Wednesday, July 20, 2016

DES (Data Encryption Standard) is weak because of the Key size but what else make DES weak?

1. Key Complement weakness reduces brute force attack to require 255 possibilities.

2. If the possibilities of data what we are encrypting are limited, it's comparatively easier (not easy).

2.1. Differential cryptanalysis: To break the full 16 rounds, differential cryptanalysis requires 249 chosen plaintexts.
2.2. Linear cryptanalysis: FPGA Implementation of the Linear Cryptanalysis was able to return DES key in 12-15 hrs.

SDLC - At what stage in the cycle do you "bring up" security?

During the development life cycle, it is important to plan for security integration. At what stage in the cycle do you "bring up" security?

SDLC could be taken as system development life cycle (Initiation, Acquisition/development, Implementation, Operation/maintenance, and Disposal) or software development life cycle (Requirements gathering, Design, Development, Testing/Validation, Release/Maintenance in general), since basic needs for computer systems may be different from developing software securely. As long as we are following a structure and nothing is being missed on security side and various steps involved, we are good.
Overall, whether we talk about system development life cycle or software development life cycle, security must be integrated in each and every phase involved.

What is Secure Software Development? 
When security of the application is being on priority while each phase of development and all the possible measures have been taken, keeping in mind Confidentiality availability and integrity of the app right from beginning to end, no matter what model we follow, it's Secure Software Development.
As per Microsoft , "The Security Development Lifecycle (SDL) is a software development process that helps developers build more secure software and address security compliance requirements while reducing development cost"
Phase 1 Training
1. Core Security Training
Phase 2 Requirements
2. Establish Security and Privacy Requirements
3. Create Quality Gates/Bug Bars
4. Perform Security and Privacy Risk Assessments
Phase 3 Design
5. Establish Design Requirements
6. Perform Attack Surface Analysis/ Reduction
7. Use Threat Modeling
Phase 4 Implementation
8. Use Approved Tools
9. Deprecate Unsafe Functions
10. Perform Static Analysis
Phase 5 Verification
11. Perform Static Analysis
12. Perform Fuzz Testing
13. Conduct Attack Surface Review
Phase 6 Release
14. Create an Incident Response Plan
15. Conduct Final Security Review
16. Certify Release and Archive
Phase 7 Response
17. Execute Incident Response Plan

On the similar  lines, Web Application Security Project (OWASP)  talks about many recommendations that could integrate in each phase.


Web Application Security Consortium (WASC) , talks about top attack methods against which application must be safeguard under Secure Software Development.

Wednesday, July 6, 2016

who is using my Wi-Fi !!!

Wireless Networks are predominantly week. Suppose you are wearing your hacker's hat and want to experiment hacking into a Wireless signal/network, where would you start?

Wireless meant to be any communication without physical connection between source and destination like Wi-Fi, mobile networks, Bluetooth, IrDA, via satellite or anything like that. But in general terms when we talk about wireless, mostly it is Wi-Fi which we target to crack, even though other communication channels may also be victims of fraud.

Long time back, I got suspicious that my Wi-Fi at home is compromised and someone is using my bandwidth, since Comcast sent me a text message that I crossed 300 GB. Even when all the device - laptop, security cameras, smart TV, printer, phones iPad at home were switched off, my cable modem used to blink [the data transfer blue light] continuously when connected to Wi-Fi router, I thought someone is using my Wi-Fi router. My Wi-Fi router, I bought from Craigslist, so I thought its software was compromised, I did a little googling and installed dd-wrt via firmware upgrade, still it blinked. I applied MAC filtering still it did; I hide the SSID and changed password to 41characters long, applied WPA-2 personal, still it did. For one month we survived only on direct connection from cable modem to single device, either TV or laptop when used, no Wi-Fi at home at all. Later I realized the culprit is smart TV and netflix, so ignored the blinking of cable modem henceforth.

And now this discussion makes me think, all measures I took to secure Wi-Fi were not full proof and even the mac address can be spoofed!!! hfff….

To break-in Wi-Fi, I must have a virtual or actual target, if this is a virtual target [created by me], half of the story is worthless, and the moment I am 100% sure about underlying mechanism used to secure a Wi-Fi network, half of the battle is done. Tools like Kismet and NetStumbler [page 728 Shon Harris] could help understand what the Wi-Fi is broadcasted from, what’s the underlying technology used. After that I have tools like AirSnort and WEP-Crack [page 719, 728 Shon Harris]. aircrack-ng included in backTrack, cowpatty or reaver are some other tools that may be used.

But before starting using these tools I must be aware of basic terms and technologies ( like network standards, how Wi-Fi actually works, WEP, WPA2-PSK, WPA2-AES, channels and which channels can be used for rogue access points and so on), what may be the physical tools required ( like Wi-Fi adapters, Attennas or simply a routed mobile device !!), and last but not the least - make sure the tools I am planning to use or downloaded "FREE" are not backdoors to my test machine.


References

Security: How many $'s per Lbs. ?

