How do you prevent replay attacks

Assignment Help Python Programming
Reference no: EM131048660

Project: Defeating SkyNet

Introduction

It's 2016. Almost every device with a CPU in it has been connected to the Internet. Whilst this is a stunning advance for humanity, the security for these devices has come as an afterthought or not at all. Millions of computers and devices, all with valuable information and processing power, are left vulnerable to attack.

Blackhats, and even possibly governments, have created viruses, worms and other dastardly schemes to mine for information and turn a profit using these weaknesses. In this project, we'll be specifically looking at botnets: how they work, why they're valuable and why it's so di?cult to defeat them.

Botnets perform various tasks including but not limited to:

  • Stealing confidential information (passwords, banking details, etc.)
  • Sending spam email
  • Distributed Denial of Service (DDoS) against chosen websites
  • Mining for Bitcoins
  • Hold files for ransom by encrypting them and charging for decryption
  • Providing a secure proxy network for other illegal enterprises

 Of course, such a valuable network is not likely to go unnoticed for long. You'll be having well funded organisations, government agencies and other hackers attacking you. For that reason, SkyNet will need advanced cryptography to ensure your blackhat plans can't be stopped.

Background  & Disclaimer

This project has been created to help you gain an understanding of how prac- tical a massive cyber attack is and how complex it can be to defend against it. The basic technology of this project is pulled from the Conficker worm that ravaged the Internet in November 2008. At its peak, Conficker controlled up to 7 million computers across 200 countries. Conficker would only have needed 2 million of those machines to overpower the top 500 supercomputers at the time combined. To combat the threat, Microsoft formed an industry group to counter Conficker, composed of numerous security and technology companies. This group also conversed with government agencies around the world.

To understand why it was so di?cult to slow down or defeat, we'll be implementing key components of this botnet that utilise advanced crypto- graphic techniques.

This is not an operational botnet nor do we intend you to create one. To defeat blackhats, you must understand how they work and the techniques they use. Recent botnets have used advanced computer science and crypto- graphic methods in order to remain secure from both blackhats, whitehats, well funded organisations and even governments. These advanced methods are what we intend you to learn and what we believe will give you the skills to detect, prevent and disassemble such attacks in the future.

Part 1: Securing the Channel

When you're transferring secrets, be they banking details or Bitcoins, you don't want to be overheard. Additionally, communicating in the open makes it easier for SkyNet to be detected via network analysis. Botnet authors don't like easy ways for computer admins to pinpoint infected machines.

In Part 1, you will need to:

  • Implement key exchange using the Di?e-Hellman algorithm, when peer- to-peer connections are made between bots.
  • Achieve confidentiality through encryption of the client-server commu- nications with an appropriate block or stream cipher.
  • Enforce integrity through the use of a MAC appended to all messages.
  • Implement resistance against replay attacks using a mechanism which you are to devise.

1. Key Exchange

In order to strengthen SkyNet's communications against eavesdropping, you are to implement a method of key exchange for each possible connection. If you leave your communications unencrypted, it would be trivial for network analysis to indicate which machines are infected with your bot. It would also be easy to steal secrets and confidential information you might be sending back and forth.

For this project, you'll be using the Di?e-Hellman key exchange method. You'll be implementing this yourself from two standards created by the Inter- net Engineering Task Force (IETF). RFC 2631 describes how Di?e-Hellman works and how the calculations are performed. RFC 3526 provides standard parameters for use in Di?e-Hellman key exchange and an estimation on the strength they provide for computing a shared key. A shortened version of each of these RFCs has been provided with the source code.

The key that results from this key exchange should be used to compute all the other settings, such as the block cipher keys or seeds for the stream cipher. Remember that you should hash the secret and use it as the seed for a random number generator instead of using it directly.

Note: Each and every session should use a di?erent key. This means a new key exchange session must be run every time a new connection is made.

2. Confidentiality

The confidentiality of the channel should be achieved through encrypting each message sent using either a block cipher or a stream cipher. An appro- priate mode of operation for the cipher must also be considered. You may use any block or stream cipher you wish, provided it would remain reasonably secure against both government agencies and other hackers. The initialisa- tion vector (IV) and key must be derived through a key exchange mechanism as described above.

3. Integrity

Message integrity is to be achieved through appending a MAC to each mes- sage sent across the channel. This is to help prevent any active attacker from modifying messages whilst in transit. The key to the MAC must be derived from the key exchange. You may use any MAC that you wish as long as it provides adequate level of security against any potential attackers.

4. Preventing Replay

You must devise a scheme where SkyNet is resistant to messages being re- played by an active attacker. The exact mechanism by which this occurs is up to you.

Imagine your bot could be told to perform a denial of service against a website by sending the message [DDOS www.ebay.com]. If it was trivial for others to resend that same message, others would be able to hold EBay to ransom as they could control your botnet.

5. Implementation

The bot's code is out of your control, being run on unknown computers that may in fact be owned by hackers or governments. You may assume the command and control server's code is hidden, but remember, security can be reverse engineered.

An insecure skeleton framework written in Python 3 has been provided for you as a starting point. If you wish to use another language, such as Java with the Java Cryptography Extension (JCE), you may do so after seeking permission from your tutor. We can not provide technical support if you select another language however.

