Академический Документы
Профессиональный Документы
Культура Документы
ebp
● eip: return instruction pointer
○ like ra from RISC-V, MIPS
○ saved from previous frame
● sfp: stack frame pointer
○ saved ebp from parent's frame
■ ebp: base pointer
● by setting the value of eip register to
point to the payload, we can execute
our malicious code!
● Alternatively, we can set the value of
the sfp to change where the return
frame will be
● Bounds Checking ● Invariants: statements which hold at some point through the function.
○ Sort of like partial postconditions.
○ Should be able to prove the postconditions
Security Principles More Security Principles
● Know your threat model: What type of attacks are you scared of? ● Consider human factors: security systems must be usable (otherwise you
● Security is economics: Good security saves you money. get tech gooblygook)
● Don't rely on security through obscurity: "they won't know" is not security. ● Design in security from the start: adding security on later is harder.
○ Shannon's Maxim: The attacker knows the system. ● Trusted computing base: what you must trust to be secure
○ Kerckhoff's Principle: A cryptosystem should be secure even if the attacker knows everything
● Ensure complete mediation: check every access to every object,
except the key.
assumptions might change later on.
● Least privilege: Don't give more power than necessary.
● Defense in Depth: More combined defenses are stronger: two factor auth ● Division of trust: no single person should have all the power.
● More in slides & notes, but these are the more important ones.
IND-CPA CBC
Adversary Challenge
M r
CTR CTR
Which of the following are properties of CTR mode? properties of CTR mode
1. encryption can be parallelized 1. encryption can be parallelized
2. decryption can be parallelized 2. decryption can be parallelized
3. it turns a block cipher into a stream cipher 3. it turns a block cipher into a stream cipher
4. it is more secure than CBC mode
5. it provides integrity and authentication for the message
Confidentiality Diffie-Hellman
● Confidentiality: preventing adversaries from learning our private data 1. Agree on g and p in advance (can be public)
○ Data = message or document 2. Alice randomly generates a, sends ga.
● How can we achieve this? 3. Bob randomly generates b, sends gb.
○ Encryption!
4. Alice and Bob can both calculate K = gab = (ga)b = (gb)a.
○ Be careful not to leak information by sending encrypted data
5. Now they have agreed on a key K!
● Diffie-Hellman does nothing to stop man-in-the-middle.
○ Definition: man-in-the-middle is an attacker who sees all of the communication between Bob
Alice and Bob and can change the messages between Alice and Bob.
ElGamal Schemes
● Semantically secure: Like IND-CPA except for public key crypto ● H(m) is a cryptographic hash function:
● Again g and p are public. ○ one-way, second pre-image resistant, collision resistant