Lecture 47 So.ware Threats
and Vulnerabili:es
Dr. Cong Wang
CS Department
City University of Hong Kong
Slides par:ally adapted from lecture notes by M. Goodrich&R. Tamassia,
W. Stallings&L. Brown, Dan Boneh, and
Lecture 47 Control Hijacking
and Defenses
Dr. Cong Wang
CS Department
City University of Hong Kong
Slides parKally adapted from lecture notes by M. Goodrich&R. Tamassia,
W. Stallings&L. Brown, Dan Boneh, and Da
Lecture 34 User
Authen1ca1on and Applica1ons
Dr. Cong Wang
CS Department
City University of Hong Kong
CS4293/CS5293 Topics Comp/Info Security
1
Authen1ca1on
The determina1on of iden%ty, usually based on a
combi
Security Goals
Integrity
C.I.A.
Condentiality
Availability
1
Conden7ality
Conden'ality is the avoidance of the
unauthorized disclosure of informa7on.
conden7ality involves the protec7on of data,
providing access for
Lecture 1 Introduc.on and
Basic Crypto Tools
Dr. Cong Wang
CS Department
City University of Hong Kong
CS4293/CS5293 Topics Comp/Info Security
1
Teaching Team
Instructor:
Dr. Cong WANG, Y6425@AC1
Tel(O):
Lecture 34 Access Control
Dr. Cong Wang
CS Department
City University of Hong Kong
Slides credits in part from D. Boneh, J. Mitchell, M. Goodrich, and W. Stallings
CS4293/CS5293 Topics Comp/Info Security
1
Acce
Two implementaon concepts
Access control list (ACL)
Store column of matrix
with the resource
Capability
User holds a cket for
each resource
Two variaons
File 1
File 2
User 1 read
write

User 2 write
Q1
List at least three security vulnerabili3es for IP.
Answer: No source authen3ca3on; no
conden3ality; no integrity guarantee;
Also, no bandwidth constraints  > large injec3on
of IP packets to network
The SecurID system (secret vk, stateful)
Algorithm G: (setup)
Choose random key k K
Output sk = (k,0) ; vk = (k,0)
vasco
IdenDcaDon:
prover
verier
sk = (k,0)
r0 F(k,0)
vk =
CS4293/CS5293 Week 6 Tutorial
Q1: What is the difference between an access control list and a capability ticket?
Q2: Data outsourcing is a recent trend in the era of cloud. By centralizing data to cloud,
enterpr
Basics
Nota*on
Secret key K
Encryp*on func*on EK(M), or Ek(P).
Decryp*on func*on DK(C)
Plaintext length typically the same as ciphertext length
Encryp.on and decryp.on are PRP, i.e., pseudorandom
permuta*on func
Attacks
Attacker may have
a)
b)
c)
d)
Encryption
Algorithm
Plaintext
collection of ciphertexts
(ciphertext only attack)
collection of
plaintext/ciphertext pairs
(known plaintext attack)
collection of
plaintext/ciphertext pairs for
plaintexts selected by
RSA Cryptosystem
Setup:
n = pq, with p and q primes
e relaNULLely prime to
(n) = (p  1) (q  1)
d inverse of e in Z(n)
Example
n
w p = 7, q = 17
w n = 717 = 119
w (n) = 616 = 96
w e = 5
w d = 77
Keys:
Public key: KE = (n,
CS4293/CS5293 Week 5 Tutorial
Q1: How does SecureID onetime password system work?
Q2: Whats the difference between S/Key system and SecureID system?
Q3: List and briefly describe the principle physical charac
CS4293/CS5293 Week 4 Tutorial
Q1: Can you use the pair (6, n) as an RSA public key, where n = pq, for two large primes,
p and q? why ?
Q2: Show the result of encrypting M = 4 using the public key (e;
CS4293/CS5293 Week 3 Tutorial
Q1: Data compression is often used in data storage and transmission. Suppose you want to
use data compression in conjunction with encryption. For the following four choices, which
one ma
CS4293/CS5293 Week 2 Tutorial
Q1(a): Eve has tricked Alice into decrypting a bunch of ciphertexts that Alice encrypted last
month but forgot about. What type of attack is Eve employing?
Q1(b): Eve has an antenna that can pick up Alice's encrypted cell p
CS4293/CS5293 Week 1 Tutorial
Q1: Identify the security requirements (confidentiality, integrity, availability) that the
following threats are trying to break.
 Blocking parental control dynamic library access of web browser to gain
access to gaming webs