Transcription
I.J.Modern Education and Computer Science, 2012, 1, 26-32Published Online February 2012 in MECS (http://www.mecs-press.org/)DOI: 10.5815/ijmecs.2012.01.04Using Virtual Security Lab in TeachingCryptographySalma M. GafferInformation Systems Department, King Abdulaziz University, Jeddah Saudi ArabiaEmail: smomar@kau.edu.saDaniyal M. AlghazzawiInformation Systems Department, King Abdulaziz University, Jeddah Saudi ArabiaEmail: Securityforundergraduate students requires a safe hand-onenvironment for practicing. This paper focuses on using avirtual lab for two modules in cryptography concepts. Atthe end, a survey was conducted on a group of students atthe Information Systems Department at the King AbdulazizUniversity to measure the performance of the students’outcomes in the lab comparing with other students from aprevious semester. The result of the survey shows asignificant feedback on the system.Index Terms—Information Security, cryptography, VirtuallabI. INTRODUCTIONOne challenge in the Information Security educationis its interdisciplinary and practical nature. Students needto have the basic knowledge and skills of a programminglanguage to understand many of the information securitytopics. The students also need to actually practice to learnhow to prevent, identify and resolve Information Securitybreaches, but limited university resources and few localinformation security domain experts sometimes limit thescope and scale of projects that students could practice inlab environments. If such labs are not designed properly,students could also cause network security problemswhen they explore security vulnerabilities of university orcompany public web sites [4].Traditional techniques of teaching (i.e. lectures orliterature) have turned out to be not suitable forinformation security training, because the trainee cannotapply the principles from the academic approach to arealistic environment within the class. In informationsecurity training, gaining practical experience throughexercises is indispensable for consolidating theknowledge. Precisely the allocation of an environmentfor these practical exercises poses a challenge forresearch and development. That is, because students needprivileged access rights (root/administrator account) onthe training system to perform most of the perceivablesecurity exercises. With these privileges, students couldeasily destroy a training system or even use it forunintended, illegal attacks on other hosts within thecampus network or on the Internet. The classicalCopyright 2012 MECSapproach requires a dedicated computer lab forinformation security training. Such labs are exposed to anumber of drawbacks: they are immobile, expensive topurchase and maintain and must be isolated from all othernetworks on the site. Of course, students are not allowedto have Internet access on the lab computers. Hands-onexercises on information security topics even demand toprovide more than one machine to each student, whichhave to be interconnected.Teleteaching for security education mostly consists ofmultimedia courseware or demonstration software, whichdo not offer real practical exercises. In simulationsystems users do have a kind of hands-on experience, buta simulator doesn't behave like a realistic environmentand the simulation of complex systems is very difficult –especially when it comes to interacting hosts on anetwork [7].This paper shares our experience of using twoportable lab modules to support in conducting hands-oninformation security laboratory exercises. The labmodules are based on the NSF SWEET (Secure WEbdEvelopment Teaching) project [6] and Department ofDefense Information SAssurance Scholarship project.The SWEET project builds on a different approach for avirtual security lab system (explained in detail in section3). Furthermore, we will describe a set of exercisescenarios to illustrate the capabilities of the SWEETtraining environment. SWEET utilizes virtualizationtechnology for laboratory exercises. The purpose of thisproject is to enhance the learning experience ofcomputing students through standardized teachingmodules and environment in secure developmentplatform. Two lab modules were presented to studentsbeside the previous lab syllabus and a survey wasconducted to compare student’s response.The paper is organized as follows; section 2 presentscomputer virtualization, and selection of computer labvirtualization technologies is discussed in section 3.While section 4 presents the selected security labmodules in details, and the Survey Discussion isdescribed in section 5. At the end, section 6 includes theconclusion and future recommendations.I.J. Modern Education and Computer Science, 2012, 1, 26-32
