Lecture 1 – Introduction and

Basic Crypto Tools

Dr. Cong Wang
CS Department
City University of Hong Kong

CS4293 Topics on Cybersecurity 1

 Teaching Team
• Instructor:
– Dr. Cong WANG, Y6425@AC1
– Tel(O): 3442 2010
– Email: [email protected]
• Teaching Assistant :
– Mr. Yuefeng DU, G2322@AC1 (Yeung-Building)
– Tel(O): 3442 2070
– Email: [email protected]

CS4293 Topics on Cybersecurity 2

 Teaching Materials
• Weekly lecture notes, tutorial, lab materials, reading materials
– usually provided before class
• Reference books:
– Goodrich and Tamassia, Introduction to Computer Security (Int’l
edition), 1e, Pearson, 2011/2014
– Stallings and Brown, Computer Security- Principles and Practice (Int’l
edition), 2e, Pearson, 2012
– Wenliang Du, Computer Security: A Hands-on Approach, 1e,
CreateSpace Independent Publishing Platform, Oct. 12, 2017, ISBN-10:
154836794X, ISBN-13: 978-1548367947.
– Niels Ferguson, Bruce Schneier, Tadayoshi Kohno, Cryptography
Engineering: Design Principles and Practical Applications, 1st Edition,
2010
• You have to check Canvas and emails!
– Announcements, material, assignments, etc.
CS4293 Topics on Cybersecurity 3
 Teaching Pattern
• Lecture (2 hours per week)
– Information sessions AND some lab demonstrations
when appropriate.
• Tutorial (1 hour per week)
– Discussions/demonstrations on weekly question sheet
based on lecture materials/readings
• Students are recommended to attend lectures and
do the hands-on exercises together.
– We will partially adopt SEED labs to assist our teaching
– http://www.cis.syr.edu/~wedu/seed/index.html

CS4293 Topics on Cybersecurity 4

 Assessment
• 30% Course work:
– 2 Assignments + 1 Midterm-quiz
• Two assignments due on week 8 and week 12
– Most are practical hands-on exercises
• Midterm-quiz on week 8
– Late assignments get zero mark
• 70% Final examination
• Plagiarism will not be tolerated

CS4293 Topics on Cybersecurity 5

 Course Content
• Not just facts
• Need to
– Understand concepts
– Apply those concepts
– Think about implications
– understand limitations

CS4293 Topics on Cybersecurity 6

Course Overview

CS4293 Topics on Cybersecurity 7

 Intended Learning Outcomes
Upon completion of the course, students
should be able to:
• identify and analyse common threats and vulnerabilities of
software and web applications;
• classify and analyse common threats and vulnerabilities of
network and systems;
• identify and evaluate major countermeasures to software
and web application, network and system attacks;
• identify current issues in computer security.

CS4293 Topics on Cybersecurity 8

 Tentative Course Overview
• 1-2: Security concepts + basic crypto
• 3-4: Authentication and access control
• 4-7: Software threats and vulnerabilities
• 7-9: Web application and security
• 9-10: Network protocols, vulnerabilities, and
defenses
• 11-13: Hot topics on cybersecurity, wrap up
and revision

CS4293 Topics on Cybersecurity 9

 Lecture 1-2
Introduction:
• Basic security concepts
• Cryptographic tools with hands-on exercises
– Symmetric key encryption and msg confidentiality
– Message authentication and hash functions
– Public key encryption
– Digital signature and key management

CS4293 Topics on Cybersecurity 10

 Lecture 3-4
Authentication, Access control, and
applications:
• Various means of authentication
• Access control principles
• Internet authentication applications

CS4293 Topics on Cybersecurity 11

 Lecture 4-7
Software threats and vulnerabilities:
• OS concepts and security issues,
• memory and file system security,
• application program security,
• buffer overflow
• Hands-on exercises

CS4293 Topics on Cybersecurity 12

 Lecture 7-9
Web security:
• Web Environment and Security Threats
– Cookie Poisoning, Session Hijacking, Cross-Site
Scripting, Cross-Site Tracing, SQL Injection,
Directory Traversal, Denial of Service, etc.
• Privacy
– HTTP-Referrer, Tracking Cookies, Web Bugs, User
Agents, DNS
• Hands-on exercises
CS4293 Topics on Cybersecurity 13
 Lecture 9-10
Network protocols, vulnerabilities, and
defenses:
• Network security issues:
– Deny of service, TCP session Hijacking IP Spoofing, Packet
sniffing, Deny of service, etc.
• Network defenses:
– Secure protocols, Firewalls, VPNs, Intrusion Detection, and
filters
• Hands-on exercises if time permits.

CS4293 Topics on Cybersecurity 14

 Lecture 11-13
Hot topics on cyber security:
• Proofs of cloud storage and verification
• Search over encrypted data
• Computing over encrypted data
• Cryptocurrency and blockchain
• Network function virtualization (NFV) security
• Actual selected topics depends on time
availability
And revision.
CS4293 Topics on Cybersecurity 15
Introduction

16
 Defining Security
• The security of a system, application, or protocol is
always relative to
– A set of desired properties
– An adversary with specific capabilities
• For example, standard file access permissions in Linux
and Windows are not effective against an adversary
who can boot from a CD

17
 Security Goals
Integrity

• C.I.A.

Confidentiality Availability

18
 Confidentiality
• Confidentiality is the avoidance of the
unauthorized disclosure of information.
– confidentiality involves the protection of data,
providing access for those who are allowed to see
it while disallowing others from learning anything
about its content.

19
 Tools for Confidentiality
• Encryption: the transformation of information using a secret,
called an encryption key, so that the transformed information
can only be read using another secret, called the decryption
key (which may, in some cases, be the same as the encryption
key).
Communication
Sender Recipient
channel

encrypt decrypt

ciphertext plaintext

plaintext

shared shared
secret secret
key key
Attacker
(eavesdropping)
20
 Tools for Confidentiality
• Access control: rules and policies that limit
access to confidential information to those
people and/or systems with a “need to know.”
– This need to know may be determined by identity,
such as a person’s name or a computer’s serial
number, or by a role that a person has, such as
being a manager or a computer security specialist.

21
 Tools for Confidentiality
• Authorization: the determination if a person or system is
allowed access to resources, based on an access control
policy.
– Such authorizations should prevent an attacker from tricking the
system into letting him have access to protected resources.
• Physical security: the establishment of physical barriers to
limit access to protected computational resources.
– Such barriers include locks on cabinets and doors, the
placement of computers in windowless rooms, the use of sound
dampening materials, and even the construction of buildings or
rooms with walls incorporating copper meshes (called Faraday
cages) so that electromagnetic signals cannot enter or exit the
enclosure.

23
 Integrity
• Integrity: the property that information has not been
altered in an unauthorized way.
• Tools:
– Backups: the periodic archiving of data.
– Checksums: the computation of a function that maps the
contents of a file to a numerical value. A checksum
function depends on the entire contents of a file and is
designed in a way that even a small change to the input
file (such as flipping a single bit) is highly likely to result in
a different output value.
– Data correcting codes: methods for storing data in such a
way that small changes can be easily detected and
automatically corrected.

24
 Availability
• Availability: the property that information is
accessible and modifiable in a timely fashion
by those authorized to do so.
• Tools:
– Physical protections: infrastructure meant to keep
information available even in the event of physical
challenges.
– Computational redundancies: computers and
storage devices that serve as fallbacks in the case
of failures.

25
 Other Security Concepts
• A.A.A. Authenticity

Anonymity

Assurance
26
 Assurance
• Assurance refers to how trust is provided and managed in
computer systems.
• Trust management depends on:
– Policies, which specify behavioral expectations that people or systems
have for themselves and others.
• For example, the designers of an online music system may specify policies that
describe how users can access and copy songs.
– Permissions, which describe the behaviors that are allowed by the
agents that interact with a person or system.
• For instance, an online music store may provide permissions for limited access
and copying to people who have purchased certain songs.
– Protections, which describe mechanisms put in place to enforce
permissions and polices.
• We could imagine that an online music store would build in protections to
prevent people from unauthorized access and copying of its songs.

27
 Authenticity
• Authenticity is the ability to determine that
statements, policies, and permissions issued by
persons or systems are genuine.
• Primary tool:
– digital signatures. These are cryptographic computations
that allow a person or system to commit to the
authenticity of their documents in a unique way that
achieves nonrepudiation, which is the property that
authentic statements issued by some person or system
cannot be denied.

28
 Anonymity
• Anonymity: the property that certain records or
transactions not to be attributable to any individual.
• Tools:
– Aggregation: the combining of data from many individuals so
that disclosed sums or averages cannot be tied to any individual.
– Mixing: the intertwining of transactions, information, or
communications in a way that cannot be traced to any
individual.
– Proxies: trusted agents that are willing to engage in actions for
an individual in a way that cannot be traced back to that person.
– Pseudonyms: fictional identities that can fill in for real identities
in communications and transactions, but are otherwise known
only to a trusted entity.

29
 Threats and Attacks
• Eavesdropping: the interception of information
intended for someone else during its
transmission over a communication channel.

Alice Bob

30
Eve
 Threats and Attacks
• Alteration: unauthorized modification of
information.
– Example: the man-in-the-middle attack, where a
network stream is intercepted, modified, and
retransmitted.
Communication
Sender Recipient
channel
encrypt decrypt

plaintext M plaintext M′

shared shared
secret ciphertext C ciphertext C′ secret
key key

Attacker
(intercepting) 31
 Threats and Attacks
• Denial-of-service: the interruption or
degradation of a data service or information
access.
– Example: email spam, to the degree that it is meant
to simply fill up a mail queue and slow down an
email server.

Alice
32
 Threats and Attacks
• Masquerading: the fabrication of information
that is purported to be from someone who is
not actually the author.

“From: Alice”
(really is from Eve)

33
 Threats and Attacks
• Repudiation: the denial of a commitment or
data receipt.
– This involves an attempt to back out of a contract or
a protocol that requires the different parties to
provide receipts acknowledging that data has been
received.

34
Public domain image from http://commons.wikimedia.org/wiki/File:Plastic_eraser.jpeg
 Threats and Attacks
• Correlation and traceback: the integration of
multiple data sources and information flows to
determine the source of a particular data
stream or piece of information.

Bob
35
The Ten Security Principles
Economy of
mechanism
Compromis Fail-safe
e recording defaults

Complete
Work factor
Security
mediation

Psychologic
al
Principles Open
acceptabilit design
y
Least
Separation
common
of privilege
mechanism Least
privilege

36
 Economy of mechanism
• This principle stresses simplicity in the design
and implementation of security measures.
– While applicable to most engineering endeavors,
the notion of simplicity is especially important in
the security domain, since a simple security
framework facilitates its understanding by
developers and users and enables the efficient
development and verification of enforcement
methods for it.

37
 Fail-safe defaults
• This principle states that the default configuration
of a system should have a conservative
protection scheme.
– For example, when adding a new user to an operating
system, the default group of the user should have
minimal access rights to files and services.
Unfortunately, operating systems and applications
often have default options that favor usability over
security.
– This has been historically the case for a number of
popular applications, such as web browsers that allow
the execution of code downloaded from the web
server.
38
 Complete mediation
• The idea behind this principle is that every
access to a resource must be checked for
compliance with a protection scheme.
– As a consequence, one should be wary of
performance improvement techniques that save
the results of previous authorization checks, since
permissions can change over time.
– For example, an online banking web site should
require users to sign on again after a certain
amount of time, say, 15 minutes, has elapsed.

39
 Open design
• According to this principle, the security architecture
and design of a system should be made publicly
available.
– Security should rely only on keeping cryptographic keys
secret.
– Open design allows for a system to be scrutinized by
multiple parties, which leads to the early discovery and
correction of security vulnerabilities caused by design
errors.
– The open design principle is the opposite of the approach
known as security by obscurity, which tries to achieve
security by keeping cryptographic algorithms secret and
which has been historically used without success by
several organizations.
40
 Separation of privilege
• This principle dictates that multiple
conditions should be required to achieve
access to restricted resources or have a
program perform some action.

41
 Least privilege
• Each program and user of a computer system
should operate with the bare minimum
privileges necessary to function properly.
– If this principle is enforced, abuse of privileges is
restricted, and the damage caused by the
compromise of a particular application or user
account is minimized.
– The military concept of need-to-know information
is an example of this principle.

42
 Least common mechanism
• In systems with multiple users, mechanisms
allowing resources to be shared by more than
one user should be minimized.
– For example, if a file or application needs to be
accessed by more than one user, then these users
should have separate channels by which to access
these resources, to prevent unforeseen
consequences that could cause security problems.

43
 Psychological acceptability
• This principle states that user interfaces
should be well designed and intuitive, and all
security-related settings should adhere to
what an ordinary user might expect.

44
 Work factor
• According to this principle, the cost of
circumventing a security mechanism should be
compared with the resources of an attacker when
designing a security scheme.
– A system developed to protect student grades in a
university database, which may be attacked by
snoopers or students trying to change their grades,
probably needs less sophisticated security measures
than a system built to protect military secrets, which
may be attacked by government intelligence
organizations.

45
 Compromise recording
• This principle states that sometimes it is more
desirable to record the details of an intrusion
than to adopt more sophisticated measures to
prevent it.
– Internet-connected surveillance cameras are a typical
example of an effective compromise record system
that can be deployed to protect a building in lieu of
reinforcing doors and windows.
– The servers in an office network may maintain logs for
all accesses to files, all emails sent and received, and
all web browsing sessions.

46
 Cryptography
• Is
– A tremendous tool
– The basis for many security mechanisms
• Is not
– The solution to all security problems
– Reliable unless implemented properly
– Reliable unless used properly
– Something you should try to invent yourself unless
• you spend a lot of time becoming an expert
• you subject your design to outside review

47
 Auguste Kerckhoffs
• A cryptosystem should be
secure even if everything about
the system, except the key, is
public knowledge.

baptised as Jean-Guillaume-Hubert-Victor-François-
Alexandre-Auguste Kerckhoffs von Nieuwenhof
48
 Crypto threat model
• Assume attacker knows the cryptosystem
• Attacker does not know random numbers
– Generated as systems run, not in advance

• Easy lessons
– Use good random number generators
– No harm in public review of cryptography
• This prevents silly and not-so-silly mistakes
• Benefit from community of experts

49
 Example: network transactions

Assume attackers can control the network

– We will talk about how they do this in a few weeks
– Attackers can intercept packets, tamper with or suppress them, and
inject arbitrary packets
50
 Goal 1:secure communication

Step 1: Session setup to exchange key

Step 2: encrypt data

51
 Goal 2: Protected files
Disk

Alice File 1 Alice

No eavesdropping
No tampering
File 2

Analogous to secure communication:

Alice today sends a message to Alice tomorrow

52
Goal 3: Secure cloud computing?

Compute
? servers
Cloud
Storage
Application
servers

53
 Cryptographic Concepts
• Encryption: a means to allow two parties,
customarily called Alice and Bob, to establish
confidential communication over an insecure
channel that is subject to eavesdropping.

Alice Bob

54
Eve
 Encryption and Decryption
• The message M is called the plaintext.
• Alice will convert plaintext M to an encrypted
form using an encryption algorithm E that
outputs a ciphertext C for M.
Communication
Sender Recipient
channel

encrypt decrypt

ciphertext plaintext

plaintext

shared shared
secret secret
key key
Attacker 55
(eavesdropping)
 Encryption and Decryption
• As equations:
C = E(M)
M = D(C)
• The encryption and decryption algorithms are
chosen so that it is infeasible for someone other
than Alice and Bob to determine plaintext M from
ciphertext C. Thus, ciphertext C can be
transmitted over an insecure channel that can be
eavesdropped by an adversary.
56
 Cryptosystem
1. The set of possible plaintexts
2. The set of possible ciphertexts
3. The set of encryption keys
4. The set of decryption keys
5. The correspondence between encryption
keys and decryption keys
6. The encryption algorithm to use
7. The decryption algorithm to use

57
 Caesar Cipher
• Replace each letter with the one “three over”
in the alphabet.

58
Public domain image from http://commons.wikimedia.org/wiki/File:Caesar3.svg
 Symmetric Cryptosystems
• Alice and Bob share a secret key, which is used
for both encryption and decryption.

