「サイバーセキュリティ (2020夏)」第3-4回「セキュリティの基礎とインシデントレスポンス」 / Basics of Security and Incident Response

Transcript

1. 2020 3-4 (WBS) 2020 3-4 — 2020-06-22 – p.1/54

2. https://speakerdeck.com/ks91 ( ) WBS ( ) 2020 3-4 — 2020-06-22

   – p.2/54

3. 1 6 15 • 2 6 15 • 3 6

   22 • 4 6 22 • 5 6 29 I 6 6 29 I 7 7 6 8 7 6 9 7 13 10 7 13 11 7 20 II 12 7 20 II 13 7 27 14 7 27 2020 3-4 — 2020-06-22 – p.3/54

4. + + 2020 3-4 — 2020-06-22 – p.4/54

5. 2020 3-4 — 2020-06-22 – p.5/54

6. 1. (1) (2) 2020 6 18 ( ) 23:59 JST

   Waseda Moodle 2020 3-4 — 2020-06-22 – p.6/54

7. . . . . . . 19 14 ( )

   ( ) Moodle ^^; 2020 3-4 — 2020-06-22 – p.7/54

8. S ⇒ 2020 3-4 — 2020-06-22 – p.8/54

9. T 1 ⇒ ( ) NPO 2020 3-4 — 2020-06-22

   – p.9/54

10. W 2 ⇒ PPAP : https://digitalforensic.jp/2019/12/23/column595/ : https://www.slideshare.net/tetsutalow/ppapphspdf 2020 3-4

    — 2020-06-22 – p.10/54

11. N N Zoom ⇒ 2020 3-4 — 2020-06-22 – p.11/54

12. T PC ⇒ × → . . . (ex. )

    “In one survey, carried out by PentaSafe Security, two-thirds of commuters at London’s Victoria Station were happy to reveal their computer password in return for a ballpoint pen” — The Future of Technology 2020 3-4 — 2020-06-22 – p.12/54

13. (1) : (COCOA) (2) : 2020 3-4 — 2020-06-22 –

    p.13/54

14. NPO https://www.nisc.go.jp/security-site/blue_handbook/index.html 1 6 2020 3-4 — 2020-06-22 – p.14/54

15. 2020 3-4 — 2020-06-22 – p.15/54

16. ( ) (1) : ( ) (2) : ( )(

    ) ( ) ( ) ( ↓ ) → ( : “Correct Horse Battery Staple”) Apple ID 2020 3-4 — 2020-06-22 – p.16/54

17. 3 2 ( ) (2 ) . . . .

    . . . . . (1) : (2) : (3) : (4) : IC ( ) (2 ) . . . 2020 3-4 — 2020-06-22 – p.17/54

18. ( ) CAP 2020 3-4 — 2020-06-22 – p.18/54

19. (1) ( ) ( ) ( 16 ) SHA (Secure

    Hash Algorithm) ( ) 1bit 2020 3-4 — 2020-06-22 – p.19/54

20. (2) . . . H m H(m) = H(m′) m′

    (m′ = m) H(m) m m′ H(m) = H(m′) ( m′ = m) 2020 3-4 — 2020-06-22 – p.20/54

21. SHA-1 https://shattered.io 2017 2 Google (CWI) (shattered ) SHA-1 2020

    3-4 — 2020-06-22 – p.21/54

22. ( ) (TCP, UDP) SSL (Secure Sockets Layer) → TLS

    (Transport Layer Security) HTTPS IP (Internet Protocol) IPsec DNS DNSSEC (S/MIME) (PGP ) 2020 3-4 — 2020-06-22 – p.22/54

23. = . . . (AES : Advanced Encryption Standard) (

    . . . ) 2020 3-4 — 2020-06-22 – p.23/54

24. 2020 3-4 — 2020-06-22 – p.24/54

25. (RSA ) Πϯλʔωοτ ɾ
    ෮߸จͱݟͳͯ͠ ɹެ։ݤͰ҉߸Խ ɾ
    ॺ໊෇͖ฏจΛૹ৴ ɾ
    ҉߸จͱݟͳͯ͠

    ɹൿີݤͰ෮߸ ड৴ऀ ެ։ݤ ൿີݤ ൃ৴ऀ ฏจ ฏจ ൿີݤ ެ։ݤ ݤ ॺ໊ ॺ໊ ɾ
    ͋Β͔͡Ίެ։ݤΛ഑෇͓ͯ͘͠ ݤϖΞ μΠδΣετ μΠδΣετ ɾ
    ෮߸ˠ҉߸Խॲཧͨ͠μΠδΣετ͸ ɹݩʹ໭Δ͸͕ͣͩɺ ͦΕ͕ฏจ͔Β ɹܭࢉͨ͠μΠδΣετͱҰக͢Δ͔ ( ) RSA ( Rivest, Shamir, Adleman ; ) Bitcoin ECDSA ( DSA : Digital Signature Algorithm) 2020 3-4 — 2020-06-22 – p.25/54