Using Virtual Security Lab in Teaching CryptographyII. COMPUTER VIRTUALIZATIONThe virtualization of a computer means to runemulator software, like VMware Player [1] or MicrosoftVirtual PC [2], on a computer (host computer or physicalcomputer) to emulate another desired computer (virtualcomputer). Virtual computer is implemented by a folderof 2 to 8 GB files, and the emulator runs these files toemulate the virtual computer as a computer window orthe complete computer desktop. To the users a virtualcomputer is just the same as the physical one. The virtualand host computers can have different operating systemsand share data and Internet access. The users can work onmultiple virtual computers and the host computer at thesame time. The users can install new applications on thevirtual computer as on a physical one. A virtual computercan run most operating systems including all versions ofWindows and Linux. There are two virtualizationtechnologies: (1) server-side virtualization for runningthe virtual computers on a remote server computer, and(2) client-side virtualization for running the virtualcomputers on users’ own computers. Whilecompany/university IT infrastructure servers can use theserver-side virtualization to improve resource utilization.Client-side virtualization greatly reduces the pressure onthe servers and network bandwidth and take advantage offaculties and students PCs’ excessive computing poweralready available today. In the recent years we havestudied many PC/lab outsourcing services based onserver-side virtualization, including those based on IBMmainframes, and concluded that they all have recurringhigh costs or very limited flexibility and resources for theusers (such remote virtual computers are at least ten timesslower than a today’s 400 PC in supporting interactivelab sessions, usually with no Internet access and less thanone GB of disk space).The main advantages of client-sidecomputer virtualization for university computer labsinclude There is no need of investment for a universityto adopt virtual computing labs, and there are norecurring costs. There is no significant cost for distributing thevirtual computers and lab modules to the tion folder can be distributedthrough web downloading, USB flash disks, orDVD disks. Typically a student can keep his/hervirtual computers for different courses on asingle thumb-size USB flash disk. If a person knows how to use a physicalcomputer, he/she knows how to use a virtualcomputer. There is minimal learning curve forthe users. New software can be installed on a virtualcomputer. If the user messes up a virtualcomputer, he/she just gets a fresh copy of thevirtual computer’s implementation folder. Any computer, no matter whether it runsWindows, Linux, or Mac OS, can install a freeCopyright 2012 MECS 27(around 70 for Mac OS) computer emulatorand run the virtual computers.Therefore the students can work on a course labanywhere. The course work can be started onone computer, and later resumed and completedon another. Therefore we could support theconcepts of “coursework can be conductedanywhere on any computer” and “portable labs”.If an online student has difficulties in the handson course work, the instructor can easilyreproduce the problems and help resolve theproblems since they are using the same workingenvironment or virtual computer.The University has less pressure in updating itslab PCs and it needs less staff to maintain them.Any PC that has 1-4 GB memory and 100 GBdisk space can support virtual computers in thecoming years, and all university PCs of aspecific model can share a single configurationimage. If a PC has problems, just get it a freshcopy of the virtual computer’s implementationfolder (assuming important data are onuniversity network disks or owner’s disks) [7].III. SELECTION OF VIRTUALIZATION TECHNOLOGYAfter a survey on several existing virtual lab modulesfor Security education, we adapted SWEET (Secure WEbdEvelopment Teaching) [3], which is one of the secureweb development for teaching modules in security.SWEET features eight teaching modules, six projectmodules, and a virtualized web development platformthat allows instructors to conduct hands-on laboratoryexercises [8]. For SWEET security virtual labs, wechoose VMware virtualization over Microsoft Virtual PCbecause the former can support virtual machines runningany operating system including all flavors of Linux. Thepurpose of the SEET project is to enhance the learningexperience of computing students through standardizedteaching modules and environment in secure webdevelopment, to create a portable teaching laboratory andto evaluate the effectiveness of the teaching tool