Note: This code has been written for the purposes of teaching cryptog- raphy and computer security. It is to be used as a demonstration only. No attempt has been made to optimise the source code.

6. Documentation

You are to write a 2-3 page design document outlining the security you implemented with your system. You should justify the choices you have made for your implementation and specifically discuss:

  • key exchange
  • authentication
  • confidentiality
  • integrity
  • replay prevention

You should aim to address these questions:

  • What was your choice of Diffie-Hellman key exchange parameters and what made you select them specifically? Make reference to RFC 3526.
  • What was your choice of cipher? What mode of operation does it use? Why did you make these choices?
  • How do you prevent attackers from tampering with messages in transit?
  • How do you prevent replay attacks?
  • Why might we want to allow for peer-to-peer file transfers between bots? What are the advantages and disadvantages to using a central web server (pastebot.net in our case, similar to pastebin.com) to distribute files when controlling a botnet?
  • Explain how this botnet, if used in the real world, could be trivially controlled by other hackers or government agencies. How might one attempt to stop it?

Your code must be well commented and in neat order.

7. Code Checklist

  • Select parameters for and implement Di?e-Hellman key exchange
  • Select and implement a stronger cipher in lib/comms.py which will ensure:

- confidentiality

- integrity

- protection against replay attacks.

Reference no: EM131048660

Questions Cloud

Systems in place for training and development : We have established that organizations invest in learning to address business needs and opportunities. Learning objectives are, in effect, business objectives. In solid organizations usually there are systems in place to set, measure, monitor, and..
What rate should firm use to discount projects cash lows : Titan Mining Corporation has 9.3 million shares of common stock outstanding, 370,000 shares of 6 percent preferred stock outstanding, and 195,000 8.1 percent semiannual bonds outstanding, par value $1,000 each. what rate should the firm use to discou..
What happens to the quantity of net exports : What happens to the quantity of net exports? NX INCREASES. What happens to the value of dollars in the market for foreign currency exchange?
Target debt-equity ratio-what is its pretax cost of debt : Fyre, Inc., has a target debt−equity ratio of 1.60. Its WACC is 7.8 percent, and the tax rate is 40 percent. a. If the company’s cost of equity is 16 percent, what is its pretax cost of debt?
How do you prevent replay attacks : What was your choice of cipher? What mode of operation does it use? Why did you make these choices? How do you prevent attackers from tampering with messages in transit? How do you prevent replay attacks
Advantages and disadvantages of long term contract : Discuss the advantages and disadvantages of long term contract. Do you think the advantages outweigh the disadvantages or vice versa? why and under what circumstances?
Patterson and sorrellsurl : Patterson and Sorrellsurl...cited Kurt Lewis  statesfor one to truly understand something, try to change it. This is a relevant statement when making changes within the organisation. During the period of organisational change much focus is put on ..
Calculate the price with the constant dividend growth model : Sisters Corp expects to earn $8 per share next year. The firm’s ROE is 16% and its plowback ratio is 60%. If the firm’s market capitalization rate is 10%. Calculate the price with the constant dividend growth model. What is the present value of its g..
Answer with proper sketches-diagrams : The seven basic tools of Quality for the purpose of improvement are an important aspect of Strategic Quality planning. List these basic tools and develop a logical map of order for the implementation of these tools.

Reviews

Write a Review

Python Programming Questions & Answers

  The program should use a boolean= valued function

Write a program that accepts a word as input and determines wehther or not it has three consecutive letters in the alphabet. The program should use a Boolean= valued function named isTripleConsecutive that accepts an entire word as input.

  Explain a python program storing and processing simple bank

A Python program storing and processing simple bank records is in the early stages of development. The records are stored in a text file (bank.txt) that contains, for each bank customer, their given name, account number and balance.

  Python function to calculate two roots

Write a Python function main() to calculate two roots. You must input a,b and c from keyboard, and then print two roots. Suppose the discriminant D= b2-4ac is positive.

  Question 1 research 5-8 species within one family of birds

question 1 research 5-8 species within one family of birds. be sure to use primary or very good secondary literature

  Python errors

python errors, please correct them that are located in this program,

  Calculate the area of a rectangle and displays it

Write a python program that calculates the area of a rectangle and displays it - Display the variables length, width and area on screen using the print function

  Find in the dataset how often u2 is mentioned as artist

Write and run Hadoop code (mappers and reducers) to find in the Last.fm dataset (a) how often U2 is mentioned as artist and (b) songs that have been played more than 600 million times.

  Create a ride share simulator assignment

Create a ride share simulator assignment. In this particular function, I am trying to create a list of the drivers in a Driver Class that are currently listed as idle. Since they are idle, I can then match them up with an awaiting rider. The assignme..

  Write a function comp(d1,u1,d2,u2)

Write a function comp(d1,u1,d2,u2)

  Student record due smartsite thursday 1211 1155 pm file

due smartsite thursday 1211 1155 p.m. file names grading.py ltbrgtall prompts for input and all output must match my

  Implement functions for insertion sort

Implement functions for Insertion sort and bubble sort in python programming language and a function that calculates the function execution time.

  You are tasked with improving the code for the haunted

you are tasked with improving the code for the haunted house game. please read the associated hand-out and the code

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd