Unfortunately it's not that simple - encryption is not integrity. First, as a simple example
consider a stream cipher such as RC4, which was for a long time used as the standard encryption
for all wireless and internet (https) communication. RC4 by itself provides no integrity protection
whatsoever, and it is trivial for an attacker to "bit-twiddle" any desired bits in the encrypted
stream. Even with block ciphers, with the current standard chaining methods, encrypted blocks
can be cut and pasted and replayed between files and sessions with a good probability of success.
Second, there are significant performance penalties for encrypting system files, where integrity,
not confidentiality is all that is required.
In IPSEC, a deliberate decision was made to allow integrity (AH - authentication headers)
without encryption, but not encryption without integrity.
The bottom line is that encryption by itself does not guarantee integrity, and you really want
both.
One of the hardest problems in confidentiality is key management. It does no good to have
strong encryption with a key system that makes it easy for an attacker to steal the keys.
The trusted key component does two things to help with secure key management on Linux. First,
it provides a kernel key ring service in which the symmetric encryption keys are never visible in
plain text to userspace. The keys are created in the kernel, and sealed by a hardware device such
as a TPM, with userspace seeing only the sealed blobs. Malicious or compromised applications
cannot steal a trusted key, since only the kernel can see the unsealed blobs. Secondly, the trusted
keys can tie key unsealing to the integrity measurements, so that keys cannot be stolen in an
offline attack, such as by booting an unlocked Linux image from CD or USB. As the
measurements will be different, the TPM chip will refuse to unseal the keys, even for the kernel.
In this way, Linux ties confidentiality and integrity together. The integrity of the system is a
prerequisite for decrypting confidential files.
Threat Models:
There are many different types of attacks on file integrity, authenticity, and confidentiality, and
there are significant tradeoffs between security and cost and performance, depending on which of
the threats need to be defended against.
Remote Attacks
The most common attack is the remote software attack, in which the attacker attempts either to
trick a user into running the attacker's malicious code (trojan), or in which the attacker sends
malicious data in an attempt to exploit a vulnerability in the system's software (injection,
overflow).
Local Attacks
Local attacks assume that the attacker has physical access to the system, such as with a malicious
insider (operator), or in the case of theft of the system. Local attacks can be software based, such
as in an offline attack, or can be hardware based, such as with simple JTAG memory probes,
剩余10页未读,继续阅读
大脸喵喵喵喵
- 粉丝: 0
- 资源: 1
我的内容管理
展开
最新资源
- C++标准程序库:权威指南
- Java解惑:奇数判断误区与改进方法
- C++编程必读:20种设计模式详解与实战
- LM3S8962微控制器数据手册
- 51单片机C语言实战教程:从入门到精通
- Spring3.0权威指南:JavaEE6实战
- Win32多线程程序设计详解
- Lucene2.9.1开发全攻略:从环境配置到索引创建
- 内存虚拟硬盘技术:提升电脑速度的秘密武器
- Java操作数据库:保存与显示图片到数据库及页面
- ISO14001:2004环境管理体系要求详解
- ShopExV4.8二次开发详解
- 企业形象与产品推广一站式网站建设技术方案揭秘
- Shopex二次开发:触发器与控制器重定向技术详解
- FPGA开发实战指南:创新设计与进阶技巧
- ShopExV4.8二次开发入门:解决升级问题与功能扩展
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