inimproving students' learning experiences. It aims to traina new generation of computing professionals who wouldunderstand and be able to solve security problemsoccurred in web development. It is expected to attractmore undergraduate students studying in computing byproviding a new, interesting and innovative teaching toolin secure web development. In addition to the previousmotioned features; we selected this module because itcovers basic concepts in information security, such as,private/public key encryption, hash function, digitalsignature and digital certificates. These topics arecovered in our selected course (CPIS312 - InformationSecurity)IV.SECURITY LAB MODULE IN CRYPTOGRAPHYThe virtualized web development platform in SWEETcovers fundamental concepts of symmetric secret keyciphers, public key ciphers, hash functions, digitalI.J. Modern Education and Computer Science, 2012, 1, 26-32
28Using Virtual Security Lab in Teaching Cryptographysignatures and digital certificates. We have examined thefollowing lab objectives: Learn and practice how to use MD5 and SHA1 togenerate hash codes of strings or large files, andverify whether a downloaded file is valid; Learn and practice how to use GPG to generatepublic/private key pairs and certificates, todistribute the certificate with public key, and toencrypt/decrypt a document with the public/privatekey.GPG (Pretty Good Privacy) is a computer program thatprovides cryptographic privacy and authentication. PGPsupports public/private key pairs to implement securedata communications between communicating parties.GPG (GNU Privacy Guard) is the open-source version ofPGP.The lab starts with installing Gnu PG-Agent on theUbuntu VM. Extract the virtual machine fromubuntu10tm.exe.Then, under the folder ubuntu10tm;double click on ubuntu10tm.vmx to start the virtualmachine. The username is “user” and the password is“123456”.so you could be sure whether the downloaded large fileshave been compromised. There are also hash functionsSHA224, SHA256, SHA384 and SHA512, which are allvariants of SHA1 and use more bits for fingerprints toreduce the chance of fingerprint collision (different fileshave the same fingerprint)[3].The following lab guidance is provided to ourstudents to help them doing hashing with MD5 and SHA1:1) Start a terminal window in home folder withmenu item “Applications/accessories/Terminal”.2) Create the first file “file1.txt” by typing cat file1.txt [Enter] This is the first file [Enter] This isline 2 [Enter] [Ctr-d]3) Create the second file “file2.txt” by typing cat file2.txt [Enter] This is the second file[Enter] Thisis line 2 [Enter] [Ctr-d]4) Run “sha1sum file1.txt” and “sha1sum file2.txt” togenerate the hash codes (sums) for the two files;each execution generates a line of two entries. Thesecond entry is a file name, and the first entry isthe hash code of the contents of the file whosename is the second entry. The hash codes areprinted in hexadecimal as shown in Fig. 1.The following is a sample of practicing hashing fileswith MD5 and SHA-1 and practicing PGP concepts withGPG on the Ubuntu VM.A. Hashing Files with MD5 and SHA-1While you could use public/private key pairs toauthenticate the author of a message and validate thecontents of the message, it would be slow if the messageis long. Digital signatures are designed to make authorand contents validation more efficient. When youdigitally sign a document, you normally (not necessary)keep the document in plain form so everyone could readit, and you append a digital signature, which is a smallpiece of data, to the end of the plain document so thereceiver could validate the author and validity of thepublic document if necessary.You first need to compress the variable-length documentinto a short fixed-length string (popularly calledfingerprint, digest or hash code). You use a hash functionto do so. A hash function reads a long document, andproduces a fixed-length short string, called fingerprint(hash code or digest), so that each bit of the fingerprintdepends on as many bits of the input document aspossible. Even though not possible in theory, in practicethe hash function establishes a one-to-one mappingbetween the plain documents and the fingerprints withhigh probability: if someone modifies the plaindocument, its fingerprint would differ. The application ofa hash function on the same document always generatesthe same fingerprint. SHA-1 and MD5 are both examplesof hash functions. While MD5 uses 128 bits forfingerprints, SHA-1 uses 160 bits for fingerprints so it isless likely to produce the same fingerprint from twodifferent files.In this sample lab, the student will learn how to useSHA1 and MD5 to generate fingerprints (sums) of filesCopyright 2012 MECSFigure 1. hash codes for file1.txt and file2.txt5) Run “gedit sha1sum.txt” to create a new text file“sha1sum.txt”, and copy the two output lines ofthe last step into this file as shown in Fig. 2.Figure 2. Output of “gedit sha1sum.txt”6) Run “sha1sum -c sha1sum.txt”. In this caseprogram “sha1sum” will read file “sha1sum.txt”.For each line in this file, it will check whether theI.J. Modern Education and Computer Science, 2012, 1, 26-32
