Paxson Spring 2013 CS 161 Computer Security Discussion 14
ثبت نشده
چکیده
(a) What is the difference between side channels and covert channels? Solution: A side channel is a channel that leaks information due to the physical implementation. It's a side channel in the sense that it is not a theoretical weakness in a system, but rather an effect of its physical implementation. Side channels do not involve two cooperating parties; they instead are used by a single party to extract information they are not meant to have. A covert channel is a channel that allows information transfer between two cooperating parties that aren't supposed to be able to communicate. (b) Consider implementing the RSA cryptography algorithm. The typical way is to go through the 'key' bit by bit. The pseudo-code looks something like this: foreach (bit in key) { if (bit) { // do multiplication and all hard work if bit is 1 } // do other simpler stuff that you need to do regardless } Recall the cable box with a tamper resistant private key inside it that Prof. Paxson talked about in the lecture. Can you imagine a side-channel attack on the above implementation to find the private key? Hint: Can you do something with a multimeter? Solution: The length of time the power is at its peak can give you a clear indication of the bit pattern of the key. Multiplication usually requires more power, and this is noticeable in embedded systems. For example, see the graph on Wikipedia [1]. Question 2 Countering Spam (7 min) What technical approaches can you think of to (1) block spam (2) detect spam? Is it possible to completely stop spam? Why or why not?
منابع مشابه
Defending against network IDS evasion
Vern Paxson received his M.S. and Ph.D. degrees from the University of California, Berkeley. He is a Senior Scientist at the AT&T Center for Internet Research at the International Computer Science Institute, and also a Staff Scientist at the Lawrence Berkeley National Laboratory. His research focuses on network intrusion detection and Internet measurement. He is one of the Transport Area Direct...
متن کاملThe Spread of the Witty Worm
We would like to thank Brian Kantor, Jim Madden, and Pat Wilson of UCSD for technical support of the Network Telescope project; Mike Gannis, Nicholas Weaver, Wendy Garvin, Team Cymru, and Stefan Savage for feedback on this document; and the Cisco PSIRT Team, Wendy Garvin, Team Cymru, Nicholas Weaver, and Vern Paxson for discussion as events unfolded. Support for this work was provided by Cisco ...
متن کاملEmploying Honeynets For Network Situational Awareness
Effective network security administration depends to a great extent on having accurate, concise, high-quality information about malicious activity in one’s network. Honeynets can potentially provide such detailed information, but the volume and diversity of this data can prove overwhelming. We explore ways to integrate honeypot data into daily network security monitoring with a goal of sufficie...
متن کاملCharacterizing Payments Among Men with No Names
Damon McCoy is an assistant professor in the CS department at George Mason University. He obtained his PhD from the University of Colorado, Boulder, and his research includes work on anonymous communication systems, cyber-physical security, e-crime, and wireless privacy. [email protected] Geoffrey M. Voelker is a Professor of Computer Science at the University of California, San Diego. He w...
متن کاملHypervisors as a Foothold for Personal Computer Security: An Agenda for the Research Community
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission.
متن کامل