Ross Anderson - Security Engineering

1 Cover

2 Title Page

3 Preface to the Third Edition

4 Preface to the Second Edition

5 Preface to the First Edition

6 For my daughter, and other lawyers…

7 Foreword

8 PART I CHAPTER 1: What Is Security Engineering? 1.1 Introduction 1.2 A framework 1.3 Example 1 – a bank 1.4 Example 2 – a military base 1.5 Example 3 – a hospital 1.6 Example 4 – the home 1.7 Definitions 1.8 Summary Note CHAPTER 2: Who Is the Opponent? 2.1 Introduction 2.2 Spies 2.3 Crooks 2.4 Geeks 2.5 The swamp 2.6 Summary Research problems Further reading Notes CHAPTER 3: Psychology and Usability 3.1 Introduction 3.2 Insights from psychology research 3.3 Deception in practice 3.4 Passwords 3.5 CAPTCHAs 3.6 Summary Research problems Further reading Notes CHAPTER 4: Protocols 4.1 Introduction 4.2 Password eavesdropping risks 4.3 Who goes there? – simple authentication 4.4 Manipulating the message 4.5 Changing the environment 4.6 Chosen protocol attacks 4.7 Managing encryption keys 4.8 Design assurance 4.9 Summary Research problems Further reading Notes CHAPTER 5: Cryptography 5.1 Introduction 5.2 Historical background 5.3 Security models 5.4 Symmetric crypto algorithms 5.5 Modes of operation 5.6 Hash functions 5.7 Asymmetric crypto primitives 5.8 Summary Research problems Further reading Notes CHAPTER 6: Access Control 6.1 Introduction 6.2 Operating system access controls 6.3 Hardware protection 6.4 What goes wrong 6.5 Summary Research problems Further reading Notes CHAPTER 7: Distributed Systems 7.1 Introduction 7.2 Concurrency 7.3 Fault tolerance and failure recovery 7.4 Naming 7.5 Summary Research problems Further reading Notes CHAPTER 8: Economics 8.1 Introduction 8.2 Classical economics 8.3 Information economics 8.4 Game theory 8.5 Auction theory 8.6 The economics of security and dependability 8.7 Summary Research problems Further reading Notes