I am sure all of you remember Data Theft from Home Depot, Target and OPM. This is just a short list. These organizations have fully mature IT security organizations. What do you think they were doing wrong to allow such intrusions?

We may have "fully mature" security in place, but if leanings and change in the way we tackle cyber-attacks is governed by actual exploits, certainly there is something wrong.

1. Responsibility. Like Home Depot, Target and OPM, we might be able to handover bad name after an incident to a vendor, but actual loss will not be recovered. For example in case of OPM, multiple applications used shared resources, if OPM had proper infrastructure in place, when one system is hacked, it would have stopped there. Same is the case with Home Depot and Target; boundaries of access were not clearly defined. All resources and information must have been given clear category and classification in all the cases.

2. Weakest link in line of defense defines how much secure we are, say in case of OPM, security information and event management partially covered monitoring of the key components. OPM allowed users to gain access without two factor authentication at some places, at others it was implemented.

3. it’s not always possible to build the whole ship in-house and assume that it won't fail.  On the other hand security is not something for which we could pay from Organization's budget, make our own personal benefit and get rid of on papers. We need services from third parties and this must not be the weak link, now to endorse a third party vendor and his services/ products, holistic processes and expertise must be attained by us. Say in case of Target, they are blaming the air conditioner firm, but who brought them in? Was target not concerned at all, they might be vulnerable to attacks.


4. We may not be termed as a secured IT organization, by only putting guidelines and secured architectures on paper, what does matter also, how well they are followed. For example in case of OPM, the vulnerabilities exploited, it was not like, they were never aware of anything at all, many loop holes were present since many years and reported, but no action taken. Reason, mentality of being lazy: the system is still running, will see later, ignore the warnings.

5. Spend Wisely. Gaining a shield against hackers may not be cheaper or one time investments, we must have to constantly involved in penetration testing and be aware of where the technology is moving, opening new secret doors for intruders. It will also need constant expenditure on hiring right talent and spending on upgrading skills of existing employee. Does this means, if we have a budget for security testing and we outsource it to same vendor, who will copy paste what he found during last cycle and we are done and my part of bribe is 100% sure ? No, findings must be given a value in terms of loss that might occur and fixed well in time. To get deeper analysis, we might also rotate third party vendors who do security testing.

6. How about vulnerabilities found by penetration testing vendors getting leaked to hackers, this is one of the nightmares which OPM may have experienced. Here comes the smartness of decision maker, how to tackle it. Involving too less employees in this activity of reviews might mean meager reviews and the right eyes being closed with lid of $'s. Involving too many may itself introduce vulnerabilities and risk to organization as a whole. Well said that 8th layer might be the weakest layer.

7. Fearless and full of doubts. Based on vulnerabilities reports, rebuilding the whole system sometimes might be advisable with some extra expenditure, than to keep on patching old unsecured system.

References


Blame China, I forgot to zip my ass:
vs

OWASP TOP 10 - A5-Security Misconfiguration

Please focus on A5 -
Explain how you would mitigate.


Identify threat sources
An anonymous user, a user with less privileges entering system intending to perform higher privileged action, or an employee getting benefited without revealing his own identity may try to exploit security misconfigurations
Identify events 
default accounts being used to access, downloading unprotected files dues to misconfiguration, getting content authorized to a user of higher privileges, using a feature available due to misconfiguration, exposure of logs to user since they were configured to be created in wrong place, download code files and reverse engineering them, more detailed error messages be used by hackers, hackers exploiting server technology being exposed in the html source served to client machine and so on. 
Identify Vulnerabilities
presence of default access accounts, presence of unprotected files, leaving misconfiguration which allows lesser privileged user to get more secured content/ function, presence of logs in public library or available outside server/without authentication,  unnecessary ports being kept open/default ports being used, availability of code files to be downloaded, exposing error message in detail to end user, exposing server technology in headers or html rendered and so on. 
Determine Likelihood of Occurrence 
determine how much is the likelihood of exploitation of detected vulnerabilities. 
Determine Magnitude of Impact 
determine, for each exploitation, how much trouble an organization will be in. 
Determine Risk 
Establish risk based on impact and likelihood. 


1. automate the process of installation, configuration and deployments using PowerShell or anything convenient available as per the system to avoid human errors (preventive, technical)
2. keeping test, QA, prod environment same and configured with same automated scripts, but passwords and user name should be different, alsousernames should not be obvious to guess (preventive, technical)
3. All software patches must be deployed, but after rigorous testing. establish robust communication channel from software providers to get alerts (preventive, technical)
4. robust architecture (preventive, technical)
5. Automated scans and penetration testing after every release (detective, technical)
6. Follow the product guidelines for system accounts, it also includes limiting their permission to prescribed level (preventive, technical)
7. make sure unnecessary functions, ports or protocols are disabled and default ports are not used(preventive, technical)
8. password used must be of legitimate strength. (preventive, technical)
9. Monitor application logs by admin and trusted dev (detective, technical)
10. Redo risk analysis triggered by 9.and 5. above.

