Assignment 6

Due: June 11, 2003.

1. Consider the following threats to Web Security and describe in some detail how each is countered by a particular feature of SSL.

   1. Brute-force cryptanalytic attack: An exhaustive search of the key space for a conventional encryption algorithm.
      
      Given that both RC4 and RC2 ciphers have 128-bit encryption, they each have approximately 3.4 * 10³⁸ possible keys, making them very difficult to crack. Assuming that a hacker could test 10,000 (10⁴) keys every second, it could take up to one octillian (1.08 * 10²⁷) years to break the cipher. Only when an octillian keys can be tested every second, is it possible that the cipher can be broken within a year.
      
      
   2. Known-plaintext dictionary attack: Many messages will contain predictable plaintext, such as the HTTP GET command, An attacker constructs a dictionary containing every possible encryption of the known-plaintext message. When an encrypted message is intercepted, the attacker takes the portion containing the encrypted known plaintext and looks up the ciphertext in the dictionary. The ciphertext should match against an entry that was encrypted with the same secret key. If there are several matches, each of these can be tried against the full ciphertext to determine the right one. This attack is especially effective against small key sizes (e.g., 40-bit keys).
      
      This attack is defeated the same way the earlier attack is addressed. Since there are so many different sets of keys available, the size of the dictionary required would be too large to be created. For small key sizes, it could be possible to hack into after a certain amount of time, resources and money. However, for larger key sizes, specifically 128-bit, it could take a very long time.
      
      
   3. Replay attack: Earlier SSL handshake messages are replayed.
      
      The replay attack is countered through the usage of a timestamp in the server authentication process. The client will check to see if the server's certificate is valid and during that process, a timestamp would be used to verify that the messages are not old.
      
      
   4. Man-in-the-middle attack: An attacker interposes during key exchange, acting as the client to the server and as the server to the client.
      
      The client application checks the server domain name specified in the server certificate is the same as the actual domain name of the server. If they are not the same, the authentication fails.
      
      
   5. Password sniffing: Passwords in HTTP or other application traffic are eavesdropped.
      
      With SSL, key-management is handled well because short-term session keys are generated using random hash number generators. Each direction of communication generates independent keys for the connection as well as for each instance of the connection.
      
      
   6. IP spoofing: Uses forged IP addresses to fool a host into accepting bogus data.
      
      If the server requests client authentication, the SSL protocol requires that the client create a digital signature by creating a one-way hash from randomly generated data during the handshake and known only to the client and server. The hash data is encrypted with the client's private key that corresponds to the public key in the certificate received by the server.
      
      
   7. IP hijacking: An active, authenticated connection between two hosts is disrupted and the attacker takes the place of one of the hosts.
      
      SSL uses HMAC, a simple, fast, hash-based construction with strong theoretical evidence for its security. Authentication can be requested during the connection in order to protect the confidential nature of data being passed.
      
      
   8. SYN flooding: An attacker sends TCP SYN messages to request a connection but does not respond to the final message to establish the connection fully. The attacked TCP module typically leaves the 'half-open connection' around for a few minutes. Repeated SYN messages can clog the TCP module.
      
      SYN flooding is also handled by SSL in that the source of the message has to be authenticated before a response is generated. The messages that are continuously sent, can be removed if the source of the requests are considered invalid.
      

Home > Assignment #6

Jin Park