CS 177 Computer Security Lecture 18
Transcription
CS 177 Computer Security Lecture 18
CS177 ComputerSecurity Lecture18 StefanoTessaro tessaro@cs.ucsb.edu Finalinformation FinalwilltakeplaceThursdayintwoweeks. Finalwillbe3hours Similarstyleasmidterm Youareallowedtotakewithyou4letter-sized sheets(i.e.,8pages)ofhandwritten notes Willpublishlistoftopics.Q&AnextWednesday. • • • • Today • • • • Wiretappingandsurveillance AnonymityandTor Censorship Dataprivacy Socialissuesincomputersecurity Privacyoftencompromisedinfavorof: • Nationalsecurity • Businessand/orscientificpractices Ongoingdebate Privacyhelpsthebad guys.Goodguys shouldn’tworry,they havenothingtohide. vs. “Arguingthatyoudon’tcare abouttherighttoprivacy becauseyouhavenothingto hideisnodifferentthan sayingyoudon’tcareabout freespeechbecauseyou havenothingtosay.” Keyissue: Lossofprivacyoftenhardtoassessatfirst, andmayevenbringadvantages (e.g.,Facebook,social media,etc). Thisclass:Makeyourowninformed opinion! AT&TWiretapcase[2006] • MarkKleindisclosespotential wiretappingactivitiesbyNSAat SanFranciscoAT&Toffice • Fiberopticsplitteronmajortrunk lineforInternetcommunications – Electronicvoiceanddata communicationscopiedto“secret room” – Narus STA6400device Wiretapsurveillance Interceptiongear Other major backbone Other major backbone AT&T network MAE-West (Metropolitan AreaExchange, West) LargeamountsofInternettrafficcrossrelativelyfew keypoints Typesofpacketinspection IPdatagram IPheader TCPheader Internetserviceproviders needonlylookatIPheaders toperformrouting Appl header userdata Deeppacketinspection(DPI) analyzesapplication headersanddata Shallowpacketinspection investigateslower levelheaderssuchas TCP/UDP Isdragnetsurveillancetechnologically feasible? • CAIDAhaslotsofgreatresourcesfor researchersabouttrafficlevels • FromtheirSanJoseA tier-1backbonetap: http://www.caida.org/data/realtime/passive/?monitor=equinix-sanjose-dirA From http://narus.com/index.php/product/narusinsi ght-intercept Lawfulintercept • CALEA – CommunicationsAssistanceforLawEnforcementAct (1995) • FISA – ForeignIntelligenceSurveillanceAct(1978) – Demarkboundariesofdomesticvs.foreignintelligence gathering – ForeignIntelligenceSurveillanceCourt(FISC)provides warrantoversight – ExecutiveorderbyPresidentBushsuspendneedforNSA togetwarrantsfromFISC • Almostallnationalgovernmentsmandatesomekindof lawfulinterceptcapabilities Preventingintercept • End-to-endencryption(TLS,SSH) Interceptiongear IP: 1.2.3.4 Other major backbone AT&T network IP: 5.6.7.8 • Whatdoesthisprotect?Whatdoesitleak? • Whatcangowrong? End-runaroundHTTPS • HTTPSterminatedatedgeofGooglenetworks • Internaldatacenter-to-datacenter communicationsonprivatelyleasedlines – Noencryptionupuntillastsummer Hidingconnectivityisharder • “Metadata”isuseful • IPaddressesarerequiredtoroute communication,yetnotencryptedbynormal end-to-endencryption – 1.2.3.4talkedto5.6.7.8overHTTPs • Howcanwehideconnectivityinformation? Tor(TheOnionRouter) Interceptiongear IP: 1.2.3.4 Other major backbone AT&T network IP: 5.6.7.8 TorNode 7.8.9.1 Other major backbone TorNode 9.1.1.2 TorNode 8.9.1.1 IP: 1.2.3.4 7.8.9.1 8.9.1.1 Src: 9.1.1.2 Onionrouting Src: 8.9.1.1 Src: 7.8.9.1 Src: 1.2.3.4 Dest: 7.8.9.1 Dest: 8.9.1.1 IP: 5.6.7.8 9.1.1.2 Dest: 9.1.1.2 Dest: 5.6.7.8 HTTP packet Encryptedw/9.1.1.2’spk Encryptedw/8.9.1.1’spk Encryptedw/7.8.9.1’spk Torimplementsmorecomplexversionofthisbasicidea Whatdoesadversarysee? Src: 9.1.1.2 IP: 1.2.3.4 Dest: 5.6.7.8 HTTP packet Interceptiongear Other major backbone AT&T network IP: 5.6.7.8 TorNode Other major backbone TorNode TorNode 7.8.9.1 9.1.1.2 Torobfuscateswhotalkedtowho,needend-to-end 8.9.1.1 encryption(e.g.,HTTPS)toprotectpayload Tor– Bridgesvs.Relays • Relays – NodesintheTornetwork • Bridges – Non-publicrelays(canbeusedtobypassfiltering) • Hiddenservices – HostsonlyaccessibleviaTornetwork(aka,the underworld) – e.g.,silkroad Otheranonymization systems • Single-hopproxyservices Anonymizer.com • JonDonym,anonymousremailers(MixMaster, MixMinion),manymore… Surveillanceviathird-party • “Thus,someSupremeCourtcaseshaveheldthatyouhave noreasonableexpectationofprivacyininformationyou