Reference

1. https://www.owasp.org/index.php/Top_10_2013-A5-Security_Misconfiguration
2. https://hemantrohtak.blogspot.com/2016/05/service-applications-in-sharepoint-2013.html
3. Shon Harris Book Page 1103 (Common software development weakness enumeration list)
4. Shon Harris Book Page 1109 (OWASP)
5. http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf

Perfect Encryption

Explain the concept of "Perfect Encryption? Why is it not practical?


Perfect encryption is achieved when probability of cracking is no better than guessing the message, even if hacker knows the encrypted message. And even if the actual message is retrieved, no guarantee is that it is the actual message.
 In one-time pad, a true random (not reused) secret key (at least as long as the message) is used and combined with actual message in parts (bit by bit) using modular addition (XOR). So, theoretically, Perfect encryption is achieved here.
But requirement of secured exchange of the secret key makes it perfect in theory only. If my exchange is secured, I may rather want to send plain text securely. Second thing, I doubt is, how to claim true randomness of the secret key. Third thing, sending such a secured message itself is alarming.


Reference:
  1. https://www.quora.com/Cryptography-What-is-a-perfect-cipher-and-why-is-the-one-time-pad-a-perfect-cipher#
  2. Shon Harris Book - page 771

How can you show that OTP is perfect?

I do not advocate one-time pad is perfect in practical but, it may be considered theoretically perfect:-

As per, http://people.seas.harvard.edu/~salil/cs127/fall06/docs/lec3.pdf  [2 Perfect Secrecy], the definition of perfect encryption is :
Perfect encryption is achieved when probability of cracking is no better than guessing the message, even if hacker knows the encrypted message. And even if the actual message is retrieved, no guarantee is that it is the actual message.
In Proposition 4 is this paper, author mathematically proves one-time pad to be perfect encryption which satisfy above.


Asymmetrical encryption

Symmetrical encryption requires the participants in the communication to use a shared secret key. Asymmetrical encryption does not require the sharing of keys. The process uses a public key to encrypt and a private key to decrypt in order to achieve privacy. Both processes are efficient but Symmetrical is fast as compared with Asymmetrical. In this discussion, you are going to explain the details of Asymmetrical encryption from the time the client issue a request for the handshaking to received the keys. Explain how are keys generated?


how are keys generated:
Rivest-Shamir-Adleman (RSA), El Gamal, Elliptic curve cryptosystem (ECC), Digital Signature Algorithm (DSA), Elliptic curve DSA (ECDSA) are some algorithms defined and accepted to be strong and difficult to crack considering the computation power available today. These algorithms define how keys(public/private) are generated. For example, RSA is based upon factors of large prime numbers; El Gamal is based upon calculating discrete logarithms in a finite field; Elliptic curve works uses factoring prime number based on elliptic curves similar to RSA but with less computation power.

How Asymmetrical encryption works: 
1. Achieving Confidentiality: client encrypt content with public key and send message to server, server uses private key to decrypt the message.
2. Achieving nonrepudiation: server encrypt message with private key, and send to client, client decrypt using public key, it verifies that right server sent the message. same thing happens in case of digital signature.
But here is the catch, server sends an encrypted message which is supposed to be decrypted using public key, but public key everyone knows. So, next routes (3 & 4) explained gives possible work around.
3. Achieving both together: We will still name one as client and the other as server. calling sender sender when it becomes receiver at a point creates confusion. Client encrypt message with his private key, his public key is with server too. After first encryption above, the cipher text is again encrypted using server's public key.  The resultant cipher text is sent to server. server decrypt using his own private key. now this result of first decryption is decrypted again using client's public key.
4. Getting more practical: Now practically, client may not have a private and public key combination. If named entity as client in point 3 is an actual server then point 3 makes a sense. But what if client is my desktop. So here is how we get more practical: During handshake, client may send a tiny bit of symmetric ‘magic word’ encrypted with public key (of server) - to the server. Now this symmetric ‘magic word’ is decrypted with private key (of server)  and stored with server too. All future communications between client and server follow point 1 and 2. but a slight change:
a) Now client encrypt actual text with ‘magic word’, then with public key (of server) and then send it to server, server decrypt it with private key (of server) , then decrypt with ‘magic word’ and then process.
b) Server first encrypt with ‘magic word’, then with private key  (of server)  and send to client, client now decrypt with public key  (of server)  and then with ‘magic word’.

Reference:
1. http://robertheaton.com/2014/03/27/how-does-https-actually-work/
2. Shon Harris Book
3. Peter H. Gregory Book


For Key generation - Which one is better?

There are two ways to look at it: CIA and cost.
Confidentiality may not be in pieces, either 0 or 1. Given that, no algorithm can be 100% full proof, but could be difficult and time consuming to break, we could only move towards perfection.
Diffie-Hellman is vulnerable to man in the middle attack, RSA is slow, but elliptic curves could give similar results with less computing power required.
So "which one is better" may be answered, in terms of key length, required to achieve a given security level. Better algorithm may be the one, which need smaller key to achieve same level of security. Reference: http://www.ijcscn.com/Documents/Volumes/vol5issue1/ijcscn2015050103.pdf, Page 21 , Table 1.