Using Virtual Security Lab in Teaching CryptographySHA1 hash code generated for the contents of thesecond entry (file) is the same as the first entry(SHA1 hash code calculated beforehand). If theymatch, the program will print out OK for the fileas shown in Fig. 3.Figure 3. Output of “sha1sum -c sha1sum.txt”7) Now redo steps 4, 5 and 6 but replacing command“sha1sum” with “md5sum” and replacing filename “sha1sum.txt” with “md5sum.txt”. You willnotice that the MD5 hash codes are shorter andthey serve the same purpose of file contentsvalidation as shown in Fig. 4.Figure 4. Hashing Files with MD5When you donload large fles, like ISO disk image files,you should download their corresponding MD5Sum orSHA1 SUM files so you could check wether thedownloaded files are valid or corrupted.B. Public/Private Key Creation andEncryption/DecryptionSecure communications on the Internet or web is thefoundation of network security and web security.Cryptography is the practice and study of how to hideinformation from potential enemies, hackers or thepublic. The sender encrypts a message with a small pieceof secret information (key), and then sends the encryptedmessage to the receiver. The receiver decrypts theencrypted message with a small piece of secretCopyright 2012 MECS29information (a key that is same or different from the keyused by the sender) and recovers the original message.People who do not have the right keys would not be ableto read the message even if they steal a copy of theencrypted version.There are two categories of cryptographic systems:single key symmetric ciphers or dual-key public keyciphers. With the second category, public key ciphers, apair of public key and private key will be generatedtogether. You can use either of the two keys to encryptthe plain data, and then use the other key to decrypt theencrypted data. For example you can encrypt data withthe public key and use the private key to decrypt the data.RSA and Diffie-Hellman are the two most widely usedpublic key algorithmsTypically, the key owner will keep the private key anddistribute the corresponding public key to his/herpotential communication partners. There are two typicalapplication scenarios:1) Author and contents validation. If the keyowner needs to distribute a message to hisfriends and assure them the message is reallyoriginated from the owner without modificationby any third parties, the owner would encryptthe message with the private key. If thereceivers could decrypt the message with thisowner's public key, they know that the messageis really sent by that owner and the message hasnot been modified.2) Many-to-one private messages. If a friend needsto send a private message to Person A, he couldencrypt his message with Person A 's public keyand then send the resulting message to PersonA, and only Person A, the owner of the rightprivate key, could decrypt the private message.Each computer maintains the public/private keys ofthe computer user in a file called key store, and the ownerneeds to set up passwords to limit the access to the keystore.In the following lab guidance, we used the namesAlice and Bob to refer to the two virtual users. Thenames Alice and Bob are commonly used placeholdersfor archetypal characters in fields such as cryptographyand physics. The names are used for convenience, sinceexplanations such as "Person A wants to send a messageto person B" can be difficult to follow in complexsystems involving many steps. Following the alphabet,the specific names have evolved into common parlancewithin these fields helping technical topics to beexplained in a more understandable fashion. Incryptography and computer security, there are a numberof widely-used names for the participants in discussionsand presentations about various protocols [9]. Thefollowing lab guidance is provided to our students to helpthem create a pair key (Public key and Private Key) anduse them for encrypting and decrypting:1) Create Linux Accounts for Alice and Boba) Launch your Ubuntu-Master Install VM, andstartaterminalwindow.I.J. Modern Education and Computer Science, 2012, 1, 26-32