Communication
Sender channel Recipient

encrypt decrypt

ciphertext plaintext

plaintext

shared shared
secret secret
key key

Attacker
(eavesdropping)
59
 Symmetric Key Distribution
• Requires each pair of communicating parties
to share a (separate) secret key.
shared
secret

shared
secret
shared shared shared
secret secret secret

n (n-1)/2
keys
shared
60
secret
 Public-Key Cryptography
• Bob has two keys: a private key, SB, which Bob
keeps secret, and a public key, PB, which Bob
broadcasts widely.
– In order for Alice to send an encrypted message to
Bob, she need only obtain his public key, PB, use
that to encrypt her message, M, and send the
result, C = EPB (M), to Bob. Bob then uses his
secret key to decrypt the message as M = DSB (C).

61
 Public-Key Cryptography
• Separate keys are used for encryption and
decryption.
Communication
Sender Recipient
channel

encrypt decrypt

plaintext ciphertext plaintext

plaintext

public private
key key

Attacker
(eavesdropping)
62
 Public Key Distribution
• Only one key is needed for each recipient
private private

public public

n key
pairs
public public

private private
63
64
 Digital Signatures
• Public-key encryption provides a method for
doing digital signatures
• To sign a message, M, Alice just encrypts it
with her private key, SA, creating C = ESA(M).
• Anyone can decrypt this message using Alice’s
public key, as M’ = DPA(C), and compare that to
the message M.

65
 Cryptographic Hash Functions
• A checksum on a message, M, that is:
• One-way: it should be easy to compute
Y=H(M), but hard to find M given only Y
• Collision-resistant: it should be hard to find
two messages, M and N, such that H(M)=H(N).
• Examples: SHA-1, SHA-256.

66
 Message Authentication Codes
• Allows for Alice and Bob to have data integrity, if they share a
secret key.
• Given a message M, Alice computes H(K||M) and sends M
and this hash to Bob.
Communication
channel

(attack detected)
h 6B34339 4C66809 4C66809
=? 87F9024 h
message M MAC MAC received computed
message M’
MAC MAC

shared shared
secret secret
key Attacker key
Sender Recipient
(modifying) 67
 Digital Certificates
• certificate authority
(CA) digitally signs a
binding between an
identity and the
public key for that
identity.

68
 Passwords
• A short sequence of characters used as a
means to authenticate someone via a secret
that they know.

• Userid: _________________
• Password: ______________

69
 How a password is stored?

User
Password file
Dog124

Butch:ASDSA
21QW3R50E
hash function ERWWER323
…
…

70
 Strong Passwords
• What is a strong password
– UPPER/lower case characters
– Special characters
– Numbers
• When is a password strong?
– Seattle1
– M1ke03
– P@$$w0rd
– TD2k5secV
71
 Password Complexity
• A fixed 6 symbols password:
– Numbers
106 = 1,000,000
– UPPER or lower case characters
266 = 308,915,776
– UPPER and lower case characters
526 = 19,770,609,664
– 32 special characters (&, %, $, £, “, |, ^, §, etc.)
326 = 1,073,741,824
• 94 practical symbols available
– 946 = 689,869,781,056
• ASCII standard 7 bit 27 =128 symbols
– 1286 = 4,398,046,511,104

72
 Password Length
• 26 UPPER/lower case characters = 52 characters
• 10 numbers
• 32 special characters
• => 94 characters available

• 5 characters: 945 = 7,339,040,224

• 6 characters: 946 = 689,869,781,056
• 7 characters: 947 = 64,847,759,419,264
• 8 characters: 948 = 6,095,689,385,410,816
• 9 characters: 949 = 572,994,802,228,616,704

73
Password Validity: Brute Force Test
• Password does not change for 60 days
• how many passwords should I try for each
second?
– 5 characters: 1,415 PW /sec
– 6 characters: 133,076 PW /sec
– 7 characters: 12,509,214 PW /sec
– 8 characters: 1,175,866,008 PW /sec
– 9 characters: 110,531,404,750 PW /sec

74
 Secure Passwords
• A strong password includes characters from at
least three of the following groups:

• Use pass phrases eg. "I re@lly want to buy 11

Dogs!"

75
 Social Engineering
• Pretexting: creating a story that convinces an
administrator or operator into revealing secret
information.
• Baiting: offering a kind of “gift” to get a user
or agent to perform an insecure action.
• Quid pro quo: offering an action or service
and then expecting something in return.

76