9 PART II CHAPTER 9: Multilevel Security 9.1 Introduction 9.2 What is a security policy model? 9.3 Multilevel security policy 9.4 Historical examples of MLS systems 9.5 MAC: from MLS to IFC and integrity 9.6 What goes wrong 9.7 Summary Research problems Further reading Notes CHAPTER 10: Boundaries 10.1 Introduction 10.2 Compartmentation and the lattice model 10.3 Privacy for tigers 10.4 Health record privacy 10.5 Summary Research problems Further reading Notes CHAPTER 11: Inference Control 11.1 Introduction 11.2 The early history of inference control 11.3 Differential privacy 11.4 Mind the gap? 11.5 Summary Research problems Further reading Notes CHAPTER 12: Banking and Bookkeeping 12.1 Introduction 12.2 Bookkeeping systems 12.3 Interbank payment systems 12.4 Automatic teller machines 12.5 Credit cards 12.6 EMV payment cards 12.7 Online banking 12.8 Nonbank payments 12.9 Summary Research problems Further reading Notes CHAPTER 13: Locks and Alarms 13.1 Introduction 13.2 Threats and barriers 13.3 Alarms 13.4 Summary Research problems Further reading Notes CHAPTER 14: Monitoring and Metering 14.1 Introduction 14.2 Prepayment tokens 14.3 Taxi meters, tachographs and truck speed limiters 14.4 Curfew tags: GPS as policeman 14.5 Postage meters 14.6 Summary Research problems Further reading Notes CHAPTER 15: Nuclear Command and Control 15.1 Introduction 15.2 The evolution of command and control 15.3 Unconditionally secure authentication 15.4 Shared control schemes 15.5 Tamper resistance and PALs 15.6 Treaty verification 15.7 What goes wrong 15.8 Secrecy or openness? 15.9 Summary Research problems Further reading Notes CHAPTER 16: Security Printing and Seals 16.1 Introduction 16.2 History 16.3 Security printing 16.4 Packaging and seals 16.5 Systemic vulnerabilities 16.6 Evaluation methodology 16.7 Summary Research problems Further reading CHAPTER 17: Biometrics 17.1 Introduction 17.2 Handwritten signatures 17.3 Face recognition 17.4 Fingerprints 17.5 Iris codes 17.6 Voice recognition and morphing 17.7 Other systems 17.8 What goes wrong 17.9 Summary Research problems Further reading Notes CHAPTER 18: Tamper Resistance 18.1 Introduction 18.2 History 18.3 Hardware security modules 18.4 Evaluation 18.5 Smartcards and other security chips 18.6 The residual risk 18.7 So what should one protect? 18.8 Summary Research problems Further reading Notes CHAPTER 19: Side Channels 19.1 Introduction 19.2 Emission security 19.3 Passive attacks 19.4 Attacks between and within computers 19.5 Environmental side channels 19.6 Social side channels 19.7 Summary Research problems Further reading CHAPTER 20: Advanced Cryptographic Engineering 20.1 Introduction 20.2 Full-disk encryption 20.3 Signal 20.4 Tor 20.5 HSMs 20.6 Enclaves 20.7 Blockchains 20.8 Crypto dreams that failed 20.9 Summary Research problems Further reading Notes CHAPTER 21: Network Attack and Defence 21.1 Introduction 21.2 Network protocols and service denial 21.3 The malware menagerie – Trojans, worms and RATs 21.4 Defense against network attack 21.5 Cryptography: the ragged boundary 21.6 CAs and PKI 21.7 Topology 21.8 Summary Research problems Further reading Notes CHAPTER 22: Phones 22.1 Introduction 22.2 Attacks on phone networks 22.3 Going mobile 22.4 Platform security 22.5 Summary Research problems Further reading Notes CHAPTER 23: Electronic and Information Warfare 23.1 Introduction 23.2 Basics 23.3 Communications systems 23.4 Surveillance and target acquisition 23.5 IFF systems 23.6 Improvised explosive devices 23.7 Directed energy weapons 23.8 Information warfare 23.9 Summary Research problems Further reading Note CHAPTER 24: Copyright and DRM 24.1 Introduction 24.2 Copyright 24.3 DRM on general-purpose computers 24.4 Information hiding 24.5 Policy 24.6 Accessory control 24.7 Summary Research problems Further reading Notes CHAPTER 25: New Directions? 25.1 Introduction 25.2 Autonomous and remotely-piloted vehicles 25.3 AI / ML 25.4 PETS and operational security 25.5 Elections 25.6 Summary Research problems Further reading Notes

10 PART III CHAPTER 26: Surveillance or Privacy? 26.1 Introduction 26.2 Surveillance 26.3 Terrorism 26.4 Censorship 26.5 Forensics and rules of evidence 26.6 Privacy and data protection 26.7 Freedom of information 26.8 Summary Research problems Further reading Notes CHAPTER 27: Secure Systems Development 27.1 Introduction 27.2 Risk management 27.3 Lessons from safety-critical systems 27.4 Prioritising protection goals 27.5 Methodology 27.6 Managing the team 27.7 Summary Research problems Further reading Notes CHAPTER 28: Assurance and Sustainability 28.1 Introduction 28.2 Evaluation 28.3 Metrics and dynamics of dependability 28.4 The entanglement of safety and security 28.5 Sustainability 28.6 Summary Research problems Further reading Notes CHAPTER 29: Beyond “Computer Says No”

11 Bibliography

12 Index

13 End User License Agreement

1 Chapter 1 Figure 1.1: – Security Engineering Analysis Framework

2 Chapter 2 Figure 2.1: Muscular – the slide

3 Chapter 4 Figure 4.1: Password generator use Figure 4.2: The MIG-in-the middle attack Figure 4.3: The Mafia-in-the-middle attack

4 Chapter 5 Figure 5.1: Monoalphabetic substitution cipher Figure 5.9: The random oracle Figure 5.10: A simple 16-bit SP-network block cipher Figure 5.11: The AES linear transformation, illustrated by its effect on byt... Figure 5.12: The Feistel cipher structure Figure 5.13: The DES round function Figure 5.14: The Linux penguin, in clear and ECB encrypted (from Wikipedia, ... Figure 5.15: Cipher Block Chaining (CBC) mode Figure 5.16: Feedforward mode (hash function)

5 Chapter 6 Figure 6.5: Stack smashing attack

6 Chapter 8Figure 8.1: The market for apartments

7 Chapter 9Figure 9.1: typical corporate policy languageFigure 9.3: The NRL pumpFigure 9.4: Insecure composition of secure systems with feedbackFigure 9.5: The cascade problem

8 Chapter 10Figure 10.3: A lattice of security labels