「サイバーセキュリティ (2020夏)」第3-4回「セキュリティの基礎とインシデントレスポンス」 / Basics of Security and Incident Response

「サイバーセキュリティ (2020夏)」第3-4回「セキュリティの基礎とインシデントレスポンス」 / Basics of Security and Incident Response

2020年6月22日、早稲田大学 大学院経営管理研究科の「サイバーセキュリティ (2020夏)」第3-4回にて使用したスライドです。

847a328633b1df6b11cc2f72430025e6?s=128

Kenji Saito

June 22, 2020
Tweet

Transcript

  1. 2020 3-4 (WBS) 2020 3-4 — 2020-06-22 – p.1/54

  2. https://speakerdeck.com/ks91 ( ) WBS ( ) 2020 3-4 — 2020-06-22

    – p.2/54
  3. 1 6 15 • 2 6 15 • 3 6

    22 • 4 6 22 • 5 6 29 I 6 6 29 I 7 7 6 8 7 6 9 7 13 10 7 13 11 7 20 II 12 7 20 II 13 7 27 14 7 27 2020 3-4 — 2020-06-22 – p.3/54
  4. + + 2020 3-4 — 2020-06-22 – p.4/54

  5. 2020 3-4 — 2020-06-22 – p.5/54

  6. 1. (1) (2) 2020 6 18 ( ) 23:59 JST

    Waseda Moodle 2020 3-4 — 2020-06-22 – p.6/54
  7. . . . . . . 19 14 ( )

    ( ) Moodle ^^; 2020 3-4 — 2020-06-22 – p.7/54
  8. S ⇒ 2020 3-4 — 2020-06-22 – p.8/54

  9. T 1 ⇒ ( ) NPO 2020 3-4 — 2020-06-22

    – p.9/54
  10. W 2 ⇒ PPAP : https://digitalforensic.jp/2019/12/23/column595/ : https://www.slideshare.net/tetsutalow/ppapphspdf 2020 3-4

    — 2020-06-22 – p.10/54
  11. N N Zoom ⇒ 2020 3-4 — 2020-06-22 – p.11/54

  12. T PC ⇒ × → . . . (ex. )

    “In one survey, carried out by PentaSafe Security, two-thirds of commuters at London’s Victoria Station were happy to reveal their computer password in return for a ballpoint pen” — The Future of Technology 2020 3-4 — 2020-06-22 – p.12/54
  13. (1) : (COCOA) (2) : 2020 3-4 — 2020-06-22 –

    p.13/54
  14. NPO https://www.nisc.go.jp/security-site/blue_handbook/index.html 1 6 2020 3-4 — 2020-06-22 – p.14/54

  15. 2020 3-4 — 2020-06-22 – p.15/54

  16. ( ) (1) : ( ) (2) : ( )(

    ) ( ) ( ) ( ↓ ) → ( : “Correct Horse Battery Staple”) Apple ID 2020 3-4 — 2020-06-22 – p.16/54
  17. 3 2 ( ) (2 ) . . . .

    . . . . . (1) : (2) : (3) : (4) : IC ( ) (2 ) . . . 2020 3-4 — 2020-06-22 – p.17/54
  18. ( ) CAP 2020 3-4 — 2020-06-22 – p.18/54

  19. (1) ( ) ( ) ( 16 ) SHA (Secure

    Hash Algorithm) ( ) 1bit 2020 3-4 — 2020-06-22 – p.19/54
  20. (2) . . . H m H(m) = H(m′) m′

    (m′ = m) H(m) m m′ H(m) = H(m′) ( m′ = m) 2020 3-4 — 2020-06-22 – p.20/54
  21. SHA-1 https://shattered.io 2017 2 Google (CWI) (shattered ) SHA-1 2020

    3-4 — 2020-06-22 – p.21/54
  22. ( ) (TCP, UDP) SSL (Secure Sockets Layer) → TLS

    (Transport Layer Security) HTTPS IP (Internet Protocol) IPsec DNS DNSSEC (S/MIME) (PGP ) 2020 3-4 — 2020-06-22 – p.22/54
  23. = . . . (AES : Advanced Encryption Standard) (

    . . . ) 2020 3-4 — 2020-06-22 – p.23/54
  24. 2020 3-4 — 2020-06-22 – p.24/54

  25. (RSA ) Πϯλʔωοτ ɾ ෮߸จͱݟͳͯ͠ ɹެ։ݤͰ҉߸Խ ɾ ॺ໊෇͖ฏจΛૹ৴ ɾ ҉߸จͱݟͳͯ͠

    ɹൿີݤͰ෮߸ ड৴ऀ ެ։ݤ ൿີݤ ൃ৴ऀ ฏจ ฏจ ൿີݤ ެ։ݤ ݤ ॺ໊ ॺ໊ ɾ ͋Β͔͡Ίެ։ݤΛ഑෇͓ͯ͘͠ ݤϖΞ μΠδΣετ μΠδΣετ ɾ ෮߸ˠ҉߸Խॲཧͨ͠μΠδΣετ͸ ɹݩʹ໭Δ͸͕ͣͩɺ ͦΕ͕ฏจ͔Β ɹܭࢉͨ͠μΠδΣετͱҰக͢Δ͔ ( ) RSA ( Rivest, Shamir, Adleman ; ) Bitcoin ECDSA ( DSA : Digital Signature Algorithm) 2020 3-4 — 2020-06-22 – p.25/54
  26. : < , > : : < , , >

