Security. Michael E. Locasto University of Calgary

Transcription

1 Security Michael E. Locasto University of Calgary

2 Agenda Read Chapter 20 and 21 - don t need to memorize PEM details background: RFCs, Chapter 22 Concept queskon: Where do we put security? SMTP Refresher security considerakons PEM, S/MIME, PGP We will talk more about infrastructure security on Friday 4/2/15 Michael E. Locasto, CPSC 2

3 QoD JJ asks: "How do we alter someone else's , so that we know how to protect against such a malicious a]ack? 4/2/15 Michael E. Locasto, CPSC 3

4 OK, so I know none of you ever use and that only people between the ages of 28 and 64 use , and eventually all these people will die off, so who cares about security, blah blah blah, but the point is that whatever asynchronous messaging pladorm you use, it will have the same end- to- end security and privacy concerns. CAVEAT 4/2/15 Michael E. Locasto, CPSC 4

5 MoKvaKng QuesKon Where do we place security in the system and network stack? Problem domain: asynchronous chat - , IRC, skype, twi]er, ICQ, gchat/aim, facebook messaging, web forums, etc. 4/2/15 Michael E. Locasto, CPSC 5

6 Simple Model Alice specifies a message containing headers and a body, and hands the message to an untrustworthy network to read, interpret, and rewrite her message on each hop toward Bob, the recipient (who may be offline). Conceptually similar to IP with a sprinkling of source- roukng style recording of the route of the message. 4/2/15 Michael E. Locasto, CPSC 6

7 4/2/15 Michael E. Locasto, CPSC 7

8 SMTP Terminology Simple mail transfer protocol store and forward model mail client / user agent (UA) sends to series of: MTA (message transfer agent) 4/2/15 Michael E. Locasto, CPSC 8

9 4/2/15 Michael E. Locasto, CPSC 9

10 You ll typically see an SMTP instance (sendmail, qmail, posdix) running on localhost at port 25; this is for local mail delivery 4/2/15 Michael E. Locasto, CPSC 10

11 Servers can play with your message. Usually this is just adding headers to track the message path, ank- spam countermeasures, etc. But MTAs somekmes play with the message content itself b/c machines have different ways of represenkng plaintext. This is annoying when we think of applying standard solukons for integrity. 4/2/15 Michael E. Locasto, CPSC 11

12 Standard Menu of C- I- A Threats Denial of Service RewriKng message Snooping/sniffing message in transit / at rest AuthenKcaKon of senders? Recipients? Sender anonymity Traffic analysis (did A send a msg to B?) business concerns: recall, return receipt, etc. 4/2/15 Michael E. Locasto, CPSC 12

13 Content Security (end- to- end) PEM (Privacy Enhanced Mail) - confidenkality, src auth, integrity (txt) - symmetric or asymmetric S/MIME - adapt PEM for use in MIME regime - e.g., signed data, encrypted data are new MIME types PGP (Pre]y Good Privacy) - web of trust, public key crypto 4/2/15 Michael E. Locasto, CPSC 13

14 Preliminary: Base- 64 encoding uuencode/uudecode map arbitrary data into a small set of characters, adding <CR><LF> 4/2/15 Michael E. Locasto, CPSC 14

15 4/2/15 Michael E. Locasto, CPSC 15

16 Main Ideas: Types of Content cleartext integrity- protected cleartext integrity- protected encoded data encrypted, integrity- protected data, encoded varying requirements on the recipient (knowledge & ability to decode) key establishment (especially PEM symmetric)? 4/2/15 Michael E. Locasto, CPSC 16

17 Main Ideas: IdenKfying Content Delimit the protected content in some way BEGIN PRIVACY- ENHANCED MESSAGE END PRIVACY- ENHANCED MESSAGE /2/15 Michael E. Locasto, CPSC 17

18 4/2/15 Michael E. Locasto, CPSC 18

19 4/2/15 Michael E. Locasto, CPSC 19

20 4/2/15 Michael E. Locasto, CPSC 20

21 S/MIME adapts PEM Ideas In the MIME encoding framework applicakon/pkcs7- signature applicakon/pkcs7- mime Did not try to create a PKI like PEM did 4/2/15 Michael E. Locasto, CPSC 21

22 S/MIME to PGP S/MIME allows users to obtain cerkficates from any cerkficate authority A sender communicates their cerkficate to a recipient simply by sending a signed message, but Bob skll needs to establish trust in the binding Upshot: S/MIME is effeckve against passive eavesdropping forecasts the introduckon of PGP 4/2/15 Michael E. Locasto, CPSC 22

23 Key DistribuKon PEM: Rigid hierarchy of Cas PGP: web- of- trust ( anarchy ) S/MIME: doesn t care, but prackcally: assumes disconnected set of federated CAs 4/2/15 Michael E. Locasto, CPSC 23

24 Unaddressed Security of server infrastructure - bugs - spam - domain/dns ownership - client authenkcakon PEM cerkficate hierarchy - example of PKI concept Public Key Infrastructure in general - trust in the PKI, cerkficate authorikes, etc. 4/2/15 Michael E. Locasto, CPSC 24

25 THE END 4/2/15 Michael E. Locasto, CPSC 25