• Tidak ada hasil yang ditemukan

Proposal Presentation - Computer Science - Rhodes University

N/A
N/A
Info
Unduh - Bebas
Protected

Academic year: 2025

Membagikan "Proposal Presentation - Computer Science - Rhodes University"

Copied!
14
0
0

Memuat.... (Lihat teks lengkap sekarang)

Unduh sekarang ( 14 Halaman )

Teks penuh

(1)

Bradley Cowie

Supervised by Barry Irwin

Security and Networks Research Group Department of Computer Science

Rhodes University

MANAGEMENT, PROCESSING AND ANALYSIS OF CRYPTOGRAPHIC

PROTOCOLS

(2)

The use of cryptographic protocols as a means to provide security to web servers and applications at the transport

layer is becoming increasingly popular. However it is difficult to analyze this sort of traffic as it is encrypted

•ISP's are often served with court orders to provide logs of clients activity; this data is often encrypted.

•Attacks that use HTTPS as their means of entry are harder to detect once again as they are encrypted.

•Its often difficult to debug errors related to cryptographic protocols once again due to the encrypted nature of the data

PROBLEM STATEMENT 1

(3)

So it would be nice if a set of tools existed for dealing with these problems. We approach this problem statement from the prospective of having legitimate access to encrypted

traffic for doing analysis, debugging or data collection. There are a number of systems that implement parts of the

problem statement. We are looking at building a system that is easy to managed, cross platform and can be extended to implement a number of different protocols.

From the popular web-comic XKCD,

http://www.xkcd.com/538/

PROBLEM STATEMENT 2

(4)

Given encrypted data in the form of stored pcap files ( extending to live pcap streams) can we determine the

algorithm used and then together with the recovered session key to decrypt to plain text. Of course the algorithm used for encryption is dependant on the protocol used and the

algorithms that were negotiated between client and server.

Investigate sensible means to store symmetric keys for later use.

Provide some analysis on data that may be useful for detection of possible attacks or for debugging purposes.

Initially provide implementation for SSL then TLS following up with possible implementation for SSH.

OBJECTIVES OF

RESEARCH 1

(5)

Possible extensions

Develop plug-ins for Wireshark to allow for similar functionality

Implement for a wide variety of different protocols.

OBJECTIVES OF RESEARCH 2

The approach taken by one of the Debian openSSL

developers. Removing the randomness from a

cryptographic function can’t have too negative a effect … http://www.xkcd.com/221/

(6)

RELEVANCE AND BACKGROUND 1

Recent concerns : SSLStripper:

Moxie Marlinspike announced at the 2009 Black Hat Federal that he had developed a tool for performing

"man-in-the-middle” attacks on secure websites that make use of SSL.

Rogue CA’s exploiting MD5

A research group at the Eindhoven University of

Technology has developed a method to create rogue CA (Certification Authority) certificates from commercial CA certificates which are trusted by all common web browsers.

(7)

Bradley Cowie

SANS one of the most respected Information Security

trainers and certifiers released a list of the top 10 security menaces for 2008 (compiled by 10 security veterans).

The number 1 security menace for 2008 was :

“Increasingly Sophisticated Web Site Attacks - Especially On Trusted Web Sites”

“..web site attacks have migrated from simple ones based one or two exploits posted on a web site to more

sophisticated attacks based on scripts.. attackers are

actively placing exploit code on popular, trusted web sites where users have an expectation of effective security”

Taken from : http://www.sans.org/2008menaces/

RELEVANCE AND

BACKGROUND 2

(8)

Existing tool suites which partially solve the problem statement

The CSUR project :

CSUR is a project about automatic analysis of cryptographic protocols written in C. However its distributed under copyright and is still in its beta phase.

HTTP Analyzer 4 :

HTTP Analyzer is a utility that allows you to capture HTTP/HTTPS traffic in real-time. It can trace and display a wide range of information. However its not sufficiently generic.

RELEVANCE AND

BACKGROUND 3

(9)

APPROACH AND DESIGN 1

• Research related protocols : develop my own flowcharts and psuedo-code to understand how they function.

•Setup, configuration and gaining of experience in the use of valuable software like TCPDump, SSLDump, openSSL and modSSL.

•Experimentation with generation of CA certificates using openSSL and TinyCA

•Choose the platform for development (currently considering a web-platform using PHP for scripting)

•Develop tools to perform decryption and develop a front end to the tool set

(10)

Bradley Cowie

Secure Socket Layer

SSLv2 Record Layer: Client Hello Length: 103

Handshake Message Type: Client Hello (1) Version: SSL 3.0 (0x0300)

Cipher Spec Length: 78 Session ID Length: 0 Challenge Length: 16 Cipher Specs (26 specs)

Cipher Spec: SSL2_RC4_128_WITH_MD5 (0x010080)

[ more Cipher Specs deleted ] Challenge

(11)

Bradley Cowie

•Implementation of analysis of data (entropy)

•Possibly compare to other tools that perform similar functions.

APPROACH AND DESIGN

2

(12)

APPROACH AND DESIGN

3

Prototype design of system

(13)
(14)

Bradley Cowie

QUESTIONS

?

Referensi

Unduh sekarang ( PPTX - 14 Halaman - 329.78 KB )

Dokumen terkait

STAMFORD UNIVERSITY BANGLADESH Department of Computer Science and Engineering

STAMFORD UNIVERSITY BANGLADESH Department of Computer Science and Engineering Term-02 Examination, Spring 2022 Semester CSE 101 : Fundamentals of Computer Science CT: Raihan Tanvir

ASSAM UNIVERSITY, SILCHAR DEPARTMENT OF COMPUTER SCIENCE

ASSAM UNIVERSITY, SILCHAR DEPARTMENT OF COMPUTER SCIENCE 1 | P a g e NOTICE INVITING TENDER NO.AUS/CS/Furniture /2015-16 Date:12/05/2016 Sealed tender is invited from Manufacturer

Department of Computer Science Assam University Silchar

Department of Computer Science Assam University Silchar Dated: 22/08/2020 Minutes of the Departmental Admission committee and Departmental Research committee held on 22/08/2020

Department of Computer Science Assam University, Silchar NOTIFICATION

Department of Computer Science Assam University, Silchar Application Form for Open Choice Course MCSCOC 203 Name of the Student in Block Letters: Department: Email id: Phone No.:

Gumilyov Eurasian National University Faculty of Information Technology Department of Computer Science APPROVED by Dean of the Faculty of Information Technologies Sh.Seilov

Professionals in the field of information systems need knowledge of the basics of computer networks, classification of computer networks, features of modern network technologies,

Master of Science Project Proposal

Firstly, the Telkom Centre of Excellence housed in the Department of Computer Science at Rhodes University testbed, the Settler City Wireless SCW network, which utilises many dierent

Rhodes University Computer Science Department

7 Requirements The hardware requirements for this project are as follows: • Access to a x86 based personal computer The software requirements are as follows: • Windows XP

Rhodes University Computer Science Department

5.1 Effectiveness of Software Visualisation One of the main areas where software visualisation can be used to enhance the understanding of computer programs and algorithm function, is