have"knowinglyexposed"toathirdparty — forexample, bankrecordsorrecordsoftelephonenumbersyouhave dialed— evenifyouintendedforthatthirdpartytokeep theinformationsecret.Inotherwords,byengagingin transactionswithyourbankorcommunicatingphone numberstoyourphonecompanyforthepurposeof connectingacall,you’ve"assumedtherisk"thattheywill sharethatinformationwiththegovernment.” FromtheEFFwebsite https://ssd.eff.org/your-computer/govt/privacy Example:AT&THawkeyedatabase • AllphonecallsmadeoverAT&Tnetworks sinceapproximately2001 – Originatingphonenumber – Terminatingphonenumber – Timeandlengthofeachcall Example:Googledatarequests JulytoDecember2013 Fromhttp://www.google.com/transparencyreport/governmentrequests/userdata/ Shouldweprevent?Canwe? • Onecanencryptdatathatisstored,butno currentwaytoprotectdatathatneedstobeused – Cryptographyofferssomesolution(searchable encryption) – Stillnotpracticalonlargescaleandsecuritynotso wellunderstood • Companiesareincreasinglyworriedabout perceptionofgovernmentsurveillance • Policy? • Legalprotections? Next:Censorship CensorshipviaInternetfiltering Src: 1.2.3.4 National Internet International Internet Dest: 5.6.7.8 Filtering equipment • GoldenShieldProjectmostfamousexample • Butmanyothernationsperformfilteringaswellincluding • Iran,Syria,Pakistan(YouTubeanecdote) • Turkey(twitterbanrecently) • Singapore,Australia(proposedlegislation) • Othercountries? Bigbusiness • ReportsofproductsbeingusedinSyria – BlueCoat(http://www.bluecoat.com/) – NetApp (http://www.netapp.com/) • Iran,SaudiArabia – SecureComputing’sSmartFilter software – SecureComputingrecentlyboughtbyMcAffee • EmbargospreventsellingdirectlybyUSA companies,butresellerscandoso Filtering Src: 1.2.3.4 National Internet International Internet Filtering equipment • • • • • IPfiltering DNSfiltering/redirection URLfiltering Packetfiltering(searchkeywordsinTCPpackets) Protocolfiltering(detectTorprotocol) Dest: 5.6.7.8 Circumventionoffiltering Src: 1.2.3.4 National Internet International Internet • IPfiltering Filtering equipment • Proxies • DNSfiltering/redirection • DNSproxy • URLfilteringorPacketfiltering • Encryption/Tunneling/obfuscation • Protocolfiltering • Obfuscationtechniques Dest: 5.6.7.8 GoldenShieldProject (GreatFirewallofChina) IPfiltering DNSfiltering/redirection URLfiltering Packetfiltering(searchkeywordsinTCPpackets) • SendTCPFINbothways • Protocolfiltering(Torisshutdown) • • • • GreatFirewalltargetingofTor (circa2011andbefore) • EnumerateTorrelaysandfilterthem Relayispublicly listedTor node BridgeisTornode notpublicly listed 6# Torproject-- www.torproject.org 66 addresses. The scanners connect to the respective bridge and try to Tor connection (3). If it succeeds, the bridge is blocked. GreatFirewalltargetingofTor (circa2011-2012) TLSconnectionswithparticular ciphersuites flagged Scanners Tor user DPI box Tor bridge From[Winter,Lindskog 2012] Fig. 1. The structure of the Chinese Tor blocking infrastructure. Afte identified a Tor connection to a bridge or relay, active scanners connect machine and induce the block if the machine “speaks Tor”. https://gist.github.com/da3c7a9af01d74cd7de7 TLSHandshake Torclient Torbridge Pickrandom Nc ClientHello, MaxVer,Nc,Ciphers/CompMethods ServerHello, Ver, Ns,SessionID,Cipher/CompMethod Pickrandom Ns TorusesTLSforpoint-to-pointcommunciations, includingfirsthop Torclientsusedrelativelynon-standardCiphers addresses. The scanners connect to the respective bridge and try to Tor connection (3). If it succeeds, the bridge is blocked. GreatFirewalltargetingofTor (circa2011-2012) TLSconnectionswithparticular ciphersuites flagged Scanners Attempttoconnectto dest IPbyTorclient (sourceIPmaybespoofed) Tor user IfserverspeaksTor,thenIP addedtoGFWblacklist DPI box Tor bridge From[Winter,Lindskog 2012] Fig. 1. The structure of the Chinese Tor blocking infrastructure. Afte identified a Tor connection to a bridge or relay, active scanners connect machine and induce the block if the machine “speaks Tor”. https://gist.github.com/da3c7a9af01d74cd7de7 IslamicRepublicofIran • EveryISPmustrun“content-controlsoftware” – SmartFilter (upuntil2009) – NokiaSiemensDPIsystems • Accordingtowikipedia Facebook,Myspace, Twitter,Youtube,Rapidshare,Wordpress,BBC, CNN, allhavebeenfiltered – BigWeb2.0securityofficeranecdotebywayof RogerDingledine (Torproject): • 10%(~10k)oftrafficviaTor • 90%(~90k)oftrafficviaAmazon-hostedproxies IranDPItoshutdownTor • TormakesfirsthoplooklikeTLS/HTTPS connection TLSHandshake Bankcustomer Pickrandom Nc Bank ClientHello, MaxVer,Nc,Ciphers/CompMethods ServerHello, Ver, Ns,SessionID,Cipher/CompMethod CheckCERT using CApublic verificationkey Pickrandom PMS C<- E(pk,PMS) Bracketnotation meanscontents encrypted Pickrandom Ns CERT=(pk ofbank, signatureoverit) C PMS<- D(sk,C) ChangeCipherSpec, {Finished, PRF(MS, “Clientfinished” ||H(transcript)) } ChangeCipherSpec, {Finished, PRF(MS, “Serverfinished” ||H(transcript’)) } MS<- PRF(PMS, “mastersecret”||Nc ||Ns) IranDPItoshutdownTor • TormakesfirsthoplooklikeTLS/HTTPS connection • UseDPItofilterTorconnections: – Torcertificateshaveshortexpirationdate – Mostwebsiteshavelongexpirationdate – Shutdownthoseconnectionswithshortexpiration dates • Torfixedvialongerexpirationdates • Laterin2012:blocking/degradingallTLS connections ArabSpring Next:DataPrivacy Companiesandhealthcareproviders exchange/releasedataonaregularbasis. – Marketing,scientificstatistics,etc. Strongregulations/lawsinplace – e.g,HIPAAinhealthcareindustry Dataisusuallyanonymized /sanitized – e.g.byaddingnoise Still:Mostlyanunsolvedproblem! Anonymization Basicanonymization techniques(delete“identifiers”,e.g., names,SSN,address)mostlyinsufficient. http://arstechnica.com/tech-policy/2009/09/your-secrets-live-online-indatabases-of-ruin/ [Good news:Dr.Sweeneywasrecentlyappointed asheadtechnology officerattheFTC …] Example– NetflixChallenge • DatasetreleasedonOctober2,2006 • 100mio ratingsfrom480knetflix subscribers • Trainingdataconsistedofentries<user, movie, date of grade, grade>, wherefirsttwoentriesareintegerIDs. • Goal: Improvealgorithmtopredictusers’ preferences • $1mioprize NetflixChallenge– Privacy? • Movie/usernamehiddenbyintegerIDs • Datawasintentionallyperturbed(while retainingstatisticalproperties) • Randomsubsetofdataset “No,allcustomeridentifyinginformationhasbeenremoved;allthatremainsareratingsand dates.Thisfollowsourprivacypolicy,whichyoucanreviewhere.Evenif,forexample,you knewallyourownratingsandtheirdatesyouprobablycouldn’tidentifythemreliablyinthe databecauseonlyasmallsamplewasincluded(lessthanone-tenthofourcompletedataset) andthatdatawassubjecttoperturbation. Ofcourse,sinceyouknowallyourownratingsthat reallyisn’taprivacyproblemisit?” [Fromtheoriginal Netflix’sFAQ] Whathappened? • ExploitcorrelationsofmultipleDBs • UsepartialIMDBdatafromspecific(known)user • FindsamevotingpatternsinanonymousNetflix DB • Infervotesonothermoviesbysameuser, learningtastepreferences,datesmovieshave beenwatched, etc – Oftenleakssensitiveinformation,suchaspolitical, sexualorientation Healthcaredata 33statessell healthcaredata Goal:Allow researchers/ insurancesto monitorstatusof overallhealthcare system http://www.forbes.com/sites/adamlevin/2013 /07/18/is-your-state-selling-your-medicalhistory-for-pennies/ WAstatedeanonymization “Patient-levelhealthdatafromtheStateofWashington canbepurchased for$50.Thispubliclyavailabledataset hasvirtuallyallhospitalizationsoccurringintheStateina givenyear,includingpatientdemographics, diagnoses, procedures, attendingphysician,hospital,asummaryof charges, andhowthebillwaspaid.Itdoesnotcontain patientnameoraddresses (onlyZIPs).” Outcome: 43%ofdatasetdeanonymized usingnewspaper accidentreports. SweeneyL.MatchingKnownPatientstoHealthRecordsinWashington State Data.HarvardUniversity.DataPrivacyLab.1089-1.June2013. Dataflowsinhealthcare http://thedatamap.org/ Solid line= contains personal identifiers DataflowsnotcoveredbyHIPAA SmartMeters http://green.blogs.nytimes.com/2 010/05/20/doctor-futurist-spythe-smart-meter/ “Withdatafromthousands ormillionsofsmart meters,researcherscould designtoolsto measurehowmanytimesadayarefrigerator doorwasopened,relevanttodietaryand obesityresearch, orsleeppatterns,relevantto awiderangeofhealthresearch.”