302)3)4)5)Using Virtual Security Lab in Teaching Cryptographyb) Run command “sudo adduser alice” to createa Linux account for Alice. Use 123456 aspassword.c) Run command “sudo adduser Bob” to create aLinux account for Bob. Use 123456 aspassword.d) Run command “sudo visudo” to launch file“/etc/sudoers.tmp” in a text editor, insert thefollowing two lines at the end of the file, andthen use Crtl O to write out the revisedcontents, and use Ctrl X to exit the editor.This step will enable Alice and Bob to use“sudo”.alice ALL (ALL) NOPASSWD: ALLBob ALL (ALL) NOPASSWD: ALLRun as Alice and Bob in two terminal windowsa) In the terminal window, run “sudo login”, andthen login as Alice.b) Start a new terminal window, run “sudologin”, and then login as Bob.Generate keys for Alicea) In Alice's terminal window, run “gpg --genkey” to generate her public and private keys.Enter “DSA and Elgamal” for key kind, 2048for key size, “key does not expire” for keyexpiration date, “Alice” for real name,alice@pace.edu for email address, “Alice’skeys” as comment, and “Alice’s passphrase”for passphrase. You may need to type over284 random keys to generate enough entropyso the keys could be created.Generate keys for Boba) In Bob's terminal window, run “gpg --genkey” to generate his public and private keys.Enter “DSA and Elgamal” for key kind, 2048for key size, “key does not expire” for keyexpiration date, “Michael” for real name,Bob@pace.edu for email address, “Bob'skeys” as comment, and “Bob's passphrase” forpassphrase. You may need to type over 284random keys to generate enough entropy sothe keys could be created.Export Alice's public key to Boba) In Alice's terminal window, run “gpg --armor--output alice-pk --export alice@pace.edu” todump Alice's public key in file “alice-pk”.You can run “more alice-pk” to review thepublic key.b) Run “sudo cp alice-pk /home/Bob” to copyAlice's public key file “alice-pk” to Bob'shome folder.c) In Bob's terminal window, verify the existenceof file “/home/Bob/alice-pk” by running “ls”in Bob's home folder (/home/Bob).d) In the same Bob's terminal window, run “gpg--import alice-pk” to import Alice's public keyinto Bob's key store.e) In the same Bob's terminal window, run “gpg--edit-key alice@pace.edu” to enter theCopyright 2012 MECSediting session for Alice's public key. Typesub-command “fpr” to review the fingerprintof Alice's public key. Type sub-command“sign” to sign this key with Bob's key. Youwill be asked to enter Bob's passphrase, whichis “Bob's passphrase”. Type sub-command“check” to review who is on the signature listof Alice's public key, and we will see Alice(self-signature) and Bob on the list to confirmthe validity of the key. You type subcommand “quit” to exit the editing session,and confirm to save the changes.6) Create and encrypt a messagea) In Bob's terminal window, run “cat msg-toalice” followed by the ENTER key, type“Alice's secret message”, and then type keycombination Ctrl D to close the file. You justcreated a new text file “msg-to-alice” withcontents “Alice's secret message”.b) In Bob's terminal window, run “gpg -recipient alice@pace.edu --output secret-toalice --encrypt msg-to-alice” to generate anew file “secret-to-alice” containing theencrypted version file “msg-to-alice”.c) In Bob's terminal window, run “more secretto-alice” to review the encrypted version ofthe message.d) In Bob's terminal window, run “sudo cpsecret-to-alice /home/alice” to copy file“secret-to-alice” to Alice's home folder“/home/alice”.e) In Alice's terminal window, run “ls” in Alice'shome folder (/home/alice) to verify theexistence of file “secret-to-alice”.7) Decrypt the messagea) In Alice's terminal window, run command“gpg --output msg-from-Bob --decrypt secretto-alice” to decrypt the contents of file“secret-to-alice” and save the result in a newfile “msg-from-Bob”.b) In Alice's terminal window, run “more msgfrom-Bob” to review the decrypted messagec) From Bob.V. SURVEY DISCUSSIONThe proposed new teaching method for the twocryptography modules using SWEET was tested on agroup of 28 undergraduate students for the courseCPIS312-Information Security in the InformationSystems department at Faculty of Computing andInformation Technology in King Abdulaziz University. Asurvey of 6 questions was conducted at the end of thesemester to measure the effectiveness of the new tool onthe students. The survey included questions to elicit theirfeedback on the lecture materials, laboratory exercises,the mapping between the lecture and the lab and theoverall impact of these modules on their learning. Ourresults show that the students had invested significantamount of time (2-4 hours per week on average) incompleting hands-on exercises. However, they generallyI.J. Modern Education and Computer Science, 2012, 1, 26-32