    : OK NG 2020 3-4 — 2020-06-22 – p.26/54
  27. ( ) RSA ( ) 2020 3-4 — 2020-06-22 –

    p.27/54
  28. ( ) PKI ( ) ɾ ΠϯλʔωοτΛ௨ͯ͠ಘͨެ։ݤʹ͸ ɹຊ෺ͩͱ͍͏อূ͕ͳ͍ ɾ ূ໌ॻͷॺ໊ʹ࢖ΘΕ͍ͯΔެ։ݤ΋ຊ෺͔෼͔Βͳ͍

    "MJDF #PC $BSPMF ূ໌ऀ ެ։ݤ ݤϖΞ ൿີݤ ൿີݤ ൿີݤ ެ։ݤ ެ։ݤ ݤϖΞ ൿີݤ ൿີݤ ൿີݤ ެ։ݤ ެ։ݤ ݤϖΞ ൿີݤ ൿີݤ ൿີݤ ެ։ݤ # C C C C C C C C C " # ୭ͷʁ $" Πϯλʔωοτ ॺ໊ ॺ ॺ໊ ໊ ໊ ɾ ̖ͷެ։ݤ΁ͷॺ໊ ূ໌ॻ ɾ ͨͩ͠ɺ ॺ໊͕ຊ෺͔ݕূ͢Δ ɹʹ͸̘̖ͷެ։ݤ͕ඞཁ .BMJTTB ߈ܸऀ & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & . " (PKI) CA (Certificate Authority) CA CA CA ( ) ← CA 2020 3-4 — 2020-06-22 – p.28/54
  29. Web of Trust "MJDF͔Βݟͨɺ ਓͷ৴༻ "MJDF͔Βݟͨɺ ݤͷਅਖ਼ੑ ׬શʹ৴༻͍ͯ͠Δ ਅਖ਼Ͱ͋Δ ڀۃతʹਅਖ਼

    ਅਖ਼ͬΆ͍͔΋ ͋Δఔ౓ͷ৴༻ Θ͔Βͳ͍ Θ͔Βͳ͍ ڀۃతʹ৴༻Ͱ͖Δ "ˠ#ͷҙຯ͸  ʮ"͕#ͷެ։ݤʹॺ໊ʯ ଞਓͷެ։ݤʹॺ໊͢Δࡍɺ ϑΟϯΨʔϓϦϯτ μΠδΣετ ΛνΣοΫ͢ΔΑ͏ͳਓ͔ͳ "MJDF͸ݤͷॴ༗ऀͷ ৴༻ΛධՁ͢Δ ݤͷਅਖ਼ੑ͸ܭࢉͰ ٻΊΒΕΔ (PKI) (PGP ) 2020 3-4 — 2020-06-22 – p.29/54
  30. (2019 ) https://speakerdeck.com/ks91/blockchain : : ( ) 2020 3-4 —

    2020-06-22 – p.30/54
  31. 10 ATM 1 ATM 1 : http://www.slideshare.net/yamaz2/ss-58813038 ( ) ⇒

    ATM 2020 3-4 — 2020-06-22 – p.31/54
  32. (safety) ( ), ( ), etc. (liveness) ( ), etc.

    ( ) ( = ) 2020 3-4 — 2020-06-22 – p.32/54
  33. CAP ( . . . ) Consistency ( ) Availability

    ( ) Partition tolerance ( ) ⇒ 3 Eventual consistency ( ) . . . 2020 3-4 — 2020-06-22 – p.33/54
  34. Consistency ( ) Strong consistency ( ) (safety) Eventual consistency

    ( ) (liveness) ↑ Weak consistency ( ) 2020 3-4 — 2020-06-22 – p.34/54
  35. (1) : (COCOA) 2020 6 19 ( ) (COCOA) (iOS

    , android ) 2020 3-4 — 2020-06-22 – p.35/54
  36. GLOCOM #1 : ∼ ∼ (INTERNET Watch) https://internet.watch.impress.co.jp/docs/event/1259046.html ( )

    https://roppongi-kaigi.org/wp-content/uploads/2020/06/200616_ _v1.0.pdf . . . 6 (BUSINESS INSIDER) https://www.businessinsider.jp/post-214726 Code for Japan COVID-19 Radar ( ) ( ) ( 200616_ _v1.0.pdf ) Apple and Google, “Exposure Notification — Cryptography Specification” https://covid19-static.cdn-apple.com/ .. . /ExposureNotification-CryptographySpecificationv1.2.pdf 2020 3-4 — 2020-06-22 – p.36/54
  37. ( ) ௨஌αʔό εϚϗ εϚϗ ް࿑ল Ұ࣌๫࿐Ωʔ CJU ྠసۙ઀ࣝผΩʔ ى఺࣌ࠁ

    i ͦͷ࣌ͷ࣌ࠁ  ೔ຖʹੜ੒͢Δ ϥϯμϜͳ਺ ࣌ࠁ͸  ෼ִؒͰ ࠁΉ #MVFUPPUI ͷ ࣝผࢠ͸ ίϩίϩมΘΔ ް࿑ল͕ൃߦ͢Δ ίʔυΛ෇͚ͳ͍ͱ ΞοϓϩʔυͰ͖ͳ͍ ݕࠪͰཅੑ൑ఆΛड͚ͨΒ աڈ  ೔෼Ξοϓϩʔυ Ͱ͖Δ  ೔  ճ μ΢ϯϩʔυ͢Δ ˞$0$0"ͷ࢓্༷ɺϝλσʔλ͸͓ͦΒ͘ෆཁ ΋͠Ұக͢Δ΋ͷ͕ ݟ͔ͭͬͨΒ ߴ͍֬཰Ͱ ೱް઀৮͍ͯ͠Δ Ұํ޲ੑؔ਺ ڞ௨伴҉߸ ෮߸Ͱ͖Δ  ݸܭࢉͰ͖Δ ͜ΕΒΛ #MVFUPPUI ͰૹΔ ूΊͨ͜ΕΒ͸ աڈ  ೔෼Λอଘ 伴 伴 ڞ௨伴҉߸ ྠసۙ઀ࣝผࢠ ҉߸Խ͞Εͨϝλσʔλ ྠసۙ઀ࣝผࢠ ҉߸Խ͞Εͨϝλσʔλ ྠసۙ઀ࣝผࢠ Ұ࣌๫࿐Ωʔ CJU ى఺࣌ࠁ i ϝλσʔλ ϝλσʔλ 2020 3-4 — 2020-06-22 – p.37/54
  38. ( ) 1970 1 1 00:00:00 GMT 10 24 (128bit)

    i 144 (10 ×144 = 24 ) 14 (2 ) i BLE MAC a (128bit) Bluetooth ( ) a BLE (Bluetooth Low Energy) Bluetooth , MAC Bluetooth 10∼20 MAC 2020 3-4 — 2020-06-22 – p.38/54
  39. ( ) 14 i ( 1 1 ) i 144

    Bluetooth 2020 3-4 — 2020-06-22 – p.39/54
  40. COCOA COCOA 2020 3-4 — 2020-06-22 – p.40/54

  41. (2) : https://www.cloudsign.jp 2020 3-4 — 2020-06-22 – p.41/54

  42. NPO NICT CYDER https://cyder.nict.go.jp (3) : 2020 3-4 — 2020-06-22

    – p.42/54
  43. Πϯγσϯτͷ༧ஹͳͲ ॳಈରԠ ෮چાஔ ࢑ఆରԠ ࠶ൃ๷ࢭࡦ ߃ٱରԠ ݕ౼ ࣄޙରԠ τϦΞʔδ ใ

    ࠂ ɾ ެ ද Π ϯ γ σ ϯ τ ϋ ϯ υ Ϧ ϯ ά Π ϯ γ σ ϯ τ Ϩ ε ϙ ϯ ε ސ ٬ ɾ ެ ڞ ݕ஌ɾड෇ ରԠํ਑ݕ౼ 1PJOUPG$POUBDU ূڌอશ ෧͡ࠐΊ ࠜઈ , , DoS , , etc. 2020 3-4 — 2020-06-22 – p.43/54
  44. Point of Contact (PoC) 1 2020 3-4 — 2020-06-22 –

    p.44/54
  45. 2020 3-4 — 2020-06-22 – p.45/54

  46. HDD ( ) 2020 3-4 — 2020-06-22 – p.46/54

  47. 2020 3-4 — 2020-06-22 – p.47/54

  48. ( ) 2020 3-4 — 2020-06-22 – p.48/54

  49. ( ) JPCERT/CC, NISC, ( ) ( ) 2020 3-4

    — 2020-06-22 – p.49/54
  50. (1 ) 2020 3-4 — 2020-06-22 – p.50/54

  51. (3) : 70 1,000 Twitter 3 1. 2. 3. 3

    2020 3-4 — 2020-06-22 – p.51/54
  52. 2020 3-4 — 2020-06-22 – p.52/54

  53. 2. OK (1) (2) 2020 6 25 ( ) 23:59

    JST Waseda Moodle 2020 3-4 — 2020-06-22 – p.53/54
  54. 2020 3-4 — 2020-06-22 – p.54/54