26. : < , > : : < , , >

    : OK NG 2020 3-4 — 2020-06-22 – p.26/54

27. ( ) RSA ( ) 2020 3-4 — 2020-06-22 –

    p.27/54

28. ( ) PKI ( ) ɾ ΠϯλʔωοτΛ௨ͯ͠ಘͨެ։ݤʹ͸ ɹຊ෺ͩͱ͍͏อূ͕ͳ͍ ɾ ূ໌ॻͷॺ໊ʹ࢖ΘΕ͍ͯΔެ։ݤ΋ຊ෺͔෼͔Βͳ͍

    "MJDF #PC $BSPMF
    ূ໌ऀ ެ։ݤ ݤϖΞ ൿີݤ ൿີݤ ൿີݤ ެ։ݤ ެ։ݤ ݤϖΞ ൿີݤ ൿີݤ ൿີݤ ެ։ݤ ެ։ݤ ݤϖΞ ൿີݤ ൿີݤ ൿີݤ ެ։ݤ # C C C C C C C C C " # ୭ͷʁ $" Πϯλʔωοτ ॺ໊ ॺ ॺ໊ ໊ ໊ ɾ ̖ͷެ։ݤ΁ͷॺ໊
    ূ໌ॻ ɾ ͨͩ͠ɺ ॺ໊͕ຊ෺͔ݕূ͢Δ ɹʹ͸̘̖ͷެ։ݤ͕ඞཁ .BMJTTB
    ߈ܸऀ & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & . " (PKI) CA (Certificate Authority) CA CA CA ( ) ← CA 2020 3-4 — 2020-06-22 – p.28/54

29. Web of Trust 
    "MJDF
    ͔Βݟͨɺ ਓͷ৴༻ 
    "MJDF
    ͔Βݟͨɺ ݤͷਅਖ਼ੑ ׬શʹ৴༻͍ͯ͠Δ ਅਖ਼Ͱ͋Δ ڀۃతʹਅਖ਼

    ਅਖ਼ͬΆ͍͔΋ ͋Δఔ౓ͷ৴༻ Θ͔Βͳ͍ Θ͔Βͳ͍ ڀۃతʹ৴༻Ͱ͖Δ "
    ˠ
    #
    ͷҙຯ͸
    ʮ"
    ͕
    #
    ͷެ։ݤʹॺ໊ʯ ଞਓͷެ։ݤʹॺ໊͢Δࡍɺ ϑΟϯΨʔϓϦϯτ
    μΠδΣετ ΛνΣοΫ͢ΔΑ͏ͳਓ͔ͳ "MJDF
    ͸ݤͷॴ༗ऀͷ ৴༻ΛධՁ͢Δ ݤͷਅਖ਼ੑ͸ܭࢉͰ ٻΊΒΕΔ (PKI) (PGP ) 2020 3-4 — 2020-06-22 – p.29/54

30. (2019 ) https://speakerdeck.com/ks91/blockchain : : ( ) 2020 3-4 —

    2020-06-22 – p.30/54

31. 10 ATM 1 ATM 1 : http://www.slideshare.net/yamaz2/ss-58813038 ( ) ⇒

    ATM 2020 3-4 — 2020-06-22 – p.31/54

32. (safety) ( ), ( ), etc. (liveness) ( ), etc.

    ( ) ( = ) 2020 3-4 — 2020-06-22 – p.32/54

33. CAP ( . . . ) Consistency ( ) Availability

    ( ) Partition tolerance ( ) ⇒ 3 Eventual consistency ( ) . . . 2020 3-4 — 2020-06-22 – p.33/54

34. Consistency ( ) Strong consistency ( ) (safety) Eventual consistency

    ( ) (liveness) ↑ Weak consistency ( ) 2020 3-4 — 2020-06-22 – p.34/54

35. (1) : (COCOA) 2020 6 19 ( ) (COCOA) (iOS

    , android ) 2020 3-4 — 2020-06-22 – p.35/54

36. GLOCOM #1 : ∼ ∼ (INTERNET Watch) https://internet.watch.impress.co.jp/docs/event/1259046.html ( )

    https://roppongi-kaigi.org/wp-content/uploads/2020/06/200616_ _v1.0.pdf . . . 6 (BUSINESS INSIDER) https://www.businessinsider.jp/post-214726 Code for Japan COVID-19 Radar ( ) ( ) ( 200616_ _v1.0.pdf ) Apple and Google, “Exposure Notification — Cryptography Specification” https://covid19-static.cdn-apple.com/ .. . /ExposureNotification-CryptographySpecificationv1.2.pdf 2020 3-4 — 2020-06-22 – p.36/54

