (Cryptovariable) Management All secrecy should reside in the keys (Kerckhoff’s Maxim, over 100 years old). Many tradeoffs: long term vs. short term communications vs. storage secure vs. easy to remember personal vs. corporate vs. recoverable Keep them secret! Remember them! Entropy:  Entropy A mathematical term Measures 'the actual amount of information' English sentences have about 1.5 bits per character therefore, a passphrase for a 128 bit key would be about 80 characters long! Relates to 'predictability' and so is relevant to security you have no security if your secret can be guessed Public keys:  Public keys Also called 'asymmetric' Keys come in pairs; keep one half secret can’t derive the secret one from the public one Can do digital signatures Algorithms slow, keys large Strength of Public Keys:  Strength of Public Keys Two classes… Elliptic curve / Lucas functions / some others Best (known) attacks O(sqrt(N)) so need 256 bit keys to match 128 bit symmetric Factoring/Discrete Log RSA, El Gamal, Diffie-Hellman, DSA Best (known): O(exp(log(N)**1/3 * log(log(N))**2/3)) for 128 bit symmetric equivalent, need maybe 2048 bit keys or longer Public Key Infrastructures:  Public Key Infrastructures Solves the key distribution problem… just publish the public keys Replaces it with the authentication problem How do you know that the key belongs to who you think it does? Still a research problem. Someone checks your identity and issues a 'certificate' X.509v3 is the most common cert format Problems with PKI:  Problems with PKI Trust the Certificate Authority? Banks have a problem with this $25 in the mail to Verisign Revocation is still, truly, unsolved X.509 is 'people centric' Authenticates identity, but not authority to perform action X.509 isn’t flexible enough (look at SDSI, SPKI) So, what is used?:  So, what is used? Some quotes from: 'Changes in Deployment of Cryptography', Eric Murray, USENIX 2001 Security Symposium IT Eric found secure (https) URLs through search engines, then connected to them Categorised them as strong/medium/weak 2001 survey: 71% strong 5% medium 23% weak Results: Weak Server Details:  Results: Weak Server Details Percent of weak servers surveyed: 2000: 2001: Server key andlt;= 512 bits: 81% 72% weak v3/TLS ciphersuites: 28% 26% expired cert: 10% 16% self-signed cert: 3% 8% only does SSLv2: 1% 6% But note that your browser might ask it to do SSLv2. SSLv3 Export Ciphersuites:  SSLv3 Export Ciphersuites Export controls changed two years ago, but still have an effect: Ciphersuite: 2000 2001 RSA RC4 40 MD5 99% 79% RSA RC2 40 MD5 73% 87% RSA DES 40 SHA 56% 44% DHE RSA DES 40 SHA 24% 30% IPsec:  IPsec Really should be common practice by now Standards process has been political and slow Doesn’t play well with NAT, so might have to wait for IPv6 Key setup is the overriding performance factor Good: can add security to just about anything Bad: proper security should probably be application-specific SSL / TLS:  SSL / TLS Designed to be added to all sorts of things For example, 'STARTTLS' in SMTP, IMAP Still takes a performance hit for initial setup, because of Public-key operations User certificates are rarely used -- failure of PKI But this is the right model: add the security straight into the application Other possibilities:  Other possibilities Why shouldn’t the library routine for opening a temporary file automatically encrypt it? Why doesn’t every operating system supply high-quality random numbers? Why haven’t encrypting file systems become more commonly used? (Note: they exist…) Anecdote: stolen backup tape: 'Crypto wouldn’t help.' (WSJ a couple of days ago.) Why wasn’t the backup tape encrypted? Book plug:  Book plug Not my book… 'Security Engineering', by Ross Anderson Conclusion:  Conclusion Crypto is part of just about every solution … but it isn’t the hard part tools exist for all the basic operations cryptographers keep extending the tool kit Key management, in whatever form, is one of the hard parts Designing the security into the application in the first place is another hard part Retaining ease of use is probably the hardest part

Add a comment

Related presentations

Related pages

dblp: USENIX Systems Administration Conference (LISA) 2001

Bibliographic content of USENIX Systems Administration Conference (LISA) 2001
Read more

Lisa (2001) - IMDb

Directed by Pierre Grimblat. With Jeanne Moreau, Marion Cotillard, Benoît Magimel, Sagamore Stévenin. Stumbling across an uncompleted 1939 film called ...
Read more


A Selection of Papers from LISA and Computing Systems Published LISA Technical Session registrants received a copy of "Selected Papers in System ...
Read more

Lisa.2001 | YouNow - Go Live!

Folge Lisa.2001 live auf YouNow! 14 ️ ... Schau dir mit den YouNow-Apps für iOs und Android Live-Stream-Videos an und chatte auf deinem Handy!
Read more

Die Seite des Reiters Lilli_Lisa2001 - Howrse

Zeige die Seite des Reiters Lilli_Lisa2001 an, der der Züchter von 60 Pferden auf Howrse ist.
Read more

Lisa (2001) - Trailer with Marion Cotillard - YouTube

Stumbling across an uncompleted 1939 film called "Princess Marushka", filmmaker Sam becomes intrigued with the young actor Sylvain Marceau, who ...
Read more

lisa_2001 | YouNow LIVE

Folge lisa_2001 live auf YouNow! 😍😘 ... Schau dir mit den YouNow-Apps für iOs und Android Live-Stream-Videos an und chatte auf deinem Handy!
Read more

Suchergebnis auf für: Lisa (2001)

... Lisa (2001) Prime testen Alle Los. Alle Kategorien ...
Read more

LISA 2001 Paper - USENIX

Accessing Files on Unmounted File Systems Willem A. (Vlakkies) Schreüder - University of Colorado, Boulder Abstract. This paper describes a utility named ...
Read more

Lisa Film (2001) · Trailer · Kritik ·

Lisa +1; Teilen; Twittern; WhatsApp; E-Mail +1; Teilen; Twittern; WhatsApp; E-Mail; Genre Drama Produktionsland aus Frankreich Darsteller Darsteller & Crew.
Read more