Computer Laboratory

Security Group

1992 seminars

Expand all Collapse all

View original page

3 December Polymorphic viruses and means to describe them / Dr Jan Hruska, Sophos Ltd.

Room TP4, Computer Laboratory

Recent developments in computer virus writing have caused a major rethink on strategies used by anti-virus software to detect virus code. Apart from the constantly increasing requirement for storage of information which describes each virus, the increased numbers of polymorphic (encrypting, self-mutating) viruses has led to the deleopment of algorithmic languages which describe virus code.

The lecture will include live demonstrations of computer viruses.

View original page

12 November Password security in distributed systems / Dr Mark Lomas, University of Cambridge Computer Laboratory

Room TP4, Computer Laboratory

The `Internet Worm' exploited poorly chosen passwords to gain access to a very large number of computers; the UNIX password system is known to be weak against guessing attacks. It is less well known that many, if not most, authentication protocols are also subject to similar guessing attacks.

Several years ago a group of us (Li Gong, Jerry Saltzer, Roger Needham, and myself) proposed a technical solution to this problem. Our solution has been adopted by some, but not all, designers of cryptographic protocols.

I intend to demonstrate how one might break the schemes that did not adopt our suggestions. In particular I shall show how to break `C2 secure' SunOS, NFS, and Kerberos. I'll also show how these schemes may be changed to protect against such attacks.

View original page

3 November Security of tcp/ip / Prof. James Davenport, University of Bath

Discussion Room, Computer Laboratory

The phrase "TCP/IP" is used to cover a multitude of independent protocols and mechanisms, some of which are Internet standards and others of which are vendor-specific or just "happen to be there", and which were generally designed with functionality more important than security. We will examine the various sub-families, their evolution and background assumptions, and hence deduce the security assumptions which, implicitly, underly them, and the weaknesses from which they suffer.

The speaker has been a consultant on TCP/IP for the Janet system, and has found and blocked several loopholes in TCP/IP suite.

View original page

27 October Authentication standards / Chris Mitchell

Discussion Room, Computer Laboratory

Authentication protocols have been the subject of academic interest for some 15 years, following the seminal paper of Needham and Schroeder. While such protocols have been widely discussed and implemented, and indeed international standards for these protocols have been, and are being, developed, the explicit objectives of an authentication protocol have rarely been subjected to critical examination. Even those formal logics devised to examine these protocols often partially dodge the issue of the objectives of an authentication protocol, except typically to deal with the establishment of shared secret keys.

In this seminar, the latest ISO draft standards covering authentication protocols are considered in the context of a discussion of the objectives of these protocols. This discussion provides useful insights into the applicability of protocols for particular applications.

22 October Proving the security of financial systems / Ross Anderson

14 October Computer crime / Alistair Kelman QC