The University of Sydney School of Computer Science Dr Suranga Seneviratne Senior Lecturer - Security
INFO3616/CSEC3616/CSEC5616 S2 2023 Assignment - 3
This is an individual assignment.
This assignment is worth 10% of the final marks of the course. Submit your final report as a PDF file in Canvas.
Final Report Due by Week 11, Sunday the 22nd of October 11:59 PM 1 Key Exchange (20 marks)
Considerthefollowingprotocol,designedtoletAandBdecideonafresh,sharedsessionkeyKA′B. We assume they already share a long-term key KAB.
1. A→B:A,NA
2. B→A:E(KAB,[NA,KA′B]) 3. A→B:E(KA′B,NA)
a) Answer the following questions regarding the protocol designer’s reasoning (8 marks).
•WhywouldAandBbelieveaftertheprotocolranthattheyshareKA′Bwiththeotherparty.
• Why would they believe that this shared key is fresh?
In both cases, you should explain both the reasons of both A and B, so your answer should complete the sentences.
AbelievesthatshesharesKA′BwithBsince... BbelievesthathesharesKA′BwithAsince... AbelievesthatKA′Bisfreshsince... BbelievesthatKA′Bisfreshsince...
b) Person in the middle (8 marks).
Assume now that A starts a run of this protocol with B. However, the connection is intercepted by the adversary C. Show how C can start a new run of the protocol using reflection (i.e., C sending a message back to A based on what it received from A), causing A to believe that she has agreed on a fresh key with B (in spite of the fact that she has only been communicating with C). Thus, in particular, the belief in (a) is false.
c) Modifying the protocol. (4 marks)
Propose a modification of the protocol that prevents this attack.
2 Public Key Infrastructure (20 marks)
i. Figure 1 shows the basic structure of an X.509 certificate. Fill in the missing fields. (4 marks) ii. Compare a CA to a KDC. What is their role, according to Boyd’s theorem? (4 marks)
iii. Who signs root certificates in PKI? (4 marks)
iv. Give two reasons and explain why it is advantageous for a CA to use intermediate certificates. (4 marks)
v. All trusted CAs are treated equally by browsers. Explain why this is a problem. (4 marks)
Figure 1: X509 Certificate structure
3 Transport Layer Security (20 marks) a) TLS1.2 vs. TLS1.3 (6 marks)
Explain two key differences between TLS1.2 and TLS1.3.
b) Mutual TLS (mTLS) authentication (8 marks)
In the lecture, we discussed only sever authentication in TLS. However, TLS also supports mutual authentication (mTLS). Using a suitable diagram explain the process of mTLS. Explain what scenarios require mTLS than usual TLS we use in HTTPS.
c) 0-RTT TLS (6 marks)
Using a suitable diagram, explain what 0-RTT is in TLS 1.3. Discuss why we need such a mechanism and comment on its security implications.
4 Firewalls (20 marks)
We will configure firewalls in this task. Figure 2 shows a possible firewall setup. Your goals are:
• Outgoing traffic is only allowed to TCP ports 80 (HTTP), 443 (HTTPS), and 25 (SMTP); plus UDP ports 53 (DNS), 123 (NTP).
• Incoming traffic is always allowed if there is an established connection, i.e. if the connection has been established from a host in the local network.
• Host 129.78.1.1 is reachable (incoming connection) from everywhere on port 80.
• Host 129.78.1.2 is reachable (incoming connection) on port 22 (SSH) from 129.78.0.0/16.
• Incoming and outgoing ping packets are allowed
• No other incoming traffic is allowed.
Internet
eth0 Packet Filtering eth1 Router
Figure 2: Firewall setup.
a) Configuring a stateful firewall (10 marks)
Write stateful rules in table form as shown in the lecture. A template is given in Table 1. You are free to add more rows to the table, if required.
However, do not add too many unnecessary rules. Implement the policies using as less rules as possible.
b) Converting to stateless filtering (10 marks)
Convert your rules to stateless filtering rules. A template is given in Table 2. Again you are free to add more rows to the table, if required.
However, do not add too many unnecessary rules. Implement the policies using as less rules as possible.
5 Incident Analysis: Optus Data Breach (20 marks)
Read about the Optus Data Breach that happened in 2022 and answer the following questions. There have been many new reports and expert commentary on this - you should be able to find many resources online.
a) Briefly explain what happened (12 marks).
Include the following in your answer.
Rule
Incoming Interface
Src IP
Dst IP
Proto
Src Port
Dst Port
State
Action
A
B
C
D
E
F
G
Table 1: Template for stateful filtering.
Rule
Iface
Src IP
Dst IP
Proto
Src Port
Dst Port
ACK
Action
A
B
C
D
E
F
G
Table 2: Template for stateless filtering.
• What data was breached? (2 marks)
• How did the attacker obtain access to data? (2 marks)
• How did Optus respond when they came to know about the breach? This answer should cover not only technical aspects but also legal, customer relations, and public relations aspects. (4 marks)
• What are the possible risks (i.e., to the impacted users) associated with this data breach? (4 marks)
b) Storing personal information (4 marks)
What makes this attack significant is the fact that driver’s licence numbers and passport numbers were breached for a fraction of Optus customers.
• Explain why Optus was storing such information. (2 marks)
• Explain a better method of storing such information to avoid this type of data breach happening. (2 marks)
c) The aftermath (4 marks)
The repercussions of this attack will linger for several years, impacting all stakeholders. These include Optus customers, whose data was compromised, Optus as a corporate entity, and the Australian government along with other regulatory bodies.
• Explain two steps taken by Optus (in collaboration of other stakeholders) to protect some of the impacted users? (4 marks)