Using Virtual Security Lab in Teaching Cryptographyagreed that the course materials were planned well(69%),while 100% of students found that the newteaching moduleshadenhanced their learningcapabilities and 100% of the students are totally withadopting the new teaching modules. The lab modules haddrawn their interests with a percentage of 100%. TheSurvey questions along with their answers are listed inTable 1, and the results of the survey are illustrated in Fig.5.31questionable traffic was generated on any productionnetwork, Virtual Machines allow for the creation ofsimple files or groups of files that can be distributed withall the configuration necessary to demonstrate topics in away that does not negatively impact the device or thenetwork the device is running on [5]. Second, all of thelabs could be run not just from the lab, but from aproperly configured platform in any location. Third, thevirtual lab is, indeed, more interesting way of practicingfor students.Table 1. Survey Questions and Answers#1234QuestionTo what extent do newteaching modules &portable lab (VirtualSecurity Lab) enhancestudent’s learning?Are you with or againstadapting the new teachingmodules for nextsemesters?To what Extent do youbelieve that the newTeaching modules areenough for learningtargeted security concepts?How would you assess thenew teaching modules(Virtual Security Lab)?5How would you assess theprevious teaching modules(Java Programs)?6To what extent is perviouslearning, teaching andlaboratory material waswell developed?Answersa) Good Enoughb) Poora) Totally Withb) Againsta) Entirely Enoughb) Should Be mixedwith previoussemester teachingmodulesa) Interestingb) Interesting andUseful in teachingc) Difficult butUseful in teachinga) Boringb) Easy but notUseful in teachingc) Interestinga) Poorb) Good EnoughREFERENCES[1] VMware Inc., “VMware Player”, availablehttp://www.vmware.com/ products/player.[2] Microsoft Inc., “Microsoft Virtual PC”, s/virtualpc[3] L. Tao, “Introduction to Cryptography”, yptography.pdf, 2010.[4] Lixin Tao, Li-Chiou Chen, and Chienting Lin,VirtualOpen-Source Labs for Web Security Education,Proceedings of the World Congress on Engineeringand Computer Science 2010 Vol I[5] Harry Bulbrook, Using Virtual Machines to providea secure Teaching Lab environment[6] L. Chen, “Secure Web Development TeachingModules”, SWEET project web site, availablehttp://csis.pace.edu/ lchen/sweet.[7] Christian Willems, Orestis Tringides, ChristophMeinel, Practical IT Security Education with TeleLab[8] http://csis.pace.edu/ lchen/sweet/[9]C.H. Lindsey, Regulation of Investigatory PowersBill: Some Scenarios, 2000Dr. Daniyal Alghazzawi has completed his Ph.D inComputer Science from University of Kansas in 2007,Master of Science in Teaching & Leadership in 2004 andMaster of Science in Computer Science in 2003 fromUniversity of Kansas. He has worked as . Dr. Daniyal is currently the Chairman ofthe Information Systems Department, Faculty ofComputing and Information Technology, King AbdulazizUniversity. His research interest includes e-Security andCryptography. Dr. Daniyal is a member of IEEE(Education Society Transaction) and ACM-SIGCSE(Special Interest Group in Computer Science Education).Figure 5. The Results of the SurveyVI. CONCLUSIONThis paper shares our experience of using of a VirtualSecurity lab module in teaching Information Security labin the Information Systems department at King AbdulazizUniversity. The benefit of using the mentioned labmodules is threefold: First, none of the damaging orCopyright 2012 MECSMrs. Salma Mahgoub is a lecturer at the InformationSystems Department of King Abdulaziz University. Inteaching, she has been teaching different courses toundergraduate students in different fields like Computerand Information Security, Decision Support Systems andData Mining. Her research interests include informationI.J. Modern Education and Computer Science, 2012, 1, 26-32
32Using Virtual Security Lab in Teaching Cryptographysecurity, data mining, genetic fuzzy systems and ExpertSystems. Mrs. Salma received her B.Sc in ComputerScience from University of Khartoum in 2003 and M.SCdegree in Computer Science from University ofKhartoum in 2006.Mrs Salma is currently a lecturer atInformation Systems Department, Faculty of Computingand Information Technology, King Abdulaziz UniversityCopyright 2012 MECSI.J. Modern Education and Computer Science, 2012, 1, 26-32
exercises [8]. For SWEET security virtual labs, we choose VMware virtualization over Microsoft Virtual PC because the former can support virtual machines running any operating system including all flavors of Linux. The purpose of the SEET project is to enhance the learning experience of computing students through standardized