37. ( ) ௨஌αʔό εϚϗ εϚϗ ް࿑ল Ұ࣌๫࿐Ωʔ CJU ྠసۙ઀ࣝผΩʔ ى఺࣌ࠁ

    i ͦͷ࣌ͷ࣌ࠁ  ೔ຖʹੜ੒͢Δ ϥϯμϜͳ਺ ࣌ࠁ͸  ෼ִؒͰ ࠁΉ #MVFUPPUI ͷ ࣝผࢠ͸ ίϩίϩมΘΔ ް࿑ল͕ൃߦ͢Δ ίʔυΛ෇͚ͳ͍ͱ ΞοϓϩʔυͰ͖ͳ͍ ݕࠪͰཅੑ൑ఆΛड͚ͨΒ աڈ  ೔෼Ξοϓϩʔυ Ͱ͖Δ  ೔  ճ μ΢ϯϩʔυ͢Δ ˞
    $0$0"
    ͷ࢓্༷ɺϝλσʔλ͸͓ͦΒ͘ෆཁ ΋͠Ұக͢Δ΋ͷ͕ ݟ͔ͭͬͨΒ ߴ͍֬཰Ͱ ೱް઀৮͍ͯ͠Δ Ұํ޲ੑؔ਺ ڞ௨伴҉߸ ෮߸Ͱ͖Δ  ݸܭࢉͰ͖Δ ͜ΕΒΛ #MVFUPPUI ͰૹΔ ूΊͨ͜ΕΒ͸ աڈ  ೔෼Λอଘ 伴 伴 ڞ௨伴҉߸ ྠసۙ઀ࣝผࢠ ҉߸Խ͞Εͨϝλσʔλ ྠసۙ઀ࣝผࢠ ҉߸Խ͞Εͨϝλσʔλ ྠసۙ઀ࣝผࢠ Ұ࣌๫࿐Ωʔ CJU ى఺࣌ࠁ i ϝλσʔλ ϝλσʔλ 2020 3-4 — 2020-06-22 – p.37/54

38. ( ) 1970 1 1 00:00:00 GMT 10 24 (128bit)

    i 144 (10 ×144 = 24 ) 14 (2 ) i BLE MAC a (128bit) Bluetooth ( ) a BLE (Bluetooth Low Energy) Bluetooth , MAC Bluetooth 10∼20 MAC 2020 3-4 — 2020-06-22 – p.38/54

39. ( ) 14 i ( 1 1 ) i 144

    Bluetooth 2020 3-4 — 2020-06-22 – p.39/54

40. COCOA COCOA 2020 3-4 — 2020-06-22 – p.40/54

41. (2) : https://www.cloudsign.jp 2020 3-4 — 2020-06-22 – p.41/54

42. NPO NICT CYDER https://cyder.nict.go.jp (3) : 2020 3-4 — 2020-06-22

    – p.42/54

43. Πϯγσϯτͷ༧ஹͳͲ ॳಈରԠ ෮چાஔ
    ࢑ఆରԠ ࠶ൃ๷ࢭࡦ
    ߃ٱରԠ ݕ౼ ࣄޙରԠ τϦΞʔδ ใ

    ࠂ ɾ ެ ද Π ϯ γ σ ϯ τ ϋ ϯ υ Ϧ ϯ ά Π ϯ γ σ ϯ τ Ϩ ε ϙ ϯ ε ސ ٬ ɾ ެ ڞ ݕ஌ɾड෇ ରԠํ਑ݕ౼ 1PJOU
    PG
    $POUBDU ূڌอશ ෧͡ࠐΊ ࠜઈ , , DoS , , etc. 2020 3-4 — 2020-06-22 – p.43/54

44. Point of Contact (PoC) 1 2020 3-4 — 2020-06-22 –

    p.44/54

45. 2020 3-4 — 2020-06-22 – p.45/54

46. HDD ( ) 2020 3-4 — 2020-06-22 – p.46/54

47. 2020 3-4 — 2020-06-22 – p.47/54

48. ( ) 2020 3-4 — 2020-06-22 – p.48/54

49. ( ) JPCERT/CC, NISC, ( ) ( ) 2020 3-4

    — 2020-06-22 – p.49/54

50. (1 ) 2020 3-4 — 2020-06-22 – p.50/54

51. (3) : 70 1,000 Twitter 3 1. 2. 3. 3

    2020 3-4 — 2020-06-22 – p.51/54

52. 2020 3-4 — 2020-06-22 – p.52/54

53. 2. OK (1) (2) 2020 6 25 ( ) 23:59

    JST Waseda Moodle 2020 3-4 — 2020-06-22 – p.53/54

54. 2020 3-4 — 2020-06-22 – p.54/54